Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
In isPackageDeviceAdmin of PackageManagerService.java, there is a possible edge case which could prevent the uninstallation of CloudDpc due to a logic error in the code. This could lead to local escal
CVE-2026-0068
CRITICAL CVSS 10.0
Find Similar
In createSessionInternal of PackageInstallerService.java, there is a possible method to remove a DPC app from a managed device without DO consent due to desync from persistence. This could lead to loc
In multiple functions of PackageInstallerService.java, there is a possible way to install unverified apps due to a missing permission check. This could lead to local escalation of privilege with no ad
In installPackageLI of PackageManagerService.java, there is a possible permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is n
In preparePackage of InstallPackageHelper.java, there is a possible way for an app to appear hidden upon installation without a mechanism to uninstall it due to a logic error in the code. This could l
In installExistingPackageAsUser of InstallPackageHelper.java, there is a possible carrier restriction bypass due to a logic error in the code. This could lead to local escalation of privilege with no
CVE-2026-28575
CRITICAL CVSS 10.0
Find Similar
In PackageInstaller.Session#transfer of frameworks/base/services/core/java/com/android/server/pm/PackageInstallerSession.java, there is a possible memory exhaustion attack due to a logic error in the
In createSessionInternal of PackageInstallerService.java, there is a possible way for an app to update its ownership due to a missing permission check. This could lead to local escalation of privilege
In createSessionInternal of PackageInstallerService.java, there is a possible to update a Device Policy Controller (DPC) into an invalid directory due to a path traversal error. This could lead to loc
In setPackageOrComponentEnabled of ManagedServices.java, there is a possible notification policy desync due to improper input validation. This could lead to local escalation of privilege with no addit
In performPreInstallChecks of InstallRepository.kt, there is a possible way to bypass MDM policy due to a logic error in the code. This could lead to local escalation of privilege with no additional e
In handlePackagesChanged of DevicePolicyManagerService.java, there is a possible DoS of a device admin due to a logic error in the code. This could lead to local escalation of privilege with no additi
In onCreate of UninstallerActivity.java, there is a possible way to uninstall a different user's app due to a missing permission check. This could lead to local escalation of privilege with no additio
In DevmemIntFreeDefBackingPage of devicemem_server.c, there is a possible arbitrary code execution due to a logic error in the code. This could lead to local escalation of privilege in the kernel with
In loadDescription of DeviceAdminInfo.java, there is a possible persistent package due to improper input validation. This could lead to local escalation of privilege with no additional execution privi
In onSomePackagesChanged of VoiceInteractionManagerService.java, there is a possible way for a third party application's component name to persist even after uninstalling due to a logic error in the c
In setApplicationHiddenSettingAsUser of PackageManagerService.java, there is a possible way to hide a system critical package due to improper input validation. This could lead to local denial of servi
In multiple locations, there is a possible way to avoid unbinding of a service from the system due to a logic error in the code. This could lead to local escalation of privilege with no additional exe
In multiple functions of DevicePolicyManagerService.java, there is a possible way to hide a system critical package due to improper input validation. This could lead to local denial of service with no
In isPackageNullOrSystem of AppOpsService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional executi
Page 1+ Next →