Search
Total
680 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-30979 | 1 Apple | 4 Ipados, Iphone Os, Mac Os X and 1 more | 2022-02-22 | 6.8 MEDIUM | 7.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.1, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2, Security Update 2021-008 Catalina. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution. | |||||
| CVE-2021-30785 | 1 Apple | 5 Iphone Os, Mac Os X, Macos and 2 more | 2022-02-22 | 6.8 MEDIUM | 7.8 HIGH |
| A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Processing a maliciously crafted image may lead to arbitrary code execution. | |||||
| CVE-2021-30934 | 3 Apple, Debian, Fedoraproject | 8 Ipados, Iphone Os, Macos and 5 more | 2022-02-19 | 9.3 HIGH | 8.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2021-22824 | 1 Schneider-electric | 1 Interactive Graphical Scada System Data Collector | 2022-02-18 | 5.0 MEDIUM | 7.5 HIGH |
| A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in denial of service, due to missing length check on user-supplied data from a constructed message received on the network. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21320 and prior) | |||||
| CVE-2021-30323 | 1 Qualcomm | 202 Apq8009w, Apq8009w Firmware, Apq8017 and 199 more | 2022-02-18 | 7.2 HIGH | 7.8 HIGH |
| Improper validation of maximum size of data write to EFS file can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2021-30309 | 1 Qualcomm | 86 Mdm9650, Mdm9650 Firmware, Qca6174a and 83 more | 2022-02-18 | 4.6 MEDIUM | 7.8 HIGH |
| Improper size validation of QXDM commands can lead to memory corruption in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2021-30318 | 1 Qualcomm | 274 Apq8009w, Apq8009w Firmware, Apq8017 and 271 more | 2022-02-17 | 4.6 MEDIUM | 7.8 HIGH |
| Improper validation of input when provisioning the HDCP key can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2018-16301 | 1 Tcpdump | 1 Tcpdump | 2022-02-14 | 4.4 MEDIUM | 7.8 HIGH |
| The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump. | |||||
| CVE-2022-22725 | 1 Schneider-electric | 2 Easergy P3, Easergy P3 Firmware | 2022-02-10 | 8.3 HIGH | 8.8 HIGH |
| A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping function via GOOSE can be impacted. Affected Product: Easergy P3 (All versions prior to V30.205) | |||||
| CVE-2022-22723 | 1 Schneider-electric | 2 Easergy P5, Easergy P5 Firmware | 2022-02-10 | 8.3 HIGH | 8.8 HIGH |
| A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping function via GOOSE can be impacted. Affected Product: Easergy P5 (All firmware versions prior to V01.401.101) | |||||
| CVE-2021-29219 | 1 Hpe | 14 Flexnetwork 5130 Jg932a, Flexnetwork 5130 Jg932a Firmware, Flexnetwork 5130 Jg933a and 11 more | 2022-02-09 | 4.6 MEDIUM | 7.8 HIGH |
| A potential local buffer overflow vulnerability has been identified in HPE FlexNetwork 5130 EL Switch Series version: Prior to 5130_EI_7.10.R3507P02. HPE has made the following software update to resolve the vulnerability in HPE FlexNetwork 5130 EL Switch Series version 5130_EL_7.10.R3507P02. | |||||
| CVE-2019-11858 | 1 Sierrawireless | 13 Airlink Es440, Airlink Es450, Airlink Gx400 and 10 more | 2022-02-09 | 6.5 MEDIUM | 7.2 HIGH |
| Multiple buffer overflow vulnerabilities exist in the AceManager Web API of ALEOS before 4.13.0, 4.9.5, and 4.4.9. | |||||
| CVE-2019-11859 | 1 Sierrawireless | 13 Airlink Es440, Airlink Es450, Airlink Gx400 and 10 more | 2022-02-09 | 9.0 HIGH | 8.8 HIGH |
| A buffer overflow exists in the SMS handler API of ALEOS before 4.13.0, 4.9.5, 4.9.4 that may allow code execution as root. | |||||
| CVE-2021-33909 | 4 Debian, Fedoraproject, Linux and 1 more | 5 Debian Linux, Fedora, Linux Kernel and 2 more | 2022-02-07 | 7.2 HIGH | 7.8 HIGH |
| fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05. | |||||
| CVE-2020-7559 | 1 Schneider-electric | 1 Ecostruxure Control Expert | 2022-02-03 | 5.0 MEDIUM | 7.5 HIGH |
