Total
13415 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-41289 | 1 Asus | 2 P453uj, P453uj Bios | 2024-11-21 | 6.3 Medium |
| ASUS P453UJ contains the Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability. With a general user’s permission, local attackers can modify the BIOS by replacing or filling in the content of the designated Memory DataBuffer, which causing a failure of integrity verification and further resulting in a failure to boot. | ||||
| CVE-2021-41121 | 1 Vyperlang | 1 Vyper | 2024-11-21 | 7.5 High |
| Vyper is a Pythonic Smart Contract Language for the EVM. In affected versions when performing a function call inside a literal struct, there is a memory corruption issue that occurs because of an incorrect pointer to the the top of the stack. This issue has been resolved in version 0.3.0. | ||||
| CVE-2021-41073 | 4 Debian, Fedoraproject, Linux and 1 more | 21 Debian Linux, Fedora, Linux Kernel and 18 more | 2024-11-21 | 7.8 High |
| loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc/<pid>/maps for exploitation. | ||||
| CVE-2021-40771 | 2 Adobe, Microsoft | 2 Prelude, Windows | 2024-11-21 | N/A |
| Adobe Prelude version 10.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious WAV file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability. | ||||
| CVE-2021-40765 | 3 Adobe, Apple, Microsoft | 3 Character Animator, Macos, Windows | 2024-11-21 | 7.8 High |
| Adobe Character Animator version 4.4 (and earlier) is affected by a memory corruption vulnerability when parsing a M4A file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | ||||
| CVE-2021-40715 | 2 Adobe, Microsoft | 2 Premiere Pro, Windows | 2024-11-21 | 7.8 High |
| Adobe Premiere Pro version 15.4 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious .exr file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability. | ||||
| CVE-2021-40710 | 2 Adobe, Microsoft | 2 Premiere Pro, Windows | 2024-11-21 | N/A |
| Adobe Premiere Pro version 15.4 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious .svg file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability. | ||||
| CVE-2021-40703 | 3 Adobe, Apple, Microsoft | 3 Premiere Elements, Macos, Windows | 2024-11-21 | N/A |
| Adobe Premiere Elements version 2021.2235820 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious m4a file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | ||||
| CVE-2021-40702 | 3 Adobe, Apple, Microsoft | 3 Premiere Elements, Macos, Windows | 2024-11-21 | N/A |
| Adobe Premiere Elements version 2021.2235820 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious psd file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | ||||
| CVE-2021-40701 | 3 Adobe, Apple, Microsoft | 3 Premiere Elements, Macos, Windows | 2024-11-21 | N/A |
| Adobe Premiere Elements version 2021.2235820 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious m4a file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | ||||
| CVE-2021-40700 | 3 Adobe, Apple, Microsoft | 3 Premiere Elements, Macos, Windows | 2024-11-21 | N/A |
| Adobe Premiere Elements version 2021.2235820 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious TIFF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | ||||
| CVE-2021-40393 | 2 Debian, Gerbv Project | 2 Debian Linux, Gerbv | 2024-11-21 | 9.8 Critical |
| An out-of-bounds write vulnerability exists in the RS-274X aperture macro variables handling functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and the forked version of Gerbv (commit 71493260). A specially-crafted gerber file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2021-40157 | 1 Autodesk | 1 Fbx Review | 2024-11-21 | 7.8 High |
| A user may be tricked into opening a malicious FBX file which may exploit an Untrusted Pointer Dereference vulnerability in FBX’s Review version 1.5.0 and prior causing it to run arbitrary code on the system. | ||||
| CVE-2021-40142 | 2 Opcfoundation, Siemens | 8 Local Discover Server, Simatic Net Pc, Simatic Process Historian Opc Ua Server and 5 more | 2024-11-21 | 7.5 High |
| In OPC Foundation Local Discovery Server (LDS) before 1.04.402.463, remote attackers can cause a denial of service (DoS) by sending carefully crafted messages that lead to Access of a Memory Location After the End of a Buffer. | ||||
| CVE-2021-40117 | 1 Cisco | 19 Adaptive Security Appliance, Adaptive Security Appliance Software, Asa 5505 and 16 more | 2024-11-21 | 8.6 High |
| A vulnerability in SSL/TLS message handler for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because incoming SSL/TLS packets are not properly processed. An attacker could exploit this vulnerability by sending a crafted SSL/TLS packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. | ||||
| CVE-2021-40027 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 7.5 High |
| The bone voice ID TA has a vulnerability in calculating the buffer length,Successful exploitation of this vulnerability may affect data confidentiality. | ||||
| CVE-2021-3973 | 3 Debian, Fedoraproject, Vim | 3 Debian Linux, Fedora, Vim | 2024-11-21 | 7.8 High |
| vim is vulnerable to Heap-based Buffer Overflow | ||||
| CVE-2021-3968 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2024-11-21 | 8.0 High |
| vim is vulnerable to Heap-based Buffer Overflow | ||||
| CVE-2021-3928 | 3 Debian, Fedoraproject, Vim | 3 Debian Linux, Fedora, Vim | 2024-11-21 | 7.8 High |
| vim is vulnerable to Use of Uninitialized Variable | ||||
| CVE-2021-3927 | 3 Debian, Fedoraproject, Vim | 3 Debian Linux, Fedora, Vim | 2024-11-21 | 7.8 High |
| vim is vulnerable to Heap-based Buffer Overflow | ||||