![]() The package `io.netty:netty-codec-http` prior to version 4.1.77.Final contains an insufficient fix for CVE-2021-21290. Netty is an open-source, asynchronous event-driven network application framework. NOTE: the vendor's position is that this cannot be reproduced with genuine Nissan parts: for example, the combination of keyfob and door handle shown in the exploit demonstration does not match any technology that Nissan provides to customers.Ī vulnerability has been identified in Siveillance Video 2020 R2 (All versions In Apache Dubbo prior to 2.6.12 and 2.7.15, the usage of parseURL method will lead to the bypass of the white host check which can cause open redirect or SSRF vulnerability. ** DISPUTED ** The remote keyfob system on Nissan Sylphy Classic 2021 sends the same RF signal for each door-open request, which allows for a replay attack. ![]() Weak session management in DB Elettronica Telecomunicazioni SpA SFT DAB 600/C Firmware: 1.9.3 Bios firmware: 7.1 (Apr 19 2021) Gui: 2.46 FPGA: 169.55 uc: 6.15 allows attackers on the same network to bypass authentication by re-using the IP address assigned to the device by the NAT protocol. Renault Zoe EV 2021 automotive infotainment system versions 283C35202R to 283C35519R (builds to ) allows attackers to crash the infotainment system by sending arbitrary USB data via a USB device. 2021.03.26 (build version) vehicle causes a Denial of Service (DoS) in the in-car infotainment system. Injecting random data into the USB memory area on a General Motors (GM) Chevrolet Equinox 2021 Software. This issue only affects the ghostscript package as shipped with Red Hat Enterprise Linux 8. The fix for CVE-2020-16305 in ghostscript was not included in RHSA-2021:1852-06 advisory as it was claimed to be.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |