CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

136 matches found

CNNVD•added 2023/09/04 12:0 a.m.•2 views

MediaTek Chip Buffer Error Vulnerability

MediaTek chips are a variety of MediaTek chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips, which stems from an incorrect state check in cmdq, which may result in an out-of-bounds read...

4.4CVSS6.8AI score0.00016EPSS

Exploits0References2

Positive Technologies•added 2023/09/03 12:0 a.m.•1 views

PT-2023-17672 · Unknown · Imgsys Cmdq

Name of the Vulnerable Software and Affected Versions: imgsys cmdq affected versions not specified Description: In imgsys cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed...

6.5CVSS7AI score0.00034EPSS

Exploits0References6

CNNVD•added 2023/07/04 12:0 a.m.•1 views

部分MediaTek芯片缓冲区错误漏洞

MediaTek chips are various chips from MediaTek, a Chinese company MediaTek. A security vulnerability exists in some MediaTek chips, which originates in cmdq, due to a lack of boundary checking, which may result in memory corruption leading to a local denial of service. The following products are...

4.4CVSS5.1AI score0.00014EPSS

Exploits0References2

Positive Technologies•added 2023/02/13 12:0 a.m.•1 views

PT-2023-35091 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.7 Description: The issue is related to the dp aux cmd fifo tx function, where it may not be completed if the interrupt is not for an auxiliary transfer. This could potentially lead to security...

7.2AI score

Exploits0References1

CISA KEV Catalog•added 2021/11/03 12:0 a.m.•30 views

Mediatek Multiple Chipsets Insufficient Input Validation Vulnerability

Multiple MediaTek chipsets contain an insufficient input validation vulnerability and have missing SELinux restrictions in the Command Queue drivers ioctl handlers. This causes an out-of-bounds write leading to privilege escalation. This vulnerability was observed chained with CVE-2019-2215 and...

7.8CVSS7.3AI score0.00767EPSS

In wildExploits2

VulnCheck KEV•added 2021/10/28 12:0 a.m.•1 views

VulnCheck KEV: CVE-2020-0069

7.8CVSS7.3AI score0.51467EPSS

Exploits28References1

OSV•added 2020/03/10 8:15 p.m.•1 views

CVE-2020-0069

In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not...

7.8CVSS7.1AI score0.00767EPSS

Exploits2References3

NVD•added 2020/03/10 8:15 p.m.•21 views

CVE-2020-0069

7.8CVSS7.9AI score0.00767EPSS

Exploits2References3

Prion•added 2020/03/10 8:15 p.m.•16 views

Design/Logic Flaw

7.2CVSS7.8AI score0.00767EPSS

Exploits2References2

Cvelist•added 2020/03/10 7:56 p.m.•21 views

CVE-2020-0069

8.1AI score0.00767EPSS

Exploits2References2

CVE•added 2020/03/10 7:56 p.m.•1106 views

CVE-2020-0069

The CVE-2020-0069 issue affects MediaTek CMDQ driver ioctl handlers in Android kernel, where insufficient input sanitization and missing SELinux restrictions can cause an out-of-bounds write, enabling local privilege escalation without extra privileges or user interaction. Public material confirm...

7.8CVSS7.8AI score0.00767EPSS

In wildExploits2References3Affected Software1

Vulnrichment•added 2020/03/10 7:56 p.m.•8 views

CVE-2020-0069

7.2AI score0.00767EPSS

Exploits2References2

ATTACKERKB•added 2020/03/10 12:0 a.m.•37 views

CVE-2020-0069

7.8CVSS5.7AI score0.00767EPSS

In wildExploits2References3

Positive Technologies•added 2020/03/01 12:0 a.m.•2 views

PT-2020-6503 · Google +1 · Android Kernel +1

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to the Mediatek Command Queue driver in Android operating systems, specifically a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This coul...

7.8CVSS7.8AI score0.00767EPSS

Exploits2References14

RedhatCVE•added 2020/02/21 8:3 a.m.•40 views

CVE-2018-10021

The code in the drivers/scsi/libsas/sasscsihost.c file in the Linux kernel allow a physically proximate attacker to cause a memory leak in the ATA command queue and, thus, denial of service by triggering certain failure conditions...

5.5CVSS3.8AI score0.00039EPSS

Exploits2References1

RedHat Linux•added 2020/02/19 7:37 a.m.•2 views

kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c

A flaw was found in the Linux kernel’s block driver implementation blkdrainqueue function where a use-after-free condition could be triggered while draining the outstanding command queue in the systems block device subsystem. An attacker could use this flaw to crash the system or corrupt local...

7.8CVSS7AI score0.00093EPSS

Exploits0References4

NVD•added 2017/06/14 1:29 p.m.•13 views

CVE-2017-0636

An elevation of privilege vulnerability in the MediaTek command queue driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...

7.6CVSS6.5AI score0.00078EPSS

Exploits0References3

OSV•added 2017/06/14 1:29 p.m.•1 views

CVE-2017-0636

7CVSS6.1AI score0.00078EPSS

Exploits0References3

Cvelist•added 2017/06/14 1:0 p.m.•16 views

CVE-2017-0636

7AI score0.00078EPSS

Exploits0References3

CVE•added 2017/06/14 1:0 p.m.•43 views

CVE-2017-0636

CVE-2017-0636 is an elevation of privilege in the MediaTek command queue driver on Android, enabling a local attacker to execute arbitrary code in the kernel context. Affected component: MediaTek command queue driver (MediaTek components in the 2017-06 Android bulletin). Root cause: vulnerability...

7.6CVSS6.9AI score0.00078EPSS

Exploits0References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by