854 matches found
CVE-2021-1962
Buffer Overflow while processing IOCTL for getting peripheral endpoint information there is no proper validation for input maximum endpoint pair and its size in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired...
CVE-2021-1962
CVE-2021-1962 describes a buffer overflow in the Qualcomm Snapdragon PCI/IOCTL path for retrieving peripheral endpoint information, caused by insufficient validation of the input maximum endpoint pair and its size. The vulnerability affects Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Ind...
Qualcomm 芯片安全漏洞
A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc. and are often manufactured on the surface of semiconductor wafers. The Qualcomm chip suffers from a security vulnerability that stems from not...
How to troubleshoot hardware problems that look like malware problems
Sometimes it’s hard to figure out what exactly is going wrong with your computer. What do you do if you’ve run all the scans, checked all the files, and everything says the PC is malware free? Here’s a list of common problems that resemble cybersecurity issues, but could be caused by something...
PT-2021-9138 · Zephyr · Zephyr
Name of the Vulnerable Software and Affected Versions: Zephyr versions = v1.14.2, = v2.2.0 Description: The issue concerns Missing Size Checks in Bluetooth HCI over SPI, which involves Improper Handling of Length Parameter Inconsistency. Recommendations: For Zephyr versions = v1.14.2, = v2.2.0, a...
Code injection
NXP LPC55S6x microcontrollers 0A and 1B, i.MX RT500 silicon rev B1 and B2, i.MX RT600 silicon rev A0, B0, LPC55S6x, LPC55S2x, LPC552x silicon rev 0A, 1B, LPC55S1x, LPC551x silicon rev 0A and LPC55S0x, LPC550x silicon rev 0A include an undocumented ROM patch peripheral that allows unsigned,...
Hundreds of Millions of Dell Users at Risk from Kernel-Privilege Bugs
Five high-severity security flaws in Dell’s firmware update driver are impacting potentially hundreds of millions of Dell desktops, laptops, notebooks and tablets, researchers said. The bugs have gone undisclosed for 12 years, and could allow the ability to bypass security products, execute code...
CVE-2021-21545
Dell Peripheral Manager 1.3.1 or greater contains remediation for a local privilege escalation vulnerability that could be potentially exploited to gain arbitrary code execution on the system with privileges of the system user...
CVE-2021-21545
Dell Peripheral Manager 1.3.1 or greater contains remediation for a local privilege escalation vulnerability that could be potentially exploited to gain arbitrary code execution on the system with privileges of the system user...
Privilege escalation
Dell Peripheral Manager 1.3.1 or greater contains remediation for a local privilege escalation vulnerability that could be potentially exploited to gain arbitrary code execution on the system with privileges of the system user...
CVE-2021-21545
Dell Peripheral Manager 1.3.1 or greater contains remediation for a local privilege escalation vulnerability that could be potentially exploited to gain arbitrary code execution on the system with privileges of the system user...
CVE-2021-21545
CVE-2021-21545 affects Dell Peripheral Manager 1.3.1 or greater. Local privilege escalation could lead to arbitrary code execution with SYSTEM privileges. Dell provides remediation via a security update (DSA-2021-079) for Dell Peripheral Manager; no exploit details are disclosed in the provided d...
Dell Peripheral Manager 代码问题漏洞
Dell Peripheral Manager is an application from Dell USA. It provides on-screen instructions on how to pair other devices with your computer via Bluetooth. An elevation of privilege vulnerability exists in Dell Peripheral Manager versions prior to 1.3.1, which can be exploited by an attacker to ga...
Dell Peripheral Manager Elevation of Privilege Vulnerability
Dell Peripheral Manager is an application from Dell USA. It provides on-screen instructions on how to pair other devices with your computer via Bluetooth. An elevation of privilege vulnerability exists in Dell Peripheral Manager versions prior to 1.3.1, which can be exploited by an attacker to ga...
AZL-6543 CVE-2021-28972 affecting package kernel for versions less than 5.10.78.1-1
In drivers/pci/hotplug/rpadlparsysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly. This occurs because...
The vulnerability of the VFIO PCI kernel driver for Linux operating systems, related to insufficient handling of exceptional conditions, allows a hacker to trigger a service failure.
The vulnerability of the VFIO PCI kernel driver in the Linux operating system is related to insufficient handling of exceptional conditions. Exploiting this vulnerability can allow an attacker to cause a service failure...
Vulnerability Spotlight: Multiple vulnerabilities in NZXT computer monitoring software
Carl Hurd of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. NZXT’s CAM computer monitoring software contains multiple vulnerabilities an attacker could use to carry out a range of malicious actions. CAM provides users information on their machines, such as fan speeds, temperature...
DEBIAN-CVE-2020-29567
An issue was discovered in Xen 4.14.x. When moving IRQs between CPUs to distribute the load of IRQ handling, IRQ vectors are dynamically allocated and de-allocated on the relevant CPUs. De-allocation has to happen when certain constraints are met. If these conditions are not met when first checke...
CVE-2020-3703
u'Buffer over-read issue in Bluetooth peripheral firmware due to lack of check for invalid opcode and length of opcode received from central deviceThis CVE is equivalent to Link Layer Length Overfow issue CVE-2019-16336,CVE-2019-17519 and Silent Length Overflow issueCVE-2019-17518 mentioned in...
Design/Logic Flaw
u'Buffer over-read issue in Bluetooth peripheral firmware due to lack of check for invalid opcode and length of opcode received from central deviceThis CVE is equivalent to Link Layer Length Overfow issue CVE-2019-16336,CVE-2019-17519 and Silent Length Overflow issueCVE-2019-17518 mentioned in...