CVSS: 3.3EPSS: 0%CPEs: 67EXPL: 0CVE-2023-20726
https://notcve.org/view.php?id=CVE-2023-20726
In mnld, there is a possible leak of GPS location due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/May-2023 • CWE-862: Missing Authorization •
CVSS: 5.5EPSS: 0%CPEs: 15EXPL: 0CVE-2023-20704
https://notcve.org/view.php?id=CVE-2023-20704
This could lead to local information disclosure with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/May-2023 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-21104
https://notcve.org/view.php?id=CVE-2023-21104
In applySyncTransaction of WindowOrganizer.java, a missing permission check could lead to local information disclosure with no additional execution privileges needed. • https://source.android.com/security/bulletin/2023-05-01 • CWE-276: Incorrect Default Permissions •
CVSS: 5.5EPSS: 0%CPEs: 15EXPL: 0CVE-2023-20705
https://notcve.org/view.php?id=CVE-2023-20705
This could lead to local information disclosure with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/May-2023 • CWE-20: Improper Input Validation •
CVSS: 4.4EPSS: 0%CPEs: 54EXPL: 0CVE-2023-20710
https://notcve.org/view.php?id=CVE-2023-20710
This could lead to local information disclosure with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/May-2023 • CWE-20: Improper Input Validation •