Total
13458 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-44920 | 1 Gpac | 1 Gpac | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
An invalid memory address dereference vulnerability exists in gpac 1.1.0 in the dump_od_to_saf.isra function, which causes a segmentation fault and application crash.
|
|||||
| CVE-2021-44712 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Access of Memory Location After End of Buffer vulnerability that could lead to application denial-of-service. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2021-44538 | 4 Cinny Project, Debian, Matrix and 1 more | 6 Cinny, Debian Linux, Element and 3 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
The olm_session_describe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow. The Olm session object represents a cryptographic channel between two parties. Therefore, its state is partially controllable by the remote party of the channel. Attackers can construct a crafted sequence of messages to manipulate the state of the receiver's session in such a way that, for some buffer sizes, a buffer overflow happens on a call to olm_session_describe. Furthermore, safe buffer size ...
Show More |
|||||
| CVE-2021-44503 | 1 Fisglobal | 1 Gt.m | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can cause a call to va_arg on an empty variadic parameter list, most likely causing a memory segmentation fault.
|
|||||
| CVE-2021-44499 | 1 Fisglobal | 1 Gt.m | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can cause a call to $Extract to force an signed integer holding the size of a buffer to take on a large negative number, which is then used as the length of a memcpy call that occurs on the stack, causing a buffer overflow.
|
|||||
| CVE-2021-44496 | 1 Fisglobal | 1 Gt.m | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can control the size variable and buffer that is passed to a call to memcpy. An attacker can use this to overwrite key data structures and gain control of the flow of execution.
|
|||||
| CVE-2021-44440 | 1 Siemens | 2 Jt Open Toolkit, Jt Utilities | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products is vulnerable to memory corruption condition while parsing specially crafted JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-14912)
|
|||||
| CVE-2021-44018 | 1 Siemens | 3 Jt2go, Solid Edge, Teamcenter Visualization | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
A vulnerability has been identified in JT2Go (All versions < V13.2.0.7), Solid Edge SE2021 (All versions < SE2021MP9), Solid Edge SE2022 (All versions < SE2022MP1), Teamcenter Visualization V13.1 (All versions < V13.1.0.9), Teamcenter Visualization V13.2 (All versions < V13.2.0.7), Teamcenter Visualization V13.3 (All versions < V13.3.0.1). The plmxmlAdapterSE70.dll library is vulnerable to memory corruption condition while parsing specially crafted PAR files. An attacker could leverage this vuln ...
Show More |
|||||
| CVE-2021-44016 | 1 Siemens | 3 Jt2go, Solid Edge, Teamcenter Visualization | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
A vulnerability has been identified in JT2Go (All versions < V13.2.0.7), Solid Edge SE2021 (All versions < SE2021MP9), Solid Edge SE2022 (All versions < SE2022MP1), Teamcenter Visualization V13.1 (All versions < V13.1.0.9), Teamcenter Visualization V13.2 (All versions < V13.2.0.7), Teamcenter Visualization V13.3 (All versions < V13.3.0.1). The plmxmlAdapterSE70.dll library is vulnerable to memory corruption condition while parsing specially crafted PAR files. An attacker could leverage this vuln ...
Show More |
|||||
| CVE-2021-43083 | 1 Apache | 1 Plc4x | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
Apache PLC4X - PLC4C (Only the C language implementation was effected) was vulnerable to an unsigned integer underflow flaw inside the tcp transport. Users should update to 0.9.1, which addresses this issue. However, in order to exploit this vulnerability, a user would have to actively connect to a mallicious device which could send a response with invalid content. Currently we consider the probability of this being exploited as quite minimal, however this could change in the future, especially ...
Show More |
|||||
| CVE-2021-43015 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
Adobe InCopy version 16.4 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious GIF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.
|
|||||
| CVE-2021-43013 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
Adobe Media Encoder version 15.4.1 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2021-43012 | 2 Adobe, Microsoft | 2 Prelude, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
Adobe Prelude version 10.1 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file.
|
|||||
| CVE-2021-43011 | 2 Adobe, Microsoft | 2 Prelude, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
Adobe Prelude version 10.1 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file.
|
|||||
| CVE-2021-42738 | 2 Adobe, Microsoft | 2 Prelude, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
Adobe Prelude version 10.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious MXF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.
|
|||||
| CVE-2021-42737 | 2 Adobe, Microsoft | 2 Prelude, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Adobe Prelude version 10.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious WAV file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.
