Total
3900 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-32422 | 1 Dpic Project | 1 Dpic | 2024-11-21 | N/A | 7.5 HIGH |
|
dpic 2021.01.01 has a Global buffer overflow in theyylex() function in main.c and reads out of the bound array.
|
|||||
| CVE-2021-32265 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
An issue was discovered in Bento4 through v1.6.0-637. A global-buffer-overflow exists in the function AP4_MemoryByteStream::WritePartial() located in Ap4ByteStream.cpp. It allows an attacker to cause code execution or information disclosure.
|
|||||
| CVE-2021-31893 | 1 Siemens | 8 Simatic Pcs, Simatic Pcs Firmware, Simatic Pdm and 5 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). The affected software contains a buffer overflow vulnerability while handling certain files that could allow a local attacker to trigger a denial-of-service condition or potentially lead to remote code exec ...
Show More |
|||||
| CVE-2021-31845 | 1 Mcafee | 1 Data Loss Prevention Discover | 2024-11-21 | 6.0 MEDIUM | 8.4 HIGH |
|
A buffer overflow vulnerability in McAfee Data Loss Prevention (DLP) Discover prior to 11.6.100 allows an attacker in the same network as the DLP Discover to execute arbitrary code through placing carefully constructed Ami Pro (.sam) files onto a machine and having DLP Discover scan it, leading to remote code execution with elevated privileges. This is caused by the destination buffer being of fixed size and incorrect checks being made on the source size.
|
|||||
| CVE-2021-31844 | 2 Mcafee, Microsoft | 2 Data Loss Prevention Endpoint, Windows | 2024-11-21 | 4.6 MEDIUM | 8.2 HIGH |
|
A buffer overflow vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.200 allows a local attacker to execute arbitrary code with elevated privileges through placing carefully constructed Ami Pro (.sam) files onto the local system and triggering a DLP Endpoint scan through accessing a file. This is caused by the destination buffer being of fixed size and incorrect checks being made on the source size.
|
|||||
| CVE-2021-31664 | 1 Riot-os | 1 Riot | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
RIOT-OS 2021.01 before commit 44741ff99f7a71df45420635b238b9c22093647a contains a buffer overflow which could allow attackers to obtain sensitive information.
|
|||||
| CVE-2021-31663 | 1 Riot-os | 1 Riot | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
RIOT-OS 2021.01 before commit bc59d60be60dfc0a05def57d74985371e4f22d79 contains a buffer overflow which could allow attackers to obtain sensitive information.
|
|||||
| CVE-2021-31662 | 1 Riot-os | 1 Riot | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
RIOT-OS 2021.01 before commit 07f1254d8537497552e7dce80364aaead9266bbe contains a buffer overflow which could allow attackers to obtain sensitive information.
|
|||||
| CVE-2021-31661 | 1 Riot-os | 1 Riot | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
RIOT-OS 2021.01 before commit 609c9ada34da5546cffb632a98b7ba157c112658 contains a buffer overflow that could allow attackers to obtain sensitive information.
|
|||||
| CVE-2021-31660 | 1 Riot-os | 1 Riot | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
RIOT-OS 2021.01 before commit 85da504d2dc30188b89f44c3276fc5a25b31251f contains a buffer overflow which could allow attackers to obtain sensitive information.
|
|||||
| CVE-2021-31627 | 1 Tendacn | 2 Ac9, Ac9 Firmware | 2024-11-21 | 5.8 MEDIUM | 8.8 HIGH |
|
Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.19(6318), and AC9 V3.0 V15.03.06.42_multi, allows attackers to execute arbitrary code via the index parameter.
|
|||||
| CVE-2021-31624 | 1 Tendacn | 2 Ac9, Ac9 Firmware | 2024-11-21 | 5.8 MEDIUM | 8.8 HIGH |
|
Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.19(6318), and AC9 V3.0 V15.03.06.42_multi, allows attackers to execute arbitrary code via the urls parameter.
|
|||||
| CVE-2021-31535 | 2 Fedoraproject, X.org | 3 Fedora, Libx11, X Window System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11 XLookupColor request (intended for server-side color lookup) contains a flaw allowing a client to send color-name requests with a name longer than the maximum size allowed by the protocol (and also longer than the maximum packet size for normal-sized packets). The user-controlled data exceeding the maximum size is then interpreted by the server as additional X protoco ...
