In multiple functions of ContentProvider.java, there is a possible permission bypass due to a missing URI validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-112555574.
This repository documents vulnerabilities that can occur in Android Java apps running on Android 511 - Android 81 It contains benign apps with vulnerabilities related to Crypto, ICC, Networking, NonAPI, Permission, Storage, System, and Web APIs Most of the benign apps are accompanied by malicious apps to exploit the vulnerabilities in the corresponding benign app We have