CVSS: 6.7EPSS: 0%CPEs: 36EXPL: 0CVE-2022-32631
https://notcve.org/view.php?id=CVE-2022-32631
05 Dec 2022 — In Wi-Fi, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453613; Issue ID: ALPS07453613. En Wi-Fi, existe una posible escritura fuera de los límites debido a una validación de entrada incorrecta. • https://corp.mediatek.com/product-security-bulletin/December-2022 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 9EXPL: 0CVE-2022-32622
https://notcve.org/view.php?id=CVE-2022-32622
05 Dec 2022 — In gz, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363786; Issue ID: ALPS07363786. En gz, existe una posible corrupción de la memoria debido a una verificación de los límites faltantes. • https://corp.mediatek.com/product-security-bulletin/December-2022 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 35EXPL: 0CVE-2022-32596
https://notcve.org/view.php?id=CVE-2022-32596
05 Dec 2022 — In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446213; Issue ID: ALPS07446213. En Widevine, existe una posible escritura fuera de los límites debido a una verificación de los límites incorrecta. • https://corp.mediatek.com/product-security-bulletin/December-2022 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 53EXPL: 0CVE-2022-32633
https://notcve.org/view.php?id=CVE-2022-32633
05 Dec 2022 — In Wi-Fi, there is a possible memory access violation due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441637; Issue ID: ALPS07441637. En Wi-Fi, existe una posible violación de acceso a la memoria debido a un error lógico. • https://corp.mediatek.com/product-security-bulletin/December-2022 • CWE-269: Improper Privilege Management •
CVSS: 6.7EPSS: 0%CPEs: 35EXPL: 0CVE-2022-32597
https://notcve.org/view.php?id=CVE-2022-32597
05 Dec 2022 — In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446228; Issue ID: ALPS07446228. En Widevine, existe una posible escritura fuera de los límites debido a una verificación de los límites incorrecta. • https://corp.mediatek.com/product-security-bulletin/December-2022 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 33EXPL: 0CVE-2022-32634
https://notcve.org/view.php?id=CVE-2022-32634
05 Dec 2022 — In ccci, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138646; Issue ID: ALPS07138646. En ccci, existe una posible escritura fuera de los límites debido a una validación de entrada incorrecta. • https://corp.mediatek.com/product-security-bulletin/December-2022 • CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-39884
https://notcve.org/view.php?id=CVE-2022-39884
09 Nov 2022 — Improper access control vulnerability in IImsService prior to SMR Nov-2022 Release 1 allows local attacker to access to Call information. Una vulnerabilidad de control de acceso inadecuado en IImsService anterior a SMR Nov-2022 Release 1 permite a un atacante local acceder a la información de la llamada. • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=11 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-39883
https://notcve.org/view.php?id=CVE-2022-39883
09 Nov 2022 — Improper authorization vulnerability in StorageManagerService prior to SMR Nov-2022 Release 1 allows local attacker to call privileged API. Una vulnerabilidad de autorización incorrecta en StorageManagerService anterior a SMR Nov-2022 Release 1 permite a un atacante local llamar a una API privilegiada. • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=11 • CWE-285: Improper Authorization •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-39887
https://notcve.org/view.php?id=CVE-2022-39887
09 Nov 2022 — Improper access control vulnerability in clearAllGlobalProxy in MiscPolicy prior to SMR Nov-2022 Release 1 allows local attacker to configure EDM setting. Una vulnerabilidad de control de acceso inadecuado en clearAllGlobalProxy en MiscPolicy anterior a SMR Nov-2022 Release 1 permite a un atacante local modificar la configuración de EDM. • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=11 • CWE-284: Improper Access Control •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2022-39879
https://notcve.org/view.php?id=CVE-2022-39879
09 Nov 2022 — Improper authorization vulnerability in?CallBGProvider prior to SMR Nov-2022 Release 1 allows local attacker to grant permission for accessing information with phone uid. Vulnerabilidad de autorización incorrecta en CallBGProvider antes de SMR Nov-2022 Release 1 permite a un atacante local otorgar permiso para acceder a información con el uid del teléfono. • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=11 • CWE-285: Improper Authorization •