Category Archives: Advisories

CVE-2020-14131

October 11, 2022

Read Time:14 Second

The Xiaomi Security Center expresses heartfelt thanks to ADLab of VenusTech ! At the same time, we also welcome more outstanding and professional security experts and security teams to join the Mi Security Center (MiSRC) to jointly ensure the safe access of millions of Xiaomi users worldwide Life.

Advisories

CVE-2021-0696

October 11, 2022

Read Time:14 Second

In dllist_remove_node of TBD, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-242344778

Advisories

CVE-2021-0951

October 11, 2022

Read Time:13 Second

In DevmemIntHeapAcquire of TBD, there is a possible arbitrary code execution due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-242345085

Advisories

USN-5670-1: .NET 6 vulnerability

October 11, 2022

Read Time:8 Second

Edward Thomson discovered that .NET 6 incorrectly handled
permissions for local NuGet cache. A local attacker could
possibly use this issue to execute arbitrary code.

Advisories

CVE-2021-36899

October 11, 2022

Read Time:7 Second

Authenticated (admin+) Reflected Cross-Site Scripting (XSS) vulnerability in Gabe Livan’s Asset CleanUp: Page Speed Booster plugin <= 1.3.8.4 at WordPress.

Advisories

CVE-2021-36913

October 11, 2022

Read Time:12 Second

Unauthenticated Options Change and Content Injection vulnerability in Qube One Redirection for Contact Form 7 plugin <= 2.4.0 at WordPress allows attackers to change options and inject scripts into the footer HTML. Requires an additional extension (plugin) AccessiBe.

Advisories