Lucene search
+L

129 matches found

CVE
CVE
added 2022/07/06 1:5 p.m.156 views

CVE-2022-21744

CVE-2022-21744 concerns the Modem 2G RR from MediaTek, where a missing bounds check enables an out-of-bounds write in PNCD decoding that can cause remote code execution. Exploitation requires no user interaction and is possible over the network; the issue is cited with Patch ID MOLY00810064 and I...

10CVSS9.4AI score0.03111EPSS
Exploits0References1Affected Software7
Cvelist
Cvelist
added 2022/07/06 1:5 p.m.33 views

CVE-2022-21744

In Modem 2G RR, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding GPRS Packet Neighbour Cell Data PNCD improper neighbouring cell size with no additional execution privileges needed. User interaction is not needed for...

9.5AI score0.03111EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/07/06 12:0 a.m.5 views

PT-2022-15084 · Unknown · Modem 2G Rrm

Name of the Vulnerable Software and Affected Versions: Modem 2G RR affected versions not specified Description: The issue is related to a missing bounds check, which can lead to an out of bounds write. This could result in remote code execution when decoding GPRS Packet Neighbour Cell Data PNCD...

10CVSS9.5AI score0.03111EPSS
Exploits0References3
OSV
OSV
added 2022/07/01 12:0 a.m.19 views

ASB-A-231275475

In Modem 2G/3G CC, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding combined FACILITY with no additional execution privileges needed. User interaction is not needed for exploitation...

10CVSS8.1AI score0.02532EPSS
Exploits0References1
OSV
OSV
added 2022/07/01 12:0 a.m.12 views

ASB-A-231281131

In Modem 2G RR, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding GPRS Packet Neighbour Cell Data PNCD improper neighbouring cell size with no additional execution privileges needed. User interaction is not needed for...

10CVSS8.1AI score0.03111EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/01/28 7:9 p.m.39 views

CVE-2021-22813

A CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists that could cause arbritrary script execution when a privileged account clicks on a malicious URL specifically crafted for the NMC pointing to an edit policy file. Affected Products:...

6.4AI score0.00745EPSS
Exploits0References1
Malwarebytes
Malwarebytes
added 2022/01/13 4:11 p.m.17 views

Some Android users can disable 2G now and why that is a good thing

The Electronic Frontier Foundation EFF has happily informed people that Google has quietly pushed a new feature to its Android operating system allowing users to optionally disable 2G at the modem level in their phones. This is beneficial because 2G uses weak encryption between the tower and devi...

7.6AI score
Exploits0
NVD
NVD
added 2021/09/09 4:15 p.m.22 views

CVE-2021-32486

In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500621; Issue ID: ALPS04964928...

7.8CVSS0.02354EPSS
Exploits0References1
NVD
NVD
added 2021/09/09 4:15 p.m.26 views

CVE-2021-32487

In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500736; Issue ID: ALPS04938456...

7.8CVSS0.02354EPSS
Exploits0References1
NVD
NVD
added 2021/09/09 4:15 p.m.25 views

CVE-2021-32485

In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500621; Issue ID: ALPS04964926...

7.8CVSS0.02354EPSS
Exploits0References1
NVD
NVD
added 2021/09/09 4:15 p.m.21 views

CVE-2021-32484

In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500621; Issue ID: ALPS04964917...

7.8CVSS0.02354EPSS
Exploits0References1
Prion
Prion
added 2021/09/09 4:15 p.m.18 views

Heap overflow

In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500621; Issue ID: ALPS04964928...

7.8CVSS7.5AI score0.02354EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/09/09 4:15 p.m.21 views

Heap overflow

In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500621; Issue ID: ALPS04964926...

7.8CVSS7.5AI score0.02354EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/09/09 4:15 p.m.24 views

Heap overflow

In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500736; Issue ID: ALPS04938456...

7.8CVSS7.5AI score0.02354EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/09/09 3:10 p.m.57 views

CVE-2021-32487

CVE-2021-32487 affects the Mediatek modem 2G RRM, where a heap-based buffer overflow can cause a remote denial of service with no privileges and no user interaction. The issue is mitigated by patch MOLY00500736 (ALPS04938456); no exploit details beyond the described vector are provided in the con...

7.8CVSS7.5AI score0.02354EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/09/09 3:10 p.m.29 views

CVE-2021-32487

In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500736; Issue ID: ALPS04938456...

7.7AI score0.02354EPSS
Exploits0References1
CVE
CVE
added 2021/09/09 3:10 p.m.43 views

CVE-2021-32486

The CVE-2021-32486 issue affects the modem 2G RRM in MediaTek-based devices, described as a heap-based buffer overflow that can cause a remote system crash and denial of service without user interaction or privileges. The vulnerability is quantified with high impact (CVSS 3.1/7.5; CVSS 2.0/7.8) a...

7.8CVSS7.5AI score0.02354EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/09/09 3:10 p.m.27 views

CVE-2021-32486

In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500621; Issue ID: ALPS04964928...

7.7AI score0.02354EPSS
Exploits0References1
CVE
CVE
added 2021/09/09 3:10 p.m.46 views

CVE-2021-32485

Affected component: Mediatek modem 2G RRM. The issue is a heap buffer overflow in the modem driver, leading to remote denial of service without privileges or user interaction. Impact: system crash and DoS. Remediation: patch MOLY00500621 (Issue ALPS04964926) is available. Exploitation details are...

7.8CVSS7.5AI score0.02354EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/09/09 3:10 p.m.27 views

CVE-2021-32485

In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500621; Issue ID: ALPS04964926...

7.7AI score0.02354EPSS
Exploits0References1
Rows per page
Query Builder