46 matches found
CVE-2021-25452
An improper input validation vulnerability in loading graph file in DSP driver prior to SMR Sep-2021 Release 1 allows attackers to perform permanent denial of service on the device...
FlatPress <= 1.2.1 XSS Vulnerability (Sep 2021)
FlatPress is prone to a cross-site scripting XSS vulnerability in the blog content. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Security Updates for Microsoft Office Products (September 2021)
The Microsoft Office Products are missing security updates. It is, therefore, affected by multiple vulnerabilities: - A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user. CVE-2021-38650 - A remote code execution vulnerabilit...
CVE-2021-25461
An improper length check in APAService prior to SMR Sep-2021 Release 1 results in stack based Buffer Overflow...
CVE-2021-25462
NULL pointer dereference vulnerability in NPU driver prior to SMR Sep-2021 Release 1 allows attackers to cause memory corruption...
CVE-2021-25456
OOB read vulnerability in libswmfextractor.so library prior to SMR Sep-2021 Release 1 allows attackers to execute memcpy at arbitrary address via forged wmf file...
CVE-2021-25458
NULL pointer dereference vulnerability in ION driver prior to SMR Sep-2021 Release 1 allows attackers to cause memory corruption...
CVE-2021-25453
Some improper access control in Bluetooth APIs prior to SMR Sep-2021 Release 1 allows untrusted application to get Bluetooth information...
CVE-2021-25459
An improper access control vulnerability in sspInit in BlockchainTZService prior to SMR Sep-2021 Release 1 allows attackers to start BlockchainTZService...
CVE-2021-25455
OOB read vulnerability in libsaviextractor.so library prior to SMR Sep-2021 Release 1 allows attackers to access arbitrary address through pointer via forged avi file...
CVE-2021-25457
An improper input validation vulnerability in DSP driver prior to SMR Sep-2021 Release 1 allows local attackers to get a limited kernel memory information...
CVE-2021-25450
Path traversal vulnerability in FactoryAirCommnadManger prior to SMR Sep-2021 Release 1 allows attackers to write file as system uid via remote socket...
CVE-2021-25449
An improper input validation vulnerability in libsapeextractor library prior to SMR Sep-2021 Release 1 allows attackers to execute arbitrary code in mediaextractor process...
Input validation
An improper input validation vulnerability in libsapeextractor library prior to SMR Sep-2021 Release 1 allows attackers to execute arbitrary code in mediaextractor process...
Improper access control
An improper access control vulnerability in sspInit in BlockchainTZService prior to SMR Sep-2021 Release 1 allows attackers to start BlockchainTZService...
Code injection
OOB read vulnerability in libsaviextractor.so library prior to SMR Sep-2021 Release 1 allows attackers to access arbitrary address through pointer via forged avi file...
Input validation
An improper input validation vulnerability in loading graph file in DSP driver prior to SMR Sep-2021 Release 1 allows attackers to perform permanent denial of service on the device...
Null pointer dereference
NULL pointer dereference vulnerability in ION driver prior to SMR Sep-2021 Release 1 allows attackers to cause memory corruption...
Null pointer dereference
NULL pointer dereference vulnerability in NPU driver prior to SMR Sep-2021 Release 1 allows attackers to cause memory corruption...
Path traversal
Path traversal vulnerability in FactoryAirCommnadManger prior to SMR Sep-2021 Release 1 allows attackers to write file as system uid via remote socket...