9 matches found
CVE-2022-26437
CVE-2022-26437 affects the httpclient component, with an out-of-bounds write caused by uninitialized data. The described impact is a remote escalation of privilege without extra execution privileges, and exploitation does not require user interaction. Patch reference: WSAP00103831 (Issue ID WSAP0...
CVE-2025-20677
The CVE-2025-20677 entry describes a vulnerability in the Bluetooth driver (MediaTek) where an uncaught exception can cause a system crash, leading to local denial of service with low-privilege, no user interaction required. The impact is explicitly rated as Availability HIGH with Local attack ve...
CVE-2025-20676
CVE-2025-20676 affects the wlan STA driver and is due to an uncaught exception that can cause a system crash, leading to local denial of service. The impact is a local DoS with privileges required being low and no user interaction required for exploitation (per the provided metrics). A patch is a...
CVE-2025-20680
CVE-2025-20680 affects the Bluetooth driver, with an out-of-bounds write caused by an incorrect bounds check. The vulnerability can lead to local escalation of privilege with User execution privileges required and no user interaction needed. Patch ID: WCNCR00418044; Issue ID: MSV-3482. Vulnerabil...
CVE-2025-20687
CVE-2025-20687 affects the Bluetooth driver (MediaTek chipset family in various advisories). The vulnerability is an out-of-bounds read caused by an incorrect bounds check, enabling local denial of service with the attacker gaining user privileges; exploitation does not require user interaction. ...
CVE-2026-20407
The CVE-2026-20407 entry concerns the wlan STA driver and a missing bounds check that enables local escalation of privilege. According to the sources, exploitation does not require user interaction, and the attacker would require user execution privileges, with a local attack vector. A patch is i...
CVE-2026-20419
The CVE-2026-20419 entry applies to wlan AP/STA firmware, where an uncaught exception can render the system irresponsive. This creates a remote, proximal denial-of-service scenario without extra execution privileges required and with no user interaction needed. The vulnerability impact is indicat...
CVE-2026-20423
CVE-2026-20423 concerns the MediaTek WLAN STA driver, where a missing bounds check allows an out-of-bounds write. This can enable local escalation of privilege with user-level execution, no user interaction required. Severity is high (CVSS: Local, Privileges Required: Low, User Interaction: None,...
CVE-2026-20436
CVE-2026-20436 affects the MediaTek WLAN STA driver, with a missing bounds check in the driver leading to local privilege escalation if an attacker already has System privileges. No user interaction is required. Impact is rated high for confidentiality, integrity, and availability; attack vector ...