CVE-2018-9371
- EPSS 0.09%
- Veröffentlicht 19.11.2024 20:15:27
- Zuletzt bearbeitet 22.11.2024 21:25:48
In the Mediatek Preloader, there are out of bounds reads and writes due to an exposed interface that allows arbitrary peripheral memory mapping with insufficient blacklisting/whitelisting. This could lead to local elevation of privilege, given physic...
CVE-2018-9372
- EPSS 0.09%
- Veröffentlicht 19.11.2024 20:15:27
- Zuletzt bearbeitet 03.07.2025 15:01:10
In cmd_flash_mmc_sparse_img of dl_commands.c, there is a possible out of bounds write due to a missing bounds check. This could lead to a local escalation of privilege in the bootloader with no additional execution privileges needed. User interaction...
CVE-2018-9409
- EPSS 0.09%
- Veröffentlicht 19.11.2024 20:15:27
- Zuletzt bearbeitet 03.07.2025 15:01:06
In HWCSession::SetColorModeById of hwc_session.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed...
CVE-2018-9346
- EPSS 0.08%
- Veröffentlicht 19.11.2024 19:15:06
- Zuletzt bearbeitet 22.11.2024 16:26:16
In BnAudioPolicyService::onTransact of AudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is n...
CVE-2018-9339
- EPSS 0.09%
- Veröffentlicht 19.11.2024 19:15:05
- Zuletzt bearbeitet 22.11.2024 16:02:38
In writeTypedArrayList and readTypedArrayList of Parcel.java, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not ...
CVE-2018-9340
- EPSS 0.15%
- Veröffentlicht 19.11.2024 19:15:05
- Zuletzt bearbeitet 22.11.2024 16:05:09
In ResStringPool::setTo of ResourceTypes.cpp, it's possible for an attacker to control the value of mStringPoolSize to be out of bounds, causing information disclosure.
CVE-2018-9341
- EPSS 0.4%
- Veröffentlicht 19.11.2024 19:15:05
- Zuletzt bearbeitet 22.11.2024 16:14:05
In impeg2d_mc_fullx_fully of impeg2d_mc.c there is a possible out of bound write due to missing bounds check. This could lead to remote arbitrary code execution with no additional execution privileges needed. User interaction is needed for exploitati...
CVE-2018-9344
- EPSS 0.07%
- Veröffentlicht 19.11.2024 19:15:05
- Zuletzt bearbeitet 22.11.2024 16:24:25
In several functions of DescramblerImpl.cpp, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2018-9345
- EPSS 0.08%
- Veröffentlicht 19.11.2024 19:15:05
- Zuletzt bearbeitet 22.11.2024 16:25:45
In BnAudioPolicyService::onTransact of AudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is n...
CVE-2023-21270
- EPSS 0.08%
- Veröffentlicht 19.11.2024 18:15:19
- Zuletzt bearbeitet 18.12.2024 14:22:02
In restorePermissionState of PermissionManagerServiceImpl.java, there is a possible way for an app to keep permissions that should be revoked due to incorrect permission flags cleared during an update. This could lead to local escalation of privilege...