» 2022 » 1월

CVE-2021-40020

Posted on 2022년 1월 10일2022년 1월 11일 by admin

CVE-2021-40020

There is an Out-of-bounds array read vulnerability in the security storage module in smartphones. Successful exploitation of this vulnerability may affect service confidentiality.

Source: CVE-2021-40020

CVE-2021-40006

Posted on 2022년 1월 10일2022년 1월 11일 by admin

CVE-2021-40006

The fingerprint module has a security risk of brute force cracking. Successful exploitation of this vulnerability may affect data confidentiality.

Source: CVE-2021-40006

CVE-2021-40011

Posted on 2022년 1월 10일2022년 1월 11일 by admin

CVE-2021-40011

There is an Uncontrolled resource consumption vulnerability in the display module in smartphones. Successful exploitation of this vulnerability may affect service integrity.

Source: CVE-2021-40011

CVE-2021-40009

Posted on 2022년 1월 10일2022년 1월 11일 by admin

CVE-2021-40009

There is an Out-of-bounds write vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity.

Source: CVE-2021-40009

CVE-2021-40026

Posted on 2022년 1월 10일2022년 1월 11일 by admin

CVE-2021-40026

There is a Heap-based buffer overflow vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity.

Source: CVE-2021-40026

CVE-2021-40004

Posted on 2022년 1월 10일2022년 1월 11일 by admin

CVE-2021-40004

The cellular module has a vulnerability in permission management. Successful exploitation of this vulnerability may affect data confidentiality.

Source: CVE-2021-40004

CVE-2021-40022

Posted on 2022년 1월 10일2022년 1월 11일 by admin

CVE-2021-40022

The weaver module has a vulnerability in parameter type verification,Successful exploitation of this vulnerability may affect data confidentiality.

Source: CVE-2021-40022

CVE-2021-40021

Posted on 2022년 1월 10일2022년 1월 11일 by admin

CVE-2021-40021

The eID module has an out-of-bounds memory write vulnerability,Successful exploitation of this vulnerability may affect data confidentiality.

Source: CVE-2021-40021

CVE-2021-38921

Posted on 2022년 1월 10일2022년 1월 11일 by admin

CVE-2021-38921

IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 210067.

Source: CVE-2021-38921

CVE-2021-38674

Posted on 2022년 1월 7일2022년 1월 7일 by admin

CVE-2021-38674

A cross-site scripting (XSS) vulnerability has been reported to affect QTS, QuTS hero and QuTScloud. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of QTS, QuTS hero and QuTScloud: QuTS hero h4.5.4.1771 build 20210825 and later QTS 4.5.4.1787 build 20210910 and later QuTScloud c4.5.7.1864 and later

Source: CVE-2021-38674