CVSS: 8.4EPSS: 0%CPEs: 56EXPL: 0CVE-2022-20111
https://notcve.org/view.php?id=CVE-2022-20111
In ion, there is a possible use after free due to incorrect error handling. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06366069; Issue ID: ALPS06366069. En ion, se presenta un posible uso de memoria previamente liberada debido a un manejo incorrecto de errores. • https://corp.mediatek.com/product-security-bulletin/May-2022 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 5.5EPSS: 0%CPEs: 46EXPL: 0CVE-2022-20104
https://notcve.org/view.php?id=CVE-2022-20104
In aee daemon, there is a possible information disclosure due to improper access control. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06419017; Issue ID: ALPS06284104. En aee daemon, se presenta una posible divulgación de información debido a un control de acceso inapropiado. • https://corp.mediatek.com/product-security-bulletin/May-2022 •
CVSS: 4.4EPSS: 0%CPEs: 46EXPL: 0CVE-2022-20103
https://notcve.org/view.php?id=CVE-2022-20103
In aee daemon, there is a possible information disclosure due to symbolic link following. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06383944; Issue ID: ALPS06282684. En aee daemon, se presenta una posible divulgación de información debido a un seguimiento de enlaces simbólicos. • https://corp.mediatek.com/product-security-bulletin/May-2022 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 4.4EPSS: 0%CPEs: 46EXPL: 0CVE-2022-20102
https://notcve.org/view.php?id=CVE-2022-20102
In aee daemon, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06296442; Issue ID: ALPS06296405. En aee daemon, se presenta una posible divulgación de información debido a una falta de comprobación de permisos. • https://corp.mediatek.com/product-security-bulletin/May-2022 • CWE-862: Missing Authorization •
CVSS: 5.5EPSS: 0%CPEs: 46EXPL: 0CVE-2022-20101
https://notcve.org/view.php?id=CVE-2022-20101
In aee daemon, there is a possible information disclosure due to a path traversal. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06419017; Issue ID: ALPS06270870. En aee daemon, se presenta una posible divulgación de información debido a un salto de ruta. • https://corp.mediatek.com/product-security-bulletin/May-2022 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •