Latest CVE Feed
-
6.2
MEDIUMCVE-2021-35079
Improper validation of permissions for third party application accessing Telephony service API can lead to information disclosure in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile... Read more
Affected Products : aqt1000_firmware qca6390_firmware qca6391_firmware qca6420_firmware qca6426_firmware qca6430_firmware qca6436_firmware sd855_firmware sd865_5g_firmware sd870_firmware +112 more products- EPSS Score: %0.02
- Published: Jun. 14, 2022
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-35078
Possible memory leak due to improper validation of certificate chain length while parsing server certificate chain in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snap... Read more
Affected Products : aqt1000_firmware qca6390_firmware qca6391_firmware qca6420_firmware qca6426_firmware qca6430_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware +204 more products- EPSS Score: %0.39
- Published: Jun. 14, 2022
- Modified: Nov. 21, 2024
-
8.4
HIGHCVE-2021-35077
Possible use after free scenario in compute offloads to DSP while multiple calls spawn a dynamic process in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile... Read more
Affected Products : qca6390_firmware qca6391_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware +132 more products- EPSS Score: %0.10
- Published: Feb. 11, 2022
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-35076
Possible null pointer dereference due to improper validation of RRC connection reconfiguration message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile... Read more
Affected Products : qca6390_firmware qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sd_8_gen1_5g_firmware sd855_firmware sd865_5g_firmware +104 more products- EPSS Score: %0.25
- Published: Jun. 14, 2022
- Modified: Nov. 21, 2024
-
8.4
HIGHCVE-2021-35075
Possible null pointer dereference due to lack of WDOG structure validation during registration in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile... Read more
Affected Products : qca6391_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware sa8155p_firmware +88 more products- EPSS Score: %0.09
- Published: Feb. 11, 2022
- Modified: Nov. 21, 2024
-
8.4
HIGHCVE-2021-35074
Possible integer overflow due to improper fragment datatype while calculating number of fragments in a request message in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile... Read more
Affected Products : qca6391_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware sa8155p_firmware +72 more products- EPSS Score: %0.09
- Published: Feb. 11, 2022
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-35073
Possible assertion due to improper validation of rank restriction field in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile... Read more
Affected Products : qca6390_firmware qca6391_firmware qca6426_firmware qca6436_firmware qca6595au_firmware qca6696_firmware sd_8_gen1_5g_firmware sd855_firmware sd865_5g_firmware sd870_firmware +102 more products- EPSS Score: %0.24
- Published: Jun. 14, 2022
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-35072
Possible buffer overflow due to improper validation of array index while processing external DIAG command in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables... Read more
Affected Products : qca6574au_firmware sw5100_firmware sw5100p_firmware wcd9341_firmware wcn3980_firmware wcn3988_firmware wcn3998_firmware wsa8810_firmware wsa8815_firmware wsa8830_firmware +154 more products- EPSS Score: %0.15
- Published: Jun. 14, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-35071
Possible buffer over read due to lack of size validation while copying data from DBR buffer to RX buffer and can lead to Denial of Service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapd... Read more
Affected Products : aqt1000_firmware qam8295p_firmware qca6390_firmware qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware +332 more products- EPSS Score: %0.11
- Published: Jun. 14, 2022
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-35070
RPM secure Stream can access any secure resource due to improper SMMU configuration and can lead to information disclosure in Snapdragon Industrial IOT, Snapdragon Mobile... Read more
Affected Products : wcn3980_firmware wsa8810_firmware wsa8815_firmware wcd9370_firmware wcd9375_firmware wcn3950_firmware qcm6125_firmware qcs6125_firmware sd665_firmware qcm6125 +8 more products- EPSS Score: %0.09
- Published: Jun. 14, 2022
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-35069
Improper validation of data length received from DMA buffer can lead to memory corruption. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Sn... Read more
Affected Products : aqt1000_firmware qca6390_firmware qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware +372 more products- EPSS Score: %0.12
- Published: Feb. 11, 2022
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-35068
Lack of null check while freeing the device information buffer in the Bluetooth HFP protocol can lead to a NULL pointer dereference in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdr... Read more
Affected Products : aqt1000_firmware qca6390_firmware qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware +190 more products- EPSS Score: %0.22
- Published: Feb. 11, 2022
- Modified: Nov. 21, 2024
-
8.1
HIGHCVE-2021-35067
Meross MSG100 devices before 3.2.3 allow an attacker to replay the same data or similar data (e.g., an attacker who sniffs a Close message can transmit an acceptable Open message).... Read more
- EPSS Score: %0.22
- Published: Oct. 07, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-35066
An XXE vulnerability exists in ConnectWise Automate before 2021.0.6.132.... Read more
Affected Products : automate- EPSS Score: %0.43
- Published: Jun. 21, 2021
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2021-35064
KramerAV VIAWare, all tested versions, allow privilege escalation through misconfiguration of sudo. Sudoers permits running of multiple dangerous commands, including unzip, systemctl and dpkg.... Read more
Affected Products : viaware- EPSS Score: %79.05
- Published: Jul. 12, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGH- EPSS Score: %0.90
- Published: Jul. 22, 2021
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2021-35062
A Shell Metacharacter Injection vulnerability in result.php in DRK Odenwaldkreis Testerfassung March-2021 allow an attacker with a valid token of a COVID-19 test result to execute shell commands with the permissions of the web server.... Read more
- EPSS Score: %0.31
- Published: Aug. 30, 2021
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-35061
Multiple cross-site scripting (XSS) vulnerabilities in DRK Odenwaldkreis Testerfassung March-2021 allow remote attackers to inject arbitrary web script or HTML via all parameters to HTML form fields in all components.... Read more
Affected Products : testerfassung- EPSS Score: %0.22
- Published: Aug. 30, 2021
- Modified: Nov. 21, 2024
-
5.3
MEDIUMCVE-2021-35060
/way4acs/enroll in OpenWay WAY4 ACS before 1.2.278-2693 allows unauthenticated attackers to leverage response differences to discover whether a specific payment card number is stored in the system.... Read more
Affected Products : way4- EPSS Score: %0.32
- Published: Oct. 11, 2021
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-35059
OpenWay WAY4 ACS before 1.2.278-2693 allows XSS via the /way4acs/enroll action parameter.... Read more
Affected Products : way4- EPSS Score: %0.45
- Published: Oct. 11, 2021
- Modified: Nov. 21, 2024