Qualcomm多款产品 芯片资源管理错误漏洞

Qualcomm APQ8009 and others are products of Qualcomm Incorporated Qualcomm, U.S.A. The Qualcomm APQ8009 is a central processing unit CPU product.The Qualcomm APQ8096AU is a central processing unit.The Qualcomm APQ8009W is a central processing unit. A resource management error vulnerability exists...

Qualcomm 芯片输入验证错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. a way to miniaturize circuitry including primarily semiconductor devices, but also passive components, etc. and is manufactured from time to time on the surface of semiconductor wafers. An input validation error vulnerability exists in...

Qualcomm 芯片安全漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuitry including primarily semiconductor devices, but also passive components, etc., and from time to time manufactured on the surface of semiconductor wafers. A security vulnerability exists in multiple Qualcomm...

SUSE-SU-2021:14848-1 Security update for xen

This update for xen fixes the following issues: - CVE-2021-0089: Fixed Speculative Code Store Bypass XSA-375 bsc1186433. - CVE-2021-20255: Fixed stack overflow via infinite recursion in eepro100 bsc1182654. - CVE-2021-28690: Fixed x86 TSX Async Abort protections not restored after S3 XSA-377...

CVE-2021-0120

Improper initialization in the installer for some IntelR Graphics DCH Drivers for Windows 10 before version 27.20.100.9316 may allow an authenticated user to potentially enable denial of service via local access...

CVE-2021-0053

Improper initialization in firmware for some IntelR PROSet/Wireless WiFi and KillerTM WiFi in Windows 10 may allow an authenticated user to potentially enable information disclosure via adjacent access...

Input validation

Improper initialization in firmware for some IntelR PROSet/Wireless WiFi and KillerTM WiFi in Windows 10 may allow an authenticated user to potentially enable information disclosure via adjacent access...

Input validation

Improper initialization in the installer for some IntelR Graphics DCH Drivers for Windows 10 before version 27.20.100.9316 may allow an authenticated user to potentially enable denial of service via local access...

CVE-2021-0053

Improper initialization in firmware for some IntelR PROSet/Wireless WiFi and KillerTM WiFi in Windows 10 may allow an authenticated user to potentially enable information disclosure via adjacent access...

CVE-2021-26326

Failure to validate VMHSAVEPA during SNPINIT may result in a loss of memory integrity...

PT-2021-17004 · Amd · 1St Gen Amd Epyc™ +49

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: The issue concerns a potential "two time pad attack" due to the persistent platform private key not being protected with a random IV. This could lead to security risks, but specific...

The vulnerability of the Protection Against Distributed Denial of Service attacks function in Cisco IOS XE allows a attacker to cause a service failure.

The vulnerability of the Protection Against Distributed Denial of Service attacks in Cisco IOS XE operating systems is related to initialization errors. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

The vulnerability of the Link Layer Discovery Protocol (LLDP) implementation in Cisco IOS and Cisco IOS XE operating systems allows a attacker to cause a service failure.

The vulnerability of the Link Layer Discovery Protocol LLDP implementation in Cisco IOS and Cisco IOS XE operating systems is related to initialization errors. Exploiting this vulnerability allows a malicious actor to cause service failures through the command line interface or by sending special...

UVI-2021-1002204 ice: check whether PTP is initialized in ice_ptp_release()

ice: check whether PTP is initialized in iceptprelease This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15 by commit...

GSD-2021-1002204 ice: check whether PTP is initialized in ice_ptp_release()

ice: check whether PTP is initialized in iceptprelease This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15 by commit...

UVI-2021-1002135 ice: check whether PTP is initialized in ice_ptp_release()

ice: check whether PTP is initialized in iceptprelease This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.14.16 by commit...

Design/Logic Flaw

OpenZeppelin Contracts is a library for smart contract development. In affected versions upgradeable contracts using UUPSUpgradeable may be vulnerable to an attack affecting uninitialized implementation contracts. A fix is included in version 4.3.2 of @openzeppelin/contracts and...

CVE-2021-30266

CVE-2021-30266 describes a use-after-free due to improper memory validation when initializing a new interface via the Interface add command in Qualcomm Snapdragon devices (multiple product families). Affected component is memory handling during interface initialization; impact is rated high for c...

Mozilla Firefox Security Advisory (MFSA2013-96) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

Mozilla Firefox Security Advisory (MFSA2015-45) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...