CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20116
https://notcve.org/view.php?id=CVE-2024-20116
02 Dec 2024 — In cmdq, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09057438; Issue ID: MSV-1696. • https://corp.mediatek.com/product-security-bulletin/December-2024 • CWE-125: Out-of-bounds Read •
CVSS: 6.7EPSS: 0%CPEs: 45EXPL: 0CVE-2024-20125
https://notcve.org/view.php?id=CVE-2024-20125
02 Dec 2024 — In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09046782; Issue ID: MSV-1728. In vdec, there is a possible out of bounds write due to a missing bounds check. • https://corp.mediatek.com/product-security-bulletin/December-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 31EXPL: 0CVE-2024-20121
https://notcve.org/view.php?id=CVE-2024-20121
04 Nov 2024 — In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08956986; Issue ID: MSV-1574. • https://corp.mediatek.com/product-security-bulletin/November-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 31EXPL: 0CVE-2024-20120
https://notcve.org/view.php?id=CVE-2024-20120
04 Nov 2024 — In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08956986; Issue ID: MSV-1575. • https://corp.mediatek.com/product-security-bulletin/November-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 67EXPL: 0CVE-2024-20108
https://notcve.org/view.php?id=CVE-2024-20108
04 Nov 2024 — In atci, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09082988; Issue ID: MSV-1774. • https://corp.mediatek.com/product-security-bulletin/November-2024 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20083
https://notcve.org/view.php?id=CVE-2024-20083
14 Aug 2024 — In venc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08810810 / ALPS08805789; Issue ID: MSV-1502. • https://corp.mediatek.com/product-security-bulletin/August-2024 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 21EXPL: 0CVE-2024-20078
https://notcve.org/view.php?id=CVE-2024-20078
01 Jul 2024 — In venc, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08737250; Issue ID: MSV-1452. En venc, existe una posible escritura fuera de los límites debido a una confusión de tipos. • https://corp.mediatek.com/product-security-bulletin/July-2024 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.5EPSS: 1%CPEs: 18EXPL: 0CVE-2024-20076
https://notcve.org/view.php?id=CVE-2024-20076
01 Jul 2024 — In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01297806; Issue ID: MSV-1481. En Modem, existe una posible falla del sistema debido a un manejo incorrecto de errores. • https://corp.mediatek.com/product-security-bulletin/July-2024 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 18EXPL: 0CVE-2024-20077
https://notcve.org/view.php?id=CVE-2024-20077
01 Jul 2024 — In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01297807; Issue ID: MSV-1482. En Modem, existe una posible falla del sistema debido a un manejo incorrecto de errores. • https://corp.mediatek.com/product-security-bulletin/July-2024 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.7EPSS: 0%CPEs: 41EXPL: 0CVE-2024-20021
https://notcve.org/view.php?id=CVE-2024-20021
06 May 2024 — In atf spm, there is a possible way to remap physical memory to virtual memory due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08584568; Issue ID: MSV-1249. En atf spm, existe una forma posible de reasignar la memoria física a la memoria virtual debido a un error lógico. • https://corp.mediatek.com/product-security-bulletin/May-2024 • CWE-269: Improper Privilege Management •