Vulnerabilities > Realtek
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-30 | CVE-2019-18990 | Improper Authentication vulnerability in Realtek products A partial authentication bypass vulnerability exists on Realtek RTL8812AR 1.21WW, RTL8196D 1.0.0, RTL8192ER 2.10, and RTL8881AN 1.09 devices. | 4.8 |
| 2020-07-06 | CVE-2020-9395 | Classic Buffer Overflow vulnerability in Realtek products An issue was discovered on Realtek RTL8195AM, RTL8711AM, RTL8711AF, and RTL8710AF devices before 2.0.6. | 4.9 |
| 2020-06-08 | CVE-2020-12773 | Unspecified vulnerability in Realtek Adsl Router SOC Firmware A security misconfiguration vulnerability exists in the SDK of some Realtek ADSL/PON Modem SoC firmware, which allows attackers using a default password to execute arbitrary commands remotely via the build-in network monitoring tool. | 6.5 |
| 2020-02-12 | CVE-2019-11867 | NULL Pointer Dereference vulnerability in Realtek Ndis 10.1.505.2015 Realtek NDIS driver rt640x64.sys, file version 10.1.505.2015, fails to do any size checking on an input buffer from user space, which the driver assumes has a size greater than zero bytes. | 2.1 |
| 2020-01-27 | CVE-2019-19823 | Insufficiently Protected Credentials vulnerability in multiple products A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) stores cleartext administrative passwords in flash memory and in a file. | 5.0 |
| 2020-01-27 | CVE-2019-19822 | Missing Authentication for Critical Function vulnerability in multiple products A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) allows remote attackers to retrieve the configuration, including sensitive data (usernames and passwords). | 5.0 |
| 2017-11-13 | CVE-2017-3767 | Unspecified vulnerability in Realtek Audio Driver Firmware A local privilege escalation vulnerability was identified in the Realtek audio driver versions prior to 6.0.1.8224 in some Lenovo ThinkPad products. | 7.2 |
| 2015-05-01 | CVE-2014-8361 | The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023. | 9.8 |
| 2008-04-25 | CVE-2008-1932 | Numeric Errors vulnerability in Realtek HD Audio Codec Drivers Integer overflow in Realtek HD Audio Codec Drivers RTKVHDA.sys and RTKVHDA64.sys before 6.0.1.5605 on Windows Vista allows local users to execute arbitrary code via a crafted IOCTL request. | 6.8 |
| 2008-04-25 | CVE-2008-1931 | Permissions, Privileges, and Access Controls vulnerability in Realtek HD Audio Codec Drivers Realtek HD Audio Codec Drivers RTKVHDA.sys and RTKVHDA64.sys before 6.0.1.5605 on Windows Vista allow local users to create, write, and read registry keys via a crafted IOCTL request. | 6.8 |