Total
13464 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-43215 | 1 Microsoft | 22 Windows 10, Windows 10 1507, Windows 10 1607 and 19 more | 2024-11-21 | 9.8 Critical |
| iSNS Server Memory Corruption Vulnerability Can Lead to Remote Code Execution | ||||
| CVE-2021-43174 | 2 Debian, Nlnetlabs | 2 Debian Linux, Routinator | 2024-11-21 | 7.5 High |
| NLnet Labs Routinator versions 0.9.0 up to and including 0.10.1, support the gzip transfer encoding when querying RRDP repositories. This encoding can be used by an RRDP repository to cause an out-of-memory crash in these versions of Routinator. RRDP uses XML which allows arbitrary amounts of white space in the encoded data. The gzip scheme compresses such white space extremely well, leading to very small compressed files that become huge when being decompressed for further processing, big enough that Routinator runs out of memory when parsing input data waiting for the next XML element. | ||||
| CVE-2021-43086 | 1 Arm | 1 Adaptive Scalable Texture Compression Encoder | 2024-11-21 | 9.8 Critical |
| ARM astcenc 3.2.0 is vulnerable to Buffer Overflow. When the compression function of the astc-encoder project with -cl option was used, a stack-buffer-overflow occurred in function encode_ise() in function compress_symbolic_block_for_partition_2planes() in "/Source/astcenc_compress_symbolic.cpp". | ||||
| CVE-2021-43071 | 1 Fortinet | 1 Fortiweb | 2024-11-21 | 8.8 High |
| A heap-based buffer overflow in Fortinet FortiWeb version 6.4.1 and 6.4.0, version 6.3.15 and below, version 6.2.6 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests to the LogReport API controller. | ||||
| CVE-2021-43018 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2024-11-21 | 7.8 High |
| Adobe Photoshop versions 23.0.2 and 22.5.4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious JPG file. | ||||
| CVE-2021-42756 | 1 Fortinet | 1 Fortiweb | 2024-11-21 | 9.3 Critical |
| Multiple stack-based buffer overflow vulnerabilities [CWE-121] in the proxy daemon of FortiWeb 5.x all versions, 6.0.7 and below, 6.1.2 and below, 6.2.6 and below, 6.3.16 and below, 6.4 all versions may allow an unauthenticated remote attacker to achieve arbitrary code execution via specifically crafted HTTP requests. | ||||
| CVE-2021-42739 | 6 Debian, Fedoraproject, Linux and 3 more | 10 Debian Linux, Fedora, Linux Kernel and 7 more | 2024-11-21 | 6.7 Medium |
| The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking. | ||||
| CVE-2021-42727 | 2 Adobe, Microsoft | 2 Robohelp Server, Windows | 2024-11-21 | 7.8 High |
| Adobe Bridge 11.1.1 (and earlier) is affected by a stack overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file in Bridge. | ||||
| CVE-2021-42707 | 1 We-con | 1 Plc Editor | 2024-11-21 | 7.8 High |
| PLC Editor Versions 1.3.8 and prior is vulnerable to an out-of-bounds write while processing project files, which may allow an attacker to execute arbitrary code. | ||||
| CVE-2021-42692 | 1 Tinytoml Project | 1 Tinytoml | 2024-11-21 | 6.5 Medium |
| There is a stack-overflow vulnerability in tinytoml v0.4 that can cause a crash or DoS. | ||||
| CVE-2021-42586 | 1 Gnu | 1 Libredwg | 2024-11-21 | 8.8 High |
| A heap buffer overflow was discovered in copy_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file. | ||||
| CVE-2021-42585 | 1 Gnu | 1 Libredwg | 2024-11-21 | 8.8 High |
| A heap buffer overflow was discovered in copy_compressed_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file. | ||||
| CVE-2021-42327 | 3 Fedoraproject, Linux, Netapp | 18 Fedora, Linux Kernel, H300e and 15 more | 2024-11-21 | 6.7 Medium |
| dp_link_settings_write in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c in the Linux kernel through 5.14.14 allows a heap-based buffer overflow by an attacker who can write a string to the AMD GPU display drivers debug filesystem. There are no checks on size within parse_write_buffer_into_params when it uses the size of copy_from_user to copy a userspace buffer into a 40-byte heap buffer. | ||||
| CVE-2021-42279 | 1 Microsoft | 14 Windows 10, Windows 10 1507, Windows 10 1607 and 11 more | 2024-11-21 | 4.2 Medium |
| Chakra Scripting Engine Memory Corruption Vulnerability | ||||
| CVE-2021-42204 | 1 Swftools | 1 Swftools | 2024-11-21 | 7.8 High |
| An issue was discovered in swftools through 20201222. A heap-buffer-overflow exists in the function swf_GetBits() located in rfxswf.c. It allows an attacker to cause code execution. | ||||
| CVE-2021-42201 | 1 Swftools | 1 Swftools | 2024-11-21 | 7.8 High |
| An issue was discovered in swftools through 20201222. A heap-buffer-overflow exists in the function swf_GetD64() located in rfxswf.c. It allows an attacker to cause code execution. | ||||
| CVE-2021-42199 | 1 Swftools | 1 Swftools | 2024-11-21 | 7.8 High |
| An issue was discovered in swftools through 20201222. A heap buffer overflow exists in the function swf_FontExtract_DefineTextCallback() located in swftext.c. It allows an attacker to cause code execution. | ||||
| CVE-2021-42195 | 1 Swftools | 1 Swftools | 2024-11-21 | 7.8 High |
| An issue was discovered in swftools through 20201222. A heap-buffer-overflow exists in the function handleEditText() located in swfdump.c. It allows an attacker to cause code Execution. | ||||
| CVE-2021-42076 | 1 Barrier Project | 1 Barrier | 2024-11-21 | 7.5 High |
| An issue was discovered in Barrier before 2.3.4. An attacker can cause memory exhaustion in the barriers component (aka the server-side implementation of Barrier) and barrierc by sending long TCP messages. | ||||
| CVE-2021-42069 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 3.3 Low |
| When a user opens manipulated Tagged Image File Format (.tif) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application | ||||