CVSS: 6.4EPSS: 0%CPEs: 13EXPL: 0CVE-2022-26428
https://notcve.org/view.php?id=CVE-2022-26428
01 Aug 2022 — In video codec, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06521260; Issue ID: ALPS06521260. En video codec, se presenta una posible corrupción de memoria debido a una condición de carrera. • https://corp.mediatek.com/product-security-bulletin/August-2022 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.7EPSS: 0%CPEs: 7EXPL: 0CVE-2022-26427
https://notcve.org/view.php?id=CVE-2022-26427
01 Aug 2022 — In camera isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07085540; Issue ID: ALPS07085540. En camera isp, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. • https://corp.mediatek.com/product-security-bulletin/August-2022 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 23EXPL: 0CVE-2022-26426
https://notcve.org/view.php?id=CVE-2022-26426
01 Aug 2022 — In camera isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07085486; Issue ID: ALPS07085486. En camera isp, se presenta una posible escritura fuera de límites debido a una comprobación de límites que falta. • https://corp.mediatek.com/product-security-bulletin/August-2022 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 12EXPL: 0CVE-2022-21792
https://notcve.org/view.php?id=CVE-2022-21792
01 Aug 2022 — In camera isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07085410; Issue ID: ALPS07085410. En camera isp, se presenta una posible escritura fuera de límites debido a una comprobación de límites que falta. • https://corp.mediatek.com/product-security-bulletin/August-2022 • CWE-787: Out-of-bounds Write •
CVSS: 4.4EPSS: 0%CPEs: 8EXPL: 0CVE-2022-21791
https://notcve.org/view.php?id=CVE-2022-21791
01 Aug 2022 — In camera isp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06478059; Issue ID: ALPS06478059. En camera isp, se presenta una posible lectura fuera de límites debido a una falta de comprobación de límites. • https://corp.mediatek.com/product-security-bulletin/August-2022 • CWE-125: Out-of-bounds Read •
CVSS: 4.4EPSS: 0%CPEs: 7EXPL: 0CVE-2022-21790
https://notcve.org/view.php?id=CVE-2022-21790
01 Aug 2022 — In camera isp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479306; Issue ID: ALPS06479306. En camera isp, se presenta una posible lectura fuera de límites debido a una falta de comprobación de límites. • https://corp.mediatek.com/product-security-bulletin/August-2022 • CWE-125: Out-of-bounds Read •
CVSS: 6.4EPSS: 0%CPEs: 22EXPL: 1CVE-2022-21789
https://notcve.org/view.php?id=CVE-2022-21789
01 Aug 2022 — In audio ipi, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06478101; Issue ID: ALPS06478101. En audio ipi, se presenta una posible corrupción de memoria debido a una condición de carrera. • https://github.com/docfate111/CVE-2022-21789 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-20212
https://notcve.org/view.php?id=CVE-2022-20212
13 Jul 2022 — In wifi.RequestToggleWifiActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11Android ID: A-182282630 En la función wifi.RequestToggleWifiActivity del archivo AndroidManifest.xml, se presenta un posible EoP debido a un ataque de tapjacking/overlay. Esto podría conllevar a una escalad... • https://source.android.com/security/bulletin/aaos/2022-07-01 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-20230
https://notcve.org/view.php?id=CVE-2022-20230
13 Jul 2022 — In choosePrivateKeyAlias of KeyChain.java, there is a possible access to the user's certificate due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-221859869 En la función choosePrivateKeyAlias del archivo KeyChain.java, se presenta un posible acceso al certificado del usuario debido a una comprobación de... • https://source.android.com/security/bulletin/2022-07-01 • CWE-116: Improper Encoding or Escaping of Output •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 1CVE-2022-20229
https://notcve.org/view.php?id=CVE-2022-20229
13 Jul 2022 — In bta_hf_client_handle_cind_list_item of bta_hf_client_at.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-224536184 En la función bta_hf_client_handle_cind_list_item del archivo bta_hf_client_at.cc, se presenta una posible escritura fuera de límites debido a una ... • https://github.com/ShaikUsaf/system_bt_AOSP10_r33_CVE-2022-20229 • CWE-787: Out-of-bounds Write •