Total
2430 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-40062 | 1 Huawei | 2 Emui, Magic Ui | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect availability. | |||||
CVE-2022-29223 | 1 Microsoft | 1 Azure Rtos Usbx | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack. In versions prior to 6.1.10, an attacker can cause a buffer overflow by providing the Azure RTOS USBX host stack a HUB descriptor with `bNbPorts` set to a value greater than `UX_MAX_TT` which defaults to 8. For a `bNbPorts` value of 255, the implementation of `ux_host_class_hub_descriptor_get` function will modify the contents of `hub` -> `ux_host_class_hub_device` -> `ux_device_hub_tt` array violating the end boundary by 255 - `UX_MAX_TT` items. The USB host stack needs to validate the number of ports reported by the hub, and if the value is larger than UX_MAX_TT, USB stack needs to reject the request. This fix has been included in USBX release 6.1.10. | |||||
CVE-2021-36333 | 1 Dell | 1 Emc Cloud Link | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
Dell EMC CloudLink 7.1 and all prior versions contain a Buffer Overflow Vulnerability. A local low privileged attacker, may potentially exploit this vulnerability, leading to an application crash. | |||||
CVE-2020-28969 | 1 Aplixio | 1 Pdf Shapingup | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
Aplioxio PDF ShapingUp 5.0.0.139 contains a buffer overflow which allows attackers to cause a denial of service (DoS) via a crafted PDF file. | |||||
CVE-2021-42681 | 1 Accops | 1 Hyworks Dvm Tools | 2024-02-28 | 7.2 HIGH | 8.8 HIGH |
A Buffer Overflow vulnerability exists in Accops HyWorks DVM Tools prior to v3.3.1.105. The IOCTL Handler 0x22001B allows local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet. | |||||
CVE-2021-42994 | 1 Donglify | 1 Donglify | 2024-02-28 | 7.2 HIGH | 8.8 HIGH |
Donglify is affected by Buffer Overflow. IOCTL Handler 0x22001B in the Donglify above 1.0.12309 below 1.7.14110 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet. | |||||
CVE-2019-20082 | 1 Asus | 2 Rt-n53, Rt-n53 Firmware | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
ASUS RT-N53 3.0.0.4.376.3754 devices have a buffer overflow via a long lan_dns1_x or lan_dns2_x parameter to Advanced_LAN_Content.asp. | |||||
CVE-2021-44428 | 1 Ipuptime | 1 Pinkie | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Pinkie 2.15 allows remote attackers to cause a denial of service (daemon crash) via a TFTP read (RRQ) request, aka opcode 1. | |||||
CVE-2021-45525 | 1 Netgear | 30 Ex7000, Ex7000 Firmware, R6400 and 27 more | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects EX7000 before 1.0.1.80, R6400 before 1.0.1.50, R6400v2 before 1.0.4.118, R6700 before 1.0.2.8, R6700v3 before 1.0.4.118, R6900 before 1.0.2.8, R6900P before 1.3.2.124, R7000 before 1.0.9.88, R7000P before 1.3.2.124, R7900 before 1.0.3.18, R7900P before 1.4.1.50, R8000 before 1.0.4.46, R8000P before 1.4.1.50, RAX80 before 1.0.1.56, and WNR3500Lv2 before 1.2.0.62. | |||||
CVE-2021-40709 | 3 Adobe, Apple, Microsoft | 4 Photoshop 2020, Photoshop 2021, Macos and 1 more | 2024-02-28 | 9.3 HIGH | 7.8 HIGH |
Adobe Photoshop versions 21.2.11 (and earlier) and 22.5 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted SVG file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2021-42716 | 2 Fedoraproject, Nothings | 2 Fedora, Stb Image.h | 2024-02-28 | 5.8 MEDIUM | 7.1 HIGH |
An issue was discovered in stb stb_image.h 2.27. The PNM loader incorrectly interpreted 16-bit PGM files as 8-bit when converting to RGBA, leading to a buffer overflow when later reinterpreting the result as a 16-bit buffer. An attacker could potentially have crashed a service using stb_image, or read up to 1024 bytes of non-consecutive heap data without control over the read location. | |||||
CVE-2021-30707 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.4, tvOS 14.6, watchOS 7.5, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted audio file may lead to arbitrary code execution. | |||||
CVE-2021-40029 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability. | |||||
CVE-2021-25496 | 1 Samsung | 1 Notes | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
A possible buffer overflow vulnerability in maetd_dec_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution. | |||||
CVE-2021-27391 | 1 Siemens | 16 Apogee Mbc \(ppc\) \(p2 Ethernet\), Apogee Mbc \(ppc\) \(p2 Ethernet\) Firmware, Apogee Mec \(ppc\) \(p2 Ethernet\) and 13 more | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
A vulnerability has been identified in APOGEE MBC (PPC) (P2 Ethernet) (All versions >= V2.6.3), APOGEE MEC (PPC) (P2 Ethernet) (All versions >= V2.6.3), APOGEE PXC Compact (BACnet) (All versions < V3.5.3), APOGEE PXC Compact (P2 Ethernet) (All versions >= V2.8), APOGEE PXC Modular (BACnet) (All versions < V3.5.3), APOGEE PXC Modular (P2 Ethernet) (All versions >= V2.8), TALON TC Compact (BACnet) (All versions < V3.5.3), TALON TC Modular (BACnet) (All versions < V3.5.3). The web server of affected devices lacks proper bounds checking when parsing the Host parameter in HTTP requests, which could lead to a buffer overflow. An unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code on the device with root privileges. | |||||
CVE-2021-45342 | 3 Debian, Fedoraproject, Librecad | 3 Debian Linux, Fedora, Librecad | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
A buffer overflow vulnerability in CDataList of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document. | |||||
CVE-2021-40568 | 1 Gpac | 1 Gpac | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
A buffer overflow vulnerability exists in Gpac through 1.0.1 via a malformed MP4 file in the svc_parse_slice function in av_parsers.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges. | |||||
CVE-2021-46526 | 1 Cesanta | 1 Mjs | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
Cesanta MJS v2.20.0 was discovered to contain a global buffer overflow via snquote at src/mjs_json.c. | |||||
CVE-2021-20704 | 1 Nec | 4 Clusterpro X, Clusterpro X Singleserversafe, Expresscluster X and 1 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Buffer overflow vulnerability in the compatible API with previous versions CLUSTERPRO X 4.3 for Windows and earlier, EXPRESSCLUSTER X 4.3 for Windows and earlier, CLUSTERPRO X 4.3 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 4.3 SingleServerSafe for Windows and earlier allows attacker to remote code execution via a network. | |||||
CVE-2021-35945 | 1 Couchbase | 1 Couchbase Server | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Couchbase Server 6.5.x, 6.6.0 through 6.6.2, and 7.0.0, has a Buffer Overflow. A specially crafted network packet sent from an attacker can crash memcached. |