Vulnerabilities (CVE)

Filtered by CWE-125
Total 7258 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-28600 2 Adobe, Microsoft 2 After Effects, Windows 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
Adobe After Effects version 18.2 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-28590 2 Adobe, Microsoft 2 Media Encoder, Windows 2024-11-21 6.8 MEDIUM 3.3 LOW
Adobe Media Encoder version 15.2 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-28589 2 Adobe, Microsoft 2 Media Encoder, Windows 2024-11-21 6.8 MEDIUM 3.3 LOW
Adobe Media Encoder version 15.2 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-28587 2 Adobe, Microsoft 2 After Effects, Windows 2024-11-21 4.3 MEDIUM 3.3 LOW
After Effects versions 18.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-28576 2 Adobe, Microsoft 2 Animate, Windows 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
Adobe Animate version 21.0.5 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-28575 2 Adobe, Microsoft 2 Animate, Windows 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
Adobe Animate version 21.0.5 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-28574 2 Adobe, Microsoft 2 Animate, Windows 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
Adobe Animate version 21.0.5 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-28573 2 Adobe, Microsoft 2 Animate, Windows 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
Adobe Animate version 21.0.5 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-28569 2 Adobe, Microsoft 2 Media Encoder, Windows 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
Adobe Media Encoder version 15.1 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-28565 3 Adobe, Apple, Microsoft 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more 2024-11-21 9.3 HIGH 4.3 MEDIUM
Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by an Out-of-bounds Read vulnerability in the PDFLibTool component. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-28557 3 Adobe, Apple, Microsoft 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to leak sensitive system information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-28555 3 Adobe, Apple, Microsoft 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to get access to sensitive information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-28554 3 Adobe, Apple, Microsoft 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more 2024-11-21 6.8 MEDIUM 7.8 HIGH
Acrobat Reader DC versions versions 2021.001.20155 (and earlier), 2020.001.30025 (and earlier) and 2017.011.30196 (and earlier) are affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-28551 3 Adobe, Apple, Microsoft 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more 2024-11-21 6.8 MEDIUM 7.8 HIGH
Acrobat Reader DC versions versions 2021.001.20155 (and earlier), 2020.001.30025 (and earlier) and 2017.011.30196 (and earlier) are affected by an Out-of-bounds read vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-28308 1 Fltk Project 1 Fltk 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
An issue was discovered in the fltk crate before 0.15.3 for Rust. There is an out-of bounds read because the pixmap constructor lacks pixmap input validation.
CVE-2021-28116 3 Debian, Fedoraproject, Squid-cache 3 Debian Linux, Fedora, Squid 2024-11-21 4.3 MEDIUM 3.7 LOW
Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data. This can be leveraged as part of a chain for remote code execution as nobody.
CVE-2021-27791 1 Broadcom 1 Fabric Operating System 2024-11-21 5.5 MEDIUM 5.4 MEDIUM
The function that is used to parse the Authentication header in Brocade Fabric OS Web application service before Brocade Fabric OS v9.0.1a and v8.2.3a fails to properly process a malformed authentication header from the client, resulting in reading memory addresses outside the intended range. An unauthenticated attacker could discover a request, which could bypass the authentication process.
CVE-2021-27629 1 Sap 1 Netweaver As Abap 2024-11-21 5.0 MEDIUM 7.5 HIGH
SAP NetWeaver ABAP Server and ABAP Platform (Enqueue Server), versions - KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7.53,7.73, allows an unauthenticated attacker without specific knowledge of the system to send a specially crafted packet over a network which will trigger an internal error in the system due to improper input validation in method EncPSetUnsupported() causing the system to crash and rendering it unavailable. In this attack, no data in the system can be viewed or modified.
CVE-2021-27606 1 Sap 1 Netweaver As Abap 2024-11-21 5.0 MEDIUM 7.5 HIGH
SAP NetWeaver ABAP Server and ABAP Platform (Enqueue Server), versions - KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7.53,7.73, allows an unauthenticated attacker without specific knowledge of the system to send a specially crafted packet over a network which will trigger an internal error in the system due to improper input validation in method EncOAMParamStore() causing the system to crash and rendering it unavailable. In this attack, no data in the system can be viewed or modified.
CVE-2021-27597 1 Sap 1 Netweaver Abap 2024-11-21 5.0 MEDIUM 7.5 HIGH
SAP NetWeaver AS for ABAP (RFC Gateway), versions - KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7.53,7.73,7.77,7.81,7.82,7.83, allows an unauthenticated attacker without specific knowledge of the system to send a specially crafted packet over a network which will trigger an internal error in the system due to improper input validation in method memmove() causing the system to crash and rendering it unavailable. In this attack, no data in the system can be viewed or modified.