Vendor CVEs
Mediatek
All CVEs
447 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-20697 | 0.00 | — | 0.00 | May 15, 2023 | In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589148; Issue ID: ALPS07589148. | |||
| CVE-2023-20708 | 0.00 | — | 0.00 | May 15, 2023 | In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07581655; Issue ID: ALPS07581655. | |||
| CVE-2023-20698 | 0.00 | — | 0.00 | May 15, 2023 | In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589144; Issue ID: ALPS07589144. | |||
| CVE-2023-20722 | 0.00 | — | 0.00 | May 15, 2023 | In m4u, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07771518; Issue ID: ALPS07680084. | |||
| CVE-2023-20709 | 0.00 | — | 0.00 | May 15, 2023 | In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07576951; Issue ID: ALPS07576951. | |||
| CVE-2023-20710 | 0.00 | — | 0.00 | May 15, 2023 | In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07576935; Issue ID: ALPS07576935. | |||
| CVE-2022-40505 | 0.00 | — | 0.00 | May 2, 2023 | Information disclosure due to buffer over-read in Modem while parsing DNS hostname. | |||
| CVE-2022-33304 | 0.00 | — | 0.00 | May 2, 2023 | Transient DOS due to NULL pointer dereference in Modem while performing pullup for received TCP/UDP packet. | |||
| CVE-2023-20654 | 0.00 | — | 0.00 | Apr 6, 2023 | In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628168; Issue ID: ALPS07589148. | |||
| CVE-2023-20685 | 0.00 | — | 0.00 | Apr 6, 2023 | In vdec, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07608575; Issue ID: ALPS07608575. | |||
| CVE-2023-20657 | 0.00 | — | 0.00 | Apr 6, 2023 | In mtee, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07571485; Issue ID: ALPS07571485. | |||
| CVE-2023-20676 | 0.00 | — | 0.00 | Apr 6, 2023 | In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588569; Issue ID: ALPS07628518. | |||
| CVE-2023-20677 | 0.00 | — | 0.00 | Apr 6, 2023 | In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588413; Issue ID: ALPS07588436. | |||
| CVE-2023-20684 | 0.00 | — | 0.00 | Apr 6, 2023 | In vdec, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07671069; Issue ID: ALPS07671069. | |||
| CVE-2023-20658 | 0.00 | — | 0.00 | Apr 6, 2023 | In isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07537393; Issue ID: ALPS07180396. | |||
| CVE-2023-20687 | 0.00 | — | 0.00 | Apr 6, 2023 | In display drm, there is a possible double free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07570772; Issue ID: ALPS07570772. | |||
| CVE-2023-20681 | 0.00 | — | 0.00 | Apr 6, 2023 | In adsp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07696134; Issue ID: ALPS07696134. | |||
| CVE-2023-20680 | 0.00 | — | 0.00 | Apr 6, 2023 | In adsp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664785; Issue ID: ALPS07664785. | |||
| CVE-2023-20655 | 0.00 | — | 0.00 | Apr 6, 2023 | In mmsdk, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07203022; Issue ID: ALPS07203022. | |||
| CVE-2023-20653 | 0.00 | — | 0.00 | Apr 6, 2023 | In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628168; Issue ID: ALPS07589144. | |||
| CVE-2022-33298 | 0.00 | — | 0.00 | Apr 4, 2023 | Memory corruption due to use after free in Modem while modem initialization. | |||
| CVE-2022-33294 | 0.00 | — | 0.00 | Apr 4, 2023 | Transient DOS in Modem due to NULL pointer dereference while receiving response of lwm2m registration/update/bootstrap request message. | |||
| CVE-2022-33287 | 0.00 | — | 0.00 | Apr 4, 2023 | Information disclosure in Modem due to buffer over-read while getting length of Unfragmented headers in an IPv6 packet. | |||
| CVE-2022-33259 | 0.00 | — | 0.00 | Apr 4, 2023 | Memory corruption due to buffer copy without checking the size of input in modem while decoding raw SMS received. | |||
| CVE-2022-33258 | 0.00 | — | 0.00 | Apr 4, 2023 | Information disclosure due to buffer over-read in modem while reading configuration parameters. | |||
| CVE-2022-33211 | 0.00 | — | 0.00 | Apr 4, 2023 | memory corruption in modem due to improper check while calculating size of serialized CoAP message | |||
| CVE-2022-25747 | 0.00 | — | 0.00 | Apr 4, 2023 | Information disclosure in modem due to improper input validation during parsing of upcoming CoAP message | |||
| CVE-2022-25740 | 0.00 | — | 0.00 | Apr 4, 2023 | Memory corruption in modem due to buffer overwrite while building an IPv6 multicast address based on the MAC address of the iface | |||
| CVE-2022-25731 | 0.00 | — | 0.00 | Apr 4, 2023 | Information disclosure in modem due to buffer over-read while processing packets from DNS server | |||
| CVE-2022-40531 | 0.00 | — | 0.00 | Mar 7, 2023 | Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message. | |||
| CVE-2022-33254 | 0.00 | — | 0.00 | Mar 7, 2023 | Transient DOS due to reachable assertion in Modem while processing SIB1 Message. | |||
| CVE-2022-25709 | 0.00 | — | 0.00 | Mar 7, 2023 | Memory corruption in modem due to use of out of range pointer offset while processing qmi msg | |||
| CVE-2022-25694 | 0.00 | — | 0.00 | Mar 7, 2023 | Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM | |||
| CVE-2023-20626 | 0.00 | — | 0.00 | Mar 7, 2023 | In msdc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07405223; Issue ID: ALPS07405223. | |||
| CVE-2023-20620 | 0.00 | — | 0.00 | Mar 7, 2023 | In adsp, there is a possible escalation of privilege due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07554558; Issue ID: ALPS07554558. | |||
| CVE-2023-20651 | 0.00 | — | 0.00 | Mar 7, 2023 | In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629576; Issue ID: ALPS07629576. | |||
| CVE-2023-20621 | 0.00 | — | 0.00 | Mar 7, 2023 | In tinysys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664755; Issue ID: ALPS07664755. | |||
| CVE-2023-20627 | 0.00 | — | 0.00 | Mar 7, 2023 | In pqframework, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629585; Issue ID: ALPS07629585. | |||
| CVE-2023-20623 | 0.00 | — | 0.00 | Mar 7, 2023 | In ion, there is a possible escalation of privilege due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07559778; Issue ID: ALPS07559778. | |||
| CVE-2023-20628 | 0.00 | — | 0.00 | Mar 7, 2023 | In thermal, there is a possible memory corruption due to an uncaught exception. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494460; Issue ID: ALPS07494460. | |||
| CVE-2022-25735 | 0.00 | — | 0.00 | Feb 9, 2023 | Denial of service in modem due to missing null check while processing TCP or UDP packets from server | |||
| CVE-2023-20602 | 0.00 | — | 0.00 | Feb 6, 2023 | In ged, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494107; Issue ID: ALPS07494107. | |||
| CVE-2023-20605 | 0.00 | — | 0.00 | Feb 6, 2023 | In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07550104; Issue ID: ALPS07550104. | |||
| CVE-2023-20606 | 0.00 | — | 0.00 | Feb 6, 2023 | In apusys, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07571104; Issue ID: ALPS07571104. | |||
| CVE-2023-20609 | 0.00 | — | 0.00 | Feb 6, 2023 | In ccu, there is a possible out of bounds read due to a logic error. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07570864; Issue ID: ALPS07570864. | |||
| CVE-2023-20608 | 0.00 | — | 0.00 | Feb 6, 2023 | In display drm, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363599; Issue ID: ALPS07363599. | |||
| CVE-2023-20607 | 0.00 | — | 0.00 | Feb 6, 2023 | In ccu, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07512839; Issue ID: ALPS07512839. | |||
| CVE-2023-20616 | 0.00 | — | 0.00 | Feb 6, 2023 | In ion, there is a possible out of bounds read due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560720; Issue ID: ALPS07560720. | |||
| CVE-2022-32639 | 0.00 | — | 0.00 | Jan 3, 2023 | In watchdog, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494487; Issue ID: ALPS07494487. | |||
| CVE-2022-32650 | 0.00 | — | 0.00 | Jan 3, 2023 | In mtk-isp, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07225853; Issue ID: ALPS07225853. |
- CVE-2023-20697May 15, 2023risk 0.00cvss —epss 0.00
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589148; Issue ID: ALPS07589148.
- CVE-2023-20708May 15, 2023risk 0.00cvss —epss 0.00
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07581655; Issue ID: ALPS07581655.
- CVE-2023-20698May 15, 2023risk 0.00cvss —epss 0.00
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589144; Issue ID: ALPS07589144.
- CVE-2023-20722May 15, 2023risk 0.00cvss —epss 0.00
In m4u, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07771518; Issue ID: ALPS07680084.
- CVE-2023-20709May 15, 2023risk 0.00cvss —epss 0.00
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07576951; Issue ID: ALPS07576951.
- CVE-2023-20710May 15, 2023risk 0.00cvss —epss 0.00
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07576935; Issue ID: ALPS07576935.
- CVE-2022-40505May 2, 2023risk 0.00cvss —epss 0.00
Information disclosure due to buffer over-read in Modem while parsing DNS hostname.
- CVE-2022-33304May 2, 2023risk 0.00cvss —epss 0.00
Transient DOS due to NULL pointer dereference in Modem while performing pullup for received TCP/UDP packet.
- CVE-2023-20654Apr 6, 2023risk 0.00cvss —epss 0.00
In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628168; Issue ID: ALPS07589148.
- CVE-2023-20685Apr 6, 2023risk 0.00cvss —epss 0.00
In vdec, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07608575; Issue ID: ALPS07608575.
- CVE-2023-20657Apr 6, 2023risk 0.00cvss —epss 0.00
In mtee, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07571485; Issue ID: ALPS07571485.
- CVE-2023-20676Apr 6, 2023risk 0.00cvss —epss 0.00
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588569; Issue ID: ALPS07628518.
- CVE-2023-20677Apr 6, 2023risk 0.00cvss —epss 0.00
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588413; Issue ID: ALPS07588436.
- CVE-2023-20684Apr 6, 2023risk 0.00cvss —epss 0.00
In vdec, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07671069; Issue ID: ALPS07671069.
- CVE-2023-20658Apr 6, 2023risk 0.00cvss —epss 0.00
In isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07537393; Issue ID: ALPS07180396.
- CVE-2023-20687Apr 6, 2023risk 0.00cvss —epss 0.00
In display drm, there is a possible double free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07570772; Issue ID: ALPS07570772.
- CVE-2023-20681Apr 6, 2023risk 0.00cvss —epss 0.00
In adsp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07696134; Issue ID: ALPS07696134.
- CVE-2023-20680Apr 6, 2023risk 0.00cvss —epss 0.00
In adsp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664785; Issue ID: ALPS07664785.
- CVE-2023-20655Apr 6, 2023risk 0.00cvss —epss 0.00
In mmsdk, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07203022; Issue ID: ALPS07203022.
- CVE-2023-20653Apr 6, 2023risk 0.00cvss —epss 0.00
In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628168; Issue ID: ALPS07589144.
- CVE-2022-33298Apr 4, 2023risk 0.00cvss —epss 0.00
Memory corruption due to use after free in Modem while modem initialization.
- CVE-2022-33294Apr 4, 2023risk 0.00cvss —epss 0.00
Transient DOS in Modem due to NULL pointer dereference while receiving response of lwm2m registration/update/bootstrap request message.
- CVE-2022-33287Apr 4, 2023risk 0.00cvss —epss 0.00
Information disclosure in Modem due to buffer over-read while getting length of Unfragmented headers in an IPv6 packet.
- CVE-2022-33259Apr 4, 2023risk 0.00cvss —epss 0.00
Memory corruption due to buffer copy without checking the size of input in modem while decoding raw SMS received.
- CVE-2022-33258Apr 4, 2023risk 0.00cvss —epss 0.00
Information disclosure due to buffer over-read in modem while reading configuration parameters.
