Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2022-20607

Summary
Assigner-google_android
Assigner Org ID-baff130e-b8d5-4e15-b3d3-c3cf5d5545c6
Published At-16 Dec, 2022 | 00:00
Updated At-18 Apr, 2025 | 13:34
Rejected At-
Credits

In the Pixel cellular firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with LTE authentication needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238914868References: N/A

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:google_android
Assigner Org ID:baff130e-b8d5-4e15-b3d3-c3cf5d5545c6
Published At:16 Dec, 2022 | 00:00
Updated At:18 Apr, 2025 | 13:34
Rejected At:
▼CVE Numbering Authority (CNA)

In the Pixel cellular firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with LTE authentication needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238914868References: N/A

Affected Products
Vendor
n/a
Product
Android
Versions
Affected
  • Android kernel
Problem Types
TypeCWE IDDescription
textN/ARemote code execution
Type: text
CWE ID: N/A
Description: Remote code execution
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://source.android.com/security/bulletin/pixel/2022-12-01
N/A
Hyperlink: https://source.android.com/security/bulletin/pixel/2022-12-01
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://source.android.com/security/bulletin/pixel/2022-12-01
x_transferred
Hyperlink: https://source.android.com/security/bulletin/pixel/2022-12-01
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-787CWE-787 Out-of-bounds Write
Type: CWE
CWE ID: CWE-787
Description: CWE-787 Out-of-bounds Write
Metrics
VersionBase scoreBase severityVector
3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security@android.com
Published At:16 Dec, 2022 | 16:15
Updated At:18 Apr, 2025 | 14:15

In the Pixel cellular firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with LTE authentication needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238914868References: N/A

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Google LLC
google
>>android>>-
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-787Primarynvd@nist.gov
CWE-787Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-787
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-787
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://source.android.com/security/bulletin/pixel/2022-12-01security@android.com
Vendor Advisory
https://source.android.com/security/bulletin/pixel/2022-12-01af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Hyperlink: https://source.android.com/security/bulletin/pixel/2022-12-01
Source: security@android.com
Resource:
Vendor Advisory
Hyperlink: https://source.android.com/security/bulletin/pixel/2022-12-01
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

2260Records found
CVE-2022-32598
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 5.44%
||
7 Day CHG~0.00%
Published-05 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446228; Issue ID: ALPS07446228.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6879mt6883mt8788mt6765mt8768mt6877mt6891mt6853tmt8781mt8385mt6785mt6885mt6853mt6893mt6895mt8766mt6855mt6873mt6768mt8791mt8797mt6769mt6789androidmt6833mt8786mt6889mt6762mt6875mt6779mt8765mt8789mt6781MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT8385, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32626
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.14%
||
7 Day CHG~0.00%
Published-05 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07326239; Issue ID: ALPS07326239.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6879mt6855mt8365mt6883mt6873mt6765mt6768mt6877mt8791mt8781mt6983mt6789mt6781androidmt6785mt6833mt6889mt6885mt6779mt8168mt6853mt6893mt6895mt6761mt8766MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8168, MT8365, MT8766, MT8781, MT8791
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-5817
Matching Score-6
Assigner-Chrome
ShareView Details
Matching Score-6
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-1.32% / 79.04%
||
7 Day CHG~0.00%
Published-27 Jun, 2019 | 16:13
Updated-04 Aug, 2024 | 20:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Google LLCopenSUSEDebian GNU/LinuxFedora ProjectMicrosoft Corporation
Product-debian_linuxchromefedorawindowsbackportsleapChrome
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32596
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 5.44%
||
7 Day CHG~0.00%
Published-05 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446213; Issue ID: ALPS07446213.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6879mt6883mt8788mt6765mt8768mt6877mt6891mt6853tmt8781mt8385mt6785mt6885mt6853mt6893mt6895mt8766mt6855mt6873mt6768mt8791mt8797mt6769mt6789androidmt6833mt8786mt6889mt6762mt6875mt6779mt8765mt8789mt6781MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT8385, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-2174
Matching Score-6
Assigner-Chrome
ShareView Details
Matching Score-6
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.12% / 32.25%
||
7 Day CHG~0.00%
Published-06 Mar, 2024 | 18:34
Updated-13 Feb, 2025 | 17:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Inappropriate implementation in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Fedora ProjectGoogle LLC
Product-chromefedoraChromechromefedora
CWE ID-CWE-358
Improperly Implemented Security Check for Standard
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-15211
Matching Score-6
Assigner-GitHub, Inc.
ShareView Details
Matching Score-6
Assigner-GitHub, Inc.
CVSS Score-4.8||MEDIUM
EPSS-0.34% / 56.27%
||
7 Day CHG~0.00%
Published-25 Sep, 2020 | 18:45
Updated-04 Aug, 2024 | 13:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out of bounds access in tensorflow-lite

