‼ CVE-2021-1930 ‼
📖 Read
via "National Vulnerability Database".
Possible out of bounds read due to incorrect validation of incoming buffer length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile📖 Read
via "National Vulnerability Database".
‼ CVE-2021-1923 ‼
📖 Read
via "National Vulnerability Database".
Incorrect pointer argument passed to trusted application TA could result in un-intended memory operations in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT📖 Read
via "National Vulnerability Database".
‼ CVE-2020-11301 ‼
📖 Read
via "National Vulnerability Database".
Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking📖 Read
via "National Vulnerability Database".
‼ CVE-2021-1914 ‼
📖 Read
via "National Vulnerability Database".
Loop with unreachable exit condition may occur due to improper handling of unsupported input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables📖 Read
via "National Vulnerability Database".
‼ CVE-2021-1904 ‼
📖 Read
via "National Vulnerability Database".
Child process can leak information from parent process due to numeric pids are getting compared and these pid can be reused in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables📖 Read
via "National Vulnerability Database".
‼ CVE-2021-1972 ‼
📖 Read
via "National Vulnerability Database".
Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking📖 Read
via "National Vulnerability Database".
‼ CVE-2021-1929 ‼
📖 Read
via "National Vulnerability Database".
Lack of strict validation of bootmode can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables📖 Read
via "National Vulnerability Database".
‼ CVE-2021-1916 ‼
📖 Read
via "National Vulnerability Database".
Possible buffer underflow due to lack of check for negative indices values when processing user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables📖 Read
via "National Vulnerability Database".
‼ CVE-2021-1920 ‼
📖 Read
via "National Vulnerability Database".
Integer underflow can occur due to improper handling of incoming RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36695 ‼
📖 Read
via "National Vulnerability Database".
Deskpro cloud and on-premise Deskpro 2021.1.6 and fixed in Deskpro 2021.1.7 contains a cross-site scripting (XSS) vulnerability in the download file feature on a manager profile due to lack of input validation.📖 Read
via "National Vulnerability Database".
🦿 REvil ransomware gang may be back in town 🦿
📖 Read
via "Tech Republic".
Sites used by the infamous cybercrime group have mysteriously come back to life. Does that mean it's back in business after a brief respite?📖 Read
via "Tech Republic".
TechRepublic
REvil ransomware gang may be back in town
Sites used by the infamous cybercrime group have mysteriously come back to life. Does that mean it's back in business after a brief respite?
‼ CVE-2021-1808 ‼
📖 Read
via "National Vulnerability Database".
A memory corruption issue was addressed with improved validation. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. An application may be able to read restricted memory.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-1784 ‼
📖 Read
via "National Vulnerability Database".
A permissions issue existed in DiskArbitration. This was addressed with additional ownership checks. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. A malicious application may be able to modify protected parts of the file system.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-1812 ‼
📖 Read
via "National Vulnerability Database".
A logic issue was addressed with improved validation. This issue is fixed in iOS 14.5 and iPadOS 14.5. A malicious application may be able to execute arbitrary code with system privileges.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-30698 ‼
📖 Read
via "National Vulnerability Database".
A null pointer dereference was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.4, Safari 14.1.1, iOS 14.6 and iPadOS 14.6. A remote attacker may be able to cause a denial of service.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-30719 ‼
📖 Read
via "National Vulnerability Database".
A local user may be able to cause unexpected system termination or read kernel memory. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina. An out-of-bounds read issue was addressed by removing the vulnerable code.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-30673 ‼
📖 Read
via "National Vulnerability Database".
An access issue was addressed with improved access restrictions. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina. A malicious application may be able to access a user's call history.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-30707 ‼
📖 Read
via "National Vulnerability Database".
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.4, tvOS 14.6, watchOS 7.5, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted audio file may lead to arbitrary code execution.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-1816 ‼
📖 Read
via "National Vulnerability Database".
A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. A malicious application may be able to execute arbitrary code with kernel privileges.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-1809 ‼
📖 Read
via "National Vulnerability Database".
A memory corruption issue was addressed with improved validation. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. A malicious application may be able to read restricted memory.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-1883 ‼
📖 Read
via "National Vulnerability Database".
This issue was addressed with improved checks. This issue is fixed in Security Update 2021-004 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, Security Update 2021-003 Catalina, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously crafted server messages may lead to heap corruption.📖 Read
via "National Vulnerability Database".