3851 matches found
CVE-2021-1937
Reachable assertion is possible while processing peer association WLAN message from host and nonstandard incoming packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon...
CVE-2021-1937
Reachable assertion is possible while processing peer association WLAN message from host and nonstandard incoming packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon...
CVE-2020-11235
Buffer overflow might occur while parsing unified command due to lack of check of input data received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobil...
CVE-2020-11238
Possible Buffer over-read in ARP/NS parsing due to lack of check of packet length received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...
CVE-2020-11235
CVE-2020-11235 describes a buffer overflow that can occur while parsing a unified command due to insufficient input validation in Qualcomm Snapdragon components (Auto, Compute, Connectivity, etc.). The issue is triggered locally and can impact confidentiality, integrity, and availability, as indi...
CVE-2020-11235
Buffer overflow might occur while parsing unified command due to lack of check of input data received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobil...
CVE-2020-11134
CVE-2020-11134 affects Qualcomm Snapdragon family (Snapdragon Auto/Compute/Connectivity, etc.). The root cause is insufficient validation of time bitmap length and bit duration fields in NAN management frame attributes, leading to a possible stack out-of-bounds write within NAN ranging setup. The...
CVE-2020-11159
CVE-2020-11159 is a buffer over-read in Snapdragon/Qualcomm code while processing WPA/RSN IE in beacon and response frames. The flaw occurs when the IE length is shorter than the frame pointer being accessed, potentially affecting multiple Snapdragon product families (Auto, Compute, Connectivity,...
Johnson Controls Sensormatic Electronics VideoEdge
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Sensormatic Electronics, LLC, a subsidiary of Johnson Controls Equipment: VideoEdge Vulnerability: Off-by-one Error 2. RISK EVALUATION Under specific circumstances, a local authenticated user may be able to exploit this...
There is an information leakage vulnerability in the IoT smart water meter supervisory platform of Shandong KDE Electronics Co.
Ltd. is a national high-tech enterprise integrating product development, production, sales and teaching practice. There is an information leakage vulnerability in the Internet of Things IoT Smart Water Meter Supervision Platform of Shandong KDE Electronics Co. Attackers can use the vulnerability ...
There are logic flaws and vulnerabilities in the IoT smart water meter supervisory platform of Shandong KD Electronics Co.
Ltd. is a national high-tech enterprise and national high-tech zone gazelle enterprise integrating product development, production, sales and teaching practice. There is a logic flaw vulnerability in the Internet of Things IoT Smart Water Meter Supervision Platform of Shandong KDE Electronics Co...
Binary Vulnerability in Koyo Electronics GT Programming Tools
Koyo Electronics Wuxi Co., Ltd. is a wholly owned enterprise invested by Koyo Electronics Industries, Ltd. in China. Authorized by Japan Koyo Electronics Industry Co., Ltd. to use the "Koyo" trademark in China's domestic market, is the development, production and sales of programmable logic...
Johnson Controls Sensormatic Tyco AI
1. EXECUTIVE SUMMARY CVSS v3 7.0 Vendor: Sensormatic Electronics, LLC, a subsidiary of Johnson Controls Equipment: Tyco AI Vulnerability: Off-by-one Error 2. RISK EVALUATION Under specific circumstances, a local attacker could use this vulnerability to obtain super-user access to the underlying...
Unauthorized Access Vulnerability in IP Webcast Service Platform of Guangzhou Paulan Electronics Co.
Ltd. is a brand that specializes in the research, development and production of sound, light and video system integration equipment. There is an unauthorized access vulnerability in the IP webcasting service platform of Guangzhou Paulun Electronic Co., Ltd, which can be exploited by attackers to...
CVE-2021-22672
Delta Electronics' CNCSoft ScreenEditor in versions prior to v1.01.30 could allow the corruption of data, a denial-of-service condition, or code execution. The vulnerability may allow an attacker to remotely execute arbitrary code...
CVE-2021-22672
Delta Electronics' CNCSoft ScreenEditor in versions prior to v1.01.30 could allow the corruption of data, a denial-of-service condition, or code execution. The vulnerability may allow an attacker to remotely execute arbitrary code...
CVE-2021-22672
CVE-2021-22672 affects Delta Electronics CNCSoft ScreenEditor prior to v1.01.30. The root cause is an out-of-bounds write in DPB/file parsing that could corrupt data, cause a denial of service, or allow remote code execution. Impact is described as data corruption, DoS, and remote code execution ...
CVE-2021-22672
Delta Electronics' CNCSoft ScreenEditor in versions prior to v1.01.30 could allow the corruption of data, a denial-of-service condition, or code execution. The vulnerability may allow an attacker to remotely execute arbitrary code...
Totolink X5000R Operating System Command Injection Vulnerability
Totolink X5000R is a router from China's Gion Electronics Totolink. The TOTOLINK X5000R router suffers from an operating system command injection vulnerability that can be exploited by an attacker to execute arbitrary operating system commands by sending a modified HTTP request...
CVE-2021-1925
Possible denial of service scenario due to improper handling of group management action frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &...