събота, 29 май 2021 г.

Weekly Digest: a new vulnerability is published on the National Vulnerability Database (72 items)

New vulnerabilities from the NVD: CVE-2020-15864

An issue was discovered in Quali CloudShell 9.3. An XSS vulnerability in the login page allows an attacker to craft a URL, with a constructor.constructor substring in the username field, that executes a payload when the user visits the /Account/Login page.
Published at: January 17, 2021 at 10:15PM
View on website

January 17, 2021 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-29450

Affected versions of Atlassian Confluence Server and Data Center allow remote attackers to impact the application's availability via a Denial of Service (DoS) vulnerability in the avatar upload feature. The affected versions are before version 7.2.0.
Published at: January 19, 2021 at 03:15AM
View on website

January 19, 2021 at 08:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-28478

This affects the package gsap before 3.6.0.
Published at: January 19, 2021 at 01:15PM
View on website

January 19, 2021 at 03:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-28477

This affects all versions of package immer.
Published at: January 19, 2021 at 01:15PM
View on website

January 19, 2021 at 03:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-28472

This affects the package @aws-sdk/shared-ini-file-loader before 1.0.0-rc.9; the package aws-sdk before 2.814.0. If an attacker submits a malicious INI file to an application that parses it with loadSharedConfigFiles , they will pollute the prototype on the application. This can be exploited further depending on the context.
Published at: January 19, 2021 at 01:15PM
View on website

January 19, 2021 at 03:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-23522

Pixelimity 1.0 has cross-site request forgery via the admin/setting.php data [Password] parameter.
Published at: January 19, 2021 at 03:15PM
View on website

January 19, 2021 at 05:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-23342

A CSRF vulnerability exists in Anchor CMS 0.12.7 anchor/views/users/edit.php that can change the Delete admin users.
Published at: January 19, 2021 at 04:15PM
View on website

January 19, 2021 at 05:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-20950

Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in Microchip Libraries for Applications 2018-11-26 All up to 2018-11-26. The vulnerability can allow one to use Bleichenbacher's oracle attack to decrypt an encrypted ciphertext by making successive queries to the server using the vulnerable library, resulting in remote information disclosure.
Published at: January 19, 2021 at 03:15PM
View on website

January 19, 2021 at 05:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-28482

This affects the package fastify-csrf before 3.0.0. 1. The generated cookie used insecure defaults, and did not have the httpOnly flag on: cookieOpts: { path: '/', sameSite: true } 2. The CSRF token was available in the GET query parameter
Published at: January 19, 2021 at 05:15PM
View on website

January 19, 2021 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-28481

The package socket.io before 2.4.0 are vulnerable to Insecure Defaults due to CORS Misconfiguration. All domains are whitelisted by default.
Published at: January 19, 2021 at 05:15PM
View on website

January 19, 2021 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-28480

The package jointjs before 3.3.0 are vulnerable to Prototype Pollution via util.setByPath (https://resources.jointjs.com/docs/jointjs/v3.2/joint.htmlutil.setByPath). The path used the access the object's key and set the value is not properly sanitized, leading to a Prototype Pollution.
Published at: January 19, 2021 at 05:15PM
View on website

January 19, 2021 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-28479

The package jointjs before 3.3.0 are vulnerable to Denial of Service (DoS) via the unsetByPath function.
Published at: January 19, 2021 at 05:15PM
View on website

January 19, 2021 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-27733

Zoho ManageEngine Applications Manager before 14 build 14880 allows an authenticated SQL Injection via a crafted Alarmview request.
Published at: January 19, 2021 at 06:15PM
View on website

January 19, 2021 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-27276

SOOIL Developments Co Ltd DiabecareRS,AnyDana-i & AnyDana-A, the communication protocol of the insulin pump and its AnyDana-i & AnyDana-A mobile apps doesn't use adequate measures to authenticate the communicating entities before exchanging keys, which allows unauthenticated, physically proximate attackers to eavesdrop the authentication sequence via Bluetooth Low Energy.
Published at: January 19, 2021 at 07:15PM
View on website

January 19, 2021 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-27272

SOOIL Developments CoLtd DiabecareRS, AnyDana-i, AnyDana-A, The communication protocol of the insulin pump and AnyDana-i,AnyDana-A mobile apps doesn't use adequate measures to authenticate the pump before exchanging keys, which allows unauthenticated, physically proximate attackers to eavesdrop the keys and spoof the pump via BLE.
Published at: January 19, 2021 at 07:15PM
View on website