|
|||||
| CVE-2021-42730 | 2 Adobe, Microsoft | 2 Bridge, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Adobe Bridge version 11.1.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious PSD file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
|
|||||
| CVE-2021-42729 | 2 Adobe, Microsoft | 2 Bridge, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Adobe Bridge version 11.1.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious WAV file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
|
|||||
| CVE-2021-42726 | 2 Adobe, Microsoft | 2 Media Encoder, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
Adobe Bridge version 11.1.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious M4A file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
|
|||||
| CVE-2021-42725 | 1 Adobe | 1 Bridge | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Adobe Bridge version 11.1.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious M4A file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
|
|||||
| CVE-2021-42724 | 2 Adobe, Microsoft | 2 Bridge, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Adobe Bridge version 11.1.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
|
|||||
| CVE-2021-42659 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2024-11-21 | 6.1 MEDIUM | 6.5 MEDIUM |
|
There is a buffer overflow vulnerability in the Web server httpd of the router in Tenda router devices such as Tenda AC9 V1.0 V15.03.02.19(6318) and Tenda AC9 V3.0 V15.03.06.42_multi. When setting the virtual service, the httpd program will crash and exit when the super-long list parameter occurs.
|
|||||
| CVE-2021-42527 | 3 Adobe, Apple, Microsoft | 3 Premiere Elements, Macos, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
|
|||||
| CVE-2021-42526 | 3 Adobe, Apple, Microsoft | 3 Premiere Elements, Macos, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
|
|||||
| CVE-2021-42267 | 1 Adobe | 1 Animate | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
Adobe Animate version 21.0.9 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious FLA file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
|
|||||
| CVE-2021-42266 | 1 Adobe | 1 Animate | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
Adobe Animate version 21.0.9 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious FLA file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
|
|||||
| CVE-2021-42262 | 1 Softing | 3 Datafeed Opc Suite, Opc Ua C\+\+ Software Development Kit, Secure Integration Server | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
An issue was discovered in Softing OPC UA C++ SDK before 5.70. An invalid XML element in the type dictionary makes the OPC/UA client crash due to an out-of-memory condition.
|
|||||
| CVE-2021-41771 | 3 Debian, Fedoraproject, Golang | 3 Debian Linux, Fedora, Go | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
ImportedSymbols in debug/macho (for Open or OpenFat) in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation.
|
|||||
| CVE-2021-41289 | 1 Asus | 2 P453uj, P453uj Bios | 2024-11-21 | 3.6 LOW | 6.3 MEDIUM |
|
ASUS P453UJ contains the Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability. With a general user’s permission, local attackers can modify the BIOS by replacing or filling in the content of the designated Memory DataBuffer, which causing a failure of integrity verification and further resulting in a failure to boot.
|
|||||
| CVE-2021-41121 | 1 Vyperlang | 1 Vyper | 2024-11-21 | 6.5 MEDIUM | 7.5 HIGH |
|
Vyper is a Pythonic Smart Contract Language for the EVM. In affected versions when performing a function call inside a literal struct, there is a memory corruption issue that occurs because of an incorrect pointer to the the top of the stack. This issue has been resolved in version 0.3.0.
|
|||||
| CVE-2021-40794 | 3 Adobe, Apple, Microsoft | 3 Premiere Pro, Macos, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Adobe Premiere Pro version 15.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
|
|||||
| CVE-2021-40793 | 3 Adobe, Apple, Microsoft | 3 Premiere Pro, Macos, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Adobe Premiere Pro version 15.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
|
|||||
| CVE-2021-40792 | 3 Adobe, Apple, Microsoft | 3 Premiere Pro, Macos, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Adobe Premiere Pro version 15.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
|
|||||
| CVE-2021-40787 | 3 Adobe, Apple, Microsoft | 3 Premiere Elements, Macos, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
|
|||||
| CVE-2021-40786 | 3 Adobe, Apple, Microsoft | 3 Premiere Elements, Macos, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
|
|||||
| CVE-2021-40784 | 2 Adobe, Microsoft | 2 Premiere Rush, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious WAV file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
|
|||||
| CVE-2021-40783 | 2 Adobe, Microsoft | 2 Premiere Rush, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious WAV file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
|
|||||
| CVE-2021-40780 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
Adobe Media Encoder version 15.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
|
|||||
| CVE-2021-40779 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
Adobe Media Encoder version 15.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
|
|||||
| CVE-2021-40777 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
Adobe Media Encoder version 15.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
|
|||||