Total
13459 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-45989 | 1 Tendacn | 4 G1, G1 Firmware, G3 and 1 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function guestWifiRuleRefresh. This vulnerability allows attackers to cause a Denial of Service (DoS) via the qosGuestUpstream and qosGuestDownstream parameters.
|
|||||
| CVE-2021-45988 | 1 Tendacn | 4 G1, G1 Firmware, G3 and 1 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formAddDnsForward. This vulnerability allows attackers to cause a Denial of Service (DoS) via the DnsForwardRule parameter.
|
|||||
| CVE-2021-45958 | 3 Debian, Fedoraproject, Ultrajson Project | 3 Debian Linux, Fedora, Ultrajson | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
UltraJSON (aka ujson) through 5.1.0 has a stack-based buffer overflow in Buffer_AppendIndentUnchecked (called from encode). Exploitation can, for example, use a large amount of indentation.
|
|||||
| CVE-2021-45957 | 1 Thekelleys | 1 Dnsmasq | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Dnsmasq 2.86 has a heap-based buffer overflow in answer_request (called from FuzzAnswerTheRequest and fuzz_rfc1035.c). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge.
|
|||||
| CVE-2021-45956 | 1 Thekelleys | 1 Dnsmasq | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Dnsmasq 2.86 has a heap-based buffer overflow in print_mac (called from log_packet and dhcp_reply). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge.
|
|||||
| CVE-2021-45955 | 1 Thekelleys | 1 Dnsmasq | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Dnsmasq 2.86 has a heap-based buffer overflow in resize_packet (called from FuzzResizePacket and fuzz_rfc1035.c) because of the lack of a proper bounds check upon pseudo header re-insertion. NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge." However, a contributor states that a security patch (mentioned in 016162.html) is needed
|
|||||
| CVE-2021-45954 | 1 Thekelleys | 1 Dnsmasq | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called from answer_auth and FuzzAuth). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge.
|
|||||
| CVE-2021-45953 | 1 Thekelleys | 1 Dnsmasq | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called from hash_questions and fuzz_util.c). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge.
|
|||||
| CVE-2021-45952 | 1 Thekelleys | 1 Dnsmasq | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Dnsmasq 2.86 has a heap-based buffer overflow in dhcp_reply (called from dhcp_packet and FuzzDhcp). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge.
|
|||||
| CVE-2021-45951 | 1 Thekelleys | 1 Dnsmasq | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Dnsmasq 2.86 has a heap-based buffer overflow in check_bad_address (called from check_for_bogus_wildcard and FuzzCheckForBogusWildcard). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge.
|
|||||
| CVE-2021-45950 | 1 Gnu | 1 Libredwg | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
LibreDWG 0.12.4.4313 through 0.12.4.4367 has an out-of-bounds write in dwg_free_BLOCK_private (called from dwg_free_BLOCK and dwg_free_object).
|
|||||
| CVE-2021-45949 | 2 Artifex, Debian | 2 Ghostscript, Debian Linux | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp).
|
|||||
| CVE-2021-45948 | 1 Assimp | 1 Assimp | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
Open Asset Import Library (aka assimp) 5.1.0 and 5.1.1 has a heap-based buffer overflow in _m3d_safestr (called from m3d_load and Assimp::M3DWrapper::M3DWrapper).
|
|||||
| CVE-2021-45947 | 1 Wasm3 Project | 1 Wasm3 | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
Wasm3 0.5.0 has an out-of-bounds write in Runtime_Release (called from EvaluateExpression and InitDataSegments).
|
|||||
| CVE-2021-45946 | 1 Wasm3 Project | 1 Wasm3 | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
Wasm3 0.5.0 has an out-of-bounds write in CompileBlock (called from Compile_LoopOrBlock and CompileBlockStatements).
|
|||||
| CVE-2021-45943 | 4 Debian, Fedoraproject, Oracle and 1 more | 4 Debian Linux, Fedora, Spatial And Graph and 1 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile (called from PCIDSK::CPCIDSKSegment::ReadFromFile and PCIDSK::CPCIDSKBinarySegment::CPCIDSKBinarySegment).
|
|||||
| CVE-2021-45942 | 3 Debian, Fedoraproject, Openexr | 3 Debian Linux, Fedora, Openexr | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in Imf_3_1::LineCompositeTask::execute (called from IlmThread_3_1::NullThreadPoolProvider::addTask and IlmThread_3_1::ThreadPool::addGlobalTask). NOTE: db217f2 may be inapplicable.
|
|||||
| CVE-2021-45941 | 1 Libbpf Project | 1 Libbpf | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
libbpf 0.6.0 and 0.6.1 has a heap-based buffer overflow (8 bytes) in __bpf_object__open (called from bpf_object__open_mem and bpf-object-fuzzer.c).
|
|||||
| CVE-2021-45940 | 1 Libbpf Project | 1 Libbpf | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
libbpf 0.6.0 and 0.6.1 has a heap-based buffer overflow (4 bytes) in __bpf_object__open (called from bpf_object__open_mem and bpf-object-fuzzer.c).
|
|||||
| CVE-2021-45939 | 1 Wolfssl | 1 Wolfmqtt | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_WaitType and MqttClient_Subscribe).
|
|||||
| CVE-2021-45938 | 1 Wolfssl | 1 Wolfmqtt | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_WaitType and MqttClient_Unsubscribe).
