Spoofing

There is an Identity verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability...

Design/Logic Flaw

There is an Injection attack vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability...

Design/Logic Flaw

There is an Improper permission vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability...

CVE-2021-37033

There is an Injection attack vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability...

CVE-2021-37033

Technical details (affected products, versions, impact specifics) are not publicly available in the provided documents. Monitor for updates from primary vendors and security advisories.

CVE-2021-37030

There is an Improper permission vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability...

CVE-2021-37029

There is an Identity verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability...

CVE-2021-37029

Technical details for CVE-2021-37029 are not publicly available in the provided documents; monitor for updates from vendors and security advisories.

jetty: Resource exhaustion when receiving an invalid large TLS frame

When using SSL/TLS with Jetty, either with HTTP/1.1, HTTP/2, or WebSocket, the server may receive an invalid large greater than 17408 TLS frame that is incorrectly handled, causing high CPU resources utilization. The highest threat from this vulnerability is to service availability...

Huawei HarmonyOS 安全漏洞

Huawei Emui is a mobile operating system developed on Android. magic Ui is a mobile operating system developed on Android. an authentication vulnerability exists in Huawei Emui and Magic UI. An attacker could exploit this vulnerability to affect service availability...

Huawei Emui 注入漏洞

Huawei Emui is a mobile operating system developed on Android.Magic Ui is a mobile operating system developed on Android.An injection attack vulnerability exists in Huawei Emui and Magic UI. An attacker can exploit this vulnerability to affect service availability...

Oracle Linux 8 : libwebp (ELSA-2021-4231)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-4231 advisory. 1.0.0-5 - Added fixes for rhbz1956853, rhbz1956856, rhbz1956868, rhbz1956917 Tenable has extracted the preceding description block directly from the...

libwebp: excessive memory allocation when reading a file

A flaw was found in libwebp. When reading a file libwebp allocates an excessive amount of memory. The highest threat from this vulnerability is to the service availability...

libwebp: out-of-bounds read in WebPMuxCreateInternal

A flaw was found in libwebp. An out-of-bounds read was found in function WebPMuxCreateInternal. The highest threat from this vulnerability is to data confidentiality and to the service availability...

libwebp: out-of-bounds read in ChunkAssignData() in mux/muxinternal.c

A flaw was found in libwebp. An out-of-bounds read was found in function ChunkAssignData. The highest threat from this vulnerability is to data confidentiality and to the service availability...

libwebp: out-of-bounds read in ChunkVerifyAndAssign() in mux/muxread.c

A flaw was found in libwebp. An out-of-bounds read was found in function ChunkVerifyAndAssign. The highest threat from this vulnerability is to data confidentiality and to the service availability...

lasso: XML signature wrapping vulnerability when parsing SAML responses

An XML Signature Wrapping XSW vulnerability was found in Lasso. This flaw allows an attacker to modify a valid SAML response to include an unsigned SAML assertion, which may be used to impersonate another valid user recognized by the service using Lasso. The highest threat from this vulnerability...

python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code

A flaw was found in python-babel. A path traversal vulnerability was found in how locale data files are checked and loaded within python-babel, allowing a local attacker to trick an application that uses python-babel to load a file outside of the intended locale directory. The highest threat from...

python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code

A flaw was found in python-babel. A path traversal vulnerability was found in how locale data files are checked and loaded within python-babel, allowing a local attacker to trick an application that uses python-babel to load a file outside of the intended locale directory. The highest threat from...

Huawei Emui and Magic UI Logic Bypass Vulnerability

Huawei Emui is a mobile operating system developed based on Android.Magic Ui is a mobile operating system developed based on Android. Huawei Emui and Magic UI have security vulnerabilities that can be exploited by attackers to compromise service integrity and availability...