Page 27 of 225 results (0.004 seconds)

CVSS: 7.8EPSS: 0%CPEs: 34EXPL: 0

In telephony, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07319121; Issue ID: ALPS07319121. En telephony, se presenta una posible escalada de privilegios debido a un desajuste en el formato de los paquetes. • https://corp.mediatek.com/product-security-bulletin/October-2022 • CWE-502: Deserialization of Untrusted Data •

CVSS: 7.8EPSS: 0%CPEs: 42EXPL: 0

In ims, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07319095; Issue ID: ALPS07319095. En ims, se presenta una posible escalada de privilegios debido a un desajuste en el formato de los paquetes. • https://corp.mediatek.com/product-security-bulletin/October-2022 • CWE-502: Deserialization of Untrusted Data •

CVSS: 7.5EPSS: 0%CPEs: 39EXPL: 0

In ril, there is a possible system crash due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07257259; Issue ID: ALPS07257259. En ril, se presenta un posible bloqueo del sistema debido a una comprobación de límites incorrecta. • https://corp.mediatek.com/product-security-bulletin/October-2022 • CWE-20: Improper Input Validation •

CVSS: 6.6EPSS: 0%CPEs: 46EXPL: 0

In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07168125; Issue ID: ALPS07168125. En preloader (usb), se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. • https://corp.mediatek.com/product-security-bulletin/September-2022 • CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 44EXPL: 0

In MtkEmail, there is a possible escalation of privilege due to fragment injection. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07216598; Issue ID: ALPS07216598. En MtkEmail, se presenta una posible escalada de privilegios debido a la inyección de fragmentos. • https://corp.mediatek.com/product-security-bulletin/September-2022 • CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') •