Total
4262 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-33449 | 1 Cesanta | 1 Mjs | 2024-11-21 | 5.5 Medium |
| An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_bcode_part_get_by_offset() in mjs.c. | ||||
| CVE-2021-33447 | 1 Cesanta | 1 Mjs | 2024-11-21 | 5.5 Medium |
| An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_print() in mjs.c. | ||||
| CVE-2021-33446 | 1 Cesanta | 1 Mjs | 2024-11-21 | 5.5 Medium |
| An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_next() in mjs.c. | ||||
| CVE-2021-33445 | 1 Cesanta | 1 Mjs | 2024-11-21 | 5.5 Medium |
| An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_string_char_code_at() in mjs.c. | ||||
| CVE-2021-33444 | 1 Cesanta | 1 Mjs | 2024-11-21 | 5.5 Medium |
| An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in getprop_builtin_foreign() in mjs.c. | ||||
| CVE-2021-33442 | 1 Cesanta | 1 Mjs | 2024-11-21 | 5.5 Medium |
| An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in json_printf() in mjs.c. | ||||
| CVE-2021-33441 | 1 Cesanta | 1 Mjs | 2024-11-21 | 5.5 Medium |
| An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in exec_expr() in mjs.c. | ||||
| CVE-2021-33440 | 1 Cesanta | 1 Mjs | 2024-11-21 | 5.5 Medium |
| An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_bcode_commit() in mjs.c. | ||||
| CVE-2021-33439 | 1 Cesanta | 1 Mjs | 2024-11-21 | 5.5 Medium |
| An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is Integer overflow in gc_compact_strings() in mjs.c. | ||||
| CVE-2021-33317 | 1 Trendnet | 18 Teg-30102ws, Teg-30102ws Firmware, Ti-g102i and 15 more | 2024-11-21 | 7.5 High |
| The TRENDnet TI-PG1284i switch(hw v2.0R) prior to version 2.0.2.S0 suffers from a null pointer dereference vulnerability. This vulnerability exists in its lldp related component. Due to fail to check if ChassisID TLV is contained in the packet, by sending a crafted lldp packet to the device, an attacker can crash the process due to null pointer dereference. | ||||
| CVE-2021-33254 | 2 Embedthis, Linux | 2 Appweb, Linux Kernel | 2024-11-21 | 7.5 High |
| An issue was discovered in src/http/httpLib.c in EmbedThis Appweb Community Edition 8.2.1, allows attackers to cause a denial of service via the stream paramter to the parseUri function. | ||||
| CVE-2021-32987 | 1 Aveva | 1 Suitelink | 2024-11-21 | 7.5 High |
| Null pointer dereference in SuiteLink server while processing command 0x0b | ||||
| CVE-2021-32979 | 1 Aveva | 1 Suitelink | 2024-11-21 | 7.5 High |
| Null pointer dereference in SuiteLink server while processing commands 0x04/0x0a | ||||
| CVE-2021-32971 | 1 Aveva | 1 Suitelink | 2024-11-21 | 7.5 High |
| Null pointer dereference in SuiteLink server while processing command 0x07 | ||||
| CVE-2021-32963 | 1 Aveva | 1 Suitelink | 2024-11-21 | 7.5 High |
| Null pointer dereference in SuiteLink server while processing commands 0x03/0x10 | ||||
| CVE-2021-32781 | 2 Envoyproxy, Redhat | 2 Envoy, Service Mesh | 2024-11-21 | 8.6 High |
| Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions after Envoy sends a locally generated response it must stop further processing of request or response data. However when local response is generated due the internal buffer overflow while request or response is processed by the filter chain the operation may not be stopped completely and result in accessing a freed memory block. A specifically constructed request delivered by an untrusted downstream or upstream peer in the presence of extensions that modify and increase the size of request or response bodies resulting in a Denial of Service when using extensions that modify and increase the size of request or response bodies, such as decompressor filter. Envoy versions 1.19.1, 1.18.4, 1.17.4, 1.16.5 contain fixes to address incomplete termination of request processing after locally generated response. As a workaround disable Envoy's decompressor, json-transcoder or grpc-web extensions or proprietary extensions that modify and increase the size of request or response bodies, if feasible. | ||||
| CVE-2021-32611 | 1 Antisip | 1 Exosip2 | 2024-11-21 | 7.5 High |
| A NULL pointer dereference vulnerability exists in eXcall_api.c in Antisip eXosip2 through 5.2.0 when handling certain 3xx redirect responses. | ||||
| CVE-2021-32440 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| The Media_RewriteODFrame function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | ||||
| CVE-2021-32438 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| The gf_media_export_filters function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | ||||
| CVE-2021-32437 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| The gf_hinter_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | ||||