Lucene search
K

322 matches found

CVE
CVE
added 2024/02/05 5:59 a.m.99 views

CVE-2024-20010

The CVE-2024-20010 entry describes a MediaTek vulnerability in the keyInstall module caused by type confusion, enabling local privilege escalation to SYSTEM without user interaction. Patch ALPS08358560 (Issue ALPS08358560) is referenced as the fix. Connected documents corroborate the local-privil...

6.7CVSS6.6AI score0.00087EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/02/05 12:0 a.m.4 views

MediaTek Chip Security Breach

MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips that stems from a type confusion issue in the keyInstall module, which could lead to privilege escalation...

6.7CVSS6.8AI score0.00087EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/05 12:0 a.m.5 views

MediaTek Chip Security Breach

MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips that stems from a type confusion issue in the keyInstall module, which could lead to privilege escalation...

6.7CVSS6.8AI score0.00091EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/02/05 12:0 a.m.4 views

MediaTek Chip Security Breach

MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips due to a lack of boundary checking in the keyInstall module, which may result in out-of-bounds writes...

6.7CVSS6.8AI score0.00113EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/02/04 12:0 a.m.6 views

PT-2024-18500 · Mediatek +1 · Mt6580 +1

Name of the Vulnerable Software and Affected Versions: No specific software name or affected versions are mentioned in the provided descriptions. Description: The issue is related to a possible escalation of privilege due to type confusion in the keyInstall function. This could lead to local...

6.7CVSS6.5AI score0.00091EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/02/04 12:0 a.m.6 views

PT-2024-18498 · Mediatek +1 · Mt6580 +1

Name of the Vulnerable Software and Affected Versions: No specific software name or affected versions are mentioned in the provided descriptions. Description: The issue is related to a possible escalation of privilege due to type confusion in the keyInstall function. This could lead to local...

6.7CVSS6.5AI score0.00087EPSS
Exploits0References4
OSV
OSV
added 2024/01/02 3:15 a.m.6 views

CVE-2023-32875

In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308607; Issue ID: ALPS08304217...

4.4CVSS5.9AI score0.00091EPSS
Exploits0References1
OSV
OSV
added 2024/01/02 3:15 a.m.5 views

CVE-2023-32872

In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308607; Issue ID: ALPS08308607...

6.7CVSS5.9AI score0.00093EPSS
Exploits0References1
NVD
NVD
added 2024/01/02 3:15 a.m.25 views

CVE-2023-32872

In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308607; Issue ID: ALPS08308607...

6.7CVSS6.8AI score0.00093EPSS
Exploits0References1
OSV
OSV
added 2024/01/02 3:15 a.m.4 views

CVE-2023-32876

In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308612; Issue ID: ALPS08308612...

4.4CVSS5.9AI score0.00089EPSS
Exploits0References1
NVD
NVD
added 2024/01/02 3:15 a.m.33 views

CVE-2023-32875

In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308607; Issue ID: ALPS08304217...

4.4CVSS4.3AI score0.00091EPSS
Exploits0References1
Prion
Prion
added 2024/01/02 3:15 a.m.19 views

Out-of-bounds

In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308607; Issue ID: ALPS08308607...

4CVSS7.3AI score0.00093EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2024/01/02 3:15 a.m.24 views

Information disclosure

In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308607; Issue ID: ALPS08304217...

1.4CVSS6.3AI score0.00091EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2024/01/02 3:15 a.m.23 views

Information disclosure

In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308612; Issue ID: ALPS08308612...

1.4CVSS6.3AI score0.00089EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/01/02 2:49 a.m.26 views

CVE-2023-32876

In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308612; Issue ID: ALPS08308612...

4.7AI score0.00089EPSS
Exploits0References1
CVE
CVE
added 2024/01/02 2:49 a.m.51 views

CVE-2023-32876

CVE-2023-32876 involves the keyInstall function where a missing bounds check can cause information disclosure, requiring local privileges (PR:H) with no user interaction. Affected context appears to be media/SoC environments (MediaTek-related references appear across multiple connected sources), ...

4.4CVSS4.3AI score0.00089EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/01/02 2:49 a.m.67 views

CVE-2023-32875

CVE-2023-32875 affects MediaTek platforms via the keyInstall function. The root cause is a missing bounds check in keyInstall, enabling local information disclosure and requiring System privileges for exploitation; no user interaction is needed. The CVE entry cites Patch ID ALPS08308607 and Issue...

4.4CVSS4.3AI score0.00091EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/01/02 2:49 a.m.30 views

CVE-2023-32875

In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308607; Issue ID: ALPS08304217...

4.7AI score0.00091EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/01/02 2:49 a.m.18 views

CVE-2023-32875

In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308607; Issue ID: ALPS08304217...

6.2AI score0.00091EPSS
Exploits0References1
CVE
CVE
added 2024/01/02 2:49 a.m.99 views

CVE-2023-32872

The CVE-2023-32872 issue is in MediaTek’s keyInstall module. It describes an out-of-bounds write caused by a missing bounds check, potentially enabling local privilege escalation to SYSTEM with no user interaction required. Public references in the connected documents consistently state this as a...

6.7CVSS6.7AI score0.00093EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder