CVSS: 7.5EPSS: 0%CPEs: 69EXPL: 0CVE-2023-30706
https://notcve.org/view.php?id=CVE-2023-30706
Improper authorization in Samsung Keyboard prior to SMR Sep-2023 Release 1 allows attacker to read arbitrary file with system privilege. Autorización incorrecta en Samsung Keyboard anterior a SMR Sep-2023 Release 1 permite al atacante leer archivos arbitrarios con privilegios del sistema. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=09 •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-32805
https://notcve.org/view.php?id=CVE-2023-32805
In power, there is a possible out of bounds write due to an insecure default value. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08102892; Issue ID: ALPS08102892. En power, existe una posible escritura fuera de límites debido a un valor predeterminado inseguro. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-20851
https://notcve.org/view.php?id=CVE-2023-20851
In stc, there is a possible out of bounds read due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08048635; Issue ID: ALPS08048635. En el componente stc, hay una posible lectura fuera de límites debido a una condición de carrera. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 13EXPL: 0CVE-2023-20850
https://notcve.org/view.php?id=CVE-2023-20850
In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340381. En imgsys_cmdq, existe una posible escritura fuera de límites debido a que falta una verificación de rango válido. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 13EXPL: 0CVE-2023-20849
https://notcve.org/view.php?id=CVE-2023-20849
In imgsys_cmdq, there is a possible use after free due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340350. En imgsys_cmdq, existe un posible Use After Free debido a una falta de comprobación de rango válido. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-416: Use After Free •