Total
13391 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-21834 | 2 Debian, Gpac | 2 Debian Linux, Gpac | 2024-11-21 | 8.8 High |
| An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input when decoding the atom for the “co64” FOURCC can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability. | ||||
| CVE-2021-21833 | 1 Accusoft | 1 Imagegear | 2024-11-21 | 9.8 Critical |
| An improper array index validation vulnerability exists in the TIF IP_planar_raster_unpack functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2021-21808 | 1 Accusoft | 1 Imagegear | 2024-11-21 | 8.8 High |
| A memory corruption vulnerability exists in the PNG png_palette_process functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to a heap buffer overflow. An attacker can provide malicious inputs to trigger this vulnerability. | ||||
| CVE-2021-21794 | 1 Accusoft | 1 Imagegear | 2024-11-21 | 7.8 High |
| An out-of-bounds write vulnerability exists in the TIF bits_per_sample processing functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2021-21784 | 1 Accusoft | 1 Imagegear | 2024-11-21 | 7.8 High |
| An out-of-bounds write vulnerability exists in the JPG format SOF marker processing of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2021-21703 | 6 Debian, Fedoraproject, Netapp and 3 more | 7 Debian Linux, Fedora, Clustered Data Ontap and 4 more | 2024-11-21 | 7.8 High |
| In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main FPM daemon process running as root and child worker processes running as lower-privileged users, it is possible for the child processes to access memory shared with the main process and write to it, modifying it in a way that would cause the root process to conduct invalid memory reads and writes, which can be used to escalate privileges from local unprivileged user to the root user. | ||||
| CVE-2021-21458 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 8.8 High |
| SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated IFF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. | ||||
| CVE-2021-21457 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 8.8 High |
| SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated IFF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. | ||||
| CVE-2021-21453 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 8.8 High |
| SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated RLE file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. | ||||
| CVE-2021-21452 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 8.8 High |
| SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated GIF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. | ||||
| CVE-2021-21451 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 8.8 High |
| SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated SGI file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. | ||||
| CVE-2021-21450 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 8.8 High |
| SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PSD file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. | ||||
| CVE-2021-21449 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 8.8 High |
| SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated IFF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. | ||||
| CVE-2021-21140 | 2 Google, Microsoft | 2 Chrome, Edge | 2024-11-21 | 6.8 Medium |
| Uninitialized use in USB in Google Chrome prior to 88.0.4324.96 allowed a local attacker to potentially perform out of bounds memory access via via a USB device. | ||||
| CVE-2021-21118 | 2 Google, Microsoft | 2 Chrome, Edge Chromium | 2024-11-21 | 8.8 High |
| Insufficient data validation in V8 in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | ||||
| CVE-2021-20988 | 2 Hilscher, Pepperl-fuchs | 17 Rcx Rtos, Ice1-16di-g60l-v1d, Ice1-16di-g60l-v1d Firmware and 14 more | 2024-11-21 | 8.6 High |
| In Hilscher rcX RTOS versions prios to V2.1.14.1 the actual UDP packet length is not verified against the length indicated by the packet. This may lead to a denial of service of the affected device. | ||||
| CVE-2021-20589 | 1 Mitsubishi | 12 Gs21, Gs21 Firmware, Gt21 and 9 more | 2024-11-21 | 7.5 High |
| Buffer access with incorrect length value vulnerability in GOT2000 series GT27 model communication driver versions 01.19.000 through 01.38.000, GT25 model communication driver versions 01.19.000 through 01.38.000, GT23 model communication driver versions 01.19.000 through 01.38.000 and GT21 model communication driver versions 01.21.000 through 01.39.000, GOT SIMPLE series GS21 model communication driver versions 01.21.000 through 01.39.000, GT SoftGOT2000 versions 1.170C through 1.250L and Tension Controller LE7-40GU-L Screen package data for MODBUS/TCP V1.00 allows a remote unauthenticated attacker to stop the communication function of the products via specially crafted packets. | ||||
| CVE-2021-20325 | 1 Redhat | 1 Enterprise Linux | 2024-11-21 | 9.8 Critical |
| Missing fixes for CVE-2021-40438 and CVE-2021-26691 in the versions of httpd, as shipped in Red Hat Enterprise Linux 8.5.0, causes a security regression compared to the versions shipped in Red Hat Enterprise Linux 8.4. A user who installs or updates to Red Hat Enterprise Linux 8.5.0 would be vulnerable to the mentioned CVEs, even if they were properly fixed in Red Hat Enterprise Linux 8.4. CVE-2021-20325 was assigned to that Red Hat specific security regression and it does not affect the upstream versions of httpd. | ||||
| CVE-2021-20284 | 3 Gnu, Netapp, Redhat | 4 Binutils, Cloud Backup, Ontap Select Deploy Administration Utility and 1 more | 2024-11-21 | 5.5 Medium |
| A flaw was found in GNU Binutils 2.35.1, where there is a heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c due to the number of symbols not calculated correctly. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2021-20276 | 2 Debian, Privoxy | 2 Debian Linux, Privoxy | 2024-11-21 | 7.5 High |
| A flaw was found in privoxy before 3.0.32. Invalid memory access with an invalid pattern passed to pcre_compile() may lead to denial of service. | ||||