Unisoc

Sc9863a

18 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2022-38696

  • EPSS 0.09%
  • Veröffentlicht 01.09.2025 07:28:15
  • Zuletzt bearbeitet 02.09.2025 15:55:25

In BootRom, there's a possible missing payload size check. This could lead to memory buffer overflow without requiring additional execution privileges.

7.8

CVE-2022-38695

  • EPSS 0.02%
  • Veröffentlicht 01.09.2025 07:28:14
  • Zuletzt bearbeitet 02.09.2025 15:55:25

In BootRom, there's a possible unchecked command index. This could lead to local escalation of privilege with no additional execution privileges needed.

7.8

CVE-2022-38694

  • EPSS 0.34%
  • Veröffentlicht 01.09.2025 07:28:13
  • Zuletzt bearbeitet 02.09.2025 15:55:25

In BootRom, there is a possible unchecked write address. This could lead to local escalation of privilege with no additional execution privileges needed.

9.8

CVE-2022-38693

  • EPSS 0.09%
  • Veröffentlicht 01.09.2025 07:28:12
  • Zuletzt bearbeitet 02.09.2025 15:55:25

In FDL1, there is a possible missing payload size check. This could lead to memory buffer overflow without requiring additional execution privileges.

9.8

CVE-2022-38692

  • EPSS 0.07%
  • Veröffentlicht 01.09.2025 07:28:11
  • Zuletzt bearbeitet 02.09.2025 15:55:25

In BootROM, there is a missing size check for RSA keys in Certificate Type 0 validation. This could lead to memory buffer overflow without requiring additional execution privileges.

7.8

CVE-2022-38691

  • EPSS 0.16%
  • Veröffentlicht 01.09.2025 07:28:10
  • Zuletzt bearbeitet 02.09.2025 15:55:25

In BootROM, there is a possible missing validation for Certificate Type 0. This could lead to local escalation of privilege with no additional execution privileges needed.

5.1

CVE-2025-31716

  • EPSS 0.02%
  • Veröffentlicht 01.08.2025 05:55:00
  • Zuletzt bearbeitet 04.08.2025 15:06:15

In bootloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed.

6.2

CVE-2025-31712

  • EPSS 0.01%
  • Veröffentlicht 03.06.2025 05:50:53
  • Zuletzt bearbeitet 10.06.2025 15:15:48

In cplog service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed.

6.2

CVE-2025-31711

  • EPSS 0.01%
  • Veröffentlicht 03.06.2025 05:50:52
  • Zuletzt bearbeitet 10.06.2025 15:15:41

In cplog service, there is a possible system crash due to null pointer dereference. This could lead to local denial of service with no additional execution privileges needed.

8.4

CVE-2025-31710

  • EPSS 0.01%
  • Veröffentlicht 03.06.2025 05:50:51
  • Zuletzt bearbeitet 10.06.2025 15:15:23

In engineermode service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed.