CVSS: 4.9EPSS: 0%CPEs: 46EXPL: 0CVE-2022-21761
https://notcve.org/view.php?id=CVE-2022-21761
In apusys driver, there is a possible system crash due to an integer overflow. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479532; Issue ID: ALPS06479532. En apusys driver, se presenta un posible bloqueo del sistema debido a un desbordamiento de enteros. • https://corp.mediatek.com/product-security-bulletin/June-2022 • CWE-190: Integer Overflow or Wraparound •
CVSS: 4.4EPSS: 0%CPEs: 26EXPL: 0CVE-2022-21747
https://notcve.org/view.php?id=CVE-2022-21747
In imgsensor, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06478078; Issue ID: ALPS06478078. En imgsensor, se presenta una posible lectura fuera de límites debido a una falta de comprobación de límites. • https://corp.mediatek.com/product-security-bulletin/June-2022 • CWE-125: Out-of-bounds Read •
CVSS: 4.4EPSS: 0%CPEs: 20EXPL: 0CVE-2022-21746
https://notcve.org/view.php?id=CVE-2022-21746
In imgsensor, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479698; Issue ID: ALPS06479698. En imgsensor, se presenta una posible lectura fuera de límites debido a una falta de comprobación de límites. • https://corp.mediatek.com/product-security-bulletin/June-2022 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 46EXPL: 0CVE-2022-21745
https://notcve.org/view.php?id=CVE-2022-21745
In WIFI Firmware, there is a possible memory corruption due to a use after free. This could lead to remote escalation of privilege, when devices are connecting to the attacker-controllable Wi-Fi hotspot, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06468872; Issue ID: ALPS06468872. En WIFI Firmware, se presenta una posible corrupción de memoria debido a un uso de memoria previamente liberada. • https://corp.mediatek.com/product-security-bulletin/June-2022 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-39738
https://notcve.org/view.php?id=CVE-2021-39738
In CarSetings, there is a possible to pair BT device bypassing user's consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-216190509 En CarSetings, es posible emparejar el dispositivo BT omitiendo el consentimiento del usuario debido a una falta de comprobación de permisos. Esto podría conllevar a una escalada local de privilegios sin ser necesarios privilegios de ejecución adicionales. No es requerida una interacción del usuario para su explotación. • https://source.android.com/security/bulletin/aaos/2022-05-01 • CWE-862: Missing Authorization •