CVSS: 6.7EPSS: 0%CPEs: 48EXPL: 0CVE-2023-20682
https://notcve.org/view.php?id=CVE-2023-20682
06 Apr 2023 — In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441605; Issue ID: ALPS07441605. • https://corp.mediatek.com/product-security-bulletin/April-2023 • CWE-190: Integer Overflow or Wraparound •
CVSS: 4.4EPSS: 0%CPEs: 36EXPL: 0CVE-2023-20660
https://notcve.org/view.php?id=CVE-2023-20660
06 Apr 2023 — In wlan, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588383; Issue ID: ALPS07588383. • https://corp.mediatek.com/product-security-bulletin/April-2023 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.7EPSS: 0%CPEs: 36EXPL: 0CVE-2023-20661
https://notcve.org/view.php?id=CVE-2023-20661
06 Apr 2023 — In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560782; Issue ID: ALPS07560782. • https://corp.mediatek.com/product-security-bulletin/April-2023 • CWE-190: Integer Overflow or Wraparound •
CVSS: 4.4EPSS: 0%CPEs: 42EXPL: 0CVE-2023-20676
https://notcve.org/view.php?id=CVE-2023-20676
06 Apr 2023 — In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588569; Issue ID: ALPS07628518. • https://corp.mediatek.com/product-security-bulletin/April-2023 • CWE-125: Out-of-bounds Read •
CVSS: 4.4EPSS: 0%CPEs: 42EXPL: 0CVE-2023-20677
https://notcve.org/view.php?id=CVE-2023-20677
06 Apr 2023 — In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588413; Issue ID: ALPS07588436. • https://corp.mediatek.com/product-security-bulletin/April-2023 • CWE-125: Out-of-bounds Read •
CVSS: 6.4EPSS: 0%CPEs: 76EXPL: 0CVE-2023-20623
https://notcve.org/view.php?id=CVE-2023-20623
07 Mar 2023 — In ion, there is a possible escalation of privilege due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07559778; Issue ID: ALPS07559778. • https://corp.mediatek.com/product-security-bulletin/March-2023 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 6.7EPSS: 0%CPEs: 60EXPL: 0CVE-2022-32654
https://notcve.org/view.php?id=CVE-2022-32654
06 Feb 2023 — In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705011; Issue ID: GN20220705011. • https://corp.mediatek.com/product-security-bulletin/February-2023 •
CVSS: 6.7EPSS: 0%CPEs: 60EXPL: 0CVE-2022-32655
https://notcve.org/view.php?id=CVE-2022-32655
06 Feb 2023 — In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705028; Issue ID: GN20220705028. • https://corp.mediatek.com/product-security-bulletin/February-2023 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 6.7EPSS: 0%CPEs: 60EXPL: 0CVE-2022-32656
https://notcve.org/view.php?id=CVE-2022-32656
06 Feb 2023 — In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705035; Issue ID: GN20220705035. • https://corp.mediatek.com/product-security-bulletin/February-2023 •
CVSS: 7.8EPSS: 3%CPEs: 44EXPL: 0CVE-2022-32663
https://notcve.org/view.php?id=CVE-2022-32663
06 Feb 2023 — In Wi-Fi driver, there is a possible system crash due to null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220720014; Issue ID: GN20220720014. • https://corp.mediatek.com/product-security-bulletin/February-2023 • CWE-476: NULL Pointer Dereference •