CVSS: 8.4EPSS: 0%CPEs: 89EXPL: 0CVE-2024-20812
https://notcve.org/view.php?id=CVE-2024-20812
06 Feb 2024 — Out-of-bounds Write in padmd_vld_htbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code. La escritura fuera de los límites en padmd_vld_htbl de libpadm.so antes de SMR, febrero de 2024, versión 1, permite a un atacante local ejecutar código arbitrario. • https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=02 • CWE-787: Out-of-bounds Write •
CVSS: 5.1EPSS: 0%CPEs: 89EXPL: 0CVE-2024-20811
https://notcve.org/view.php?id=CVE-2024-20811
06 Feb 2024 — Improper caller verification in GameOptimizer prior to SMR Feb-2024 Release 1 allows local attackers to configure GameOptimizer. La verificación inadecuada de la persona que llama en GameOptimizer antes de SMR, febrero de 2024, versión 1, permite a atacantes locales configurar GameOptimizer. • https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=02 •
CVSS: 3.3EPSS: 0%CPEs: 45EXPL: 0CVE-2024-20810
https://notcve.org/view.php?id=CVE-2024-20810
06 Feb 2024 — Implicit intent hijacking vulnerability in Smart Suggestions prior to SMR Feb-2024 Release 1 allows local attackers to get sensitive information. La vulnerabilidad de secuestro de intención implícita en Smart Suggestions antes de la versión 1 de SMR de febrero de 2024 permite a los atacantes obtener información confidencial. • https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=02 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 6.7EPSS: 0%CPEs: 62EXPL: 0CVE-2024-20002
https://notcve.org/view.php?id=CVE-2024-20002
05 Feb 2024 — In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03961715; Issue ID: DTV03961715. En TVAPI, existe una posible escritura fuera de los límites debido a una verificación de los límites faltantes. • https://corp.mediatek.com/product-security-bulletin/February-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 62EXPL: 0CVE-2024-20001
https://notcve.org/view.php?id=CVE-2024-20001
05 Feb 2024 — In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03961601; Issue ID: DTV03961601. En TVAPI, existe una posible escritura fuera de los límites debido a una verificación de los límites faltantes. • https://corp.mediatek.com/product-security-bulletin/February-2024 • CWE-787: Out-of-bounds Write •
CVSS: 4.4EPSS: 0%CPEs: 38EXPL: 0CVE-2024-20016
https://notcve.org/view.php?id=CVE-2024-20016
05 Feb 2024 — In ged, there is a possible out of bounds write due to an integer overflow. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation Patch ID: ALPS07835901; Issue ID: ALPS07835901. En ged, existe una posible escritura fuera de los límites debido a un desbordamiento de enteros. Esto podría provocar una denegación de servicio local con los privilegios de ejecución de System necesarios. • https://corp.mediatek.com/product-security-bulletin/February-2024 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 42EXPL: 0CVE-2024-20015
https://notcve.org/view.php?id=CVE-2024-20015
05 Feb 2024 — In telephony, there is a possible escalation of privilege due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08441419; Issue ID: ALPS08441419. En telephony, existe una posible escalada de privilegios debido a una omisión de permisos. • https://corp.mediatek.com/product-security-bulletin/February-2024 • CWE-305: Authentication Bypass by Primary Weakness •
CVSS: 6.7EPSS: 0%CPEs: 61EXPL: 0CVE-2024-20013
https://notcve.org/view.php?id=CVE-2024-20013
05 Feb 2024 — In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08471742; Issue ID: ALPS08308608. En keyInstall, existe una posible escritura fuera de los límites debido a una verificación de los límites faltantes. • https://corp.mediatek.com/product-security-bulletin/February-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 52EXPL: 0CVE-2024-20012
https://notcve.org/view.php?id=CVE-2024-20012
05 Feb 2024 — In keyInstall, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08358566; Issue ID: ALPS08358566. En keyInstall, existe una posible escalada de privilegios debido a confusión de tipos. • https://corp.mediatek.com/product-security-bulletin/February-2024 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 10.0EPSS: 3%CPEs: 20EXPL: 0CVE-2024-20011
https://notcve.org/view.php?id=CVE-2024-20011
05 Feb 2024 — In alac decoder, there is a possible information disclosure due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08441146; Issue ID: ALPS08441146. En el decodificador alac, existe una posible divulgación de información debido a una verificación de los límites incorrecta. • https://corp.mediatek.com/product-security-bulletin/February-2024 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •