Total
282 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-20785 | 2 Google, Mediatek | 46 Android, Mt6739, Mt6761 and 43 more | 2026-01-08 | N/A | 6.7 MEDIUM |
| In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10149882; Issue ID: MSV-4677. | |||||
| CVE-2025-20787 | 2 Google, Mediatek | 31 Android, Mt2718, Mt6739 and 28 more | 2026-01-08 | N/A | 6.7 MEDIUM |
| In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10149879; Issue ID: MSV-4658. | |||||
| CVE-2025-20793 | 1 Mediatek | 53 Mt2735, Mt2737, Mt6813 and 50 more | 2026-01-08 | N/A | 7.5 HIGH |
| In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01430930; Issue ID: MSV-4836. | |||||
| CVE-2025-20794 | 1 Mediatek | 54 Mt2735, Mt2737, Mt6813 and 51 more | 2026-01-08 | N/A | 7.5 HIGH |
| In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01689259 / MOLY01586470; Issue ID: MSV-4847. | |||||
| CVE-2025-20795 | 2 Google, Mediatek | 55 Android, Mt2718, Mt6580 and 52 more | 2026-01-08 | N/A | 7.8 HIGH |
| In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10276761; Issue ID: MSV-5141. | |||||
| CVE-2025-20797 | 2 Google, Mediatek | 35 Android, Mt2718, Mt6765 and 32 more | 2026-01-08 | N/A | 7.8 HIGH |
| In battery, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10315812; Issue ID: MSV-5534. | |||||
| CVE-2025-20798 | 2 Google, Mediatek | 35 Android, Mt2718, Mt6765 and 32 more | 2026-01-08 | N/A | 7.8 HIGH |
| In battery, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10315812; Issue ID: MSV-5533. | |||||
| CVE-2025-20752 | 1 Mediatek | 49 Mt2735, Mt2737, Mt6813 and 46 more | 2025-12-04 | N/A | 6.5 MEDIUM |
| In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01270690; Issue ID: MSV-4301. | |||||
| CVE-2025-20753 | 1 Mediatek | 42 Mt2735, Mt2737, Mt6833 and 39 more | 2025-12-04 | N/A | 5.3 MEDIUM |
| In Modem, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01689252; Issue ID: MSV-4841. | |||||
| CVE-2025-20754 | 1 Mediatek | 64 Mt2735, Mt2737, Mt6813 and 61 more | 2025-12-04 | N/A | 5.3 MEDIUM |
| In Modem, there is a possible system crash due to an incorrect bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01689251; Issue ID: MSV-4840. | |||||
| CVE-2025-20758 | 1 Mediatek | 64 Mt2735, Mt2737, Mt6813 and 61 more | 2025-12-03 | N/A | 4.9 MEDIUM |
| In Modem, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01673755; Issue ID: MSV-4647. | |||||
| CVE-2025-20759 | 1 Mediatek | 46 Mt2735, Mt2737, Mt6833 and 43 more | 2025-12-03 | N/A | 6.5 MEDIUM |
| In Modem, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01673760; Issue ID: MSV-4650. | |||||
| CVE-2025-20763 | 2 Google, Mediatek | 28 Android, Mt6833, Mt6835 and 25 more | 2025-12-03 | N/A | 7.8 HIGH |
| In mmdvfs, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10267218; Issue ID: MSV-5032. | |||||
| CVE-2025-20764 | 2 Google, Mediatek | 34 Android, Mt6739, Mt6761 and 31 more | 2025-12-03 | N/A | 7.8 HIGH |
| In smi, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10259774; Issue ID: MSV-5029. | |||||
| CVE-2025-20766 | 2 Google, Mediatek | 32 Android, Mt2718, Mt6739 and 29 more | 2025-12-03 | N/A | 7.8 HIGH |
| In display, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4820. | |||||
| CVE-2025-20767 | 2 Google, Mediatek | 32 Android, Mt2718, Mt6739 and 29 more | 2025-12-03 | N/A | 7.8 HIGH |
| In display, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4807. | |||||
| CVE-2025-20768 | 2 Google, Mediatek | 26 Android, Mt6739, Mt6761 and 23 more | 2025-12-03 | N/A | 7.8 HIGH |
| In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4805. | |||||
| CVE-2025-20769 | 2 Google, Mediatek | 32 Android, Mt2718, Mt6739 and 29 more | 2025-12-03 | N/A | 6.7 MEDIUM |
| In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4804. | |||||
| CVE-2025-20770 | 2 Google, Mediatek | 32 Android, Mt2718, Mt6739 and 29 more | 2025-12-03 | N/A | 6.7 MEDIUM |
| In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4803. | |||||
| CVE-2025-20777 | 2 Google, Mediatek | 46 Android, Mt6739, Mt6761 and 43 more | 2025-12-03 | N/A | 6.7 MEDIUM |
| In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184870; Issue ID: MSV-4752. | |||||