VYPR

Vendor CVEs

Mediatek

All CVEs

447 total · sorted by risk
  • CVE-2021-0623Nov 18, 2021
    risk 0.00cvss epss 0.00

    In asf extractor, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID: ALPS05585817.

  • CVE-2021-0622Nov 18, 2021
    risk 0.00cvss epss 0.00

    In asf extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID: ALPS05561388.

  • CVE-2021-0621Nov 18, 2021
    risk 0.00cvss epss 0.00

    In asf extractor, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID: ALPS05561383.

  • CVE-2021-0619Nov 18, 2021
    risk 0.00cvss epss 0.00

    In ape extractor, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561395; Issue ID: ALPS05561395.

  • CVE-2021-0662Oct 25, 2021
    risk 0.00cvss epss 0.01

    In audio DSP, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05844434; Issue ID: ALPS05844434.

  • CVE-2021-0661Oct 25, 2021
    risk 0.00cvss epss 0.01

    In audio DSP, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05844413; Issue ID: ALPS05844413.

  • CVE-2021-0625Oct 25, 2021
    risk 0.00cvss epss 0.00

    In ccu, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05594996; Issue ID: ALPS05594996.

  • CVE-2021-0618Oct 25, 2021
    risk 0.00cvss epss 0.00

    In ape extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561394; Issue ID: ALPS05561394.

  • CVE-2021-0617Oct 25, 2021
    risk 0.00cvss epss 0.00

    In ape extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561391; Issue ID: ALPS05561391.

  • CVE-2021-0616Oct 25, 2021
    risk 0.00cvss epss 0.00

    In ape extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561389; Issue ID: ALPS05561389.

  • CVE-2021-0614Oct 25, 2021
    risk 0.00cvss epss 0.00

    In asf extractor, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05495528; Issue ID:…

  • CVE-2021-0613Oct 25, 2021
    risk 0.00cvss epss 0.00

    In asf extractor, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID:…

  • CVE-2021-0412Oct 25, 2021
    risk 0.00cvss epss 0.00

    In flv extractor, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561366; Issue ID: ALPS05561366.

  • CVE-2021-0411Oct 25, 2021
    risk 0.00cvss epss 0.00

    In flv extractor, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561362; Issue ID: ALPS05561362.

  • CVE-2021-0410Oct 25, 2021
    risk 0.00cvss epss 0.00

    In flv extractor, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561360; Issue ID:…

  • CVE-2021-0409Oct 25, 2021
    risk 0.00cvss epss 0.00

    In flv extractor, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561359; Issue ID:…

  • CVE-2021-25476Oct 6, 2021
    risk 0.00cvss epss 0.00

    An information disclosure vulnerability in Widevine TA log prior to SMR Oct-2021 Release 1 allows attackers to bypass the ASLR protection mechanism in TEE.

  • CVE-2021-25469Oct 6, 2021
    risk 0.00cvss epss 0.00

    A possible stack-based buffer overflow vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows arbitrary code execution.

  • CVE-2021-0660Sep 27, 2021
    risk 0.00cvss epss 0.00

    In ccu, there is a possible out of bounds read due to incorrect error handling. This could lead to information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05827145; Issue ID: ALPS05827145.

  • CVE-2021-0612Sep 27, 2021
    risk 0.00cvss epss 0.00

    In m4u, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05425834.

  • CVE-2021-0611Sep 27, 2021
    risk 0.00cvss epss 0.00

    In m4u, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05425810.

  • CVE-2021-0423Sep 27, 2021
    risk 0.00cvss epss 0.00

    In memory management driver, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID:…

  • CVE-2021-32486Sep 9, 2021
    risk 0.00cvss epss 0.02

    In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500621; Issue ID: ALPS04964928.

  • CVE-2021-0628Aug 18, 2021
    risk 0.00cvss epss 0.00

    In OMA DRM, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05722454; Issue ID: ALPS05722454.

  • CVE-2021-0627Aug 18, 2021
    risk 0.00cvss epss 0.00

    In OMA DRM, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05722434; Issue ID: ALPS05722434.

  • CVE-2021-0626Aug 18, 2021
    risk 0.00cvss epss 0.00

    In ged, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05687510; Issue ID: ALPS05687510.

  • CVE-2021-0418Aug 18, 2021
    risk 0.00cvss epss 0.00

    In memory management driver, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID:…

  • CVE-2021-0416Aug 18, 2021
    risk 0.00cvss epss 0.00

    In memory management driver, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID:…

  • CVE-2021-0408Aug 18, 2021
    risk 0.00cvss epss 0.00

    In asf extractor, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489195; Issue ID:…

  • CVE-2021-0407Aug 18, 2021
    risk 0.00cvss epss 0.00

    In clk driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05479659; Issue ID: ALPS05479659.

  • CVE-2021-0574Aug 17, 2021
    risk 0.00cvss epss 0.00

    In asf extractor, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid…

  • CVE-2021-0573Aug 17, 2021
    risk 0.00cvss epss 0.00

    In asf extractor, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid…

  • CVE-2021-0367Feb 26, 2021
    risk 0.00cvss epss 0.00

    In vpu, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch ID:…

  • CVE-2021-0348Feb 4, 2021
    risk 0.00cvss epss 0.00

    In vpu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-9, Android-10,…

  • CVE-2021-0347Feb 4, 2021
    risk 0.00cvss epss 0.00

    In ccu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10,…

  • CVE-2021-0346Feb 4, 2021
    risk 0.00cvss epss 0.00

    In vpu, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch…

  • CVE-2021-0345Feb 4, 2021
    risk 0.00cvss epss 0.00

    In mobile_log_d, there is a possible escalation of privilege due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10,…

  • CVE-2021-0343Feb 4, 2021
    risk 0.00cvss epss 0.00

    In kisd, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID:…

  • CVE-2021-0353Feb 2, 2021
    risk 0.00cvss epss 0.00

    In kisd, there is a possible memory corruption due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05425247.

  • CVE-2021-0357Feb 2, 2021
    risk 0.00cvss epss 0.00

    In netdiag, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch…

  • CVE-2021-0358Feb 2, 2021
    risk 0.00cvss epss 0.00

    In netdiag, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11;…

  • CVE-2021-0362Feb 2, 2021
    risk 0.00cvss epss 0.00

    In aee, there is a possible memory corruption due to a stack buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05457070.

  • CVE-2019-18989Sep 30, 2020
    risk 0.00cvss epss 0.01

    A partial authentication bypass vulnerability exists on Mediatek MT7620N 1.06 devices. The vulnerability allows sending an unencrypted data frame to a WPA2-protected WLAN router where the packet is routed through the network. If successful, a response is sent back as an…

  • CVE-2020-0091May 14, 2020
    risk 0.00cvss epss 0.00

    In mnld, an incorrect configuration in driver_cfg of mnld for meta factory mode.Product: AndroidVersions: Android SoCAndroid ID: A-149808700

  • CVE-2019-15027Aug 14, 2019
    risk 0.00cvss epss 0.03

    The MediaTek Embedded Multimedia Card (eMMC) subsystem for Android on MT65xx, MT66xx, and MT8163 SoC devices allows attackers to execute arbitrary commands as root via shell metacharacters in a filename under /data, because clear_emmc_nomedia_entry in…

  • CVE-2018-11930May 24, 2019
    risk 0.00cvss epss 0.01

    Improper input validation on input data which is used to locate and copy the additional IEs in WLAN function can lead to potential integer truncation issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150,…

  • CVE-2018-5867Jan 18, 2019
    risk 0.00cvss epss 0.00

    Lack of checking input size can lead to buffer overflow In WideVine in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD…

Page 9 of 9