CVSS: 6.7EPSS: 0%CPEs: 25EXPL: 0CVE-2024-20023
https://notcve.org/view.php?id=CVE-2024-20023
04 Mar 2024 — In flashc, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541638; Issue ID: ALPS08541638. • https://corp.mediatek.com/product-security-bulletin/March-2024 • CWE-787: Out-of-bounds Write •
CVSS: 8.2EPSS: 0%CPEs: 37EXPL: 0CVE-2024-20005
https://notcve.org/view.php?id=CVE-2024-20005
04 Mar 2024 — In da, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08355599; Issue ID: ALPS08355599. • https://corp.mediatek.com/product-security-bulletin/March-2024 • CWE-276: Incorrect Default Permissions •
CVSS: 4.4EPSS: 0%CPEs: 38EXPL: 0CVE-2024-20016
https://notcve.org/view.php?id=CVE-2024-20016
05 Feb 2024 — In ged, there is a possible out of bounds write due to an integer overflow. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation Patch ID: ALPS07835901; Issue ID: ALPS07835901. En ged, existe una posible escritura fuera de los límites debido a un desbordamiento de enteros. Esto podría provocar una denegación de servicio local con los privilegios de ejecución de System necesarios. • https://corp.mediatek.com/product-security-bulletin/February-2024 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 42EXPL: 0CVE-2024-20015
https://notcve.org/view.php?id=CVE-2024-20015
05 Feb 2024 — In telephony, there is a possible escalation of privilege due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08441419; Issue ID: ALPS08441419. En telephony, existe una posible escalada de privilegios debido a una omisión de permisos. • https://corp.mediatek.com/product-security-bulletin/February-2024 • CWE-305: Authentication Bypass by Primary Weakness •
CVSS: 6.7EPSS: 0%CPEs: 61EXPL: 0CVE-2024-20013
https://notcve.org/view.php?id=CVE-2024-20013
05 Feb 2024 — In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08471742; Issue ID: ALPS08308608. En keyInstall, existe una posible escritura fuera de los límites debido a una verificación de los límites faltantes. • https://corp.mediatek.com/product-security-bulletin/February-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 52EXPL: 0CVE-2024-20012
https://notcve.org/view.php?id=CVE-2024-20012
05 Feb 2024 — In keyInstall, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08358566; Issue ID: ALPS08358566. En keyInstall, existe una posible escalada de privilegios debido a confusión de tipos. • https://corp.mediatek.com/product-security-bulletin/February-2024 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 6.7EPSS: 0%CPEs: 60EXPL: 0CVE-2024-20010
https://notcve.org/view.php?id=CVE-2024-20010
05 Feb 2024 — In keyInstall, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08358560; Issue ID: ALPS08358560. En keyInstall, existe una posible escalada de privilegios debido a confusión de tipos. • https://corp.mediatek.com/product-security-bulletin/February-2024 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 6.7EPSS: 0%CPEs: 9EXPL: 0CVE-2024-20006
https://notcve.org/view.php?id=CVE-2024-20006
05 Feb 2024 — In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08477148; Issue ID: ALPS08477148. En da, existe una posible escritura fuera de los límites debido a una verificación de los límites faltantes. • https://corp.mediatek.com/product-security-bulletin/February-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 48EXPL: 0CVE-2023-32891
https://notcve.org/view.php?id=CVE-2023-32891
02 Jan 2024 — In bluetooth service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07933038; Issue ID: MSV-559. En el servicio Bluetooth, existe una posible escritura fuera de los límites debido a una validación de entrada incorrecta. • https://corp.mediatek.com/product-security-bulletin/January-2024 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 1%CPEs: 45EXPL: 0CVE-2023-32890
https://notcve.org/view.php?id=CVE-2023-32890
02 Jan 2024 — In modem EMM, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01183647; Issue ID: MOLY01183647 (MSV-963). En el modem EMM, existe un posible fallo del sistema debido a una validación de entrada incorrecta. • https://corp.mediatek.com/product-security-bulletin/April-2024 • CWE-20: Improper Input Validation •