Total
6873 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-1959 | 1 Qualcomm | 376 Apq8009, Apq8009 Firmware, Apq8009w and 373 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Possible memory corruption due to lack of bound check of input index in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2021-1886 | 1 Qualcomm | 316 Apq8017, Apq8017 Firmware, Apq8037 and 313 more | 2024-11-21 | 7.2 HIGH | 8.4 HIGH |
| Incorrect handling of pointers in trusted application key import mechanism could cause memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2021-1858 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Processing a maliciously crafted image may lead to arbitrary code execution. This issue is fixed in Security Update 2021-002 Catalina, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. An out-of-bounds write issue was addressed with improved bounds checking. | |||||
| CVE-2021-1847 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution. | |||||
| CVE-2021-1841 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| A malicious application may be able to execute arbitrary code with kernel privileges. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina. An out-of-bounds write issue was addressed with improved bounds checking. | |||||
| CVE-2021-1828 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 8.8 HIGH | 7.1 HIGH |
| A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. An application may be able to cause unexpected system termination or write kernel memory. | |||||
| CVE-2021-1817 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2021-1805 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, macOS Mojave 10.14.6 Security Update 2021-002. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2021-1776 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted font file may lead to arbitrary code execution. | |||||
| CVE-2021-1772 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A stack overflow was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted text file may lead to arbitrary code execution. | |||||
| CVE-2021-1762 | 1 Apple | 4 Ipados, Iphone Os, Mac Os X and 1 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 14.4 and iPadOS 14.4, macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution. | |||||
| CVE-2021-1747 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing maliciously crafted web content may lead to code execution. | |||||
| CVE-2021-1744 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code execution. | |||||
| CVE-2021-1738 | 1 Apple | 4 Ipados, Iphone Os, Mac Os X and 1 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution. | |||||
| CVE-2021-1737 | 1 Apple | 4 Ipados, Iphone Os, Mac Os X and 1 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution. | |||||
| CVE-2021-1715 | 1 Microsoft | 8 365 Apps, Office, Office Online Server and 5 more | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Microsoft Word Remote Code Execution Vulnerability | |||||
| CVE-2021-1573 | 1 Cisco | 3 Adaptive Security Appliance, Adaptive Security Appliance Software, Firepower Threat Defense | 2024-11-21 | 7.1 HIGH | 8.6 HIGH |
| A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a malicious HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. | |||||
| CVE-2021-1526 | 1 Cisco | 1 Webex Player | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability in Cisco Webex Player for Windows and MacOS could allow an attacker to execute arbitrary code on an affected system. This vulnerability is due to insufficient validation of values in Webex recording files that are in Webex Recording Format (WRF). An attacker could exploit this vulnerability by sending a user a malicious WRF file through a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user. | |||||
| CVE-2021-1504 | 1 Cisco | 2 Adaptive Security Appliance Software, Firepower Threat Defense | 2024-11-21 | 5.0 MEDIUM | 8.6 HIGH |
| Multiple vulnerabilities in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. These vulnerabilities are due to lack of proper input validation of the HTTPS request. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Note: This vulnerability affects only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section. | |||||
| CVE-2021-1503 | 1 Cisco | 2 Webex Meetings Server, Webex Player | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability in Cisco Webex Network Recording Player for Windows and MacOS and Cisco Webex Player for Windows and MacOS could allow an attacker to execute arbitrary code on an affected system. This vulnerability is due to insufficient validation of values in Webex recording files that are in either Advanced Recording Format (ARF) or Webex Recording Format (WRF). An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file through a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user. | |||||