Total
2430 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-31624 | 1 Tendacn | 2 Ac9, Ac9 Firmware | 2024-02-28 | 5.8 MEDIUM | 8.8 HIGH |
Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.19(6318), and AC9 V3.0 V15.03.06.42_multi, allows attackers to execute arbitrary code via the urls parameter. | |||||
CVE-2021-38090 | 1 Ffmpeg | 1 Ffmpeg | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
Integer Overflow vulnerability in function filter16_roberts in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts. | |||||
CVE-2021-38297 | 2 Fedoraproject, Golang | 2 Fedora, Go | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Go before 1.16.9 and 1.17.x before 1.17.2 has a Buffer Overflow via large arguments in a function invocation from a WASM module, when GOARCH=wasm GOOS=js is used. | |||||
CVE-2021-1983 | 1 Qualcomm | 190 Apq8017, Apq8017 Firmware, Apq8053 and 187 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Possible buffer overflow due to improper handling of negative data length while processing write request in VR service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables | |||||
CVE-2021-1909 | 1 Qualcomm | 654 Apq8009, Apq8009 Firmware, Apq8009w and 651 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Buffer overflow occurs in trusted applications due to lack of length check of parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-18077 | 1 Ftpshell | 1 Ftpshell Server | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
A buffer overflow vulnerability in the Virtual Path Mapping component of FTPShell v6.83 allows attackers to cause a denial of service (DoS). | |||||
CVE-2022-23218 | 3 Debian, Gnu, Oracle | 4 Debian Linux, Glibc, Communications Cloud Native Core Unified Data Repository and 1 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution. | |||||
CVE-2020-28963 | 2 Krylack, Microsoft | 2 Zip Password Recovery, Windows | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Passcovery Co. Ltd ZIP Password Recovery v3.70.69.0 was discovered to contain a buffer overflow via the decompress function. | |||||
CVE-2021-41498 | 1 Pyo Project | 1 Pyo | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Buffer overflow in ajaxsoundstudio.com Pyo < and 1.03 in the Server_jack_init function. which allows attackers to conduct Denial of Service attacks by arbitrary constructing a overlong server name. | |||||
CVE-2021-32265 | 1 Axiosys | 1 Bento4 | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
An issue was discovered in Bento4 through v1.6.0-637. A global-buffer-overflow exists in the function AP4_MemoryByteStream::WritePartial() located in Ap4ByteStream.cpp. It allows an attacker to cause code execution or information disclosure. | |||||
CVE-2021-20700 | 1 Nec | 4 Clusterpro X, Clusterpro X Singleserversafe, Expresscluster X and 1 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Buffer overflow vulnerability in the Disk Agent CLUSTERPRO X 4.3 for Windows and earlier, EXPRESSCLUSTER X 4.3 for Windows and earlier, CLUSTERPRO X 4.3 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 4.3 SingleServerSafe for Windows and earlier allows attacker to remote code execution via a network. | |||||
CVE-2021-3790 | 1 Binatoneglobal | 42 Cn28, Cn28 Firmware, Cn40 and 39 more | 2024-02-28 | 3.3 LOW | 6.5 MEDIUM |
A buffer overflow was reported in the local web server of some Motorola-branded Binatone Hubble Cameras that could allow an unauthenticated attacker on the same network to perform a denial-of-service attack against the device. | |||||
CVE-2021-34779 | 1 Cisco | 32 Business 220-16p-2g, Business 220-16p-2g Firmware, Business 220-16t-2g and 29 more | 2024-02-28 | 7.9 HIGH | 8.8 HIGH |
Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business 220 Series Smart Switches. An unauthenticated, adjacent attacker could perform the following: Execute code on the affected device or cause it to reload unexpectedly Cause LLDP database corruption on the affected device For more information about these vulnerabilities, see the Details section of this advisory. Note: LLDP is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). Cisco has released firmware updates that address these vulnerabilities. | |||||
CVE-2022-23219 | 3 Debian, Gnu, Oracle | 8 Debian Linux, Glibc, Communications Cloud Native Core Binding Support Function and 5 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution. | |||||
CVE-2020-20658 | 1 Libiec Iccp Mod Project | 1 Libiec Iccp Mod | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Buffer overflow vulnerability in fcovatti libiec_iccp_mod v1.5, allows attackers to cause a denail of service when trying to calloc an unexpectiedly large space. | |||||
CVE-2021-42683 | 1 Accops | 1 Hyworks Windows Client | 2024-02-28 | 7.2 HIGH | 8.8 HIGH |
A Buffer Overflow vulnerability exists in Accops HyWorks Windows Client prior to v 3.2.8.200. The IOCTL Handler 0x22001B allows local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet. | |||||
CVE-2020-27372 | 1 Brandy Project | 1 Brandy | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
A buffer overflow vulnerability exists in Brandy Basic V Interpreter 1.21 in the run_interpreter function. | |||||
CVE-2021-20702 | 1 Nec | 4 Clusterpro X, Clusterpro X Singleserversafe, Expresscluster X and 1 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Buffer overflow vulnerability in the Transaction Server CLUSTERPRO X 4.3 for Windows and earlier, EXPRESSCLUSTER X 4.3 for Windows and earlier, CLUSTERPRO X 4.3 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 4.3 SingleServerSafe for Windows and earlier allows attacker to remote code execution via a network. | |||||
CVE-2020-36133 | 1 Aomedia | 1 Aomedia | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
AOM v2.0.1 was discovered to contain a global buffer overflow via the component av1/encoder/partition_search.h. | |||||
CVE-2021-43042 | 1 Kaseya | 1 Unitrends Backup | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. A buffer overflow existed in the vaultServer component. This was exploitable by a remote unauthenticated attacker. |