In TensorFlow Lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, saved models in the flatbuffer format use a double indexing scheme: a model has a set of subgraphs, each subgraph has a set of operators and each operator has a set of input/output tensors. The flatbuffer format uses indices for the tensors, indexing into an array of tensors that is owned by the subgraph. This results in a pattern of double array indexing when trying to get the data of each tensor. However, some operators can have some tensors be optional. To handle this scenario, the flatbuffer model uses a negative `-1` value as index for these tensors. This results in special casing during validation at model loading time. Unfortunately, this means that the `-1` index is a valid tensor index for any operator, including those that don't expect optional inputs and including for output tensors. Thus, this allows writing and reading from outside the bounds of heap allocated arrays, although only at a specific offset from the start of these arrays. This results in both read and write gadgets, albeit very limited in scope. The issue is patched in several commits (46d5b0852, 00302787b7, e11f5558, cd31fd0ce, 1970c21, and fff2c83), and is released in TensorFlow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1. A potential workaround would be to add a custom `Verifier` to the model loading code to ensure that only operators which accept optional inputs use the `-1` special value and only for the tensors that they expect to be optional. Since this allow-list type approach is erro-prone, we advise upgrading to the patched code.

Action-Not Available
Vendor-Google LLCopenSUSETensorFlow
Product-tensorflowleaptensorflow
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-48380
Matching Score-6
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
ShareView Details
Matching Score-6
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 0.89%
||
7 Day CHG~0.00%
Published-09 May, 2023 | 01:21
Updated-28 Jan, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In modem control device, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.

Action-Not Available
Vendor-Google LLCUnisoc (Shanghai) Technologies Co., Ltd.
Product-androidt610t616t770t618sc9863at820s8000t606sc7731esc9832et612t310t760SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32620
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 2.03%
||
7 Day CHG~0.00%
Published-05 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In mpu, there is a possible memory corruption due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07541753; Issue ID: ALPS07541753.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-androidmt6833mt6873mt6877mt6853mt8791mt6781mt8781mt6789MT6781, MT6789, MT6833, MT6853, MT6873, MT6877, MT8781, MT8791
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32646
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.31%
||
7 Day CHG~0.00%
Published-03 Jan, 2023 | 00:00
Updated-10 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In gpu drm, there is a possible stack overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363501; Issue ID: ALPS07363501.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt8766androidmt6833mt6889mt6855mt6895mt6893mt8781mt6877mt6879mt6983mt6789mt8675mt6885mt6785mt8791mt6883mt6779mt6781mt6765mt6873mt6768mt6853mt6761MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8675, MT8766, MT8781, MT8791
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32625
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.14%
||
7 Day CHG~0.00%
Published-05 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07326216; Issue ID: ALPS07326216.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6879mt6855mt8365mt6883mt6873mt6765mt6768mt6877mt8791mt8781mt6983mt6789mt6781androidmt6785mt6833mt6889mt6885mt6779mt8168mt6853mt6893mt8675mt6895mt6761mt8766MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8168, MT8365, MT8675, MT8766, MT8781, MT8791
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32628
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 5.44%
||
7 Day CHG~0.00%
Published-05 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310780; Issue ID: ALPS07310780.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-androidmt6855mt6833mt6873mt6877mt6853mt6893mt8791MT6833, MT6853, MT6855, MT6873, MT6877, MT6893, MT8791
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32605
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.58%
||
7 Day CHG~0.00%
Published-08 Nov, 2022 | 00:00
Updated-02 May, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In isp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07213898; Issue ID: ALPS07213898.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6983mt6879androidmt6895MT6879, MT6895, MT6983
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20146
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-8.1||HIGH
EPSS-0.02% / 2.56%
||
7 Day CHG~0.00%
Published-06 Jan, 2025 | 03:17
Updated-22 Apr, 2025 | 13:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan STA driver, there is a possible out of bounds write due to improper input validation. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389496 / ALPS09137491; Issue ID: MSV-1835.

