Total
12261 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-36584 | 1 Gpac | 1 Gpac | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in GPAC 1.0.1. There is a heap-based buffer overflow in the function gp_rtp_builder_do_tx3g function in ietf/rtp_pck_3gpp.c, as demonstrated by MP4Box. This can cause a denial of service (DOS). | |||||
| CVE-2021-36531 | 1 Miniupnp Project | 1 Ngiflib | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| ngiflib 0.4 has a heap overflow in GetByte() at ngiflib.c:70 in NGIFLIB_NO_FILE mode, GetByte() reads memory buffer without checking the boundary. | |||||
| CVE-2021-36530 | 1 Miniupnp Project | 1 Ngiflib | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| ngiflib 0.4 has a heap overflow in GetByteStr() at ngiflib.c:108 in NGIFLIB_NO_FILE mode, GetByteStr() copy memory buffer without checking the boundary. | |||||
| CVE-2021-36417 | 1 Gpac | 1 Gpac | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A heap-based buffer overflow vulnerability exists in GPAC v1.0.1 in the gf_isom_dovi_config_get function in MP4Box, which causes a denial of service or execute arbitrary code via a crafted file. | |||||
| CVE-2021-36414 | 1 Gpac | 1 Gpac | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A heab-based buffer overflow vulnerability exists in MP4Box in GPAC 1.0.1 via media.c, which allows attackers to cause a denial of service or execute arbitrary code via a crafted file. | |||||
| CVE-2021-36412 | 1 Gpac | 1 Gpac | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A heap-based buffer overflow vulnerability exists in MP4Box in GPAC 1.0.1 via the gp_rtp_builder_do_mpeg12_video function, which allows attackers to possibly have unspecified other impact via a crafted file in the MP4Box command, | |||||
| CVE-2021-36410 | 2 Debian, Struktur | 2 Debian Linux, Libde265 | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| A stack-buffer-overflow exists in libde265 v1.0.8 via fallback-motion.cc in function put_epel_hv_fallback when running program dec265. | |||||
| CVE-2021-36347 | 1 Dell | 4 Integrated Dell Remote Access Controller 8, Integrated Dell Remote Access Controller 8 Firmware, Integrated Dell Remote Access Controller 9 and 1 more | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| iDRAC9 versions prior to 5.00.20.00 and iDRAC8 versions prior to 2.82.82.82 contain a stack-based buffer overflow vulnerability. An authenticated remote attacker with high privileges could potentially exploit this vulnerability to control process execution and gain access to the iDRAC operating system. | |||||
| CVE-2021-36301 | 1 Dell | 2 Emc Idrac8 Firmware, Emc Idrac9 Firmware | 2024-11-21 | 6.5 MEDIUM | 5.9 MEDIUM |
| Dell iDRAC 9 prior to version 4.40.40.00 and iDRAC 8 prior to version 2.80.80.80 contain a Stack Buffer Overflow in Racadm. An authenticated remote attacker may potentially exploit this vulnerability to control process execution and gain access to the underlying operating system. | |||||
| CVE-2021-36218 | 1 Skale | 1 Sgxwallet | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in SKALE sgxwallet 1.58.3. sgx_disp_ippsAES_GCMEncrypt allows an out-of-bounds write, resulting in a segfault and compromised enclave. This issue describes a buffer overflow, which was resolved prior to v1.77.0 and not reproducible in latest sgxwallet v1.77.0 | |||||
| CVE-2021-36194 | 1 Fortinet | 1 Fortiweb | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Multiple stack-based buffer overflows in the API controllers of FortiWeb 6.4.1, 6.4.0, and 6.3.0 through 6.3.15 may allow an authenticated attacker to achieve arbitrary code execution via specially crafted requests. | |||||
| CVE-2021-36193 | 1 Fortinet | 1 Fortiweb | 2024-11-21 | 6.5 MEDIUM | 6.7 MEDIUM |
| Multiple stack-based buffer overflows in the command line interpreter of FortiWeb before 6.4.2 may allow an authenticated attacker to achieve arbitrary code execution via specially crafted commands. | |||||
| CVE-2021-36186 | 1 Fortinet | 1 Fortiweb | 2024-11-21 | 7.5 HIGH | 8.8 HIGH |
| A stack-based buffer overflow in Fortinet FortiWeb version 6.4.0, version 6.3.15 and below, 6.2.5 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests | |||||
| CVE-2021-36179 | 1 Fortinet | 1 Fortiweb | 2024-11-21 | 6.5 MEDIUM | 8.0 HIGH |
| A stack-based buffer overflow in Fortinet FortiWeb version 6.3.14 and below, 6.2.4 and below allows attacker to execute unauthorized code or commands via crafted parameters in CLI command execution | |||||
| CVE-2021-36173 | 1 Fortinet | 14 Fortigate-1100e, Fortigate-200f, Fortigate-2600f and 11 more | 2024-11-21 | 6.8 MEDIUM | 8.0 HIGH |
| A heap-based buffer overflow in the firmware signature verification function of FortiOS versions 7.0.1, 7.0.0, 6.4.0 through 6.4.6, 6.2.0 through 6.2.9, and 6.0.0 through 6.0.13 may allow an attacker to execute arbitrary code via specially crafted installation images. | |||||
| CVE-2021-36134 | 2 Microsoft, Netop | 2 Windows, Vision Pro | 2024-11-21 | 3.3 LOW | 7.4 HIGH |
| Out of bounds write vulnerability in the JPEG parsing code of Netop Vision Pro up to and including 9.7.2 allows an adjacent unauthenticated attacker to write to arbitrary memory potentially leading to a Denial of Service (DoS). | |||||
| CVE-2021-36089 | 2 Linux, Zope | 2 Linux Kernel, Grok | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Grok 7.6.6 through 9.2.0 has a heap-based buffer overflow in grk::FileFormatDecompress::apply_palette_clr (called from grk::FileFormatDecompress::applyColour). | |||||
| CVE-2021-36083 | 1 Kde | 1 Kimageformats | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| KDE KImageFormats 5.70.0 through 5.81.0 has a stack-based buffer overflow in XCFImageFormat::loadTileRLE. | |||||
| CVE-2021-36082 | 1 Ntop | 1 Ndpi | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| ntop nDPI 3.4 has a stack-based buffer overflow in processClientServerHello. | |||||
| CVE-2021-36073 | 2 Adobe, Microsoft | 2 Bridge, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Adobe Bridge version 11.1 (and earlier) is affected by a heap-based buffer overflow vulnerability when parsing a crafted .SGI file. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||