cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-20108,https://securityvulnerability.io/vulnerability/CVE-2024-20108,Possible Out of Bounds Write Leads to Local Escalation of Privilege,"In atci, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09082988; Issue ID: MSV-1774.",MediaTek,"Mt6580, Mt6739, Mt6761, Mt6765, Mt6768, Mt6779, Mt6781, Mt6785, Mt6789, Mt6833, Mt6835, Mt6853, Mt6855, Mt6873, Mt6877, Mt6878, Mt6879, Mt6883, Mt6885, Mt6886, Mt6889, Mt6893, Mt6895, Mt6896, Mt6897, Mt6983, Mt6985, Mt6989, Mt8168, Mt8173, Mt8175, Mt8185, Mt8188, Mt8195, Mt8321, Mt8362a, Mt8365, Mt8370, Mt8385, Mt8390, Mt8395, Mt8666, Mt8667, Mt8673, Mt8675, Mt8676, Mt8678, Mt8755, Mt8765, Mt8766, Mt8768, Mt8771, Mt8775, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791, Mt8791t, Mt8792, Mt8795t, Mt8796, Mt8797, Mt8798",,,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-11-04T01:48:43.978Z,0
CVE-2023-32871,https://securityvulnerability.io/vulnerability/CVE-2023-32871,Possible Permission Bypass in DA Product Could Lead to Local Escalation of Privilege,"A permission bypass vulnerability has been identified in MediaTek's products caused by an incorrect status check mechanism. This flaw allows an attacker to escalate privileges locally without requiring additional execution privileges or user interaction. Such vulnerabilities pose risks as they could be exploited to increase the privileges of a user or process beyond intended limitations, potentially leading to unauthorized access and control over the affected systems. Users and organizations utilizing MediaTek's products are advised to apply the necessary security patch identified as ALPS08355514 to mitigate this risk.",MediaTek,"Mt2737, Mt6739, Mt6761, Mt6765, Mt6768, Mt6771, Mt6779, Mt6781, Mt6785, Mt6789, Mt6833, Mt6835, Mt6853, Mt6853t, Mt6855, Mt6873, Mt6877, Mt6879, Mt6880, Mt6883, Mt6885, Mt6886, Mt6889, Mt6890, Mt6893, Mt6895, Mt6897, Mt6980, Mt6983, Mt6985, Mt6989, Mt6990, Mt8167, Mt8167s, Mt8168, Mt8173, Mt8175, Mt8185, Mt8188, Mt8195, Mt8321, Mt8362a, Mt8365, Mt8385, Mt8390, Mt8395, Mt8755, Mt8765, Mt8766, Mt8768, Mt8775, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791, Mt8791t, Mt8797, Mt8798",,,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-05-06T02:51:52.075Z,0
CVE-2024-20033,https://securityvulnerability.io/vulnerability/CVE-2024-20033,Possible Information Disclosure in NVRAM Due to Missing Bounds Check,"In nvram, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08499945; Issue ID: ALPS08499945.",MediaTek,"Mt2713, Mt6739, Mt6761, Mt6765, Mt6768, Mt6771, Mt6779, Mt6785, Mt6789, Mt6835, Mt6855, Mt6879, Mt6883, Mt6885, Mt6886, Mt6893, Mt6895, Mt6983, Mt6985, Mt8167, Mt8167s, Mt8168, Mt8173, Mt8175, Mt8185, Mt8188, Mt8195, Mt8321, Mt8362a, Mt8365, Mt8370, Mt8385, Mt8390, Mt8395, Mt8666, Mt8667, Mt8673, Mt8675, Mt8676, Mt8678, Mt8755, Mt8765, Mt8766, Mt8768, Mt8775, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791, Mt8792, Mt8796, Mt8797, Mt8798",,,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-03-04T02:43:48.493Z,0
CVE-2023-20790,https://securityvulnerability.io/vulnerability/CVE-2023-20790,Out of Bounds Write Vulnerability in NVRAM by MediaTek,"A potential out of bounds write vulnerability exists in the NVRAM component of MediaTek products. This flaw arises from a missing bounds check, which can lead to local information disclosure, necessitating system execution privileges for exploitation. Notably, user interaction is not required for the attack, allowing it to be executed without prior consent from the user. A patch has been issued to address this vulnerability, emphasizing the importance of maintaining updated software to safeguard against potential exploits.",MediaTek,"Mt2713, Mt2735, Mt2737, Mt6739, Mt6761, Mt6762, Mt6763, Mt6765, Mt6768, Mt6769, Mt6771, Mt6779, Mt6781, Mt6785, Mt6789, Mt6833, Mt6835, Mt6853, Mt6853t, Mt6855, Mt6873, Mt6875, Mt6877, Mt6879, Mt6880, Mt6883, Mt6885, Mt6886, Mt6889, Mt6890, Mt6891, Mt6893, Mt6895, Mt6980, Mt6983, Mt6985, Mt6990, Mt8167, Mt8167s, Mt8168, Mt8173, Mt8175, Mt8185, Mt8188, Mt8195, Mt8321, Mt8362a, Mt8365, Mt8385, Mt8395, Mt8666, Mt8667, Mt8673, Mt8675, Mt8765, Mt8766, Mt8768, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791, Mt8791t, Mt8797",4.4,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-08-07T04:15:00.000Z,0
CVE-2023-20745,https://securityvulnerability.io/vulnerability/CVE-2023-20745,Out of Bounds Write Vulnerability in MediaTek's VCU,"A notable vulnerability exists in MediaTek's VCU, stemming from improper locking mechanisms, which may lead to an out of bounds write condition. This flaw could enable local users to escalate their privileges to system-level execution without requiring any user interaction for exploitation. The vulnerability highlights the importance of proper security measures in software design and the need for timely updates to mitigate potential risks. Affected versions should be updated using the provided patch ID ALPS07519142.",MediaTek,"MT6789, MT6855, MT8185, MT8195, MT8365, MT8395, MT8781, MT8786, MT8789, MT8791, MT8797",6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-06-06T13:15:00.000Z,0
CVE-2023-20743,https://securityvulnerability.io/vulnerability/CVE-2023-20743,Out of Bounds Write Vulnerability in MediaTek VCUs,"An out of bounds write vulnerability exists in MediaTek VCUs due to improper locking mechanisms. This security flaw potentially allows attackers to escalate privileges to system execution without requiring any user interaction, making it a significant risk for local exploits. Affected versions need to apply the necessary patches to mitigate this issue.",MediaTek,"MT6789, MT6855, MT8185, MT8195, MT8365, MT8395, MT8781, MT8786, MT8789, MT8791, MT8797",6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-06-06T13:15:00.000Z,0
CVE-2023-20746,https://securityvulnerability.io/vulnerability/CVE-2023-20746,Out of Bounds Write Vulnerability in MediaTek vcu,"A vulnerability has been identified within MediaTek's vcu, where improper locking mechanisms may lead to potential out of bounds write situations. This flaw allows for a local escalation of privilege, enabling malicious actors to gain elevated system execution privileges without requiring user interaction. The issue has been documented and patches have been issued, underscoring the importance of timely updates to safeguard systems against potential exploitation.",MediaTek,"MT6789, MT6855, MT8167, MT8168, MT8173, MT8185, MT8195, MT8321, MT8365, MT8395, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-06-06T13:15:00.000Z,0
CVE-2023-20728,https://securityvulnerability.io/vulnerability/CVE-2023-20728,Out of Bounds Read Vulnerability in MediaTek WLAN,"A vulnerability exists in MediaTek WLAN due to a missing bounds check that can result in out of bounds read. This flaw may allow an attacker to access sensitive local information without requiring user interaction. Exploitation necessitates system execution privileges, making it essential for users and administrators of MediaTek devices to apply available patches and mitigate potential risks.",MediaTek,"MT6781, MT6789, MT6833, MT6835, MT6855, MT6877, MT6879, MT6886, MT6895, MT6983, MT6985, MT7663, MT7668, MT7902, MT7921, MT8167S, MT8168, MT8175, MT8185, MT8195, MT8362A, MT8365, MT8385, MT8395, MT8518, MT8532, MT8673, MT8675, MT8695, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797",4.4,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-06-06T13:15:00.000Z,0
