Total
9609 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-30516 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
Heap buffer overflow in History in Google Chrome prior to 90.0.4430.212 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | |||||
CVE-2021-38524 | 1 Netgear | 26 Mk62, Mk62 Firmware, Mr60 and 23 more | 2023-12-10 | 4.0 MEDIUM | 4.9 MEDIUM |
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects MK62 before 1.0.6.110, MR60 before 1.0.6.110, MS60 before 1.0.6.110, RAX15 before 1.0.2.82, RAX20 before 1.0.2.82, RAX200 before 1.0.3.106, RAX45 before 1.0.2.32, RAX50 before 1.0.2.32, RAX75 before 1.0.3.106, RAX80 before 1.0.3.106, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, and RBS750 before 3.2.16.6. | |||||
CVE-2020-21832 | 1 Gnu | 1 Libredwg | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2417. | |||||
CVE-2021-1844 | 3 Apple, Debian, Fedoraproject | 8 Ipados, Iphone Os, Macos and 5 more | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
CVE-2020-13600 | 1 Zephyrproject | 1 Zephyr | 2023-12-10 | 7.2 HIGH | 7.6 HIGH |
Malformed SPI in response for eswifi can corrupt kernel memory. Zephyr versions >= 1.14.2, >= 2.3.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hx4p-j86p-2mhr | |||||
CVE-2021-29577 | 1 Google | 1 Tensorflow | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.AvgPool3DGrad` is vulnerable to a heap buffer overflow. The implementation(https://github.com/tensorflow/tensorflow/blob/d80ffba9702dc19d1fac74fc4b766b3fa1ee976b/tensorflow/core/kernels/pooling_ops_3d.cc#L376-L450) assumes that the `orig_input_shape` and `grad` tensors have similar first and last dimensions but does not check that this assumption is validated. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range. | |||||
CVE-2021-34329 | 1 Siemens | 3 Jt2go, Solid Edge, Teamcenter Visualization | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
A vulnerability has been identified in JT2Go (All versions < V13.2), Solid Edge SE2021 (All Versions < SE2021MP5), Teamcenter Visualization (All versions < V13.2). The plmxmlAdapterSE70.dll library in affected applications lacks proper validation of user-supplied data when parsing PAR files. This could result in an out of bounds write past the fixed-length heap-based buffer. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13427) | |||||
CVE-2021-30759 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
A stack overflow was addressed with improved input validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. Processing a maliciously crafted font file may lead to arbitrary code execution. | |||||
CVE-2021-31342 | 1 Siemens | 4 Solid Edge Se2020, Solid Edge Se2020 Firmware, Solid Edge Se2021 and 1 more | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
The ugeom2d.dll library in all versions of Solid Edge SE2020 before 2020MP14 and all versions of Solid Edge SE2021 before SE2021MP5 lack proper validation of user-supplied data when parsing DFT files. This could result in an out-of-bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. | |||||
CVE-2021-34309 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Tiff_loader.dll library in affected applications lacks proper validation of user-supplied data when parsing TIFF files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13350) | |||||
CVE-2021-20305 | 5 Debian, Fedoraproject, Netapp and 2 more | 6 Debian Linux, Fedora, Active Iq Unified Manager and 3 more | 2023-12-10 | 6.8 MEDIUM | 8.1 HIGH |
A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability. | |||||
CVE-2021-29984 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
Instruction reordering resulted in a sequence of instructions that would cause an object to be incorrectly considered during garbage collection. This led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.13, Thunderbird < 91, Firefox ESR < 78.13, and Firefox < 91. | |||||
CVE-2021-1916 | 1 Qualcomm | 364 Apq8009, Apq8009 Firmware, Apq8009w and 361 more | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
Possible buffer underflow due to lack of check for negative indices values when processing user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2021-23987 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
Mozilla developers and community members reported memory safety bugs present in Firefox 86 and Firefox ESR 78.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 78.9, Firefox < 87, and Thunderbird < 78.9. | |||||
CVE-2021-3491 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2023-12-10 | 7.2 HIGH | 8.8 HIGH |
The io_uring subsystem in the Linux kernel allowed the MAX_RW_COUNT limit to be bypassed in the PROVIDE_BUFFERS operation, which led to negative values being usedin mem_rw when reading /proc/<PID>/mem. This could be used to create a heap overflow leading to arbitrary code execution in the kernel. It was addressed via commit d1f82808877b ("io_uring: truncate lengths larger than MAX_RW_COUNT on provide buffers") (v5.13-rc1) and backported to the stable kernels in v5.12.4, v5.11.21, and v5.10.37. It was introduced in ddf0322db79c ("io_uring: add IORING_OP_PROVIDE_BUFFERS") (v5.7-rc1). | |||||
CVE-2021-32939 | 1 Fatek | 1 Fvdesigner | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
FATEK Automation FvDesigner, Versions 1.5.88 and prior is vulnerable to an out-of-bounds write while processing project files, allowing an attacker to craft a project file that may permit arbitrary code execution. | |||||
CVE-2020-36431 | 1 Unicorn-engine | 1 Unicorn Engine | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
Unicorn Engine 1.0.2 has an out-of-bounds write in helper_wfe_arm. | |||||
CVE-2021-34317 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The BMP_loader.dll library in affected applications lacks proper validation of user-supplied data when parsing PCX files. This could result in an out of bounds write past the fixed-length heap-based buffer. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13402) | |||||
CVE-2021-28586 | 2 Adobe, Microsoft | 2 After Effects, Windows | 2023-12-10 | 9.3 HIGH | 7.8 HIGH |
After Effects version 18.0 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2021-1527 | 1 Cisco | 1 Webex Player | 2023-12-10 | 5.8 MEDIUM | 6.1 MEDIUM |
A vulnerability in Cisco Webex Player for Windows and MacOS could allow an attacker to cause the affected software to terminate or to gain access to memory state information that is related to the vulnerable application. The vulnerability is due to insufficient validation of values in Webex recording files that are stored in Webex Recording Format (WRF). An attacker could exploit this vulnerability by sending a malicious WRF file to a user as a link or email attachment and then persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to crash the affected software and view memory state information. |