Total
263 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-20711 | 2 Google, Mediatek | 55 Android, Mt6580, Mt6731 and 52 more | 2025-01-24 | N/A | 4.4 MEDIUM |
| In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07581668; Issue ID: ALPS07581668. | |||||
| CVE-2023-20710 | 2 Google, Mediatek | 52 Android, Mt6580, Mt6731 and 49 more | 2025-01-24 | N/A | 4.4 MEDIUM |
| In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07576935; Issue ID: ALPS07576935. | |||||
| CVE-2023-20718 | 3 Google, Mediatek, Yoctoproject | 31 Android, Mt6768, Mt6769 and 28 more | 2025-01-24 | N/A | 6.7 MEDIUM |
| In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645181; Issue ID: ALPS07645181. | |||||
| CVE-2023-20717 | 2 Google, Mediatek | 26 Android, Mt6768, Mt6769 and 23 more | 2025-01-24 | N/A | 4.1 MEDIUM |
| In vcu, there is a possible leak of dma buffer due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645185; Issue ID: ALPS07645185. | |||||
| CVE-2023-20703 | 2 Google, Mediatek | 14 Android, Mt6853, Mt6853t and 11 more | 2025-01-24 | N/A | 5.5 MEDIUM |
| In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767853; Issue ID: ALPS07767853. | |||||
| CVE-2023-20701 | 2 Google, Mediatek | 28 Android, Mt6762, Mt6765 and 25 more | 2025-01-24 | N/A | 6.7 MEDIUM |
| In widevine, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07643270; Issue ID: ALPS07643270. | |||||
| CVE-2023-20673 | 2 Google, Mediatek | 43 Android, Iot Yocto, Mt5696 and 40 more | 2025-01-24 | N/A | 6.7 MEDIUM |
| In vcu, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519103; Issue ID: ALPS07519103. | |||||
| CVE-2023-20700 | 2 Google, Mediatek | 28 Android, Mt6762, Mt6765 and 25 more | 2025-01-23 | N/A | 6.7 MEDIUM |
| In widevine, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07643304; Issue ID: ALPS07643304. | |||||
| CVE-2023-20698 | 2 Google, Mediatek | 54 Android, Mt6580, Mt6731 and 51 more | 2025-01-23 | N/A | 4.4 MEDIUM |
| In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589144; Issue ID: ALPS07589144. | |||||
| CVE-2023-20697 | 2 Google, Mediatek | 54 Android, Mt6580, Mt6731 and 51 more | 2025-01-23 | N/A | 4.4 MEDIUM |
| In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589148; Issue ID: ALPS07589148. | |||||
| CVE-2023-20735 | 3 Google, Linuxfoundation, Mediatek | 49 Android, Iot-yocto, Yocto and 46 more | 2025-01-08 | N/A | 6.7 MEDIUM |
| In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645178. | |||||
| CVE-2023-20734 | 3 Google, Linuxfoundation, Mediatek | 41 Android, Iot-yocto, Yocto and 38 more | 2025-01-08 | N/A | 6.7 MEDIUM |
| In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645184. | |||||
| CVE-2023-20733 | 3 Google, Linuxfoundation, Mediatek | 23 Android, Iot-yocto, Yocto and 20 more | 2025-01-08 | N/A | 6.7 MEDIUM |
| In vcu, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645149. | |||||
| CVE-2023-20732 | 3 Google, Linuxfoundation, Mediatek | 46 Android, Yocto, Mt6761 and 43 more | 2025-01-08 | N/A | 6.7 MEDIUM |
| In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573480; Issue ID: ALPS07573480. | |||||
| CVE-2023-20731 | 3 Google, Linuxfoundation, Mediatek | 46 Android, Yocto, Mt6761 and 43 more | 2025-01-08 | N/A | 4.4 MEDIUM |
| In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573495; Issue ID: ALPS07573495. | |||||
| CVE-2023-20739 | 2 Google, Mediatek | 48 Android, Mt6735, Mt6737 and 45 more | 2025-01-07 | N/A | 6.7 MEDIUM |
| In vcu, there is a possible memory corruption due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07559819; Issue ID: ALPS07559819. | |||||
| CVE-2023-20738 | 3 Google, Linuxfoundation, Mediatek | 49 Android, Iot-yocto, Yocto and 46 more | 2025-01-07 | N/A | 6.7 MEDIUM |
| In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645173. | |||||
| CVE-2023-20737 | 3 Google, Linuxfoundation, Mediatek | 23 Android, Iot-yocto, Yocto and 20 more | 2025-01-07 | N/A | 6.7 MEDIUM |
| In vcu, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645167. | |||||
| CVE-2023-20736 | 3 Google, Linuxfoundation, Mediatek | 23 Android, Iot-yocto, Yocto and 20 more | 2025-01-07 | N/A | 6.4 MEDIUM |
| In vcu, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645189. | |||||
| CVE-2023-20742 | 2 Google, Mediatek | 48 Android, Mt6735, Mt6737 and 45 more | 2025-01-07 | N/A | 4.4 MEDIUM |
| In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628591; Issue ID: ALPS07628540. | |||||