Total
8312 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-44100 | 1 Google | 32 Android, Pixel, Pixel 2 and 29 more | 2024-10-28 | N/A | 7.5 HIGH |
| Android before 2024-10-05 on Google Pixel devices allows information disclosure in the modem component, A-299774545. | |||||
| CVE-2024-20097 | 2 Google, Mediatek | 14 Android, Mt6761, Mt6765 and 11 more | 2024-10-27 | N/A | 4.4 MEDIUM |
| In vdec, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1630. | |||||
| CVE-2024-20096 | 2 Google, Mediatek | 27 Android, Mt6580, Mt6739 and 24 more | 2024-10-27 | N/A | 4.4 MEDIUM |
| In m4u, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08996900; Issue ID: MSV-1635. | |||||
| CVE-2024-20095 | 2 Google, Mediatek | 27 Android, Mt6580, Mt6739 and 24 more | 2024-10-27 | N/A | 4.4 MEDIUM |
| In m4u, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08996894; Issue ID: MSV-1636. | |||||
| CVE-2024-20093 | 2 Google, Mediatek | 17 Android, Mt6761, Mt6765 and 14 more | 2024-10-27 | N/A | 4.4 MEDIUM |
| In vdec, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1699. | |||||
| CVE-2024-20091 | 2 Google, Mediatek | 17 Android, Mt6761, Mt6765 and 14 more | 2024-10-27 | N/A | 4.4 MEDIUM |
| In vdec, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1701. | |||||
| CVE-2024-20085 | 5 Google, Linuxfoundation, Mediatek and 2 more | 43 Android, Yocto, Mt6580 and 40 more | 2024-10-27 | N/A | 4.4 MEDIUM |
| In power, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08944204; Issue ID: MSV-1560. | |||||
| CVE-2024-20084 | 5 Google, Linuxfoundation, Mediatek and 2 more | 43 Android, Yocto, Mt6580 and 40 more | 2024-10-27 | N/A | 4.4 MEDIUM |
| In power, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08944210; Issue ID: MSV-1561. | |||||
| CVE-2024-39440 | 2 Google, Unisoc | 10 Android, S8000, T606 and 7 more | 2024-10-17 | N/A | 4.4 MEDIUM |
| In DRM service, there is a possible system crash due to null pointer dereference. This could lead to local denial of service with System execution privileges needed. | |||||
| CVE-2024-39439 | 2 Google, Unisoc | 10 Android, S8000, T606 and 7 more | 2024-10-17 | N/A | 4.4 MEDIUM |
| In DRM service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | |||||
| CVE-2024-39438 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-10-17 | N/A | 6.7 MEDIUM |
| In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. | |||||
| CVE-2024-39437 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-10-17 | N/A | 6.7 MEDIUM |
| In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. | |||||
| CVE-2024-39436 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-10-17 | N/A | 6.7 MEDIUM |
| In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. | |||||
| CVE-2024-44096 | 1 Google | 1 Android | 2024-10-15 | N/A | 4.4 MEDIUM |
| there is a possible arbitrary read due to an insecure default value. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-44095 | 1 Google | 1 Android | 2024-10-15 | N/A | 7.8 HIGH |
| In ppmp_protect_mfcfw_buf of code/drm_fw.c, there is a possible corrupt memory due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-39433 | 2 Google, Unisoc | 10 Android, S8000, T606 and 7 more | 2024-09-30 | N/A | 4.4 MEDIUM |
| In drm service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | |||||
| CVE-2024-39434 | 2 Google, Unisoc | 10 Android, S8000, T606 and 7 more | 2024-09-30 | N/A | 4.4 MEDIUM |
| In drm service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | |||||
| CVE-2024-39435 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-09-30 | N/A | 7.8 HIGH |
| In Logmanager service, there is a possible missing verification incorrect input. This could lead to local escalation of privilege with no additional execution privileges needed. | |||||
| CVE-2024-39432 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-09-30 | N/A | 4.5 MEDIUM |
| In UMTS RLC driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed. | |||||
| CVE-2024-39431 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-09-30 | N/A | 4.5 MEDIUM |
| In UMTS RLC driver, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed. | |||||