CVSS: 6.7EPSS: 0%CPEs: 18EXPL: 0CVE-2022-21751
https://notcve.org/view.php?id=CVE-2022-21751
In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06511132; Issue ID: ALPS06511132. En WLAN driver, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. • https://corp.mediatek.com/product-security-bulletin/June-2022 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 33EXPL: 0CVE-2022-21750
https://notcve.org/view.php?id=CVE-2022-21750
In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06521283; Issue ID: ALPS06521283. En WLAN driver, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. • https://corp.mediatek.com/product-security-bulletin/June-2022 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 46EXPL: 0CVE-2022-21745
https://notcve.org/view.php?id=CVE-2022-21745
In WIFI Firmware, there is a possible memory corruption due to a use after free. This could lead to remote escalation of privilege, when devices are connecting to the attacker-controllable Wi-Fi hotspot, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06468872; Issue ID: ALPS06468872. En WIFI Firmware, se presenta una posible corrupción de memoria debido a un uso de memoria previamente liberada. • https://corp.mediatek.com/product-security-bulletin/June-2022 • CWE-416: Use After Free •
CVSS: 4.4EPSS: 0%CPEs: 16EXPL: 0CVE-2022-20096
https://notcve.org/view.php?id=CVE-2022-20096
In camera, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS06419003; Issue ID: ALPS06419003. En camera, se presenta una posible divulgación de información debido a datos no inicializados. • https://corp.mediatek.com/product-security-bulletin/May-2022 • CWE-908: Use of Uninitialized Resource •
CVSS: 7.8EPSS: 0%CPEs: 57EXPL: 0CVE-2022-20084
https://notcve.org/view.php?id=CVE-2022-20084
In telephony, there is a possible way to disable receiving emergency broadcasts due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06498874; Issue ID: ALPS06498874. En telephony, es posible que sea deshabilitada la recepción de transmisiones de emergencia debido a una falta de comprobación de permisos. • https://corp.mediatek.com/product-security-bulletin/May-2022 • CWE-862: Missing Authorization •