Total
6875 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-26222 | 1 Ezxml Project | 1 Ezxml | 2024-11-21 | 5.8 MEDIUM | 8.1 HIGH |
| The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool. | |||||
| CVE-2021-26221 | 1 Ezxml Project | 1 Ezxml | 2024-11-21 | 5.8 MEDIUM | 8.1 HIGH |
| The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool. | |||||
| CVE-2021-26220 | 1 Ezxml Project | 1 Ezxml | 2024-11-21 | 5.8 MEDIUM | 8.1 HIGH |
| The ezxml_toxml function in ezxml 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool. | |||||
| CVE-2021-26195 | 1 Jerryscript | 1 Jerryscript | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in JerryScript 2.4.0. There is a heap-buffer-overflow in lexer_parse_number in js-lexer.c file. | |||||
| CVE-2021-26112 | 1 Fortinet | 1 Fortiwan | 2024-11-21 | 7.5 HIGH | 8.1 HIGH |
| Multiple stack-based buffer overflow vulnerabilities [CWE-121] both in network daemons and in the command line interpreter of FortiWAN before 4.5.9 may allow an unauthenticated attacker to potentially corrupt control data in memory and execute arbitrary code via specifically crafted requests. | |||||
| CVE-2021-25678 | 1 Siemens | 2 Solid Edge Se2020, Solid Edge Se2021 | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in Solid Edge SE2020 (All versions < SE2020MP13), Solid Edge SE2020 (All versions < SE2020MP14), Solid Edge SE2021 (All Versions < SE2021MP4). Affected applications lack proper validation of user-supplied data when parsing PAR files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12529) | |||||
| CVE-2021-25670 | 1 Siemens | 1 Tecnomatix Robotexpert | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in Tecnomatix RobotExpert (All versions < V16.1). Affected applications lack proper validation of user-supplied data when parsing CELL files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12608) | |||||
| CVE-2021-25665 | 1 Siemens | 1 Simcenter Star-ccm\+ | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in Simcenter STAR-CCM+ Viewer (All versions < V2021.2.1). The starview+.exe application lacks proper validation of user-supplied data when parsing scene files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13700) | |||||
| CVE-2021-25500 | 2 Google, Samsung | 5 Android, Exynos 2100, Exynos 980 and 2 more | 2024-11-21 | 2.1 LOW | 7.2 HIGH |
| A missing input validation in HDCP LDFW prior to SMR Nov-2021 Release 1 allows attackers to overwrite TZASC allowing TEE compromise. | |||||
| CVE-2021-25495 | 1 Samsung | 1 Notes | 2024-11-21 | 4.6 MEDIUM | 7.3 HIGH |
| A possible heap buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary code execution. | |||||
| CVE-2021-25479 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| A possible heap-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution. | |||||
| CVE-2021-25478 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| A possible stack-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution. | |||||
| CVE-2021-25407 | 2 Google, Samsung | 5 Android, Exynos 2100, Exynos 980 and 2 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| A possible out of bounds write vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write. | |||||
| CVE-2021-25346 | 1 Google | 1 Android | 2024-11-21 | 7.5 HIGH | 7.1 HIGH |
| A possible arbitrary memory overwrite vulnerabilities in quram library version prior to SMR Jan-2021 Release 1 allow arbitrary code execution. | |||||
| CVE-2021-25290 | 2 Debian, Python | 2 Debian Linux, Pillow | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size. | |||||
| CVE-2021-25249 | 2 Microsoft, Trendmicro | 4 Windows, Apex One, Officescan and 1 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| An out-of-bounds write information disclosure vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
| CVE-2021-25178 | 2 Opendesign, Siemens | 4 Drawings Software Development Kit, Comos, Jt2go and 1 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A stack-based buffer overflow vulnerability exists when the recover operation is run with malformed .DXF and .DWG files. This can allow attackers to cause a crash potentially enabling a denial of service attack (Crash, Exit, or Restart) or possible code execution. | |||||
| CVE-2021-25174 | 2 Opendesign, Siemens | 4 Drawings Software Development Kit, Comos, Jt2go and 1 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory corruption vulnerability exists when reading malformed DGN files. It can allow attackers to cause a crash, potentially enabling denial of service (Crash, Exit, or Restart). | |||||
| CVE-2021-24091 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Windows Camera Codec Pack Remote Code Execution Vulnerability | |||||
| CVE-2021-24083 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Windows Address Book Remote Code Execution Vulnerability | |||||