January 19, 2021 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-27270

SOOIL Developments CoLtd DiabecareRS, AnyDana-i ,AnyDana-A, communication protocol of the insulin pump & AnyDana-i,AnyDana-A mobile apps doesnt use adequate measures to protect encryption keys in transit which allows unauthenticated physically proximate attacker to sniff keys via (BLE).
Published at: January 19, 2021 at 07:15PM
View on website

January 19, 2021 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-14410

SDL (Simple DirectMedia Layer) through 2.0.12 has a heap-based buffer over-read in Blit_3or4_to_3or4__inversed_rgb in video/SDL_blit_N.c via a crafted .BMP file.
Published at: January 19, 2021 at 10:15PM
View on website

January 19, 2021 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-14409

SDL (Simple DirectMedia Layer) through 2.0.12 has an Integer Overflow (and resultant SDL_memcpy heap corruption) in SDL_BlitCopy in video/SDL_blit_copy.c via a crafted .BMP file.
Published at: January 19, 2021 at 10:15PM
View on website

January 19, 2021 at 11:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-27269

In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, the communication protocol of the insulin pump and its AnyDana-i and AnyDana-A mobile applications lacks replay protection measures, which allows unauthenticated, physically proximate attackers to replay communication sequences via Bluetooth Low Energy.
Published at: January 20, 2021 at 12:15AM
View on website

January 20, 2021 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-27268

In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, a client-side control vulnerability in the insulin pump and its AnyDana-i and AnyDana-A mobile applications allows physically proximate attackers to bypass checks for default PINs via Bluetooth Low Energy.
Published at: January 20, 2021 at 12:15AM
View on website

January 20, 2021 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-27266

In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, a client-side control vulnerability in the insulin pump and its AnyDana-i and AnyDana-A mobile applications allows physically proximate attackers to bypass user authentication checks via Bluetooth Low Energy.
Published at: January 20, 2021 at 12:15AM
View on website

January 20, 2021 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-27264

In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, the communication protocol of the insulin pump and its AnyDana-i and AnyDana-A mobile applications use deterministic keys, which allows unauthenticated, physically proximate attackers to brute-force the keys via Bluetooth Low Energy.
Published at: January 19, 2021 at 11:15PM
View on website

January 20, 2021 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-27258

In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, an information disclosure vulnerability in the communication protocol of the insulin pump and its AnyDana-i and AnyDana-A mobile applications allows unauthenticated attackers to extract the pump’s keypad lock PIN via Bluetooth Low Energy.
Published at: January 19, 2021 at 11:15PM
View on website

January 20, 2021 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-27256

In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, a hard-coded physician PIN in the physician menu of the insulin pump allows attackers with physical access to change insulin therapy settings.
Published at: January 19, 2021 at 11:15PM
View on website

January 20, 2021 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-11997

Apache Guacamole 1.2.0 and earlier do not consistently restrict access to connection history based on user visibility. If multiple users share access to the same connection, those users may be able to see which other users have accessed that connection, as well as the IP addresses from which that connection was accessed, even if those users do not otherwise have permission to see other users.
Published at: January 20, 2021 at 12:15AM
View on website

January 20, 2021 at 01:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-25385

Nagios Log Server 2.1.7 contains a cross-site scripting (XSS) vulnerability in /nagioslogserver/configure/create_snapshot through the snapshot_name parameter, which may impact users who open a maliciously crafted link or third-party web page.
Published at: January 20, 2021 at 03:15AM
View on website

January 20, 2021 at 08:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-19364

OpenEMR 5.0.1 allows an authenticated attacker to upload and execute malicious PHP scripts through /controller.php.
Published at: January 20, 2021 at 03:15AM
View on website

January 20, 2021 at 08:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-19363

Vtiger CRM v7.2.0 allows an attacker to display hidden files, list directories by using /libraries and /layout directories.
Published at: January 20, 2021 at 03:15AM
View on website

January 20, 2021 at 08:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-19362

Reflected XSS in Vtiger CRM v7.2.0 in vtigercrm/index.php? through the view parameter can result in an attacker performing malicious actions to users who open a maliciously crafted link or third-party web page.
Published at: January 20, 2021 at 03:15AM
View on website

January 20, 2021 at 08:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-19361

Reflected XSS in Medintux v2.16.000 CCAM.php by manipulating the mot1 parameter can result in an attacker performing malicious actions to users who open a maliciously crafted link or third-party web page.
Published at: January 20, 2021 at 03:15AM
View on website

January 20, 2021 at 08:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-19360

Local file inclusion in FHEM 6.0 allows in fhem/FileLog_logWrapper file parameter can allow an attacker to include a file, which can lead to sensitive information disclosure.
Published at: January 20, 2021 at 03:15AM
View on website

January 20, 2021 at 08:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-13134