Action-Not Available
Vendor-MediaTek Inc.Google LLCOpenWrtThe Linux Foundation
Product-mt8775mt7922mt8798mt6886mt3603mt6990mt8786mt8796mt6897mt8768mt6878openwrtmt8532mt2737mt8365mt6835software_development_kitmt8673mt8518smt7902mt8666mt8755mt7920androidmt8788mt8893mt8781mt8766yoctomt8667MT2737, MT3603, MT6835, MT6878, MT6886, MT6897, MT6990, MT7902, MT7920, MT7922, MT8365, MT8518S, MT8532, MT8666, MT8667, MT8673, MT8755, MT8766, MT8768, MT8775, MT8781, MT8786, MT8788, MT8796, MT8798, MT8893
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20111
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.77%
||
7 Day CHG~0.00%
Published-04 Nov, 2024 | 01:48
Updated-13 Mar, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09065033; Issue ID: MSV-1754.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt8188mt6873mt6765androidmt6877mt6833mt6768mt6885mt8195mt6893mt6853MT6765, MT6768, MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8188, MT8195mt8188mt6873mt6765androidmt6877mt6833mt6768mt6885mt8195mt6893mt6853
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-5866
Matching Score-6
Assigner-Chrome
ShareView Details
Matching Score-6
Assigner-Chrome
CVSS Score-9.8||CRITICAL
EPSS-0.42% / 61.17%
||
7 Day CHG~0.00%
Published-25 Nov, 2019 | 14:22
Updated-04 Aug, 2024 | 20:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds memory access in JavaScript in Google Chrome prior to 75.0.3770.142 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Google LLC
Product-chromeChrome
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20119
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.77%
||
7 Day CHG~0.00%
Published-04 Nov, 2024 | 01:49
Updated-22 Apr, 2025 | 13:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In mms, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09062301; Issue ID: MSV-1620.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6885mt6889mt6768mt6855mt6785mt6877mt6873mt6781mt6779mt6833mt6893mt6765mt6835mt8676mt6739mt6761mt6853androidmt6883mt6789MT6739, MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6877, MT6883, MT6885, MT6889, MT6893, MT8676mt6855mt6873mt6893mt6833mt6885mt6877mt6781mt6765mt6853mt6883mt8676mt6789mt6835mt6739androidmt6761mt6889mt6768mt6779mt6785
CWE ID-CWE-123
Write-what-where Condition
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32619
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.14%
||
7 Day CHG~0.00%
Published-05 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In keyinstall, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07439659; Issue ID: ALPS07439659.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6879mt6757chmt6883mt6580mt8788mt6765mt8768mt6877mt8321mt6739mt6891mt6853tmt8781mt6983mt8385mt6785mt6771mt6737mt6757cdmt6753mt6885mt6853mt6893mt6895mt6761mt8766mt6855mt6757cmt6873mt6731mt6768mt8791tmt8791mt8185mt8797mt6763mt6735mt6769mt8666mt6757mt6789androidmt6833mt8786mt6889mt8667mt6762mt6875mt6779mt8765mt8789mt6781MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8666, MT8667, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-29786
Matching Score-6
Assigner-Google Devices
ShareView Details
Matching Score-6
Assigner-Google Devices
CVSS Score-6.4||MEDIUM
EPSS-0.99% / 75.94%
||
7 Day CHG~0.00%
Published-13 Jun, 2024 | 21:01
Updated-02 Aug, 2024 | 01:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In pktproc_fill_data_addr_without_bm of link_rx_pktproc.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32621
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.4||MEDIUM
EPSS-0.01% / 2.05%
||
7 Day CHG~0.00%
Published-05 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In isp, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310829; Issue ID: ALPS07310829.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-androidmt6895mt6983MT6895, MT6983
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-5869
Matching Score-6
Assigner-Chrome
ShareView Details
Matching Score-6
Assigner-Chrome
CVSS Score-6.5||MEDIUM
EPSS-0.40% / 59.63%
||
7 Day CHG~0.00%
Published-25 Nov, 2019 | 14:22
Updated-04 Aug, 2024 | 20:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Blink in Google Chrome prior to 76.0.3809.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Google LLC
Product-chromeChrome
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32647
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.56%
||
7 Day CHG~0.00%
Published-03 Jan, 2023 | 00:00
Updated-10 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ccu, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07554646; Issue ID: ALPS07554646.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-androidmt6983mt6895mt6879MT6879, MT6895, MT6983
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20118
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.77%
||
7 Day CHG~0.00%
Published-04 Nov, 2024 | 01:49
Updated-22 Apr, 2025 | 13:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In mms, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09062392; Issue ID: MSV-1621.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6885mt6889mt6768mt6855mt6785mt6877mt8792mt6873mt6781mt6779mt6833mt6893mt6765mt6835mt8676mt6739mt6761mt6853androidmt6883mt6789MT6739, MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6877, MT6883, MT6885, MT6889, MT6893, MT8676, MT8792mt6855mt6873mt6893mt6833mt6885mt6877mt6781mt6765mt6853mt6883mt8676mt6789mt6835mt6739androidmt6761mt8792mt6889mt6768mt6779mt6785
CWE ID-CWE-123
Write-what-where Condition
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20104
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-8.4||HIGH
EPSS-0.01% / 0.84%
||
7 Day CHG~0.00%
Published-04 Nov, 2024 | 01:48
Updated-24 Apr, 2025 | 15:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09073261; Issue ID: MSV-1772.

