Total
3257 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-35069 | 1 Qualcomm | 382 Apq8096au, Apq8096au Firmware, Aqt1000 and 379 more | 2024-11-21 | 7.8 High |
| Improper validation of data length received from DMA buffer can lead to memory corruption. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | ||||
| CVE-2021-34513 | 1 Microsoft | 8 Windows 10, Windows 10 1809, Windows 10 1909 and 5 more | 2024-11-21 | 7.8 High |
| Storage Spaces Controller Elevation of Privilege Vulnerability | ||||
| CVE-2021-34512 | 1 Microsoft | 11 Windows 10, Windows 10 1507, Windows 10 1607 and 8 more | 2024-11-21 | 7.8 High |
| Storage Spaces Controller Elevation of Privilege Vulnerability | ||||
| CVE-2021-34510 | 1 Microsoft | 9 Windows 10, Windows 10 1809, Windows 10 1909 and 6 more | 2024-11-21 | 7.8 High |
| Storage Spaces Controller Elevation of Privilege Vulnerability | ||||
| CVE-2021-34392 | 1 Nvidia | 2 Jetson Linux, Jetson Tx1 | 2024-11-21 | 4.4 Medium |
| Trusty TLK contains a vulnerability in the NVIDIA TLK kernel where an integer overflow in the tz_map_shared_mem function can bypass boundary checks, which might lead to denial of service. | ||||
| CVE-2021-34391 | 1 Nvidia | 2 Jetson Linux, Jetson Tx1 | 2024-11-21 | 5.3 Medium |
| Trusty contains a vulnerability in the NVIDIA TLK kernel function where a lack of checks allows the exploitation of an integer overflow through a specific SMC call that is triggered by the user, which may lead to denial of service. | ||||
| CVE-2021-34390 | 1 Nvidia | 2 Jetson Linux, Jetson Tx1 | 2024-11-21 | 5.3 Medium |
| Trusty contains a vulnerability in the NVIDIA TLK kernel function where a lack of checks allows the exploitation of an integer overflow through a specific SMC call that is triggered by the user, which may lead to denial of service. | ||||
| CVE-2021-34386 | 1 Nvidia | 2 Jetson Linux, Jetson Tx1 | 2024-11-21 | 6.3 Medium |
| Trusty TLK contains a vulnerability in the NVIDIA TLK kernel where an integer overflow in the calloc size calculation can cause the multiplication of count and size can overflow, which might lead to heap overflows. | ||||
| CVE-2021-34385 | 1 Nvidia | 2 Jetson Linux, Jetson Tx1 | 2024-11-21 | 6.3 Medium |
| Trusty TLK contains a vulnerability in the NVIDIA TLK kernel where an integer overflow in the calculation of a length could lead to a heap overflow. | ||||
| CVE-2021-34382 | 1 Nvidia | 2 Jetson Linux, Jetson Tx1 | 2024-11-21 | 6.7 Medium |
| Trusty TLK contains a vulnerability in the NVIDIA TLK kernel’s tz_map_shared_mem function where an integer overflow on the size parameter causes the request buffer and the logging buffer to overflow, allowing writes to arbitrary addresses within the kernel. | ||||
| CVE-2021-34381 | 1 Nvidia | 2 Jetson Linux, Jetson Tx1 | 2024-11-21 | 6.7 Medium |
| Trusty TLK contains a vulnerability in the NVIDIA TLK kernel function where a lack of checks allows the exploitation of an integer overflow on the size parameter of the tz_map_shared_mem function, which might lead to denial of service, information disclosure, or data tampering. | ||||
| CVE-2021-34372 | 1 Nvidia | 12 Jetson Agx Xavier 16gb, Jetson Agx Xavier 32gb, Jetson Agx Xavier 8gb and 9 more | 2024-11-21 | 8.2 High |
| Trusty (the trusted OS produced by NVIDIA for Jetson devices) driver contains a vulnerability in the NVIDIA OTE protocol message parsing code where an integer overflow in a malloc() size calculation leads to a buffer overflow on the heap, which might result in information disclosure, escalation of privileges, and denial of service. | ||||
| CVE-2021-34334 | 3 Debian, Exiv2, Fedoraproject | 3 Debian Linux, Exiv2, Fedora | 2024-11-21 | 5.5 Medium |
| Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An infinite loop is triggered when Exiv2 is used to read the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. The bug is fixed in version v0.27.5. | ||||
| CVE-2021-34270 | 1 Doft | 1 Doftcoin | 2024-11-21 | 7.5 High |
| An integer overflow in the mintToken function of a smart contract implementation for Doftcoin Token, an Ethereum ERC20 token, allows the owner to cause unexpected financial losses. | ||||
| CVE-2021-33909 | 7 Debian, Fedoraproject, Linux and 4 more | 16 Debian Linux, Fedora, Linux Kernel and 13 more | 2024-11-21 | 7.8 High |
| fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05. | ||||
| CVE-2021-33439 | 1 Cesanta | 1 Mjs | 2024-11-21 | 5.5 Medium |
| An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is Integer overflow in gc_compact_strings() in mjs.c. | ||||
| CVE-2021-33403 | 1 Blocklancertoken Project | 1 Blocklancertoken | 2024-11-21 | 7.5 High |
| An integer overflow in the transfer function of a smart contract implementation for Lancer Token, an Ethereum ERC20 token, allows the owner to cause unexpected financial losses between two large accounts during a transaction. | ||||
| CVE-2021-33106 | 1 Intel | 1 Safestring Library | 2024-11-21 | 7.8 High |
| Integer overflow in the Safestring library maintained by Intel(R) may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2021-32765 | 3 Debian, Netapp, Redis | 3 Debian Linux, Management Services For Element Software And Netapp Hci, Hiredis | 2024-11-21 | 8.8 High |
| Hiredis is a minimalistic C client library for the Redis database. In affected versions Hiredis is vulnurable to integer overflow if provided maliciously crafted or corrupted `RESP` `mult-bulk` protocol data. When parsing `multi-bulk` (array-like) replies, hiredis fails to check if `count * sizeof(redisReply*)` can be represented in `SIZE_MAX`. If it can not, and the `calloc()` call doesn't itself make this check, it would result in a short allocation and subsequent buffer overflow. Users of hiredis who are unable to update may set the [maxelements](https://github.com/redis/hiredis#reader-max-array-elements) context option to a value small enough that no overflow is possible. | ||||
| CVE-2021-32762 | 5 Debian, Fedoraproject, Netapp and 2 more | 6 Debian Linux, Fedora, Management Services For Element Software and 3 more | 2024-11-21 | 7.5 High |
| Redis is an open source, in-memory database that persists on disk. The redis-cli command line tool and redis-sentinel service may be vulnerable to integer overflow when parsing specially crafted large multi-bulk network replies. This is a result of a vulnerability in the underlying hiredis library which does not perform an overflow check before calling the calloc() heap allocation function. This issue only impacts systems with heap allocators that do not perform their own overflow checks. Most modern systems do and are therefore not likely to be affected. Furthermore, by default redis-sentinel uses the jemalloc allocator which is also not vulnerable. The problem is fixed in Redis versions 6.2.6, 6.0.16 and 5.0.14. | ||||