CVSS: 6.0EPSS: 0%CPEs: 17EXPL: 0CVE-2024-20024
https://notcve.org/view.php?id=CVE-2024-20024
04 Mar 2024 — In flashc, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541635; Issue ID: ALPS08541635. En flashc, existe una posible escritura fuera de los límites debido a la falta de valoración. • https://corp.mediatek.com/product-security-bulletin/March-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 34EXPL: 0CVE-2024-20022
https://notcve.org/view.php?id=CVE-2024-20022
04 Mar 2024 — In lk, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08528255; Issue ID: ALPS08528255. • https://corp.mediatek.com/product-security-bulletin/March-2024 • CWE-125: Out-of-bounds Read •
CVSS: 8.2EPSS: 0%CPEs: 37EXPL: 0CVE-2024-20005
https://notcve.org/view.php?id=CVE-2024-20005
04 Mar 2024 — In da, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08355599; Issue ID: ALPS08355599. • https://corp.mediatek.com/product-security-bulletin/March-2024 • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 42EXPL: 0CVE-2024-20015
https://notcve.org/view.php?id=CVE-2024-20015
05 Feb 2024 — In telephony, there is a possible escalation of privilege due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08441419; Issue ID: ALPS08441419. En telephony, existe una posible escalada de privilegios debido a una omisión de permisos. • https://corp.mediatek.com/product-security-bulletin/February-2024 • CWE-305: Authentication Bypass by Primary Weakness •
CVSS: 6.7EPSS: 0%CPEs: 61EXPL: 0CVE-2024-20013
https://notcve.org/view.php?id=CVE-2024-20013
05 Feb 2024 — In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08471742; Issue ID: ALPS08308608. En keyInstall, existe una posible escritura fuera de los límites debido a una verificación de los límites faltantes. • https://corp.mediatek.com/product-security-bulletin/February-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 60EXPL: 0CVE-2024-20010
https://notcve.org/view.php?id=CVE-2024-20010
05 Feb 2024 — In keyInstall, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08358560; Issue ID: ALPS08358560. En keyInstall, existe una posible escalada de privilegios debido a confusión de tipos. • https://corp.mediatek.com/product-security-bulletin/February-2024 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 60EXPL: 0CVE-2023-32889
https://notcve.org/view.php?id=CVE-2023-32889
02 Jan 2024 — In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161825; Issue ID: MOLY01161825 (MSV-895). En Modem IMS Call UA, existe una posible escritura fuera de los límites debido a una verificación de límites faltantes. • https://corp.mediatek.com/product-security-bulletin/January-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 61EXPL: 0CVE-2023-32884
https://notcve.org/view.php?id=CVE-2023-32884
02 Jan 2024 — In netdagent, there is a possible information disclosure due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07944011; Issue ID: ALPS07944011. En netdagent, existe una posible divulgación de información debido a una verificación de los límites incorrecta. • https://corp.mediatek.com/product-security-bulletin/January-2024 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.7EPSS: 0%CPEs: 58EXPL: 0CVE-2023-32883
https://notcve.org/view.php?id=CVE-2023-32883
02 Jan 2024 — In Engineer Mode, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08282249; Issue ID: ALPS08282249. En Engineer Mode, existe una posible escritura fuera de los límites debido a una verificación de los límites faltantes. • https://corp.mediatek.com/product-security-bulletin/January-2024 • CWE-787: Out-of-bounds Write •
CVSS: 4.4EPSS: 0%CPEs: 60EXPL: 0CVE-2023-32876
https://notcve.org/view.php?id=CVE-2023-32876
02 Jan 2024 — In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308612; Issue ID: ALPS08308612. En keyInstall, existe una posible divulgación de información debido a una verificación de los límites faltantes. • https://corp.mediatek.com/product-security-bulletin/January-2024 • CWE-125: Out-of-bounds Read •