In messaging service, there is a missing permission check. This could lead to access unexpected provider in contacts service with no additional execution privileges needed.
CWE-862
CVE-2022-38698
In messaging service, there is a missing permission check. This could lead to elevation of privilege in contacts service with no additional execution privileges needed.
CVE-2022-38638
Casdoor v1.97.3 was discovered to contain an arbitrary file write vulnerability via the fullFilePath parameter at /api/upload-resource.
CVE-2022-38669
In soundrecorder service, there is a missing permission check. This could lead to elevation of privilege in contacts service with no additional execution privileges needed.
CVE-2022-38670
In soundrecorder service, there is a missing permission check. This could lead to elevation of privilege in contacts service with no additional execution privileges needed.
CVE-2022-38677
In cell service, there is a missing permission check. This could lead to local denial of service in cell service with no additional execution privileges needed.