Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2019-9443

Summary
Assigner-google_android
Assigner Org ID-baff130e-b8d5-4e15-b3d3-c3cf5d5545c6
Published At-06 Sep, 2019 | 21:47
Updated At-04 Aug, 2024 | 21:46
Rejected At-
Credits

In the Android kernel in the vl53L0 driver there is a possible out of bounds write due to a permissions bypass. This could lead to local escalation of privilege due to a set_fs() call without restoring the previous limit with System execution privileges needed. User interaction is not needed for exploitation.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:google_android
Assigner Org ID:baff130e-b8d5-4e15-b3d3-c3cf5d5545c6
Published At:06 Sep, 2019 | 21:47
Updated At:04 Aug, 2024 | 21:46
Rejected At:
▼CVE Numbering Authority (CNA)

In the Android kernel in the vl53L0 driver there is a possible out of bounds write due to a permissions bypass. This could lead to local escalation of privilege due to a set_fs() call without restoring the previous limit with System execution privileges needed. User interaction is not needed for exploitation.

Affected Products
Vendor
n/a
Product
Android
Versions
Affected
  • Android kernel
Problem Types
TypeCWE IDDescription
textN/AElevation of privilege
Type: text
CWE ID: N/A
Description: Elevation of privilege
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://source.android.com/security/bulletin/pixel/2019-09-01
x_refsource_MISC
Hyperlink: https://source.android.com/security/bulletin/pixel/2019-09-01
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://source.android.com/security/bulletin/pixel/2019-09-01
x_refsource_MISC
x_transferred
Hyperlink: https://source.android.com/security/bulletin/pixel/2019-09-01
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security@android.com
Published At:06 Sep, 2019 | 22:15
Updated At:24 Aug, 2020 | 17:37

In the Android kernel in the vl53L0 driver there is a possible out of bounds write due to a permissions bypass. This could lead to local escalation of privilege due to a set_fs() call without restoring the previous limit with System execution privileges needed. User interaction is not needed for exploitation.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.16.7MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Primary2.04.6MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.1
Base score: 6.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 4.6
Base severity: MEDIUM
Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
Google LLC
google
>>android>>-
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-269Primarynvd@nist.gov
CWE-787Primarynvd@nist.gov
CWE ID: CWE-269
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-787
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://source.android.com/security/bulletin/pixel/2019-09-01security@android.com
Vendor Advisory
Hyperlink: https://source.android.com/security/bulletin/pixel/2019-09-01
Source: security@android.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

3327Records found
CVE-2022-32636
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.14%
||
7 Day CHG~0.00%
Published-03 Jan, 2023 | 00:00
Updated-10 Apr, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In keyinstall, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07510064; Issue ID: ALPS07510064.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt8789mt8766androidmt6855mt6757mt8797mt6789mt6580mt8321mt6885mt6883mt6757cmt6781mt6873mt6768mt6853tmt6757chmt6761mt6891mt6895mt8768mt8667mt6737mt6833mt6889mt6731mt8185mt6769mt6893mt8765mt6771mt6757cdmt6877mt6879mt6983mt6785mt8666mt8786mt6763mt6739mt6762mt8791mt6779mt6735mt6875mt8385mt6765mt8788mt8791tmt6753mt6853MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8666, MT8667, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32597
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 5.44%
||
7 Day CHG~0.00%
Published-05 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446228; Issue ID: ALPS07446228.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6879mt6883mt8788mt6765mt8768mt6877mt6891mt6853tmt8781mt8385mt6785mt6885mt6853mt6893mt6895mt8766mt6855mt6873mt6768mt8791mt8797mt6769mt6789androidmt6833mt8786mt6889mt6762mt6875mt6779mt8765mt8789mt6781MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT8385, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32599
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.56%
||
7 Day CHG~0.00%
Published-06 Apr, 2023 | 00:00
Updated-12 Feb, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In rpmb, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07460390; Issue ID: ALPS07460390.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-androidmt6757cdmt6769mt6889mt6883mt6853tmt8781mt6739mt8771mt6877mt6757cmt6833mt8786mt6757mt6761mt6753mt6789mt6763mt6853mt8321mt8385mt6879mt8765mt8185mt8788mt6771mt6983mt6765mt6785mt8768mt8789mt6895mt6580mt6737mt6781mt6731mt6893mt8766mt6891mt6873mt6735mt6875mt6762mt6779mt6855mt6757chmt6885mt6768MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32611
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 5.45%
||
7 Day CHG~0.00%
Published-08 Nov, 2022 | 00:00
Updated-01 May, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07340373; Issue ID: ALPS07340373.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6983androidmt6895mt6879MT6879, MT6895, MT6983
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32626
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.14%
||
7 Day CHG~0.00%
Published-05 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07326239; Issue ID: ALPS07326239.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6879mt6855mt8365mt6883mt6873mt6765mt6768mt6877mt8791mt8781mt6983mt6789mt6781androidmt6785mt6833mt6889mt6885mt6779mt8168mt6853mt6893mt6895mt6761mt8766MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8168, MT8365, MT8766, MT8781, MT8791
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0977
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.85%
||
7 Day CHG~0.00%
Published-15 Dec, 2021 | 18:06
Updated-03 Aug, 2024 | 15:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In phNxpNHal_DtaUpdate of phNxpNciHal_dta.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-183487770

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0662
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.68%
||
7 Day CHG~0.00%
Published-25 Oct, 2021 | 13:18
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In audio DSP, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05844434; Issue ID: ALPS05844434.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidMT6779, MT6781, MT6785, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32620
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 2.03%
||
7 Day CHG~0.00%
Published-05 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In mpu, there is a possible memory corruption due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07541753; Issue ID: ALPS07541753.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-androidmt6833mt6873mt6877mt6853mt8791mt6781mt8781mt6789MT6781, MT6789, MT6833, MT6853, MT6873, MT6877, MT8781, MT8791
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-28343
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.08% / 24.90%
||
7 Day CHG~0.00%
Published-08 Nov, 2020 | 04:03
Updated-04 Aug, 2024 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (Exynos 980, 9820, and 9830 chipsets) software. The NPU driver allows attackers to execute arbitrary code because of unintended write and read operations on memory. The Samsung ID is SVE-2020-18610 (November 2020).

Action-Not Available
Vendor-n/aGoogle LLCSamsung
Product-androidexynos_9830exynos_980exynos_9820n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32646
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.31%
||
7 Day CHG~0.00%
Published-03 Jan, 2023 | 00:00
Updated-10 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In gpu drm, there is a possible stack overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363501; Issue ID: ALPS07363501.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt8766androidmt6833mt6889mt6855mt6895mt6893mt8781mt6877mt6879mt6983mt6789mt8675mt6885mt6785mt8791mt6883mt6779mt6781mt6765mt6873mt6768mt6853mt6761MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8675, MT8766, MT8781, MT8791
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32625
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.14%
||
7 Day CHG~0.00%
Published-05 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07326216; Issue ID: ALPS07326216.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6879mt6855mt8365mt6883mt6873mt6765mt6768mt6877mt8791mt8781mt6983mt6789mt6781androidmt6785mt6833mt6889mt6885mt6779mt8168mt6853mt6893mt8675mt6895mt6761mt8766MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8168, MT8365, MT8675, MT8766, MT8781, MT8791
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32634
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.56%
||
7 Day CHG~0.00%
Published-05 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ccci, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138646; Issue ID: ALPS07138646.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6879mt6855mt6883mt8788mt6873mt6765mt6768mt8768mt6877mt8321mt8791mt8797mt8666mt6983mt6781mt8385androidmt6785mt6833mt8786mt6889mt6885mt6779mt6853mt6893mt8765mt8675mt6895mt8789mt6761mt8766MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8321, MT8385, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-27036
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 2.43%
||
7 Day CHG~0.00%
Published-15 Dec, 2020 | 16:03
Updated-04 Aug, 2024 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In phNxpNciHal_send_ext_cmd of phNxpNciHal_ext.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the NFC server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-153731369

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-27044
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.80%
||
7 Day CHG~0.00%
Published-15 Dec, 2020 | 16:05
Updated-04 Aug, 2024 | 16:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In restartWrite of Parcel.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-157066561

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32640
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.21%
||
7 Day CHG~0.00%
Published-03 Jan, 2023 | 00:00
Updated-10 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In meta wifi, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441652; Issue ID: ALPS07441652.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt8789mt8766androidmt6855mt6757mt8797mt6789mt6580mt8321mt6885mt6883mt8167mt6757cmt6781mt6873mt6768mt6853tmt6757chmt6761mt6891mt6895mt8362amt8768mt6737mt6833mt6889mt6731mt8168mt8185mt6769mt6893mt8173mt8765mt6771mt6757cdmt6877mt6879mt6983mt8781mt8675mt6785mt8365mt8666mt8786mt6763mt6739mt6762mt8791mt6779mt6735mt6875mt8385mt6765mt8788mt8791tmt6753mt6853MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8167, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32622
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 5.44%
||
7 Day CHG~0.00%
Published-05 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In gz, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363786; Issue ID: ALPS07363786.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-androidmt6879mt6855mt6895mt8781mt6983mt6789MT6789, MT6855, MT6879, MT6895, MT6983, MT8781
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32637
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.14%
||
7 Day CHG~0.00%
Published-03 Jan, 2023 | 00:00
Updated-10 Apr, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In hevc decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07491374; Issue ID: ALPS07491374.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt8789mt6785mt6885mt6833androidmt6889mt8185mt6883mt6781mt6873mt6853tmt6853MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6883, MT6885, MT6889, MT8185, MT8789
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32598
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 5.44%
||
7 Day CHG~0.00%
Published-05 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446228; Issue ID: ALPS07446228.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6879mt6883mt8788mt6765mt8768mt6877mt6891mt6853tmt8781mt8385mt6785mt6885mt6853mt6893mt6895mt8766mt6855mt6873mt6768mt8791mt8797mt6769mt6789androidmt6833mt8786mt6889mt6762mt6875mt6779mt8765mt8789mt6781MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT8385, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32596
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 5.44%
||
7 Day CHG~0.00%
Published-05 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446213; Issue ID: ALPS07446213.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6879mt6883mt8788mt6765mt8768mt6877mt6891mt6853tmt8781mt8385mt6785mt6885mt6853mt6893mt6895mt8766mt6855mt6873mt6768mt8791mt8797mt6769mt6789androidmt6833mt8786mt6889mt6762mt6875mt6779mt8765mt8789mt6781MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT8385, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32628
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 5.44%
||
7 Day CHG~0.00%
Published-05 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310780; Issue ID: ALPS07310780.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-androidmt6855mt6833mt6873mt6877mt6853mt6893mt8791MT6833, MT6853, MT6855, MT6873, MT6877, MT6893, MT8791
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32619
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.14%
||
7 Day CHG~0.00%
Published-05 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In keyinstall, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07439659; Issue ID: ALPS07439659.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6879mt6757chmt6883mt6580mt8788mt6765mt8768mt6877mt8321mt6739mt6891mt6853tmt8781mt6983mt8385mt6785mt6771mt6737mt6757cdmt6753mt6885mt6853mt6893mt6895mt6761mt8766mt6855mt6757cmt6873mt6731mt6768mt8791tmt8791mt8185mt8797mt6763mt6735mt6769mt8666mt6757mt6789androidmt6833mt8786mt6889mt8667mt6762mt6875mt6779mt8765mt8789mt6781MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8666, MT8667, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32647
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.56%
||
7 Day CHG~0.00%
Published-03 Jan, 2023 | 00:00
Updated-10 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ccu, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07554646; Issue ID: ALPS07554646.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-androidmt6983mt6895mt6879MT6879, MT6895, MT6983
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32593
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.50%
||
7 Day CHG~0.00%
Published-07 Oct, 2022 | 00:00
Updated-03 Aug, 2024 | 07:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In vowe, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138493; Issue ID: ALPS07138493.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-androidmt6983MT6983
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0646
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.03% / 6.98%
||
7 Day CHG~0.00%
Published-17 Aug, 2021 | 18:28
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In sqlite3_str_vappendf of sqlite3.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege if the user can also inject a printf into a privileged process's SQL with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-153352319

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-26467
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.40%
||
7 Day CHG~0.00%
Published-06 Sep, 2022 | 17:19
Updated-03 Aug, 2024 | 05:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In rpmb, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07167738; Issue ID: ALPS07167738.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6855mt6873mt6893mt8675mt8765mt6580mt8788mt6983mt8666mt8183mt6765mt6737mt6883mt6853tmt6739mt8768mt6761mt8797mt6889mt8321mt6768mt8786mt6771mt8385mt6833mt6885mt6735mt6753mt6877mt6781mt8365mt6853mt6895mt8168androidmt6779mt6785mt6879MT6580, MT6735, MT6737, MT6739, MT6753, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8168, MT8183, MT8321, MT8365, MT8385, MT8666, MT8675, MT8765, MT8768, MT8786, MT8788, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-26470
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.40%
||
7 Day CHG~0.00%
Published-06 Sep, 2022 | 17:19
Updated-03 Aug, 2024 | 05:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In aie, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07116037; Issue ID: ALPS07116037.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6895mt8765androidmt8385mt8768mt8789mt8788mt6983mt8321mt8786mt8766mt6879MT6879, MT6895, MT6983, MT8321, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-26458
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.84%
||
7 Day CHG~0.00%
Published-06 Sep, 2022 | 17:19
Updated-03 Aug, 2024 | 05:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In vow, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032678; Issue ID: ALPS07032678.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6855mt6895mt6873mt6893androidmt6885mt8797mt6983mt8791mt6877mt6853mt6883MT6853, MT6855, MT6873, MT6877, MT6883, MT6885, MT6893, MT6895, MT6983, MT8791, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-26460
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.84%
||
7 Day CHG~0.00%
Published-06 Sep, 2022 | 17:19
Updated-03 Aug, 2024 | 05:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In vow, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032590; Issue ID: ALPS07032590.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6855mt6895mt6873mt6893androidmt6833mt6885mt8797mt6889mt6983mt8791mt6877mt6879mt6853mt6883MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8791, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-26457
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 2.06%
||
7 Day CHG~0.00%
Published-06 Sep, 2022 | 17:19
Updated-03 Aug, 2024 | 05:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In vow, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138490; Issue ID: ALPS07138490.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6855mt6893androidmt6833mt6769mt6877mt8797mt6983mt8791mt6785mt6781mt6879MT6769, MT6781, MT6785, MT6833, MT6855, MT6877, MT6879, MT6893, MT6983, MT8791, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-26426
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.97%
||
7 Day CHG~0.00%
Published-01 Aug, 2022 | 13:56
Updated-03 Aug, 2024 | 05:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In camera isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07085486; Issue ID: ALPS07085486.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt8175mt6873mt6893mt8675mt8765mt8167smt8385mt6833mt8788mt8666mt6877mt8365mt8167mt6853mt8168mt8789androidmt8797mt8185mt8362amt8791mt8786MT6833, MT6853, MT6873, MT6877, MT6893, MT8167, MT8167S, MT8168, MT8175, MT8185, MT8362A, MT8365, MT8385, MT8666, MT8675, MT8765, MT8786, MT8788, MT8789, MT8791, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-26475
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 5.90%
||
7 Day CHG~0.00%
Published-07 Oct, 2022 | 00:00
Updated-03 Aug, 2024 | 05:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310743; Issue ID: ALPS07310743.

Action-Not Available
Vendor-Google LLCMediaTek Inc.The Linux Foundation
Product-mt6855mt8175mt6873mt8788mt6983mt7902mt8183mt6765mt7663mt6883mt8696mt7921mt8768mt8789mt6769mt6761mt6875mt6889mt8362amt6768mt8786mt8766mt8695mt8167smt8385mt6885mt8518yoctomt6762mt6781mt8365mt6853mt8667mt6895mt6789androidmt8185mt6779mt8512amt6785mt8532mt6879MT6761, MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6853, MT6855, MT6873, MT6875, MT6879, MT6883, MT6885, MT6889, MT6895, MT6983, MT7663, MT7902, MT7921, MT8167S, MT8175, MT8183, MT8185, MT8362A, MT8365, MT8385, MT8512A, MT8518, MT8532, MT8667, MT8695, MT8696, MT8766, MT8768, MT8786, MT8788, MT8789
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-26427
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.97%
||
7 Day CHG~0.00%
Published-01 Aug, 2022 | 13:56
Updated-03 Aug, 2024 | 05:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In camera isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07085540; Issue ID: ALPS07085540.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6873mt6893androidmt6833mt6877mt6853MT6833, MT6853, MT6873, MT6877, MT6893
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-26432
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 2.43%
||
7 Day CHG~0.00%
Published-01 Aug, 2022 | 13:57
Updated-03 Aug, 2024 | 05:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In mailbox, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032542; Issue ID: ALPS07032542.

Action-Not Available
Vendor-yoctoprojectGoogle LLCMediaTek Inc.
Product-mt6873mt6893mt8675mt8765mt8385mt6833mt6885mt8788mt6983yoctomt8666mt6877mt6853mt6895mt8768mt8789androidmt8797mt8185mt8321mt8791mt8532mt8786mt8766mt6879MT6833, MT6853, MT6873, MT6877, MT6879, MT6885, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8532, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-26430
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 2.43%
||
7 Day CHG~0.00%
Published-01 Aug, 2022 | 13:57
Updated-03 Aug, 2024 | 05:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In mailbox, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032521; Issue ID: ALPS07032521.

Action-Not Available
Vendor-yoctoprojectGoogle LLCMediaTek Inc.
Product-mt6873mt6893mt8675mt8765mt8385mt6833mt6885mt8788mt6983yoctomt8666mt6877mt6853mt6895mt8768mt8789androidmt8797mt8185mt8321mt8791mt8532mt8786mt8766mt6879MT6833, MT6853, MT6873, MT6877, MT6879, MT6885, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8532, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CVE-2022-26448
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.19%
||
7 Day CHG~0.00%
Published-06 Sep, 2022 | 17:19
Updated-03 Aug, 2024 | 05:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In apusys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07063849; Issue ID: ALPS07063849.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6873mt6853tmt6893androidmt6885mt6875mt6889mt6877mt6891mt6883MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-26455
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.40%
||
7 Day CHG~0.00%
Published-06 Sep, 2022 | 17:19
Updated-03 Aug, 2024 | 05:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In gz, there is a possible memory corruption due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07177858; Issue ID: ALPS07177858.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6855mt6895mt6789androidmt6983mt6879MT6789, MT6855, MT6879, MT6895, MT6983
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-26464
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.84%
||
7 Day CHG~0.00%
Published-06 Sep, 2022 | 17:19
Updated-03 Aug, 2024 | 05:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In vow, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032699; Issue ID: ALPS07032699.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6855mt6895mt6873mt6893androidmt6833mt6885mt8797mt6889mt6983mt8791mt6877mt6879mt6853mt6883MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8791, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-26465
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.84%
||
7 Day CHG~0.00%
Published-06 Sep, 2022 | 17:19
Updated-03 Aug, 2024 | 05:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In audio ipi, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06558799; Issue ID: ALPS06558799.

Action-Not Available
Vendor-yoctoprojectGoogle LLCMediaTek Inc.
Product-mt6873mt6893mt6885mt8518mt6983yoctomt6877mt6781mt6853mt6883mt6895mt6853tmt8798androidmt6875mt8797mt6889mt8791mt6779mt8512amt6785mt6879MT6779, MT6781, MT6785, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8512A, MT8518, MT8791, MT8797, MT8798
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-26435
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 2.43%
||
7 Day CHG~0.00%
Published-01 Aug, 2022 | 13:58
Updated-03 Aug, 2024 | 05:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In mailbox, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138435; Issue ID: ALPS07138435.

Action-Not Available
Vendor-yoctoprojectGoogle LLCMediaTek Inc.
Product-mt8175mt6873mt6893mt8675mt8765mt8788mt6983mt8666mt8167mt8768mt8789mt8797mt8321mt8362amt8786mt8766mt8167smt8385mt6833mt6885yoctomt6877mt8365mt6853mt6895mt8168androidmt8185mt8791mt8532mt6879mt8173MT6833, MT6853, MT6873, MT6877, MT6879, MT6885, MT6893, MT6895, MT6983, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8532, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CVE-2022-26434
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 2.43%
||
7 Day CHG~0.00%
Published-01 Aug, 2022 | 13:58
Updated-03 Aug, 2024 | 05:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In mailbox, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138450; Issue ID: ALPS07138450.

