Vulnerabilities (CVE)

Filtered by vendor Mediatek Subscribe
Total 712 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-20064 2 Google, Mediatek 30 Android, Mt6580, Mt6761 and 27 more 2025-03-29 N/A 7.8 HIGH
In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08572601; Issue ID: MSV-1229.
CVE-2024-20020 2 Google, Mediatek 8 Android, Mt2713, Mt2715 and 5 more 2025-03-28 N/A 4.4 MEDIUM
In OPTEE, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08522504; Issue ID: ALPS08522504.
CVE-2024-20066 1 Mediatek 23 Mt6298, Mt6813, Mt6815 and 20 more 2025-03-27 N/A 7.5 HIGH
In modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is no needed for exploitation. Patch ID: MOLY01267281; Issue ID: MSV-1477.
CVE-2023-20616 2 Google, Mediatek 45 Android, Mt6580, Mt6735 and 42 more 2025-03-26 N/A 6.7 MEDIUM
In ion, there is a possible out of bounds read due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560720; Issue ID: ALPS07560720.
CVE-2023-20615 2 Google, Mediatek 37 Android, Mt6739, Mt6761 and 34 more 2025-03-26 N/A 6.7 MEDIUM
In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629572; Issue ID: ALPS07629572.
CVE-2022-32656 1 Mediatek 60 Mt5221, Mt5221 Firmware, Mt7603 and 57 more 2025-03-26 N/A 6.7 MEDIUM
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705035; Issue ID: GN20220705035.
CVE-2022-32655 1 Mediatek 60 Mt5221, Mt5221 Firmware, Mt7603 and 57 more 2025-03-26 N/A 6.7 MEDIUM
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705028; Issue ID: GN20220705028.
CVE-2022-32654 1 Mediatek 60 Mt5221, Mt5221 Firmware, Mt7603 and 57 more 2025-03-26 N/A 6.7 MEDIUM
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705011; Issue ID: GN20220705011.
CVE-2022-32643 2 Google, Mediatek 4 Android, Mt6879, Mt6895 and 1 more 2025-03-26 N/A 6.4 MEDIUM
In ccd, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07341261; Issue ID: ALPS07341261.
CVE-2022-32642 2 Google, Mediatek 4 Android, Mt6879, Mt6895 and 1 more 2025-03-26 N/A 6.4 MEDIUM
In ccd, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07326547; Issue ID: ALPS07326547.
CVE-2022-32595 2 Google, Mediatek 33 Android, Mt6762, Mt6765 and 30 more 2025-03-26 N/A 4.4 MEDIUM
In widevine, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446236; Issue ID: ALPS07446236.
CVE-2023-20619 2 Google, Mediatek 25 Android, Mt6761, Mt6762 and 22 more 2025-03-26 N/A 6.7 MEDIUM
In vcu, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519159; Issue ID: ALPS07519159.
CVE-2023-20618 2 Google, Mediatek 25 Android, Mt6761, Mt6762 and 22 more 2025-03-26 N/A 6.7 MEDIUM
In vcu, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519184; Issue ID: ALPS07519184.
CVE-2021-31575 1 Mediatek 4 En7528, En7528 Firmware, En7580 and 1 more 2025-03-26 N/A 9.8 CRITICAL
In Config Manager, there is a possible command injection due to improper input validation. This could lead to remote escalation of privilege from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: A20210009; Issue ID: OSBNB00123234.
CVE-2023-20606 2 Google, Mediatek 4 Android, Mt6879, Mt6895 and 1 more 2025-03-26 N/A 4.4 MEDIUM
In apusys, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07571104; Issue ID: ALPS07571104.
CVE-2023-20605 2 Google, Mediatek 51 Android, Mt6580, Mt6731 and 48 more 2025-03-26 N/A 4.4 MEDIUM
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07550104; Issue ID: ALPS07550104.
CVE-2023-20604 2 Google, Mediatek 27 Android, Mt6735, Mt6737 and 24 more 2025-03-26 N/A 6.7 MEDIUM
In ged, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494067; Issue ID: ALPS07494067.
CVE-2023-20602 2 Google, Mediatek 25 Android, Mt6735, Mt6737 and 22 more 2025-03-26 N/A 6.7 MEDIUM
In ged, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494107; Issue ID: ALPS07494107.
CVE-2022-32663 1 Mediatek 44 Mt5221, Mt5221 Firmware, Mt7603 and 41 more 2025-03-26 N/A 7.5 HIGH
In Wi-Fi driver, there is a possible system crash due to null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220720014; Issue ID: GN20220720014.
CVE-2021-31574 1 Mediatek 4 En7528, En7528 Firmware, En7580 and 1 more 2025-03-26 N/A 9.8 CRITICAL
In Config Manager, there is a possible command injection due to improper input validation. This could lead to remote escalation of privilege from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: A20210009; Issue ID: OSBNB00123234.