Page 63 of 1971 results (0.011 seconds)

CVSS: 6.4EPSS: 0%CPEs: 76EXPL: 0

In ion, there is a possible escalation of privilege due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07559778; Issue ID: ALPS07559778. • https://corp.mediatek.com/product-security-bulletin/March-2023 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •

CVSS: 6.7EPSS: 0%CPEs: 16EXPL: 0

In tinysys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664755; Issue ID: ALPS07664755. • https://corp.mediatek.com/product-security-bulletin/March-2023 • CWE-20: Improper Input Validation •

CVSS: 3.3EPSS: 0%CPEs: 5EXPL: 0

In onCreatePreferences of EditInfoFragment.java, there is a possible way to read contacts belonging to other users due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-248251018 • https://source.android.com/security/bulletin/2023-02-01 • CWE-20: Improper Input Validation •

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0

In multiple files, there is a possible way to preserve WiFi settings due to residual data after a reset. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-241927115 • https://source.android.com/security/bulletin/2023-02-01 •

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0

In addAutomaticZenRule of ZenModeHelper.java, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242537431 • https://source.android.com/security/bulletin/2023-02-01 • CWE-400: Uncontrolled Resource Consumption •