Action-Not Available
Vendor-yoctoprojectGoogle LLCMediaTek Inc.
Product-mt8175mt6873mt6893mt8675mt8765mt8788mt6983mt8666mt8167mt8768mt8789mt8797mt8321mt8362amt8786mt8766mt8167smt8385mt6833mt6885yoctomt6877mt8365mt6853mt6895mt8168androidmt8185mt8791mt8532mt6879mt8173MT6833, MT6853, MT6873, MT6877, MT6879, MT6885, MT6893, MT6895, MT6983, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8532, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-48406
Matching Score-10
Assigner-Google Devices
ShareView Details
Matching Score-10
Assigner-Google Devices
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.98%
||
7 Day CHG~0.00%
Published-08 Dec, 2023 | 15:41
Updated-28 Aug, 2024 | 16:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

there is a possible permanent DoS or way for the modem to boot unverified firmware due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-26449
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.19%
||
7 Day CHG~0.00%
Published-06 Sep, 2022 | 17:19
Updated-03 Aug, 2024 | 05:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In apusys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07177810; Issue ID: ALPS07177810.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-androidmt6895mt6983mt6879MT6879, MT6895, MT6983
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20118
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.77%
||
7 Day CHG~0.00%
Published-04 Nov, 2024 | 01:49
Updated-22 Apr, 2025 | 13:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In mms, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09062392; Issue ID: MSV-1621.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6885mt6889mt6768mt6855mt6785mt6877mt8792mt6873mt6781mt6779mt6833mt6893mt6765mt6835mt8676mt6739mt6761mt6853androidmt6883mt6789MT6739, MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6877, MT6883, MT6885, MT6889, MT6893, MT8676, MT8792mt6855mt6873mt6893mt6833mt6885mt6877mt6781mt6765mt6853mt6883mt8676mt6789mt6835mt6739androidmt6761mt8792mt6889mt6768mt6779mt6785
CWE ID-CWE-123
Write-what-where Condition
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20021
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 6.35%
||
7 Day CHG~0.00%
Published-06 May, 2024 | 02:52
Updated-30 Apr, 2025 | 16:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In atf spm, there is a possible way to remap physical memory to virtual memory due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08584568; Issue ID: MSV-1249.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6877mt8678mt8195mt8385mt8788tandroidmt8765mt8788mt8666bmt8788xmt8768zmt8168mt6768mt8768amt8786mt8781mt8798mt6893mt6833mt8788zmt8667mt8768tmt6781mt8666amt8362amt8183mt8768bmt6873mt8792mt8188mt6853mt8795tmt8321mt8675mt8673mt8796mt6885mt8188tmt8666mt8195zmt8365mt8676mt6785mt8766mt8766zmt8768MT6768, MT6781, MT6785, MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8168, MT8183, MT8188, MT8188T, MT8195, MT8195Z, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8666A, MT8666B, MT8667, MT8673, MT8675, MT8675, MT8676, MT8678, MT8765, MT8766, MT8766Z, MT8768, MT8768A, MT8768B, MT8768T, MT8768Z, MT8781, MT8781, MT8786, MT8788, MT8788T, MT8788, MT8788X, MT8788Z, MT8792, MT8795T, MT8796, MT8798mt6873mt6893mt8675mt8765mt8768amt8788mt8188tmt8666mt8788xmt8183mt8768tmt8666amt8768mt8792mt8362amt8766zmt8768zmt8788zmt8795tmt6768mt8321mt8781mt8766mt8786mt8768bmt8188mt6833mt6885mt8673mt6877mt6781mt8365mt8788tmt8195mt6853mt8667mt8168mt8798mt8796mt6785mt8195z
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-24931
Matching Score-10
Assigner-Samsung Mobile
ShareView Details
Matching Score-10
Assigner-Samsung Mobile
CVSS Score-7.9||HIGH
EPSS-0.01% / 2.07%
||
7 Day CHG~0.00%
Published-08 Mar, 2022 | 13:46
Updated-03 Aug, 2024 | 04:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control vulnerability in dynamic receiver in ApkInstaller prior to SMR MAR-2022 Release allows unauthorized attackers to execute arbitrary activity without a proper permission

Action-Not Available
Vendor-Google LLCSamsung Electronics
Product-androidSamsung Mobile Devices
CWE ID-CWE-269
Improper Privilege Management
CVE-2024-20098
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.83%
||
7 Day CHG~0.00%
Published-07 Oct, 2024 | 02:35
Updated-25 Apr, 2025 | 18:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In power, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08996886; Issue ID: MSV-1626.