Action-Not Available
Vendor-rdkcentralOpenWrtThe Linux FoundationMediaTek Inc.Google LLC
Product-mt6879rdk-bmt6855mt6980mt8390mt6835mt6985mt6890mt6983mt8188mt6789yoctoandroidmt8370openwrtmt8676mt6886mt6897mt6878mt6989mt6880mt6990mt6895mt6781MT6781, MT6789, MT6835, MT6855, MT6878, MT6879, MT6880, MT6886, MT6890, MT6895, MT6897, MT6980, MT6983, MT6985, MT6989, MT6990, MT8188, MT8370, MT8390, MT8676mt6855mt6990mt6985mt6890mt8188mt6886mt8370mt6983mt6989mt6878mt6781mt8676mt6980mt6895mt8390mt6789openwrtmt6835mt6880androidmt6897mt6879
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20140
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.59%
||
7 Day CHG~0.00%
Published-06 Jan, 2025 | 03:17
Updated-22 Apr, 2025 | 13:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In power, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09270402; Issue ID: MSV-2020.

Action-Not Available
Vendor-The Linux FoundationMediaTek Inc.Google LLC
Product-mt6893mt8532mt6885mt6768mt8518smt6739mt6877mt6761mt6853androidmt6781mt6833yoctoMT6739, MT6761, MT6768, MT6781, MT6833, MT6853, MT6877, MT6885, MT6893, MT8518S, MT8532
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32593
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.50%
||
7 Day CHG~0.00%
Published-07 Oct, 2022 | 00:00
Updated-03 Aug, 2024 | 07:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In vowe, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138493; Issue ID: ALPS07138493.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-androidmt6983MT6983
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20148
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.07% / 21.28%
||
7 Day CHG~0.00%
Published-06 Jan, 2025 | 03:17
Updated-22 Apr, 2025 | 13:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan STA FW, there is a possible out of bounds write due to improper input validation. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389045 / ALPS09136494; Issue ID: MSV-1796.

Action-Not Available
Vendor-The Linux FoundationMediaTek Inc.Google LLC
Product-mt8775mt7922mt8798mt6886mt3603mt8796mt6897mt8768mt6878mt8532mt6835software_development_kitmt7902mt8518sandroidmt7920mt8766yoctoMT3603, MT6835, MT6878, MT6886, MT6897, MT7902, MT7920, MT7922, MT8518S, MT8532, MT8766, MT8768, MT8775, MT8796, MT8798
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-30632
Matching Score-6
Assigner-Chrome
ShareView Details
Matching Score-6
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-84.25% / 99.27%
||
7 Day CHG~0.00%
Published-08 Oct, 2021 | 00:00
Updated-30 Jul, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2021-11-17||Apply updates per vendor instructions.

