Total
9629 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-42585 | 1 Gnu | 1 Libredwg | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
A heap buffer overflow was discovered in copy_compressed_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file. | |||||
CVE-2021-0116 | 2 Intel, Netapp | 1360 Atom C3308, Atom C3308 Firmware, Atom C3336 and 1357 more | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
Out-of-bounds write in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access. | |||||
CVE-2022-27532 | 1 Autodesk | 1 3ds Max | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
A maliciously crafted TIF file in Autodesk 3ds Max 2022 and 2021 can be used to write beyond the allocated buffer while parsing TIF files. This vulnerability in conjunction with other vulnerabilities could lead to arbitrary code execution. | |||||
CVE-2021-45391 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
A Buffer Overflow vulnerability exists in Tenda Router AX12 V22.03.01.21_CN in the sub_422CE4 function in the goform/setIPv6Status binary file /usr/sbin/httpd via the conType parameter, which causes a Denial of Service. | |||||
CVE-2022-26181 | 1 Dropbox | 1 Lepton | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
Dropbox Lepton v1.2.1-185-g2a08b77 was discovered to contain a heap-buffer-overflow in the function aligned_dealloc():src/lepton/bitops.cc:108. | |||||
CVE-2022-28085 | 1 Htmldoc Project | 1 Htmldoc | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
A flaw was found in htmldoc commit 31f7804. A heap buffer overflow in the function pdf_write_names in ps-pdf.cxx may lead to arbitrary code execution and Denial of Service (DoS). | |||||
CVE-2022-27286 | 1 Dlink | 2 Dir-619 Ax, Dir-619 Ax Firmware | 2023-12-10 | 7.8 HIGH | 7.5 HIGH |
D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formSetWanNonLogin. This vulnerability allows attackers to cause a Denial of Service (DoS) via the curTime parameter. | |||||
CVE-2022-25788 | 1 Autodesk | 11 Advance Steel, Autocad, Autocad Architecture and 8 more | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
A maliciously crafted JT file in Autodesk AutoCAD 2022 may be used to write beyond the allocated buffer while parsing JT files. This vulnerability can be exploited to execute arbitrary code. | |||||
CVE-2021-42195 | 1 Swftools | 1 Swftools | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
An issue was discovered in swftools through 20201222. A heap-buffer-overflow exists in the function handleEditText() located in swfdump.c. It allows an attacker to cause code Execution. | |||||
CVE-2022-1943 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
A flaw out of bounds memory write in the Linux kernel UDF file system functionality was found in the way user triggers some file operation which triggers udf_write_fi(). A local user could use this flaw to crash the system or potentially | |||||
CVE-2022-28193 | 1 Nvidia | 3 Jetson Agx Xavier, Jetson Linux, Jetson Xavier Nx | 2023-12-10 | 4.6 MEDIUM | 5.6 MEDIUM |
NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot module tegrabl_cbo.c, where insufficient validation of untrusted data may allow a local attacker with elevated privileges to cause a memory buffer overflow, which may lead to code execution, loss of integrity, limited denial of service, and some impact to confidentiality. | |||||
CVE-2021-30322 | 1 Qualcomm | 196 Aqt1000, Aqt1000 Firmware, Ar8035 and 193 more | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
Possible out of bounds write due to improper validation of number of GPIOs configured in an internal parameters array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
CVE-2022-25465 | 1 Espruino | 1 Espruino | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
Espruino 2v11 release was discovered to contain a stack buffer overflow via src/jsvar.c in jsvGetNextSibling. | |||||
CVE-2021-44048 | 1 Opendesign | 1 Drawings Explorer | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
An out-of-bounds write vulnerability exists when reading a TIF file using Open Design Alliance (ODA) Drawings Explorer before 2022.11. The specific issue exists after loading TIF files. Crafted data in a TIF file can trigger a write operation past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. | |||||
CVE-2021-44046 | 1 Opendesign | 1 Prc Sdk | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
An out-of-bounds write vulnerability exists when reading U3D files in Open Design Alliance PRC SDK before 2022.11. An unchecked return value of a function (verifying input data from a U3D file) leads to an out-of-bounds write. An attacker can leverage this vulnerability to execute code in the context of the current process. | |||||
CVE-2021-39558 | 1 Swftools | 1 Swftools | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
An issue was discovered in swftools through 20200710. A stack-buffer-overflow exists in the function VectorGraphicOutputDev::drawGeneralImage() located in VectorGraphicOutputDev.cc. It allows an attacker to cause code Execution. | |||||
CVE-2021-43983 | 1 We-con | 1 Levistudiou | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to multiple stack-based buffer overflow instances while parsing project files, which may allow an attacker to execute arbitrary code. | |||||
CVE-2021-38419 | 1 Fujielectric | 2 V-server, V-simulator | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0.12.0 is vulnerable to an out-of-bounds write, which can result in data corruption, a system crash, or code execution. | |||||
CVE-2021-30291 | 1 Qualcomm | 180 Apq8017, Apq8017 Firmware, Apq8053 and 177 more | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
Possible memory corruption due to lack of validation of client data used for memory allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables | |||||
CVE-2021-34905 | 1 Bentley | 2 Bentley View, Microstation | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14878. |