CVSS: 8.4EPSS: 0%CPEs: 43EXPL: 0CVE-2024-20053
https://notcve.org/view.php?id=CVE-2024-20053
01 Apr 2024 — In flashc, there is a possible out of bounds write due to an uncaught exception. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541757; Issue ID: ALPS08541764. En flashc, existe una posible escritura fuera de los límites debido a una excepción no detectada. • https://corp.mediatek.com/product-security-bulletin/April-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 25EXPL: 0CVE-2024-20023
https://notcve.org/view.php?id=CVE-2024-20023
04 Mar 2024 — In flashc, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541638; Issue ID: ALPS08541638. • https://corp.mediatek.com/product-security-bulletin/March-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 34EXPL: 0CVE-2024-20022
https://notcve.org/view.php?id=CVE-2024-20022
04 Mar 2024 — In lk, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08528255; Issue ID: ALPS08528255. • https://corp.mediatek.com/product-security-bulletin/March-2024 • CWE-125: Out-of-bounds Read •
CVSS: 6.7EPSS: 0%CPEs: 48EXPL: 0CVE-2023-32891
https://notcve.org/view.php?id=CVE-2023-32891
02 Jan 2024 — In bluetooth service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07933038; Issue ID: MSV-559. En el servicio Bluetooth, existe una posible escritura fuera de los límites debido a una validación de entrada incorrecta. • https://corp.mediatek.com/product-security-bulletin/January-2024 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 1%CPEs: 45EXPL: 0CVE-2023-32890
https://notcve.org/view.php?id=CVE-2023-32890
02 Jan 2024 — In modem EMM, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01183647; Issue ID: MOLY01183647 (MSV-963). En el modem EMM, existe un posible fallo del sistema debido a una validación de entrada incorrecta. • https://corp.mediatek.com/product-security-bulletin/April-2024 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 1%CPEs: 38EXPL: 0CVE-2023-32888
https://notcve.org/view.php?id=CVE-2023-32888
02 Jan 2024 — In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161830; Issue ID: MOLY01161830 (MSV-894). En Modem IMS Call UA, existe una posible escritura fuera de los límites debido a una verificación de límites faltantes. • https://corp.mediatek.com/product-security-bulletin/January-2024 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 1%CPEs: 38EXPL: 0CVE-2023-32887
https://notcve.org/view.php?id=CVE-2023-32887
02 Jan 2024 — In Modem IMS Stack, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161837; Issue ID: MOLY01161837 (MSV-892). En Modem IMS Stack, existe un posible fallo del sistema debido a una verificación de límites faltantes. • https://corp.mediatek.com/product-security-bulletin/January-2024 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 1%CPEs: 47EXPL: 0CVE-2023-32886
https://notcve.org/view.php?id=CVE-2023-32886
02 Jan 2024 — In Modem IMS SMS UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00730807; Issue ID: MOLY00730807. En el módem IMS SMS UA, existe una posible escritura fuera de los límites debido a una verificación de límites faltantes. • https://corp.mediatek.com/product-security-bulletin/January-2024 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 1%CPEs: 45EXPL: 0CVE-2023-32874
https://notcve.org/view.php?id=CVE-2023-32874
02 Jan 2024 — In Modem IMS Stack, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161803; Issue ID: MOLY01161803 (MSV-893). En Modem IMS Stack, existe una posible escritura fuera de los límites debido a una verificación de límites faltantes. • https://corp.mediatek.com/product-security-bulletin/January-2024 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 2%CPEs: 36EXPL: 0CVE-2023-32846
https://notcve.org/view.php?id=CVE-2023-32846
04 Dec 2023 — In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01138453 (MSV-861). En 5G Modem, existe una posible falla del sistema debido a un manejo inadecuado de errores. • https://corp.mediatek.com/product-security-bulletin/December-2023 • CWE-617: Reachable Assertion •