CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2022-39912
https://notcve.org/view.php?id=CVE-2022-39912
Improper handling of insufficient permissions vulnerability in setSecureFolderPolicy in PersonaManagerService prior to Android T(13) allows local attackers to set some setting value in Secure folder. Vulnerabilidad de manejo inadecuado de permisos insuficientes en setSecureFolderPolicy en PersonaManagerService anterior a Android T(13) permite a atacantes locales establecer algún valor de configuración en la carpeta segura. • https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=12 • CWE-280: Improper Handling of Insufficient Permissions or Privileges CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-39913
https://notcve.org/view.php?id=CVE-2022-39913
Exposure of Sensitive Information to an Unauthorized Actor in Persona Manager prior to Android T(13) allows local attacker to access user profiles information. La exposición de información confidencial a un actor no autorizado en Persona Manager anterior de Android T(13) permite a un atacante local acceder a la información de los perfiles de los usuarios. • https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=12 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-863: Incorrect Authorization •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-39914
https://notcve.org/view.php?id=CVE-2022-39914
Exposure of Sensitive Information from an Unauthorized Actor vulnerability in Samsung DisplayManagerService prior to Android T(13) allows local attacker to access connected DLNA device information. La exposición de información confidencial de una vulnerabilidad de actor no autorizado en Samsung DisplayManagerService anterior a Android T(13) permite a un atacante local acceder a la información del dispositivo DLNA conectado. • https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=12 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-863: Incorrect Authorization •
CVSS: 6.7EPSS: 0%CPEs: 38EXPL: 0CVE-2022-32632
https://notcve.org/view.php?id=CVE-2022-32632
In Wi-Fi, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441630; Issue ID: ALPS07441630. En Wi-Fi, existe una posible escritura fuera de los límites debido a una validación de entrada incorrecta. • https://corp.mediatek.com/product-security-bulletin/December-2022 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 36EXPL: 0CVE-2022-32631
https://notcve.org/view.php?id=CVE-2022-32631
In Wi-Fi, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453613; Issue ID: ALPS07453613. En Wi-Fi, existe una posible escritura fuera de los límites debido a una validación de entrada incorrecta. • https://corp.mediatek.com/product-security-bulletin/December-2022 • CWE-787: Out-of-bounds Write •