Total
45 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-20743 | 2 Google, Mediatek | 54 Android, Mt2718, Mt6761 and 51 more | 2025-11-05 | N/A | 4.2 MEDIUM |
|
In clkdbg, there is a possible escalation of privilege due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10136671; Issue ID: MSV-4651.
|
|||||
| CVE-2025-20722 | 4 Google, Mediatek, Openwrt and 1 more | 19 Android, Mt6835, Mt6878 and 16 more | 2025-10-15 | N/A | 5.5 MEDIUM |
|
In gnss driver, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09920036; Issue ID: MSV-3798.
|
|||||
| CVE-2025-20723 | 2 Google, Mediatek | 15 Android, Mt6835, Mt6878 and 12 more | 2025-10-15 | N/A | 7.8 HIGH |
|
In gnss driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09920033; Issue ID: MSV-3797.
|
|||||
| CVE-2025-20697 | 2 Google, Mediatek | 29 Android, Mt2718, Mt6761 and 26 more | 2025-08-18 | N/A | 6.7 MEDIUM |
|
In Power HAL, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09915681; Issue ID: MSV-3795.
|
|||||
| CVE-2025-20698 | 2 Google, Mediatek | 40 Android, Mt2718, Mt6739 and 37 more | 2025-08-18 | N/A | 6.7 MEDIUM |
|
In Power HAL, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09915400; Issue ID: MSV-3793.
|
|||||