Vendor CVEs
Mediatek
All CVEs
447 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-0623 | 0.00 | — | 0.00 | Nov 18, 2021 | In asf extractor, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID: ALPS05585817. | |||
| CVE-2021-0622 | 0.00 | — | 0.00 | Nov 18, 2021 | In asf extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID: ALPS05561388. | |||
| CVE-2021-0621 | 0.00 | — | 0.00 | Nov 18, 2021 | In asf extractor, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID: ALPS05561383. | |||
| CVE-2021-0619 | 0.00 | — | 0.00 | Nov 18, 2021 | In ape extractor, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561395; Issue ID: ALPS05561395. | |||
| CVE-2021-0662 | 0.00 | — | 0.01 | Oct 25, 2021 | In audio DSP, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05844434; Issue ID: ALPS05844434. | |||
| CVE-2021-0661 | 0.00 | — | 0.01 | Oct 25, 2021 | In audio DSP, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05844413; Issue ID: ALPS05844413. | |||
| CVE-2021-0625 | 0.00 | — | 0.00 | Oct 25, 2021 | In ccu, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05594996; Issue ID: ALPS05594996. | |||
| CVE-2021-0618 | 0.00 | — | 0.00 | Oct 25, 2021 | In ape extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561394; Issue ID: ALPS05561394. | |||
| CVE-2021-0617 | 0.00 | — | 0.00 | Oct 25, 2021 | In ape extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561391; Issue ID: ALPS05561391. | |||
| CVE-2021-0616 | 0.00 | — | 0.00 | Oct 25, 2021 | In ape extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561389; Issue ID: ALPS05561389. | |||
| CVE-2021-0614 | 0.00 | — | 0.00 | Oct 25, 2021 | In asf extractor, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05495528; Issue ID:… | |||
| CVE-2021-0613 | 0.00 | — | 0.00 | Oct 25, 2021 | In asf extractor, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID:… | |||
| CVE-2021-0412 | 0.00 | — | 0.00 | Oct 25, 2021 | In flv extractor, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561366; Issue ID: ALPS05561366. | |||
| CVE-2021-0411 | 0.00 | — | 0.00 | Oct 25, 2021 | In flv extractor, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561362; Issue ID: ALPS05561362. | |||
| CVE-2021-0410 | 0.00 | — | 0.00 | Oct 25, 2021 | In flv extractor, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561360; Issue ID:… | |||
| CVE-2021-0409 | 0.00 | — | 0.00 | Oct 25, 2021 | In flv extractor, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561359; Issue ID:… | |||
| CVE-2021-25476 | 0.00 | — | 0.00 | Oct 6, 2021 | An information disclosure vulnerability in Widevine TA log prior to SMR Oct-2021 Release 1 allows attackers to bypass the ASLR protection mechanism in TEE. | |||
| CVE-2021-25469 | 0.00 | — | 0.00 | Oct 6, 2021 | A possible stack-based buffer overflow vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows arbitrary code execution. | |||
| CVE-2021-0660 | 0.00 | — | 0.00 | Sep 27, 2021 | In ccu, there is a possible out of bounds read due to incorrect error handling. This could lead to information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05827145; Issue ID: ALPS05827145. | |||
| CVE-2021-0612 | 0.00 | — | 0.00 | Sep 27, 2021 | In m4u, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05425834. | |||
| CVE-2021-0611 | 0.00 | — | 0.00 | Sep 27, 2021 | In m4u, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05425810. | |||
| CVE-2021-0423 | 0.00 | — | 0.00 | Sep 27, 2021 | In memory management driver, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID:… | |||
| CVE-2021-32486 | 0.00 | — | 0.02 | Sep 9, 2021 | In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500621; Issue ID: ALPS04964928. | |||
| CVE-2021-0628 | 0.00 | — | 0.00 | Aug 18, 2021 | In OMA DRM, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05722454; Issue ID: ALPS05722454. | |||
| CVE-2021-0627 | 0.00 | — | 0.00 | Aug 18, 2021 | In OMA DRM, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05722434; Issue ID: ALPS05722434. | |||
| CVE-2021-0626 | 0.00 | — | 0.00 | Aug 18, 2021 | In ged, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05687510; Issue ID: ALPS05687510. | |||
| CVE-2021-0418 | 0.00 | — | 0.00 | Aug 18, 2021 | In memory management driver, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID:… | |||
| CVE-2021-0416 | 0.00 | — | 0.00 | Aug 18, 2021 | In memory management driver, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID:… | |||
| CVE-2021-0408 | 0.00 | — | 0.00 | Aug 18, 2021 | In asf extractor, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489195; Issue ID:… | |||
| CVE-2021-0407 | 0.00 | — | 0.00 | Aug 18, 2021 | In clk driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05479659; Issue ID: ALPS05479659. | |||
| CVE-2021-0574 | 0.00 | — | 0.00 | Aug 17, 2021 | In asf extractor, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid… | |||
