Latest CVE Feed
-
7.5
HIGHCVE-2021-46813
Vulnerability of residual files not being deleted after an update in the ChinaDRM module. Successful exploitation of this vulnerability may affect availability.... Read more
- Published: Jun. 13, 2022
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-46812
The Device Manager has a vulnerability in multi-device interaction. Successful exploitation of this vulnerability may affect data integrity.... Read more
- Published: Jun. 13, 2022
- Modified: Nov. 21, 2024
-
5.3
MEDIUMCVE-2021-46811
HwSEServiceAPP has a vulnerability in permission management. Successful exploitation of this vulnerability may cause disclosure of the Card Production Life Cycle (CPLC) information.... Read more
- Published: Jun. 13, 2022
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-46790
ntfsck in NTFS-3G through 2021.8.22 has a heap-based buffer overflow involving buffer+512*3-2. NOTE: the upstream position is that ntfsck is deprecated; however, it is shipped by some Linux distributions.... Read more
- Published: May. 02, 2022
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-46789
Configuration defects in the secure OS module. Successful exploitation of this vulnerability can affect availability.... Read more
- Published: May. 13, 2022
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-46788
Third-party pop-up window coverage vulnerability in the iConnect module.Successful exploitation of this vulnerability may cause system pop-up window may be covered to mislead users to perform incorrect operations.... Read more
- Published: May. 13, 2022
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-46787
The AMS module has a vulnerability of improper permission control.Successful exploitation of this vulnerability may cause non-system application processes to crash.... Read more
- Published: May. 13, 2022
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-46786
The audio module has a vulnerability in verifying the parameters passed by the application space.Successful exploitation of this vulnerability may cause out-of-bounds memory access.... Read more
- Published: May. 13, 2022
- Modified: Nov. 21, 2024
-
5.3
MEDIUMCVE-2021-46785
The Property module has a vulnerability in permission control.This vulnerability can be exploited to obtain the unique device identifier.... Read more
- Published: May. 13, 2022
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-46784
In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses.... Read more
- Published: Jul. 17, 2022
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-46782
The Pricing Table by Supsystic WordPress plugin before 1.9.5 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting... Read more
Affected Products : price_table- Published: Apr. 25, 2022
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-46781
The Coming Soon by Supsystic WordPress plugin before 1.7.6 does not sanitise and escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting... Read more
Affected Products : coming_soon- Published: Apr. 25, 2022
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-46780
The Easy Google Maps WordPress plugin before 1.9.32 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting... Read more
Affected Products : easy_google_maps- Published: Apr. 25, 2022
- Modified: Nov. 21, 2024
-
5.6
MEDIUMCVE-2021-46778
Execution unit scheduler contention may lead to a side channel vulnerability found on AMD CPU microarchitectures codenamed “Zen 1”, “Zen 2” and “Zen 3” that use simultaneous multithreading (SMT). By measuring the contention level on scheduler queues an at... Read more
Affected Products : epyc_7h12_firmware epyc_7f72_firmware epyc_7f52_firmware epyc_7f32_firmware epyc_7742_firmware epyc_7702p_firmware epyc_7702_firmware epyc_7662_firmware epyc_7642_firmware epyc_7552_firmware +349 more products- Published: Aug. 10, 2022
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-46774
Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in denial-of-service.... Read more
Affected Products : epyc_7h12_firmware epyc_7f72_firmware epyc_7f52_firmware epyc_7f32_firmware epyc_7742_firmware epyc_7702p_firmware epyc_7702_firmware epyc_7662_firmware epyc_7642_firmware epyc_7552_firmware +264 more products- Published: Nov. 14, 2023
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-46771
Insufficient validation of addresses in AMD Secure Processor (ASP) firmware system call may potentially lead to arbitrary code execution by a compromised user application.... Read more
Affected Products : epyc_72f3_firmware epyc_7313_firmware epyc_7313p_firmware epyc_7343_firmware epyc_7373x_firmware epyc_73f3_firmware epyc_7413_firmware epyc_7443_firmware epyc_7443p_firmware epyc_7453_firmware +36 more products- Published: May. 10, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-46766
Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality.... Read more
Affected Products : ryzen_threadripper_pro_3945wx_firmware ryzen_threadripper_pro_3955wx_firmware ryzen_threadripper_pro_3975wx_firmware ryzen_threadripper_pro_3995wx_firmware epyc_9124_firmware epyc_9174f_firmware epyc_9184x_firmware epyc_9224_firmware epyc_9254_firmware epyc_9274f_firmware +46 more products- Published: Nov. 14, 2023
- Modified: Nov. 21, 2024
-
9.1
CRITICALCVE-2021-46762
Insufficient input validation in the SMU may allow an attacker to corrupt SMU SRAM potentially leading to a loss of integrity or denial of service.... Read more
Affected Products : epyc_7h12_firmware epyc_7f72_firmware epyc_7f52_firmware epyc_7f32_firmware epyc_7742_firmware epyc_7702p_firmware epyc_7702_firmware epyc_7662_firmware epyc_7642_firmware epyc_7552_firmware +86 more products- Published: May. 09, 2023
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-46758
Insufficient validation of SPI flash addresses in the ASP (AMD Secure Processor) bootloader may allow an attacker to read data in memory mapped beyond SPI flash resulting in a potential loss of availability and integrity. ... Read more
- Published: Nov. 14, 2023
- Modified: Nov. 21, 2024
-
9.1
CRITICALCVE-2021-46754
Insufficient input validation in the ASP (AMD Secure Processor) bootloader may allow an attacker with a compromised Uapp or ABL to coerce the bootloader into exposing sensitive information to the SMU (System Management Unit) resulting in a potential loss ... Read more
- Published: May. 09, 2023
- Modified: Nov. 21, 2024