Export limit exceeded: 355961 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 355961 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 355961 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (570 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-20798 | 2 Google, Mediatek | 35 Android, Mt2718, Mt6765 and 32 more | 2026-03-30 | 7.8 High |
| In battery, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10315812; Issue ID: MSV-5533. | ||||
| CVE-2025-20797 | 2 Google, Mediatek | 35 Android, Mt2718, Mt6765 and 32 more | 2026-03-30 | 7.8 High |
| In battery, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10315812; Issue ID: MSV-5534. | ||||
| CVE-2025-20796 | 2 Google, Mediatek | 4 Android, Mt6989, Mt8796 and 1 more | 2026-03-30 | 7.8 High |
| In imgsys, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is needed for exploitation. Patch ID: ALPS10314745; Issue ID: MSV-5553. | ||||
| CVE-2025-20760 | 1 Mediatek | 51 Mt2735, Mt2737, Mt6833 and 48 more | 2026-03-30 | 6.5 Medium |
| In Modem, there is a possible read of uninitialized heap data due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01676750; Issue ID: MSV-4653. | ||||
| CVE-2025-20761 | 2 Mediatek, Mediatk | 102 Mt2735, Mt2737, Mt6833 and 99 more | 2026-03-30 | 6.5 Medium |
| In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01311265; Issue ID: MSV-4655. | ||||
| CVE-2025-20762 | 1 Mediatek | 16 Mt6835, Mt6835t, Mt6878 and 13 more | 2026-03-30 | 6.5 Medium |
| In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01685181; Issue ID: MSV-4760. | ||||
| CVE-2025-20793 | 1 Mediatek | 53 Mt2735, Mt2737, Mt6813 and 50 more | 2026-03-30 | 6.5 Medium |
| In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01430930; Issue ID: MSV-4836. | ||||
| CVE-2025-20794 | 2 Mediatek, Mediatk | 87 Mt2735, Mt2737, Mt6813 and 84 more | 2026-03-30 | 6.5 Medium |
| In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01689259 / MOLY01586470; Issue ID: MSV-4847. | ||||
| CVE-2025-20795 | 2 Google, Mediatek | 55 Android, Mt2718, Mt6580 and 52 more | 2026-03-30 | 7.8 High |
| In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10276761; Issue ID: MSV-5141. | ||||
| CVE-2025-20645 | 2 Google, Mediatek | 15 Android, Mt6765, Mt6768 and 12 more | 2026-02-26 | 7.8 High |
| In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09475476; Issue ID: MSV-2599. | ||||
| CVE-2024-20146 | 4 Google, Linuxfoundation, Mediatek and 1 more | 30 Android, Yocto, Mt2737 and 27 more | 2026-02-26 | 8.1 High |
| In wlan STA driver, there is a possible out of bounds write due to improper input validation. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389496 / ALPS09137491; Issue ID: MSV-1835. | ||||
| CVE-2024-20148 | 3 Google, Linuxfoundation, Mediatek | 18 Android, Yocto, Mt3603 and 15 more | 2026-02-26 | 9.8 Critical |
| In wlan STA FW, there is a possible out of bounds write due to improper input validation. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389045 / ALPS09136494; Issue ID: MSV-1796. | ||||
| CVE-2025-20668 | 2 Google, Mediatek | 8 Android, Mt6878, Mt6897 and 5 more | 2026-02-26 | 6.7 Medium |
| In scp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09625562; Issue ID: MSV-3027. | ||||
| CVE-2025-20657 | 2 Google, Mediatek | 14 Android, Mt6765, Mt6768 and 11 more | 2026-02-26 | 6.7 Medium |
| In vdec, there is a possible permission bypass due to improper input validation. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09486425; Issue ID: MSV-2609. | ||||
| CVE-2025-20697 | 2 Google, Mediatek | 30 Android, Mt2718, Mt6761 and 27 more | 2026-02-26 | 6.7 Medium |
| In Power HAL, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09915681; Issue ID: MSV-3795. | ||||
| CVE-2025-20698 | 2 Google, Mediatek | 41 Android, Mt2718, Mt6739 and 38 more | 2026-02-26 | 6.7 Medium |
| In Power HAL, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09915400; Issue ID: MSV-3793. | ||||
| CVE-2025-20708 | 1 Mediatek | 64 Modem, Mt2735, Mt2737 and 61 more | 2026-02-26 | 8.8 High |
| In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01123853; Issue ID: MSV-4131. | ||||
| CVE-2025-20704 | 1 Mediatek | 16 Mt6813, Mt6835, Mt6835t and 13 more | 2026-02-26 | 8 High |
| In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: MOLY01516959; Issue ID: MSV-3502. | ||||
| CVE-2025-20705 | 4 Google, Linuxfoundation, Mediatek and 1 more | 43 Android, Yocto, Monitor Hang and 40 more | 2026-02-26 | 7.8 High |
| In monitor_hang, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09989078; Issue ID: MSV-3964. | ||||
| CVE-2025-20707 | 2 Google, Mediatek | 18 Android, Mt2718, Mt6853 and 15 more | 2026-02-26 | 6.7 Medium |
| In geniezone, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09924201; Issue ID: MSV-3820. | ||||