CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-21099
https://notcve.org/view.php?id=CVE-2023-21099
19 Apr 2023 — In multiple methods of PackageInstallerSession.java, there is a possible way to start foreground services from the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-243377226 • https://source.android.com/security/bulletin/2023-04-01 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-21100
https://notcve.org/view.php?id=CVE-2023-21100
19 Apr 2023 — In inflate of inflate.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-242544249 • https://source.android.com/security/bulletin/2023-04-01 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 0CVE-2022-47465
https://notcve.org/view.php?id=CVE-2022-47465
11 Apr 2023 — In vdsp service, there is a missing permission check. This could lead to local denial of service in vdsp service. • https://www.unisoc.com/en_us/secy/announcementDetail/1645429273135218690 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 0CVE-2022-47464
https://notcve.org/view.php?id=CVE-2022-47464
11 Apr 2023 — In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service. • https://www.unisoc.com/en_us/secy/announcementDetail/1645429273135218690 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 0CVE-2022-47463
https://notcve.org/view.php?id=CVE-2022-47463
11 Apr 2023 — In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service. • https://www.unisoc.com/en_us/secy/announcementDetail/1645429273135218690 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 0CVE-2022-47362
https://notcve.org/view.php?id=CVE-2022-47362
11 Apr 2023 — In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service. • https://www.unisoc.com/en_us/secy/announcementDetail/1645429273135218690 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 0CVE-2022-47337
https://notcve.org/view.php?id=CVE-2022-47337
11 Apr 2023 — In media service, there is a missing permission check. This could lead to local denial of service in media service. • https://www.unisoc.com/en_us/secy/announcementDetail/1645429273135218690 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 0CVE-2022-47336
https://notcve.org/view.php?id=CVE-2022-47336
11 Apr 2023 — In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service. • https://www.unisoc.com/en_us/secy/announcementDetail/1645429273135218690 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 0CVE-2022-47335
https://notcve.org/view.php?id=CVE-2022-47335
11 Apr 2023 — In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service. • https://www.unisoc.com/en_us/secy/announcementDetail/1645429273135218690 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.7EPSS: 0%CPEs: 37EXPL: 0CVE-2023-20656
https://notcve.org/view.php?id=CVE-2023-20656
06 Apr 2023 — In geniezone, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07571494; Issue ID: ALPS07571494. • https://corp.mediatek.com/product-security-bulletin/April-2023 • CWE-787: Out-of-bounds Write •