CVSS: 6.4EPSS: 0%CPEs: 32EXPL: 0CVE-2022-32638
https://notcve.org/view.php?id=CVE-2022-32638
03 Jan 2023 — In isp, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494449; Issue ID: ALPS07494449. En isp, existe una posible escritura fuera de los límites debido a una condición de ejecución. • https://corp.mediatek.com/product-security-bulletin/January-2023 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 6.4EPSS: 0%CPEs: 21EXPL: 0CVE-2022-32644
https://notcve.org/view.php?id=CVE-2022-32644
03 Jan 2023 — In vow, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494473; Issue ID: ALPS07494473. En voto, existe un posible use after free debido a una condición de ejecución. • https://corp.mediatek.com/product-security-bulletin/January-2023 • CWE-662: Improper Synchronization •
CVSS: 6.7EPSS: 0%CPEs: 59EXPL: 0CVE-2022-32641
https://notcve.org/view.php?id=CVE-2022-32641
03 Jan 2023 — In meta wifi, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453594; Issue ID: ALPS07453594. • https://corp.mediatek.com/product-security-bulletin/January-2023 • CWE-125: Out-of-bounds Read •
CVSS: 4.4EPSS: 0%CPEs: 20EXPL: 0CVE-2022-32639
https://notcve.org/view.php?id=CVE-2022-32639
03 Jan 2023 — In watchdog, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494487; Issue ID: ALPS07494487. • https://corp.mediatek.com/product-security-bulletin/January-2023 • CWE-125: Out-of-bounds Read •
CVSS: 6.7EPSS: 0%CPEs: 26EXPL: 0CVE-2022-32646
https://notcve.org/view.php?id=CVE-2022-32646
03 Jan 2023 — In gpu drm, there is a possible stack overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363501; Issue ID: ALPS07363501. • https://corp.mediatek.com/product-security-bulletin/January-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 13EXPL: 0CVE-2022-32637
https://notcve.org/view.php?id=CVE-2022-32637
03 Jan 2023 — In hevc decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07491374; Issue ID: ALPS07491374. • https://corp.mediatek.com/product-security-bulletin/January-2023 • CWE-787: Out-of-bounds Write •
CVSS: 4.1EPSS: 0%CPEs: 21EXPL: 0CVE-2022-32645
https://notcve.org/view.php?id=CVE-2022-32645
03 Jan 2023 — In vow, there is a possible information disclosure due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494477; Issue ID: ALPS07494477. • https://corp.mediatek.com/product-security-bulletin/January-2023 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-662: Improper Synchronization •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-20471
https://notcve.org/view.php?id=CVE-2022-20471
13 Dec 2022 — In SendIncDecRestoreCmdPart2 of NxpMfcReader.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-238177877 En SendIncDecRestoreCmdPart2 de NxpMfcReader.cc, existe una posible lectura fuera de los límites debido a una verificación de los límites faltantes. Esto p... • https://source.android.com/security/bulletin/2022-12-01 • CWE-125: Out-of-bounds Read •
CVSS: 7.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-20442
https://notcve.org/view.php?id=CVE-2022-20442
13 Dec 2022 — In onCreate of ReviewPermissionsActivity.java, there is a possible way to grant permissions for a separate app with API level < 23 due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-176094367 En onCreate de ReviewPermissionsActivity.java, existe una forma posible de otorgar permisos para una aplicación separad... • https://source.android.com/security/bulletin/2022-12-01 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-20488
https://notcve.org/view.php?id=CVE-2022-20488
13 Dec 2022 — In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242703217 En NotificationChannel de NotificationChannel.java, existe una posible falla al conservar la configuración de permisos deb... • https://source.android.com/security/bulletin/2022-12-01 • CWE-1284: Improper Validation of Specified Quantity in Input •