CVSS: 8.8EPSS: 0%CPEs: 11EXPL: 0CVE-2022-21768
https://notcve.org/view.php?id=CVE-2022-21768
In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06784351; Issue ID: ALPS06784351. En Bluetooth, es posible sea producida una escritura fuera de límites debido a una falta de comprobación de límites. • https://corp.mediatek.com/product-security-bulletin/July-2022 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 11EXPL: 0CVE-2022-21767
https://notcve.org/view.php?id=CVE-2022-21767
In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06784430; Issue ID: ALPS06784430. En Bluetooth, es posible sea producida una escritura fuera de límites debido a una falta de comprobación de límites. • https://corp.mediatek.com/product-security-bulletin/July-2022 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-23729
https://notcve.org/view.php?id=CVE-2022-23729
When the device is in factory state, it can be access the shell without adb authentication process. The LG ID is LVE-SMP-210010. Cuando el dispositivo está en estado de fábrica, puede accederse al shell sin el proceso de autenticación adb. El ID de LG es LVE-SMP-210010 • https://lgsecurity.lge.com/bulletins/mobile • CWE-287: Improper Authentication CWE-305: Authentication Bypass by Primary Weakness •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2022-20046
https://notcve.org/view.php?id=CVE-2022-20046
In Bluetooth, there is a possible memory corruption due to a logic error. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06142410; Issue ID: ALPS06142410. En Bluetooth, se presenta una posible corrupción de memoria debido a un error lógico. • https://corp.mediatek.com/product-security-bulletin/February-2022 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2022-20045
https://notcve.org/view.php?id=CVE-2022-20045
In Bluetooth, there is a possible service crash due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126820; Issue ID: ALPS06126820. En Bluetooth, se presenta un posible bloqueo del servicio debido a un uso de memoria previamente liberada. • https://corp.mediatek.com/product-security-bulletin/February-2022 • CWE-416: Use After Free •