|
|||||
| CVE-2021-45937 | 1 Wolfssl | 1 Wolfmqtt | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_WaitType and MqttClient_Connect).
|
|||||
| CVE-2021-45936 | 1 Wolfssl | 1 Wolfmqtt | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttDecode_Disconnect (called from MqttClient_DecodePacket and MqttClient_WaitType).
|
|||||
| CVE-2021-45935 | 1 Grok Project | 1 Grok | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
Grok 9.5.0 has a heap-based buffer overflow in openhtj2k::T1OpenHTJ2K::decompress (called from std::__1::__packaged_task_func<std::__1::__bind<grk::T1DecompressScheduler::deco and std::__1::packaged_task<int).
|
|||||
| CVE-2021-45934 | 1 Wolfssl | 1 Wolfmqtt | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_HandlePacket and MqttClient_WaitType).
|
|||||
| CVE-2021-45933 | 1 Wolfssl | 1 Wolfmqtt | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow (8 bytes) in MqttDecode_Publish (called from MqttClient_DecodePacket and MqttClient_HandlePacket).
|
|||||
| CVE-2021-45932 | 1 Wolfssl | 1 Wolfmqtt | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow (4 bytes) in MqttDecode_Publish (called from MqttClient_DecodePacket and MqttClient_HandlePacket).
|
|||||
| CVE-2021-45931 | 2 Fedoraproject, Harfbuzz Project | 2 Fedora, Harfbuzz | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
HarfBuzz 2.9.0 has an out-of-bounds write in hb_bit_set_invertible_t::set (called from hb_sparseset_t<hb_bit_set_invertible_t>::set and hb_set_copy).
|
|||||
| CVE-2021-45930 | 3 Debian, Fedoraproject, Qt | 3 Debian Linux, Fedora, Qtsvg | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
Qt SVG in Qt 5.0.0 through 5.15.2 and 6.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate::QCommonArrayOps<QPainterPath::Element>::growAppend (called from QPainterPath::addPath and QPathClipper::intersect).
|
|||||
| CVE-2021-45929 | 1 Wasm3 Project | 1 Wasm3 | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
Wasm3 0.5.0 has an out-of-bounds write in CompileBlock (called from CompileElseBlock and Compile_If).
|
|||||
| CVE-2021-45928 | 1 Libjxl Project | 1 Libjxl | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
libjxl b02d6b9, as used in libvips 8.11 through 8.11.2 and other products, has an out-of-bounds write in jxl::ModularFrameDecoder::DecodeGroup (called from jxl::FrameDecoder::ProcessACGroup and jxl::ThreadPool::RunCallState<jxl::FrameDecoder::ProcessSections).
|
|||||
| CVE-2021-45927 | 1 Mdbtools Project | 1 Mdbtools | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
MDB Tools (aka mdbtools) 0.9.2 has a stack-based buffer overflow (at 0x7ffd6e029ee0) in mdb_numeric_to_string (called from mdb_xfer_bound_data and _mdb_attempt_bind).
|
|||||
| CVE-2021-45926 | 1 Mdbtools Project | 1 Mdbtools | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
MDB Tools (aka mdbtools) 0.9.2 has a stack-based buffer overflow (at 0x7ffd0c689be0) in mdb_numeric_to_string (called from mdb_xfer_bound_data and _mdb_attempt_bind).
|
|||||
| CVE-2021-45911 | 2 Debian, Gif2apng Project | 2 Debian Linux, Gif2apng | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
An issue was discovered in gif2apng 1.9. There is a heap-based buffer overflow in the main function. It allows an attacker to write 2 bytes outside the boundaries of the buffer.
|
|||||
| CVE-2021-45910 | 2 Debian, Gif2apng Project | 2 Debian Linux, Gif2apng | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
An issue was discovered in gif2apng 1.9. There is a heap-based buffer overflow within the main function. It allows an attacker to write data outside of the allocated buffer. The attacker has control over a part of the address that data is written to, control over the written data, and (to some extent) control over the amount of data that is written.
|
|||||
| CVE-2021-45909 | 2 Debian, Gif2apng Project | 2 Debian Linux, Gif2apng | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
An issue was discovered in gif2apng 1.9. There is a heap-based buffer overflow vulnerability in the DecodeLZW function. It allows an attacker to write a large amount of arbitrary data outside the boundaries of a buffer.
|
|||||
| CVE-2021-45908 | 1 Gif2apng Project | 1 Gif2apng | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
An issue was discovered in gif2apng 1.9. There is a stack-based buffer overflow involving a while loop. An attacker has little influence over the data written to the stack, making it unlikely that the flow of control can be subverted.
|
|||||
| CVE-2021-45907 | 1 Gif2apng Project | 1 Gif2apng | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
An issue was discovered in gif2apng 1.9. There is a stack-based buffer overflow involving a for loop. An attacker has little influence over the data written to the stack, making it unlikely that the flow of control can be subverted.
|
|||||
| CVE-2021-45863 | 1 Tsmuxer Project | 1 Tsmuxer | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
tsMuxer git-2678966 was discovered to contain a heap-based buffer overflow via the function HevcUnit::updateBits in hevc.cpp.
|
|||||
| CVE-2021-45833 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 via the H5D__create_chunk_file_map_hyper function in /hdf5/src/H5Dchunk.c, which causes a Denial of Service (context-dependent).
|
|||||