Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
In createFromParcel of ViewPager.java, there is a possible read/write serialization issue leading to a permissions bypass. This could lead to local escalation of privilege where an app can start an ac
In writeToParcel and createFromParcel of DcParamObject.java, there is a permission bypass due to a write size mismatch. This could lead to an elevation of privileges where the user can start an activi
In createFromParcel of MediaCas.java, there is a possible parcel read/write mismatch due to improper input validation. This could lead to local escalation of privilege where an app can start an activi
In the read() function of ProcessStats.java, there is a possible read/write serialization issue leading to a permissions bypass. This could lead to local escalation of privilege where an app can start
In startSpaActivityForApp of SpaActivity.kt, there is a possible cross-user permission bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional exec
In writeToParcel of MediaPlayer.java, there is a possible serialization/deserialization mismatch due to improper input validation. This could lead to local escalation of privilege with no additional e
In multiple locations, there is a possible one-time permission bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed.
In appendFrom of Parcel.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. Use
In multiple functions of AccountManagerService.java, there is a possible way to bypass permissions and launch protected activities due to a race condition. This could lead to local escalation of privi
In executeRequest of ActivityStarter.java, there is a possible launch anywhere due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed
there is a possible privilege escalation due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not need
There is a possible escalation of privilege due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not n
In writeTypedArrayList and readTypedArrayList of Parcel.java, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with no additional exe
In writeToParcel of WindowInfo.cpp, there is a possible way to trick a user into accepting a permission due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no add
In dumpBitmapsProto of ActivityManagerService.java, there is a possible way for an app to access private information due to a missing permission check. This could lead to local escalation of privilege
there is a possible escalation of privilege due to an unusual root cause. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not neede
CVE-2025-48572
HIGH CVSS 7.8 KEV
Find Similar
In multiple locations, there is a possible way to launch activities from the background due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privi
In multiple locations, there is a possible way to obtain any system permission due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privilege
In multiple locations, there is a possible background activity launch due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
In multiple locations, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction
Page 1+ Next →