EUVD-2022-25262

Malicious code in bioql PyPI...

CVE-2024-20051

In flashc, there is a possible system crash due to an uncaught exception. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541757; Issue ID: ALPS08541758...

CVE-2024-20044

The CVE 2024-20044 affects the da module in MediaTek chips, where a missing bounds check enables an out-of-bounds write. This could allow local escalation of privilege to SYSTEM-level execution with no user interaction required. Patch ALPS08541784/ALPS08541784 is referenced as the mitigation. Con...

CVE-2024-20027

In da, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541632; Issue ID: ALPS08541633...

Design/Logic Flaw

In da, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541632; Issue ID: ALPS08541633...

CVE-2024-20030

CVE-2024-20030 affects the MediaTek-related component “da” module. The root cause is improper input validation leading to local information disclosure; exploitation requires no user interaction, but local privileges are needed. The entry notes a patch/mitigation identified as Patch ID ALPS0854163...

Out-of-bounds

In jpg driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed...

CVE-2023-32854

In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08240132; Issue ID: ALPS08240132...

CVE-2023-32860

Affected product: MediaTek chips (display module). Vulnerability: classic buffer overflow due to a missing bounds check in display handling. Root cause: out-of-bounds write leading to local privilege escalation with SYSTEM-level privileges required. Exploit: no user interaction required (local ex...

CVE-2023-35653

In TBD of TBD, there is a possible way to access location information due to a permissions bypass. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation...

Integer overflow

In vpu, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767817; Issue ID: ALPS07767817...

CVE-2023-20840

In imgsys, there is a possible out of bounds read and write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326430; Issue ID: ALPS07326430...

CVE-2023-20836

CVE-2023-20836 affects the CAMSYS component. The vulnerability is an out-of-bounds read caused by a missing bounds check, which could lead to local information disclosure with System execution privileges; exploitation reportedly does not require user interaction. The documented patch reference is...

CVE-2023-20834

In pda, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07608514; Issue ID: ALPS07608514...

CVE-2023-20814

In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453560; Issue ID: ALPS07453560...

CVE-2023-20784

In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07826989; Issue ID: ALPS07826989...

CVE-2023-20766

In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573237; Issue ID: ALPS07573202...

CVE-2023-21157

In encode of wlandata.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2023-21209

In multiple functions of staiface.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID:...

CVE-2023-20740

In vcu, there is a possible memory corruption due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07559819; Issue ID: ALPS07559840...