Filtered by vendor Mediatek
Subscriptions
Total
1041 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-20452 | 2 Mediatek, Mediatek, Inc. | 19 Mt6890, Mt6890 Firmware, Mt7615 and 16 more | 2026-06-01 | 8 High |
| In wlan AP driver, there is a possible memory corruption due to a heap buffer overflow. This could lead to remote (proximal/adjacent) code execution with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00480138; Issue ID: MSV-6295. | ||||
| CVE-2026-20453 | 2 Mediatek, Mediatek, Inc. | 73 Mt6739, Mt6739 Firmware, Mt6761 and 70 more | 2026-06-01 | 6.7 Medium |
| In geniezone, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10886526; Issue ID: MSV-6791. | ||||
| CVE-2026-20454 | 2 Mediatek, Mediatek, Inc. | 73 Mt6739, Mt6739 Firmware, Mt6761 and 70 more | 2026-06-01 | 6.4 Medium |
| In geniezone, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10873936; Issue ID: MSV-6786. | ||||
| CVE-2026-20455 | 2 Mediatek, Mediatek, Inc. | 73 Mt6739, Mt6739 Firmware, Mt6761 and 70 more | 2026-06-01 | 7.8 High |
| In geniezone, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10873936; Issue ID: MSV-6784. | ||||
| CVE-2026-20456 | 2 Mediatek, Mediatek, Inc. | 13 Mt7902, Mt7902 Firmware, Mt7920 and 10 more | 2026-06-01 | 5.5 Medium |
| In wlan STA driver, there is a possible system crash due to a missing bounds check. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00480851; Issue ID: MSV-6338. | ||||
| CVE-2026-20447 | 2 Mediatek, Mediatek, Inc. | 35 Mt6768, Mt6768 Firmware, Mt6789 and 32 more | 2026-05-07 | 6.7 Medium |
| In geniezone, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10724073; Issue ID: MSV-6296. | ||||
| CVE-2026-20448 | 2 Mediatek, Mediatek, Inc. | 45 Mt6765, Mt6765 Firmware, Mt6768 and 42 more | 2026-05-07 | 6.7 Medium |
| In geniezone, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10708513; Issue ID: MSV-6281. | ||||
| CVE-2026-20449 | 2 Mediatek, Mediatek, Inc. | 137 Mt2735, Mt2735 Firmware, Mt2737 and 134 more | 2026-05-07 | 6.5 Medium |
| In Modem, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01760138; Issue ID: MSV-6148. | ||||
| CVE-2026-20450 | 2 Mediatek, Mediatek, Inc. | 103 Mt2735, Mt2735 Firmware, Mt2737 and 100 more | 2026-05-07 | 6.5 Medium |
| In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01753620; Issue ID: MSV-6100. | ||||
| CVE-2026-20451 | 2 Mediatek, Mediatek, Inc. | 65 Mt2718, Mt2718 Firmware, Mt6899 and 62 more | 2026-05-07 | 6.7 Medium |
| In slbc, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10828685; Issue ID: MSV-6504. | ||||
| CVE-2026-20415 | 2 Google, Mediatek | 3 Android, Mt6897, Mt6989 | 2026-04-18 | 5.5 Medium |
| In imgsys, there is a possible memory corruption due to improper locking. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10363254; Issue ID: MSV-5617. | ||||
| CVE-2026-20401 | 1 Mediatek | 20 Mt2735, Mt6833, Mt6853 and 17 more | 2026-04-18 | 6.5 Medium |
| In Modem, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01738310; Issue ID: MSV-5933. | ||||
| CVE-2026-20402 | 1 Mediatek | 20 Mt2735, Mt6833, Mt6853 and 17 more | 2026-04-18 | 6.5 Medium |
| In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00693083; Issue ID: MSV-5928. | ||||
| CVE-2026-20406 | 1 Mediatek | 56 Mt2735, Mt2737, Mt6813 and 53 more | 2026-04-18 | 6.5 Medium |
| In Modem, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01726634; Issue ID: MSV-5728. | ||||
| CVE-2026-20414 | 2 Google, Mediatek | 9 Android, Mt6897, Mt6989 and 6 more | 2026-04-18 | 6.7 Medium |
| In imgsys, there is a possible escalation of privilege due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10362999; Issue ID: MSV-5625. | ||||
| CVE-2026-20422 | 1 Mediatek | 57 Mt2735, Mt2737, Mt6813 and 54 more | 2026-04-16 | 6.5 Medium |
| In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00827332; Issue ID: MSV-5919. | ||||
| CVE-2026-20408 | 2 Mediatek, Openwrt | 8 Mt6890, Mt7615, Mt7915 and 5 more | 2026-04-16 | 8.8 High |
| In wlan, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00461651; Issue ID: MSV-4758. | ||||
| CVE-2026-20410 | 2 Google, Mediatek | 6 Android, Mt6897, Mt6989 and 3 more | 2026-04-16 | 6.7 Medium |
| In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10362552; Issue ID: MSV-5760. | ||||
| CVE-2026-20413 | 2 Google, Mediatek | 5 Android, Mt6899, Mt6991 and 2 more | 2026-04-16 | 6.7 Medium |
| In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10362725; Issue ID: MSV-5694. | ||||
| CVE-2026-20418 | 2 Google, Mediatek | 3 Matter, Mt7931, Mt7933 | 2026-04-16 | 9.8 Critical |
| In Thread, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00465153; Issue ID: MSV-4927. | ||||