Total
12264 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-45991 | 1 Tendacn | 4 G1, G1 Firmware, G3 and 1 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formAddVpnUsers. This vulnerability allows attackers to cause a Denial of Service (DoS) via the vpnUsers parameter. | |||||
| CVE-2021-45989 | 1 Tendacn | 4 G1, G1 Firmware, G3 and 1 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function guestWifiRuleRefresh. This vulnerability allows attackers to cause a Denial of Service (DoS) via the qosGuestUpstream and qosGuestDownstream parameters. | |||||
| CVE-2021-45988 | 1 Tendacn | 4 G1, G1 Firmware, G3 and 1 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formAddDnsForward. This vulnerability allows attackers to cause a Denial of Service (DoS) via the DnsForwardRule parameter. | |||||
| CVE-2021-45971 | 1 Insyde | 1 Insydeh2o | 2024-11-21 | 7.2 HIGH | 8.2 HIGH |
| An issue was discovered in SdHostDriver in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer (CommBufferData). | |||||
| CVE-2021-45970 | 1 Insyde | 1 Insydeh2o | 2024-11-21 | 7.2 HIGH | 8.2 HIGH |
| An issue was discovered in IdeBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer (the status code saved at the CommBuffer+4 location). | |||||
| CVE-2021-45969 | 1 Insyde | 1 Insydeh2o | 2024-11-21 | 7.2 HIGH | 8.2 HIGH |
| An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer (the CommBuffer+8 location). | |||||
| CVE-2021-45958 | 3 Debian, Fedoraproject, Ultrajson Project | 3 Debian Linux, Fedora, Ultrajson | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| UltraJSON (aka ujson) through 5.1.0 has a stack-based buffer overflow in Buffer_AppendIndentUnchecked (called from encode). Exploitation can, for example, use a large amount of indentation. | |||||
| CVE-2021-45957 | 1 Thekelleys | 1 Dnsmasq | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Dnsmasq 2.86 has a heap-based buffer overflow in answer_request (called from FuzzAnswerTheRequest and fuzz_rfc1035.c). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge. | |||||
| CVE-2021-45956 | 1 Thekelleys | 1 Dnsmasq | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Dnsmasq 2.86 has a heap-based buffer overflow in print_mac (called from log_packet and dhcp_reply). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge. | |||||
| CVE-2021-45955 | 1 Thekelleys | 1 Dnsmasq | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Dnsmasq 2.86 has a heap-based buffer overflow in resize_packet (called from FuzzResizePacket and fuzz_rfc1035.c) because of the lack of a proper bounds check upon pseudo header re-insertion. NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge." However, a contributor states that a security patch (mentioned in 016162.html) is needed | |||||
| CVE-2021-45954 | 1 Thekelleys | 1 Dnsmasq | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called from answer_auth and FuzzAuth). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge. | |||||
| CVE-2021-45953 | 1 Thekelleys | 1 Dnsmasq | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called from hash_questions and fuzz_util.c). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge. | |||||
| CVE-2021-45952 | 1 Thekelleys | 1 Dnsmasq | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Dnsmasq 2.86 has a heap-based buffer overflow in dhcp_reply (called from dhcp_packet and FuzzDhcp). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge. | |||||
| CVE-2021-45951 | 1 Thekelleys | 1 Dnsmasq | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Dnsmasq 2.86 has a heap-based buffer overflow in check_bad_address (called from check_for_bogus_wildcard and FuzzCheckForBogusWildcard). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge. | |||||
| CVE-2021-45950 | 1 Gnu | 1 Libredwg | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| LibreDWG 0.12.4.4313 through 0.12.4.4367 has an out-of-bounds write in dwg_free_BLOCK_private (called from dwg_free_BLOCK and dwg_free_object). | |||||
| CVE-2021-45949 | 2 Artifex, Debian | 2 Ghostscript, Debian Linux | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp). | |||||
| CVE-2021-45948 | 1 Assimp | 1 Assimp | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Open Asset Import Library (aka assimp) 5.1.0 and 5.1.1 has a heap-based buffer overflow in _m3d_safestr (called from m3d_load and Assimp::M3DWrapper::M3DWrapper). | |||||
| CVE-2021-45947 | 1 Wasm3 Project | 1 Wasm3 | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Wasm3 0.5.0 has an out-of-bounds write in Runtime_Release (called from EvaluateExpression and InitDataSegments). | |||||
| CVE-2021-45946 | 1 Wasm3 Project | 1 Wasm3 | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Wasm3 0.5.0 has an out-of-bounds write in CompileBlock (called from Compile_LoopOrBlock and CompileBlockStatements). | |||||
| CVE-2021-45943 | 4 Debian, Fedoraproject, Oracle and 1 more | 4 Debian Linux, Fedora, Spatial And Graph and 1 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile (called from PCIDSK::CPCIDSKSegment::ReadFromFile and PCIDSK::CPCIDSKBinarySegment::CPCIDSKBinarySegment). | |||||