| CVE-2021-0573 | 0.00 | — | 0.00 | Aug 17, 2021 | In asf extractor, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid… | |||
| CVE-2021-0367 | 0.00 | — | 0.00 | Feb 26, 2021 | In vpu, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch ID:… | |||
| CVE-2021-0348 | 0.00 | — | 0.00 | Feb 4, 2021 | In vpu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-9, Android-10,… | |||
| CVE-2021-0347 | 0.00 | — | 0.00 | Feb 4, 2021 | In ccu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10,… | |||
| CVE-2021-0346 | 0.00 | — | 0.00 | Feb 4, 2021 | In vpu, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch… | |||
| CVE-2021-0345 | 0.00 | — | 0.00 | Feb 4, 2021 | In mobile_log_d, there is a possible escalation of privilege due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10,… | |||
| CVE-2021-0343 | 0.00 | — | 0.00 | Feb 4, 2021 | In kisd, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID:… | |||
| CVE-2021-0353 | 0.00 | — | 0.00 | Feb 2, 2021 | In kisd, there is a possible memory corruption due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05425247. | |||
| CVE-2021-0357 | 0.00 | — | 0.00 | Feb 2, 2021 | In netdiag, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch… | |||
| CVE-2021-0358 | 0.00 | — | 0.00 | Feb 2, 2021 | In netdiag, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11;… | |||
| CVE-2021-0362 | 0.00 | — | 0.00 | Feb 2, 2021 | In aee, there is a possible memory corruption due to a stack buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05457070. | |||
| CVE-2019-18989 | 0.00 | — | 0.01 | Sep 30, 2020 | A partial authentication bypass vulnerability exists on Mediatek MT7620N 1.06 devices. The vulnerability allows sending an unencrypted data frame to a WPA2-protected WLAN router where the packet is routed through the network. If successful, a response is sent back as an… | |||
| CVE-2020-0091 | 0.00 | — | 0.00 | May 14, 2020 | In mnld, an incorrect configuration in driver_cfg of mnld for meta factory mode.Product: AndroidVersions: Android SoCAndroid ID: A-149808700 | |||
| CVE-2019-15027 | 0.00 | — | 0.03 | Aug 14, 2019 | The MediaTek Embedded Multimedia Card (eMMC) subsystem for Android on MT65xx, MT66xx, and MT8163 SoC devices allows attackers to execute arbitrary commands as root via shell metacharacters in a filename under /data, because clear_emmc_nomedia_entry in… | |||
| CVE-2018-11930 | 0.00 | — | 0.01 | May 24, 2019 | Improper input validation on input data which is used to locate and copy the additional IEs in WLAN function can lead to potential integer truncation issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150,… | |||
| CVE-2018-5867 | 0.00 | — | 0.00 | Jan 18, 2019 | Lack of checking input size can lead to buffer overflow In WideVine in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD… |
- CVE-2021-0623Nov 18, 2021risk 0.00cvss —epss 0.00
In asf extractor, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID: ALPS05585817.
- CVE-2021-0622Nov 18, 2021risk 0.00cvss —epss 0.00
In asf extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID: ALPS05561388.
- CVE-2021-0621Nov 18, 2021risk 0.00cvss —epss 0.00
In asf extractor, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID: ALPS05561383.
- CVE-2021-0619Nov 18, 2021risk 0.00cvss —epss 0.00
In ape extractor, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561395; Issue ID: ALPS05561395.
- CVE-2021-0662Oct 25, 2021risk 0.00cvss —epss 0.01
In audio DSP, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05844434; Issue ID: ALPS05844434.
- CVE-2021-0661Oct 25, 2021risk 0.00cvss —epss 0.01
In audio DSP, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05844413; Issue ID: ALPS05844413.
- CVE-2021-0625Oct 25, 2021risk 0.00cvss —epss 0.00
In ccu, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05594996; Issue ID: ALPS05594996.
- CVE-2021-0618Oct 25, 2021risk 0.00cvss —epss 0.00
In ape extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561394; Issue ID: ALPS05561394.
- CVE-2021-0617Oct 25, 2021risk 0.00cvss —epss 0.00
In ape extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561391; Issue ID: ALPS05561391.
- CVE-2021-0616Oct 25, 2021risk 0.00cvss —epss 0.00
In ape extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561389; Issue ID: ALPS05561389.
- CVE-2021-0614Oct 25, 2021risk 0.00cvss —epss 0.00
In asf extractor, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05495528; Issue ID:…
- CVE-2021-0613Oct 25, 2021risk 0.00cvss —epss 0.00
In asf extractor, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID:…
- CVE-2021-0412Oct 25, 2021risk 0.00cvss —epss 0.00
In flv extractor, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561366; Issue ID: ALPS05561366.
- CVE-2021-0411Oct 25, 2021risk 0.00cvss —epss 0.00
In flv extractor, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561362; Issue ID: ALPS05561362.
