Vulnerabilities > Realtek > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-02 | CVE-2022-25480 | Out-of-bounds Write vulnerability in Realtek Rtsper and Rtsuer Vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before 10.0.22000.21355 and Realtek RtsUer driver for USB Card Reader (RtsUer.sys) before 10.0.22000.31274 allows writing to kernel memory beyond the SystemBuffer of the IRP. | 7.8 |
| 2023-08-22 | CVE-2020-26652 | Unspecified vulnerability in Realtek Rtl8812Au Firmware 5.6.4.2 An issue was discovered in function nl80211_send_chandef in rtl8812au v5.6.4.2 allows attackers to cause a denial of service. | 7.5 |
| 2023-01-03 | CVE-2022-40740 | Unspecified vulnerability in Realtek Usdk and Xpon Software Development KIT Realtek GPON router has insufficient filtering for special characters. | 7.2 |
| 2022-09-27 | CVE-2022-34326 | Unspecified vulnerability in Realtek Rtl8195Am Firmware 2.0.10/2.0.6 In ambiot amb1_sdk (aka SDK for Ameba1) before 2022-06-20 on Realtek RTL8195AM devices before 284241d70308ff2519e40afd7b284ba892c730a3, the timer task and RX task would be locked when there are frequent and continuous Wi-Fi connection (with four-way handshake) failures in Soft AP mode. | 7.5 |
| 2022-07-28 | CVE-2022-29558 | Command Injection vulnerability in Realtek Rtl819X Software Development KIT Realtek rtl819x-SDK before v3.6.1 allows command injection over the web interface. | 8.8 |
| 2021-11-02 | CVE-2021-36922 | Unspecified vulnerability in Realtek Rtsupx USB Utility Driver 1.14.0.0 RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve unauthorized access to USB devices (Escalation of Privileges, Denial of Service, Code Execution, and Information Disclosure) via a crafted Device IO Control packet to a device. | 7.8 |
| 2021-11-02 | CVE-2021-36923 | Unspecified vulnerability in Realtek Rtsupx USB Utility Driver 1.14.0.0 RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve unauthorized access to USB device privileged IN and OUT instructions (leading to Escalation of Privileges, Denial of Service, Code Execution, and Information Disclosure) via a crafted Device IO Control packet to a device. | 7.8 |
| 2021-11-02 | CVE-2021-36924 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Realtek Rtsupx USB Utility Driver 1.14.0.0 RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve a pool overflow (leading to Escalation of Privileges, Denial of Service, and Code Execution) via a crafted Device IO Control packet to a device. | 7.8 |
| 2021-11-02 | CVE-2021-36925 | Unspecified vulnerability in Realtek Rtsupx USB Utility Driver 1.14.0.0 RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve an arbitrary read or write operation from/to physical memory (leading to Escalation of Privileges, Denial of Service, Code Execution, and Information Disclosure) via a crafted Device IO Control packet to a device. | 7.8 |
| 2021-08-16 | CVE-2021-35392 | Out-of-bounds Write vulnerability in Realtek Jungle SDK Realtek Jungle SDK version v2.x up to v3.4.14B provides a 'WiFi Simple Config' server that implements both UPnP and SSDP protocols. | 7.5 |