CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2021-32485
https://notcve.org/view.php?id=CVE-2021-32485
In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500621; Issue ID: ALPS04964926. En modem 2G RRM, se presenta un posible bloqueo del sistema debido a un desbordamiento del búfer de la pila. • https://corp.mediatek.com/product-security-bulletin/September-2021 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2021-32484
https://notcve.org/view.php?id=CVE-2021-32484
In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500621; Issue ID: ALPS04964917. En modem 2G RRM, se presenta un posible bloqueo del sistema debido a un desbordamiento del búfer de la pila. • https://corp.mediatek.com/product-security-bulletin/September-2021 • CWE-787: Out-of-bounds Write •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2019-18989
https://notcve.org/view.php?id=CVE-2019-18989
A partial authentication bypass vulnerability exists on Mediatek MT7620N 1.06 devices. The vulnerability allows sending an unencrypted data frame to a WPA2-protected WLAN router where the packet is routed through the network. If successful, a response is sent back as an encrypted frame, which would allow an attacker to discern information or potentially modify data. Se presenta una vulnerabilidad de omisión de autenticación parcial en los dispositivos Mediatek MT7620N versión 1.06. La vulnerabilidad permite enviar una trama de datos no cifrada hacia un enrutador WLAN protegido por WPA2 donde el paquete se enruta por medio de la red. • https://www.synopsys.com/blogs/software-security/cyrc-advisory-sept2020 • CWE-290: Authentication Bypass by Spoofing •
CVSS: 9.8EPSS: 0%CPEs: 23EXPL: 0CVE-2018-21054
https://notcve.org/view.php?id=CVE-2018-21054
An issue was discovered on Samsung mobile devices with M(6.0), N(7.x) and O(8.x) except exynos9610/9820 in all Platforms, M(6.0) except MSM8909 SC77xx/9830 exynos3470/5420, N(7.0) except MSM8939, N(7.1) except MSM8996 SDM6xx/M6737T software. There is an integer underflow with a resultant buffer overflow in eCryptFS. The Samsung ID is SVE-2017-11857 (September 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software M(6.0), N(7.x) y O(8.x) excepto exynos9610/9820 en todas las plataformas, M(6.0) excepto MSM8909 SC77xx/9830 exynos3470/5420, N( 7.0) excepto MSM8939, N(7.1) excepto el software MSM8996 SDM6xx/M6737T. Se presenta un desbordamiento de enteros con un desbordamiento de búfer resultante en eCryptFS. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2018-21089
https://notcve.org/view.php?id=CVE-2018-21089
An issue was discovered on Samsung mobile devices with N(7.x) (MT6755/MT6757 Mediatek models) software. Bootloader has an integer overflow that leads to arbitrary code execution via the download offset control. The Samsung ID is SVE-2017-10732 (January 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software N(7.x) (modelos Mediatek MT6755/MT6757). El Cargador de Arranque presenta un desbordamiento de enteros que conlleva a una ejecución de código arbitraria por medio del control de desplazamiento de descarga. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-190: Integer Overflow or Wraparound •