107 matches found
CVE-2022-20102
The CVE-2022-20102 issue affects the aee daemon and stems from a missing permission check, enabling local information disclosure with System privileges. Exploitation requires no user interaction. The NVD reports CVSSv3.1 base score 4.4 (Local, Privileges Required: High, Confidentiality Impact: Hi...
CVE-2022-20102
In aee daemon, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06296442; Issue ID: ALPS06296405...
CVE-2022-20101
In aee daemon, there is a possible information disclosure due to a path traversal. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06419017; Issue ID: ALPS06270870...
CVE-2022-20101
CVE-2022-20101 describes a path traversal vulnerability in the aee daemon that can cause local information disclosure without requiring user interaction. The underlying issue is a path traversal flaw, enabling disclosure of sensitive data with local access. The exposure is supported by multiple s...
CVE-2022-20100
In aee daemon, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06383944; Issue ID: ALPS06270804...
CVE-2022-20099
In aee daemon, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06296442; Issue ID: ALPS06296442...
CVE-2022-20099
CVE-2022-20099: In the aee daemon, there is an out-of-bounds write caused by improper input validation, enabling local escalation of privilege to SYSTEM with no user interaction required. Patch ALPS06296442 issued. Connected references corroborate the issue; exploitation details are not provided ...
CVE-2022-20098
In aee daemon, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06419017; Issue ID: ALPS06419017...
CVE-2022-20097
In aee daemon, there is a possible information disclosure due to a race condition. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06383944; Issue ID: ALPS06383944...
CVE-2022-20097
CVE-2022-20097 affects the aee daemon and describes a race-condition causing local information disclosure with no extra privileges required. Exploitation requires no user interaction. The vulnerability is associated with a patch ALPS06383944 (Issue ALPS06383944). Connected sources confirm the iss...
CVE-2022-20091
CVE-2022-20091 describes a use-after-free due to a race condition in the MediaTek aee driver, enabling local escalation of privilege to SYSTEM with no user interaction required. The issue is documented with patch ALPS06209201 and issue ALPS06226345. Connected sources confirm this is a real, drive...
CVE-2022-20091
In aee driver, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06209201; Issue ID: ALPS06226345...
CVE-2022-20090
In aee driver, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06209197; Issue ID: ALPS06209197...
CVE-2022-20090
CVE-2022-20090 affects the aee driver, where a race condition can cause a use-after-free leading to local privilege escalation with System execution privileges required. No user interaction is required. A patch/alleged fix is identified as ALPS06209197 (Issue ALPS06209197). The Red Hat and NVD re...
CVE-2022-20089
The CVE-2022-20089 issue concerns the MediaTek aee driver where a memory corruption vulnerability is triggered by active debug code. The flaw could enable local privilege escalation to SYSTEM with no user interaction required. Affected component: aee driver; root cause: memory corruption from deb...
CVE-2022-20088
In aee driver, there is a possible reference count mistake due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06209201; Issue ID: ALPS06209201...
CVE-2022-20088
The CVE-2022-20088 entry concerns the aee driver, where a reference count handling error may allow local privilege escalation to System level without user interaction. The issue is tied to incorrect error handling that can lead to a reference count mistake. A patch is identified as ALPS06209201 (...
MediaTek 多款产品安全漏洞
MediaTek chips are a variety of chips from MediaTek, a Chinese company MediaTek. A security vulnerability exists in the MediaTek component aee driver, which can be exploited by attackers to cause a local privilege escalation. The following products and versions are affected: chips, MT6580, MT6731...
MediaTek 芯片 安全漏洞
MediaTek chips are a variety of chips from MediaTek, a Chinese company MediaTek. A security vulnerability exists in the MediaTek component aee daemon, which stems from a lack of privilege checking, and can be exploited by an attacker to cause a local information disclosure. The following products...
MediaTek aee driver 资源管理错误漏洞
MediaTek chips are a variety of chips from MediaTek, a Chinese company MediaTek. A security vulnerability exists in the MediaTek component aee driver, which can be exploited by attackers to cause a local privilege escalation. The following products and versions are affected: chips, MT6580, MT6731...