Search
Search Results (48 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-20775 | 2 Google, Mediatek | 46 Android, Mt6739, Mt6761 and 43 more | 2026-02-26 | 6.7 Medium |
| In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182914; Issue ID: MSV-4795. | ||||
| CVE-2025-20776 | 2 Google, Mediatek | 46 Android, Mt6739, Mt6761 and 43 more | 2026-02-26 | 6.7 Medium |
| In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184297; Issue ID: MSV-4759. | ||||
| CVE-2025-20777 | 2 Google, Mediatek | 46 Android, Mt6739, Mt6761 and 43 more | 2026-02-26 | 6.7 Medium |
| In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184870; Issue ID: MSV-4752. | ||||
| CVE-2025-20756 | 1 Mediatek | 38 Mt2735, Mt6833, Mt6833p and 35 more | 2026-02-17 | 6.5 Medium |
| In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01673749; Issue ID: MSV-4643. | ||||
| CVE-2025-20703 | 1 Mediatek | 63 Modem, Mt2735, Mt2737 and 60 more | 2026-02-17 | 6.5 Medium |
| In Modem, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01599794; Issue ID: MSV-3708. | ||||
| CVE-2025-20678 | 1 Mediatek | 94 Lr12a, Lr13, Mt6739 and 91 more | 2026-02-17 | 6.5 Medium |
| In ims service, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01394606; Issue ID: MSV-2739. | ||||
| CVE-2025-20754 | 1 Mediatek | 64 Mt2735, Mt2737, Mt6813 and 61 more | 2025-12-04 | 5.3 Medium |
| In Modem, there is a possible system crash due to an incorrect bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01689251; Issue ID: MSV-4840. | ||||
| CVE-2025-20758 | 1 Mediatek | 64 Mt2735, Mt2737, Mt6813 and 61 more | 2025-12-03 | 4.9 Medium |
| In Modem, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01673755; Issue ID: MSV-4647. | ||||