- CVE-2022-33211Apr 4, 2023risk 0.00cvss —epss 0.00
memory corruption in modem due to improper check while calculating size of serialized CoAP message
- CVE-2022-25747Apr 4, 2023risk 0.00cvss —epss 0.00
Information disclosure in modem due to improper input validation during parsing of upcoming CoAP message
- CVE-2022-25740Apr 4, 2023risk 0.00cvss —epss 0.00
Memory corruption in modem due to buffer overwrite while building an IPv6 multicast address based on the MAC address of the iface
- CVE-2022-25731Apr 4, 2023risk 0.00cvss —epss 0.00
Information disclosure in modem due to buffer over-read while processing packets from DNS server
- CVE-2022-40531Mar 7, 2023risk 0.00cvss —epss 0.00
Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.
- CVE-2022-33254Mar 7, 2023risk 0.00cvss —epss 0.00
Transient DOS due to reachable assertion in Modem while processing SIB1 Message.
- CVE-2022-25709Mar 7, 2023risk 0.00cvss —epss 0.00
Memory corruption in modem due to use of out of range pointer offset while processing qmi msg
- CVE-2022-25694Mar 7, 2023risk 0.00cvss —epss 0.00
Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM
- CVE-2023-20626Mar 7, 2023risk 0.00cvss —epss 0.00
In msdc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07405223; Issue ID: ALPS07405223.
- CVE-2023-20620Mar 7, 2023risk 0.00cvss —epss 0.00
In adsp, there is a possible escalation of privilege due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07554558; Issue ID: ALPS07554558.
- CVE-2023-20651Mar 7, 2023risk 0.00cvss —epss 0.00
In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629576; Issue ID: ALPS07629576.
- CVE-2023-20621Mar 7, 2023risk 0.00cvss —epss 0.00
In tinysys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664755; Issue ID: ALPS07664755.
- CVE-2023-20627Mar 7, 2023risk 0.00cvss —epss 0.00
In pqframework, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629585; Issue ID: ALPS07629585.
- CVE-2023-20623Mar 7, 2023risk 0.00cvss —epss 0.00
In ion, there is a possible escalation of privilege due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07559778; Issue ID: ALPS07559778.
- CVE-2023-20628Mar 7, 2023risk 0.00cvss —epss 0.00
In thermal, there is a possible memory corruption due to an uncaught exception. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494460; Issue ID: ALPS07494460.
- CVE-2022-25735Feb 9, 2023risk 0.00cvss —epss 0.00
Denial of service in modem due to missing null check while processing TCP or UDP packets from server
- CVE-2023-20602Feb 6, 2023risk 0.00cvss —epss 0.00
In ged, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494107; Issue ID: ALPS07494107.
- CVE-2023-20605Feb 6, 2023risk 0.00cvss —epss 0.00
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07550104; Issue ID: ALPS07550104.
- CVE-2023-20606Feb 6, 2023risk 0.00cvss —epss 0.00
In apusys, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07571104; Issue ID: ALPS07571104.
- CVE-2023-20609Feb 6, 2023risk 0.00cvss —epss 0.00
In ccu, there is a possible out of bounds read due to a logic error. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07570864; Issue ID: ALPS07570864.
- CVE-2023-20608Feb 6, 2023risk 0.00cvss —epss 0.00
In display drm, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363599; Issue ID: ALPS07363599.
- CVE-2023-20607Feb 6, 2023risk 0.00cvss —epss 0.00
In ccu, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07512839; Issue ID: ALPS07512839.
- CVE-2023-20616Feb 6, 2023risk 0.00cvss —epss 0.00
In ion, there is a possible out of bounds read due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560720; Issue ID: ALPS07560720.
- CVE-2022-32639Jan 3, 2023risk 0.00cvss —epss 0.00
In watchdog, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494487; Issue ID: ALPS07494487.
- CVE-2022-32650Jan 3, 2023risk 0.00cvss —epss 0.00
In mtk-isp, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07225853; Issue ID: ALPS07225853.
Page 5 of 9