Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.7

    MEDIUM
    CVE-2024-20108

    In atci, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09082988; Issue ID: MS... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6789 mt6833 mt6835 mt6853 mt6855 mt6873 +55 more products
    • Published: Nov. 04, 2024
    • Modified: Apr. 22, 2025

  • 6.7

    MEDIUM
    CVE-2024-20109

    In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09065928; Issue ID: MSV... Read more

    Affected Products : android mt6833 mt6853 mt6873 mt6877 mt6885 mt6893 mt6765 mt6768 mt8188 +1 more products
    • Published: Nov. 04, 2024
    • Modified: Apr. 22, 2025

  • 6.7

    MEDIUM
    CVE-2024-20110

    In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09065887; Issue ID: MSV... Read more

    Affected Products : android mt6833 mt6853 mt6873 mt6877 mt6885 mt6893 mt6765 mt6768 mt8188 +1 more products
    • Published: Nov. 04, 2024
    • Modified: Apr. 22, 2025

  • 4.4

    MEDIUM
    CVE-2024-20112

    In isp, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09071481; Issue ID: MSV-1730.... Read more

    Affected Products : android mt6878 mt6886 mt6897 mt6985 mt8676
    • Published: Nov. 04, 2024
    • Modified: Apr. 22, 2025

  • 6.7

    MEDIUM
    CVE-2024-20113

    In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09036814; Issue ID: MSV... Read more

    Affected Products : android mt6765 mt6768 mt8188 mt8195
    • Published: Nov. 04, 2024
    • Modified: Apr. 22, 2025

  • 6.7

    MEDIUM
    CVE-2024-20115

    In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09036695; Issue ID: MSV... Read more

    • Published: Nov. 04, 2024
    • Modified: Apr. 22, 2025

  • 4.4

    MEDIUM
    CVE-2024-20116

    In cmdq, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09057438; Issue ID: MSV-... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6789 mt8791t mt8797 mt6765 mt6768 mt8765 +9 more products
    • Published: Dec. 02, 2024
    • Modified: Apr. 22, 2025

  • 4.4

    MEDIUM
    CVE-2024-20117

    In vdec, there is a possible out of bounds read due to improper structure design. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09008925; Issue ID: M... Read more

    • Published: Nov. 04, 2024
    • Modified: Apr. 22, 2025

  • 6.7

    MEDIUM
    CVE-2024-20118

    In mms, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09062392; Issue ID: ... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6789 mt6833 mt6835 mt6853 mt6855 mt6873 +11 more products
    • Published: Nov. 04, 2024
    • Modified: Apr. 22, 2025

  • 7.8

    HIGH
    CVE-2025-20632

    In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR0... Read more

    • Published: Feb. 03, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-20631

    In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR0... Read more

    • Published: Feb. 03, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Memory Corruption

  • 5.3

    MEDIUM
    CVE-2024-20147

    In Bluetooth FW, there is a possible reachable assertion due to improper exception handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR003890... Read more

    Affected Products : android openwrt yocto mt6835 mt6878 mt6886 mt6897 mt6985 mt6989 mt6990 +16 more products
    • Published: Feb. 03, 2025
    • Modified: Apr. 22, 2025

  • 7.5

    HIGH
    CVE-2024-20150

    In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01412526; Issue ID: MSV-2018.... Read more

    Affected Products : lr13 nr15 nr16 nr17 lr12a mt2735 mt6779 mt6781 mt6783 mt6785 +70 more products
    • Published: Jan. 06, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Denial of Service

  • 9.8

    CRITICAL
    CVE-2024-20148

    In wlan STA FW, there is a possible out of bounds write due to improper input validation. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch I... Read more

    Affected Products : android yocto mt6835 mt6878 mt6886 mt6897 mt8766 mt8768 mt8798 mt8775 +8 more products
    • Published: Jan. 06, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Memory Corruption

  • 8.1

    HIGH
    CVE-2024-20146

    In wlan STA driver, there is a possible out of bounds write due to improper input validation. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Pat... Read more

    Affected Products : android openwrt yocto mt6835 mt6878 mt6886 mt6897 mt6990 mt8667 mt8673 +20 more products
    • Published: Jan. 06, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Memory Corruption

  • 6.6

    MEDIUM
    CVE-2024-20145

    In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed... Read more

    Affected Products : android openwrt yocto rdk-b mt6781 mt6789 mt6835 mt6855 mt6878 mt6879 +12 more products
    • Published: Jan. 06, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Memory Corruption

  • 6.5

    MEDIUM
    CVE-2023-51324

    PHPJabbers Shared Asset Booking System v1.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in Sys... Read more

    Affected Products : shared_asset_booking_system
    • Published: Feb. 20, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Injection

  • 6.6

    MEDIUM
    CVE-2024-20144

    In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed... Read more

    Affected Products : android openwrt yocto rdk-b mt6779 mt6781 mt6785 mt6789 mt6833 mt6835 +26 more products
    • Published: Jan. 06, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Memory Corruption

  • 6.6

    MEDIUM
    CVE-2024-20143

    In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed... Read more

    Affected Products : android openwrt yocto rdk-b mt6781 mt6789 mt6835 mt6855 mt6878 mt6879 +14 more products
    • Published: Jan. 06, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Memory Corruption

  • 6.7

    MEDIUM
    CVE-2024-20140

    In power, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: AL... Read more

    Affected Products : android yocto mt6781 mt6833 mt6853 mt6877 mt6885 mt6893 mt6739 mt6761 +3 more products
    • Published: Jan. 06, 2025
    • Modified: Apr. 22, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 293350 Results