Weaknesses of type CWE-285

1,302 results
CVE-2026-3674MEDIUMFreedom Factory dGEN1 org.ethosmobile.ethoslauncher FakeAppProvider improper authorizationEPSS 0.1%CVE-2026-3675MEDIUMFreedom Factory dGEN1 org.ethosmobile.ethoslauncher FakeAppReceiver improper authorizationEPSS 0.1%CVE-2026-3671MEDIUMFreedom Factory dGEN1 org.ethereumphone.walletmanager.testing123 TokenBalanceContentProvider improper authorizationEPSS 0.1%CVE-2021-25382MEDIUMAn improper authorization of using debugging command in Secure Folder prior to SMR Oct-2020 Release 1 allows unauthorized access to contentsEPSS 0.1%CVE-2022-22272MEDIUMImproper authorization in TelephonyManager prior to SMR Jan-2022 Release 1 allows attackers to get IMSI without READ_PRIVILEGED_PHONE_STATE EPSS 0.1%CVE-2022-22269MEDIUMKeeping sensitive data in unprotected BluetoothSettingsProvider prior to SMR Jan-2022 Release 1 allows untrusted applications to get a localEPSS 0.1%CVE-2022-22267MEDIUMImplicit Intent hijacking vulnerability in ActivityMetricsLogger prior to SMR Jan-2022 Release 1 allows attackers to get running applicationEPSS 0.1%CVE-2022-36852LOWImproper Authorization vulnerability in Video Editor prior to SMR Sep-2022 Release 1 allows local attacker to access internal application daEPSS 0.1%CVE-2024-43051MEDIUMImproper Authorization in SPS-HLOSEPSS 0.1%CVE-2026-2974LOWAliasVault App Backup aliasvault.xml backupEPSS 0.1%CVE-2026-0017HIGHIn onChange of BiometricService.java, there is a possible way to enable fingerprint unlock due to a logic error in the code. This could leadEPSS 0.1%CVE-2022-30757MEDIUMImproper authorization in isemtelephony prior to SMR Jul-2022 Release 1 allows attacker to obtain CID without ACCESS_FINE_LOCATION permissioEPSS 0.1%CVE-2021-25460MEDIUMAn improper access control vulnerability in sspExit() in BlockchainTZService prior to SMR Sep-2021 Release 1 allows attackers to terminate BEPSS 0.1%CVE-2025-30508MEDIUMImproper authorization in the Intel(R) Quick Assist Technology for some Intel(R) Platforms within Ring 0: Kernel may allow a denial of serviEPSS 0.1%CVE-2022-33722MEDIUMImplicit Intent hijacking vulnerability in Smart View prior to SMR Aug-2022 Release 1 allows attacker to access connected device MAC addressEPSS 0.1%CVE-2022-33702MEDIUMImproper authorization vulnerability in Knoxguard prior to SMR Jul-2022 Release 1 allows local attacker to disable keyguard and bypass KnoxgEPSS 0.1%CVE-2022-39883MEDIUMImproper authorization vulnerability in StorageManagerService prior to SMR Nov-2022 Release 1 allows local attacker to call privileged API.EPSS 0.1%CVE-2022-39905MEDIUMImplicit intent hijacking vulnerability in Telecom application prior to SMR Dec-2022 Release 1 allows attacker to access sensitive informatiEPSS 0.1%CVE-2022-39879MEDIUMImproper authorization vulnerability in?CallBGProvider prior to SMR Nov-2022 Release 1 allows local attacker to grant permission for accessiEPSS 0.1%CVE-2025-26430HIGHIn getDestinationForApp of SpaAppBridgeActivity, there is a possible cross-user file reveal due to a logic error in the code. This could leaEPSS 0.1%