Every CVE whose affected-product data names Linuxfoundation Yocto, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (114)
CVE-2024-20080 — CVSS 9.8 (critical): In gnss service, there is a possible escalation of privilege due to improper certificate validation. This could lead to remote escalation…
CVE-2024-20148 — CVSS 9.8 (critical): In wlan STA FW, there is a possible out of bounds write due to improper input validation. This could lead to remote (proximal/adjacent)…
CVE-2024-25626 — CVSS 8.8 (high): Yocto Project is an open source collaboration project that helps developers create custom Linux-based systems regardless of the hardware…
CVE-2024-20040 — CVSS 8.8 (high): In wlan firmware, there is a possible out of bounds write due to improper input validation. This could lead to remote escalation of…
CVE-2024-20104 — CVSS 8.4 (high): In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no…
CVE-2024-20053 — CVSS 8.4 (high): In flashc, there is a possible out of bounds write due to an uncaught exception. This could lead to local escalation of privilege with…
CVE-2024-20146 — CVSS 8.1 (high): In wlan STA driver, there is a possible out of bounds write due to improper input validation. This could lead to remote (proximal/adjacent)…
CVE-2025-20705 — CVSS 7.8 (high): In monitor_hang, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a…
CVE-2023-32820 — CVSS 7.5 (high): In wlan firmware, there is a possible firmware assertion due to improper input handling. This could lead to remote denial of service with…
CVE-2023-20689 — CVSS 7.5 (high): In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional…
CVE-2025-61611 — CVSS 7.5 (high): In modem, there is a possible improper input validation. This could lead to remote denial of service with no additional execution…
CVE-2024-20089 — CVSS 7.5 (high): In wlan, there is a possible denial of service due to incorrect error handling. This could lead to remote denial of service with no…
CVE-2024-20153 — CVSS 7.5 (high): In wlan STA, there is a possible way to trick a client to connect to an AP with spoofed SSID. This could lead to remote information…
CVE-2022-32589 — CVSS 7.5 (high): In Wi-Fi driver, there is a possible way to disconnect Wi-Fi due to an improper resource release. This could lead to remote denial of…
CVE-2022-32666 — CVSS 7.5 (high): In Wi-Fi, there is a possible low throughput due to misrepresentation of critical information. This could lead to remote denial of service…
CVE-2023-20690 — CVSS 7.5 (high): In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional…
CVE-2023-20691 — CVSS 7.5 (high): In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional…
CVE-2023-20692 — CVSS 7.5 (high): In wlan firmware, there is possible system crash due to an uncaught exception. This could lead to remote denial of service with no…
CVE-2023-20693 — CVSS 7.5 (high): In wlan firmware, there is possible system crash due to an uncaught exception. This could lead to remote denial of service with no…
CVE-2025-20656 — CVSS 6.8 (medium): In DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an…
CVE-2025-20650 — CVSS 6.8 (medium): In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an…
CVE-2025-20696 — CVSS 6.8 (medium): In DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an…
CVE-2022-26475 — CVSS 6.7 (medium): In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with…
CVE-2023-20831 — CVSS 6.7 (medium): In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System…
CVE-2023-20832 — CVSS 6.7 (medium): In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System…
CVE-2023-20830 — CVSS 6.7 (medium): In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System…
CVE-2022-32590 — CVSS 6.7 (medium): In wlan, there is a possible use after free due to an incorrect status check. This could lead to local escalation of privilege with System…
CVE-2022-32592 — CVSS 6.7 (medium): In cpu dvfs, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with…
CVE-2023-20712 — CVSS 6.7 (medium): In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with…
CVE-2023-20715 — CVSS 6.7 (medium): In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with…
CVE-2023-20716 — CVSS 6.7 (medium): In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with…
CVE-2023-20732 — CVSS 6.7 (medium): In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System…
CVE-2023-20733 — CVSS 6.7 (medium): In vcu, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution…
CVE-2023-20734 — CVSS 6.7 (medium): In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System…
CVE-2023-20735 — CVSS 6.7 (medium): In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System…
CVE-2023-20737 — CVSS 6.7 (medium): In vcu, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution…
CVE-2023-20738 — CVSS 6.7 (medium): In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System…
