Fallos del tipo CWE-441
90 resultadosCVE-2023-40111HIGHIn setMediaButtonReceiver of MediaSessionRecord.java, there is a possible way to send a pending intent on behalf of system_server due to a cEPSS 0.1%CVE-2026-45182LOWGrapheneOS before 2026050400 allows attackers to discover the real IP address of a VPN user as a consequence of a registerQuicConnectionClosEPSS 0.1%CVE-2025-48646HIGHIn executeRequest of ActivityStarter.java, there is a possible launch anywhere due to a confused deputy. This could lead to local escalationEPSS 0.1%CVE-2026-0013HIGHIn setupLayout of PickActivity.java, there is a possible way to start any activity as a DocumentsUI app due to a confused deputy. This couldEPSS 0.1%CVE-2025-26454HIGHIn validateUriSchemeAndPermission of DisclaimersParserImpl.java , there is a possible way to access data from another user due to a confusedEPSS 0.1%CVE-2025-48545HIGHIn isSystemUid of AccountManagerService.java, there is a possible way for an app to access privileged APIs due to a confused deputy. This coEPSS 0.1%CVE-2025-32324HIGHIn onCommand of ActivityManagerShellCommand.java, there is a possible arbitrary activity launch due to a confused deputy. This could lead toEPSS 0.1%CVE-2025-32321HIGHIn isSafeIntent of AccountTypePreferenceLoader.java, there is a possible way to bypass an intent type check due to a confused deputy. This cEPSS 0.1%CVE-2025-32326HIGHIn multiple functions of AppRestrictionsFragment.java, there is a possible way to bypass intent security check due to a confused deputy. ThEPSS 0.1%CVE-2023-21082MEDIUMIn getNumberFromCallIntent of NewOutgoingCallIntentBroadcaster.java, there is a possible way to enumerate other user's contact phone number EPSS 0.1%CVE-2025-48529MEDIUMIn setRingtoneUri of VoicemailNotificationSettingsUtil.java , there is a possible cross user data leak due to a confused deputy. This could EPSS 0.1%CVE-2026-0107HIGHIn gmc_ddr_handle_mba_mr_req of gmc_mba_ddr.c, there is a possible escalation of privileges due to a confused deputy. This could lead to locEPSS 0.1%CVE-2025-48532HIGHIn markMediaAsFavorite of MediaProvider.java, there is a possible way to bypass the WRITE_EXTERNAL_STORAGE permission due to a confused depuEPSS 0.1%CVE-2025-32346HIGHIn onActivityResult of VoicemailSettingsActivity.java, there is a possible work profile contact number leak due to a confused deputy. This cEPSS 0.1%CVE-2025-48586HIGHIn onActivityResult of EditFdnContactScreen.java, there is a possible way to leak contacts from the work profile due to a confused deputy. TEPSS 0.1%CVE-2025-26452HIGHIn loadDrawableForCookie of ResourcesImpl.java, there is a possible way to access task snapshots of other apps due to a confused deputy. ThiEPSS 0.1%CVE-2025-48536HIGHIn grantAllowlistedPackagePermissions of SettingsSliceProvider.java, there is a possible way for a third party app to modify secure settingsEPSS 0.1%CVE-2025-22418HIGHIn multiple locations, there is a possible confused deputy due to Intent Redirect. This could lead to local escalation of privilege with no EPSS 0.1%CVE-2025-22416HIGHIn onCreate of ChooserActivity.java , there is a possible way to view other users' images due to a confused deputy. This could lead to localEPSS 0.1%CVE-2025-48555HIGHIn multiple functions of NotificationStation.java, there is a possible cross-profile information disclosure due to a confused deputy. This cEPSS 0.1%