CVE-2022-48391
https://notcve.org/view.php?id=CVE-2022-48391
In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. • https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498 • CWE-862: Missing Authorization •
CVE-2022-48390
https://notcve.org/view.php?id=CVE-2022-48390
In telephony service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges. • https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498 • CWE-862: Missing Authorization •
CVE-2023-20705
https://notcve.org/view.php?id=CVE-2023-20705
In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767870; Issue ID: ALPS07767870. • https://corp.mediatek.com/product-security-bulletin/May-2023 • CWE-20: Improper Input Validation •
CVE-2023-21104
https://notcve.org/view.php?id=CVE-2023-21104
In applySyncTransaction of WindowOrganizer.java, a missing permission check could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12L Android-13Android ID: A-259938771 • https://source.android.com/security/bulletin/2023-05-01 • CWE-276: Incorrect Default Permissions •
CVE-2023-21118
https://notcve.org/view.php?id=CVE-2023-21118
In unflattenString8 of Sensor.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-269014004 • https://source.android.com/security/bulletin/2023-05-01 • CWE-125: Out-of-bounds Read •