CVSS: 6.7EPSS: 0%CPEs: 49EXPL: 0CVE-2022-32590
https://notcve.org/view.php?id=CVE-2022-32590
In wlan, there is a possible use after free due to an incorrect status check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07299425; Issue ID: ALPS07299425. En wlan, se presenta un posible uso después de libre debido a una comprobación de estado incorrecta. • https://corp.mediatek.com/product-security-bulletin/October-2022 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 4.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-39851
https://notcve.org/view.php?id=CVE-2022-39851
Improper access control vulnerability in CocktailBarService prior to SMR Oct-2022 Release 1 allows local attacker to bind service that require BIND_REMOTEVIEWS permission. Una vulnerabilidad de control de acceso inapropiado en CocktailBarService versiones anteriores a SMR Oct-2022 Release 1, permite a un atacante local enlazar servicios que requieren el permiso BIND_REMOTEVIEWS • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=10 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 42EXPL: 0CVE-2022-26472
https://notcve.org/view.php?id=CVE-2022-26472
In ims, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07319095; Issue ID: ALPS07319095. En ims, se presenta una posible escalada de privilegios debido a un desajuste en el formato de los paquetes. • https://corp.mediatek.com/product-security-bulletin/October-2022 • CWE-502: Deserialization of Untrusted Data •
CVSS: 6.7EPSS: 0%CPEs: 19EXPL: 0CVE-2022-32592
https://notcve.org/view.php?id=CVE-2022-32592
In cpu dvfs, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07139405; Issue ID: ALPS07139405. En cpu dvfs, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. • https://corp.mediatek.com/product-security-bulletin/October-2022 • CWE-787: Out-of-bounds Write •
CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-39849
https://notcve.org/view.php?id=CVE-2022-39849
Improper access control in knox_vpn_policy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data. Un control de acceso inapropiado en el servicio knox_vpn_policy versiones anteriores a SMR Oct-2022 Release 1, permite una lectura no autorizada de los datos de configuración • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=10 • CWE-284: Improper Access Control •