CVSS: 6.7EPSS: 0%CPEs: 27EXPL: 0CVE-2023-20643
https://notcve.org/view.php?id=CVE-2023-20643
07 Mar 2023 — In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628584; Issue ID: ALPS07628584. • https://corp.mediatek.com/product-security-bulletin/March-2023 • CWE-20: Improper Input Validation •
CVSS: 6.7EPSS: 0%CPEs: 43EXPL: 0CVE-2023-20628
https://notcve.org/view.php?id=CVE-2023-20628
07 Mar 2023 — In thermal, there is a possible memory corruption due to an uncaught exception. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494460; Issue ID: ALPS07494460. • https://corp.mediatek.com/product-security-bulletin/March-2023 •
CVSS: 6.4EPSS: 0%CPEs: 76EXPL: 0CVE-2023-20623
https://notcve.org/view.php?id=CVE-2023-20623
07 Mar 2023 — In ion, there is a possible escalation of privilege due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07559778; Issue ID: ALPS07559778. • https://corp.mediatek.com/product-security-bulletin/March-2023 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 6.7EPSS: 0%CPEs: 27EXPL: 0CVE-2023-20632
https://notcve.org/view.php?id=CVE-2023-20632
07 Mar 2023 — In usb, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628506; Issue ID: ALPS07628506. • https://corp.mediatek.com/product-security-bulletin/March-2023 • CWE-787: Out-of-bounds Write •
CVSS: 4.4EPSS: 0%CPEs: 34EXPL: 0CVE-2023-20647
https://notcve.org/view.php?id=CVE-2023-20647
07 Mar 2023 — In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628547; Issue ID: ALPS07628547. • https://corp.mediatek.com/product-security-bulletin/March-2023 • CWE-20: Improper Input Validation •
CVSS: 6.7EPSS: 0%CPEs: 29EXPL: 0CVE-2023-20626
https://notcve.org/view.php?id=CVE-2023-20626
07 Mar 2023 — In msdc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07405223; Issue ID: ALPS07405223. • https://corp.mediatek.com/product-security-bulletin/March-2023 • CWE-20: Improper Input Validation •
CVSS: 6.7EPSS: 0%CPEs: 39EXPL: 0CVE-2023-20638
https://notcve.org/view.php?id=CVE-2023-20638
07 Mar 2023 — In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628537; Issue ID: ALPS07628537. • https://corp.mediatek.com/product-security-bulletin/March-2023 • CWE-20: Improper Input Validation •
CVSS: 6.4EPSS: 0%CPEs: 27EXPL: 0CVE-2023-20625
https://notcve.org/view.php?id=CVE-2023-20625
07 Mar 2023 — In adsp, there is a possible double free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628532; Issue ID: ALPS07628532. • https://corp.mediatek.com/product-security-bulletin/March-2023 • CWE-662: Improper Synchronization •
CVSS: 4.4EPSS: 0%CPEs: 21EXPL: 0CVE-2023-20645
https://notcve.org/view.php?id=CVE-2023-20645
07 Mar 2023 — In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628609; Issue ID: ALPS07628609. • https://corp.mediatek.com/product-security-bulletin/March-2023 • CWE-20: Improper Input Validation •
CVSS: 4.4EPSS: 0%CPEs: 39EXPL: 0CVE-2023-20648
https://notcve.org/view.php?id=CVE-2023-20648
07 Mar 2023 — In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628612; Issue ID: ALPS07628612. • https://corp.mediatek.com/product-security-bulletin/March-2023 • CWE-20: Improper Input Validation •