CVE-2021-26337

Insufficient DRAM address validation in System Management Unit SMU may result in a DMA read from invalid DRAM address to SRAM resulting in SMU not servicing further requests...

CVE-2021-26337

Insufficient DRAM address validation in System Management Unit SMU may result in a DMA read from invalid DRAM address to SRAM resulting in SMU not servicing further requests...

CVE-2021-26337

The CVE-2021-26337 issue is an AMD SMU (System Management Unit) DRAM address validation flaw. It can permit a DMA read from an invalid DRAM address into SRAM, causing the SMU to stop servicing further requests. Mitigations are provided by AMD/AGSIA: update to the specified AGESA PI software versi...

PT-2021-17014 · Amd · Athlon™ Series +87

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: The issue is related to insufficient DRAM address validation in the System Management Unit SMU, which may cause a DMA read from an invalid DRAM address to SRAM. This can result in t...

Input validation

Improper validation of kernel buffer address while copying information back to user buffer can lead to kernel memory information exposure to user space in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdrag...

PT-2021-13713 · Qualcomm · Qualcomm Snapdragon

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon affected versions not specified Description: The issue is related to improper validation of kernel buffer address while copying information back to user buffer, which can lead to kernel memory information exposure to user...

PT-2021-13714 · Qualcomm · Qualcomm Gpu Driver

Name of the Vulnerable Software and Affected Versions: Qualcomm npu driver affected versions not specified Description: The issue is related to improper validation of kernel buffer address while copying information back to user buffer, which can lead to kernel memory information exposure to user...

Qualcomm 芯片输入验证错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. a way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc. and is manufactured from time to time on the surface of semiconductor wafers. An input validation error vulnerability exists in multiple Qualco...

Qualcomm 芯片 输入验证错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. a way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc. and is manufactured from time to time on the surface of semiconductor wafers. An input validation error vulnerability exists in multiple Qualco...

CVE-2021-21993

The vCenter Server contains an SSRF Server Side Request Forgery vulnerability due to improper validation of URLs in vCenter Server Content Library. An authorised user with access to content library may exploit this issue by sending a POST request to vCenter Server leading to information disclosur...

[SECURITY] [DSA 4970-1] postorius security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4970-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 09, 2021 https://www.debian.org/security/faq -...

0xRACER 输入验证错误漏洞

0xRACER is a new team-based pool lottery game. 0xRACER is vulnerable to an input validation error stemming from a lack of target address validation in the destroycontract function of 0xRACER version 1.0, which could be exploited by an attacker to steal a token from a victim user via a carefully...

UBUNTU-CVE-2021-25737

A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to private networks on a Node. Kubernetes already prevents creation of Endpoint IPs in the localhost or link-local range, but the same validation was not performed on EndpointSlice IPs...

CVE-2021-40491

The ftp client in GNU Inetutils before 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they match the server address. This is similar to CVE-2020-8284 for curl...

CVE-2021-40491

The ftp client in GNU Inetutils before 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they match the server address. This is similar to CVE-2020-8284 for curl...

DEBIAN-CVE-2021-40491

The ftp client in GNU Inetutils before 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they match the server address. This is similar to CVE-2020-8284 for curl...

Code injection

The ftp client in GNU Inetutils before 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they match the server address. This is similar to CVE-2020-8284 for curl...

UBUNTU-CVE-2021-40491

The ftp client in GNU Inetutils before 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they match the server address. This is similar to CVE-2020-8284 for curl...

CVE-2021-40491

CVE-2021-40491 affects GNU Inetutils before 2.2, where the FTP client does not validate addresses returned in PASV/LSPV responses against the server address, enabling potential address mismatch exploitation. The connected documents corroborate a related PASV-based risk in curl (CVE-2020-8284) and...

Security update for python39 (important)

openSUSE Security Update: Security update for python39 Announcement ID: openSUSE-SU-2021:2940-1 Rating: important References: 1183858 1185588 1185706 Cross-References: CVE-2021-29921 CVSS scores: CVE-2021-29921 NVD : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-29921 SUSE: 8.6...