Total
478 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-20649 | 2 Google, Mediatek | 37 Android, Mt6761, Mt6762 and 34 more | 2025-03-05 | N/A | 4.4 MEDIUM |
|
In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628607; Issue ID: ALPS07628607.
|
|||||
| CVE-2023-20648 | 2 Google, Mediatek | 38 Android, Mt6761, Mt6762 and 35 more | 2025-03-05 | N/A | 4.4 MEDIUM |
|
In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628612; Issue ID: ALPS07628612.
|
|||||
| CVE-2023-20647 | 2 Google, Mediatek | 33 Android, Mt6739, Mt6761 and 30 more | 2025-03-05 | N/A | 4.4 MEDIUM |
|
In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628547; Issue ID: ALPS07628547.
|
|||||
| CVE-2023-20635 | 2 Google, Mediatek | 52 Android, Mt6580, Mt6731 and 49 more | 2025-03-05 | N/A | 4.4 MEDIUM |
|
In keyinstall, there is a possible information disclosure due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07563028; Issue ID: ALPS07563028.
|
|||||
| CVE-2023-20653 | 2 Google, Mediatek | 60 Android, Mt6580, Mt6731 and 57 more | 2025-02-13 | N/A | 6.7 MEDIUM |
|
In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628168; Issue ID: ALPS07589144.
|
|||||
| CVE-2023-20652 | 2 Google, Mediatek | 60 Android, Mt6580, Mt6731 and 57 more | 2025-02-13 | N/A | 6.7 MEDIUM |
|
In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628168; Issue ID: ALPS07589135.
|
|||||
| CVE-2023-20670 | 2 Google, Mediatek | 46 Android, Mt2715, Mt6580 and 43 more | 2025-02-13 | N/A | 6.7 MEDIUM |
|
In audio, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07648710; Issue ID: ALPS07648710.
|
|||||
| CVE-2023-20665 | 2 Google, Mediatek | 42 Android, Mt6739, Mt6761 and 39 more | 2025-02-13 | N/A | 4.4 MEDIUM |
|
In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628604; Issue ID: ALPS07628604.
|
|||||
| CVE-2023-20664 | 2 Google, Mediatek | 53 Android, Mt6580, Mt6735 and 50 more | 2025-02-13 | N/A | 6.7 MEDIUM |
|
In gz, there is a possible double free due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07505952; Issue ID: ALPS07505952.
|
|||||
| CVE-2023-20688 | 2 Google, Mediatek | 72 Android, Mt2715, Mt6580 and 69 more | 2025-02-12 | N/A | 4.4 MEDIUM |
|
In power, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441821; Issue ID: ALPS07441821.
|
|||||
| CVE-2022-32599 | 2 Google, Mediatek | 48 Android, Mt6580, Mt6731 and 45 more | 2025-02-12 | N/A | 6.7 MEDIUM |
|
In rpmb, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07460390; Issue ID: ALPS07460390.
|
|||||
| CVE-2023-20709 | 2 Google, Mediatek | 52 Android, Mt6580, Mt6731 and 49 more | 2025-01-24 | N/A | 4.4 MEDIUM |
|
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07576951; Issue ID: ALPS07576951.
|
|||||
| CVE-2023-20708 | 2 Google, Mediatek | 52 Android, Mt6580, Mt6731 and 49 more | 2025-01-24 | N/A | 6.7 MEDIUM |
|
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07581655; Issue ID: ALPS07581655.
|
|||||
| CVE-2023-20707 | 2 Google, Mediatek | 43 Android, Mt6735, Mt6737 and 40 more | 2025-01-24 | N/A | 6.7 MEDIUM |
|
In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628556; Issue ID: ALPS07628556.
|
|||||
| CVE-2023-20706 | 2 Google, Mediatek | 14 Android, Mt6853, Mt6853t and 11 more | 2025-01-24 | N/A | 5.5 MEDIUM |
|
In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767860; Issue ID: ALPS07767860.
|
|||||
| CVE-2023-20705 | 2 Google, Mediatek | 14 Android, Mt6853, Mt6853t and 11 more | 2025-01-24 | N/A | 5.5 MEDIUM |
|
In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767870; Issue ID: ALPS07767870.
|
|||||
| CVE-2023-20704 | 2 Google, Mediatek | 14 Android, Mt6853, Mt6853t and 11 more | 2025-01-24 | N/A | 5.5 MEDIUM |
|
In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767826; Issue ID: ALPS07767826.
|
|||||
| CVE-2023-20711 | 2 Google, Mediatek | 55 Android, Mt6580, Mt6731 and 52 more | 2025-01-24 | N/A | 4.4 MEDIUM |
|
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07581668; Issue ID: ALPS07581668.
|
|||||
| CVE-2023-20710 | 2 Google, Mediatek | 52 Android, Mt6580, Mt6731 and 49 more | 2025-01-24 | N/A | 4.4 MEDIUM |
|
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07576935; Issue ID: ALPS07576935.
|
|||||
| CVE-2023-20718 | 3 Google, Mediatek, Yoctoproject | 31 Android, Mt6768, Mt6769 and 28 more | 2025-01-24 | N/A | 6.7 MEDIUM |
|
In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645181; Issue ID: ALPS07645181.
