Total
2146 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-41054 | 2 Atftp Project, Debian | 2 Atftp, Debian Linux | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
tftpd_file.c in atftp through 0.7.4 has a buffer overflow because buffer-size handling does not properly consider the combination of data, OACK, and other options. | |||||
CVE-2021-45530 | 1 Netgear | 24 R7000, R7000 Firmware, R7000p and 21 more | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R7000 before 1.0.11.126, R7960P before 1.4.2.84, R8000 before 1.0.4.74, RAX200 before 1.0.4.120, R8000P before 1.4.2.84, RAX20 before 1.0.2.82, RAX45 before 1.0.2.82, RAX80 before 1.0.4.120, R7900P before 1.4.2.84, RAX15 before 1.0.2.82, RAX50 before 1.0.2.82, and RAX75 before 1.0.4.120. | |||||
CVE-2021-20045 | 1 Sonicwall | 10 Sma 200, Sma 200 Firmware, Sma 210 and 7 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
A buffer overflow vulnerability in SMA100 sonicfiles RAC_COPY_TO (RacNumber 36) method allows a remote unauthenticated attacker to potentially execute code as the 'nobody' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances. | |||||
CVE-2021-20702 | 1 Nec | 4 Clusterpro X, Clusterpro X Singleserversafe, Expresscluster X and 1 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Buffer overflow vulnerability in the Transaction Server CLUSTERPRO X 4.3 for Windows and earlier, EXPRESSCLUSTER X 4.3 for Windows and earlier, CLUSTERPRO X 4.3 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 4.3 SingleServerSafe for Windows and earlier allows attacker to remote code execution via a network. | |||||
CVE-2021-43000 | 1 Amzetta | 1 Zportal Windows Zclient | 2023-12-10 | 7.2 HIGH | 8.8 HIGH |
Amzetta zPortal Windows zClient is affected by Buffer Overflow. IOCTL Handler 0x22001B in the Amzetta zPortal Windows zClient <= v3.2.8180.148 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet. | |||||
CVE-2021-34776 | 1 Cisco | 32 Business 220-16p-2g, Business 220-16p-2g Firmware, Business 220-16t-2g and 29 more | 2023-12-10 | 2.9 LOW | 4.3 MEDIUM |
Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business 220 Series Smart Switches. An unauthenticated, adjacent attacker could perform the following: Execute code on the affected device or cause it to reload unexpectedly Cause LLDP database corruption on the affected device For more information about these vulnerabilities, see the Details section of this advisory. Note: LLDP is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). Cisco has released firmware updates that address these vulnerabilities. | |||||
CVE-2021-3790 | 1 Binatoneglobal | 42 Cn28, Cn28 Firmware, Cn40 and 39 more | 2023-12-10 | 3.3 LOW | 6.5 MEDIUM |
A buffer overflow was reported in the local web server of some Motorola-branded Binatone Hubble Cameras that could allow an unauthenticated attacker on the same network to perform a denial-of-service attack against the device. | |||||
CVE-2020-21534 | 2 Debian, Xfig Project | 2 Debian Linux, Fig2dev | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
fig2dev 3.2.7b contains a global buffer overflow in the get_line function in read.c. | |||||
CVE-2021-45609 | 1 Netgear | 20 D8500, D8500 Firmware, R6250 and 17 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D8500 before 1.0.3.58, R6250 before 1.0.4.48, R7000 before 1.0.11.116, R7100LG before 1.0.0.64, R7900 before 1.0.4.38, R8300 before 1.0.2.144, R8500 before 1.0.2.144, XR300 before 1.0.3.68, R7000P before 1.3.2.132, and R6900P before 1.3.2.132. | |||||
CVE-2021-44428 | 1 Ipuptime | 1 Pinkie | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
Pinkie 2.15 allows remote attackers to cause a denial of service (daemon crash) via a TFTP read (RRQ) request, aka opcode 1. | |||||
CVE-2021-46526 | 1 Cesanta | 1 Mjs | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
Cesanta MJS v2.20.0 was discovered to contain a global buffer overflow via snquote at src/mjs_json.c. | |||||
CVE-2021-31624 | 1 Tendacn | 2 Ac9, Ac9 Firmware | 2023-12-10 | 5.8 MEDIUM | 8.8 HIGH |
Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.19(6318), and AC9 V3.0 V15.03.06.42_multi, allows attackers to execute arbitrary code via the urls parameter. | |||||
CVE-2021-35945 | 1 Couchbase | 1 Couchbase Server | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
Couchbase Server 6.5.x, 6.6.0 through 6.6.2, and 7.0.0, has a Buffer Overflow. A specially crafted network packet sent from an attacker can crash memcached. | |||||
CVE-2021-40029 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability. | |||||
CVE-2021-25494 | 1 Samsung | 1 Notes | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
A possible buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary code execution. | |||||
CVE-2021-1984 | 1 Qualcomm | 190 Apq8017, Apq8017 Firmware, Apq8053 and 187 more | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
Possible buffer overflow due to improper validation of index value while processing the plugin block in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables | |||||
CVE-2021-1909 | 1 Qualcomm | 654 Apq8009, Apq8009 Firmware, Apq8009w and 651 more | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
Buffer overflow occurs in trusted applications due to lack of length check of parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-42774 | 1 Broadcom | 1 Emulex Hba Manager | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, have a buffer overflow vulnerability in the remote firmware download feature that could allow remote unauthenticated users to perform various attacks. In non-secure mode, the user is unauthenticated. | |||||
CVE-2021-36333 | 1 Dell | 1 Emc Cloud Link | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
Dell EMC CloudLink 7.1 and all prior versions contain a Buffer Overflow Vulnerability. A local low privileged attacker, may potentially exploit this vulnerability, leading to an application crash. | |||||
CVE-2021-42772 | 1 Broadcom | 2 Emulex Hba Manager, One Command Manager | 2023-12-10 | 6.8 MEDIUM | 9.8 CRITICAL |
Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, have a buffer overflow vulnerability in the remote GetDumpFile command that could allow a user to attempt various attacks. In non-secure mode, the user is unauthenticated |