Out of bounds write in V8 in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Fedora ProjectGoogle LLC
Product-chromefedoraChromeChromium V8
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20105
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.90%
||
7 Day CHG~0.00%
Published-06 Jan, 2025 | 03:17
Updated-22 Apr, 2025 | 13:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In m4u, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09062027; Issue ID: MSV-1743.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6580mt6885mt6889mt6768mt6855mt6785mt6877mt6873mt6781mt8768mt6779mt6833mt6893mt6765mt8673mt6739mt6761mt8666mt6853androidmt6983mt6879mt6789mt6883mt6895mt8667MT6580, MT6739, MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8666, MT8667, MT8673, MT8768
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20130
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.77%
||
7 Day CHG~0.00%
Published-02 Dec, 2024 | 03:07
Updated-22 Apr, 2025 | 13:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In power, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09193374; Issue ID: MSV-1982.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt8195mt6989mt6885mt6889mt6768mt6855mt6877mt6886mt8796mt8678mt6781mt6897mt6878mt6833mt6893mt6765mt6835mt8676mt6896mt6739mt6761mt6853androidmt6983mt6879mt6789mt6883mt6895mt8696mt6985MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6896, MT6897, MT6983, MT6985, MT6989, MT8195, MT8676, MT8678, MT8696, MT8796mt6896mt6855mt6985mt6893mt6833mt6886mt6885mt6983mt6989mt6877mt6878mt6781mt6765mt8195mt6853mt6883mt8676mt8696mt6895mt6789mt6835mt6739mt6761mt6889mt8796mt6768mt6897mt6879mt8678
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32634
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.56%
||
7 Day CHG~0.00%
Published-05 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ccci, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138646; Issue ID: ALPS07138646.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6879mt6855mt6883mt8788mt6873mt6765mt6768mt8768mt6877mt8321mt8791mt8797mt8666mt6983mt6781mt8385androidmt6785mt6833mt8786mt6889mt6885mt6779mt6853mt6893mt8765mt8675mt6895mt8789mt6761mt8766MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8321, MT8385, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20083
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.10% / 27.91%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 03:02
Updated-30 May, 2025 | 17:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In venc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08810810 / ALPS08805789; Issue ID: MSV-1502.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6768mt8771mt8321mt8781mt8765mt8766mt8755mt6779mt8385mt6785mt8798mt8667mt8797mt8796mt8789mt8666mt8768mt8795tmt8791tmt6765mt8775mt8786androidmt8792mt8788MT6765, MT6768, MT6779, MT6785, MT8321, MT8385, MT8666, MT8667, MT8755, MT8765, MT8766, MT8768, MT8771, MT8775, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8792, MT8795T, MT8796, MT8797, MT8798mt8765mt8385mt8788mt8791tmt8666mt6785mt6765mt8667mt8798mt8768mt8789mt8781mt8771mt8792mt8797mt8321mt6768mt8775mt8795tmt8796mt6779mt8755mt8786mt8766
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20016
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 0.96%
||
7 Day CHG~0.00%
Published-05 Feb, 2024 | 05:59
Updated-01 Aug, 2024 | 21:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ged, there is a possible out of bounds write due to an integer overflow. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation Patch ID: ALPS07835901; Issue ID: ALPS07835901.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6855mt6879mt6873mt6893mt8765mt6983mt8183mt6765mt6737mt6739mt6757mt8768mt6761mt8797mt6889mt6768mt8766mt6771mt8188mt6833mt6885mt6735mt6753mt6877mt6781mt8195mt6853mt6895mt8168mt8798androidmt8791mt6779mt6785mt6763MT6735, MT6737, MT6739, MT6753, MT6757, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6885, MT6889, MT6893, MT6895, MT6983, MT8168, MT8183, MT8188, MT8195, MT8765, MT8766, MT8768, MT8791, MT8797, MT8798mt6855mt6873mt6893mt8765mt6763mt6983mt8183mt6765mt6737mt6739mt6757mt8768mt6761mt8797mt6889mt6768mt8766mt6771mt8188mt6833mt6885mt6735mt6753mt6877mt6781mt8195mt6853mt6895mt8168mt8798mt8791mt6779mt6785mt6879
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2024-20108
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.75%
||
7 Day CHG~0.00%
Published-04 Nov, 2024 | 01:48
Updated-22 Apr, 2025 | 13:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In atci, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09082988; Issue ID: MSV-1774.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6989mt8791mt6855mt8321mt6873mt8796mt8365mt8676mt8797mt8666mt6789mt6985mt8667mt8675mt8168mt6785mt6877mt8765mt8786mt8188mt6893mt8362amt6765mt8673mt8788mt8791tmt6883mt8173mt8390mt8195mt8185mt8370mt8771mt6885mt6889mt6768mt8395mt8789mt6886mt8792mt8678mt6897mt8768mt6878mt6833mt6739mt6761mt8175mt8766mt8775mt6580mt8798mt8385mt6781mt6779mt8795tmt6835mt6896mt8755mt6853androidmt6983mt6879mt6895mt8781MT6580, MT6739, MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6896, MT6897, MT6983, MT6985, MT6989, MT8168, MT8173, MT8175, MT8185, MT8188, MT8195, MT8321, MT8362A, MT8365, MT8370, MT8385, MT8390, MT8395, MT8666, MT8667, MT8673, MT8675, MT8676, MT8678, MT8755, MT8765, MT8766, MT8768, MT8771, MT8775, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8792, MT8795T, MT8796, MT8797, MT8798mt6896mt6855mt8175mt6893mt6580mt6886mt8395mt8791tmt6983mt8666mt6878mt6765mt6883mt8676mt8390mt6739mt8768mt6761mt6889mt8321mt8362amt8775mt8795tmt8781mt6985mt8385mt6885mt6877mt8365mt8195mt6853mt8667mt8791mt6897mt8755mt6785mt8173mt6873mt8765mt8675mt8370mt8788mt6835mt8789mt8792mt8797mt6768mt8786mt8766mt8678mt8188mt6833mt8673mt6989mt6781mt6895mt8168mt6789mt8798androidmt8185mt8796mt6779mt8771mt6879
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20057
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-7.2||HIGH
EPSS-0.04% / 10.10%
||
7 Day CHG-0.00%
Published-06 May, 2024 | 02:51
Updated-30 Apr, 2025 | 16:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08587881; Issue ID: ALPS08587881.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6877mt6855mt8771mt6886mt8755mt8789mt6761mt6895mt8385mt6897androidmt8765mt8788mt8786mt6768mt8781mt6835mt6893mt6765mt6833mt6983mt8791tmt6781mt6889mt6789mt6779mt6873mt8792mt6853mt6879mt8321mt8795tmt8796mt6885mt6883mt6785mt8766mt8768MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6983, MT8321, MT8385, MT8755, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8792, MT8795T, MT8796mt6883mt8321mt6893mt8789mt8781mt8795tmt8771mt6885mt6879mt8786mt6853mt6897mt8768mt6765mt8766mt6983mt6877mt6886mt8765mt8385mt6855mt8792mt6833mt8755mt6889mt8788mt6895mt6789mt8796mt6835mt6761mt6785mt6781mt6779mt8791tmt6873mt6768
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-29740
Matching Score-6
Assigner-Google Devices
ShareView Details
Matching Score-6
Assigner-Google Devices
CVSS Score-7.4||HIGH
EPSS-0.02% / 3.52%
||
7 Day CHG~0.00%
Published-05 Apr, 2024 | 20:02
Updated-02 Aug, 2024 | 01:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In tmu_set_table of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-Androidandroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20114
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.77%
||
7 Day CHG~0.00%
Published-04 Nov, 2024 | 01:48
Updated-13 Mar, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09037038; Issue ID: MSV-1714.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt8188mt6873mt6765androidmt6877mt6833mt6768mt6885mt8195mt6893mt6853MT6765, MT6768, MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8188, MT8195mt8188mt6873mt6765androidmt6877mt6833mt6768mt6885mt8195mt6893mt6853
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20103
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.27% / 50.02%
||
7 Day CHG~0.00%
Published-07 Oct, 2024 | 02:35
Updated-24 Apr, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan firmware, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09001358; Issue ID: MSV-1599.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-androidmt8678mt8893software_development_kitmt8796mt8698mt6989mt8512mt8695mt7927mt6990mt6985mt3605mt8183MT3605, MT6985, MT6989, MT6990, MT7927, MT8183, MT8512, MT8678, MT8695, MT8698, MT8796, MT8893mt6990mt6985mt8512mt3605mt8695mt7927androidmt8893mt6989mt8796mt8698mt8183mt8678
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20033
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 3.30%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 02:43
Updated-22 Apr, 2025 | 20:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In nvram, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08499945; Issue ID: ALPS08499945.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt8390mt8195mt8185mt8370mt6885mt8791mt6768mt8395mt6855mt8789mt6886mt8321mt6771mt8792mt8796mt8678mt8768mt8365mt8676mt8781mt6739mt8797mt6761mt8666mt6789mt6985mt8175mt8766mt8667mt8775mt8167mt8675mt8798mt8168mt6785mt8167smt8765mt8786mt8385mt6779mt2713mt8188mt6893mt8362amt6765mt6835mt8673mt8755androidmt6983mt6879mt6883mt6895mt8788mt8173MT2713, MT6739, MT6761, MT6765, MT6768, MT6771, MT6779, MT6785, MT6789, MT6835, MT6855, MT6879, MT6883, MT6885, MT6886, MT6893, MT6895, MT6983, MT6985, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8188, MT8195, MT8321, MT8362A, MT8365, MT8370, MT8385, MT8390, MT8395, MT8666, MT8667, MT8673, MT8675, MT8676, MT8678, MT8755, MT8765, MT8766, MT8768, MT8775, MT8781, MT8786, MT8788, MT8789, MT8791, MT8792, MT8796, MT8797, MT8798
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20135
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.69%
||
7 Day CHG~0.00%
Published-02 Dec, 2024 | 03:07
Updated-22 Apr, 2025 | 13:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In soundtrigger, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09142526; Issue ID: MSV-1841.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6893mt8775mt6989mt9687mt6768mt6877mt6853androidmt8796mt6781mt6897mt6878mt6833MT6768, MT6781, MT6833, MT6853, MT6877, MT6878, MT6893, MT6897, MT6989, MT8775, MT8796, MT9687mt6893mt6833mt9687mt6989mt8775mt6768mt6897mt6878mt6877mt8796mt6781mt6853
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20009
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-8.8||HIGH
EPSS-2.07% / 83.20%
||
7 Day CHG~0.00%
Published-05 Feb, 2024 | 05:59
Updated-20 Jun, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In alac decoder, there is a possible out of bounds write due to an incorrect error handling. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08441150; Issue ID: ALPS08441150.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt8176mt6785mt6873mt6983mt8167mt6739mt8163mt6883mt6889mt8173mt6762androidmt6779mt8175mt8188mt6761mt6885mt6879mt6886mt8167smt6580mt6895mt6877mt8188tmt6853tmt8185mt6855mt6853mt8168mt6833mt6789mt6985mt6835mt6765MT6580, MT6739, MT6761, MT6762, MT6765, MT6779, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6895, MT6983, MT6985, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8176, MT8185, MT8188, MT8188T
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20074
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.6||MEDIUM
EPSS-0.09% / 27.13%
||
7 Day CHG~0.00%
Published-03 Jun, 2024 | 02:04
Updated-25 Apr, 2025 | 18:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In dmc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08668110; Issue ID: MSV-1333.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6886mt8673mt6785mt8667mt6989mt6779mt6768mt6739mt6983mt6895mt6781mt6835mt6873mt6789mt6885mt6897androidmt6883mt6765mt6985mt6761mt6853mt6889mt6877mt6879mt8666mt6580mt6893mt6833mt8676mt6855MT6580, MT6739, MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6983, MT6985, MT6989, MT8666, MT8667, MT8673, MT8676mt6855mt6985mt6873mt6893mt6833mt6580mt6886mt6885mt8673mt6983mt6989mt8666mt6877mt6781mt6765mt6853mt6883mt8667mt8676mt6895mt6789mt6835mt6739mt6761mt6889mt6768mt6779mt6897mt6785mt6879
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20043
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.6||MEDIUM
EPSS-0.04% / 11.46%
||
7 Day CHG~0.00%
Published-01 Apr, 2024 | 02:35
Updated-23 Apr, 2025 | 13:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541781; Issue ID: ALPS08541781.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6763mt8678mt8765mt8788mt6873mt8796mt8167mt8385androidmt8195mt6779mt8766mt8395mt6877mt8786mt8798mt6833mt6768mt8185mt8673mt6785mt8365mt8173mt6893mt8362amt6761mt8321mt8791tmt8175mt8797mt6739mt8781mt6765mt6757mt6781mt8168mt8666mt6771mt8791mt8768mt8789mt6853mt6885MT6739, MT6757, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8167, MT8168, MT8173, MT8175, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8395, MT8666, MT8673, MT8678, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8796, MT8797, MT8798mt8175mt6873mt6893mt6771mt8385mt6833mt8395mt6885mt8673mt8666mt6877mt6781mt8365mt8167mt6765mt8195mt6853mt8168mt6739mt6757mt6761mt8185mt8321mt6768mt8362amt6779mt6785mt6763mt8173
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20087
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-7.8||HIGH
EPSS-0.01% / 0.61%
||
7 Day CHG~0.00%
Published-02 Sep, 2024 | 02:07
Updated-05 Sep, 2024 | 14:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08932916; Issue ID: MSV-1550.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt8667androidmt8385mt8768mt8789mt8788mt8766mt6768mt6779mt8666mt6785mt8781mt6765MT6765, MT6768, MT6779, MT6785, MT8385, MT8666, MT8667, MT8766, MT8768, MT8781, MT8788, MT8789mt8667mt8385mt8768mt8789androidmt8788mt8766mt6768mt6779mt8666mt6785mt8781mt6765
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-48372
Matching Score-6
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
ShareView Details
Matching Score-6
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 0.71%
||
7 Day CHG~0.00%
Published-09 May, 2023 | 01:21
Updated-28 Jan, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In bootcp service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.

Action-Not Available
Vendor-Google LLCUnisoc (Shanghai) Technologies Co., Ltd.
Product-androidt610t616t770t618sc9863at820s8000t606sc7731esc9832et612t310t760SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20044
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.6||MEDIUM
EPSS-0.04% / 11.46%
||
7 Day CHG~0.00%
Published-01 Apr, 2024 | 02:35
Updated-23 Apr, 2025 | 13:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541784; Issue ID: ALPS08541784.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6763mt8678mt8765mt8788mt6873mt8796mt8167mt8385androidmt8195mt6779mt8766mt8395mt6877mt8786mt8798mt6833mt6768mt8185mt8673mt6785mt8365mt8173mt6893mt8362amt6761mt8321mt8791tmt8175mt8797mt6739mt8781mt6765mt6757mt6781mt8168mt8666mt6771mt8791mt8768mt8789mt6853mt6885MT6739, MT6757, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8167, MT8168, MT8173, MT8175, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8395, MT8666, MT8673, MT8678, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8796, MT8797, MT8798mt8175mt6873mt6893mt6771mt8385mt6833mt8395mt6885mt8673mt8666mt6877mt6781mt8365mt8167mt6765mt8195mt6853mt8168mt6739mt6757mt6761mt8185mt8321mt6768mt8362amt6779mt6785mt6763mt8173
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20053
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-8.4||HIGH
EPSS-0.02% / 4.01%
||
7 Day CHG~0.00%
Published-01 Apr, 2024 | 02:35
Updated-23 Apr, 2025 | 13:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In flashc, there is a possible out of bounds write due to an uncaught exception. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541757; Issue ID: ALPS08541764.

