CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-20462
https://notcve.org/view.php?id=CVE-2022-20462
08 Nov 2022 — In phNxpNciHal_write_unlocked of phNxpNciHal.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-230356196 En phNxpNciHal_write_unlocked de phNxpNciHal.cc, existe una posible escritura fuera de los límites debido a una verificación de los límites fa... • https://source.android.com/security/bulletin/2022-11-01 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 7EXPL: 0CVE-2022-32603
https://notcve.org/view.php?id=CVE-2022-32603
08 Nov 2022 — In gpu drm, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310704; Issue ID: ALPS07310704. En gpu drm, existe una posible escritura fuera de los límites debido a una validación de entrada incorrecta. • https://corp.mediatek.com/product-security-bulletin/November-2022 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-20452
https://notcve.org/view.php?id=CVE-2022-20452
08 Nov 2022 — In initializeFromParcelLocked of BaseBundle.java, there is a possible method arbitrary code execution due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-240138318 En inicializeFromParcelLocked de BaseBundle.java, existe un posible método de ejecución de código arbitrario debido a un adjunto confuso. Esto podría conducir a una escalada local... • https://github.com/michalbednarski/LeakValue •
CVSS: 6.7EPSS: 0%CPEs: 5EXPL: 0CVE-2022-32611
https://notcve.org/view.php?id=CVE-2022-32611
08 Nov 2022 — In isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07340373; Issue ID: ALPS07340373. En isp, existe una posible escritura fuera de los límites debido a una verificación de los límites faltantes. • https://corp.mediatek.com/product-security-bulletin/November-2022 • CWE-787: Out-of-bounds Write •
CVSS: 7.2EPSS: 0%CPEs: 7EXPL: 0CVE-2022-32618
https://notcve.org/view.php?id=CVE-2022-32618
08 Nov 2022 — In typec, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07262454; Issue ID: ALPS07262454. En Typec, existe una posible escritura fuera de límites debido a un cálculo incorrecto del tamaño del búfer. • https://corp.mediatek.com/product-security-bulletin/November-2022 • CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 6.7EPSS: 0%CPEs: 5EXPL: 0CVE-2022-20454
https://notcve.org/view.php?id=CVE-2022-20454
08 Nov 2022 — In fdt_next_tag of fdt.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242096164 En fdt_next_tag de fdt.c, existe una posible escritura fuera de los límites debido a un desbordamiento de enteros. Esto podría conducir a una escalada local de privilegios con... • https://source.android.com/security/bulletin/2022-11-01 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 18EXPL: 0CVE-2022-32602
https://notcve.org/view.php?id=CVE-2022-32602
08 Nov 2022 — In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07388790; Issue ID: ALPS07388790. En keyinstall, existe una posible lectura fuera de los límites debido a una comprobación de los límites faltantes. • https://corp.mediatek.com/product-security-bulletin/November-2022 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-20441
https://notcve.org/view.php?id=CVE-2022-20441
08 Nov 2022 — In navigateUpTo of Task.java, there is a possible way to launch an unexported intent handler due to a logic error in the code. This could lead to local escalation of privilege if the targeted app has an intent trampoline, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-238605611 En navegateUpTo de Task.java, existe una forma posible de iniciar un controlador de inten... • https://source.android.com/security/bulletin/2022-11-01 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-20426
https://notcve.org/view.php?id=CVE-2022-20426
08 Nov 2022 — In multiple functions of many files, there is a possible obstruction of the user's ability to select a phone account due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-236263294 En múltiples funciones de muchos archivos, existe una posible obstrucción de la capacidad del usuario para seleccionar una ... • https://source.android.com/security/bulletin/2022-11-01 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 4.9EPSS: 0%CPEs: 5EXPL: 0CVE-2022-20465
https://notcve.org/view.php?id=CVE-2022-20465
08 Nov 2022 — In dismiss and related functions of KeyguardHostViewController.java and related files, there is a possible lockscreen bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-218500036 Al descartar y funciones relacionadas de KeyguardHostViewController.java y archivos relacionados, exist... • https://source.android.com/security/bulletin/2022-11-01 •