CVSS: 6.2EPSS: 0%CPEs: 6EXPL: 0CVE-2022-23998
https://notcve.org/view.php?id=CVE-2022-23998
Improper access control vulnerability in Camera prior to versions 11.1.02.16 in Android R(11), 10.5.03.77 in Android Q(10) and 9.0.6.68 in Android P(9) allows untrusted applications to take a picture in screenlock status. Una vulnerabilidad de control de acceso inapropiado en Camera versiones anteriores a 11.1.02.16 en Android R(11), versiones 10.5.03.77 en Android Q(10) y versiones 9.0.6.68 en Android P(9) permite que aplicaciones no confiables tomen una foto en estado de bloqueo de pantalla • https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=2 • CWE-20: Improper Input Validation CWE-863: Incorrect Authorization •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2022-20046
https://notcve.org/view.php?id=CVE-2022-20046
In Bluetooth, there is a possible memory corruption due to a logic error. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06142410; Issue ID: ALPS06142410. En Bluetooth, se presenta una posible corrupción de memoria debido a un error lógico. • https://corp.mediatek.com/product-security-bulletin/February-2022 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2022-20045
https://notcve.org/view.php?id=CVE-2022-20045
In Bluetooth, there is a possible service crash due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126820; Issue ID: ALPS06126820. En Bluetooth, se presenta un posible bloqueo del servicio debido a un uso de memoria previamente liberada. • https://corp.mediatek.com/product-security-bulletin/February-2022 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2022-20044
https://notcve.org/view.php?id=CVE-2022-20044
In Bluetooth, there is a possible service crash due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126814; Issue ID: ALPS06126814. En Bluetooth, se presenta un posible bloqueo del servicio debido a un uso de memoria previamente liberada. • https://corp.mediatek.com/product-security-bulletin/February-2022 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2022-20043
https://notcve.org/view.php?id=CVE-2022-20043
In Bluetooth, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06148177; Issue ID: ALPS06148177. En Bluetooth, se presenta una posible escalada de privilegios debido a una falta de comprobación de permisos. • https://corp.mediatek.com/product-security-bulletin/February-2022 • CWE-862: Missing Authorization •