Total
146 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-20074 | 2 Google, Mediatek | 38 Android, Mt6761, Mt6762 and 35 more | 2024-02-28 | 4.4 MEDIUM | 6.6 MEDIUM |
| In preloader (partition), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06183301; Issue ID: ALPS06183301. | |||||
| CVE-2022-20069 | 2 Google, Mediatek | 47 Android, Mt6580, Mt6735 and 44 more | 2024-02-28 | 4.4 MEDIUM | 6.6 MEDIUM |
| In preloader (usb), there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160425; Issue ID: ALPS06160425. | |||||
| CVE-2022-21750 | 2 Google, Mediatek | 32 Android, Mt6761, Mt6779 and 29 more | 2024-02-28 | 4.6 MEDIUM | 6.7 MEDIUM |
| In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06521283; Issue ID: ALPS06521283. | |||||
| CVE-2022-20073 | 2 Google, Mediatek | 44 Android, Mt2601, Mt6580 and 41 more | 2024-02-28 | 4.4 MEDIUM | 6.6 MEDIUM |
| In preloader (usb), there is a possible out of bounds write due to a integer underflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160841; Issue ID: ALPS06160841. | |||||
| CVE-2022-21756 | 2 Google, Mediatek | 36 Android, Mt6833, Mt6853 and 33 more | 2024-02-28 | 2.1 LOW | 4.4 MEDIUM |
| In WLAN driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06535950; Issue ID: ALPS06535950. | |||||
| CVE-2021-40148 | 1 Mediatek | 53 L9, Lr11, Lr12 and 50 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| In Modem EMM, there is a possible information disclosure due to a missing data encryption. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00716585; Issue ID: ALPS05886933. | |||||