In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
In dialer, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
There is a possible information disclosure due to a missing permission check. This could lead to local information disclosure of health data with no additional execution privileges needed.
In convertSubgraphFromHAL of ShimConverter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
In backupAgentCreated of ActivityManagerService.java, there is a possible way to leak sensitive data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
In updateActionViews of PipMenuView.java, there is a possible bypass of a multi user security boundary due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
In verifyShortcutInfoPackage of ShortcutService.java, there is a possible way to see another user's image due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
In FillUi of FillUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
In parse_gap_data of utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.
In SoundRecorder service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges
In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
In telecom service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges
In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
In collapse of canonicalize_md.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
In appendEscapedSQLString of DatabaseUtils.java, there is a possible SQL injection due to unsafe deserialization. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.
In visitUris of Notification.java, there is a possible cross-user media read due to Confused Deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
In multiple locations, there is a possible way to access media content belonging to another user due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
In Telecom service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
In mOnDone of NotificationConversationInfo.java, there is a possible way to access app notification data of another user due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
In loadMediaDataInBgForResumption of MediaDataManager.kt, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
In ims service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges
An issue was discovered on Samsung mobile devices with N(7.x) (Exynos8890/8895 chipsets) software. There is information disclosure (a KASLR offset) in the Secure Driver via a modified trustlet. The Samsung ID is SVE-2017-10987 (April 2018).
In visitUris of Notification.java, there is a possible way to display images from another user due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
In loadMediaResumptionControls of MediaResumeListener.kt, there is a possible way to play and listen to media files played by another user on the same device due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
In multiple locations, there is a possible way to import contacts belonging to other users due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
In ims service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges
In Contacts Service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges
In fastDial service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
In Contacts Service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges
In fastDial service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
In bluetooth service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
In fastDial service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.