Latest CVE Feed
-
8.4
HIGHCVE-2021-30260
Possible Integer overflow to buffer overflow issue can occur due to improper validation of input parameters when extscan hostlist configuration command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electr... Read more
Affected Products : aqt1000_firmware qca6390_firmware qca6391_firmware qca6420_firmware qca6426_firmware qca6430_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware +506 more products- EPSS Score: %0.05
- Published: Sep. 17, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-30259
Possible out of bound access due to improper validation of function table entries in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon ... Read more
Affected Products : aqt1000_firmware qca6390_firmware qca6391_firmware qca6420_firmware qca6426_firmware qca6430_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware +306 more products- EPSS Score: %0.05
- Published: Nov. 12, 2021
- Modified: Nov. 21, 2024
-
8.4
HIGHCVE-2021-30258
Possible buffer overflow due to improper size calculation of payload received in VR service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables... Read more
Affected Products : aqt1000_firmware qca6390_firmware qca6391_firmware qca6420_firmware qca6426_firmware qca6430_firmware qca6436_firmware qca6574au_firmware sd855_firmware sd865_5g_firmware +184 more products- EPSS Score: %0.04
- Published: Oct. 20, 2021
- Modified: Nov. 21, 2024
-
8.4
HIGHCVE-2021-30257
Possible out of bound read or write in VR service due to lack of validation of DSP selection values in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT... Read more
Affected Products : aqt1000_firmware qca6390_firmware qca6391_firmware qca6420_firmware qca6426_firmware qca6430_firmware qca6436_firmware sd855_firmware sd865_5g_firmware sd870_firmware +144 more products- EPSS Score: %0.09
- Published: Oct. 20, 2021
- Modified: Nov. 21, 2024
-
8.4
HIGHCVE-2021-30256
Possible stack overflow due to improper validation of camera name length before copying the name in VR Service in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT... Read more
Affected Products : aqt1000_firmware qca6390_firmware qca6391_firmware qca6420_firmware qca6426_firmware qca6430_firmware qca6436_firmware sd855_firmware sd865_5g_firmware sd870_firmware +144 more products- EPSS Score: %0.04
- Published: Oct. 20, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-30255
Possible buffer overflow due to improper input validation in PDM DIAG command in FTM in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice &... Read more
Affected Products : aqt1000_firmware qca6390_firmware qca6391_firmware qca6420_firmware qca6426_firmware qca6430_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware +366 more products- EPSS Score: %0.04
- Published: Nov. 12, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-30254
Possible buffer overflow due to improper input validation in factory calibration and test DIAG command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, ... Read more
Affected Products : aqt1000_firmware qca6390_firmware qca6391_firmware qca6420_firmware qca6430_firmware qca6574au_firmware qca6595au_firmware sd855_firmware sd865_5g_firmware sd870_firmware +316 more products- EPSS Score: %0.04
- Published: Nov. 12, 2021
- Modified: Nov. 21, 2024
-
9.1
CRITICALCVE-2021-30246
In the jsrsasign package through 10.1.13 for Node.js, some invalid RSA PKCS#1 v1.5 signatures are mistakenly recognized to be valid. NOTE: there is no known practical attack.... Read more
Affected Products : jsrsasign- EPSS Score: %0.20
- Published: Apr. 07, 2021
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2021-30245
The project received a report that all versions of Apache OpenOffice through 4.1.8 can open non-http(s) hyperlinks. The problem has existed since about 2006 and the issue is also in 4.1.9. If the link is specifically crafted this could lead to untrusted c... Read more
Affected Products : openoffice- EPSS Score: %0.99
- Published: Apr. 15, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-30234
The api/ZRIGMP/set_MLD_PROXY interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the MLD_PROXY_WAN_CONNECT parameter.... Read more
- EPSS Score: %3.19
- Published: Apr. 29, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-30233
The api/ZRIptv/setIptvInfo interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the iptv_vlan parameter.... Read more
- EPSS Score: %3.19
- Published: Apr. 29, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-30232
The api/ZRIGMP/set_IGMP_PROXY interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the IGMP_PROXY_WAN_CONNECT parameter.... Read more
- EPSS Score: %3.19
- Published: Apr. 29, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-30231
The api/zrDm/set_ZRElink interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the bssaddr, abiaddr, devtoken, devid, elinksync, or elink_proc_enable parameter.... Read more
- EPSS Score: %3.19
- Published: Apr. 29, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-30230
The api/ZRFirmware/set_time_zone interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the zonename parameter.... Read more
- EPSS Score: %3.19
- Published: Apr. 29, 2021
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2021-30229
The api/zrDm/set_zrDm interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the dm_enable, AppKey, or Pwd parameter.... Read more
- EPSS Score: %3.12
- Published: Apr. 29, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-30228
The api/ZRAndlink/set_ZRAndlink interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the iandlink_proc_enable parameter.... Read more
- EPSS Score: %3.19
- Published: Apr. 29, 2021
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-30227
Cross Site Scripting (XSS) vulnerability in the article comments feature in emlog 6.0.... Read more
Affected Products : emlog- EPSS Score: %0.21
- Published: Apr. 29, 2021
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2021-30224
Cross Site Request Forgery (CSRF) in Rukovoditel v2.8.3 allows attackers to create an admin user with an arbitrary credentials.... Read more
Affected Products : rukovoditel- EPSS Score: %0.11
- Published: Apr. 29, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-30219
samurai 1.2 has a NULL pointer dereference in printstatus() function in build.c via a crafted build file.... Read more
Affected Products : samurai- EPSS Score: %0.27
- Published: Apr. 29, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-30218
samurai 1.2 has a NULL pointer dereference in writefile() in util.c via a crafted build file.... Read more
Affected Products : samurai- EPSS Score: %0.27
- Published: Apr. 29, 2021
- Modified: Nov. 21, 2024