CVSS: 4.4EPSS: 0%CPEs: 55EXPL: 0CVE-2023-20635
https://notcve.org/view.php?id=CVE-2023-20635
07 Mar 2023 — In keyinstall, there is a possible information disclosure due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07563028; Issue ID: ALPS07563028. • https://corp.mediatek.com/product-security-bulletin/March-2023 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 4.4EPSS: 0%CPEs: 53EXPL: 0CVE-2023-20605
https://notcve.org/view.php?id=CVE-2023-20605
06 Feb 2023 — In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07550104; Issue ID: ALPS07550104. • https://corp.mediatek.com/product-security-bulletin/February-2023 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.4EPSS: 0%CPEs: 40EXPL: 0CVE-2023-20611
https://notcve.org/view.php?id=CVE-2023-20611
06 Feb 2023 — In gpu, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588678; Issue ID: ALPS07588678. • https://corp.mediatek.com/product-security-bulletin/February-2023 • CWE-662: Improper Synchronization •
CVSS: 6.7EPSS: 0%CPEs: 58EXPL: 0CVE-2022-32640
https://notcve.org/view.php?id=CVE-2022-32640
03 Jan 2023 — In meta wifi, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441652; Issue ID: ALPS07441652. • https://corp.mediatek.com/product-security-bulletin/January-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 54EXPL: 0CVE-2022-32636
https://notcve.org/view.php?id=CVE-2022-32636
03 Jan 2023 — In keyinstall, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07510064; Issue ID: ALPS07510064. • https://corp.mediatek.com/product-security-bulletin/January-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 59EXPL: 0CVE-2022-32641
https://notcve.org/view.php?id=CVE-2022-32641
03 Jan 2023 — In meta wifi, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453594; Issue ID: ALPS07453594. • https://corp.mediatek.com/product-security-bulletin/January-2023 • CWE-125: Out-of-bounds Read •
CVSS: 6.7EPSS: 0%CPEs: 55EXPL: 0CVE-2022-32619
https://notcve.org/view.php?id=CVE-2022-32619
05 Dec 2022 — In keyinstall, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07439659; Issue ID: ALPS07439659. En keyinstall, existe una posible escritura fuera de los límites debido a una verificación de los límites incorrecta. • https://corp.mediatek.com/product-security-bulletin/December-2022 • CWE-787: Out-of-bounds Write •
CVSS: 4.4EPSS: 0%CPEs: 65EXPL: 0CVE-2022-21755
https://notcve.org/view.php?id=CVE-2022-21755
06 Jun 2022 — In WLAN driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06545464; Issue ID: ALPS06545464. En WLAN driver, se presenta una posible lectura fuera de límites debido a una comprobación de límites incorrecta. • https://corp.mediatek.com/product-security-bulletin/June-2022 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 59EXPL: 0CVE-2022-20093
https://notcve.org/view.php?id=CVE-2022-20093
03 May 2022 — In telephony, there is a possible way to disable receiving SMS messages due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06498868; Issue ID: ALPS06498868. En telephony, es posible que sea deshabilitada la recepción de mensajes SMS debido a una falta de comprobación de permisos. • https://corp.mediatek.com/product-security-bulletin/May-2022 • CWE-862: Missing Authorization •
CVSS: 6.4EPSS: 0%CPEs: 47EXPL: 0CVE-2022-20091
https://notcve.org/view.php?id=CVE-2022-20091
03 May 2022 — In aee driver, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06209201; Issue ID: ALPS06226345. En aee driver, se presenta un posible uso de memoria previamente liberada debido a una condición de carrera. • https://corp.mediatek.com/product-security-bulletin/May-2022 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •