CVSS: 6.7EPSS: 0%CPEs: 36EXPL: 0CVE-2023-20661
https://notcve.org/view.php?id=CVE-2023-20661
06 Apr 2023 — In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560782; Issue ID: ALPS07560782. • https://corp.mediatek.com/product-security-bulletin/April-2023 • CWE-190: Integer Overflow or Wraparound •
CVSS: 4.4EPSS: 0%CPEs: 42EXPL: 0CVE-2023-20677
https://notcve.org/view.php?id=CVE-2023-20677
06 Apr 2023 — In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588413; Issue ID: ALPS07588436. • https://corp.mediatek.com/product-security-bulletin/April-2023 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 63EXPL: 0CVE-2023-20655
https://notcve.org/view.php?id=CVE-2023-20655
06 Apr 2023 — In mmsdk, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07203022; Issue ID: ALPS07203022. • https://corp.mediatek.com/product-security-bulletin/April-2023 • CWE-269: Improper Privilege Management •
CVSS: 6.7EPSS: 0%CPEs: 56EXPL: 0CVE-2023-20664
https://notcve.org/view.php?id=CVE-2023-20664
06 Apr 2023 — In gz, there is a possible double free due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07505952; Issue ID: ALPS07505952. • https://corp.mediatek.com/product-security-bulletin/April-2023 • CWE-416: Use After Free •
CVSS: 4.4EPSS: 0%CPEs: 42EXPL: 0CVE-2023-20675
https://notcve.org/view.php?id=CVE-2023-20675
06 Apr 2023 — In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588569; Issue ID: ALPS07588569. • https://corp.mediatek.com/product-security-bulletin/April-2023 • CWE-125: Out-of-bounds Read •
CVSS: 6.7EPSS: 0%CPEs: 48EXPL: 0CVE-2023-20682
https://notcve.org/view.php?id=CVE-2023-20682
06 Apr 2023 — In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441605; Issue ID: ALPS07441605. • https://corp.mediatek.com/product-security-bulletin/April-2023 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.7EPSS: 0%CPEs: 27EXPL: 0CVE-2023-20630
https://notcve.org/view.php?id=CVE-2023-20630
07 Mar 2023 — In usb, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628505; Issue ID: ALPS07628505. • https://corp.mediatek.com/product-security-bulletin/March-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 27EXPL: 0CVE-2023-20632
https://notcve.org/view.php?id=CVE-2023-20632
07 Mar 2023 — In usb, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628506; Issue ID: ALPS07628506. • https://corp.mediatek.com/product-security-bulletin/March-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 27EXPL: 0CVE-2023-20633
https://notcve.org/view.php?id=CVE-2023-20633
07 Mar 2023 — In usb, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628508; Issue ID: ALPS07628508. • https://corp.mediatek.com/product-security-bulletin/March-2023 • CWE-129: Improper Validation of Array Index •
CVSS: 6.7EPSS: 0%CPEs: 7EXPL: 0CVE-2023-20627
https://notcve.org/view.php?id=CVE-2023-20627
07 Mar 2023 — In pqframework, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629585; Issue ID: ALPS07629585. • https://corp.mediatek.com/product-security-bulletin/March-2023 • CWE-131: Incorrect Calculation of Buffer Size •