CVSS: 5.5EPSS: 0%CPEs: 45EXPL: 0CVE-2023-32825
https://notcve.org/view.php?id=CVE-2023-32825
In bluethooth service, there is a possible out of bounds reads due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07884130; Issue ID: ALPS07884130. En el servicio Bluetooth, existe una posible lectura fuera de los límites debido a una validación de entrada incorrecta. • https://corp.mediatek.com/product-security-bulletin/November-2023 • CWE-125: Out-of-bounds Read •
CVSS: 6.7EPSS: 0%CPEs: 9EXPL: 0CVE-2023-32839
https://notcve.org/view.php?id=CVE-2023-32839
In dpe, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07262576; Issue ID: ALPS07262576. En dpe, existe una posible escritura fuera de los límites debido a que falta una verificación de rango válido. • https://corp.mediatek.com/product-security-bulletin/November-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 11EXPL: 0CVE-2023-32838
https://notcve.org/view.php?id=CVE-2023-32838
In dpe, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310805; Issue ID: ALPS07310805. En dpe, existe una posible escritura fuera de los límites debido a que falta una verificación de rango válido. • https://corp.mediatek.com/product-security-bulletin/November-2023 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 22EXPL: 0CVE-2023-20702
https://notcve.org/view.php?id=CVE-2023-20702
In 5G NRLC, there is a possible invalid memory access due to lack of error handling. This could lead to remote denial of service, if UE received invalid 1-byte rlc sdu, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00921261; Issue ID: MOLY01128895. En 5G NRLC, existe un posible acceso no válido a la memoria debido a la falta de manejo de errores. • https://corp.mediatek.com/product-security-bulletin/November-2023 •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-32837 – mtk-jpeg Driver Out-Of-Bounds Read / Write
https://notcve.org/view.php?id=CVE-2023-32837
In video, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08235273; Issue ID: ALPS08250357. En el vídeo, hay una posible escritura fuera de los límites debido a una comprobación de los límites faltantes. • http://packetstormsecurity.com/files/175665/mtk-jpeg-Driver-Out-Of-Bounds-Read-Write.html https://corp.mediatek.com/product-security-bulletin/November-2023 • CWE-787: Out-of-bounds Write •