In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08477148; Issue ID: ALPS08477148.
Max CVSS
6.7
EPSS Score
0.04%
Published
2024-02-05
Updated
2024-02-09
In aee, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07909204; Issue ID: ALPS07909204.
Max CVSS
6.7
EPSS Score
0.04%
Published
2023-12-04
Updated
2023-12-07
In gnss service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08037801; Issue ID: ALPS08037801.
Max CVSS
4.4
EPSS Score
0.04%
Published
2023-09-04
Updated
2023-09-07
In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017370; Issue ID: ALPS08017370.
Max CVSS
4.4
EPSS Score
0.04%
Published
2023-09-04
Updated
2023-09-07
In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local esclation of privileges with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017365; Issue ID: ALPS08017365.
Max CVSS
6.7
EPSS Score
0.04%
Published
2023-09-04
Updated
2023-09-07
In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441589; Issue ID: ALPS07441589.
Max CVSS
6.7
EPSS Score
0.04%
Published
2023-09-04
Updated
2023-09-07
LuCI openwrt-22.03 branch git-22.361.69894-438c598 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the component /system/sshkeys.js.
Max CVSS
5.4
EPSS Score
0.11%
Published
2023-04-11
Updated
2023-05-24
In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08013530.
Max CVSS
6.7
EPSS Score
0.04%
Published
2023-09-04
Updated
2023-09-07
In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08014162.
Max CVSS
6.7
EPSS Score
0.04%
Published
2023-09-04
Updated
2023-09-07
In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08014156.
Max CVSS
6.7
EPSS Score
0.04%
Published
2023-09-04
Updated
2023-09-07
In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08014148.
Max CVSS
6.7
EPSS Score
0.04%
Published
2023-09-04
Updated
2023-09-07
In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08014144.
Max CVSS
6.7
EPSS Score
0.04%
Published
2023-09-04
Updated
2023-09-07
In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07937113; Issue ID: ALPS07937113.
Max CVSS
6.7
EPSS Score
0.04%
Published
2023-09-04
Updated
2023-09-07
In wlan service, there is a possible command injection due to improper input validation. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00244189; Issue ID: WCNCR00244189.
Max CVSS
7.2
EPSS Score
0.08%
Published
2023-09-04
Updated
2023-09-07
In power, there is a possible memory corruption due to an incorrect bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07929790; Issue ID: ALPS07929790.
Max CVSS
4.4
EPSS Score
0.04%
Published
2023-08-07
Updated
2023-08-09
In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07740194; Issue ID: ALPS07740194.
Max CVSS
4.4
EPSS Score
0.04%
Published
2023-08-07
Updated
2023-08-09
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07978760; Issue ID: ALPS07363410.
Max CVSS
6.7
EPSS Score
0.04%
Published
2023-07-04
Updated
2023-07-10
In mnld, there is a possible leak of GPS location due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only); Issue ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only).
Max CVSS
3.3
EPSS Score
0.04%
Published
2023-05-15
Updated
2023-05-24
In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07734004 / ALPS07874358 (For MT6880, MT6890, MT6980, MT6990 only); Issue ID: ALPS07734004 / ALPS07874358 (For MT6880, MT6890, MT6980, MT6990 only).
Max CVSS
6.7
EPSS Score
0.04%
Published
2023-06-06
Updated
2023-06-09
In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07856356 / ALPS07874388 (For MT6880 and MT6890 only); Issue ID: ALPS07856356 / ALPS07874388 (For MT6880 and MT6890 only).
Max CVSS
6.7
EPSS Score
0.04%
Published
2023-05-15
Updated
2023-05-24
In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07734012 / ALPS07874363 (For MT6880, MT6890, MT6980 and MT6990 only); Issue ID: ALPS07734012 / ALPS07874363 (For MT6880, MT6890, MT6980 and MT6990 only).
Max CVSS
6.7
EPSS Score
0.04%
Published
2023-05-15
Updated
2023-05-24
In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07733998 / ALPS07874388 (For MT6880 and MT6890 only); Issue ID: ALPS07733998 / ALPS07874388 (For MT6880 and MT6890 only).
Max CVSS
6.7
EPSS Score
0.04%
Published
2023-05-15
Updated
2023-05-24
Openwrt before v21.02.3 and Openwrt v22.03.0-rc6 were discovered to contain two skip loops in the function header_value(). This vulnerability allows attackers to access sensitive information via a crafted HTTP request.
Max CVSS
7.5
EPSS Score
0.27%
Published
2022-09-19
Updated
2023-05-24
OpenWrt 21.02.1 allows XSS via the NAT Rules Name screen.
Max CVSS
5.4
EPSS Score
0.06%
Published
2021-12-27
Updated
2023-05-24
OpenWrt 21.02.1 allows XSS via the Traffic Rules Name screen.
Max CVSS
5.4
EPSS Score
0.06%
Published
2021-12-27
Updated
2023-05-24