Action-Not Available
Vendor-rdkcentralMediaTek Inc.Google LLCOpenWrtThe Linux Foundation
Product-mt6980mt6890mt8765mt6835mt6855mt8788mt8796mt8167mt8385mt6886mt8195mt6985mt8766mt8395rdk-bmt8786mt6983mt6789mt8798mt6990mt8673mt8365mt2713mt8173mt6879mt2737mt8362amt6989openwrtmt8321mt8791tmt8175mt8797mt8781mt8168mt6781mt8188mt8666mt8667yoctomt8791mt8390mt8768mt8789androidmt6895mt6880MT2713, MT2737, MT6781, MT6789, MT6835, MT6855, MT6879, MT6880, MT6886, MT6890, MT6895, MT6980, MT6983, MT6985, MT6989, MT6990, MT8167, MT8168, MT8173, MT8175, MT8188, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8390, MT8395, MT8666, MT8667, MT8673, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8796, MT8797, MT8798mt6855mt6990mt8175mt8765mt6886mt8395mt8788mt8791tmt6983mt8666mt8167mt8390mt6835mt6880mt8768mt8789mt8797mt8321mt8362amt2737mt8781mt8766mt8786mt6985mt6890mt8188mt8385mt8673mt6989mt6781mt8365mt8195mt8667mt6980mt6895mt8168mt6789mt8798mt8791mt8796mt2713mt6879mt8173
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20040
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-8.8||HIGH
EPSS-0.93% / 75.11%
||
7 Day CHG~0.00%
Published-01 Apr, 2024 | 02:34
Updated-23 Apr, 2025 | 13:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan firmware, there is a possible out of bounds write due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08360153 (for MT6XXX chipsets) / WCNCR00363530 (for MT79XX chipsets); Issue ID: MSV-979.

