CVSS: 4.4EPSS: 0%CPEs: 16EXPL: 0CVE-2022-48439
https://notcve.org/view.php?id=CVE-2022-48439
06 Jun 2023 — In cp_dump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. • https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 7.3EPSS: 0%CPEs: 16EXPL: 0CVE-2022-48438
https://notcve.org/view.php?id=CVE-2022-48438
06 Jun 2023 — In cp_dump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. • https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2022-48392
https://notcve.org/view.php?id=CVE-2022-48392
06 Jun 2023 — In dialer service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges. • https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498 • CWE-862: Missing Authorization •
CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 0CVE-2022-48391
https://notcve.org/view.php?id=CVE-2022-48391
06 Jun 2023 — In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. • https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498 • CWE-862: Missing Authorization •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2022-48390
https://notcve.org/view.php?id=CVE-2022-48390
06 Jun 2023 — In telephony service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges. • https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498 • CWE-862: Missing Authorization •
CVSS: 4.4EPSS: 0%CPEs: 56EXPL: 0CVE-2023-20697
https://notcve.org/view.php?id=CVE-2023-20697
15 May 2023 — In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589148; Issue ID: ALPS07589148. • https://corp.mediatek.com/product-security-bulletin/May-2023 • CWE-125: Out-of-bounds Read •
CVSS: 4.4EPSS: 0%CPEs: 56EXPL: 0CVE-2023-20698
https://notcve.org/view.php?id=CVE-2023-20698
15 May 2023 — In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589144; Issue ID: ALPS07589144. • https://corp.mediatek.com/product-security-bulletin/May-2023 • CWE-125: Out-of-bounds Read •
CVSS: 6.7EPSS: 0%CPEs: 29EXPL: 0CVE-2023-20700
https://notcve.org/view.php?id=CVE-2023-20700
15 May 2023 — In widevine, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07643304; Issue ID: ALPS07643304. • https://corp.mediatek.com/product-security-bulletin/May-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 0CVE-2023-21111
https://notcve.org/view.php?id=CVE-2023-21111
15 May 2023 — In several functions of PhoneAccountRegistrar.java, there is a possible way to prevent an access to emergency services due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-256819769 • https://source.android.com/security/bulletin/2023-05-01 • CWE-20: Improper Input Validation CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 2CVE-2023-21118
https://notcve.org/view.php?id=CVE-2023-21118
15 May 2023 — In unflattenString8 of Sensor.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-269014004 • https://github.com/Trinadh465/frameworks_native_AOSP-10_r33_CVE-2023-21118 • CWE-125: Out-of-bounds Read •