Tufin SecureChange prior to R19.3 HF3 and R20-1 HF1 are vulnerable to stored XSS. The successful exploitation requires admin privileges (for storing the XSS payload itself), and can exploit (be triggered by) admin users. All TOS versions with SecureChange deployments prior to R19.3 HF3 and R20-1 HF1 are affected. Vulnerabilities were fixed in R19.3 HF3 and R20-1 HF1.
Published at: January 20, 2021 at 04:15AM
View on website

January 20, 2021 at 08:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-13133

Tufin SecureChange prior to R19.3 HF3 and R20-1 HF1 are vulnerable to stored XSS. The successful exploitation requires admin privileges (for storing the XSS payload itself), and can exploit (be triggered by) unauthenticated users. All TOS versions with SecureChange deployments prior to R19.3 HF3 and R20-1 HF1 are affected. Vulnerabilities were fixed in R19.3 HF3 and R20-1 HF1
Published at: January 20, 2021 at 04:15AM
View on website

January 20, 2021 at 08:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-25685

A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.
Published at: January 20, 2021 at 06:15PM
View on website

January 20, 2021 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-25684

A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.
Published at: January 20, 2021 at 06:15PM
View on website

January 20, 2021 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-25683

A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in get_rdata() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.
Published at: January 20, 2021 at 06:15PM
View on website

January 20, 2021 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-20949

Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in STM32 cryptographic firmware library software expansion for STM32Cube (UM1924). The vulnerability can allow one to use Bleichenbacher's oracle attack to decrypt an encrypted ciphertext by making successive queries to the server using the vulnerable library, resulting in remote information disclosure.
Published at: January 20, 2021 at 06:15PM
View on website

January 20, 2021 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-14756

Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core Components). Supported versions that are affected are 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to compromise Oracle Coherence. Successful attacks of this vulnerability can result in takeover of Oracle Coherence. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
Published at: January 20, 2021 at 05:15PM
View on website

January 20, 2021 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-14360

A flaw was found in the X.Org Server before version 1.20.10. An out-of-bounds access in the XkbSetMap function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Published at: January 20, 2021 at 06:15PM
View on website

January 20, 2021 at 07:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-25682

A flaw was found in dnsmasq before 2.83. A buffer overflow vulnerability was discovered in the way dnsmasq extract names from DNS packets before validating them with DNSSEC data. An attacker on the network, who can create valid DNS replies, could use this flaw to cause an overflow with arbitrary data in a heap-allocated memory, possibly executing code on the machine. The flaw is in the rfc1035.c:extract_name() function, which writes data to the memory pointed by name assuming MAXDNAME*2 bytes are available in the buffer. However, in some code execution paths, it is possible extract_name() gets passed an offset from the base buffer, thus reducing, in practice, the number of available bytes that can be written in the buffer. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Published at: January 20, 2021 at 07:15PM
View on website

January 20, 2021 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-25681

A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating with DNSSEC data. An attacker on the network, who can forge DNS replies such as that they are accepted as valid, could use this flaw to cause a buffer overflow with arbitrary data in a heap memory segment, possibly executing code on the machine. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Published at: January 20, 2021 at 07:15PM
View on website

January 20, 2021 at 09:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-27221

In Eclipse OpenJ9 up to version 0.23, there is potential for a stack-based buffer overflow when the virtual machine or JNI natives are converting from UTF-8 characters to platform encoding.
Published at: January 21, 2021 at 07:15AM
View on website

January 21, 2021 at 08:36AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-11225

Out of bound access in WLAN driver due to lack of validation of array length before copying into array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
Published at: January 21, 2021 at 12:15PM
View on website

January 21, 2021 at 01:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-11217

A possible double free or invalid memory access in audio driver while reading Speaker Protection parameters in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
Published at: January 21, 2021 at 12:15PM
View on website

January 21, 2021 at 01:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-11216

Buffer over read can happen in video driver when playing clip with atomsize having value UINT32_MAX in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Published at: January 21, 2021 at 12:15PM
View on website

January 21, 2021 at 01:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-11215

An out of bounds read can happen when processing VSA attribute due to improper minimum required length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
Published at: January 21, 2021 at 12:15PM
View on website

January 21, 2021 at 01:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-11214

Buffer over-read while processing NDL attribute if attribute length is larger than expected and then FW is treating it as more number of immutable schedules in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
Published at: January 21, 2021 at 12:15PM
View on website

January 21, 2021 at 01:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-11213

Out of bound reads might occur in while processing Service descriptor due to improper validation of length of fields in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
Published at: January 21, 2021 at 12:15PM
View on website

January 21, 2021 at 01:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-11212

Out of bounds reads while parsing NAN beacons attributes and OUIs due to improper length of field check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
Published at: January 21, 2021 at 12:15PM
View on website

