Total
9526 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-24164 | 1 Tendacn | 4 G1, G1 Firmware, G3 and 1 more | 2023-12-10 | 7.8 HIGH | 7.5 HIGH |
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetVirtualSer. This vulnerability allows attackers to cause a Denial of Service (DoS) via the DnsHijackRule parameter. | |||||
CVE-2021-38692 | 1 Qnap | 3 Qvr Elite, Qvr Guard, Qvr Pro | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of QVR Elite, QVR Pro, QVR Guard: QuTS hero h5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QuTS hero h4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 4.5.4: QVR Guard 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Guard 2.1.3.0 (2021/12/06) and later | |||||
CVE-2021-39574 | 1 Swftools | 1 Swftools | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
An issue was discovered in swftools through 20200710. A heap-buffer-overflow exists in the function pool_read() located in pool.c. It allows an attacker to cause code Execution. | |||||
CVE-2021-39275 | 6 Apache, Debian, Fedoraproject and 3 more | 11 Http Server, Debian Linux, Fedora and 8 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier. | |||||
CVE-2021-33265 | 1 Dlink | 2 Dir-809, Dir-809 Firmware | 2023-12-10 | 7.2 HIGH | 9.8 CRITICAL |
D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_20190410 were discovered to contain a stack buffer overflow vulnerability in the function FUN_80046eb4 in /formSetPortTr. This vulnerability is triggered via a crafted POST request. | |||||
CVE-2021-0956 | 1 Google | 1 Android | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
In NfcTag::discoverTechnologies (activation) of NfcTag.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additionalSystem execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-189942532 | |||||
CVE-2021-44013 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The DL180pdfl.dll contains an out of bounds write past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15103) | |||||
CVE-2021-39048 | 4 Hp, Ibm, Linux and 1 more | 6 Hp-ux, Aix, Spectrum Protect Backup-archive Client and 3 more | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
IBM Spectrum Protect Client 7.1 and 8.1 is vulnerable to a stack based buffer overflow, caused by improper bounds checking. A local attacker could exploit this vulnerability and cause a denial of service. IBM X-Force ID: 214438. | |||||
CVE-2021-45707 | 1 Nix Project | 1 Nix | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in the nix crate 0.16.0 and later before 0.20.2, 0.21.x before 0.21.2, and 0.22.x before 0.22.2 for Rust. unistd::getgrouplist has an out-of-bounds write if a user is in more than 16 /etc/groups groups. | |||||
CVE-2021-32626 | 5 Debian, Fedoraproject, Netapp and 2 more | 6 Debian Linux, Fedora, Management Services For Element Software and 3 more | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
Redis is an open source, in-memory database that persists on disk. In affected versions specially crafted Lua scripts executing in Redis can cause the heap-based Lua stack to be overflowed, due to incomplete checks for this condition. This can result with heap corruption and potentially remote code execution. This problem exists in all versions of Redis with Lua scripting support, starting from 2.6. The problem is fixed in versions 6.2.6, 6.0.16 and 5.0.14. For users unable to update an additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from executing Lua scripts. This can be done using ACL to restrict EVAL and EVALSHA commands. | |||||
CVE-2021-45939 | 1 Wolfssl | 1 Wolfmqtt | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_WaitType and MqttClient_Subscribe). | |||||
CVE-2021-30632 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
Out of bounds write in V8 in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
CVE-2021-29363 | 1 Irfanview | 1 Irfanview | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
A buffer overflow vulnerability in FORMATS!ReadRAS_W+0xa74 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.0xa74 | |||||
CVE-2021-38096 | 1 Corel | 1 Pdf Fusion | 2023-12-10 | 9.3 HIGH | 7.8 HIGH |
Coreip.dll in Corel PDF Fusion 2.6.2.0 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious PDF file. | |||||
CVE-2020-23899 | 1 Wildbit-soft | 1 Wildbit Viewer | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
A User Mode Write AV in Editor+0x5f91 of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tga file. | |||||
CVE-2021-0918 | 1 Google | 1 Android | 2023-12-10 | 8.3 HIGH | 8.8 HIGH |
In gatt_process_notification of gatt_cl.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-197536150 | |||||
CVE-2021-34896 | 1 Bentley | 2 Bentley View, Microstation | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14863. | |||||
CVE-2021-30717 | 1 Apple | 2 Mac Os X, Macos | 2023-12-10 | 6.8 MEDIUM | 8.1 HIGH |
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. An attacker in a privileged network position may be able to execute arbitrary code. | |||||
CVE-2021-43247 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server and 2 more | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
Windows TCP/IP Driver Elevation of Privilege Vulnerability | |||||
CVE-2021-45057 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
Adobe InDesign version 16.4 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious JPEG2000 file. |