Total
12847 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-46822 | 2 Libjpeg-turbo, Redhat | 2 Libjpeg-turbo, Enterprise Linux | 2024-11-21 | 5.5 Medium |
| The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer. This is related to a heap-based buffer overflow in the get_word_rgb_row function in rdppm.c. | ||||
| CVE-2021-46786 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 9.8 Critical |
| The audio module has a vulnerability in verifying the parameters passed by the application space.Successful exploitation of this vulnerability may cause out-of-bounds memory access. | ||||
| CVE-2021-46598 | 1 Bentley | 3 Microstation, Microstation Connect, View | 2024-11-21 | 7.8 High |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15392. | ||||
| CVE-2021-46461 | 1 Nginx | 1 Njs | 2024-11-21 | 9.8 Critical |
| njs through 0.7.0, used in NGINX, was discovered to contain an out-of-bounds array access via njs_vmcode_typeof in /src/njs_vmcode.c. | ||||
| CVE-2021-46333 | 1 Moddable | 1 Moddable Sdk | 2024-11-21 | 5.5 Medium |
| Moddable SDK v11.5.0 was discovered to contain an invalid memory access vulnerability via the component __asan_memmove. | ||||
| CVE-2021-46157 | 1 Siemens | 1 Simcenter Femap | 2024-11-21 | 7.8 High |
| A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap V2021.1 (All versions). Affected application contains a memory corruption vulnerability while parsing NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-14757) | ||||
| CVE-2021-46153 | 1 Siemens | 1 Simcenter Femap | 2024-11-21 | 7.8 High |
| A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap V2021.1 (All versions). Affected application contains a memory corruption vulnerability while parsing NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-14645, ZDI-CAN-15305, ZDI-CAN-15589, ZDI-CAN-15599) | ||||
| CVE-2021-46053 | 1 Webassembly | 1 Binaryen | 2024-11-21 | 5.5 Medium |
| A Denial of Service vulnerability exists in Binaryen 103. The program terminates with signal SIGKILL. | ||||
| CVE-2021-46020 | 1 Mruby | 1 Mruby | 2024-11-21 | 7.5 High |
| An untrusted pointer dereference in mrb_vm_exec() of mruby v3.0.0 can lead to a segmentation fault or application crash. | ||||
| CVE-2021-45767 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| GPAC 1.1.0 was discovered to contain an invalid memory address dereference via the function lsr_read_id(). This vulnerability can lead to a Denial of Service (DoS). | ||||
| CVE-2021-45764 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function shift_chunk_offsets.isra(). | ||||
| CVE-2021-45762 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function gf_sg_vrml_mf_reset(). This vulnerability allows attackers to cause a Denial of Service (DoS). | ||||
| CVE-2021-45760 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function gf_list_last(). This vulnerability allows attackers to cause a Denial of Service (DoS). | ||||
| CVE-2021-45709 | 1 Crypto2 Project | 1 Crypto2 | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the crypto2 crate through 2021-10-08 for Rust. During Chacha20 encryption and decryption, an unaligned read of a u32 may occur. | ||||
| CVE-2021-45293 | 2 Fedoraproject, Webassembly | 2 Fedora, Binaryen | 2024-11-21 | 5.5 Medium |
| A Denial of Service vulnerability exists in Binaryen 103 due to an Invalid memory address dereference in wasm::WasmBinaryBuilder::visitLet. | ||||
| CVE-2021-45078 | 5 Debian, Fedoraproject, Gnu and 2 more | 5 Debian Linux, Fedora, Binutils and 2 more | 2024-11-21 | 7.8 High |
| stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. NOTE: this issue exists because of an incorrect fix for CVE-2018-12699. | ||||
| CVE-2021-45067 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-11-21 | 5.5 Medium |
| Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Access of Memory Location After End of Buffer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2021-44992 | 1 Jerryscript | 1 Jerryscript | 2024-11-21 | 5.5 Medium |
| There is an Assertion ''ecma_object_is_typedarray (obj_p)'' failed at /jerry-core/ecma/operations/ecma-typedarray-object.c in Jerryscript 3.0.0. | ||||
| CVE-2021-44975 | 1 Radare | 1 Radare2 | 2024-11-21 | 5.5 Medium |
| radareorg radare2 5.5.2 is vulnerable to Buffer Overflow via /libr/core/anal_objc.c mach-o parser. | ||||
| CVE-2021-44920 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| An invalid memory address dereference vulnerability exists in gpac 1.1.0 in the dump_od_to_saf.isra function, which causes a segmentation fault and application crash. | ||||