Filtered by vendor Mediatek Subscriptions
Total 734 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-0619 2 Google, Mediatek 47 Android, Mt6739, Mt6758 and 44 more 2024-11-21 5.5 Medium
In ape extractor, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561395; Issue ID: ALPS05561395.
CVE-2021-0612 2 Google, Mediatek 54 Android, Mt6580, Mt6582 90 and 51 more 2024-11-21 7.8 High
In m4u, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05425834.
CVE-2021-0611 2 Google, Mediatek 54 Android, Mt6580, Mt6582 90 and 51 more 2024-11-21 7.8 High
In m4u, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05425810.
CVE-2021-0610 2 Google, Mediatek 54 Android, Mt6580, Mt6582 90 and 51 more 2024-11-21 7.8 High
In memory management driver, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05411456.
CVE-2021-0425 2 Google, Mediatek 54 Android, Mt6580, Mt6582 90 and 51 more 2024-11-21 5.5 Medium
In memory management driver, there is a possible side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05400059.
CVE-2021-0424 2 Google, Mediatek 54 Android, Mt6580, Mt6582 90 and 51 more 2024-11-21 5.5 Medium
In memory management driver, there is a possible system crash due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05393787.
CVE-2021-0423 2 Google, Mediatek 54 Android, Mt6580, Mt6582 90 and 51 more 2024-11-21 5.5 Medium
In memory management driver, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05385714.
CVE-2021-0422 2 Google, Mediatek 54 Android, Mt6580, Mt6582 90 and 51 more 2024-11-21 5.5 Medium
In memory management driver, there is a possible system crash due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05381071.
CVE-2021-0421 2 Google, Mediatek 54 Android, Mt6580, Mt6582 90 and 51 more 2024-11-21 5.5 Medium
In memory management driver, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05381235.
CVE-2019-18989 1 Mediatek 2 Mt7620n, Mt7620n Firmware 2024-11-21 5.4 Medium
A partial authentication bypass vulnerability exists on Mediatek MT7620N 1.06 devices. The vulnerability allows sending an unencrypted data frame to a WPA2-protected WLAN router where the packet is routed through the network. If successful, a response is sent back as an encrypted frame, which would allow an attacker to discern information or potentially modify data.
CVE-2019-15027 1 Mediatek 6 Mt6577, Mt6577 Firmware, Mt6625 and 3 more 2024-11-21 N/A
The MediaTek Embedded Multimedia Card (eMMC) subsystem for Android on MT65xx, MT66xx, and MT8163 SoC devices allows attackers to execute arbitrary commands as root via shell metacharacters in a filename under /data, because clear_emmc_nomedia_entry in platform/mt6577/external/meta/emmc/meta_clr_emmc.c invokes 'system("/system/bin/rm -r /data/' followed by this filename upon an eMMC clearance from a Meta Mode boot. NOTE: compromise of Fire OS on the Amazon Echo Dot would require a second hypothetical vulnerability that allows creation of the required file under /data.
CVE-2018-21089 2 Google, Mediatek 3 Android, Mt6755, Mt6757 2024-11-21 9.8 Critical
An issue was discovered on Samsung mobile devices with N(7.x) (MT6755/MT6757 Mediatek models) software. Bootloader has an integer overflow that leads to arbitrary code execution via the download offset control. The Samsung ID is SVE-2017-10732 (January 2018).
CVE-2018-21054 5 Google, Mediatek, Qualcomm and 2 more 14 Android, M6737t, Msm8909 and 11 more 2024-11-21 9.8 Critical
An issue was discovered on Samsung mobile devices with M(6.0), N(7.x) and O(8.x) except exynos9610/9820 in all Platforms, M(6.0) except MSM8909 SC77xx/9830 exynos3470/5420, N(7.0) except MSM8939, N(7.1) except MSM8996 SDM6xx/M6737T software. There is an integer underflow with a resultant buffer overflow in eCryptFS. The Samsung ID is SVE-2017-11857 (September 2018).
CVE-2018-12041 1 Mediatek 2 Awus036nh, Awus036nh Firmware 2024-11-21 N/A
An issue was discovered on the MediaTek AWUS036NH wireless USB adapter through 5.1.25.0. Attackers can remotely deny service by sending specially constructed 802.11 frames.
CVE-2024-20114 2 Google, Mediatek 11 Android, Mt6765, Mt6768 and 8 more 2024-11-05 6.7 Medium
In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09037038; Issue ID: MSV-1714.
CVE-2024-20122 2 Google, Mediatek 9 Android, Mt6761, Mt6765 and 6 more 2024-11-05 4.4 Medium
In vdec, there is a possible out of bounds read due to improper structure design. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09008925; Issue ID: MSV-1572.
CVE-2024-20109 2 Google, Mediatek 11 Android, Mt6765, Mt6768 and 8 more 2024-11-04 6.7 Medium
In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09065928; Issue ID: MSV-1763.
CVE-2024-20104 3 Google, Mediatek, Openwrt 23 Android, Mt6781, Mt6789 and 20 more 2024-11-04 8.4 High
In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09073261; Issue ID: MSV-1772.
CVE-2024-20108 2 Google, Mediatek 65 Android, Mt6580, Mt6739 and 62 more 2024-11-04 6.7 Medium
In atci, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09082988; Issue ID: MSV-1774.
CVE-2024-20110 2 Google, Mediatek 11 Android, Mt6765, Mt6768 and 8 more 2024-11-04 6.7 Medium
In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09065887; Issue ID: MSV-1762.