Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Mediatek Subscribe
Total 400 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-20651 2 Google, Mediatek 14 Android, Mt6853, Mt6853t and 11 more 2023-03-10 N/A 4.4 MEDIUM
In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629576; Issue ID: ALPS07629576.
CVE-2023-20650 2 Google, Mediatek 14 Android, Mt6853, Mt6853t and 11 more 2023-03-10 N/A 6.7 MEDIUM
In apu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629577; Issue ID: ALPS07629577.
CVE-2023-20644 2 Google, Mediatek 33 Android, Mt6580, Mt6739 and 30 more 2023-03-10 N/A 4.4 MEDIUM
In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628603; Issue ID: ALPS07628603.
CVE-2023-20643 2 Google, Mediatek 26 Android, Mt6739, Mt6761 and 23 more 2023-03-10 N/A 6.7 MEDIUM
In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628584; Issue ID: ALPS07628584.
CVE-2023-20642 2 Google, Mediatek 14 Android, Mt6879, Mt6895 and 11 more 2023-03-10 N/A 6.7 MEDIUM
In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628586; Issue ID: ALPS07628586.
CVE-2023-20646 2 Google, Mediatek 44 Android, Mt6737, Mt6739 and 41 more 2023-03-10 N/A 4.4 MEDIUM
In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628536; Issue ID: ALPS07628536.
CVE-2023-20647 2 Google, Mediatek 33 Android, Mt6739, Mt6761 and 30 more 2023-03-10 N/A 4.4 MEDIUM
In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628547; Issue ID: ALPS07628547.
CVE-2023-20645 2 Google, Mediatek 20 Android, Mt6739, Mt6761 and 17 more 2023-03-10 N/A 4.4 MEDIUM
In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628609; Issue ID: ALPS07628609.
CVE-2023-20648 2 Google, Mediatek 38 Android, Mt6761, Mt6762 and 35 more 2023-03-10 N/A 4.4 MEDIUM
In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628612; Issue ID: ALPS07628612.
CVE-2022-20078 2 Google, Mediatek 13 Android, Mt6833, Mt6853 and 10 more 2023-03-02 6.9 MEDIUM 6.4 MEDIUM
In vow, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS05852819; Issue ID: ALPS05852819.
CVE-2021-31577 1 Mediatek 4 En7528, En7528 Firmware, En7580 and 1 more 2023-02-15 N/A 9.8 CRITICAL
In Boa, there is a possible escalation of privilege due to a missing permission check. This could lead to remote escalation of privilege from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: A20210008; Issue ID: OSBNB00123241.
CVE-2021-31578 1 Mediatek 4 En7528, En7528 Firmware, En7580 and 1 more 2023-02-15 N/A 9.8 CRITICAL
In Boa, there is a possible escalation of privilege due to a stack buffer overflow. This could lead to remote escalation of privilege from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: A20210008; Issue ID: OSBNB00123241.
CVE-2021-31576 1 Mediatek 4 En7528, En7528 Firmware, En7580 and 1 more 2023-02-15 N/A 7.5 HIGH
In Boa, there is a possible information disclosure due to a missing permission check. This could lead to remote information disclosure to a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: A20210008; Issue ID: OSBNB00123241.
CVE-2021-31575 1 Mediatek 4 En7528, En7528 Firmware, En7580 and 1 more 2023-02-15 N/A 9.8 CRITICAL
In Config Manager, there is a possible command injection due to improper input validation. This could lead to remote escalation of privilege from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: A20210009; Issue ID: OSBNB00123234.
CVE-2021-31574 1 Mediatek 4 En7528, En7528 Firmware, En7580 and 1 more 2023-02-15 N/A 9.8 CRITICAL
In Config Manager, there is a possible command injection due to improper input validation. This could lead to remote escalation of privilege from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: A20210009; Issue ID: OSBNB00123234.
CVE-2021-31573 1 Mediatek 4 En7528, En7528 Firmware, En7580 and 1 more 2023-02-15 N/A 9.8 CRITICAL
In Config Manager, there is a possible command injection due to improper input validation. This could lead to remote escalation of privilege from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: A20210009; Issue ID: OSBNB00123234.
CVE-2022-32663 1 Mediatek 44 Mt5221, Mt5221 Firmware, Mt7603 and 41 more 2023-02-14 N/A 7.5 HIGH
In Wi-Fi driver, there is a possible system crash due to null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220720014; Issue ID: GN20220720014.
CVE-2022-32656 1 Mediatek 60 Mt5221, Mt5221 Firmware, Mt7603 and 57 more 2023-02-14 N/A 6.7 MEDIUM
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705035; Issue ID: GN20220705035.
CVE-2023-20619 2 Google, Mediatek 25 Android, Mt6761, Mt6762 and 22 more 2023-02-14 N/A 6.7 MEDIUM
In vcu, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519159; Issue ID: ALPS07519159.
CVE-2023-20618 2 Google, Mediatek 25 Android, Mt6761, Mt6762 and 22 more 2023-02-14 N/A 6.7 MEDIUM
In vcu, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519184; Issue ID: ALPS07519184.