Show More |
|||||
| CVE-2021-31255 | 1 Gpac | 1 Gpac | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Buffer overflow in the abst_box_read function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file.
|
|||||
| CVE-2021-30993 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
|
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. An attacker in a privileged network position may be able to execute arbitrary code.
|
|||||
| CVE-2021-30981 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.1, Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. An application may be able to execute arbitrary code with kernel privileges.
|
|||||
| CVE-2021-30979 | 1 Apple | 4 Ipados, Iphone Os, Mac Os X and 1 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.1, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2, Security Update 2021-008 Catalina. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution.
|
|||||
| CVE-2021-30977 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.1, Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. A malicious application may be able to execute arbitrary code with kernel privileges.
|
|||||
| CVE-2021-30963 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. Parsing a maliciously crafted audio file may lead to disclosure of user information.
|
|||||
| CVE-2021-30961 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. Parsing a maliciously crafted audio file may lead to disclosure of user information.
|
|||||
| CVE-2021-30960 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. Parsing a maliciously crafted audio file may lead to disclosure of user information.
|
|||||
| CVE-2021-30959 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. Parsing a maliciously crafted audio file may lead to disclosure of user information.
|
|||||
| CVE-2021-30957 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. Processing a maliciously crafted audio file may lead to arbitrary code execution.
|
|||||
| CVE-2021-30941 | 1 Apple | 4 Ipados, Iphone Os, Mac Os X and 1 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.1, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2, Security Update 2021-008 Catalina. Processing a maliciously crafted USD file may disclose memory contents.
|
|||||
| CVE-2021-30940 | 1 Apple | 4 Ipados, Iphone Os, Mac Os X and 1 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.1, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2, Security Update 2021-008 Catalina. Processing a maliciously crafted USD file may disclose memory contents.
|
|||||
| CVE-2021-30934 | 3 Apple, Debian, Fedoraproject | 8 Ipados, Iphone Os, Macos and 5 more | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
|
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.
|
|||||
| CVE-2021-30889 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to arbitrary code execution.
|
|||||
| CVE-2021-30785 | 1 Apple | 5 Iphone Os, Mac Os X, Macos and 2 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Processing a maliciously crafted image may lead to arbitrary code execution.
|
|||||
| CVE-2021-30736 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
A buffer overflow was addressed with improved size validation. This issue is fixed in macOS Big Sur 11.4, tvOS 14.6, watchOS 7.5, iOS 14.6 and iPadOS 14.6. An application may be able to execute arbitrary code with kernel privileges.
|
|||||
| CVE-2021-30707 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.4, tvOS 14.6, watchOS 7.5, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted audio file may lead to arbitrary code execution.
|
|||||
| CVE-2021-30475 | 2 Aomedia, Fedoraproject | 2 Aomedia, Fedora | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
aom_dsp/noise_model.c in libaom in AOMedia before 2021-03-24 has a buffer overflow.
|
|||||
| CVE-2021-30351 | 1 Qualcomm | 392 Apq8009, Apq8009 Firmware, Apq8009w and 389 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An out of bound memory access can occur due to improper validation of number of frames being passed during music playback in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2021-30331 | 1 Qualcomm | 154 Ar8035, Ar8035 Firmware, Fsm10055 and 151 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
Possible buffer overflow due to improper data validation of external commands sent via DIAG interface in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
|
|||||
| CVE-2021-30327 | 1 Qualcomm | 158 Apq8097, Apq8097 Firmware, Apq8098 and 155 more | 2024-11-21 | 7.2 HIGH | 7.5 HIGH |
|
Buffer overflow in sahara protocol while processing commands leads to overwrite of secure configuration data in Snapdragon Mobile, Snapdragon Compute, Snapdragon Auto, Snapdragon IOT, Snapdragon Connectivity, Snapdragon Voice & Music
|
|||||
| CVE-2021-30324 | 1 Qualcomm | 302 Apq8096au, Apq8096au Firmware, Ar8031 and 299 more | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
|
Possible out of bound write due to lack of boundary check for the maximum size of buffer when sending a DCI packet to remote process in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2021-30323 | 1 Qualcomm | 202 Apq8009w, Apq8009w Firmware, Apq8017 and 199 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Improper validation of maximum size of data write to EFS file can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
|
|||||
| CVE-2021-30321 | 1 Qualcomm | 46 Aqt1000, Aqt1000 Firmware, Qca1062 and 43 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
Possible buffer overflow due to lack of parameter length check during MBSSID scan IE parse in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity
|
|||||
| CVE-2021-30318 | 1 Qualcomm | 274 Apq8009w, Apq8009w Firmware, Apq8017 and 271 more | 2024-11-21 | 4.6 MEDIUM | 8.4 HIGH |
|
Improper validation of input when provisioning the HDCP key can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables
|
|||||
| CVE-2021-30309 | 1 Qualcomm | 86 Mdm9650, Mdm9650 Firmware, Qca6174a and 83 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Improper size validation of QXDM commands can lead to memory corruption in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
|
|||||
| CVE-2021-30308 | 1 Qualcomm | 172 Aqt1000, Aqt1000 Firmware, Ar8035 and 169 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Possible buffer overflow while printing the HARQ memory partition detail due to improper validation of buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
|
|||||