Lucene search
K

107 matches found

CVE
CVE
added 2022/05/03 8:2 p.m.80 views

CVE-2022-20102

The CVE-2022-20102 issue affects the aee daemon and stems from a missing permission check, enabling local information disclosure with System privileges. Exploitation requires no user interaction. The NVD reports CVSSv3.1 base score 4.4 (Local, Privileges Required: High, Confidentiality Impact: Hi...

4.4CVSS4.3AI score0.00105EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/05/03 8:2 p.m.26 views

CVE-2022-20102

In aee daemon, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06296442; Issue ID: ALPS06296405...

4.6AI score0.00105EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/05/03 8:2 p.m.25 views

CVE-2022-20101

In aee daemon, there is a possible information disclosure due to a path traversal. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06419017; Issue ID: ALPS06270870...

5.4AI score0.00125EPSS
Exploits0References1
CVE
CVE
added 2022/05/03 8:2 p.m.99 views

CVE-2022-20101

CVE-2022-20101 describes a path traversal vulnerability in the aee daemon that can cause local information disclosure without requiring user interaction. The underlying issue is a path traversal flaw, enabling disclosure of sensitive data with local access. The exposure is supported by multiple s...

5.5CVSS5.1AI score0.00125EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/05/03 8:1 p.m.23 views

CVE-2022-20100

In aee daemon, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06383944; Issue ID: ALPS06270804...

4.6AI score0.00105EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/05/03 8:1 p.m.25 views

CVE-2022-20099

In aee daemon, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06296442; Issue ID: ALPS06296442...

8AI score0.00107EPSS
Exploits0References1
CVE
CVE
added 2022/05/03 8:1 p.m.93 views

CVE-2022-20099

CVE-2022-20099: In the aee daemon, there is an out-of-bounds write caused by improper input validation, enabling local escalation of privilege to SYSTEM with no user interaction required. Patch ALPS06296442 issued. Connected references corroborate the issue; exploitation details are not provided ...

7.8CVSS7.7AI score0.00107EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/05/03 8:0 p.m.26 views

CVE-2022-20098

In aee daemon, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06419017; Issue ID: ALPS06419017...

4.6AI score0.00125EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/05/03 8:0 p.m.22 views

CVE-2022-20097

In aee daemon, there is a possible information disclosure due to a race condition. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06383944; Issue ID: ALPS06383944...

4.7AI score0.00077EPSS
Exploits0References1
CVE
CVE
added 2022/05/03 8:0 p.m.84 views

CVE-2022-20097

CVE-2022-20097 affects the aee daemon and describes a race-condition causing local information disclosure with no extra privileges required. Exploitation requires no user interaction. The vulnerability is associated with a patch ALPS06383944 (Issue ALPS06383944). Connected sources confirm the iss...

4.7CVSS4.3AI score0.00077EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/05/03 7:58 p.m.91 views

CVE-2022-20091

CVE-2022-20091 describes a use-after-free due to a race condition in the MediaTek aee driver, enabling local escalation of privilege to SYSTEM with no user interaction required. The issue is documented with patch ALPS06209201 and issue ALPS06226345. Connected sources confirm this is a real, drive...

6.4CVSS6.6AI score0.00079EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/05/03 7:58 p.m.25 views

CVE-2022-20091

In aee driver, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06209201; Issue ID: ALPS06226345...

6.8AI score0.00079EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/05/03 7:58 p.m.24 views

CVE-2022-20090

In aee driver, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06209197; Issue ID: ALPS06209197...

6.8AI score0.00079EPSS
Exploits0References1
CVE
CVE
added 2022/05/03 7:58 p.m.88 views

CVE-2022-20090

CVE-2022-20090 affects the aee driver, where a race condition can cause a use-after-free leading to local privilege escalation with System execution privileges required. No user interaction is required. A patch/alleged fix is identified as ALPS06209197 (Issue ALPS06209197). The Red Hat and NVD re...

6.4CVSS6.6AI score0.00079EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/05/03 7:57 p.m.83 views

CVE-2022-20089

The CVE-2022-20089 issue concerns the MediaTek aee driver where a memory corruption vulnerability is triggered by active debug code. The flaw could enable local privilege escalation to SYSTEM with no user interaction required. Affected component: aee driver; root cause: memory corruption from deb...

6.7CVSS6.8AI score0.00106EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/05/03 7:57 p.m.26 views

CVE-2022-20088

In aee driver, there is a possible reference count mistake due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06209201; Issue ID: ALPS06209201...

7.9AI score0.00107EPSS
Exploits0References1
CVE
CVE
added 2022/05/03 7:57 p.m.96 views

CVE-2022-20088

The CVE-2022-20088 entry concerns the aee driver, where a reference count handling error may allow local privilege escalation to System level without user interaction. The issue is tied to incorrect error handling that can lead to a reference count mistake. A patch is identified as ALPS06209201 (...

7.8CVSS7.6AI score0.00107EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/05/03 12:0 a.m.5 views

MediaTek 多款产品安全漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company MediaTek. A security vulnerability exists in the MediaTek component aee driver, which can be exploited by attackers to cause a local privilege escalation. The following products and versions are affected: chips, MT6580, MT6731...

6.7CVSS6.6AI score0.00106EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/05/03 12:0 a.m.6 views

MediaTek 芯片 安全漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company MediaTek. A security vulnerability exists in the MediaTek component aee daemon, which stems from a lack of privilege checking, and can be exploited by an attacker to cause a local information disclosure. The following products...

4.4CVSS5.2AI score0.00125EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/05/03 12:0 a.m.3 views

MediaTek aee driver 资源管理错误漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company MediaTek. A security vulnerability exists in the MediaTek component aee driver, which can be exploited by attackers to cause a local privilege escalation. The following products and versions are affected: chips, MT6580, MT6731...

6.4CVSS6.5AI score0.00079EPSS
Exploits0References2
Rows per page
Query Builder