Insufficient policy enforcement in navigations in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.

In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

In linkturbo, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

In SoundRecorder service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges

In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

In SoundRecorder service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges

In multiple locations, there is a possible way for apps to access cross-user message data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

An issue was discovered on Samsung mobile devices with P(9.0) software. Attackers can use Smartwatch to view Secure Folder notification content. The Samsung ID is SVE-2019-13899 (April 2019).

In backupAgentCreated of ActivityManagerService.java, there is a possible way to leak sensitive data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

In createSessionInternal of PackageInstallerService.java, there is a possible improper permission grant due to a missing permission check. This could lead to local escalation of privilege by installing malicious packages with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0, Android-8.1, Android-9, and Android-10 Android ID: A-141169173

An issue was discovered in the MyCrops HiGrade "THC Testing & Cannabi" application 1.0.337 for Android. A remote attacker can start the camera feed via the com.cordovaplugincamerapreview.CameraActivity component in some situations. NOTE: this is only exploitable on Android versions that lack runtime permission checks, and of those only Android SDK 5.1.1 API 22 is consistent with the manifest. Thus, this applies only to Android Lollipop, affecting less than five percent of Android devices as of 2023.

An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. Allshare allows attackers to access sensitive information. The Samsung ID is SVE-2018-13453 (March 2019).

In GetPermittedAccessibilityServicesForUser of DevicePolicyManagerService.java, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege, with no additional permissions required. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1. Android ID: A-128599660.

In updateWidget of BaseWidgetProvider.java, there is a possible leak of user data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-139803872

In areNotificationsEnabledForPackage of NotificationManagerService.java, there is a possible permissions bypass due to a missing permissions check. This could lead to local escalation of privilege, with no additional privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-128599467.

In isSeparateProfileChallengeAllowed of DevicePolicyManagerService.java, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege, with no additional permissions required. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-128599668.

In ScreenRotationAnimation of ScreenRotationAnimation.java, there is a possible capture of a secure screen due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9Android ID: A-69703445

In the endCall() function of TelecomManager.java, there is a possible Denial of Service due to a missing permission check. This could lead to local denial of access to Emergency Services with User execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-132438333.

In keyguardGoingAway of ActivityTaskManagerService.java, there is a possible lock screen bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

In ims service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges

In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges

In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges

In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges

In ims service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges

In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges

In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges

In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges

In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges

In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges

In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges

In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

In music service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges

In LTE protocol stack, there is a possible missing permission check. This could lead to remote information disclosure no additional execution privileges needed

In fastDial service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

In fastDial service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

In Connectivity Service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.

In Connectivity Service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.

In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.