Total
3823 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-37778 | 1 Gps-sdr-sim Project | 1 Gps-sdr-sim | 2024-11-21 | 9.8 Critical |
| There is a buffer overflow in gps-sdr-sim v1.0 when parsing long command line parameters, which can lead to DoS or code execution. | ||||
| CVE-2021-37726 | 2 Arubanetworks, Siemens | 3 Aruba Instant, Scalance W1750d, Scalance W1750d Firmware | 2024-11-21 | 9.8 Critical |
| A remote buffer overflow vulnerability was discovered in HPE Aruba Instant (IAP) version(s): Aruba Instant 8.7.x.x: 8.7.0.0 through 8.7.1.2. Aruba has released patches for Aruba Instant (IAP) that address this security vulnerability. | ||||
| CVE-2021-37716 | 2 Arubanetworks, Siemens | 4 Arubaos, Sd-wan, Scalance W1750d and 1 more | 2024-11-21 | 9.8 Critical |
| A remote buffer overflow vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.2, 8.6.0.8, 8.5.0.12, 8.3.0.15. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address this security vulnerability. | ||||
| CVE-2021-37650 | 1 Google | 1 Tensorflow | 2024-11-21 | 7.8 High |
| TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation for `tf.raw_ops.ExperimentalDatasetToTFRecord` and `tf.raw_ops.DatasetToTFRecord` can trigger heap buffer overflow and segmentation fault. The [implementation](https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/data/experimental/to_tf_record_op.cc#L93-L102) assumes that all records in the dataset are of string type. However, there is no check for that, and the example given above uses numeric types. We have patched the issue in GitHub commit e0b6e58c328059829c3eb968136f17aa72b6c876. The fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range. | ||||
| CVE-2021-37388 | 1 Dlink | 2 Dir-615, Dir-615 Firmware | 2024-11-21 | 9.8 Critical |
| A buffer overflow in D-Link DIR-615 C2 3.03WW. The ping_ipaddr parameter in ping_response.cgi POST request allows an attacker to crash the webserver and might even gain remote code execution. | ||||
| CVE-2021-37166 | 1 Swisslog-healthcare | 2 Hmi-3 Control Panel, Hmi-3 Control Panel Firmware | 2024-11-21 | 7.5 High |
| A buffer overflow issue leading to denial of service was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. When HMI3 starts up, it binds a local service to a TCP port on all interfaces of the device, and takes extensive time for the GUI to connect to the TCP socket, allowing the connection to be hijacked by an external attacker. | ||||
| CVE-2021-37165 | 1 Swisslog-healthcare | 2 Hmi-3 Control Panel, Hmi-3 Control Panel Firmware | 2024-11-21 | 9.8 Critical |
| A buffer overflow issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. When a message is sent to the HMI TCP socket, it is forwarded to the hmiProcessMsg function through the pendingQ, and may lead to remote code execution. | ||||
| CVE-2021-37162 | 1 Swisslog-healthcare | 2 Hmi-3 Control Panel, Hmi-3 Control Panel Firmware | 2024-11-21 | 9.8 Critical |
| A buffer overflow issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. If an attacker sends a malformed UDP message, a buffer underflow occurs, leading to an out-of-bounds copy and possible remote code execution. | ||||
| CVE-2021-37161 | 1 Swisslog-healthcare | 2 Hmi-3 Control Panel, Hmi-3 Control Panel Firmware | 2024-11-21 | 9.8 Critical |
| A buffer overflow issue was discovered in the HMI3 Control Panel contained within the Swisslog Healthcare Nexus Panel, operated by released versions of software before Nexus Software 7.2.5.7. A buffer overflow allows an attacker to overwrite an internal queue data structure and can lead to remote code execution. | ||||
| CVE-2021-36999 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 7.8 High |
| There is a Buffer overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability by sending malicious images and inducing users to open the images may cause remote code execution. | ||||
| CVE-2021-36724 | 1 Forescout | 1 Secureconnector | 2024-11-21 | 6.1 Medium |
| ForeScout - SecureConnector Local Service DoS - A low privilaged user which doesn't have permissions to shutdown the secure connector service writes a large amount of characters in the installationPath. This will cause the buffer to overflow and override the stack cookie causing the service to crash. | ||||
| CVE-2021-36333 | 1 Dell | 1 Emc Cloud Link | 2024-11-21 | 5.5 Medium |
| Dell EMC CloudLink 7.1 and all prior versions contain a Buffer Overflow Vulnerability. A local low privileged attacker, may potentially exploit this vulnerability, leading to an application crash. | ||||
| CVE-2021-36148 | 1 Linux | 1 Acrn | 2024-11-21 | 7.8 High |
| An issue was discovered in ACRN before 2.5. dmar_free_irte in hypervisor/arch/x86/vtd.c allows an irte_alloc_bitmap buffer overflow. | ||||
| CVE-2021-36051 | 2 Adobe, Debian | 2 Xmp Toolkit Software Development Kit, Debian Linux | 2024-11-21 | 7.8 High |
| XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a specially-crafted .cpp file. | ||||
| CVE-2021-35977 | 1 Digi | 35 6350-sr, 6350-sr Firmware, Cm and 32 more | 2024-11-21 | 9.8 Critical |
| An issue was discovered in Digi RealPort for Windows through 4.8.488.0. A buffer overflow exists in the handling of ADDP discovery response messages. This could result in arbitrary code execution. | ||||
| CVE-2021-35945 | 1 Couchbase | 1 Couchbase Server | 2024-11-21 | 7.5 High |
| Couchbase Server 6.5.x, 6.6.0 through 6.6.2, and 7.0.0, has a Buffer Overflow. A specially crafted network packet sent from an attacker can crash memcached. | ||||
| CVE-2021-35944 | 1 Couchbase | 1 Couchbase Server | 2024-11-21 | 7.5 High |
| Couchbase Server 6.5.x, 6.6.x through 6.6.2, and 7.0.0 has a Buffer Overflow. A specially crafted network packet sent from an attacker can crash memcached. | ||||
| CVE-2021-35297 | 1 Scalabium | 1 Dbase Viewer | 2024-11-21 | 7.8 High |
| Scalabium dBase Viewer version 2.6 (Build 5.751) is vulnerable to remote code execution via a crafted DBF file that triggers a buffer overflow. An attacker can use the Structured Exception Handler (SEH) records and redirect execution to attacker-controlled code. | ||||
| CVE-2021-35129 | 1 Qualcomm | 90 Ar8035, Ar8035 Firmware, Ipq5010 and 87 more | 2024-11-21 | 7.8 High |
| Memory corruption in BT controller due to improper length check while processing vendor specific commands in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking | ||||
| CVE-2021-35114 | 1 Qualcomm | 4 Sa8540p, Sa8540p Firmware, Sa9000p and 1 more | 2024-11-21 | 8.4 High |
| Improper buffer initialization on the backend driver can lead to buffer overflow in Snapdragon Auto | ||||