CVSS: 8.4EPSS: 0%CPEs: 56EXPL: 0CVE-2022-20111
https://notcve.org/view.php?id=CVE-2022-20111
03 May 2022 — In ion, there is a possible use after free due to incorrect error handling. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06366069; Issue ID: ALPS06366069. En ion, se presenta un posible uso de memoria previamente liberada debido a un manejo incorrecto de errores. • https://corp.mediatek.com/product-security-bulletin/May-2022 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 5.5EPSS: 0%CPEs: 46EXPL: 0CVE-2022-20104
https://notcve.org/view.php?id=CVE-2022-20104
03 May 2022 — In aee daemon, there is a possible information disclosure due to improper access control. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06419017; Issue ID: ALPS06284104. En aee daemon, se presenta una posible divulgación de información debido a un control de acceso inapropiado. • https://corp.mediatek.com/product-security-bulletin/May-2022 •
CVSS: 4.4EPSS: 0%CPEs: 46EXPL: 0CVE-2022-20103
https://notcve.org/view.php?id=CVE-2022-20103
03 May 2022 — In aee daemon, there is a possible information disclosure due to symbolic link following. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06383944; Issue ID: ALPS06282684. En aee daemon, se presenta una posible divulgación de información debido a un seguimiento de enlaces simbólicos. • https://corp.mediatek.com/product-security-bulletin/May-2022 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 4.4EPSS: 0%CPEs: 46EXPL: 0CVE-2022-20102
https://notcve.org/view.php?id=CVE-2022-20102
03 May 2022 — In aee daemon, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06296442; Issue ID: ALPS06296405. En aee daemon, se presenta una posible divulgación de información debido a una falta de comprobación de permisos. • https://corp.mediatek.com/product-security-bulletin/May-2022 • CWE-862: Missing Authorization •
CVSS: 5.5EPSS: 0%CPEs: 46EXPL: 0CVE-2022-20101
https://notcve.org/view.php?id=CVE-2022-20101
03 May 2022 — In aee daemon, there is a possible information disclosure due to a path traversal. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06419017; Issue ID: ALPS06270870. En aee daemon, se presenta una posible divulgación de información debido a un salto de ruta. • https://corp.mediatek.com/product-security-bulletin/May-2022 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 4.4EPSS: 0%CPEs: 46EXPL: 0CVE-2022-20100
https://notcve.org/view.php?id=CVE-2022-20100
03 May 2022 — In aee daemon, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06383944; Issue ID: ALPS06270804. En aee daemon, se presenta una posible divulgación de información debido a una falta de comprobación de permisos. • https://corp.mediatek.com/product-security-bulletin/May-2022 • CWE-862: Missing Authorization •
CVSS: 7.8EPSS: 0%CPEs: 46EXPL: 0CVE-2022-20099
https://notcve.org/view.php?id=CVE-2022-20099
03 May 2022 — In aee daemon, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06296442; Issue ID: ALPS06296442. En aee daemon, es posible que se produzca una escritura fuera de límites debido a una comprobación de entrada inapropiada. • https://corp.mediatek.com/product-security-bulletin/May-2022 • CWE-787: Out-of-bounds Write •
CVSS: 4.4EPSS: 0%CPEs: 46EXPL: 0CVE-2022-20098
https://notcve.org/view.php?id=CVE-2022-20098
03 May 2022 — In aee daemon, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06419017; Issue ID: ALPS06419017. En aee daemon, se presenta una posible divulgación de información debido a una falta de comprobación de permisos. • https://corp.mediatek.com/product-security-bulletin/May-2022 • CWE-862: Missing Authorization •
CVSS: 4.7EPSS: 0%CPEs: 46EXPL: 0CVE-2022-20097
https://notcve.org/view.php?id=CVE-2022-20097
03 May 2022 — In aee daemon, there is a possible information disclosure due to a race condition. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06383944; Issue ID: ALPS06383944. En aee daemon, se presenta una posible divulgación de información debido a una condición de carrera. • https://corp.mediatek.com/product-security-bulletin/May-2022 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 25EXPL: 0CVE-2022-20092
https://notcve.org/view.php?id=CVE-2022-20092
03 May 2022 — In alac decoder, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06366061; Issue ID: ALPS06366061. En alac decoder, se presenta una posible lectura fuera de límites debido a una falta de comprobación de límites. • https://corp.mediatek.com/product-security-bulletin/May-2022 • CWE-125: Out-of-bounds Read •