CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645184...

6.7CVSS6.6AI score0.00095EPSS

Exploits0References1

OSV•added 2023/06/06 1:15 p.m.•4 views

CVE-2023-20737

In vcu, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645167...

6.7CVSS5.9AI score0.00075EPSS

Exploits0References1

OSV•added 2023/06/06 1:15 p.m.•3 views

CVE-2023-20733

6.7CVSS6.7AI score0.00075EPSS

Exploits0References1

Prion•added 2023/06/06 1:15 p.m.•19 views

Out-of-bounds

4CVSS6.7AI score0.00095EPSS

Exploits0References1Affected Software3

Prion•added 2023/06/06 1:15 p.m.•17 views

Design/Logic Flaw

4CVSS6.8AI score0.00075EPSS

Exploits0References1Affected Software3

Prion•added 2023/06/06 1:15 p.m.•17 views

Out-of-bounds

4CVSS6.7AI score0.00096EPSS

Exploits0References1Affected Software3

CVE•added 2023/06/06 12:11 p.m.•55 views

CVE-2023-20738

CVE-2023-20738 affects the vcu component in MediaTek chips, caused by a missing bounds check that permits an out-of-bounds write. The vulnerability can lead to local escalation of privilege with SYSTEM-level execution, and exploitation does not require user interaction. Public references consiste...

6.7CVSS6.7AI score0.00095EPSS

Exploits0References1Affected Software3

Cvelist•added 2023/06/06 12:11 p.m.•16 views

CVE-2023-20737

7AI score0.00075EPSS

Exploits0References1

CVE•added 2023/06/06 12:11 p.m.•50 views

CVE-2023-20737

The CVE-2023-20737 issue concerns the vcu component in MediaTek devices, where an improper locking leads to a use-after-free condition. This vulnerability can enable local escalation of privileges to SYSTEM with no user interaction required. Affected behavior is described as a local exploit path,...

6.7CVSS6.7AI score0.00075EPSS

Exploits0References1Affected Software3

Vulnrichment•added 2023/06/06 12:11 p.m.•10 views

CVE-2023-20737

7.2AI score0.00075EPSS

Exploits0References1

CVE•added 2023/06/06 12:11 p.m.•58 views

CVE-2023-20736

CVE-2023-20736 affects the vcu component. The vulnerability is an out-of-bounds write caused by a race condition, enabling local escalation of privilege with System execution privileges required and no user interaction. A patch is referenced: ALPS07645149 (Issue ALPS07645189). Exploitation detail...

6.4CVSS6.5AI score0.00068EPSS

Exploits0References1Affected Software3

CVE•added 2023/06/06 12:11 p.m.•52 views

CVE-2023-20735

CVE-2023-20735 concerns the vcu component in MediaTek chips, where a missing bounds check can cause an out-of-bounds write. The under-lying flaw is a lack of boundary verification in vcu, potentially enabling local escalation of privilege with System-level execution privileges required. Exploitat...

6.7CVSS6.7AI score0.00096EPSS

Exploits0References1Affected Software3

Cvelist•added 2023/06/06 12:11 p.m.•18 views

CVE-2023-20734

7AI score0.00095EPSS

Exploits0References1

Vulnrichment•added 2023/06/06 12:11 p.m.•12 views

CVE-2023-20733

7.2AI score0.00075EPSS

Exploits0References1

Rows per page