Total
12110 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-0189 | 1 Intel | 336 Xeon Bronze 3204, Xeon Bronze 3204 Firmware, Xeon Bronze 3206r and 333 more | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| Use of out-of-range pointer offset in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. | |||||
| CVE-2021-22429 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
| There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed. | |||||
| CVE-2021-44499 | 1 Fisglobal | 1 Gt.m | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can cause a call to $Extract to force an signed integer holding the size of a buffer to take on a large negative number, which is then used as the length of a memcpy call that occurs on the stack, causing a buffer overflow. | |||||
| CVE-2021-40787 | 3 Adobe, Apple, Microsoft | 3 Premiere Elements, Macos, Windows | 2024-02-04 | 9.3 HIGH | 7.8 HIGH |
| Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | |||||
| CVE-2021-22433 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed. | |||||
| CVE-2021-22431 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| There is a vulnerability when configuring permission isolation in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access. | |||||
| CVE-2022-28194 | 1 Nvidia | 3 Jetson Agx Xavier, Jetson Linux, Jetson Xavier Nx | 2024-02-04 | 4.4 MEDIUM | 5.6 MEDIUM |
| NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot module tegrabl_cbo.c, where, if TFTP is enabled, a local attacker with elevated privileges can cause a memory buffer overflow, which may lead to code execution, loss of Integrity, limited denial of service, and some impact to confidentiality. | |||||
| CVE-2021-22434 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| There is a memory address out of bounds vulnerability in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed. | |||||
| CVE-2021-42659 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2024-02-04 | 6.1 MEDIUM | 6.5 MEDIUM |
| There is a buffer overflow vulnerability in the Web server httpd of the router in Tenda router devices such as Tenda AC9 V1.0 V15.03.02.19(6318) and Tenda AC9 V3.0 V15.03.06.42_multi. When setting the virtual service, the httpd program will crash and exit when the super-long list parameter occurs. | |||||
| CVE-2021-40794 | 3 Adobe, Apple, Microsoft | 3 Premiere Pro, Macos, Windows | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Premiere Pro version 15.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | |||||
| CVE-2021-40734 | 3 Adobe, Apple, Microsoft | 3 Audition, Macos, Windows | 2024-02-04 | 9.3 HIGH | 7.8 HIGH |
| Adobe Audition version 14.4 (and earlier) is affected by a memory corruption vulnerability when parsing a SVG file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | |||||
| CVE-2021-26352 | 1 Amd | 60 Ryzen 3 5300g, Ryzen 3 5300g Firmware, Ryzen 3 5300ge and 57 more | 2024-02-04 | 4.9 MEDIUM | 5.5 MEDIUM |
| Insufficient bound checks in System Management Unit (SMU) PCIe Hot Plug table may result in access/updates from/to invalid address space that could result in denial of service. | |||||
| CVE-2022-22706 | 1 Arm | 3 Bifrost, Midgard, Valhall | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
| Arm Mali GPU Kernel Driver allows a non-privileged user to achieve write access to read-only memory pages. This affects Midgard r26p0 through r31p0, Bifrost r0p0 through r35p0, and Valhall r19p0 through r35p0. | |||||
| CVE-2022-24788 | 1 Vyperlang | 1 Vyper | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. Versions of vyper prior to 0.3.2 suffer from a potential buffer overrun. Importing a function from a JSON interface which returns `bytes` generates bytecode which does not clamp bytes length, potentially resulting in a buffer overrun. Users are advised to upgrade. There are no known workarounds for this issue. | |||||
| CVE-2022-24420 | 1 Dell | 92 Alienware 13 R3, Alienware 13 R3 Firmware, Alienware 15 R3 and 89 more | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM. | |||||
| CVE-2021-44496 | 1 Fisglobal | 1 Gt.m | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can control the size variable and buffer that is passed to a call to memcpy. An attacker can use this to overwrite key data structures and gain control of the flow of execution. | |||||
| CVE-2021-42527 | 3 Adobe, Apple, Microsoft | 3 Premiere Elements, Macos, Windows | 2024-02-04 | 9.3 HIGH | 7.8 HIGH |
| Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | |||||
| CVE-2021-26369 | 1 Amd | 99 Athlon 3050ge, Athlon 3050ge Firmware, Athlon 3150g and 96 more | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
| A malicious or compromised UApp or ABL may be used by an attacker to send a malformed system call to the bootloader, resulting in out-of-bounds memory accesses. | |||||
| CVE-2021-40786 | 3 Adobe, Apple, Microsoft | 3 Premiere Elements, Macos, Windows | 2024-02-04 | 9.3 HIGH | 7.8 HIGH |
| Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | |||||
| CVE-2021-35098 | 1 Qualcomm | 172 Apq8053, Apq8053 Firmware, Apq8096au and 169 more | 2024-02-04 | 4.6 MEDIUM | 6.7 MEDIUM |
| Improper validation of session id in PCM routing process can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||