In computeFocusedWindow of RootWindowContainer.java, and related functions, there is possible interception of keypresses due to focus being on the wrong window. This could lead to local escalation of ...

In functionality implemented in System UI, there are insufficient protections implemented around overlay windows. This could lead to local escalation of privilege with no additional execution privileg...

In PackageInstaller, there is a possible permissions bypass due to a tapjacking vulnerability. This could lead to local escalation of privilege using an app set as the default Assist app with User exe...

In onCreate of BluetoothPairingDialog.java, there is a possible tapjacking vector due to an insecure default value. This could lead to local escalation of privilege and untrusted devices accessing con...

In onAuthenticated of AuthenticationClient.java, there is a possible tapjacking attack when requesting the user's fingerprint due to an overlaid window. This could lead to local escalation of privileg...

In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges ne...