Total
6576 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-32606 | 2 Fedoraproject, Linux | 2 Fedora, Linux Kernel | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
In the Linux kernel 5.11 through 5.12.2, isotp_setsockopt in net/can/isotp.c allows privilege escalation to root by leveraging a use-after-free. (This does not affect earlier versions that lack CAN ISOTP SF_BROADCAST support.)
|
|||||
| CVE-2021-32495 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A | 10.0 CRITICAL |
|
Radare2 has a use-after-free vulnerability in pyc parser's get_none_object function. Attacker can read freed memory afterwards. This will allow attackers to cause denial of service.
|
|||||
| CVE-2021-32421 | 1 Dpic Project | 1 Dpic | 2024-11-21 | N/A | 7.5 HIGH |
|
dpic 2021.01.01 has a Heap Use-After-Free in thedeletestringbox() function in dpic.y.
|
|||||
| CVE-2021-31804 | 1 Leocad | 1 Leocad | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
LeoCAD before 21.03 sometimes allows a use-after-free during the opening of a new document.
|
|||||
| CVE-2021-31516 | 1 Vector35 | 1 Binary Ninja | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Vector 35 Binary Ninja 2.3.2660 (Build ID 88f343c3). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BNDB files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerabi ...
Show More |
|||||
| CVE-2021-31502 | 1 Opentext | 1 Brava\! Desktop | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop Build 16.6.4.55. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execu ...
Show More |
|||||
| CVE-2021-31497 | 1 Opentext | 1 Brava\! Desktop | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of DWG files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute ...
Show More |
|||||
| CVE-2021-31470 | 2 Foxitsoftware, Microsoft | 2 3d, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects in PDF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to exe ...
Show More |
|||||
| CVE-2021-31460 | 2 Foxitsoftware, Microsoft | 3 Phantompdf, Reader, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of XFA templates. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code ...
Show More |
|||||
| CVE-2021-31459 | 2 Foxitsoftware, Microsoft | 3 Phantompdf, Reader, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA Forms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in th ...
Show More |
|||||
| CVE-2021-31458 | 2 Foxitsoftware, Microsoft | 3 Phantompdf, Reader, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute c ...
Show More |
|||||
| CVE-2021-31457 | 2 Foxitsoftware, Microsoft | 3 Phantompdf, Reader, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute c ...
Show More |
|||||
| CVE-2021-31456 | 2 Foxitsoftware, Microsoft | 3 Phantompdf, Reader, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute c ...
Show More |
|||||
| CVE-2021-31455 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Phantompdf, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA forms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in th ...
Show More |
|||||
| CVE-2021-31453 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Phantompdf, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA Forms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in th ...
Show More |
|||||
| CVE-2021-31451 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Phantompdf, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute c ...
Show More |
|||||
| CVE-2021-31450 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Phantompdf, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA forms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in th ...
Show More |
|||||
| CVE-2021-31441 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Phantompdf, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute c ...
Show More |
|||||
| CVE-2021-31188 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 2.1 LOW | 7.8 HIGH |
|
Windows Graphics Component Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-31177 | 1 Microsoft | 6 365 Apps, Excel, Office and 3 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Microsoft Office Remote Code Execution Vulnerability
|
|||||
| CVE-2021-31176 | 1 Microsoft | 4 365 Apps, Office, Office Online Server and 1 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Microsoft Office Remote Code Execution Vulnerability
|
|||||
| CVE-2021-31175 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Microsoft Office Remote Code Execution Vulnerability
|
|||||
| CVE-2021-31170 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Windows Graphics Component Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-30980 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. An application may be able to execute arbitrary code with kernel privileges.
|
|||||
| CVE-2021-30951 | 3 Apple, Debian, Fedoraproject | 8 Ipados, Iphone Os, Macos and 5 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.
|
|||||
| CVE-2021-30936 | 3 Apple, Debian, Fedoraproject | 8 Ipados, Iphone Os, Macos and 5 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.
|
|||||
| CVE-2021-30927 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2024-11-21 | 6.9 MEDIUM | 7.8 HIGH |
|
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. An application may be able to execute arbitrary code with kernel privileges.
|
|||||
| CVE-2021-30902 | 1 Apple | 3 Ipad Os, Ipados, Iphone Os | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8.1 and iPadOS 14.8.1, iOS 15.1 and iPadOS 15.1. A local attacker may be able to cause unexpected application termination or arbitrary code execution.
|
|||||
| CVE-2021-30886 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. An application may be able to execute arbitrary code with kernel privileges.
|
|||||
| CVE-2021-30809 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary code execution.
|
|||||
| CVE-2021-30802 | 1 Apple | 2 Iphone Os, Tvos | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.7, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution.
|
|||||
| CVE-2021-30795 | 1 Apple | 5 Iphone Os, Macos, Safari and 2 more | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
|
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution.
|
|||||
| CVE-2021-30741 | 1 Apple | 2 Ipados, Iphone Os | 2024-11-21 | 5.8 MEDIUM | 7.1 HIGH |
|
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination.
|
|||||
| CVE-2021-30683 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. A malicious application could execute arbitrary code leading to compromise of user information.
|
|||||
| CVE-2021-30629 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Use after free in Permissions in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2021-30625 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Use after free in Selection API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who convinced the user the visit a malicious website to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2021-30624 | 2 Fedoraproject, Microsoft | 3 Fedora, Edge, Edge Chromium | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Chromium: CVE-2021-30624 Use after free in Autofill
|
|||||
| CVE-2021-30623 | 2 Fedoraproject, Microsoft | 3 Fedora, Edge, Edge Chromium | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Chromium: CVE-2021-30623 Use after free in Bookmarks
|
|||||
| CVE-2021-30622 | 2 Fedoraproject, Microsoft | 3 Fedora, Edge, Edge Chromium | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Chromium: CVE-2021-30622 Use after free in WebApp Installs
|
|||||
| CVE-2021-30616 | 2 Fedoraproject, Microsoft | 3 Fedora, Edge, Edge Chromium | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Chromium: CVE-2021-30616 Use after free in Media
|
|||||