cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*
In appendEscapedSQLString of DatabaseUtils.java, there is a possible SQL injection due to unsafe deserialization. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.
Max CVSS
5.5
Published
2023-10-27
Updated
2023-10-30
EPSS
0.04%
In bindSelection of DatabaseUtils.java, there is a possible way to access files from other applications due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Max CVSS
5.5
Published
2023-09-11
Updated
2023-09-14
EPSS
0.04%
In queryInternal of CallLogProvider.java, there is a possible access to voicemail information due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-224771921
Max CVSS
5.5
Published
2022-10-11
Updated
2022-10-12
EPSS
0.04%
SQL injection vulnerabilities in CMFA framework prior to SMR Oct-2021 Release 1 allow untrusted application to overwrite some CMFA framework information.
Max CVSS
5.9
Published
2021-10-06
Updated
2021-10-13
EPSS
0.04%
SQL injection vulnerability in Bluetooth prior to SMR July-2021 Release 1 allows unauthorized access to paired device information
Max CVSS
6.5
Published
2021-07-08
Updated
2021-07-14
EPSS
0.05%
In MediaProvider, there is a possible permissions bypass due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-132074310
Max CVSS
5.5
Published
2020-09-17
Updated
2020-09-21
EPSS
0.04%
In MediaProvider, there is a possible permissions bypass due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-140729887
Max CVSS
5.5
Published
2020-09-17
Updated
2020-09-21
EPSS
0.04%
7 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!