January 21, 2021 at 01:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-11200

Buffer over-read while parsing RPS due to lack of check of input validation on values received from user side. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
Published at: January 21, 2021 at 12:15PM
View on website

January 21, 2021 at 01:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-11197

Possible integer overflow can occur when stream info update is called when total number of streams detected are zero while parsing TS clip with invalid data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Published at: January 21, 2021 at 12:15PM
View on website

January 21, 2021 at 01:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-11185

Out of bound issue in WLAN driver while processing vdev responses from firmware due to lack of validation of data received from firmware in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
Published at: January 21, 2021 at 12:15PM
View on website

January 21, 2021 at 01:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-11183

A process can potentially cause a buffer overflow in the display service allowing privilege escalation by executing code as that service in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Published at: January 21, 2021 at 12:15PM
View on website

January 21, 2021 at 01:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-11181

Out of bound access issue while handling cvp process control command due to improper validation of buffer pointer received from HLOS in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
Published at: January 21, 2021 at 12:15PM
View on website

January 21, 2021 at 01:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-11180

Out of bound access in computer vision control due to improper validation of command length before processing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
Published at: January 21, 2021 at 12:15PM
View on website

January 21, 2021 at 01:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-11179

Arbitrary read and write to kernel addresses by temporarily overwriting ring buffer pointer and creating a race condition. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Published at: January 21, 2021 at 12:15PM
View on website

January 21, 2021 at 01:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-11167

Memory corruption while calculating L2CAP packet length in reassembly logic when remote sends more data than expected in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Published at: January 21, 2021 at 12:15PM
View on website

January 21, 2021 at 01:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-11152

Race condition in HAL layer while processing callback objects received from HIDL due to lack of synchronization between accessing objects in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Published at: January 21, 2021 at 12:15PM
View on website

January 21, 2021 at 01:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-11151

Race condition occurs while calling user space ioctl from two different threads can results to use after free issue in video in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
Published at: January 21, 2021 at 12:15PM
View on website

January 21, 2021 at 01:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-11150

Out of bound memory access in camera driver due to improper validation on data coming from UMD which is used for offset manipulation of pointer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Published at: January 21, 2021 at 12:15PM
View on website

January 21, 2021 at 01:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-11149

Out of bound access due to usage of an out-of-range pointer offset in the camera driver. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Published at: January 21, 2021 at 12:15PM
View on website

January 21, 2021 at 01:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-11148

Use after free issue in HIDL while using callback to post event in Rx thread when internal mutex is not acquired and meantime close is triggered and callback instance is deleted in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
Published at: January 21, 2021 at 12:15PM
View on website

January 21, 2021 at 01:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-11146

Out of bound write while copying data using IOCTL due to lack of check of array index received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Published at: January 21, 2021 at 12:15PM
View on website

January 21, 2021 at 01:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-11145

Divide by zero issue can happen while updating delta extension header due to improper validation of master SN and extension header SN in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Published at: January 21, 2021 at 12:15PM
View on website

January 21, 2021 at 01:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-11144

Buffer over-read while UE process invalid DL ROHC packet for decompression due to lack of check of size of compresses packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Published at: January 21, 2021 at 12:15PM
View on website

January 21, 2021 at 01:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-11143

Out of bound memory access during music playback with modified content due to copying data without checking destination buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
Published at: January 21, 2021 at 12:15PM
View on website

January 21, 2021 at 01:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-11140

Out of bound memory access during music playback with ALAC modified content due to improper validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
Published at: January 21, 2021 at 12:15PM
View on website

January 21, 2021 at 01:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-11139

Out of bound memory access while processing frames due to lack of check of invalid frames received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
Published at: January 21, 2021 at 12:15PM
View on website

January 21, 2021 at 01:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-11138

Uninitialized pointers accessed during music play back with incorrect bit stream due to an uninitialized heap memory result in instability in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
Published at: January 21, 2021 at 12:15PM
View on website

January 21, 2021 at 01:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-11137

Integer multiplication overflow resulting in lower buffer size allocation than expected causes memory access out of bounds resulting in possible device instability in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
Published at: January 21, 2021 at 12:15PM
View on website

January 21, 2021 at 01:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-11136

Buffer Over-read in audio driver while using malloc management function due to not returning NULL for zero sized memory requirement in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
Published at: January 21, 2021 at 12:15PM
View on website

January 21, 2021 at 01:36PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-11119

Buffer over-read can happen when the buffer length received from response handlers is more than the size of the payload in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
Published at: January 21, 2021 at 12:15PM
View on website

January 21, 2021 at 01:36PM

via National Vulnerability Database


Няма коментари:

Публикуване на коментар