Fallos del tipo CWE-269
1785 resultadosCVE-2021-25515MEDIUMAn improper usage of implicit intent in SemRewardManager prior to SMR Dec-2021 Release 1 allows attackers to access BSSID.EPSS 0.1%CVE-2023-35676—In createQuickShareAction of SaveImageInBackgroundTask.java, there is a possible way to trigger a background activity launch due to an unsafEPSS 0.1%CVE-2024-31311MEDIUMIn increment_annotation_count of stats_event.c, there is a possible out of bounds write due to a missing bounds check. This could lead to loEPSS 0.1%CVE-2026-11229MEDIUMInappropriate implementation in Enterprise in Google Chrome prior to 149.0.7827.53 allowed a local attacker to perform privilege escalation EPSS 0.1%CVE-2026-0032HIGHIn multiple functions of mem_protect.c, there is a possible out-of-bounds write due to a logic error in the code. This could lead to local eEPSS 0.1%CVE-2022-22263MEDIUMUnprotected dynamic receiver in SecSettings prior to SMR Jan-2022 Release 1 allows untrusted applications to launch arbitrary activity.EPSS 0.1%CVE-2023-20995—In captureImage of CustomizedSensor.cpp, there is a possible way to bypass the fingerprint unlock due to a logic error in the code. This couEPSS 0.1%CVE-2026-45256MEDIUMMissing permission check in thr_kill2(2)EPSS 0.1%CVE-2025-57840LOWPrivilege Bypass in ADBEPSS 0.1%CVE-2023-21068—In (TBD) of (TBD), there is a possible way to boot with a hidden debug policy due to a missing warning to the user. This could lead to localEPSS 0.1%CVE-2024-32906HIGHIn AcvpOnMessage of avcp.cpp, there is a possible EOP due to uninitialized data. This could lead to local escalation of privilege with no adEPSS 0.1%CVE-2024-23710HIGHIn assertPackageWithSharedUserIdIsPrivileged of InstallPackageHelper.java, there is a possible execution of arbitrary app code as a privilegEPSS 0.1%CVE-2023-21374—In System UI, there is a possible factory reset protection bypass due to a logic error in the code. This could lead to local escalation of pEPSS 0.1%CVE-2025-12683MEDIUMNULL DACL assigned to Named Pipe communicating with SYSTEM ServiceEPSS 0.1%CVE-2023-20680MEDIUMIn adsp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with SysEPSS 0.1%CVE-2025-48613HIGHIn VBMeta, there is a possible way to modify and resign VBMeta using a test key, assuming the original image was previously signed with the EPSS 0.1%CVE-2026-35154MEDIUMDell PowerProtect Data Domain appliances, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 releaEPSS 0.1%CVE-2023-21376MEDIUMIn Telephony, there is a possible way to retrieve the ICCID due to a logic error in the code. This could lead to local information disclosurEPSS 0.1%CVE-2023-20655HIGHIn mmsdk, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local code execution with no additEPSS 0.1%CVE-2022-36861MEDIUMCustom permission misuse vulnerability in SystemUI prior to SMR Sep-2022 Release 1 allows attacker to use some protected functions with SystEPSS 0.1%