Platform Packages Providers Telephonyprovider vulnerabilities

9 known vulnerabilities affecting platform/packages_providers_telephonyprovider.

Total CVEs
9
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
UNKNOWN9

Vulnerabilities

Page 1 of 1
CVE-2025-48650UNKNOWN≥ 16-qpr2-next:0, < 16-qpr2-next:2026-03-01≥ 15:0, < 15:2026-03-01+2 more2026-03-01
CVE-2025-48650 CVE-2025-48650: In multiple locations, there is a possible information disclosure due to SQL injection In multiple locations, there is a possible information disclosure due to SQL injection. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2025-48609UNKNOWN≥ 16-qpr2-next:0, < 16-qpr2-next:2026-03-01≥ 15:0, < 15:2026-03-01+2 more2026-03-01
CVE-2025-48609 CVE-2025-48609: In multiple functions of MmsProvider In multiple functions of MmsProvider.java, there is a possible way to arbitrarily delete files which affect telephony, SMS, and MMS functionalities due to a path traversal error. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2023-40113UNKNOWN≥ 11:0, < 11:2023-11-01≥ 12:0, < 12:2023-11-01+2 more2023-11-01
CVE-2023-40113 CVE-2023-40113: In multiple locations, there is a possible way for apps to access cross-user message data due to a missing permission check In multiple locations, there is a possible way for apps to access cross-user message data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2023-21290UNKNOWN≥ 13-next:0, < 13-next:2023-08-01≥ 11:0, < 11:2023-08-01+3 more2023-08-01
CVE-2023-21290 CVE-2023-21290: In update of MmsProvider In update of MmsProvider.java, there is a possible way to bypass file permission checks due to a race condition. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2023-21268UNKNOWN≥ 13-next:0, < 13-next:2023-08-01≥ 11:0, < 11:2023-08-01+3 more2023-08-01
CVE-2023-21268 CVE-2023-21268: In update of MmsProvider In update of MmsProvider.java, there is a possible way to change directory permissions due to a path traversal error. This could lead to local denial of service of SIM recognition with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2022-20517UNKNOWN≥ 13:0, < 13:2022-12-012022-12-01
CVE-2022-20517 CVE-2022-20517: In getMessagesByPhoneNumber of MmsSmsProvider In getMessagesByPhoneNumber of MmsSmsProvider.java, there is a possible access to restricted tables due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2022-42535UNKNOWN≥ 13:0, < 13:2022-12-012022-12-01
CVE-2022-42535 CVE-2022-42535: In a query in MmsSmsProvider In a query in MmsSmsProvider.java, there is a possible access to restricted tables due to SQL injection. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2022-20518UNKNOWN≥ 13:0, < 13:2022-12-012022-12-01
CVE-2022-20518 CVE-2022-20518: In query of MmsSmsProvider In query of MmsSmsProvider.java, there is a possible access to restricted tables due to SQL injection. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2022-20453UNKNOWN≥ 10:0, < 10:2022-11-01≥ 11:0, < 11:2022-11-01+3 more2022-11-01
CVE-2022-20453 CVE-2022-20453: In update of MmsProvider In update of MmsProvider.java, there is a possible constriction of directory permissions due to a path traversal error. This could lead to local denial of service of SIM recognition with no additional execution privileges needed. User interaction is needed for exploitation.
osv