Latest CVE Feed
-
4.3
MEDIUMCVE-2021-35202
NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Authorization Bypass (to access an endpoint) in FDSQueryService.... Read more
Affected Products : ngeniusone- EPSS Score: %0.21
- Published: Sep. 30, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-35201
NEI in NETSCOUT nGeniusONE 6.3.0 build 1196 allows XML External Entity (XXE) attacks.... Read more
Affected Products : ngeniusone- EPSS Score: %0.35
- Published: Sep. 30, 2021
- Modified: Nov. 21, 2024
-
4.8
MEDIUMCVE-2021-35200
NETSCOUT nGeniusONE 6.3.0 build 1196 allows high-privileged users to achieve Stored Cross-Site Scripting (XSS) in FDSQueryService.... Read more
Affected Products : ngeniusone- EPSS Score: %0.52
- Published: Sep. 30, 2021
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2021-35199
NETSCOUT nGeniusONE 6.3.0 build 1196 and earlier allows Stored Cross-Site Scripting (XSS) in UploadFile.... Read more
Affected Products : ngeniusone- EPSS Score: %0.50
- Published: Sep. 30, 2021
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2021-35198
NETSCOUT nGeniusONE 6.3.0 build 1004 and earlier allows Stored Cross-Site Scripting (XSS) in the Packet Analysis module.... Read more
Affected Products : ngeniusone- EPSS Score: %0.50
- Published: Sep. 30, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-35197
In MediaWiki before 1.31.15, 1.32.x through 1.35.x before 1.35.3, and 1.36.x before 1.36.1, bots have certain unintended API access. When a bot account has a "sitewide block" applied, it is able to still "purge" pages through the MediaWiki Action API (whi... Read more
- EPSS Score: %1.00
- Published: Jul. 02, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-35196
Manuskript through 0.12.0 allows remote attackers to execute arbitrary code via a crafted settings.pickle file in a project file, because there is insecure deserialization via the pickle.load() function in settings.py. NOTE: the vendor's position is that ... Read more
Affected Products : manuskript- EPSS Score: %0.75
- Published: Jun. 21, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-35193
Patterson Application Service in Patterson Eaglesoft 18 through 21 accepts the same certificate authentication across different customers' installations (that have the same software version). This provides remote access to SQL database credentials. (In th... Read more
- EPSS Score: %0.16
- Published: Jul. 30, 2021
- Modified: Nov. 21, 2024
-
6.2
MEDIUMCVE-2021-35135
A null pointer dereference may potentially occur during RSA key import in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables... Read more
Affected Products : aqt1000_firmware qca6390_firmware qca6391_firmware qca6420_firmware qca6426_firmware qca6430_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware +326 more products- EPSS Score: %0.05
- Published: Sep. 02, 2022
- Modified: Nov. 21, 2024
-
8.4
HIGHCVE-2021-35134
Due to insufficient validation of ELF headers, an Incorrect Calculation of Buffer Size can occur in Boot leading to memory corruption in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile... Read more
Affected Products : qca6391_firmware sd_8_gen1_5g_firmware sd888_5g_firmware wcd9341_firmware wcd9380_firmware wcd9385_firmware wcn6850_firmware wcn6851_firmware wcn6855_firmware wcn6856_firmware +49 more products- EPSS Score: %0.07
- Published: Sep. 02, 2022
- Modified: Nov. 21, 2024
-
6.7
MEDIUMCVE-2021-35133
Use after free in the synx driver issue while performing other functions during multiple invocation of synx release calls in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile... Read more
Affected Products : qca6391_firmware sd_8_gen1_5g_firmware sd888_5g_firmware wcd9341_firmware wcd9380_firmware wcd9385_firmware wcn3988_firmware wcn6850_firmware wcn6851_firmware wcn6855_firmware +61 more products- EPSS Score: %0.04
- Published: Sep. 02, 2022
- Modified: Nov. 21, 2024
-
8.4
HIGHCVE-2021-35132
Out of bound write in DSP service due to improper bound check for response buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables... Read more
Affected Products : aqt1000_firmware qca6390_firmware qca6391_firmware qca6420_firmware qca6426_firmware qca6430_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware +210 more products- EPSS Score: %0.08
- Published: Sep. 02, 2022
- Modified: Nov. 21, 2024
-
8.4
HIGHCVE-2021-35130
Memory corruption in graphics support layer due to use after free condition in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware +104 more products- EPSS Score: %0.04
- Published: Jun. 14, 2022
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-35129
Memory corruption in BT controller due to improper length check while processing vendor specific commands in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdrago... Read more
Affected Products : qca6391_firmware sd_8_gen1_5g_firmware sd888_5g_firmware wcd9380_firmware wcd9385_firmware wcn6850_firmware wcn6851_firmware wcn6855_firmware wcn6856_firmware wsa8830_firmware +80 more products- EPSS Score: %0.11
- Published: Jun. 14, 2022
- Modified: Nov. 21, 2024
-
8.4
HIGHCVE-2021-35126
Memory corruption in DSP service due to improper validation of input parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6696_firmware sa8295p_firmware sd_8_gen1_5g_firmware sd888_5g_firmware wcd9380_firmware wcd9385_firmware wcn6850_firmware wcn6851_firmware +42 more products- EPSS Score: %0.11
- Published: Jun. 14, 2022
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2021-35123
Buffer copy in GATT multi notification due to improper length check for the data coming over-the-air in Snapdragon Connectivity, Snapdragon Industrial IOT... Read more
Affected Products : aqt1000_firmware qca6390_firmware qca6391_firmware sd_8_gen1_5g_firmware sd855_firmware sd865_5g_firmware sd870_firmware sd888_5g_firmware sdx55m_firmware wcd9380_firmware +54 more products- EPSS Score: %0.15
- Published: Jun. 14, 2022
- Modified: Nov. 21, 2024
-
9.3
CRITICALCVE-2021-35122
Non-secure region can try modifying RG permissions of IO space xPUs due to improper input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearabl... Read more
Affected Products : aqt1000_firmware qca6390_firmware qca6391_firmware qca6420_firmware qca6426_firmware qca6430_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware +192 more products- EPSS Score: %0.05
- Published: Sep. 02, 2022
- Modified: Nov. 21, 2024
-
6.7
MEDIUMCVE-2021-35121
An array index is improperly used to lock and unlock a mutex which can lead to a Use After Free condition In the Synx driver in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile... Read more
Affected Products : qca6390_firmware qca6391_firmware qca6426_firmware qca6436_firmware sd865_5g_firmware sd870_firmware sdx55m_firmware sdxr2_5g_firmware wcd9380_firmware wcd9385_firmware +78 more products- EPSS Score: %0.04
- Published: Jun. 14, 2022
- Modified: Nov. 21, 2024
-
6.7
MEDIUMCVE-2021-35120
Improper handling between export and release functions on the same handle from client can lead to use after free in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile... Read more
Affected Products : aqt1000_firmware qca6390_firmware qca6391_firmware qca6420_firmware qca6426_firmware qca6430_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware sa6155p_firmware +189 more products- EPSS Score: %0.10
- Published: Jun. 14, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-35119
Potential out of Bounds read in FIPS event processing due to improper validation of the length from the firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile... Read more
Affected Products : aqt1000_firmware qca6390_firmware qca6391_firmware qca6420_firmware qca6426_firmware qca6430_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware +155 more products- EPSS Score: %0.04
- Published: Jun. 14, 2022
- Modified: Nov. 21, 2024