CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-39914
https://notcve.org/view.php?id=CVE-2022-39914
Exposure of Sensitive Information from an Unauthorized Actor vulnerability in Samsung DisplayManagerService prior to Android T(13) allows local attacker to access connected DLNA device information. La exposición de información confidencial de una vulnerabilidad de actor no autorizado en Samsung DisplayManagerService anterior a Android T(13) permite a un atacante local acceder a la información del dispositivo DLNA conectado. • https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=12 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-863: Incorrect Authorization •
CVSS: 8.8EPSS: 0%CPEs: 11EXPL: 0CVE-2022-21768
https://notcve.org/view.php?id=CVE-2022-21768
In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06784351; Issue ID: ALPS06784351. En Bluetooth, es posible sea producida una escritura fuera de límites debido a una falta de comprobación de límites. • https://corp.mediatek.com/product-security-bulletin/July-2022 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 11EXPL: 0CVE-2022-21767
https://notcve.org/view.php?id=CVE-2022-21767
In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06784430; Issue ID: ALPS06784430. En Bluetooth, es posible sea producida una escritura fuera de límites debido a una falta de comprobación de límites. • https://corp.mediatek.com/product-security-bulletin/July-2022 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-23729
https://notcve.org/view.php?id=CVE-2022-23729
When the device is in factory state, it can be access the shell without adb authentication process. The LG ID is LVE-SMP-210010. Cuando el dispositivo está en estado de fábrica, puede accederse al shell sin el proceso de autenticación adb. El ID de LG es LVE-SMP-210010 • https://lgsecurity.lge.com/bulletins/mobile • CWE-287: Improper Authentication CWE-305: Authentication Bypass by Primary Weakness •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2022-20046
https://notcve.org/view.php?id=CVE-2022-20046
In Bluetooth, there is a possible memory corruption due to a logic error. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06142410; Issue ID: ALPS06142410. En Bluetooth, se presenta una posible corrupción de memoria debido a un error lógico. • https://corp.mediatek.com/product-security-bulletin/February-2022 • CWE-401: Missing Release of Memory after Effective Lifetime •