CVSS: 4.0EPSS: 0%CPEs: 45EXPL: 0CVE-2023-20838
https://notcve.org/view.php?id=CVE-2023-20838
04 Sep 2023 — In imgsys, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326418. En imgsys, existe una posible lectura fuera de límites debido a una condición de carrera. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-125: Out-of-bounds Read •
CVSS: 6.7EPSS: 0%CPEs: 44EXPL: 0CVE-2023-20830
https://notcve.org/view.php?id=CVE-2023-20830
04 Sep 2023 — In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08014156. En gps, existe una posible escritura fuera de los límites debido a una falta de verificación de los límites. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 47EXPL: 0CVE-2023-20825
https://notcve.org/view.php?id=CVE-2023-20825
04 Sep 2023 — In duraspeed, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privilege needed. User interaction is not needed for exploitation. Patch ID: ALPS07951402; Issue ID: ALPS07951413. En duraspeed, existe una posible divulgación de información debido a la falta de comprobación de permisos. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-862: Missing Authorization •
CVSS: 5.5EPSS: 0%CPEs: 47EXPL: 0CVE-2023-20824
https://notcve.org/view.php?id=CVE-2023-20824
04 Sep 2023 — In duraspeed, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privilege needed. User interaction is not needed for exploitation. Patch ID: ALPS07951402; Issue ID: ALPS07951402. En duraspeed, existe una posible divulgación de información debido a la falta de comprobación de permisos. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-862: Missing Authorization •
CVSS: 6.7EPSS: 0%CPEs: 56EXPL: 0CVE-2023-20821
https://notcve.org/view.php?id=CVE-2023-20821
04 Sep 2023 — In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07937113; Issue ID: ALPS07937113. En nvram, existe una posible escritura fuera de límites debido a una inexistente comprobación de límites. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 9EXPL: 0CVE-2023-20807
https://notcve.org/view.php?id=CVE-2023-20807
07 Aug 2023 — In dpe, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07608433; Issue ID: ALPS07608433. • https://corp.mediatek.com/product-security-bulletin/August-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 10EXPL: 0CVE-2023-20806
https://notcve.org/view.php?id=CVE-2023-20806
07 Aug 2023 — In hcp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07537437. • https://corp.mediatek.com/product-security-bulletin/August-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 11EXPL: 0CVE-2023-20805
https://notcve.org/view.php?id=CVE-2023-20805
07 Aug 2023 — In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07199773; Issue ID: ALPS07326411. • https://corp.mediatek.com/product-security-bulletin/August-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 11EXPL: 0CVE-2023-20804
https://notcve.org/view.php?id=CVE-2023-20804
07 Aug 2023 — In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07199773; Issue ID: ALPS07326384. • https://corp.mediatek.com/product-security-bulletin/August-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 11EXPL: 0CVE-2023-20803
https://notcve.org/view.php?id=CVE-2023-20803
07 Aug 2023 — In imgsys, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326374. • https://corp.mediatek.com/product-security-bulletin/August-2023 • CWE-787: Out-of-bounds Write •