Quick Share
Monthly
Path traversal in Quick Share Agent prior to version 3.5.14.47 in Android 12, 3.5.19.41 in Android 13, and 3.5.19.42 in Android 14 allows adjacent attackers to write file in arbitrary location. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
There exists an auth bypass in Google Quickshare where an attacker can upload an unknown file type to a victim. Rated medium severity (CVSS 5.9). This Unrestricted File Upload vulnerability could allow attackers to upload malicious files that can be executed on the server.
Improper access control vulnerability in Quick Share prior to 13.5.52.0 allows local attacker to access local files. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
The sensitive information exposure vulnerability in Quick Share Agent prior to versions 3.5.14.18 in Android 12 and 3.5.16.20 in Android 13 allows to local attacker to access MAC address without. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
Improper access control vulnerability in QuickShare prior to version 13.2.3.5 allows attackers to access sensitive information via implicit broadcast. Rated low severity (CVSS 3.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Improper access control vulnerability in Quick Share prior to version 13.1.2.4 allows attacker to access internal files in Quick Share. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Path traversal in Quick Share Agent prior to version 3.5.14.47 in Android 12, 3.5.19.41 in Android 13, and 3.5.19.42 in Android 14 allows adjacent attackers to write file in arbitrary location. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
There exists an auth bypass in Google Quickshare where an attacker can upload an unknown file type to a victim. Rated medium severity (CVSS 5.9). This Unrestricted File Upload vulnerability could allow attackers to upload malicious files that can be executed on the server.
Improper access control vulnerability in Quick Share prior to 13.5.52.0 allows local attacker to access local files. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
The sensitive information exposure vulnerability in Quick Share Agent prior to versions 3.5.14.18 in Android 12 and 3.5.16.20 in Android 13 allows to local attacker to access MAC address without. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
Improper access control vulnerability in QuickShare prior to version 13.2.3.5 allows attackers to access sensitive information via implicit broadcast. Rated low severity (CVSS 3.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Improper access control vulnerability in Quick Share prior to version 13.1.2.4 allows attacker to access internal files in Quick Share. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.