Total
12264 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-42586 | 1 Gnu | 1 Libredwg | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| A heap buffer overflow was discovered in copy_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file. | |||||
| CVE-2021-42585 | 1 Gnu | 1 Libredwg | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| A heap buffer overflow was discovered in copy_compressed_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file. | |||||
| CVE-2021-42554 | 2 Insyde, Siemens | 31 Insydeh2o, Ruggedcom Ape1808, Ruggedcom Ape1808 Firmware and 28 more | 2024-11-21 | 7.2 HIGH | 8.2 HIGH |
| An issue was discovered in Insyde InsydeH2O with Kernel 5.0 before 05.08.42, Kernel 5.1 before 05.16.42, Kernel 5.2 before 05.26.42, Kernel 5.3 before 05.35.42, Kernel 5.4 before 05.42.51, and Kernel 5.5 before 05.50.51. An SMM memory corruption vulnerability in FvbServicesRuntimeDxe allows a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM. | |||||
| CVE-2021-42524 | 2 Adobe, Microsoft | 2 Animate, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Adobe Animate version 21.0.9 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious BMP file. | |||||
| CVE-2021-42327 | 3 Fedoraproject, Linux, Netapp | 18 Fedora, Linux Kernel, H300e and 15 more | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| dp_link_settings_write in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c in the Linux kernel through 5.14.14 allows a heap-based buffer overflow by an attacker who can write a string to the AMD GPU display drivers debug filesystem. There are no checks on size within parse_write_buffer_into_params when it uses the size of copy_from_user to copy a userspace buffer into a 40-byte heap buffer. | |||||
| CVE-2021-42279 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2024-11-21 | 5.1 MEDIUM | 4.2 MEDIUM |
| Chakra Scripting Engine Memory Corruption Vulnerability | |||||
| CVE-2021-42272 | 2 Adobe, Microsoft | 2 Animate, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Adobe Animate version 21.0.9 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious GIF file. | |||||
| CVE-2021-42271 | 1 Adobe | 1 Animate | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Adobe Animate version 21.0.9 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious BMP file. | |||||
| CVE-2021-42270 | 1 Adobe | 1 Animate | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Adobe Animate version 21.0.9 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious BMP file. | |||||
| CVE-2021-42204 | 1 Swftools | 1 Swftools | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in swftools through 20201222. A heap-buffer-overflow exists in the function swf_GetBits() located in rfxswf.c. It allows an attacker to cause code execution. | |||||
| CVE-2021-42201 | 1 Swftools | 1 Swftools | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in swftools through 20201222. A heap-buffer-overflow exists in the function swf_GetD64() located in rfxswf.c. It allows an attacker to cause code execution. | |||||
| CVE-2021-42199 | 1 Swftools | 1 Swftools | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in swftools through 20201222. A heap buffer overflow exists in the function swf_FontExtract_DefineTextCallback() located in swftext.c. It allows an attacker to cause code execution. | |||||
| CVE-2021-42195 | 1 Swftools | 1 Swftools | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in swftools through 20201222. A heap-buffer-overflow exists in the function handleEditText() located in swfdump.c. It allows an attacker to cause code Execution. | |||||
| CVE-2021-42076 | 1 Barrier Project | 1 Barrier | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Barrier before 2.3.4. An attacker can cause memory exhaustion in the barriers component (aka the server-side implementation of Barrier) and barrierc by sending long TCP messages. | |||||
| CVE-2021-42069 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| When a user opens manipulated Tagged Image File Format (.tif) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application | |||||
| CVE-2021-42059 | 2 Insyde, Siemens | 29 Insydeh2o, Simatic Field Pg M5, Simatic Field Pg M5 Firmware and 26 more | 2024-11-21 | 7.2 HIGH | 6.7 MEDIUM |
| An issue was discovered in Insyde InsydeH2O Kernel 5.0 before 05.08.41, Kernel 5.1 before 05.16.41, Kernel 5.2 before 05.26.41, Kernel 5.3 before 05.35.41, and Kernel 5.4 before 05.42.20. A stack-based buffer overflow leads toarbitrary code execution in UEFI DisplayTypeDxe DXE driver. | |||||
| CVE-2021-42028 | 1 Siemens-healthineers | 1 Syngo Fastview | 2024-11-21 | N/A | 7.8 HIGH |
| A vulnerability has been identified in syngo fastView (All versions). The affected application lacks proper validation of user-supplied data when parsing BMP files. This could result in an out-of-bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-14860) | |||||
| CVE-2021-42024 | 1 Siemens | 1 Simcenter Star-ccm\+ Viewer | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in Simcenter STAR-CCM+ Viewer (All versions < 2021.3.1). The starview+.exe application lacks proper validation of user-supplied data when parsing scene files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2021-42012 | 1 Trendmicro | 3 Apex One, Worry-free Business Security, Worry-free Business Security Services | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| A stack-based buffer overflow vulnerability in Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
| CVE-2021-42008 | 3 Debian, Linux, Netapp | 20 Debian Linux, Linux Kernel, H300e and 17 more | 2024-11-21 | 6.9 MEDIUM | 7.8 HIGH |
| The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access. | |||||