Total
1214 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-35078 | 1 Qualcomm | 214 Aqt1000, Aqt1000 Firmware, Ar8035 and 211 more | 2024-11-21 | 7.5 High |
| Possible memory leak due to improper validation of certificate chain length while parsing server certificate chain in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | ||||
| CVE-2021-34792 | 1 Cisco | 18 Adaptive Security Appliance Software, Asa 5505, Asa 5505 Firmware and 15 more | 2024-11-21 | 8.6 High |
| A vulnerability in the memory management of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper resource management when connection rates are high. An attacker could exploit this vulnerability by opening a significant number of connections on an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. | ||||
| CVE-2021-34740 | 1 Cisco | 71 1100-4g\/6g Integrated Services Router, 1100-4p Integrated Services Router, 1100-8p Integrated Services Router and 68 more | 2024-11-21 | 7.4 High |
| A vulnerability in the WLAN Control Protocol (WCP) implementation for Cisco Aironet Access Point (AP) software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect error handling when an affected device receives an unexpected 802.11 frame. An attacker could exploit this vulnerability by sending certain 802.11 frames over the wireless network to an interface on an affected AP. A successful exploit could allow the attacker to cause a packet buffer leak. This could eventually result in buffer allocation failures, which would trigger a reload of the affected device. | ||||
| CVE-2021-34698 | 1 Cisco | 8 Asyncos, Web Security Appliance S170, Web Security Appliance S190 and 5 more | 2024-11-21 | 8.6 High |
| A vulnerability in the proxy service of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to exhaust system memory and cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper memory management in the proxy service of an affected device. An attacker could exploit this vulnerability by establishing a large number of HTTPS connections to the affected device. A successful exploit could allow the attacker to cause the system to stop processing new connections, which could result in a DoS condition. Note: Manual intervention may be required to recover from this situation. | ||||
| CVE-2021-34598 | 1 Phoenixcontact | 4 Fl Mguard 1102, Fl Mguard 1102 Firmware, Fl Mguard 1105 and 1 more | 2024-11-21 | 7.5 High |
| In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 the remote logging functionality is impaired by the lack of memory release for data structures from syslog-ng when remote logging is active | ||||
| CVE-2021-34431 | 1 Eclipse | 1 Mosquitto | 2024-11-21 | 6.5 Medium |
| In Eclipse Mosquitto version 1.6 to 2.0.10, if an authenticated client that had connected with MQTT v5 sent a crafted CONNECT message to the broker a memory leak would occur, which could be used to provide a DoS attack against the broker. | ||||
| CVE-2021-34389 | 1 Nvidia | 9 Jetson Agx Xavier 16gb, Jetson Agx Xavier 32gb, Jetson Agx Xavier 8gb and 6 more | 2024-11-21 | 5 Medium |
| Trusty contains a vulnerability in NVIDIA OTE protocol message parsing code, which is present in all the TAs. An incorrect bounds check can allow a local user through a malicious client to access memory from the heap in the TrustZone, which may lead to information disclosure. | ||||
| CVE-2021-33452 | 1 Nasm | 1 Netwide Assembler | 2024-11-21 | 5.5 Medium |
| An issue was discovered in NASM version 2.16rc0. There are memory leaks in nasm_malloc() in nasmlib/alloc.c. | ||||
| CVE-2021-33451 | 1 Long Range Zip Project | 1 Long Range Zip | 2024-11-21 | 5.5 Medium |
| An issue was discovered in lrzip version 0.641. There are memory leaks in fill_buffer() in stream.c. | ||||
| CVE-2021-33450 | 1 Nasm | 1 Netwide Assembler | 2024-11-21 | 5.5 Medium |
| An issue was discovered in NASM version 2.16rc0. There are memory leaks in nasm_calloc() in nasmlib/alloc.c. | ||||
| CVE-2021-33437 | 1 Cesanta | 1 Mjs | 2024-11-21 | 5.5 Medium |
| An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There are memory leaks in frozen_cb() in mjs.c. | ||||
| CVE-2021-33366 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| Memory leak in the gf_isom_oinf_read_entry function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file. | ||||
| CVE-2021-33365 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| Memory leak in the gf_isom_get_root_od function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file. | ||||
| CVE-2021-33364 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| Memory leak in the def_parent_box_new function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file. | ||||
| CVE-2021-33363 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| Memory leak in the infe_box_read function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file. | ||||
| CVE-2021-33361 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| Memory leak in the afra_box_read function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file. | ||||
| CVE-2021-32032 | 1 Linaro | 1 Trusted Firmware-m | 2024-11-21 | 7.5 High |
| In Trusted Firmware-M through 1.3.0, cleaning up the memory allocated for a multi-part cryptographic operation (in the event of a failure) can prevent the abort() operation in the associated cryptographic library from freeing internal resources, causing a memory leak. | ||||
| CVE-2021-31367 | 1 Juniper | 10 Junos, Ptx1000, Ptx10001-36mr and 7 more | 2024-11-21 | 6.5 Medium |
| A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on PTX Series allows an adjacent attacker to cause a Denial of Service (DoS) by sending genuine BGP flowspec packets which cause an FPC heap memory leak. Once having run out of memory the FPC will crash and restart along with a core dump. Continued receipted of these packets will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS All versions prior to 18.4R3-S9; 19.1 versions prior to 19.1R3-S7; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R1-S4, 19.4R3-S6; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R3-S1; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2. Juniper Networks Junos Evolved is not affected. | ||||
| CVE-2021-31256 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| Memory leak in the stbl_GetSampleInfos function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file. | ||||
| CVE-2021-30844 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 7.5 High |
| A logic issue was addressed with improved state management. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A remote attacker may be able to leak memory. | ||||