CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20116
https://notcve.org/view.php?id=CVE-2024-20116
02 Dec 2024 — In cmdq, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09057438; Issue ID: MSV-1696. • https://corp.mediatek.com/product-security-bulletin/December-2024 • CWE-125: Out-of-bounds Read •
CVSS: 6.7EPSS: 0%CPEs: 45EXPL: 0CVE-2024-20125
https://notcve.org/view.php?id=CVE-2024-20125
02 Dec 2024 — In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09046782; Issue ID: MSV-1728. In vdec, there is a possible out of bounds write due to a missing bounds check. • https://corp.mediatek.com/product-security-bulletin/December-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 31EXPL: 0CVE-2024-20121
https://notcve.org/view.php?id=CVE-2024-20121
04 Nov 2024 — In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08956986; Issue ID: MSV-1574. • https://corp.mediatek.com/product-security-bulletin/November-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 31EXPL: 0CVE-2024-20120
https://notcve.org/view.php?id=CVE-2024-20120
04 Nov 2024 — In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08956986; Issue ID: MSV-1575. • https://corp.mediatek.com/product-security-bulletin/November-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 67EXPL: 0CVE-2024-20108
https://notcve.org/view.php?id=CVE-2024-20108
04 Nov 2024 — In atci, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09082988; Issue ID: MSV-1774. • https://corp.mediatek.com/product-security-bulletin/November-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 19EXPL: 0CVE-2024-20098
https://notcve.org/view.php?id=CVE-2024-20098
07 Oct 2024 — In power, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08996886; Issue ID: MSV-1626. • https://corp.mediatek.com/product-security-bulletin/October-2024 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20083
https://notcve.org/view.php?id=CVE-2024-20083
14 Aug 2024 — In venc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08810810 / ALPS08805789; Issue ID: MSV-1502. • https://corp.mediatek.com/product-security-bulletin/August-2024 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 21EXPL: 0CVE-2024-20078
https://notcve.org/view.php?id=CVE-2024-20078
01 Jul 2024 — In venc, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08737250; Issue ID: MSV-1452. En venc, existe una posible escritura fuera de los límites debido a una confusión de tipos. • https://corp.mediatek.com/product-security-bulletin/July-2024 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.5EPSS: 1%CPEs: 18EXPL: 0CVE-2024-20076
https://notcve.org/view.php?id=CVE-2024-20076
01 Jul 2024 — In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01297806; Issue ID: MSV-1481. En Modem, existe una posible falla del sistema debido a un manejo incorrecto de errores. • https://corp.mediatek.com/product-security-bulletin/July-2024 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 18EXPL: 0CVE-2024-20077
https://notcve.org/view.php?id=CVE-2024-20077
01 Jul 2024 — In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01297807; Issue ID: MSV-1482. En Modem, existe una posible falla del sistema debido a un manejo incorrecto de errores. • https://corp.mediatek.com/product-security-bulletin/July-2024 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •