Vulnerabilities (CVE)

Filtered by vendor Mediatek Subscribe
Total 682 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-20839 4 Google, Linux, Linuxfoundation and 1 more 12 Android, Linux Kernel, Yocto and 9 more 2024-02-28 N/A 4.2 MEDIUM
In imgsys, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326409.
CVE-2023-20811 3 Google, Linux, Mediatek 54 Android, Linux Kernel, Mt5221 and 51 more 2024-02-28 N/A 6.7 MEDIUM
In IOMMU, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03692061; Issue ID: DTV03692061.
CVE-2023-32806 4 Google, Linuxfoundation, Mediatek and 1 more 33 Android, Yocto, Iot Yocto and 30 more 2024-02-28 N/A 6.7 MEDIUM
In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441589; Issue ID: ALPS07441589.
CVE-2023-20783 2 Google, Mediatek 56 Android, Mt6580, Mt6731 and 53 more 2024-02-28 N/A 6.7 MEDIUM
In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07826905; Issue ID: ALPS07826905.
CVE-2023-32825 2 Google, Mediatek 45 Android, Mt2713, Mt6580 and 42 more 2024-02-28 N/A 5.5 MEDIUM
In bluethooth service, there is a possible out of bounds reads due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07884130; Issue ID: ALPS07884130.
CVE-2023-20817 2 Google, Mediatek 25 Android, Mt6580, Mt6739 and 22 more 2024-02-28 N/A 6.7 MEDIUM
In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453600; Issue ID: ALPS07453600.
CVE-2023-20801 3 Google, Linuxfoundation, Mediatek 9 Android, Yocto, Mt6879 and 6 more 2024-02-28 N/A 6.4 MEDIUM
In imgsys, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07420968; Issue ID: ALPS07420968.
CVE-2023-20819 1 Mediatek 94 Lr11, Lr12a, Lr13 and 91 more 2024-02-28 N/A 9.8 CRITICAL
In CDMA PPP protocol, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege with no additional execution privilege needed. User interaction is not needed for exploitation. Patch ID: MOLY01068234; Issue ID: ALPS08010003.
CVE-2023-20803 3 Google, Linuxfoundation, Mediatek 10 Android, Yocto, Mt2713 and 7 more 2024-02-28 N/A 6.5 MEDIUM
In imgsys, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326374.
CVE-2023-20820 2 Mediatek, Openwrt 14 Mt6890, Mt7603, Mt7612 and 11 more 2024-02-28 N/A 7.2 HIGH
In wlan service, there is a possible command injection due to improper input validation. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00244189; Issue ID: WCNCR00244189.
CVE-2023-20785 2 Google, Mediatek 20 Android, Mt6779, Mt6781 and 17 more 2024-02-28 N/A 6.4 MEDIUM
In audio, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628524; Issue ID: ALPS07628524.
CVE-2023-20848 4 Google, Linux, Linuxfoundation and 1 more 12 Android, Linux Kernel, Yocto and 9 more 2024-02-28 N/A 6.5 MEDIUM
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340433.
CVE-2023-32814 2 Google, Mediatek 40 Android, Mt2713, Mt2735 and 37 more 2024-02-28 N/A 4.4 MEDIUM
In gnss service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08031947; Issue ID: ALPS08031947.
CVE-2023-20788 2 Google, Mediatek 20 Android, Mt6739, Mt6761 and 17 more 2024-02-28 N/A 6.4 MEDIUM
In thermal, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07648734; Issue ID: ALPS07648735.
CVE-2023-32821 2 Google, Mediatek 11 Android, Mt6761, Mt6763 and 8 more 2024-02-28 N/A 6.7 MEDIUM
In video, there is a possible out of bounds write due to a permissions bypass. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08013430; Issue ID: ALPS08013433.
CVE-2023-20796 5 Google, Linuxfoundation, Mediatek and 2 more 28 Android, Yocto, Mt2735 and 25 more 2024-02-28 N/A 4.4 MEDIUM
In power, there is a possible memory corruption due to an incorrect bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07929790; Issue ID: ALPS07929790.
CVE-2023-32820 4 Google, Linux, Linuxfoundation and 1 more 43 Android, Linux Kernel, Yocto and 40 more 2024-02-28 N/A 7.5 HIGH
In wlan firmware, there is a possible firmware assertion due to improper input handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07932637; Issue ID: ALPS07932637.
CVE-2023-20809 2 Google, Mediatek 53 Android, Mt5583, Mt5691 and 50 more 2024-02-28 N/A 6.7 MEDIUM
In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03751198; Issue ID: DTV03751198.
CVE-2023-32812 4 Google, Linuxfoundation, Mediatek and 1 more 39 Android, Yocto, Mt2713 and 36 more 2024-02-28 N/A 6.7 MEDIUM
In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local esclation of privileges with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017365; Issue ID: ALPS08017365.
CVE-2023-32832 2 Google, Mediatek 10 Android, Mt6883, Mt6885 and 7 more 2024-02-28 N/A 7.0 HIGH
In video, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08235273; Issue ID: ALPS08235273.