Kategori: NIST-Təhlükəsizlik Zəiflikləri

CVE-2022-20491

In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege…

Devamını oku

CVE-2022-20495

In getEnabledAccessibilityServiceList of AccessibilityManager.java, there is a possible way to hide an accessibility service due to a logic error in the code. This could lead…

Devamını oku

CVE-2022-20496

In setDataSource of initMediaExtractor.cpp, there is a possibility of arbitrary code execution due to a use after free. This could lead to local information disclosure…

Devamını oku

CVE-2022-20497

In updatePublicMode of NotificationLockscreenUserManagerImpl.java, there is a possible way to reveal sensitive notifications on the lockscreen due to an incorrect state transition. This could lead…

Devamını oku

CVE-2022-20240

In sOpAllowSystemRestrictionBypass of AppOpsManager.java, there is a possible leak of location information due to a missing permission check. This could lead to local escalation of…

Devamını oku

CVE-2022-20449

In writeApplicationRestrictionsLAr of UserManagerService.java, there is a possible overwrite of system files due to a path traversal error. This could lead to local denial of…

Devamını oku

CVE-2022-20466

In applyKeyguardFlags of NotificationShadeWindowControllerImpl.java, there is a possible way to observe the user’s password on a secondary display due to an insecure default value. This…

Devamını oku