- CVE-2021-0410Oct 25, 2021risk 0.00cvss —epss 0.00
In flv extractor, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561360; Issue ID:…
- CVE-2021-0409Oct 25, 2021risk 0.00cvss —epss 0.00
In flv extractor, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561359; Issue ID:…
- CVE-2021-25476Oct 6, 2021risk 0.00cvss —epss 0.00
An information disclosure vulnerability in Widevine TA log prior to SMR Oct-2021 Release 1 allows attackers to bypass the ASLR protection mechanism in TEE.
- CVE-2021-25469Oct 6, 2021risk 0.00cvss —epss 0.00
A possible stack-based buffer overflow vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows arbitrary code execution.
- CVE-2021-0660Sep 27, 2021risk 0.00cvss —epss 0.00
In ccu, there is a possible out of bounds read due to incorrect error handling. This could lead to information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05827145; Issue ID: ALPS05827145.
- CVE-2021-0612Sep 27, 2021risk 0.00cvss —epss 0.00
In m4u, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05425834.
- CVE-2021-0611Sep 27, 2021risk 0.00cvss —epss 0.00
In m4u, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05425810.
- CVE-2021-0423Sep 27, 2021risk 0.00cvss —epss 0.00
In memory management driver, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID:…
- CVE-2021-32486Sep 9, 2021risk 0.00cvss —epss 0.02
In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500621; Issue ID: ALPS04964928.
- CVE-2021-0628Aug 18, 2021risk 0.00cvss —epss 0.00
In OMA DRM, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05722454; Issue ID: ALPS05722454.
- CVE-2021-0627Aug 18, 2021risk 0.00cvss —epss 0.00
In OMA DRM, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05722434; Issue ID: ALPS05722434.
- CVE-2021-0626Aug 18, 2021risk 0.00cvss —epss 0.00
In ged, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05687510; Issue ID: ALPS05687510.
- CVE-2021-0418Aug 18, 2021risk 0.00cvss —epss 0.00
In memory management driver, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID:…
- CVE-2021-0416Aug 18, 2021risk 0.00cvss —epss 0.00
In memory management driver, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID:…
- CVE-2021-0408Aug 18, 2021risk 0.00cvss —epss 0.00
In asf extractor, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489195; Issue ID:…
- CVE-2021-0407Aug 18, 2021risk 0.00cvss —epss 0.00
In clk driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05479659; Issue ID: ALPS05479659.
- CVE-2021-0574Aug 17, 2021risk 0.00cvss —epss 0.00
In asf extractor, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid…
- CVE-2021-0573Aug 17, 2021risk 0.00cvss —epss 0.00
In asf extractor, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid…
- CVE-2021-0367Feb 26, 2021risk 0.00cvss —epss 0.00
In vpu, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch ID:…
- CVE-2021-0348Feb 4, 2021risk 0.00cvss —epss 0.00
In vpu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-9, Android-10,…
- CVE-2021-0347Feb 4, 2021risk 0.00cvss —epss 0.00
In ccu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10,…
- CVE-2021-0346Feb 4, 2021risk 0.00cvss —epss 0.00
In vpu, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch…
- CVE-2021-0345Feb 4, 2021risk 0.00cvss —epss 0.00
In mobile_log_d, there is a possible escalation of privilege due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10,…
- CVE-2021-0343Feb 4, 2021risk 0.00cvss —epss 0.00
In kisd, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID:…
- CVE-2021-0353Feb 2, 2021risk 0.00cvss —epss 0.00
In kisd, there is a possible memory corruption due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05425247.
- CVE-2021-0357Feb 2, 2021risk 0.00cvss —epss 0.00
In netdiag, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch…
- CVE-2021-0358Feb 2, 2021risk 0.00cvss —epss 0.00
In netdiag, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11;…
- CVE-2021-0362Feb 2, 2021risk 0.00cvss —epss 0.00
In aee, there is a possible memory corruption due to a stack buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05457070.
- CVE-2019-18989Sep 30, 2020risk 0.00cvss —epss 0.01
A partial authentication bypass vulnerability exists on Mediatek MT7620N 1.06 devices. The vulnerability allows sending an unencrypted data frame to a WPA2-protected WLAN router where the packet is routed through the network. If successful, a response is sent back as an…
- CVE-2020-0091May 14, 2020risk 0.00cvss —epss 0.00
In mnld, an incorrect configuration in driver_cfg of mnld for meta factory mode.Product: AndroidVersions: Android SoCAndroid ID: A-149808700
- CVE-2019-15027Aug 14, 2019risk 0.00cvss —epss 0.03
The MediaTek Embedded Multimedia Card (eMMC) subsystem for Android on MT65xx, MT66xx, and MT8163 SoC devices allows attackers to execute arbitrary commands as root via shell metacharacters in a filename under /data, because clear_emmc_nomedia_entry in…
- CVE-2018-11930May 24, 2019risk 0.00cvss —epss 0.01
Improper input validation on input data which is used to locate and copy the additional IEs in WLAN function can lead to potential integer truncation issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150,…
- CVE-2018-5867Jan 18, 2019risk 0.00cvss —epss 0.00
Lack of checking input size can lead to buffer overflow In WideVine in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD…
Page 9 of 9