CVE-2022-21754
- EPSS 0.11%
- Veröffentlicht 06.06.2022 18:15:08
- Zuletzt bearbeitet 21.11.2024 06:45:22
In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06535953; ...
CVE-2022-21755
- EPSS 0.11%
- Veröffentlicht 06.06.2022 18:15:08
- Zuletzt bearbeitet 21.11.2024 06:45:22
In WLAN driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06545464;...
CVE-2022-20117
- EPSS 0.08%
- Veröffentlicht 10.05.2022 21:15:09
- Zuletzt bearbeitet 21.11.2024 06:42:11
In (TBD) of (TBD), there is a possible way to decrypt local data encrypted by the GSC due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for ex...
- EPSS 0.08%
- Veröffentlicht 10.05.2022 21:15:09
- Zuletzt bearbeitet 21.11.2024 06:42:11
In ion_ioctl and related functions of ion.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation....
CVE-2022-20119
- EPSS 0.1%
- Veröffentlicht 10.05.2022 21:15:09
- Zuletzt bearbeitet 21.11.2024 06:42:11
In private_handle_t of mali_gralloc_buffer.h, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exp...
- EPSS 1.3%
- Veröffentlicht 10.05.2022 21:15:09
- Zuletzt bearbeitet 21.11.2024 06:42:11
Product: AndroidVersions: Android kernelAndroid ID: A-203213034References: N/A
CVE-2022-20121
- EPSS 0.1%
- Veröffentlicht 10.05.2022 21:15:09
- Zuletzt bearbeitet 21.11.2024 06:42:11
In getNodeValue of USCCDMPlugin.java, there is a possible disclosure of ICCID due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploi...
CVE-2021-39738
- EPSS 0.12%
- Veröffentlicht 10.05.2022 21:15:08
- Zuletzt bearbeitet 21.11.2024 06:20:07
In CarSetings, there is a possible to pair BT device bypassing user's consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for explo...
CVE-2022-20008
- EPSS 0.36%
- Veröffentlicht 10.05.2022 20:15:09
- Zuletzt bearbeitet 21.11.2024 06:41:56
In mmc_blk_read_single of block.c, there is a possible way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if reading from an SD card that triggers errors, with no additional execution privileges ...
CVE-2022-20009
- EPSS 0.33%
- Veröffentlicht 10.05.2022 20:15:09
- Zuletzt bearbeitet 21.11.2024 06:41:56
In various functions of the USB gadget subsystem, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed f...