Vulnerabilities (CVE)

Filtered by CWE-119
Total 12344 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-43015 3 Adobe, Apple, Microsoft 3 Incopy, Macos, Windows 2024-11-21 9.3 HIGH 7.8 HIGH
Adobe InCopy version 16.4 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious GIF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.
CVE-2021-43013 3 Adobe, Apple, Microsoft 3 Media Encoder, Macos, Windows 2024-11-21 9.3 HIGH 7.8 HIGH
Adobe Media Encoder version 15.4.1 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-43012 2 Adobe, Microsoft 2 Prelude, Windows 2024-11-21 9.3 HIGH 7.8 HIGH
Adobe Prelude version 10.1 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file.
CVE-2021-43011 2 Adobe, Microsoft 2 Prelude, Windows 2024-11-21 9.3 HIGH 7.8 HIGH
Adobe Prelude version 10.1 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file.
CVE-2021-42738 2 Adobe, Microsoft 2 Prelude, Windows 2024-11-21 9.3 HIGH 7.8 HIGH
Adobe Prelude version 10.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious MXF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.
CVE-2021-42737 2 Adobe, Microsoft 2 Prelude, Windows 2024-11-21 6.8 MEDIUM 7.8 HIGH
Adobe Prelude version 10.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious WAV file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.
CVE-2021-42730 2 Adobe, Microsoft 2 Bridge, Windows 2024-11-21 6.8 MEDIUM 7.8 HIGH
Adobe Bridge version 11.1.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious PSD file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
CVE-2021-42729 2 Adobe, Microsoft 2 Bridge, Windows 2024-11-21 6.8 MEDIUM 7.8 HIGH
Adobe Bridge version 11.1.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious WAV file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
CVE-2021-42726 2 Adobe, Microsoft 2 Media Encoder, Windows 2024-11-21 9.3 HIGH 7.8 HIGH
Adobe Bridge version 11.1.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious M4A file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
CVE-2021-42725 1 Adobe 1 Bridge 2024-11-21 6.8 MEDIUM 7.8 HIGH
Adobe Bridge version 11.1.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious M4A file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
CVE-2021-42724 2 Adobe, Microsoft 2 Bridge, Windows 2024-11-21 6.8 MEDIUM 7.8 HIGH
Adobe Bridge version 11.1.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
CVE-2021-42659 1 Tenda 2 Ac9, Ac9 Firmware 2024-11-21 6.1 MEDIUM 6.5 MEDIUM
There is a buffer overflow vulnerability in the Web server httpd of the router in Tenda router devices such as Tenda AC9 V1.0 V15.03.02.19(6318) and Tenda AC9 V3.0 V15.03.06.42_multi. When setting the virtual service, the httpd program will crash and exit when the super-long list parameter occurs.
CVE-2021-42527 3 Adobe, Apple, Microsoft 3 Premiere Elements, Macos, Windows 2024-11-21 9.3 HIGH 7.8 HIGH
Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
CVE-2021-42526 3 Adobe, Apple, Microsoft 3 Premiere Elements, Macos, Windows 2024-11-21 9.3 HIGH 7.8 HIGH
Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
CVE-2021-42267 1 Adobe 1 Animate 2024-11-21 9.3 HIGH 7.8 HIGH
Adobe Animate version 21.0.9 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious FLA file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
CVE-2021-42266 1 Adobe 1 Animate 2024-11-21 9.3 HIGH 7.8 HIGH
Adobe Animate version 21.0.9 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious FLA file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
CVE-2021-42262 1 Softing 3 Datafeed Opc Suite, Opc Ua C\+\+ Software Development Kit, Secure Integration Server 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
An issue was discovered in Softing OPC UA C++ SDK before 5.70. An invalid XML element in the type dictionary makes the OPC/UA client crash due to an out-of-memory condition.
CVE-2021-41839 1 Insyde 1 Insydeh2o 2024-11-21 4.6 MEDIUM 8.2 HIGH
An issue was discovered in NvmExpressDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. Because of an Untrusted Pointer Dereference that causes SMM memory corruption, an attacker may be able to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.
CVE-2021-41838 2 Insyde, Siemens 29 Insydeh2o, Simatic Field Pg M5, Simatic Field Pg M5 Firmware and 26 more 2024-11-21 7.2 HIGH 8.2 HIGH
An issue was discovered in SdHostDriver in the kernel 5.0 through 5.5 in Insyde InsydeH2O. There is an SMM callout that allows an attacker to access the System Management Mode and execute arbitrary code. This occurs because of a Numeric Range Comparison Without a Minimum Check.
CVE-2021-41837 2 Insyde, Siemens 29 Insydeh2o, Simatic Field Pg M5, Simatic Field Pg M5 Firmware and 26 more 2024-11-21 7.2 HIGH 8.2 HIGH
An issue was discovered in AhciBusDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. Because of an Untrusted Pointer Dereference that causes SMM memory corruption, an attacker may be able to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.