Total
12260 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-27232 | 1 Pelco | 1 Digital Sentry Server | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The RTSPLive555.dll ActiveX control in Pelco Digital Sentry Server 7.18.72.11464 has a SetCameraConnectionParameter stack-based buffer overflow. This can be exploited by a remote attacker to potentially execute arbitrary attacker-supplied code. The victim would have to visit a malicious webpage using Internet Explorer where the exploit could be triggered. | |||||
| CVE-2021-27224 | 1 Irfanview | 2 Irfanview, Wpg | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The WPG plugin before 3.1.0.0 for IrfanView 4.57 has a user-mode write access violation starting at WPG+0x0000000000012ec6, which might allow remote attackers to execute arbitrary code. | |||||
| CVE-2021-27171 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to start a Linux telnetd as root on port 26/tcp by using the CLI interface commands of ddd and shell (or tshell). | |||||
| CVE-2021-27114 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in D-Link DIR-816 A2 1.10 B05 devices. Within the handler function of the /goform/addassignment route, a very long text entry for the"'s_ip" and "s_mac" fields could lead to a Stack-Based Buffer Overflow and overwrite the return address. | |||||
| CVE-2021-27046 | 1 Autodesk | 1 Navisworks | 2024-11-21 | 4.4 MEDIUM | 7.8 HIGH |
| A Memory Corruption vulnerability for PDF files in Autodesk Navisworks 2019, 2020, 2021, 2022 may lead to code execution through maliciously crafted DLL files. | |||||
| CVE-2021-27044 | 1 Autodesk | 1 Fbx Review | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A Out-Of-Bounds Read/Write Vulnerability in Autodesk FBX Review version 1.4.0 may lead to remote code execution through maliciously crafted DLL files or information disclosure. | |||||
| CVE-2021-27043 | 1 Autodesk | 11 Advance Steel, Autocad, Autocad Architecture and 8 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An Arbitrary Address Write issue in the Autodesk DWG application can allow a malicious user to leverage the application to write in unexpected paths. In order to exploit this the attacker would need the victim to enable full page heap in the application. | |||||
| CVE-2021-27041 | 3 Autodesk, Iconics, Mitsubishielectric | 13 Advance Steel, Autocad, Autocad Architecture and 10 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A maliciously crafted DWG file can be used to write beyond the allocated buffer while parsing DWG files. This vulnerability can be exploited to execute arbitrary code | |||||
| CVE-2021-27039 | 1 Autodesk | 2 Autocad, Design Review | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A maliciously crafted TIFF and PCX file can be forced to read and write beyond allocated boundaries when parsing the TIFF and PCX file for based overflow. This vulnerability can be exploited to execute arbitrary code. | |||||
| CVE-2021-27036 | 1 Autodesk | 1 Design Review | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A maliciously crafted PCX, PICT, RCL, TIF, BMP, PSD or TIFF file can be used to write beyond the allocated buffer while parsing PCX, PDF, PICT, RCL, BMP, PSD or TIFF files. This vulnerability can be exploited to execute arbitrary code | |||||
| CVE-2021-27035 | 1 Autodesk | 1 Design Review | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A maliciously crafted TIFF, TIF, PICT, TGA, or DWF files in Autodesk Design Review 2018, 2017, 2013, 2012, 2011 can be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA or DWF files. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | |||||
| CVE-2021-27034 | 1 Autodesk | 1 Design Review | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A heap-based buffer overflow could occur while parsing PICT, PCX, RCL or TIFF files in Autodesk Design Review 2018, 2017, 2013, 2012, 2011. This vulnerability can be exploited to execute arbitrary code. | |||||
| CVE-2021-27028 | 1 Autodesk | 1 Fbx Review | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A Memory Corruption Vulnerability in Autodesk FBX Review version 1.5.0 and prior may lead to remote code execution through maliciously crafted DLL files. | |||||
| CVE-2021-26951 | 1 Calamine Project | 1 Calamine | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the calamine crate before 0.17.0 for Rust. It allows attackers to overwrite heap-memory locations because Vec::set_len is used without proper memory claiming, and this uninitialized memory is used for a user-provided Read operation, as demonstrated by Sectors::get. | |||||
| CVE-2021-26826 | 1 Godotengine | 1 Godot Engine | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A stack overflow issue exists in Godot Engine up to v3.2 and is caused by improper boundary checks when loading .TGA image files. Depending on the context of the application, attack vector can be local or remote, and can lead to code execution and/or system crash. | |||||
| CVE-2021-26731 | 1 Lannerinc | 2 Iac-ast2500a, Iac-ast2500a Firmware | 2024-11-21 | N/A | 9.1 CRITICAL |
| Command injection and multiple stack-based buffer overflows vulnerabilities in the modifyUserb_func function of spx_restservice allow an authenticated attacker to execute arbitrary code with the same privileges as the server user (root). This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0. | |||||
| CVE-2021-26730 | 1 Lannerinc | 2 Iac-ast2500a, Iac-ast2500a Firmware | 2024-11-21 | N/A | 10.0 CRITICAL |
| A stack-based buffer overflow vulnerability in a subfunction of the Login_handler_func function of spx_restservice allows an attacker to execute arbitrary code with the same privileges as the server user (root). This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0. | |||||
| CVE-2021-26729 | 1 Lannerinc | 2 Iac-ast2500a, Iac-ast2500a Firmware | 2024-11-21 | N/A | 10.0 CRITICAL |
| Command injection and multiple stack-based buffer overflows vulnerabilities in the Login_handler_func function of spx_restservice allow an attacker to execute arbitrary code with the same privileges as the server user (root). This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0. | |||||
| CVE-2021-26728 | 1 Lannerinc | 2 Iac-ast2500a, Iac-ast2500a Firmware | 2024-11-21 | N/A | 10.0 CRITICAL |
| Command injection and stack-based buffer overflow vulnerabilities in the KillDupUsr_func function of spx_restservice allow an attacker to execute arbitrary code with the same privileges as the server user (root). This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0. | |||||
| CVE-2021-26727 | 1 Lannerinc | 2 Iac-ast2500a, Iac-ast2500a Firmware | 2024-11-21 | N/A | 10.0 CRITICAL |
| Multiple command injections and stack-based buffer overflows vulnerabilities in the SubNet_handler_func function of spx_restservice allow an attacker to execute arbitrary code with the same privileges as the server user (root). This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0. | |||||