Action-Not Available
Vendor-rdkcentralOpenWrtLinux Kernel Organization, IncThe Linux FoundationMediaTek Inc.Google LLC
Product-mt6895mt8678mt6890mt6855mt6853tmt7916mt6875mt6873mt7921mt8792mt8796androidmt6886mt7915mt8195mt6762mt6985mt7986mt8395rdk-bmt6877mt7902mt6983mt6833mt6789mt6768mt8798mt6990mt6883mt8673mt2713mt7922mt6879mt6893mt8518smt6989mt8532mt6761mt8370openwrtmt8791tmt6580mt6889mt7925mt8797linux_kernelmt8781mt6781mt7981mt8188yoctomt8390mt7920mt6891mt7927mt6853mt6885MT2713, MT6580, MT6761, MT6762, MT6768, MT6781, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6983, MT6985, MT6989, MT6990, MT7902, MT7915, MT7916, MT7920, MT7921, MT7922, MT7925, MT7927, MT7981, MT7986, MT8188, MT8195, MT8370, MT8390, MT8395, MT8518S, MT8532, MT8673, MT8678, MT8781, MT8791T, MT8792, MT8796, MT8797, MT8798mt6886mt6762mt8195mt8673mt6891mt6893mt6889mt6789mt6761androidmt7902mt6781mt6877mt8395mt6983mt6855mt6883mt7925mt6853mt6895mt6875mt2713mt8370mt8518smt6989linux_kernelmt7915mt8532mt7921mt8188mt6873mt6990mt6580mt7920mt6890mt7916mt8390mt6853tmt6833mt6985mt7986mt6768mt6885mt7981mt7922mt7927mt6879
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20141
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.01% / 0.87%
||
7 Day CHG~0.00%
Published-03 Feb, 2025 | 03:23
Updated-03 Feb, 2025 | 19:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In V5 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09291402; Issue ID: MSV-2073.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6779mt8771mt6739mt8795tmt8789mt8395mt8365mt8791tmt8362amt8666mt6877mt8167mt8675mt6781mt8175mt6873mt6885mt8786mt6833mt8768mt6771mt6853mt6893mt8321mt8798mt8673mt8775mt6765mt8667mt8185mt8765mt8766mt6785mt8678mt8781mt6761mt8385mt6768mt8788mt8797androidmt8893mt8195mt8167sMT6739, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8167, MT8167S, MT8175, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8395, MT8666, MT8667, MT8673, MT8675, MT8678, MT8765, MT8766, MT8768, MT8771, MT8775, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8795T, MT8797, MT8798, MT8893
CWE ID-CWE-123
Write-what-where Condition
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-3195
Matching Score-6
Assigner-Chrome
ShareView Details
Matching Score-6
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.87% / 74.35%
||
7 Day CHG~0.00%
Published-26 Sep, 2022 | 00:00
Updated-22 May, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds write in Storage in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Google LLCFedora Project
Product-fedorachromeChrome
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20028
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.6||MEDIUM
EPSS-0.06% / 18.38%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 02:43
Updated-22 Apr, 2025 | 20:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In da, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541632; Issue ID: ALPS08541687.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6763mt8167mt6885mt6768mt8168mt6785mt6877mt6771mt6873mt8163mt6779mt6833mt6893mt6765mt6739mt6761mt6853androidmt6757mt8512MT6739, MT6757, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8163, MT8167, MT8168, MT8512mt6873mt6893mt6771mt6833mt6885mt6877mt8167mt6765mt6853mt8168mt6739mt6757mt6761mt6768mt6779mt8163mt6785mt6763
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 45
  • 46
  • Next
Details not found