CVE-2023-20740 — CVSS 6.7 (medium): In vcu, there is a possible memory corruption due to a logic error. This could lead to local escalation of privilege with System execution…
CVE-2023-20743 — CVSS 6.7 (medium): In vcu, there is a possible out of bounds write due to improper locking. This could lead to local escalation of privilege with System…
CVE-2023-20744 — CVSS 6.7 (medium): In vcu, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution…
CVE-2023-20745 — CVSS 6.7 (medium): In vcu, there is a possible out of bounds write due to improper locking. This could lead to local escalation of privilege with System…
CVE-2023-20746 — CVSS 6.7 (medium): In vcu, there is a possible out of bounds write due to improper locking. This could lead to local escalation of privilege with System…
CVE-2023-20804 — CVSS 6.7 (medium): In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with…
CVE-2023-20805 — CVSS 6.7 (medium): In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with…
CVE-2023-20821 — CVSS 6.7 (medium): In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with…
CVE-2023-20828 — CVSS 6.7 (medium): In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System…
CVE-2023-20829 — CVSS 6.7 (medium): In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System…
CVE-2023-32806 — CVSS 6.7 (medium): In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege…
CVE-2023-32811 — CVSS 6.7 (medium): In connectivity system driver, there is a possible out of bounds write due to improper input validation. This could lead to local…
CVE-2023-32812 — CVSS 6.7 (medium): In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local esclation of privileges…
CVE-2023-32829 — CVSS 6.7 (medium): In apusys, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System…
CVE-2023-32855 — CVSS 6.7 (medium): In aee, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege…
CVE-2024-20022 — CVSS 6.7 (medium): In lk, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with…
CVE-2024-20023 — CVSS 6.7 (medium): In flashc, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System…
CVE-2024-20081 — CVSS 6.7 (medium): In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege…
CVE-2024-20098 — CVSS 6.7 (medium): In power, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with…
CVE-2024-20099 — CVSS 6.7 (medium): In power, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with…
CVE-2024-20140 — CVSS 6.7 (medium): In power, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a…
CVE-2025-20730 — CVSS 6.7 (medium): In preloader, there is a possible escalation of privilege due to an insecure default value. This could lead to local escalation of…
CVE-2025-20746 — CVSS 6.7 (medium): In gnss service, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege…
CVE-2025-20747 — CVSS 6.7 (medium): In gnss service, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege…
CVE-2024-20054 — CVSS 6.6 (medium): In gnss, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with…
CVE-2025-20635 — CVSS 6.6 (medium): In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an…
CVE-2024-20145 — CVSS 6.6 (medium): In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an…
CVE-2024-20144 — CVSS 6.6 (medium): In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an…
CVE-2024-20143 — CVSS 6.6 (medium): In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an…
CVE-2023-20842 — CVSS 6.5 (medium): In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of…
CVE-2023-20841 — CVSS 6.5 (medium): In imgsys, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege…
CVE-2023-20840 — CVSS 6.5 (medium): In imgsys, there is a possible out of bounds read and write due to a missing valid range checking. This could lead to local escalation of…
CVE-2024-20139 — CVSS 6.5 (medium): In Bluetooth firmware, there is a possible firmware asssert due to improper handling of exceptional conditions. This could lead to local…
CVE-2023-20800 — CVSS 6.5 (medium): In imgsys, there is a possible system crash due to a mssing ptr check. This could lead to local escalation of privilege with System…
CVE-2025-20693 — CVSS 6.5 (medium): In wlan STA driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote (proximal/adjacent)…
CVE-2023-20802 — CVSS 6.5 (medium): In imgsys, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with…
CVE-2023-20850 — CVSS 6.5 (medium): In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of…
CVE-2023-20803 — CVSS 6.5 (medium): In imgsys, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with…
CVE-2023-20849 — CVSS 6.5 (medium): In imgsys_cmdq, there is a possible use after free due to a missing valid range checking. This could lead to local escalation of privilege…
CVE-2023-20848 — CVSS 6.5 (medium): In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local escalation of…
CVE-2023-20835 — CVSS 6.4 (medium): In camsys, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System…
CVE-2023-20801 — CVSS 6.4 (medium): In imgsys, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System…
CVE-2023-20736 — CVSS 6.4 (medium): In vcu, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System…
CVE-2024-20055 — CVSS 6.3 (medium): In imgsys, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with…
CVE-2024-20107 — CVSS 6.2 (medium): In da, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no…
CVE-2023-32871 — CVSS 5.3 (medium): In DA, there is a possible permission bypass due to an incorrect status check. This could lead to local escalation of privilege with no…
CVE-2024-20147 — CVSS 5.3 (medium): In Bluetooth FW, there is a possible reachable assertion due to improper exception handling. This could lead to remote denial of service…
CVE-2025-20765 — CVSS 4.7 (medium): In aee daemon, there is a possible system crash due to a race condition. This could lead to local denial of service if a malicious actor…
CVE-2026-20435 — CVSS 4.6 (medium): In preloader, there is a possible read of device unique identifiers due to a logic error. This could lead to local information disclosure…
CVE-2023-20796 — CVSS 4.4 (medium): In power, there is a possible memory corruption due to an incorrect bounds check. This could lead to local denial of service with System…
CVE-2024-20049 — CVSS 4.4 (medium): In flashc, there is a possible information disclosure due to an uncaught exception. This could lead to local information disclosure with…
CVE-2023-20728 — CVSS 4.4 (medium): In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System…
CVE-2023-20729 — CVSS 4.4 (medium): In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System…
CVE-2023-20790 — CVSS 4.4 (medium): In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with…
CVE-2023-20747 — CVSS 4.4 (medium): In vcu, there is a possible memory corruption due to type confusion. This could lead to local denial of service with System execution…
CVE-2023-32810 — CVSS 4.4 (medium): In bluetooth driver, there is a possible out of bounds read due to improper input validation. This could lead to local information leak…
CVE-2023-20727 — CVSS 4.4 (medium): In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System…
CVE-2024-20084 — CVSS 4.4 (medium): In power, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System…
CVE-2024-20085 — CVSS 4.4 (medium): In power, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System…
CVE-2024-20050 — CVSS 4.4 (medium): In flashc, there is a possible information disclosure due to an uncaught exception. This could lead to local information disclosure with…
CVE-2024-20152 — CVSS 4.4 (medium): In wlan STA driver, there is a possible reachable assertion due to improper exception handling. This could lead to local denial of service…
CVE-2023-20731 — CVSS 4.4 (medium): In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System…
CVE-2023-32807 — CVSS 4.4 (medium): In wlan service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure…
CVE-2023-32815 — CVSS 4.4 (medium): In gnss service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure…
CVE-2023-32813 — CVSS 4.4 (medium): In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local information disclosure…
CVE-2023-20730 — CVSS 4.4 (medium): In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System…
CVE-2024-20052 — CVSS 4.4 (medium): In flashc, there is a possible information disclosure due to an uncaught exception. This could lead to local information disclosure with…
CVE-2023-20847 — CVSS 4.2 (medium): In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local denial of service…
CVE-2023-20843 — CVSS 4.2 (medium): In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information…
CVE-2023-20844 — CVSS 4.2 (medium): In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information…
CVE-2023-20845 — CVSS 4.2 (medium): In imgsys, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure…
CVE-2023-20846 — CVSS 4.2 (medium): In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information…
CVE-2023-20839 — CVSS 4.2 (medium): In imgsys, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure…
CVE-2025-20651 — CVSS 4.1 (medium): In da, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure, if an…
CVE-2023-20838 — CVSS 4.0 (medium): In imgsys, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with System…
CVE-2023-20726 — CVSS 3.3 (low): In mnld, there is a possible leak of GPS location due to a missing permission check. This could lead to local information disclosure with…
CVE-2024-20051 — CVSS 2.3 (low): In flashc, there is a possible system crash due to an uncaught exception. This could lead to local denial of service with System execution…