Vulnerabilities (CVE)

Filtered by vendor Mediatek Subscribe
Filtered by product Mt8675
Total 149 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-20013 2 Google, Mediatek 58 Android, Mt6580, Mt6731 and 55 more 2024-11-21 N/A 6.7 MEDIUM
In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08471742; Issue ID: ALPS08308608.
CVE-2024-20010 2 Google, Mediatek 58 Android, Mt6580, Mt6731 and 55 more 2024-11-21 N/A 6.7 MEDIUM
In keyInstall, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08358560; Issue ID: ALPS08358560.
CVE-2024-20004 1 Mediatek 21 Mt2735, Mt6297, Mt6833 and 18 more 2024-11-21 N/A 7.5 HIGH
In Modem NL1, there is a possible system crash due to an improper input validation. This could lead to remote denial of service, if NW sent invalid NR RRC Connection Setup message, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01191612; Issue ID: MOLY01195812 (MSV-985).
CVE-2024-20003 1 Mediatek 21 Mt2735, Mt6297, Mt6833 and 18 more 2024-11-21 N/A 7.5 HIGH
In Modem NL1, there is a possible system crash due to an improper input validation. This could lead to remote denial of service, if NW sent invalid NR RRC Connection Setup message, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01191612; Issue ID: MOLY01191612 (MSV-981).
CVE-2023-32889 2 Google, Mediatek 58 Android, Mt6580, Mt6731 and 55 more 2024-11-21 N/A 7.5 HIGH
In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161825; Issue ID: MOLY01161825 (MSV-895).
CVE-2023-32886 1 Mediatek 47 Mt2735, Mt6813, Mt6833 and 44 more 2024-11-21 N/A 7.5 HIGH
In Modem IMS SMS UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00730807; Issue ID: MOLY00730807.
CVE-2023-32876 2 Google, Mediatek 58 Android, Mt6580, Mt6731 and 55 more 2024-11-21 N/A 4.4 MEDIUM
In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308612; Issue ID: ALPS08308612.
CVE-2023-32875 2 Google, Mediatek 58 Android, Mt6580, Mt6731 and 55 more 2024-11-21 N/A 4.4 MEDIUM
In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308607; Issue ID: ALPS08304217.
CVE-2023-32872 2 Google, Mediatek 58 Android, Mt6580, Mt6731 and 55 more 2024-11-21 N/A 6.7 MEDIUM
In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308607; Issue ID: ALPS08308607.
CVE-2023-32859 2 Google, Mediatek 45 Android, Mt6761, Mt6765 and 42 more 2024-11-21 N/A 6.7 MEDIUM
In meta, there is a possible classic buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08000473; Issue ID: ALPS08000473.
CVE-2023-32840 1 Mediatek 68 Lr12a, Mt2731, Mt2735 and 65 more 2024-11-21 N/A 6.5 MEDIUM
In modem CCCI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction may be also needed for exploitation Patch ID: MOLY01138425; Issue ID: MOLY01138425 (MSV-862).
CVE-2023-32835 2 Google, Mediatek 58 Android, Mt6580, Mt6731 and 55 more 2024-11-21 N/A 6.7 MEDIUM
In keyinstall, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08157918; Issue ID: ALPS08157918.
CVE-2023-32834 2 Google, Mediatek 48 Android, Mt6580, Mt6735 and 45 more 2024-11-21 N/A 6.7 MEDIUM
In secmem, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08161762; Issue ID: ALPS08161762.
CVE-2023-32827 2 Google, Mediatek 35 Android, Mt6879, Mt6886 and 32 more 2024-11-21 N/A 6.7 MEDIUM
In camera middleware, there is a possible out of bounds write due to a missing input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993539; Issue ID: ALPS07993539.
CVE-2023-32826 2 Google, Mediatek 35 Android, Mt6879, Mt6886 and 32 more 2024-11-21 N/A 6.7 MEDIUM
In camera middleware, there is a possible out of bounds write due to a missing input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993539; Issue ID: ALPS07993544.
CVE-2023-32820 4 Google, Linux, Linuxfoundation and 1 more 43 Android, Linux Kernel, Yocto and 40 more 2024-11-21 N/A 7.5 HIGH
In wlan firmware, there is a possible firmware assertion due to improper input handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07932637; Issue ID: ALPS07932637.
CVE-2023-32805 2 Google, Mediatek 3 Android, Mt8168, Mt8675 2024-11-21 N/A 6.5 MEDIUM
In power, there is a possible out of bounds write due to an insecure default value. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08102892; Issue ID: ALPS08102892.
CVE-2023-20833 2 Google, Mediatek 56 Android, Mt6580, Mt6731 and 53 more 2024-11-21 N/A 4.4 MEDIUM
In keyinstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017756; Issue ID: ALPS08017764.
CVE-2023-20821 5 Google, Linuxfoundation, Mediatek and 2 more 53 Android, Yocto, Mt2713 and 50 more 2024-11-21 N/A 6.7 MEDIUM
In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07937113; Issue ID: ALPS07937113.
CVE-2023-20819 1 Mediatek 94 Lr11, Lr12a, Lr13 and 91 more 2024-11-21 N/A 9.8 CRITICAL
In CDMA PPP protocol, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege with no additional execution privilege needed. User interaction is not needed for exploitation. Patch ID: MOLY01068234; Issue ID: ALPS08010003.