CVE-2021-35346

tsMuxer v2.6.16 was discovered to contain a heap-based buffer overflow via the function HevcSpsUnit::shorttermrefpicsetint in hevc.cpp...

Hitachi Energy Relion 输入验证错误漏洞

Hitachi Energy Relion is a power system for protection, control, measurement and monitoring from Hitachi Energy, Switzerland. A security vulnerability exists in the Hitachi Energy RTU500 series that stems from incorrect input validation in the APDU parser in the IEC 60870-5-104 function...

PT-2021-20956 · Hitachi Energy · Rtu500 Series Cmu Firmware

Name of the Vulnerable Software and Affected Versions: Hitachi Energy RTU500 series CMU Firmware version 12.0. Hitachi Energy RTU500 series CMU Firmware version 12.2. Hitachi Energy RTU500 series CMU Firmware version 12.4. Description: The issue is related to an Improper Input Validation...

Common Cloud Misconfigurations Exploited in Minutes, Report

Poorly configured cloud services can be exploit by threat actors in minutes and sometimes in under 30 seconds. Attacks include network intrusion, data theft and ransomware infections, researchers have found. Researchers at Palo Alto Networks’ Unit 42 used a honeypot infrastructure of 320 nodes...

ALPINE-CVE-2021-28710

certain VT-d IOMMUs may not work in shared page table mode For efficiency reasons, address translation control structures page tables may and, on suitable hardware, by default will be shared between CPUs, for second-level translation EPT, and IOMMUs. These page tables are presently set up to alwa...

CVE-2021-28710

certain VT-d IOMMUs may not work in shared page table mode For efficiency reasons, address translation control structures page tables may and, on suitable hardware, by default will be shared between CPUs, for second-level translation EPT, and IOMMUs. These page tables are presently set up to alwa...

Nvidia Gpu 安全漏洞

Nvidia Gpu is a graphics processing unit from the American company Nvidia. It is used in machine learning, video editing, and gaming applications. A security vulnerability exists in Nvidia Gpu and Tegra hardware, which stems from allowing users with elevated privileges to access protected...

Nvidia GPU 安全漏洞

Nvidia Gpu is a graphics processing unit from the American company Nvidia. It is used in machine learning, video editing and gaming applications. A security vulnerability exists in Nvidia GPU and Tegra hardware that stems from allowing users with elevated privileges to access information in...

Xen 权限许可和访问控制问题漏洞

Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. Xen suffers from a permissions licensing and...

CVE-2021-43997

FreeRTOS versions 10.2.0 through 10.4.5 do not prevent non-kernel code from calling the xPortRaisePrivilege internal function to raise privilege. FreeRTOS versions through 10.4.6 do not prevent a third party that has already independently gained the ability to execute injected code to achieve...

CVE-2021-26331

AMD System Management Unit SMU contains a potential issue where a malicious user may be able to manipulate mailbox entries leading to arbitrary code execution...

CVE-2021-26336

Insufficient bounds checking in System Management Unit SMU may cause invalid memory accesses/updates that could result in SMU hang and subsequent failure to service any further requests from other components...

CVE-2021-26330

AMD System Management Unit SMU may experience a heap-based overflow which may result in a loss of resources...

CVE-2021-26337

Insufficient DRAM address validation in System Management Unit SMU may result in a DMA read from invalid DRAM address to SRAM resulting in SMU not servicing further requests...

CVE-2021-26336

Insufficient bounds checking in System Management Unit SMU may cause invalid memory accesses/updates that could result in SMU hang and subsequent failure to service any further requests from other components...

CVE-2021-26331

AMD System Management Unit SMU contains a potential issue where a malicious user may be able to manipulate mailbox entries leading to arbitrary code execution...

CVE-2021-26337

Insufficient DRAM address validation in System Management Unit SMU may result in a DMA read from invalid DRAM address to SRAM resulting in SMU not servicing further requests...

Heap overflow

AMD System Management Unit SMU may experience a heap-based overflow which may result in a loss of resources...

Out-of-bounds

Insufficient bounds checking in System Management Unit SMU may cause invalid memory accesses/updates that could result in SMU hang and subsequent failure to service any further requests from other components...

Authorization

Insufficient DRAM address validation in System Management Unit SMU may result in a DMA read from invalid DRAM address to SRAM resulting in SMU not servicing further requests...