Total
2573 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-27705 | 1 Tenda | 4 G1, G1 Firmware, G3 and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"qosIndex "request. This occurs because the "formQOSRuleDel" function directly passes the parameter "qosIndex" to strcpy without limit. | |||||
| CVE-2021-27698 | 1 Riot-os | 1 Riot | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| RIOT-OS 2021.01 contains a buffer overflow vulnerability in /sys/net/gnrc/routing/rpl/gnrc_rpl_control_messages.c through the _parse_options() function. | |||||
| CVE-2021-27697 | 1 Riot-os | 1 Riot | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| RIOT-OS 2021.01 contains a buffer overflow vulnerability in sys/net/gnrc/routing/rpl/gnrc_rpl_validation.c through the gnrc_rpl_validation_options() function. | |||||
| CVE-2021-27391 | 1 Siemens | 16 Apogee Mbc \(ppc\) \(p2 Ethernet\), Apogee Mbc \(ppc\) \(p2 Ethernet\) Firmware, Apogee Mec \(ppc\) \(p2 Ethernet\) and 13 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| A vulnerability has been identified in APOGEE MBC (PPC) (P2 Ethernet) (All versions >= V2.6.3), APOGEE MEC (PPC) (P2 Ethernet) (All versions >= V2.6.3), APOGEE PXC Compact (BACnet) (All versions < V3.5.3), APOGEE PXC Compact (P2 Ethernet) (All versions >= V2.8), APOGEE PXC Modular (BACnet) (All versions < V3.5.3), APOGEE PXC Modular (P2 Ethernet) (All versions >= V2.8), TALON TC Compact (BACnet) (All versions < V3.5.3), TALON TC Modular (BACnet) (All versions < V3.5.3). The web server of affected devices lacks proper bounds checking when parsing the Host parameter in HTTP requests, which could lead to a buffer overflow. An unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code on the device with root privileges. | |||||
| CVE-2021-27357 | 1 Riot-os | 1 Riot | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| RIOT-OS 2020.01 contains a buffer overflow vulnerability in /sys/net/gnrc/routing/rpl/gnrc_rpl_control_messages.c. | |||||
| CVE-2021-27343 | 1 Serenityos | 1 Serenityos | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| SerenityOS Unspecified is affected by: Buffer Overflow. The impact is: obtain sensitive information (context-dependent). The component is: /Userland/Libraries/LibCrypto/ASN1/DER.h Crypto::der_decode_sequence() function. The attack vector is: Parsing RSA Key ASN.1. | |||||
| CVE-2021-27208 | 1 Xilinx | 4 Zynq-7000, Zynq-7000 Firmware, Zynq-7000s and 1 more | 2024-11-21 | 4.6 MEDIUM | 6.8 MEDIUM |
| When booting a Zync-7000 SOC device from nand flash memory, the nand driver in the ROM does not validate the inputs when reading in any parameters in the nand’s parameter page. IF a field read in from the parameter page is too large, this causes a buffer overflow that could lead to arbitrary code execution. Physical access and modification of the board assembly on which the Zynq-7000 SoC device mounted is needed to replace the original NAND flash memory with a NAND flash emulation device for this attack to be successful. | |||||
| CVE-2021-26827 | 1 Tp-link | 2 Tl-wr2041\+, Tl-wr2041\+ Firmware | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| Buffer Overflow in TP-Link WR2041 v1 firmware for the TL-WR2041+ router allows remote attackers to cause a Denial-of-Service (DoS) by sending an HTTP request with a very long "ssid" parameter to the "/userRpm/popupSiteSurveyRpm.html" webpage, which crashes the router. | |||||
| CVE-2021-26805 | 1 Tsmuxer Project | 1 Tsmuxer | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Buffer Overflow in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a malicious WAV file. | |||||
| CVE-2021-26606 | 2 Dreamsecurity, Microsoft | 2 Magicline4nx.exe, Windows | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| A vulnerability in PKI Security Solution of Dream Security could allow arbitrary command execution. This vulnerability is due to insufficient validation of the authorization certificate. An attacker could exploit this vulnerability by sending a crafted HTTP request an affected program. A successful exploit could allow the attacker to remotely execute arbitrary code on a target system. | |||||
| CVE-2021-26577 | 1 Hpe | 2 Apollo 70 System, Baseboard Management Controller | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so uploadsshkey function. | |||||
| CVE-2021-26573 | 1 Hpe | 2 Apollo 70 System, Baseboard Management Controller | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webgeneratesslcfg function. | |||||
| CVE-2021-26572 | 1 Hpe | 2 Apollo 70 System, Baseboard Management Controller | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webgetactivexcfg function. | |||||
| CVE-2021-26571 | 1 Hpe | 2 Apollo 70 System, Baseboard Management Controller | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webgetactivexcfg function. | |||||
| CVE-2021-26570 | 1 Hpe | 2 Apollo 70 System, Baseboard Management Controller | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webifc_setadconfig function. | |||||
| CVE-2021-25498 | 1 Samsung | 1 Notes | 2024-11-21 | 4.6 MEDIUM | 7.3 HIGH |
| A possible buffer overflow vulnerability in maetd_eco_cb_mode of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution. | |||||
| CVE-2021-25497 | 1 Samsung | 1 Notes | 2024-11-21 | 4.6 MEDIUM | 7.3 HIGH |
| A possible buffer overflow vulnerability in maetd_cpy_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution. | |||||
| CVE-2021-25496 | 1 Samsung | 1 Notes | 2024-11-21 | 4.6 MEDIUM | 7.3 HIGH |
| A possible buffer overflow vulnerability in maetd_dec_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution. | |||||
| CVE-2021-25494 | 1 Samsung | 1 Notes | 2024-11-21 | 4.6 MEDIUM | 4.0 MEDIUM |
| A possible buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary code execution. | |||||
| CVE-2021-25467 | 2 Google, Samsung | 4 Android, Exynos 2100, Exynos 980 and 1 more | 2024-11-21 | 7.2 HIGH | 5.3 MEDIUM |
| Assuming system privilege is gained, possible buffer overflow vulnerabilities in the Vision DSP kernel driver prior to SMR Oct-2021 Release 1 allows privilege escalation to Root by hijacking loaded library. | |||||