CVE-2023-20744,https://securityvulnerability.io/vulnerability/CVE-2023-20744,Use After Free Vulnerability in MediaTek VCU Components,"A logic error in MediaTek VCU components allows for a use after free vulnerability, potentially leading to local privilege escalation. This vulnerability does not require user interaction, which means that the system execution privileges could be compromised without any action from the user. It is crucial for users of affected VCU versions to apply the necessary patches to mitigate these risks, as attackers could exploit this weakness to gain elevated privileges.",MediaTek,"MT6789, MT6855, MT8185, MT8195, MT8365, MT8395, MT8781, MT8786, MT8789, MT8791, MT8797",6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-06-06T13:15:00.000Z,0
CVE-2023-20694,https://securityvulnerability.io/vulnerability/CVE-2023-20694,Out of Bounds Write Vulnerability in Preloader for MediaTek Products,"A security flaw in the Preloader of MediaTek devices can allow for an out of bounds write due to insufficient bounds checking. This vulnerability could potentially enable local escalation of privileges, granting unauthorized access to system-level execution. Notably, this issue does not require user interaction for exploitation, making it particularly concerning. MediaTek has released patches under IDs ALPS07733998 and ALPS07874388 specifically for the vulnerable MT6880 and MT6890 models, highlighting the importance of updating affected devices to mitigate security risks.",MediaTek,"Mt6580, Mt6739, Mt6761, Mt6765, Mt6768, Mt6769, Mt6771, Mt6779, Mt6785, Mt6789, Mt6853, Mt6855, Mt6873, Mt6879, Mt6880, Mt6885, Mt6890, Mt6895, Mt6983, Mt8167, Mt8175, Mt8185, Mt8195, Mt8321, Mt8365, Mt8385, Mt8395, Mt8666, Mt8667, Mt8673, Mt8675, Mt8765, Mt8766, Mt8768, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791, Mt8791t, Mt8797",6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-05-15T00:00:00.000Z,0
CVE-2023-20688,https://securityvulnerability.io/vulnerability/CVE-2023-20688,Out of Bounds Read Vulnerability in MediaTek Products,"This vulnerability involves a possible out of bounds read due to a missing bounds check in certain MediaTek products. If exploited, it may allow local information disclosure while requiring system execution privileges. Notably, user interaction is not necessary for this exploitation to occur. Affected products should be patched as per Patch ID: ALPS07441821 to mitigate potential risks.",MediaTek,"Mt2715, Mt6580, Mt6731, Mt6735, Mt6737, Mt6739, Mt6753, Mt6757, Mt6757c, Mt6757cd, Mt6757ch, Mt6761, Mt6762, Mt6763, Mt6765, Mt6768, Mt6769, Mt6771, Mt6779, Mt6781, Mt6785, Mt6789, Mt6833, Mt6853, Mt6853t, Mt6855, Mt6873, Mt6875, Mt6877, Mt6879, Mt6883, Mt6885, Mt6889, Mt6891, Mt6893, Mt6895, Mt6983, Mt8167, Mt8168, Mt8169, Mt8173, Mt8175, Mt8183, Mt8185, Mt8188, Mt8192, Mt8195, Mt8321, Mt8362a, Mt8365, Mt8385, Mt8390, Mt8395, Mt8666, Mt8673, Mt8675, Mt8696, Mt8765, Mt8766, Mt8768, Mt8771, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791, Mt8791t, Mt8795t, Mt8797, Mt8798, Mt8891",4.4,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-04-06T00:00:00.000Z,0
CVE-2023-20655,https://securityvulnerability.io/vulnerability/CVE-2023-20655,Privilege Escalation Vulnerability in MediaTek mmsdk Product,"A vulnerability exists in the MediaTek mmsdk due to a parcel format mismatch, which might allow local code execution without requiring additional execution privileges or user interaction. This flaw can be exploited by attackers to gain unauthorized access to system resources, posing a significant security risk. Users of affected versions are advised to apply the recommended patches promptly to safeguard their systems.",MediaTek,"MT2715, MT6580, MT6735, MT6737, MT6739, MT6753, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8192, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8395, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8795T, MT8797, MT8798, MT8871, MT8891",7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-04-06T00:00:00.000Z,0