CVE漏洞

OGeek|极客世界-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2021-25387

An improper input validation vulnerability in sflacfd_get_frm() in libsflacextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：24 | 回复：0
CVE-2021-25388

Improper caller check vulnerability in Knox Core prior to SMR MAY-2021 Release 1 allows attackers to install arbitrary app.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：28 | 回复：0
CVE-2021-25389

Improper running task check in S Secure prior to SMR MAY-2021 Release 1 allows attackers to use locked app without authentication.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：21 | 回复：0
CVE-2021-25390

Intent redirection vulnerability in PhotoTable prior to SMR MAY-2021 Release 1 allows attackers to execute privileged action.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：24 | 回复：0
CVE-2021-25391

Intent redirection vulnerability in Secure Folder prior to SMR MAY-2021 Release 1 allows attackers to execute privileged action.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：19 | 回复：0
CVE-2021-25392

Improper protection of backup path configuration in Samsung Dex prior to SMR MAY-2021 Release 1 allows local attackers to get sensitive information via changing the path.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：29 | 回复：0
CVE-2021-25393

Improper sanitization of incoming intent in SecSettings prior to SMR MAY-2021 Release 1 allows local attackers to get permissions to access system uid data.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：14 | 回复：0
CVE-2021-25394

A use after free vulnerability via race condition in MFC charger driver prior to SMR MAY-2021 Release 1 allows arbitrary write given a radio privilege is compromised.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：7 | 回复：0
CVE-2021-25395

A race condition in MFC charger driver prior to SMR MAY-2021 Release 1 allows local attackers to bypass signature check given a radio privilege is compromised.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：8 | 回复：0
CVE-2021-25396

An improper input validation vulnerability in NPU firmware prior to SMR MAY-2021 Release 1 allows arbitrary memory write and code execution.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：27 | 回复：0
CVE-2021-25397

An improper access control vulnerability in TelephonyUI prior to SMR MAY-2021 Release 1 allows local attackers to write arbitrary files of telephony process via untrusted applications.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：34 | 回复：0
CVE-2021-25398

Intent redirection vulnerability in Bixby Voice prior to version 3.1.12 allows attacker to access contacts.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：18 | 回复：0
CVE-2021-25399

Improper configuration in Smart Manager prior to version 11.0.05.0 allows attacker to access the file with system privilege.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：20 | 回复：0
CVE-2021-25400

Intent redirection vulnerability in Samsung Internet prior to version 14.0.1.20 allows attacker to execute privileged action.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：19 | 回复：0
CVE-2021-25401

Intent redirection vulnerability in Samsung Health prior to version 6.16 allows attacker to execute privileged action.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：18 | 回复：0
CVE-2021-25402

Information Exposure vulnerability in Samsung Notes prior to version 4.2.04.27 allows attacker to access s pen latency information.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：15 | 回复：0
CVE-2021-25403

Intent redirection vulnerability in Samsung Account prior to version 10.8.0.4 in Android P(9.0) and below, and 12.2.0.9 in Android Q(10.0) and above allows attacker to access contacts and file provide ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：17 | 回复：0
CVE-2021-25404

Information Exposure vulnerability in SmartThings prior to version 1.7.64.21 allows attacker to access user information via log.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：18 | 回复：0
CVE-2021-25405

An improper access control vulnerability in ScreenOffActivity in Samsung Notes prior to version 4.2.04.27 allows untrusted applications to access local files.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：15 | 回复：0
CVE-2021-25406

Information exposure vulnerability in Gear S Plugin prior to version 2.2.05.20122441 allows unstrusted applications to access connected BT device information.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：19 | 回复：0
CVE-2021-25407

A possible out of bounds write vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：14 | 回复：0
CVE-2021-25408

A possible buffer overflow vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write and code execution.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：15 | 回复：0
CVE-2021-25409

Improper access in Notification setting prior to SMR JUN-2021 Release 1 allows physically proximate attackers to set arbitrary notification via physically configuring device.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：9 | 回复：0
CVE-2021-25410

Improper access control of a component in CallBGProvider prior to SMR JUN-2021 Release 1 allows local attackers to access arbitrary files with an escalated privilege.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：23 | 回复：0
CVE-2021-25411

Improper address validation vulnerability in RKP api prior to SMR JUN-2021 Release 1 allows root privileged local attackers to write read-only kernel memory.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：17 | 回复：0
CVE-2021-25412

An improper access control vulnerability in genericssoservice prior to SMR JUN-2021 Release 1 allows local attackers to execute protected activity with system privilege via untrusted applications.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：14 | 回复：0
CVE-2021-25413

Improper sanitization of incoming intent in Samsung Contacts prior to SMR JUN-2021 Release 1 allows local attackers to get permissions to access arbitrary data with Samsung Contacts privilege.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：21 | 回复：0
CVE-2021-25414

Improper sanitization of incoming intent in Samsung Contacts prior to SMR JUN-2021 Release 1 allows local attackers to copy or overwrite arbitrary files with Samsung Contacts privilege.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：15 | 回复：0
CVE-2021-25415

Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to remap EL2 memory as writable.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：18 | 回复：0
CVE-2021-25416

Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to create executable kernel page outside code area.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：15 | 回复：0
CVE-2021-25417

Improper authorization in SDP SDK prior to SMR JUN-2021 Release 1 allows access to internal storage.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：21 | 回复：0
CVE-2021-25418

Improper component protection vulnerability in Samsung Internet prior to version 14.0.1.62 allows untrusted applications to execute arbitrary activity in specific condition.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：34 | 回复：0
CVE-2021-25419

Non-compliance of recommended secure coding scheme in Samsung Internet prior to version 14.0.1.62 allows attackers to display fake URL in address bar via phising URL link.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：14 | 回复：0
CVE-2021-25420

Improper log management vulnerability in Galaxy Watch PlugIn prior to version 2.2.05.21033151 allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone within log.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：6 | 回复：0
CVE-2021-25421

Improper log management vulnerability in Galaxy Watch3 PlugIn prior to version 2.2.09.21033151 allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone within log.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：6 | 回复：0
CVE-2021-25422

Improper log management vulnerability in Watch Active PlugIn prior to version 2.2.07.21033151 allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone within log.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：17 | 回复：0
CVE-2021-25423

Improper log management vulnerability in Watch Active2 PlugIn prior to 2.2.08.21033151 version allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone via log.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：17 | 回复：0
CVE-2021-25424

Improper authentication vulnerability in Tizen bluetooth-frwk prior to Firmware update JUN-2021 Release allows bluetooth attacker to take over the user's bluetooth device without user awareness. ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：15 | 回复：0
CVE-2021-25425

Improper check vulnerability in Samsung Health prior to version 6.17 allows attacker to read internal cache data via exported component.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：17 | 回复：0
CVE-2021-28687

HVM soft-reset crashes toolstack libxl requires all data structures passed across its public interface to be initialized before use and disposed of afterwards by calling a specific set of functions. M ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：22 | 回复：0