** UNSUPPORTED WHEN ASSIGNED ** AdTran Personal Phone Manager 10.8.1 software is vulnerable to an issue that allows for exfiltration of data over DNS. This could allow for exposed AdTran Personal Phone Manager web servers to be used as DNS redirectors to tunnel arbitrary data over DNS. NOTE: The affected appliances NetVanta 7060 and NetVanta 7100 are considered End of Life and as such this issue will not be patched.
NVD-CWE-noinfo
CVE-2021-25476
An information disclosure vulnerability in Widevine TA log prior to SMR Oct-2021 Release 1 allows attackers to bypass the ASLR protection mechanism in TEE.
CVE-2021-25486
Exposure of information vulnerability in ipcdump prior to SMR Oct-2021 Release 1 allows an attacker detect device information via analyzing packet in log.
CVE-2021-25499
Intent redirection vulnerability in SamsungAccountSDKSigninActivity of Galaxy Store prior to version 4.5.32.4 allows attacker to access content provider of Galaxy Store.
CVE-2021-25527
Improper export of Android application components vulnerability in Samsung Pay (India only) prior to version 4.1.77 allows attacker to access Bill Pay and Recharge menu without authentication.
CVE-2021-25464
An improper file management vulnerability in SamsungCapture prior to version 4.8.02 allows sensitive information leak.
