CVE-2022-20060

In preloader usb, there is a possible permission bypass due to a missing proper image authentication. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitatio...

CVE-2022-20059

CVE-2022-20059 concerns a boundary-check omission in the preloader (usb) leading to an out-of-bounds write and local privilege escalation with physical access. The entry notes user interaction is required for exploitation. Connected sources specify affected MediaTek MT line chips (e.g., MT6761/MT...

CVE-2022-20059

In preloader usb, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID:...

CVE-2022-20058

In MT MediaTek devices, CVE-2022-20058 is a boundary-check flaw in the preloader (USB) that can cause an out-of-bounds write. The issue enables local escalation of privilege when an attacker has physical access to the device, with user interaction required for exploitation. Affected products are ...

CVE-2022-20058

In preloader usb, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID:...

CVE-2022-20056

CVE-2022-20056 affects the preloader (usb) on MediaTek-based devices, with an out-of-bounds write due to a missing bounds check. The issue can lead to local privilege escalation when an attacker has physical access, with user interaction required for exploitation. Impact is described as partial c...

CVE-2022-20056

In preloader usb, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID:...

CVE-2022-20055

CVE-2022-20055 concerns the preloader (usb) in MediaTek-based devices where an out-of-bounds write occurs due to a missing bounds check. The vulnerability could enable local escalation of privilege for an attacker with physical access, with no extra execution privileges required; exploitation req...

CVE-2022-20055

In preloader usb, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID:...

PT-2022-14307 · Preloader · Preloader

Name of the Vulnerable Software and Affected Versions: preloader usb affected versions not specified Description: The issue is related to a missing proper image authentication in the preloader, which could lead to a permission bypass. This might result in a local escalation of privilege for an...

WordPress Preloader for Divi plugin <= 1.4 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Preloader for Divi plugin versions = 1.4. Solution No patched version available...

WordPress Preloader for Divi plugin <= 1.4 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Preloader for Divi plugin versions = 1.4. Solution No patched version available...

CVE-2022-20034

In Preloader XFLASH, there is a possible escalation of privilege due to an improper certificate validation. This could lead to local escalation of privilege for an attacker who has physical access to the device with no additional execution privileges needed. User interaction is not needed for...

CVE-2022-20034

In Preloader XFLASH, there is a possible escalation of privilege due to an improper certificate validation. This could lead to local escalation of privilege for an attacker who has physical access to the device with no additional execution privileges needed. User interaction is not needed for...

CVE-2022-20034

In Preloader XFLASH, there is a possible escalation of privilege due to an improper certificate validation. This could lead to local escalation of privilege for an attacker who has physical access to the device with no additional execution privileges needed. User interaction is not needed for...

Privilege escalation

In Preloader XFLASH, there is a possible escalation of privilege due to an improper certificate validation. This could lead to local escalation of privilege for an attacker who has physical access to the device with no additional execution privileges needed. User interaction is not needed for...

CVE-2022-20034

CVE-2022-20034 refers to a vulnerability in Preloader XFLASH on MediaTek devices caused by improper certificate validation, enabling local privilege escalation if an attacker has physical access and no extra privileges or user interaction are required. Connected documents corroborate the issue as...

CVE-2022-20034

In Preloader XFLASH, there is a possible escalation of privilege due to an improper certificate validation. This could lead to local escalation of privilege for an attacker who has physical access to the device with no additional execution privileges needed. User interaction is not needed for...

MediaTek 芯片信任管理问题漏洞

MediaTek chips are a variety of chips from MediaTek, a division of China's MediaTek Mediatek. A security vulnerability exists in the MediaTek chips, which originates in Preloader XFLASH and could lead to privilege escalation due to improper certificate validation. An attacker could exploit the...

WordPress Flat Preloader plugin cross-site scripting vulnerability

WordPress is a set of blogging platforms developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. WordPress Flat Preloader Plugin in versions prior to 1.5.5 has a cross-site scripting vulnerability that stems from...