Total
13324 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-32621 | 2 Google, Mediatek | 3 Android, Mt6895, Mt6983 | 2025-04-24 | N/A | 6.4 MEDIUM |
| In isp, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310829; Issue ID: ALPS07310829. | |||||
| CVE-2022-32620 | 2 Google, Mediatek | 9 Android, Mt6781, Mt6789 and 6 more | 2025-04-24 | N/A | 6.7 MEDIUM |
| In mpu, there is a possible memory corruption due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07541753; Issue ID: ALPS07541753. | |||||
| CVE-2022-32619 | 2 Google, Mediatek | 52 Android, Mt6580, Mt6731 and 49 more | 2025-04-24 | N/A | 6.7 MEDIUM |
| In keyinstall, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07439659; Issue ID: ALPS07439659. | |||||
| CVE-2022-32598 | 2 Google, Mediatek | 33 Android, Mt6762, Mt6765 and 30 more | 2025-04-24 | N/A | 6.7 MEDIUM |
| In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446228; Issue ID: ALPS07446228. | |||||
| CVE-2022-32597 | 2 Google, Mediatek | 33 Android, Mt6762, Mt6765 and 30 more | 2025-04-24 | N/A | 6.7 MEDIUM |
| In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446228; Issue ID: ALPS07446228. | |||||
| CVE-2022-32596 | 2 Google, Mediatek | 33 Android, Mt6762, Mt6765 and 30 more | 2025-04-24 | N/A | 6.7 MEDIUM |
| In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446213; Issue ID: ALPS07446213. | |||||
| CVE-2022-32594 | 2 Google, Mediatek | 33 Android, Mt6762, Mt6765 and 30 more | 2025-04-24 | N/A | 6.7 MEDIUM |
| In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446207; Issue ID: ALPS07446207. | |||||
| CVE-2024-20101 | 2 Google, Mediatek | 17 Android, Mt3605, Mt6985 and 14 more | 2025-04-24 | N/A | 9.8 CRITICAL |
| In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998901; Issue ID: MSV-1602. | |||||
| CVE-2024-20103 | 2 Google, Mediatek | 14 Android, Mt3605, Mt6985 and 11 more | 2025-04-24 | N/A | 9.8 CRITICAL |
| In wlan firmware, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09001358; Issue ID: MSV-1599. | |||||
| CVE-2024-20104 | 5 Google, Linuxfoundation, Mediatek and 2 more | 24 Android, Yocto, Mt6781 and 21 more | 2025-04-24 | N/A | 8.4 HIGH |
| In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09073261; Issue ID: MSV-1772. | |||||
| CVE-2022-45283 | 1 Gpac | 1 Gpac | 2025-04-24 | N/A | 7.8 HIGH |
| GPAC MP4box v2.0.0 was discovered to contain a stack overflow in the smil_parse_time_list parameter at /scenegraph/svg_attributes.c. | |||||
| CVE-2022-39133 | 2 Google, Unisoc | 14 Android, S8022, Sc7731e and 11 more | 2025-04-24 | N/A | 5.5 MEDIUM |
| In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. | |||||
| CVE-2022-39132 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-04-24 | N/A | 5.5 MEDIUM |
| In camera driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. | |||||
| CVE-2022-39129 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-04-24 | N/A | 5.5 MEDIUM |
| In face detect driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. | |||||
| CVE-2022-39106 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-04-24 | N/A | 5.5 MEDIUM |
| In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. | |||||
| CVE-2022-42772 | 2 Google, Unisoc | 14 Android, S8021, Sc7731e and 11 more | 2025-04-23 | N/A | 5.5 MEDIUM |
| In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. | |||||
| CVE-2022-42755 | 2 Google, Unisoc | 14 Android, S8023, Sc7731e and 11 more | 2025-04-23 | N/A | 5.5 MEDIUM |
| In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. | |||||
| CVE-2022-1304 | 3 E2fsprogs Project, Fedoraproject, Redhat | 3 E2fsprogs, Fedora, Enterprise Linux | 2025-04-23 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem. | |||||
| CVE-2021-44142 | 6 Canonical, Debian, Fedoraproject and 3 more | 23 Ubuntu Linux, Debian Linux, Fedora and 20 more | 2025-04-23 | 9.0 HIGH | 8.8 HIGH |
| The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root. | |||||
| CVE-2022-2380 | 1 Linux | 1 Linux Kernel | 2025-04-23 | N/A | 5.5 MEDIUM |
| The Linux kernel was found vulnerable out of bounds memory access in the drivers/video/fbdev/sm712fb.c:smtcfb_read() function. The vulnerability could result in local attackers being able to crash the kernel. | |||||