Total
12110 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-42726 | 2 Adobe, Microsoft | 2 Media Encoder, Windows | 2024-02-04 | 9.3 HIGH | 7.8 HIGH |
| Adobe Bridge version 11.1.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious M4A file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | |||||
| CVE-2021-40755 | 2 Adobe, Microsoft | 2 After Effects, Windows | 2024-02-04 | 9.3 HIGH | 7.8 HIGH |
| Adobe After Effects version 18.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious SGI file in the DoReadContinue function, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | |||||
| CVE-2021-42266 | 1 Adobe | 1 Animate | 2024-02-04 | 9.3 HIGH | 7.8 HIGH |
| Adobe Animate version 21.0.9 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious FLA file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | |||||
| CVE-2017-13835 | 1 Apple | 1 Mac Os X | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS High Sierra 10.13. An application may be able to execute arbitrary code with elevated privileges. | |||||
| CVE-2021-34595 | 1 Codesys | 2 Plcwinnt, Runtime Toolkit | 2024-02-04 | 5.5 MEDIUM | 8.1 HIGH |
| A crafted request with invalid offsets may cause an out-of-bounds read or write access in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition or local memory overwrite. | |||||
| CVE-2021-42738 | 2 Adobe, Microsoft | 2 Prelude, Windows | 2024-02-04 | 9.3 HIGH | 7.8 HIGH |
| Adobe Prelude version 10.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious MXF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability. | |||||
| CVE-2021-30289 | 1 Qualcomm | 206 Apq8009w, Apq8009w Firmware, Apq8017 and 203 more | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| Possible buffer overflow due to lack of range check while processing a DIAG command for COEX management in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2021-44538 | 4 Cinny Project, Debian, Matrix and 1 more | 6 Cinny, Debian Linux, Element and 3 more | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| The olm_session_describe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow. The Olm session object represents a cryptographic channel between two parties. Therefore, its state is partially controllable by the remote party of the channel. Attackers can construct a crafted sequence of messages to manipulate the state of the receiver's session in such a way that, for some buffer sizes, a buffer overflow happens on a call to olm_session_describe. Furthermore, safe buffer sizes were undocumented. The overflow content is partially controllable by the attacker and limited to ASCII spaces and digits. The known affected products are Element Web And SchildiChat Web. | |||||
| CVE-2022-0351 | 3 Apple, Debian, Vim | 3 Macos, Debian Linux, Vim | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
| Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2. | |||||
| CVE-2021-39818 | 1 Adobe | 1 Incopy | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe InCopy version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious TIFF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | |||||
| CVE-2017-13906 | 1 Apple | 1 Mac Os X | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan, macOS High Sierra 10.13. A malicious application may be able to elevate privileges. | |||||
| CVE-2021-42737 | 2 Adobe, Microsoft | 2 Prelude, Windows | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Prelude version 10.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious WAV file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability. | |||||
| CVE-2022-0519 | 2 Fedoraproject, Radare | 2 Fedora, Radare2 | 2024-02-04 | 5.8 MEDIUM | 7.1 HIGH |
| Buffer Access with Incorrect Length Value in GitHub repository radareorg/radare2 prior to 5.6.2. | |||||
| CVE-2022-21852 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server and 1 more | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| Windows DWM Core Library Elevation of Privilege Vulnerability | |||||
| CVE-2021-43011 | 2 Adobe, Microsoft | 2 Prelude, Windows | 2024-02-04 | 9.3 HIGH | 7.8 HIGH |
| Adobe Prelude version 10.1 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file. | |||||
| CVE-2021-40758 | 2 Adobe, Microsoft | 2 After Effects, Windows | 2024-02-04 | 9.3 HIGH | 7.8 HIGH |
| Adobe After Effects version 18.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious WAV file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability. | |||||
| CVE-2021-21898 | 3 Debian, Fedoraproject, Librecad | 3 Debian Linux, Fedora, Libdxfrw | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
| A code execution vulnerability exists in the dwgCompressor::decompress18() functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dwg file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2021-40393 | 2 Debian, Gerbv Project | 2 Debian Linux, Gerbv | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| An out-of-bounds write vulnerability exists in the RS-274X aperture macro variables handling functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and the forked version of Gerbv (commit 71493260). A specially-crafted gerber file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2021-39830 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release Update 2 (and earlier) are affected by a memory corruption vulnerability due to insecure handling of a malicious PDF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | |||||
| CVE-2021-1973 | 1 Qualcomm | 394 Apq8009, Apq8009 Firmware, Apq8009w and 391 more | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| A FTM Diag command can allow an arbitrary write into modem OS space in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||