KB5001028: Windows 10 version 1909 OOB Security Update (Feb 2021)

The remote Windows host is missing a security update. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the...

CVE-2021-25340

Improper access control vulnerability in Samsung keyboard version prior to SMR Feb-2021 Release 1 allows physically proximate attackers to change in arbitrary settings during Initialization State...

Improper access control

Improper access control vulnerability in Samsung keyboard version prior to SMR Feb-2021 Release 1 allows physically proximate attackers to change in arbitrary settings during Initialization State...

CVE-2021-25347

Hijacking vulnerability in Samsung Email application version prior to SMR Feb-2021 Release 1 allows attackers to intercept when the provider is executed...

CVE-2021-25347

CVE-2021-25347 affects the Samsung Email application. A hijacking vulnerability in versions prior to the SMR Feb-2021 Release 1 could allow an attacker to intercept when the provider is executed. The available documents consistently describe interception as the impact, but do not provide detailed...

CVE-2021-25340

CVE-2021-25340 concerns Samsung Keyboard prior to SMR Feb‑2021 Release 1, with an improper access control flaw that enables physically proximate attackers to change arbitrary settings during the Initialization State. The issue affects Samsung Keyboard software and is exploitable without user inte...

CVE-2021-25340

Improper access control vulnerability in Samsung keyboard version prior to SMR Feb-2021 Release 1 allows physically proximate attackers to change in arbitrary settings during Initialization State...

CVE-2021-25334

Improper input check in wallpaper service in Samsung mobile devices prior to SMR Feb-2021 Release 1 allows untrusted application to cause permanent denial of service...

Design/Logic Flaw

Calling of non-existent provider in MobileWips application prior to SMR Feb-2021 Release 1 allows unauthorized actions including denial of service attack by hijacking the provider...

CVE-2021-25330

The CVE-2021-25330 entry concerns Samsung MobileWips (MobileWips app) on Samsung devices. Public descriptions indicate a flaw where calling a non-existent provider enables unauthorized actions, including a denial-of-service attack by hijacking the provider, and that this affects the version prior...

Security Updates for Microsoft Dynamics NAV (Feb 2021)

The Microsoft Dynamics NAV install is missing a security update. It is, therefore, affected by a cross site scripting XSS vulnerability due to improper validation of user-supplied input. An authenticated attacker can exploit this, by entering specially crafted URLs in the Links and Notes feature,...

Microsoft Patch Tuesday for Feb. 2021 — Snort rules and prominent vulnerabilities

By Jon Munshaw, with contributions from Bill Largent. Microsoft released its monthly security update Tuesday, disclosing 56 vulnerabilities across its suite of products. This is the smallest amount of vulnerabilities Microsoft has disclosed in a month since January 2020. There are only 11 critica...

PHP < 7.3.27, 7.4.x < 7.4.15, 8.0.x < 8.0.2 NULL Deference Vulnerability (Feb 2021) - Linux

PHP is prone to a NULL dereference vulnerability in the SoapClient. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if...