Total
5654 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-46579 | 1 Bentley | 3 Microstation, Microstation Connect, View | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15373. | |||||
| CVE-2021-46578 | 1 Bentley | 3 Microstation, Microstation Connect, View | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15372. | |||||
| CVE-2021-46575 | 1 Bentley | 3 Microstation, Microstation Connect, View | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15369. | |||||
| CVE-2021-46573 | 1 Bentley | 3 Microstation, Microstation Connect, View | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15367. | |||||
| CVE-2021-46571 | 1 Bentley | 3 Microstation, Microstation Connect, View | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15365. | |||||
| CVE-2021-46567 | 1 Bentley | 3 Microstation, Microstation Connect, View | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15028. | |||||
| CVE-2021-46525 | 1 Cesanta | 1 Mjs | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Cesanta MJS v2.20.0 was discovered to contain a heap-use-after-free via mjs_apply at src/mjs_exec.c. | |||||
| CVE-2021-46503 | 1 Jsish | 1 Jsish | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Jsish v3.5.0 was discovered to contain a heap-use-after-free via /usr/lib/x86_64-linux-gnu/libasan.so.4+0x79732. This vulnerability can lead to a Denial of Service (DoS). | |||||
| CVE-2021-46502 | 1 Jsish | 1 Jsish | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Jsish v3.5.0 was discovered to contain a heap-use-after-free via /usr/lib/x86_64-linux-gnu/libasan.so.4+0x5166d. This vulnerability can lead to a Denial of Service (DoS). | |||||
| CVE-2021-46501 | 1 Jsish | 1 Jsish | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Jsish v3.5.0 was discovered to contain a heap-use-after-free via SortSubCmd in src/jsiArray.c. This vulnerability can lead to a Denial of Service (DoS). | |||||
| CVE-2021-46500 | 1 Jsish | 1 Jsish | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Jsish v3.5.0 was discovered to contain a heap-use-after-free via jsi_ArgTypeCheck in src/jsiFunc.c. This vulnerability can lead to a Denial of Service (DoS). | |||||
| CVE-2021-46499 | 1 Jsish | 1 Jsish | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Jsish v3.5.0 was discovered to contain a heap-use-after-free via jsi_ValueCopyMove in src/jsiValue.c. This vulnerability can lead to a Denial of Service (DoS). | |||||
| CVE-2021-46498 | 1 Jsish | 1 Jsish | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Jsish v3.5.0 was discovered to contain a heap-use-after-free via jsi_wswebsocketObjFree in src/jsiWebSocket.c. This vulnerability can lead to a Denial of Service (DoS). | |||||
| CVE-2021-46497 | 1 Jsish | 1 Jsish | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Jsish v3.5.0 was discovered to contain a heap-use-after-free via jsi_UserObjDelete in src/jsiUserObj.c. This vulnerability can lead to a Denial of Service (DoS). | |||||
| CVE-2021-46496 | 1 Jsish | 1 Jsish | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Jsish v3.5.0 was discovered to contain a heap-use-after-free via Jsi_ObjFree in src/jsiObj.c. This vulnerability can lead to a Denial of Service (DoS). | |||||
| CVE-2021-46495 | 1 Jsish | 1 Jsish | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Jsish v3.5.0 was discovered to contain a heap-use-after-free via DeleteTreeValue in src/jsiObj.c. This vulnerability can lead to a Denial of Service (DoS). | |||||
| CVE-2021-46494 | 1 Jsish | 1 Jsish | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Jsish v3.5.0 was discovered to contain a heap-use-after-free via jsi_ValueLookupBase in src/jsiValue.c. This vulnerability can lead to a Denial of Service (DoS). | |||||
| CVE-2021-46489 | 1 Jsish | 1 Jsish | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Jsish v3.5.0 was discovered to contain a heap-use-after-free via Jsi_DecrRefCount in src/jsiValue.c. This vulnerability can lead to a Denial of Service (DoS). | |||||
| CVE-2021-46484 | 1 Jsish | 1 Jsish | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Jsish v3.5.0 was discovered to contain a heap-use-after-free via Jsi_IncrRefCount in src/jsiValue.c. This vulnerability can lead to a Denial of Service (DoS). | |||||
| CVE-2021-46242 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| HDF5 v1.13.1-1 was discovered to contain a heap-use-after free via the component H5AC_unpin_entry. | |||||