CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-36860
https://notcve.org/view.php?id=CVE-2022-36860
09 Sep 2022 — A heap-based overflow vulnerability in LoadEnvironment function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault. Una vulnerabilidad de desbordamiento en la región heap de la memoria en la función LoadEnvironment de la biblioteca libSDKRecognitionText.spensdk.samsung.so versiones anteriores a SMR Sep-2022 Release 1, permite a un atacante causar un fallo de acceso a la memoria • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=09 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-36849
https://notcve.org/view.php?id=CVE-2022-36849
09 Sep 2022 — Use after free vulnerability in sdp_mm_set_process_sensitive function of sdpmm driver prior to SMR Sep-2022 Release 1 allows attackers to perform malicious actions. Una vulnerabilidad de Uso de Memoria Previamente Liberada en la función sdp_mm_set_process_sensitive del controlador sdpmm versiones anteriores a SMR Sep-2022 Release 1, permite a atacantes llevar a cabo acciones maliciosas • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=09 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-36841
https://notcve.org/view.php?id=CVE-2022-36841
09 Sep 2022 — A heap-based overflow vulnerability in PrepareRecogLibrary_Part function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault. Una vulnerabilidad de desbordamiento en la región heap de la memoria en la función PrepareRecogLibrary_Part de la biblioteca libSDKRecognitionText.spensdk.samsung.so versiones anteriores a SMR Sep-2022 Release 1, permite a un atacante causar un fallo de acceso a la memoria • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=09 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-36845
https://notcve.org/view.php?id=CVE-2022-36845
09 Sep 2022 — A heap-based overflow vulnerability in MHW_RECOG_LIB_INFO function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault. Una vulnerabilidad de desbordamiento en la región heap de la memoria en la función MHW_RECOG_LIB_INFO de la biblioteca libSDKRecognitionText.spensdk.samsung.so versiones anteriores a SMR Sep-2022 Release 1, permite a un atacante causar un fallo de acceso a la memoria • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=09 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2022-39119
https://notcve.org/view.php?id=CVE-2022-39119
09 Sep 2022 — In network service, there is a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed En network service, se presenta una comprobación de permisos faltante. Esto podría conllevar a una escalada local de privilegios sinser necesarios de privilegios de ejecución adicionales • https://www.unisoc.com/en_us/secy/announcementDetail/1567706764592349186 • CWE-862: Missing Authorization •
CVSS: 7.2EPSS: 0%CPEs: 46EXPL: 0CVE-2022-26468
https://notcve.org/view.php?id=CVE-2022-26468
06 Sep 2022 — In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07168125; Issue ID: ALPS07168125. En preloader (usb), se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. • https://corp.mediatek.com/product-security-bulletin/September-2022 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 44EXPL: 0CVE-2022-26469
https://notcve.org/view.php?id=CVE-2022-26469
06 Sep 2022 — In MtkEmail, there is a possible escalation of privilege due to fragment injection. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07216598; Issue ID: ALPS07216598. En MtkEmail, se presenta una posible escalada de privilegios debido a la inyección de fragmentos. • https://corp.mediatek.com/product-security-bulletin/September-2022 • CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') •
CVSS: 6.7EPSS: 0%CPEs: 16EXPL: 0CVE-2022-26464
https://notcve.org/view.php?id=CVE-2022-26464
06 Sep 2022 — In vow, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032699; Issue ID: ALPS07032699. En vow, se presenta una posible escritura fuera de límites debido a una comprobación de límites incorrecta. • https://corp.mediatek.com/product-security-bulletin/September-2022 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 23EXPL: 0CVE-2022-26465
https://notcve.org/view.php?id=CVE-2022-26465
06 Sep 2022 — In audio ipi, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06558799; Issue ID: ALPS06558799. En audio ipi, se presenta una posible escritura fuera de límites debido a una comprobación de límites incorrecta. • https://corp.mediatek.com/product-security-bulletin/September-2022 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 25EXPL: 0CVE-2022-26466
https://notcve.org/view.php?id=CVE-2022-26466
06 Sep 2022 — In audio ipi, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06558777; Issue ID: ALPS06558777. En audio ipi, se presenta una posible escritura fuera de límites debido a un desbordamiento de enteros. • https://corp.mediatek.com/product-security-bulletin/September-2022 • CWE-190: Integer Overflow or Wraparound •