CVSS: 6.7EPSS: 0%CPEs: 38EXPL: 0CVE-2022-21766
https://notcve.org/view.php?id=CVE-2022-21766
06 Jul 2022 — In CCCI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06641673; Issue ID: ALPS06641653. En CCCI, es posible sea producida una escritura fuera de límites debido a una falta de comprobación de límites. • https://corp.mediatek.com/product-security-bulletin/July-2022 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 38EXPL: 0CVE-2022-21765
https://notcve.org/view.php?id=CVE-2022-21765
06 Jul 2022 — In CCCI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06641673; Issue ID: ALPS06641673. En CCCI, es posible sea producida una escritura fuera de límites debido a una falta de comprobación de límites. • https://corp.mediatek.com/product-security-bulletin/July-2022 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 11EXPL: 0CVE-2022-21768
https://notcve.org/view.php?id=CVE-2022-21768
06 Jul 2022 — In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06784351; Issue ID: ALPS06784351. En Bluetooth, es posible sea producida una escritura fuera de límites debido a una falta de comprobación de límites. • https://corp.mediatek.com/product-security-bulletin/July-2022 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 11EXPL: 0CVE-2022-21767
https://notcve.org/view.php?id=CVE-2022-21767
06 Jul 2022 — In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06784430; Issue ID: ALPS06784430. En Bluetooth, es posible sea producida una escritura fuera de límites debido a una falta de comprobación de límites. • https://corp.mediatek.com/product-security-bulletin/July-2022 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 47EXPL: 0CVE-2022-21764
https://notcve.org/view.php?id=CVE-2022-21764
06 Jul 2022 — In telecom service, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07044717; Issue ID: ALPS07044717. En telecom service, Se presenta una posible divulgación de información debido a una falta de comprobación de permisos. • https://corp.mediatek.com/product-security-bulletin/July-2022 • CWE-862: Missing Authorization •
CVSS: 5.5EPSS: 0%CPEs: 47EXPL: 0CVE-2022-21763
https://notcve.org/view.php?id=CVE-2022-21763
06 Jul 2022 — In telecom service, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07044717; Issue ID: ALPS07044708. En telecom service, Se presenta una posible divulgación de información debido a una falta de comprobación de permisos. • https://corp.mediatek.com/product-security-bulletin/July-2022 • CWE-862: Missing Authorization •
CVSS: 7.0EPSS: 0%CPEs: 21EXPL: 0CVE-2022-20082
https://notcve.org/view.php?id=CVE-2022-20082
06 Jul 2022 — In GPU, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07044730; Issue ID: ALPS07044730. En GPU, Se presenta un posible uso de memoria previamente liberada debido a una condición de carrera. • https://corp.mediatek.com/product-security-bulletin/July-2022 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-20147
https://notcve.org/view.php?id=CVE-2022-20147
15 Jun 2022 — In nfa_dm_check_set_config of nfa_dm_main.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-221216105 En la función nfa_dm_check_set_config del archivo nfa_dm_main.cc, se presenta una posible escritura fuera de límites debido a una falta de comprobación de l... • https://source.android.com/security/bulletin/2022-06-01 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20145
https://notcve.org/view.php?id=CVE-2022-20145
15 Jun 2022 — In startLegacyVpnPrivileged of Vpn.java, there is a possible way to retrieve VPN credentials due to a protocol downgrade attack. This could lead to remote escalation of privilege if a malicious Wi-Fi AP is used, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-201660636 En la función startLegacyVpnPrivileged del archivo Vpn.java, se presenta una posible forma de recuperar las credenciales de la VPN debido a un a... • https://source.android.com/security/bulletin/2022-06-01 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-20143
https://notcve.org/view.php?id=CVE-2022-20143
15 Jun 2022 — In addAutomaticZenRule of ZenModeHelper.java, there is a possible permanent denial of service due to resource exhaustion. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-220735360 En la función addAutomaticZenRule del archivo ZenModeHelper.java, se presenta una posible denegación de servicio permanente debido al agotamiento de recursos. Esto po... • https://source.android.com/security/bulletin/2022-06-01 • CWE-770: Allocation of Resources Without Limits or Throttling •