|
197751
|
5.5 |
MEDIUM
Local
|
nvidia
|
virtual_gpu
|
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager kernel mode driver (nvidia.ko), in which a pointer to a user-space buffer is not validated before it is dereferenced, which ma…
|
NVD-CWE-Other
|
CVE-2021-1100
|
2024-11-21 14:43 |
2021-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197752
|
7.8 |
HIGH
Local
|
nvidia
|
virtual_gpu
|
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin) that could allow an attacker to cause stack-based buffer overflow and put a customized ROP gadget on the stack. …
|
CWE-787
Out-of-bounds Write
|
CVE-2021-1099
|
2024-11-21 14:43 |
2021-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197753
|
7.8 |
HIGH
Local
|
nvidia
|
virtual_gpu
|
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it doesn't release some resources during driver unload requests from guests. This flaw allows a malicious…
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2021-1098
|
2024-11-21 14:43 |
2021-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197754
|
7.8 |
HIGH
Local
|
nvidia
|
virtual_gpu
|
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it improperly validates the length field in a request from a guest. This flaw allows a malicious guest to…
|
CWE-20
Improper Input Validation
|
CVE-2021-1097
|
2024-11-21 14:43 |
2021-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197755
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In isRealSnapshot of TaskThumbnailView.java, there is possible data exposure due to a missing permission check. This could lead to local information disclosure from locked profiles with no additional…
|
CWE-862
Missing Authorization
|
CVE-2021-0654
|
2024-11-21 14:43 |
2021-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197756
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In generateFileInfo of BluetoothOppSendFileInfo.java, there is a possible way to share private files over Bluetooth due to a confused deputy. This could lead to local information disclosure with no a…
|
NVD-CWE-Other
|
CVE-2021-0604
|
2024-11-21 14:43 |
2021-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197757
|
7.8 |
HIGH
Local
|
google
|
android
|
In onCreate of ContactSelectionActivity.java, there is a possible way to get access to contacts without permission due to a tapjacking/overlay attack. This could lead to local escalation of privilege…
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2021-0603
|
2024-11-21 14:43 |
2021-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197758
|
7.8 |
HIGH
Local
|
google
|
android
|
In onCreateOptionsMenu of WifiNetworkDetailsFragment.java, there is a possible way for guest users to view and modify Wi-Fi settings for all configured APs due to a permissions bypass. This could lea…
|
CWE-200
Information Exposure
|
CVE-2021-0602
|
2024-11-21 14:43 |
2021-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197759
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In encodeFrames of avc_enc_fuzzer.cpp, there is a possible out of bounds write due to a double free. This could lead to local information disclosure with no additional execution privileges needed. Us…
|
CWE-787
CWE-415
Out-of-bounds Write
Double Free
|
CVE-2021-0601
|
2024-11-21 14:43 |
2021-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197760
|
7.4 |
HIGH
Network
|
cisco
|
dna_center
|
A vulnerability in the Cisco Identity Services Engine (ISE) integration feature of the Cisco DNA Center Software could allow an unauthenticated, remote attacker to gain unauthorized access to sensiti…
|
CWE-295
Improper Certificate Validation
|
CVE-2021-1134
|
2024-11-21 14:43 |
2021-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
