CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-36849
https://notcve.org/view.php?id=CVE-2022-36849
Use after free vulnerability in sdp_mm_set_process_sensitive function of sdpmm driver prior to SMR Sep-2022 Release 1 allows attackers to perform malicious actions. Una vulnerabilidad de Uso de Memoria Previamente Liberada en la función sdp_mm_set_process_sensitive del controlador sdpmm versiones anteriores a SMR Sep-2022 Release 1, permite a atacantes llevar a cabo acciones maliciosas • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=09 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-36847
https://notcve.org/view.php?id=CVE-2022-36847
Use after free vulnerability in mtp_send_signal function of MTP driver prior to SMR Sep-2022 Release 1 allows attackers to perform malicious actions. Una vulnerabilidad de Uso de Memoria Previamente Liberada en la función mtp_send_signal del controlador MTP versiones anteriores a SMR Sep-2022 Release 1, permite a atacantes llevar a cabo acciones maliciosas • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=09 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-36841
https://notcve.org/view.php?id=CVE-2022-36841
A heap-based overflow vulnerability in PrepareRecogLibrary_Part function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault. Una vulnerabilidad de desbordamiento en la región heap de la memoria en la función PrepareRecogLibrary_Part de la biblioteca libSDKRecognitionText.spensdk.samsung.so versiones anteriores a SMR Sep-2022 Release 1, permite a un atacante causar un fallo de acceso a la memoria • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=09 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2022-39119
https://notcve.org/view.php?id=CVE-2022-39119
In network service, there is a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed En network service, se presenta una comprobación de permisos faltante. Esto podría conllevar a una escalada local de privilegios sinser necesarios de privilegios de ejecución adicionales • https://www.unisoc.com/en_us/secy/announcementDetail/1567706764592349186 • CWE-862: Missing Authorization •
CVSS: 9.8EPSS: 0%CPEs: 29EXPL: 0CVE-2022-26447
https://notcve.org/view.php?id=CVE-2022-26447
In BT firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06784478; Issue ID: ALPS06784478. En BT firmware, es posible que se produzca una escritura fuera de límites debido a una falta de comprobación de límites. • https://corp.mediatek.com/product-security-bulletin/September-2022 • CWE-787: Out-of-bounds Write •