|
|||||
| CVE-2023-20717 | 2 Google, Mediatek | 26 Android, Mt6768, Mt6769 and 23 more | 2025-01-24 | N/A | 4.1 MEDIUM |
|
In vcu, there is a possible leak of dma buffer due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645185; Issue ID: ALPS07645185.
|
|||||
| CVE-2023-20703 | 2 Google, Mediatek | 14 Android, Mt6853, Mt6853t and 11 more | 2025-01-24 | N/A | 5.5 MEDIUM |
|
In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767853; Issue ID: ALPS07767853.
|
|||||
| CVE-2023-20701 | 2 Google, Mediatek | 28 Android, Mt6762, Mt6765 and 25 more | 2025-01-24 | N/A | 6.7 MEDIUM |
|
In widevine, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07643270; Issue ID: ALPS07643270.
|
|||||
| CVE-2023-20673 | 2 Google, Mediatek | 43 Android, Iot Yocto, Mt5696 and 40 more | 2025-01-24 | N/A | 6.7 MEDIUM |
|
In vcu, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519103; Issue ID: ALPS07519103.
|
|||||
| CVE-2023-20719 | 2 Google, Mediatek | 27 Android, Mt6580, Mt6739 and 24 more | 2025-01-24 | N/A | 4.4 MEDIUM |
|
In pqframework, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629583; Issue ID: ALPS07629583.
|
|||||
| CVE-2023-20726 | 5 Google, Linuxfoundation, Mediatek and 2 more | 63 Android, Yocto, Mt2731 and 60 more | 2025-01-24 | N/A | 3.3 LOW |
|
In mnld, there is a possible leak of GPS location due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only); Issue ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only).
|
|||||
| CVE-2023-20700 | 2 Google, Mediatek | 28 Android, Mt6762, Mt6765 and 25 more | 2025-01-23 | N/A | 6.7 MEDIUM |
|
In widevine, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07643304; Issue ID: ALPS07643304.
|
|||||
| CVE-2023-20698 | 2 Google, Mediatek | 54 Android, Mt6580, Mt6731 and 51 more | 2025-01-23 | N/A | 4.4 MEDIUM |
|
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589144; Issue ID: ALPS07589144.
|
|||||
| CVE-2023-20697 | 2 Google, Mediatek | 54 Android, Mt6580, Mt6731 and 51 more | 2025-01-23 | N/A | 4.4 MEDIUM |
|
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589148; Issue ID: ALPS07589148.
|
|||||
| CVE-2023-20735 | 3 Google, Linuxfoundation, Mediatek | 49 Android, Iot-yocto, Yocto and 46 more | 2025-01-08 | N/A | 6.7 MEDIUM |
|
In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645178.
|
|||||
| CVE-2023-20734 | 3 Google, Linuxfoundation, Mediatek | 41 Android, Iot-yocto, Yocto and 38 more | 2025-01-08 | N/A | 6.7 MEDIUM |
|
In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645184.
|
|||||
| CVE-2023-20733 | 3 Google, Linuxfoundation, Mediatek | 23 Android, Iot-yocto, Yocto and 20 more | 2025-01-08 | N/A | 6.7 MEDIUM |
|
In vcu, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645149.
|
|||||
| CVE-2023-20732 | 3 Google, Linuxfoundation, Mediatek | 46 Android, Yocto, Mt6761 and 43 more | 2025-01-08 | N/A | 6.7 MEDIUM |
|
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573480; Issue ID: ALPS07573480.
|
|||||
| CVE-2023-20731 | 3 Google, Linuxfoundation, Mediatek | 46 Android, Yocto, Mt6761 and 43 more | 2025-01-08 | N/A | 4.4 MEDIUM |
|
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573495; Issue ID: ALPS07573495.
|
|||||
| CVE-2023-20739 | 2 Google, Mediatek | 48 Android, Mt6735, Mt6737 and 45 more | 2025-01-07 | N/A | 6.7 MEDIUM |
|
In vcu, there is a possible memory corruption due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07559819; Issue ID: ALPS07559819.
|
|||||
| CVE-2023-20738 | 3 Google, Linuxfoundation, Mediatek | 49 Android, Iot-yocto, Yocto and 46 more | 2025-01-07 | N/A | 6.7 MEDIUM |
|
In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645173.
|
|||||
| CVE-2023-20737 | 3 Google, Linuxfoundation, Mediatek | 23 Android, Iot-yocto, Yocto and 20 more | 2025-01-07 | N/A | 6.7 MEDIUM |
|
In vcu, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645167.
|
|||||
| CVE-2023-20736 | 3 Google, Linuxfoundation, Mediatek | 23 Android, Iot-yocto, Yocto and 20 more | 2025-01-07 | N/A | 6.4 MEDIUM |
|
In vcu, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645189.
|
|||||
| CVE-2023-20742 | 2 Google, Mediatek | 48 Android, Mt6735, Mt6737 and 45 more | 2025-01-07 | N/A | 4.4 MEDIUM |
|
In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628591; Issue ID: ALPS07628540.
|
|||||
| CVE-2023-20741 | 2 Google, Mediatek | 48 Android, Mt6735, Mt6737 and 45 more | 2025-01-07 | N/A | 4.4 MEDIUM |
|
In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628591; Issue ID: ALPS07628606.
|
|||||