Total
8485 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-1844 | 3 Apple, Debian, Fedoraproject | 8 Ipad Os, Iphone Os, Macos and 5 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2021-1788 | 3 Apple, Debian, Fedoraproject | 9 Ipados, Iphone Os, Mac Os X and 6 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2021-1405 | 2 Clamav, Debian | 2 Clamav, Debian Linux | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software version 0.103.1 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper variable initialization that may result in an NULL pointer read. An attacker could exploit this vulnerability by sending a crafted email to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition. | |||||
| CVE-2021-1095 | 2 Debian, Nvidia | 2 Debian Linux, Gpu Display Driver | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handlers for all control calls with embedded parameters where dereferencing an untrusted pointer may lead to denial of service. | |||||
| CVE-2021-1094 | 2 Debian, Nvidia | 2 Debian Linux, Gpu Display Driver | 2024-11-21 | 3.6 LOW | 6.1 MEDIUM |
| NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where an out of bounds array access may lead to denial of service or information disclosure. | |||||
| CVE-2021-1093 | 2 Debian, Nvidia | 2 Debian Linux, Gpu Display Driver | 2024-11-21 | 4.9 MEDIUM | 6.2 MEDIUM |
| NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the driver contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary, and may lead to denial of service or system crash. | |||||
| CVE-2021-1076 | 2 Debian, Nvidia | 2 Debian Linux, Gpu Display Driver | 2024-11-21 | 4.6 MEDIUM | 6.6 MEDIUM |
| NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys or nvidia.ko) where improper access control may lead to denial of service, information disclosure, or data corruption. | |||||
| CVE-2021-1056 | 3 Debian, Linux, Nvidia | 3 Debian Linux, Linux Kernel, Gpu Driver | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
| NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure. | |||||
| CVE-2021-0561 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Android | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-174302683 | |||||
| CVE-2021-0326 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Android | 2024-11-21 | 7.9 HIGH | 7.5 HIGH |
| In p2p_copy_client_info of p2p.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi Direct search, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-172937525 | |||||
| CVE-2021-0308 | 2 Debian, Google | 2 Debian Linux, Android | 2024-11-21 | 7.2 HIGH | 6.8 MEDIUM |
| In ReadLogicalParts of basicmbr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11, Android-8.0; Android ID: A-158063095. | |||||
| CVE-2021-0129 | 4 Bluez, Debian, Linux and 1 more | 4 Bluez, Debian Linux, Linux Kernel and 1 more | 2024-11-21 | 2.7 LOW | 5.7 MEDIUM |
| Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access. | |||||
| CVE-2021-0089 | 3 Debian, Fedoraproject, Intel | 12 Debian Linux, Fedora, Celeron Processors and 9 more | 2024-11-21 | 2.1 LOW | 6.5 MEDIUM |
| Observable response discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | |||||
| CVE-2020-9951 | 3 Apple, Debian, Webkit | 9 Icloud, Ipados, Iphone Os and 6 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2020-9948 | 3 Apple, Debian, Webkit | 3 Safari, Debian Linux, Webkitgtk\+ | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2020-9760 | 2 Debian, Weechat | 2 Debian Linux, Weechat | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in WeeChat before 2.7.1 (0.3.4 to 2.7 are affected). When a new IRC message 005 is received with longer nick prefixes, a buffer overflow and possibly a crash can happen when a new mode is set for a nick. | |||||
| CVE-2020-9548 | 4 Debian, Fasterxml, Netapp and 1 more | 25 Debian Linux, Jackson-databind, Active Iq Unified Manager and 22 more | 2024-11-21 | 6.8 MEDIUM | 9.8 CRITICAL |
| FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core). | |||||
| CVE-2020-9547 | 4 Debian, Fasterxml, Netapp and 1 more | 16 Debian Linux, Jackson-databind, Active Iq Unified Manager and 13 more | 2024-11-21 | 6.8 MEDIUM | 9.8 CRITICAL |
| FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig (aka ibatis-sqlmap). | |||||
| CVE-2020-9546 | 4 Debian, Fasterxml, Netapp and 1 more | 31 Debian Linux, Jackson-databind, Active Iq Unified Manager and 28 more | 2024-11-21 | 6.8 MEDIUM | 9.8 CRITICAL |
| FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config). | |||||
| CVE-2020-9498 | 3 Apache, Debian, Fedoraproject | 3 Guacamole, Debian Linux, Fedora | 2024-11-21 | 6.2 MEDIUM | 6.7 MEDIUM |
| Apache Guacamole 1.1.0 and older may mishandle pointers involved inprocessing data received via RDP static virtual channels. If a userconnects to a malicious or compromised RDP server, a series ofspecially-crafted PDUs could result in memory corruption, possiblyallowing arbitrary code to be executed with the privileges of therunning guacd process. | |||||