📦 Yocto

This vulnerability allows remote attackers to execute arbitrary code on affected devices via Wi-Fi without user interaction. It affects MediaTek chipsets with vulnerable STA (station) firmware in wire...

This vulnerability in MediaTek's GNSS service allows remote attackers to escalate privileges without user interaction due to improper certificate validation. It affects devices using MediaTek chipsets...

CVE-2025-20705 is a use-after-free vulnerability in the monitor_hang component that could lead to memory corruption. This allows local privilege escalation from System privilege to higher privileges w...

This vulnerability allows attackers to spoof Wi-Fi access point SSIDs, tricking client devices into connecting to malicious networks. This affects devices with MediaTek Wi-Fi chipsets in STA (station/...

This vulnerability in MediaTek WLAN STA drivers allows remote attackers within wireless range to execute arbitrary code without user interaction. It affects devices using MediaTek chipsets with vulner...

This vulnerability in MediaTek's da component allows local attackers to write beyond allocated memory boundaries, potentially gaining elevated privileges on affected devices. It affects Android device...

This vulnerability in MediaTek Wi-Fi drivers allows remote attackers to cause denial of service without authentication or user interaction. It affects devices using MediaTek chipsets with vulnerable w...

This vulnerability in MediaTek's flashc component allows an attacker with system privileges to perform an out-of-bounds write due to an uncaught exception, leading to local privilege escalation. It af...

This vulnerability in MediaTek wlan firmware allows remote attackers to trigger a firmware assertion through improper input handling, causing denial of service without requiring authentication or user...

This CVE describes an integer overflow vulnerability in MediaTek wlan firmware that can cause system crashes. Attackers can remotely trigger denial of service without authentication or user interactio...

This CVE describes an integer overflow vulnerability in MediaTek wlan firmware that can cause system crashes. Attackers can remotely trigger denial of service without authentication or user interactio...

This vulnerability in MediaTek wlan firmware allows remote attackers to cause a system crash (denial of service) without authentication or user interaction. It affects devices using vulnerable MediaTe...

This vulnerability in the GNSS service allows an out-of-bounds write due to incorrect bounds checking. It enables local privilege escalation if an attacker already has System privilege, requiring no u...

This vulnerability in the GNSS service allows an attacker with System privilege to perform an out-of-bounds write, potentially leading to local privilege escalation. It affects devices using MediaTek ...

This vulnerability allows local privilege escalation on MediaTek devices due to an insecure default value in the preloader component. An attacker with System privilege can exploit this to gain higher ...

This CVE describes an out-of-bounds write vulnerability in DA (likely a MediaTek component) that could allow local privilege escalation. Attackers with physical access can exploit this without additio...

This vulnerability in MediaTek DA software allows local attackers with physical access to escalate privileges through an out-of-bounds write. No user interaction or additional execution privileges are...

This CVE describes an out-of-bounds write vulnerability in MediaTek's da component that could allow local privilege escalation. Attackers with physical access can exploit this without additional privi...

This CVE describes a Bluetooth firmware vulnerability in MediaTek chipsets where improper exception handling could trigger a reachable assertion. This allows remote attackers to cause denial of servic...

This CVE describes an out-of-bounds write vulnerability in V6 DA (likely a MediaTek component) that allows local privilege escalation. Attackers with physical access can exploit this without additiona...

This vulnerability in V6 DA allows local privilege escalation through an out-of-bounds write due to missing bounds checks. An attacker with physical access can exploit this without additional privileg...

This CVE describes a Bluetooth firmware vulnerability in MediaTek chipsets where improper handling of exceptional conditions can cause a firmware assertion (crash). This leads to local denial of servi...

CVE-2024-20107 is an out-of-bounds read vulnerability in MediaTek's da component that allows local attackers to read memory beyond allocated buffers without authentication or user interaction. This le...

This CVE describes an out-of-bounds write vulnerability in MediaTek power management components that allows local privilege escalation. Attackers with system execution privileges can exploit this with...

CVE-2024-20085 is an out-of-bounds read vulnerability in MediaTek power management components that could allow local information disclosure. Attackers with system execution privileges could read memor...

This vulnerability in MediaTek's DA (Download Agent) allows local attackers to bypass permission checks due to an incorrect status verification. It enables local privilege escalation without requiring...

This vulnerability in the flashc component allows local information disclosure when exploited by a process with System execution privileges. It affects MediaTek devices using vulnerable flashc firmwar...

This vulnerability in MediaTek's flashc component allows local information disclosure when exploited by a process with System execution privileges. It affects MediaTek-powered devices and requires no ...

This vulnerability in MediaTek's imgsys component allows local information disclosure due to missing bounds checking. Attackers with system privileges and user interaction can exploit this to read sen...