CVE-2021-41030

CVE-2021-41030 describes an authentication bypass by capture‑replay in Fortinet FortiClient EMS (versions 7.0.1 and earlier, 6.4.4 and earlier) that could allow an unauthenticated attacker to impersonate an existing user by intercepting and reusing valid SAML authentication messages. The Red Hat ...

CVE-2021-25522

Insecure storage of sensitive information vulnerability in Smart Capture prior to version 4.8.02.10 allows attacker to access victim's captured images without permission...

CVE-2021-25522

Insecure storage of sensitive information vulnerability in Smart Capture prior to version 4.8.02.10 allows attacker to access victim's captured images without permission...

Information disclosure

Insecure storage of sensitive information vulnerability in Smart Capture prior to version 4.8.02.10 allows attacker to access victim's captured images without permission...

CVE-2021-25522

CVE-2021-25522 affects Samsung Smart Capture before version 4.8.02.10. The root cause is insecure storage of captured images, allowing an attacker with local access to retrieve victims’ captured images without permission. No exploitation details are provided in the documents. Mitigation: update t...

CVE-2021-25522

Insecure storage of sensitive information vulnerability in Smart Capture prior to version 4.8.02.10 allows attacker to access victim's captured images without permission...

Samsung Smart Capture 安全漏洞

Samsung Smart Capture is an APK from Samsung that allows you to select parts of a video during playback and save them as animated GIFs. A security vulnerability exists in Samsung Smart Capture before 4.8.02.10, which stems from the software not storing sensitive information securely and allows an...

FortiClient EMS - SAML SSO replay attack

An authentication bypass by capture-replay vulnerability CWE-294 in FortiClient EMS may allow an unauthenticated attacker to impersonate an existing user by intercepting and re-using valid SAML authentication messages...

openSUSE 15 Security Update : wireshark (openSUSE-SU-2021:3938-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:3938-1 advisory. - NULL pointer exception in the IPPUSB dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted captu...

Qualcomm 芯片安全漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc., and are from time to time fabricated on the surface of semiconductor wafers. A security vulnerability exists in Qualcomm Chipsets that stems fro...

KLA12373 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, inject malicious code, bypass security restrictions, spoof user interface. Below is a complete list of vulnerabilities: 1. Use after free...

[SECURITY] Fedora 34 Update: wireshark-3.6.0-1.fc34

Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless WiFi or Bluetooth networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful...

CVE-2021-39921

A NULL pointer exception flaw was found in Wireshark. A process failure on crafted or malformed input in the Modbus dissector can cause a denial of service via a packet injection or crafted capture file...

CVE-2021-39923

Large loop in the PNRP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file...

CVE-2021-39929

Uncontrolled Recursion in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file...

CVE-2021-39921

NULL pointer exception in the Modbus dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file...

CVE-2021-39922

Buffer overflow in the C12.22 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file...

CVE-2021-39924

Large loop in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file...

AZL-7412 CVE-2021-39924 affecting package wireshark for versions less than 3.4.14-1

Large loop in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file...

DEBIAN-CVE-2021-39926

Buffer overflow in the Bluetooth HCIISO dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file...