VYPR

Widevine

by Mediatek

CVEs (8)

  • CVE-2023-20700May 15, 2023
    risk 0.00cvss epss 0.00

    In widevine, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07643304; Issue ID: ALPS07643304.

  • CVE-2023-20701May 15, 2023
    risk 0.00cvss epss 0.00

    In widevine, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07643270; Issue ID: ALPS07643270.

  • CVE-2022-32596Dec 5, 2022
    risk 0.00cvss epss 0.00

    In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446213; Issue ID: ALPS07446213.

  • CVE-2022-32597Dec 5, 2022
    risk 0.00cvss epss 0.00

    In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446228; Issue ID: ALPS07446228.

  • CVE-2022-32594Dec 5, 2022
    risk 0.00cvss epss 0.00

    In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446207; Issue ID: ALPS07446207.

  • CVE-2021-25476Oct 6, 2021
    risk 0.00cvss epss 0.00

    An information disclosure vulnerability in Widevine TA log prior to SMR Oct-2021 Release 1 allows attackers to bypass the ASLR protection mechanism in TEE.

  • CVE-2021-25469Oct 6, 2021
    risk 0.00cvss epss 0.00

    A possible stack-based buffer overflow vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows arbitrary code execution.

  • CVE-2018-5867Jan 18, 2019
    risk 0.00cvss epss 0.00

    Lack of checking input size can lead to buffer overflow In WideVine in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD…