| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-30627 | Hig | 0.57 | 8.8 | 0.01 | Oct 8, 2021 | Type confusion in Blink layout in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2021-30626 | Hig | 0.57 | 8.8 | 0.01 | Oct 8, 2021 | Out of bounds memory access in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2021-30625 | Hig | 0.58 | 8.8 | 0.10 | Oct 8, 2021 | Use after free in Selection API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who convinced the user the visit a malicious website to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2021-41975 | Hig | 0.49 | 7.5 | 0.01 | Oct 8, 2021 | TadTools special page is vulnerable to authorization bypass, thus remote attackers can use the specific parameter to delete arbitrary files in the system without logging in. | ||
| CVE-2021-41920 | Hig | 0.49 | 7.5 | 0.02 | Oct 8, 2021 | webTareas version 2.4 and earlier allows an unauthenticated user to perform Time and Boolean-based blind SQL Injection on the endpoint /includes/library.php, via the sor_cible, sor_champs, and sor_ordre HTTP POST parameters. This allows an attacker to access all the data in the… | ||
| CVE-2021-41919 | Hig | 0.57 | 8.8 | 0.02 | Oct 8, 2021 | webTareas version 2.4 and earlier allows an authenticated user to arbitrarily upload potentially dangerous files without restrictions. This is working by adding or replacing a personal profile picture. The affected endpoint is /includes/upload.php on the HTTP POST data. This… | ||
| CVE-2021-41916 | Hig | 0.57 | 8.8 | 0.01 | Oct 8, 2021 | A Cross-Site Request Forgery (CSRF) vulnerability in webTareas version 2.4 and earlier allows a remote attacker to create a new administrative profile and add a new user to the new profile. without the victim's knowledge, by enticing an authenticated admin user to visit an… | ||
| CVE-2021-35979 | Hig | 0.53 | 8.1 | 0.01 | Oct 8, 2021 | An issue was discovered in Digi RealPort through 4.8.488.0. The 'encrypted' mode is vulnerable to man-in-the-middle attacks and does not perform authentication. | ||
| CVE-2021-41133 | Hig | 0.00 | 8.8 | 0.00 | Oct 8, 2021 | Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions prior to 1.10.4 and 1.12.0, Flatpak apps with direct access to AF_UNIX sockets such as those used by Wayland, Pipewire or pipewire-pulse can trick portals and other… | ||
| CVE-2021-41947 | Hig | 0.47 | 7.2 | 0.01 | Oct 8, 2021 | A SQL injection vulnerability exists in Subrion CMS v4.2.1 in the visual-mode. | ||
| CVE-2021-42095 | Hig | 0.49 | 7.5 | 0.01 | Oct 7, 2021 | Xshell before 7.0.0.76 allows attackers to cause a crash by triggering rapid changes to the title bar. | ||
| CVE-2021-42089 | Hig | 0.49 | 7.5 | 0.01 | Oct 7, 2021 | An issue was discovered in Zammad before 4.1.1. The REST API discloses sensitive information. | ||
| CVE-2021-42086 | Hig | 0.57 | 8.8 | 0.01 | Oct 7, 2021 | An issue was discovered in Zammad before 4.1.1. An Agent account can modify account data, and gain admin access, via a crafted request. | ||
| CVE-2021-42093 | Hig | 0.47 | 7.2 | 0.01 | Oct 7, 2021 | An issue was discovered in Zammad before 4.1.1. An admin can execute code on the server via a crafted request that manipulates triggers. | ||
| CVE-2021-20584 | Hig | 0.49 | 7.5 | 0.01 | Oct 7, 2021 | IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow a remote attacker to upload arbitrary files, caused by improper access controls. IBM X-Force ID: 199397. | ||
| CVE-2021-20489 | Hig | 0.57 | 8.8 | 0.00 | Oct 7, 2021 | IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 197790. | ||
| CVE-2021-40726 | Hig | 0.51 | 7.8 | 0.05 | Oct 7, 2021 | Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability when processing AcroForm field that could result in arbitrary code execution in the context of the current user.… | ||
| CVE-2021-40725 | Hig | 0.51 | 7.8 | 0.05 | Oct 7, 2021 | Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability when processing AcroForm listbox that could result in arbitrary code execution in the context of the current… | ||
| CVE-2021-28129 | Hig | 0.51 | 7.8 | 0.01 | Oct 7, 2021 | While working on Apache OpenOffice 4.1.8 a developer discovered that the DEB package did not install using root, but instead used a userid and groupid of 500. This both caused issues with desktop integration and could allow a crafted attack on files owned by that user or group… | ||
| CVE-2021-41794 | Hig | 0.49 | 7.5 | 0.01 | Oct 7, 2021 | ogs_fqdn_parse in Open5GS 1.0.0 through 2.3.3 inappropriately trusts a client-supplied length value, leading to a buffer overflow. The attacker can send a PFCP Session Establishment Request with "internet" as the PDI Network Instance. The first character is interpreted as a… | ||
| CVE-2021-35067 | Hig | 0.53 | 8.1 | 0.01 | Oct 7, 2021 | Meross MSG100 devices before 3.2.3 allow an attacker to replay the same data or similar data (e.g., an attacker who sniffs a Close message can transmit an acceptable Open message). | ||
| CVE-2021-33903 | Hig | 0.57 | 8.8 | 0.01 | Oct 7, 2021 | In LCOS 10.40 to 10.42.0473-RU3 with SNMPv3 enabled on LANCOM devices, changing the password of the root user via the CLI does not change the password of the root user for SNMPv3 access. (However, changing the password of the root user via LANconfig does change the password of… | ||
| CVE-2021-40978 | — | Hig | 0.43 | 7.5 | 0.15 | Oct 7, 2021 | The mkdocs 1.2.2 built-in dev-server allows directory traversal using the port 8000, enabling remote exploitation to obtain :sensitive information. NOTE: the vendor has disputed this as described in https://github.com/mkdocs/mkdocs/issues/2601.] and… | |
| CVE-2021-41770 | Hig | 0.49 | 7.5 | 0.01 | Oct 7, 2021 | Ping Identity PingFederate before 10.3.1 mishandles pre-parsing validation, leading to an XXE attack that can achieve XML file disclosure. | ||
| CVE-2021-42054 | Hig | 0.49 | 7.5 | 0.01 | Oct 7, 2021 | ACCEL-PPP 1.12.0 has an out-of-bounds read in triton_context_schedule if the client exits after authentication. | ||
| CVE-2021-26557 | Hig | 0.51 | 7.8 | 0.00 | Oct 7, 2021 | When Octopus Tentacle is installed using a custom folder location, folder ACLs are not set correctly and could lead to an unprivileged user using DLL side-loading to gain privileged access. | ||
| CVE-2021-26556 | Hig | 0.51 | 7.8 | 0.00 | Oct 7, 2021 | When Octopus Server is installed using a custom folder location, folder ACLs are not set correctly and could lead to an unprivileged user using DLL side-loading to gain privileged access. | ||
| CVE-2020-21654 | Hig | 0.47 | 7.2 | 0.01 | Oct 6, 2021 | emlog v6.0 contains a vulnerability in the component admin\template.php, which allows attackers to getshell via a crafted Zip file. | ||
| CVE-2020-21650 | Hig | 0.57 | 8.8 | 0.03 | Oct 6, 2021 | Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\Config.php, which can be exploited via the add() method. | ||
| CVE-2020-21649 | Hig | 0.53 | 8.1 | 0.01 | Oct 6, 2021 | Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component \controller\index.php, which can be exploited via the sql() method. | ||
| CVE-2021-42040 | Hig | 0.49 | 7.5 | 0.01 | Oct 6, 2021 | An issue was discovered in MediaWiki through 1.36.2. A parser function related to loop control allowed for an infinite loop (and php-fpm hang) within the Loops extension because egLoopsCountLimit is mishandled. This could lead to memory exhaustion. | ||
| CVE-2021-41129 | Hig | 0.46 | 8.1 | 0.02 | Oct 6, 2021 | Pterodactyl is an open-source game server management panel built with PHP 7, React, and Go. A malicious user can modify the contents of a `confirmation_token` input during the two-factor authentication process to reference a cache value not associated with the login attempt. In… | ||
| CVE-2021-34788 | Hig | 0.46 | 7.0 | 0.00 | Oct 6, 2021 | A vulnerability in the shared library loading mechanism of Cisco AnyConnect Secure Mobility Client for Linux and Mac OS could allow an authenticated, local attacker to perform a shared library hijacking attack on an affected device if the VPN Posture (HostScan) Module is… | ||
| CVE-2021-34748 | Hig | 0.57 | 8.8 | 0.03 | Oct 6, 2021 | A vulnerability in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to perform a command injection attack on an affected device. This vulnerability is due to insufficient input validation. An attacker could… | ||
| CVE-2021-34735 | Hig | 0.57 | 8.8 | 0.02 | Oct 6, 2021 | Multiple vulnerabilities in the Cisco ATA 190 Series Analog Telephone Adapter Software could allow an attacker to perform a command injection attack resulting in remote code execution or cause a denial of service (DoS) condition on an affected device. For more information about… | ||
| CVE-2021-34710 | Hig | 0.57 | 8.8 | 0.03 | Oct 6, 2021 | Multiple vulnerabilities in the Cisco ATA 190 Series Analog Telephone Adapter Software could allow an attacker to perform a command injection attack resulting in remote code execution or cause a denial of service (DoS) condition on an affected device. For more information about… | ||
| CVE-2021-34698 | Hig | 0.56 | 8.6 | 0.01 | Oct 6, 2021 | A vulnerability in the proxy service of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to exhaust system memory and cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper memory… | ||
| CVE-2021-1594 | Hig | 0.49 | 7.5 | 0.01 | Oct 6, 2021 | A vulnerability in the REST API of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to perform a command injection attack and elevate privileges to root. This vulnerability is due to insufficient input validation for specific API endpoints. An… | ||
| CVE-2021-41126 | Hig | 0.47 | 7.2 | 0.01 | Oct 6, 2021 | October is a Content Management System (CMS) and web platform built on the the Laravel PHP Framework. In affected versions administrator accounts which had previously been deleted may still be able to sign in to the backend using October CMS v2.0. The issue has been patched in… | ||
| CVE-2021-41121 | Hig | 0.00 | 7.5 | 0.01 | Oct 6, 2021 | Vyper is a Pythonic Smart Contract Language for the EVM. In affected versions when performing a function call inside a literal struct, there is a memory corruption issue that occurs because of an incorrect pointer to the the top of the stack. This issue has been resolved in… | ||
| CVE-2021-25499 | Hig | 0.46 | 7.1 | 0.00 | Oct 6, 2021 | Intent redirection vulnerability in SamsungAccountSDKSigninActivity of Galaxy Store prior to version 4.5.32.4 allows attacker to access content provider of Galaxy Store. | ||
| CVE-2021-25498 | Hig | 0.47 | 7.3 | 0.00 | Oct 6, 2021 | A possible buffer overflow vulnerability in maetd_eco_cb_mode of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution. | ||
| CVE-2021-25497 | Hig | 0.47 | 7.3 | 0.00 | Oct 6, 2021 | A possible buffer overflow vulnerability in maetd_cpy_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution. | ||
| CVE-2021-25496 | Hig | 0.47 | 7.3 | 0.00 | Oct 6, 2021 | A possible buffer overflow vulnerability in maetd_dec_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution. | ||
| CVE-2021-25495 | Hig | 0.47 | 7.3 | 0.00 | Oct 6, 2021 | A possible heap buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary code execution. | ||
| CVE-2021-25492 | Hig | 0.47 | 7.3 | 0.00 | Oct 6, 2021 | Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read. | ||
| CVE-2021-25487 | Hig | 0.59 | 7.3 | 0.01 | KEV | Oct 6, 2021 | Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer. | |
| CVE-2021-25485 | Hig | 0.49 | 7.5 | 0.00 | Oct 6, 2021 | Path traversal vulnerability in FactoryAirCommnadManger prior to SMR Oct-2021 Release 1 allows attackers to write file as system UID via BT remote socket. | ||
| CVE-2021-25479 | Hig | 0.47 | 7.2 | 0.01 | Oct 6, 2021 | A possible heap-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution. | ||
| CVE-2021-25478 | Hig | 0.47 | 7.2 | 0.01 | Oct 6, 2021 | A possible stack-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution. |
- risk 0.57cvss 8.8epss 0.01
Type confusion in Blink layout in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.01
Out of bounds memory access in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- risk 0.58cvss 8.8epss 0.10
Use after free in Selection API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who convinced the user the visit a malicious website to potentially exploit heap corruption via a crafted HTML page.
- risk 0.49cvss 7.5epss 0.01
TadTools special page is vulnerable to authorization bypass, thus remote attackers can use the specific parameter to delete arbitrary files in the system without logging in.
- risk 0.49cvss 7.5epss 0.02
webTareas version 2.4 and earlier allows an unauthenticated user to perform Time and Boolean-based blind SQL Injection on the endpoint /includes/library.php, via the sor_cible, sor_champs, and sor_ordre HTTP POST parameters. This allows an attacker to access all the data in the…
- risk 0.57cvss 8.8epss 0.02
webTareas version 2.4 and earlier allows an authenticated user to arbitrarily upload potentially dangerous files without restrictions. This is working by adding or replacing a personal profile picture. The affected endpoint is /includes/upload.php on the HTTP POST data. This…
- risk 0.57cvss 8.8epss 0.01
A Cross-Site Request Forgery (CSRF) vulnerability in webTareas version 2.4 and earlier allows a remote attacker to create a new administrative profile and add a new user to the new profile. without the victim's knowledge, by enticing an authenticated admin user to visit an…
- risk 0.53cvss 8.1epss 0.01
An issue was discovered in Digi RealPort through 4.8.488.0. The 'encrypted' mode is vulnerable to man-in-the-middle attacks and does not perform authentication.
- risk 0.00cvss 8.8epss 0.00
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions prior to 1.10.4 and 1.12.0, Flatpak apps with direct access to AF_UNIX sockets such as those used by Wayland, Pipewire or pipewire-pulse can trick portals and other…
- risk 0.47cvss 7.2epss 0.01
A SQL injection vulnerability exists in Subrion CMS v4.2.1 in the visual-mode.
- risk 0.49cvss 7.5epss 0.01
Xshell before 7.0.0.76 allows attackers to cause a crash by triggering rapid changes to the title bar.
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in Zammad before 4.1.1. The REST API discloses sensitive information.
- risk 0.57cvss 8.8epss 0.01
An issue was discovered in Zammad before 4.1.1. An Agent account can modify account data, and gain admin access, via a crafted request.
- risk 0.47cvss 7.2epss 0.01
An issue was discovered in Zammad before 4.1.1. An admin can execute code on the server via a crafted request that manipulates triggers.
- risk 0.49cvss 7.5epss 0.01
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow a remote attacker to upload arbitrary files, caused by improper access controls. IBM X-Force ID: 199397.
- risk 0.57cvss 8.8epss 0.00
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 197790.
- risk 0.51cvss 7.8epss 0.05
Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability when processing AcroForm field that could result in arbitrary code execution in the context of the current user.…
- risk 0.51cvss 7.8epss 0.05
Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability when processing AcroForm listbox that could result in arbitrary code execution in the context of the current…
- risk 0.51cvss 7.8epss 0.01
While working on Apache OpenOffice 4.1.8 a developer discovered that the DEB package did not install using root, but instead used a userid and groupid of 500. This both caused issues with desktop integration and could allow a crafted attack on files owned by that user or group…
- risk 0.49cvss 7.5epss 0.01
ogs_fqdn_parse in Open5GS 1.0.0 through 2.3.3 inappropriately trusts a client-supplied length value, leading to a buffer overflow. The attacker can send a PFCP Session Establishment Request with "internet" as the PDI Network Instance. The first character is interpreted as a…
- risk 0.53cvss 8.1epss 0.01
Meross MSG100 devices before 3.2.3 allow an attacker to replay the same data or similar data (e.g., an attacker who sniffs a Close message can transmit an acceptable Open message).
- risk 0.57cvss 8.8epss 0.01
In LCOS 10.40 to 10.42.0473-RU3 with SNMPv3 enabled on LANCOM devices, changing the password of the root user via the CLI does not change the password of the root user for SNMPv3 access. (However, changing the password of the root user via LANconfig does change the password of…
- risk 0.43cvss 7.5epss 0.15
The mkdocs 1.2.2 built-in dev-server allows directory traversal using the port 8000, enabling remote exploitation to obtain :sensitive information. NOTE: the vendor has disputed this as described in https://github.com/mkdocs/mkdocs/issues/2601.] and…
- risk 0.49cvss 7.5epss 0.01
Ping Identity PingFederate before 10.3.1 mishandles pre-parsing validation, leading to an XXE attack that can achieve XML file disclosure.
- risk 0.49cvss 7.5epss 0.01
ACCEL-PPP 1.12.0 has an out-of-bounds read in triton_context_schedule if the client exits after authentication.
- risk 0.51cvss 7.8epss 0.00
When Octopus Tentacle is installed using a custom folder location, folder ACLs are not set correctly and could lead to an unprivileged user using DLL side-loading to gain privileged access.
- risk 0.51cvss 7.8epss 0.00
When Octopus Server is installed using a custom folder location, folder ACLs are not set correctly and could lead to an unprivileged user using DLL side-loading to gain privileged access.
- risk 0.47cvss 7.2epss 0.01
emlog v6.0 contains a vulnerability in the component admin\template.php, which allows attackers to getshell via a crafted Zip file.
- risk 0.57cvss 8.8epss 0.03
Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\Config.php, which can be exploited via the add() method.
- risk 0.53cvss 8.1epss 0.01
Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component \controller\index.php, which can be exploited via the sql() method.
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in MediaWiki through 1.36.2. A parser function related to loop control allowed for an infinite loop (and php-fpm hang) within the Loops extension because egLoopsCountLimit is mishandled. This could lead to memory exhaustion.
- risk 0.46cvss 8.1epss 0.02
Pterodactyl is an open-source game server management panel built with PHP 7, React, and Go. A malicious user can modify the contents of a `confirmation_token` input during the two-factor authentication process to reference a cache value not associated with the login attempt. In…
- risk 0.46cvss 7.0epss 0.00
A vulnerability in the shared library loading mechanism of Cisco AnyConnect Secure Mobility Client for Linux and Mac OS could allow an authenticated, local attacker to perform a shared library hijacking attack on an affected device if the VPN Posture (HostScan) Module is…
- risk 0.57cvss 8.8epss 0.03
A vulnerability in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to perform a command injection attack on an affected device. This vulnerability is due to insufficient input validation. An attacker could…
- risk 0.57cvss 8.8epss 0.02
Multiple vulnerabilities in the Cisco ATA 190 Series Analog Telephone Adapter Software could allow an attacker to perform a command injection attack resulting in remote code execution or cause a denial of service (DoS) condition on an affected device. For more information about…
- risk 0.57cvss 8.8epss 0.03
Multiple vulnerabilities in the Cisco ATA 190 Series Analog Telephone Adapter Software could allow an attacker to perform a command injection attack resulting in remote code execution or cause a denial of service (DoS) condition on an affected device. For more information about…
- risk 0.56cvss 8.6epss 0.01
A vulnerability in the proxy service of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to exhaust system memory and cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper memory…
- risk 0.49cvss 7.5epss 0.01
A vulnerability in the REST API of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to perform a command injection attack and elevate privileges to root. This vulnerability is due to insufficient input validation for specific API endpoints. An…
- risk 0.47cvss 7.2epss 0.01
October is a Content Management System (CMS) and web platform built on the the Laravel PHP Framework. In affected versions administrator accounts which had previously been deleted may still be able to sign in to the backend using October CMS v2.0. The issue has been patched in…
- risk 0.00cvss 7.5epss 0.01
Vyper is a Pythonic Smart Contract Language for the EVM. In affected versions when performing a function call inside a literal struct, there is a memory corruption issue that occurs because of an incorrect pointer to the the top of the stack. This issue has been resolved in…
- risk 0.46cvss 7.1epss 0.00
Intent redirection vulnerability in SamsungAccountSDKSigninActivity of Galaxy Store prior to version 4.5.32.4 allows attacker to access content provider of Galaxy Store.
- risk 0.47cvss 7.3epss 0.00
A possible buffer overflow vulnerability in maetd_eco_cb_mode of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution.
- risk 0.47cvss 7.3epss 0.00
A possible buffer overflow vulnerability in maetd_cpy_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution.
- risk 0.47cvss 7.3epss 0.00
A possible buffer overflow vulnerability in maetd_dec_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution.
- risk 0.47cvss 7.3epss 0.00
A possible heap buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary code execution.
- risk 0.47cvss 7.3epss 0.00
Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read.
- risk 0.59cvss 7.3epss 0.01
Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer.
- risk 0.49cvss 7.5epss 0.00
Path traversal vulnerability in FactoryAirCommnadManger prior to SMR Oct-2021 Release 1 allows attackers to write file as system UID via BT remote socket.
- risk 0.47cvss 7.2epss 0.01
A possible heap-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution.
- risk 0.47cvss 7.2epss 0.01
A possible stack-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution.