Vulnerabilities > Realtek

DATE CVE VULNERABILITY TITLE RISK
2021-12-22 CVE-2021-39306 Out-of-bounds Write vulnerability in Realtek Rtl8195Am Firmware 2.0.10/2.0.6
A stack buffer overflow was discovered on Realtek RTL8195AM device before 2.0.10, it exists in the client code when an attacker sends a big size Authentication challenge text in WEP security.
network
low complexity
realtek CWE-787
7.5
2021-11-11 CVE-2021-43573 Classic Buffer Overflow vulnerability in Realtek Rtl8195Am Firmware 2.0.10/2.0.6
A buffer overflow was discovered on Realtek RTL8195AM devices before 2.0.10.
network
low complexity
realtek CWE-120
7.5
2021-11-02 CVE-2021-36922 Unspecified vulnerability in Realtek Rtsupx USB Utility Driver
RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve unauthorized access to USB devices (Escalation of Privileges, Denial of Service, Code Execution, and Information Disclosure) via a crafted Device IO Control packet to a device.
local
low complexity
realtek
7.2
2021-11-02 CVE-2021-36923 Unspecified vulnerability in Realtek Rtsupx USB Utility Driver
RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve unauthorized access to USB device privileged IN and OUT instructions (leading to Escalation of Privileges, Denial of Service, Code Execution, and Information Disclosure) via a crafted Device IO Control packet to a device.
local
low complexity
realtek
7.2
2021-11-02 CVE-2021-36924 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Realtek Rtsupx USB Utility Driver
RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve a pool overflow (leading to Escalation of Privileges, Denial of Service, and Code Execution) via a crafted Device IO Control packet to a device.
local
low complexity
realtek CWE-367
7.2
2021-11-02 CVE-2021-36925 Unspecified vulnerability in Realtek Rtsupx USB Utility Driver
RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve an arbitrary read or write operation from/to physical memory (leading to Escalation of Privileges, Denial of Service, Code Execution, and Information Disclosure) via a crafted Device IO Control packet to a device.
local
low complexity
realtek
7.2
2021-08-16 CVE-2021-35392 Out-of-bounds Write vulnerability in Realtek Jungle SDK
Realtek Jungle SDK version v2.x up to v3.4.14B provides a 'WiFi Simple Config' server that implements both UPnP and SSDP protocols.
network
low complexity
realtek CWE-787
7.8
2021-08-16 CVE-2021-35393 Out-of-bounds Write vulnerability in Realtek Jungle SDK
Realtek Jungle SDK version v2.x up to v3.4.14B provides a 'WiFi Simple Config' server that implements both UPnP and SSDP protocols.
network
low complexity
realtek CWE-787
critical
10.0
2021-08-16 CVE-2021-35394 Unspecified vulnerability in Realtek Jungle SDK
Realtek Jungle SDK version v2.x up to v3.4.14B provides a diagnostic tool called 'MP Daemon' that is usually compiled as 'UDPServer' binary.
network
low complexity
realtek
critical
9.8
2021-08-16 CVE-2021-35395 Unspecified vulnerability in Realtek Jungle SDK
Realtek Jungle SDK version v2.x up to v3.4.14B provides an HTTP web server exposing a management interface that can be used to configure the access point.
network
low complexity
realtek
critical
9.8