michalbednarski

9 exploits Active since Oct 2017
CVE-2022-20452 NOMISEC HIGH WORKING POC
Android <13 - Local Privilege Escalation
In initializeFromParcelLocked of BaseBundle.java, there is a possible method arbitrary code execution due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-240138318
339 stars
CVSS 7.8
CVE-2023-45777 NOMISEC HIGH WRITEUP
Android - Local Privilege Escalation via AccountManagerService Parcel Mismatch
In checkKeyIntentParceledCorrectly of AccountManagerService.java, there is a possible way to launch arbitrary activities using system privileges due to Parcel Mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
99 stars
CVSS 7.8
CVE-2025-22441 GITHUB HIGH java WRITEUP
Android - Local Privilege Escalation via RemoteViews Confused Deputy
In getContextForResourcesEnsuringCorrectCachedApkPaths of RemoteViews.java, there is a possible way to load arbitrary java code in a privileged context due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
94 stars
CVSS 7.3
CVE-2024-34740 NOMISEC HIGH WORKING POC
Android - Integer Overflow in BinaryXmlSerializer
In attributeBytesBase64 and attributeBytesHex of BinaryXmlSerializer.java, there is a possible arbitrary XML injection due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
51 stars
CVSS 7.8
CVE-2021-39749 NOMISEC HIGH WRITEUP
Android 12L - Missing Authorization Check in WindowManager
In WindowManager, there is a possible way to start non-exported and protected activities due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-205996115
31 stars
CVSS 7.8
CVE-2017-0806 NOMISEC HIGH WORKING POC
Android <8.0 - Privilege Escalation
An elevation of privilege vulnerability in the Android framework (gatekeeperresponse). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62998805.
24 stars
CVSS 7.8
CVE-2026-20980 GITHUB MEDIUM python WORKING POC
Samsung Android PACM Before SMR Feb-2026 Release 1 - Physical Command Execution
Improper input validation in PACM prior to SMR Feb-2026 Release 1 allows physical attacker to execute arbitrary commands.
CVSS 6.8
CVE-2026-20981 GITHUB MEDIUM python WORKING POC
FacAtFunction <SMR Feb-2026 Release 1 - Command Injection
Improper input validation in FacAtFunction prior to SMR Feb-2026 Release 1 allows privileged physical attacker to execute arbitrary command with system privilege.
CVSS 6.6
CVE-2026-20982 GITHUB MEDIUM python WORKING POC
ShortcutService <SMR Feb-2026 Release 1 - Path Traversal
Path traversal in ShortcutService prior to SMR Feb-2026 Release 1 allows privileged local attacker to create file with system privilege.
CVSS 6.0