In DreamServices, there is a possible way to launch arbitrary protected activities due to a confused deputy. This could lead to local escalation of privilege…

In ActivityManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could…

In Settings, there is a possible way for an application without permissions to read content of WiFi QR codes due to a missing permission check.…

In PackageManager, there is a possible installed package disclosure due to a missing permission check. This could lead to local information disclosure with no additional…

In PackageManager, there is a possible package installation disclosure due to a missing permission check. This could lead to local information disclosure with User execution…

In Settings, there is a possible way to bypass factory reset protections due to a logic error in the code. This could lead to local…

In LauncherApps, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could…

In Content, there is a possible way to learn about an account present on the device due to a missing permission check. This could lead…

In ContentService, there is a possible way to check if an account exists on the device due to a missing permission check. This could lead…

In ContentService, there is a possible way to check if an account exists on the device due to a missing permission check. This could lead…