CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-39853
https://notcve.org/view.php?id=CVE-2022-39853
A use after free vulnerability in perf-mgr driver prior to SMR Oct-2022 Release 1 allows attacker to cause memory access fault. Una vulnerabilidad de uso de memoria previamente liberada en el controlador perf-mgr versiones anteriores a SMR Oct-2022 Release 1, permite a un atacante causar un fallo de acceso a la memoria • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=10 • CWE-416: Use After Free •
CVSS: 8.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-39852
https://notcve.org/view.php?id=CVE-2022-39852
A heap-based overflow vulnerability in makeContactAGIF in libagifencoder.quram.so library prior to SMR Oct-2022 Release 1 allows attacker to perform code execution. Una vulnerabilidad de desbordamiento en la región heap de la memoria en makeContactAGIF en la biblioteca libagifencoder.quram.so versiones anteriores a SMR Oct-2022 Release 1, permite a un atacante llevar a cabo una ejecución de código • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=10 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 4.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-39851
https://notcve.org/view.php?id=CVE-2022-39851
Improper access control vulnerability in CocktailBarService prior to SMR Oct-2022 Release 1 allows local attacker to bind service that require BIND_REMOTEVIEWS permission. Una vulnerabilidad de control de acceso inapropiado en CocktailBarService versiones anteriores a SMR Oct-2022 Release 1, permite a un atacante local enlazar servicios que requieren el permiso BIND_REMOTEVIEWS • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=10 • CWE-284: Improper Access Control •
CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-39849
https://notcve.org/view.php?id=CVE-2022-39849
Improper access control in knox_vpn_policy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data. Un control de acceso inapropiado en el servicio knox_vpn_policy versiones anteriores a SMR Oct-2022 Release 1, permite una lectura no autorizada de los datos de configuración • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=10 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 42EXPL: 0CVE-2022-26472
https://notcve.org/view.php?id=CVE-2022-26472
In ims, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07319095; Issue ID: ALPS07319095. En ims, se presenta una posible escalada de privilegios debido a un desajuste en el formato de los paquetes. • https://corp.mediatek.com/product-security-bulletin/October-2022 • CWE-502: Deserialization of Untrusted Data •