Action-Not Available
Vendor-The Linux FoundationGoogle LLCMediaTek Inc.
Product-mt6785mt6779mt6768mt6781mt8532mt8675mt6873mt8786mt6885androidmt6853mt6877mt6893mt8188mt8781mt8768yoctomt6833mt8766mt8788MT6768, MT6779, MT6781, MT6785, MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8188, MT8532, MT8675, MT8766, MT8768, MT8781, MT8786, MT8788mt6873mt6893mt8675mt8188mt6833mt6885mt8788mt6877mt6781mt6853mt8768mt8781mt6768mt6779mt6785mt8532mt8786mt8766
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20109
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.77%
||
7 Day CHG~0.00%
Published-04 Nov, 2024 | 01:48
Updated-22 Apr, 2025 | 13:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09065928; Issue ID: MSV-1763.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6893mt8195mt6765mt6885mt6768mt6877mt6853androidmt6873mt6833mt8188MT6765, MT6768, MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8188, MT8195mt6873mt6893mt8188androidmt6833mt6885mt6768mt6877mt6765mt8195mt6853
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20125
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.72%
||
7 Day CHG~0.00%
Published-02 Dec, 2024 | 03:06
Updated-22 Apr, 2025 | 13:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained System privileges. User interaction is not needed for exploitation. Patch ID: ALPS09046782; Issue ID: MSV-1728.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt8390mt8195mt8370mt8771mt6885mt6889mt6768mt8395mt6855mt6886mt8321mt6873mt8768mt6833mt8365mt8781mt8797mt6761mt8666mt6789mt6985mt8175mt8766mt8667mt6580mt8798mt6785mt6877mt8765mt8786mt8385mt6781mt6779mt6893mt6765mt6835mt8673mt6853androidmt6983mt6879mt6883mt6895mt8788mt8791tMT6580, MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6983, MT6985, MT8175, MT8195, MT8321, MT8365, MT8370, MT8385, MT8390, MT8395, MT8666, MT8667, MT8673, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8791T, MT8797, MT8798mt6855mt8175mt6873mt6893mt8765mt6580mt6886mt8370mt8395mt8788mt8791tmt6983mt8666mt6765mt6883mt8390mt6835mt8768mt6761mt8797mt6889mt8321mt6768mt8781mt8766mt8786mt6985mt8385mt6833mt6885mt8673mt6877mt6781mt8365mt8195mt6853mt8667mt6895mt6789mt8798mt6779mt6785mt8771mt6879
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0456
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 2.43%
||
7 Day CHG~0.00%
Published-10 Mar, 2021 | 16:15
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-174769927

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20121
Matching Score-10
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-10
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.77%
||
7 Day CHG~0.00%
Published-04 Nov, 2024 | 01:49
Updated-22 Apr, 2025 | 13:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08956986; Issue ID: MSV-1574.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt8775mt6989mt8771mt8798mt6768mt6855mt8789mt6886mt8321mt8792mt8765mt8796mt8786mt8385mt8768mt8795tmt6833mt6893mt6765mt6835mt8797mt6853androidmt6983mt6879mt8788mt8781mt8791tmt8766MT6765, MT6768, MT6833, MT6835, MT6853, MT6855, MT6879, MT6886, MT6893, MT6983, MT6989, MT8321, MT8385, MT8765, MT8766, MT8768, MT8771, MT8775, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8792, MT8795T, MT8796, MT8797, MT8798mt6855mt6893mt8765mt8786mt8385mt6833mt6886mt8788mt8791tmt6983mt6989mt6765mt6853mt8798mt6835mt8768mt8789androidmt8792mt8797mt8321mt6768mt8775mt8795tmt8796mt8771mt8781mt8766mt6879
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 66
  • 67
  • Next
Details not found