Security Vulnerabilities - CVEs Published In October 2022
Path traversal vulnerability in AtBroadcastReceiver in FactoryCamera prior to version 3.5.51 allows attackers to write arbitrary file as FactoryCamera privilege.
CVSS Score
7.3
EPSS Score
0.0
Published
2022-10-07
Implicit intent hijacking vulnerability in UPHelper library prior to version 3.0.12 allows attackers to access sensitive information via implicit intent.
CVSS Score
4.0
EPSS Score
0.001
Published
2022-10-07
Improper access control vulnerability in CocktailBarService prior to SMR Oct-2022 Release 1 allows local attacker to bind service that require BIND_REMOTEVIEWS permission.
CVSS Score
4.0
EPSS Score
0.0
Published
2022-10-07
A heap-based overflow vulnerability in makeContactAGIF in libagifencoder.quram.so library prior to SMR Oct-2022 Release 1 allows attacker to perform code execution.
CVSS Score
8.0
EPSS Score
0.0
Published
2022-10-07
A use after free vulnerability in perf-mgr driver prior to SMR Oct-2022 Release 1 allows attacker to cause memory access fault.
CVSS Score
4.4
EPSS Score
0.0
Published
2022-10-07
Improper protection in IOMMU prior to SMR Oct-2022 Release 1 allows unauthorized access to secure memory.
CVSS Score
6.4
EPSS Score
0.0
Published
2022-10-07
Use after free vulnerability in set_nft_pid and signal_handler function of NFC driver prior to SMR Oct-2022 Release 1 allows attackers to perform malicious actions.
CVSS Score
4.9
EPSS Score
0.0
Published
2022-10-07
Exposure of sensitive information in AT_Distributor prior to SMR Oct-2022 Release 1 allows local attacker to access SerialNo via log.
CVSS Score
4.0
EPSS Score
0.0
Published
2022-10-07
Improper access control in knox_vpn_policy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data.
CVSS Score
3.3
EPSS Score
0.0
Published
2022-10-07
Improper access control in mum_container_policy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data.
CVSS Score
3.3
EPSS Score
0.0
Published
2022-10-07