Total
7208 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-36019 | 2 Adobe, Microsoft | 2 After Effects, Windows | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| Adobe After Effects version 18.2.1 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-36018 | 2 Adobe, Microsoft | 2 After Effects, Windows | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| Adobe After Effects version 18.2.1 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-36016 | 2 Adobe, Microsoft | 2 Media Encoder, Windows | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| Adobe Media Encoder version 15.2 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to read arbitrary file system information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-36013 | 1 Adobe | 1 Media Encoder | 2024-11-21 | 6.8 MEDIUM | 3.3 LOW |
| Adobe Media Encoder version 15.2 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-36010 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| Adobe Illustrator version 25.2.3 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-36003 | 2 Adobe, Microsoft | 2 Audition, Windows | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Adobe Audition version 14.2 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-36001 | 2 Adobe, Microsoft | 2 Character Animator, Windows | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| Adobe Character Animator version 4.2 (and earlier) is affected by an out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-35992 | 2 Adobe, Microsoft | 2 Bridge, Windows | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| Adobe Bridge version 11.0.2 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-35988 | 1 Adobe | 2 Acrobat Dc, Acrobat Reader Dc | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-35987 | 1 Adobe | 2 Acrobat Dc, Acrobat Reader Dc | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-35940 | 2 Apache, Oracle | 2 Portable Runtime, Http Server | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
| An out-of-bounds array read in the apr_time_exp*() functions was fixed in the Apache Portable Runtime 1.6.3 release (CVE-2017-12613). The fix for this issue was not carried forward to the APR 1.7.x branch, and hence version 1.7.0 regressed compared to 1.6.3 and is vulnerable to the same issue. | |||||
| CVE-2021-35452 | 2 Debian, Struktur | 2 Debian Linux, Libde265 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An Incorrect Access Control vulnerability exists in libde265 v1.0.8 due to a SEGV in slice.cc. | |||||
| CVE-2021-35119 | 1 Qualcomm | 165 Aqt1000, Aqt1000 Firmware, Ar8035 and 162 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Potential out of Bounds read in FIPS event processing due to improper validation of the length from the firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2021-35117 | 1 Qualcomm | 204 Apq8096au, Apq8096au Firmware, Aqt1000 and 201 more | 2024-11-21 | 9.4 HIGH | 8.2 HIGH |
| An Out of Bounds read may potentially occur while processing an IBSS beacon, in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music | |||||
| CVE-2021-35106 | 1 Qualcomm | 224 Aqt1000, Aqt1000 Firmware, Ar8031 and 221 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Possible out of bound read due to improper length calculation of WMI message. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2021-35100 | 1 Qualcomm | 240 Apq8009w, Apq8009w Firmware, Apq8017 and 237 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| Possible buffer over read due to improper calculation of string length while parsing Id3 tag in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2021-35088 | 1 Qualcomm | 370 Aqt1000, Aqt1000 Firmware, Ar8035 and 367 more | 2024-11-21 | 6.4 MEDIUM | 8.2 HIGH |
| Possible out of bound read due to improper validation of IE length during SSID IE parse when channel is DFS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-35086 | 1 Qualcomm | 110 Ar8035, Ar8035 Firmware, Qca6390 and 107 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| Possible buffer over read due to improper validation of SIB type when processing a NR system Information message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2021-35085 | 1 Qualcomm | 140 Aqt1000, Aqt1000 Firmware, Ar8035 and 137 more | 2024-11-21 | 3.6 LOW | 5.5 MEDIUM |
| Possible buffer overflow due to lack of buffer length check during management frame Rx handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2021-35084 | 1 Qualcomm | 184 Aqt1000, Aqt1000 Firmware, Ar8031 and 181 more | 2024-11-21 | 3.6 LOW | 5.5 MEDIUM |
| Possible out of bound read due to lack of length check of data length for a DIAG event in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music | |||||