Vulnerabilities > Realtek
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-22 | CVE-2021-39306 | Out-of-bounds Write vulnerability in Realtek Rtl8195Am Firmware 2.0.10/2.0.6 A stack buffer overflow was discovered on Realtek RTL8195AM device before 2.0.10, it exists in the client code when an attacker sends a big size Authentication challenge text in WEP security. | 7.5 |
| 2021-11-11 | CVE-2021-43573 | Classic Buffer Overflow vulnerability in Realtek Rtl8195Am Firmware 2.0.10/2.0.6 A buffer overflow was discovered on Realtek RTL8195AM devices before 2.0.10. | 7.5 |
| 2021-11-02 | CVE-2021-36922 | Unspecified vulnerability in Realtek Rtsupx USB Utility Driver RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve unauthorized access to USB devices (Escalation of Privileges, Denial of Service, Code Execution, and Information Disclosure) via a crafted Device IO Control packet to a device. | 7.2 |
| 2021-11-02 | CVE-2021-36923 | Unspecified vulnerability in Realtek Rtsupx USB Utility Driver RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve unauthorized access to USB device privileged IN and OUT instructions (leading to Escalation of Privileges, Denial of Service, Code Execution, and Information Disclosure) via a crafted Device IO Control packet to a device. | 7.2 |
| 2021-11-02 | CVE-2021-36924 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Realtek Rtsupx USB Utility Driver RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve a pool overflow (leading to Escalation of Privileges, Denial of Service, and Code Execution) via a crafted Device IO Control packet to a device. | 7.2 |
| 2021-11-02 | CVE-2021-36925 | Unspecified vulnerability in Realtek Rtsupx USB Utility Driver RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve an arbitrary read or write operation from/to physical memory (leading to Escalation of Privileges, Denial of Service, Code Execution, and Information Disclosure) via a crafted Device IO Control packet to a device. | 7.2 |
| 2021-08-16 | CVE-2021-35392 | Out-of-bounds Write vulnerability in Realtek Jungle SDK Realtek Jungle SDK version v2.x up to v3.4.14B provides a 'WiFi Simple Config' server that implements both UPnP and SSDP protocols. | 7.8 |
| 2021-08-16 | CVE-2021-35393 | Out-of-bounds Write vulnerability in Realtek Jungle SDK Realtek Jungle SDK version v2.x up to v3.4.14B provides a 'WiFi Simple Config' server that implements both UPnP and SSDP protocols. | 10.0 |
| 2021-08-16 | CVE-2021-35394 | Unspecified vulnerability in Realtek Jungle SDK Realtek Jungle SDK version v2.x up to v3.4.14B provides a diagnostic tool called 'MP Daemon' that is usually compiled as 'UDPServer' binary. | 9.8 |
| 2021-08-16 | CVE-2021-35395 | Unspecified vulnerability in Realtek Jungle SDK Realtek Jungle SDK version v2.x up to v3.4.14B provides an HTTP web server exposing a management interface that can be used to configure the access point. | 9.8 |