![]() ![]() In postNotification of ServiceRecord.java, there is a possible bypass of foreground process restrictions due to an uncaught exception. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9Android ID: A-145669109 This could lead to local escalation of privilege with no additional execution privileges needed. In startActivities of ActivityStartController.java, there is a possible escalation of privilege due to a confused deputy. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-147882143References: M-ALPS04356754 In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-145988638References: Upstream kernel In binder_transaction of binder.c, there is a possible out of bounds write due to an incorrect bounds check. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715 This could lead to remote code execution over Bluetooth with no additional execution privileges needed. In reassemble_and_dispatch of packet_, there is possible out of bounds write due to an incorrect bounds calculation. User action is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-128674520 ![]() This could lead to a local escalation of privilege with no additional execution privileges needed. It is possible for a malicious application to construct a TYPE_TOAST window manually and make that window clickable. Product: Android Versions: Android-8.0, Android-8.1, Android-9, and Android-10 Android ID: A-140055304 User interaction is not needed for exploitation. In getProcessRecordLocked of ActivityManagerService.java isolated apps are not handled correctly. NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure.įfay lanproxy 0.1 allows Directory Traversal to read /./conf/config.properties to obtain credentials for a connection to the intranet. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |