CVSS: 7.6EPSS: 0%CPEs: 36EXPL: 0CVE-2024-20007
https://notcve.org/view.php?id=CVE-2024-20007
05 Feb 2024 — In mp3 decoder, there is a possible out of bounds write due to a race condition. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08441369; Issue ID: ALPS08441369. En el decodificador de mp3, existe una posible escritura fuera de los límites debido a una condición de ejecución. • https://corp.mediatek.com/product-security-bulletin/February-2024 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 9EXPL: 0CVE-2024-20006
https://notcve.org/view.php?id=CVE-2024-20006
05 Feb 2024 — In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08477148; Issue ID: ALPS08477148. En da, existe una posible escritura fuera de los límites debido a una verificación de los límites faltantes. • https://corp.mediatek.com/product-security-bulletin/February-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 48EXPL: 0CVE-2023-32891
https://notcve.org/view.php?id=CVE-2023-32891
02 Jan 2024 — In bluetooth service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07933038; Issue ID: MSV-559. En el servicio Bluetooth, existe una posible escritura fuera de los límites debido a una validación de entrada incorrecta. • https://corp.mediatek.com/product-security-bulletin/January-2024 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0CVE-2023-32831
https://notcve.org/view.php?id=CVE-2023-32831
02 Jan 2024 — In wlan driver, there is a possible PIN crack due to use of insufficiently random values. This could lead to local information disclosure with no execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00325055; Issue ID: MSV-868. En el controlador WLAN, existe una posible vulneración del PIN debido al uso de valores insuficientemente aleatorios. • https://corp.mediatek.com/product-security-bulletin/January-2024 • CWE-330: Use of Insufficiently Random Values •
CVSS: 7.8EPSS: 1%CPEs: 45EXPL: 0CVE-2023-32890
https://notcve.org/view.php?id=CVE-2023-32890
02 Jan 2024 — In modem EMM, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01183647; Issue ID: MOLY01183647 (MSV-963). En el modem EMM, existe un posible fallo del sistema debido a una validación de entrada incorrecta. • https://corp.mediatek.com/product-security-bulletin/April-2024 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 60EXPL: 0CVE-2023-32889
https://notcve.org/view.php?id=CVE-2023-32889
02 Jan 2024 — In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161825; Issue ID: MOLY01161825 (MSV-895). En Modem IMS Call UA, existe una posible escritura fuera de los límites debido a una verificación de límites faltantes. • https://corp.mediatek.com/product-security-bulletin/January-2024 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 1%CPEs: 38EXPL: 0CVE-2023-32888
https://notcve.org/view.php?id=CVE-2023-32888
02 Jan 2024 — In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161830; Issue ID: MOLY01161830 (MSV-894). En Modem IMS Call UA, existe una posible escritura fuera de los límites debido a una verificación de límites faltantes. • https://corp.mediatek.com/product-security-bulletin/January-2024 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 1%CPEs: 38EXPL: 0CVE-2023-32887
https://notcve.org/view.php?id=CVE-2023-32887
02 Jan 2024 — In Modem IMS Stack, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161837; Issue ID: MOLY01161837 (MSV-892). En Modem IMS Stack, existe un posible fallo del sistema debido a una verificación de límites faltantes. • https://corp.mediatek.com/product-security-bulletin/January-2024 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 1%CPEs: 47EXPL: 0CVE-2023-32886
https://notcve.org/view.php?id=CVE-2023-32886
02 Jan 2024 — In Modem IMS SMS UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00730807; Issue ID: MOLY00730807. En el módem IMS SMS UA, existe una posible escritura fuera de los límites debido a una verificación de límites faltantes. • https://corp.mediatek.com/product-security-bulletin/January-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 33EXPL: 0CVE-2023-32885
https://notcve.org/view.php?id=CVE-2023-32885
02 Jan 2024 — In display drm, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07780685; Issue ID: ALPS07780685. En display drm, existe una posible corrupción de la memoria debido a una verificación de los límites faltantes. • https://corp.mediatek.com/product-security-bulletin/January-2024 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •