Kategori: NIST-Təhlükəsizlik Zəiflikləri

CVE-2022-20538

In getSmsRoleHolder of RoleService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure.…

Devamını oku

CVE-2022-20540

In SurfaceFlinger::doDump of SurfaceFlinger.cpp, there is possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege with…

Devamını oku

CVE-2022-20544

In onOptionsItemSelected of ManageApplications.java, there is a possible bypass of profile owner restrictions due to a missing permission check. This could lead to local escalation…

Devamını oku