| A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability exists in PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions) that could cause a crash of the PLC simulator present in EcoStruxureª Control Expert software when receiving a specially crafted request over Modbus. | |||||
| CVE-2021-46513 | 1 Cesanta | 1 Mjs | 2022-02-01 | 6.8 MEDIUM | 7.8 HIGH |
| Cesanta MJS v2.20.0 was discovered to contain a global buffer overflow via mjs_mk_string at mjs/src/mjs_string.c. | |||||
| CVE-2021-46526 | 1 Cesanta | 1 Mjs | 2022-02-01 | 6.8 MEDIUM | 7.8 HIGH |
| Cesanta MJS v2.20.0 was discovered to contain a global buffer overflow via snquote at src/mjs_json.c. | |||||
| CVE-2021-46521 | 1 Cesanta | 1 Mjs | 2022-02-01 | 6.8 MEDIUM | 7.8 HIGH |
| Cesanta MJS v2.20.0 was discovered to contain a global buffer overflow via c_vsnprintf at mjs/src/common/str_util.c. | |||||
| CVE-2018-15688 | 4 Canonical, Debian, Redhat and 1 more | 9 Ubuntu Linux, Debian Linux, Enterprise Linux Desktop and 6 more | 2022-01-31 | 5.8 MEDIUM | 8.8 HIGH |
| A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239. | |||||
| CVE-2021-34979 | 1 Netgear | 2 R6260, R6260 Firmware | 2022-01-19 | 8.3 HIGH | 8.8 HIGH |
| This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 1.1.0.78_1.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of SOAP requests. When parsing the SOAPAction header, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-13512. | |||||
| CVE-2021-30308 | 1 Qualcomm | 172 Aqt1000, Aqt1000 Firmware, Ar8035 and 169 more | 2022-01-18 | 7.2 HIGH | 7.8 HIGH |
| Possible buffer overflow while printing the HARQ memory partition detail due to improper validation of buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2021-40568 | 1 Gpac | 1 Gpac | 2022-01-14 | 6.8 MEDIUM | 7.8 HIGH |
| A buffer overflow vulnerability exists in Gpac through 1.0.1 via a malformed MP4 file in the svc_parse_slice function in av_parsers.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges. | |||||
| CVE-2021-45856 | 1 Accu-time | 2 Maximus, Maximus Firmware | 2022-01-14 | 5.0 MEDIUM | 7.5 HIGH |
| Accu-Time Systems MAXIMUS 1.0 telnet service suffers from a remote buffer overflow which causes the telnet service to crash | |||||
| CVE-2021-40035 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-01-13 | 5.0 MEDIUM | 7.5 HIGH |
| There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability. | |||||
| CVE-2021-40029 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-01-13 | 5.0 MEDIUM | 7.5 HIGH |
| There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability. | |||||
| CVE-2021-30268 | 1 Qualcomm | 274 Apq8009w, Apq8009w Firmware, Apq8017 and 271 more | 2022-01-12 | 7.2 HIGH | 7.8 HIGH |
| Possible heap Memory Corruption Issue due to lack of input validation when sending HWTC IQ Capture command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2021-30303 | 1 Qualcomm | 478 Apq8009, Apq8009 Firmware, Apq8017 and 475 more | 2022-01-12 | 7.2 HIGH | 7.8 HIGH |
| Possible buffer overflow due to lack of buffer length check when segmented WMI command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-30298 | 1 Qualcomm | 122 Ar8031, Ar8031 Firmware, Ar8035 and 119 more | 2022-01-12 | 4.6 MEDIUM | 7.8 HIGH |
| Possible out of bound access due to improper validation of item size and DIAG memory pools data while switching between USB and PCIE interface in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-45530 | 1 Netgear | 24 R7000, R7000 Firmware, R7000p and 21 more | 2022-01-07 | 6.5 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R7000 before 1.0.11.126, R7960P before 1.4.2.84, R8000 before 1.0.4.74, RAX200 before 1.0.4.120, R8000P before 1.4.2.84, RAX20 before 1.0.2.82, RAX45 before 1.0.2.82, RAX80 before 1.0.4.120, R7900P before 1.4.2.84, RAX15 before 1.0.2.82, RAX50 before 1.0.2.82, and RAX75 before 1.0.4.120. | |||||
| CVE-2021-20166 | 1 Netgear | 2 Rax43, Rax43 Firmware | 2022-01-07 | 5.8 MEDIUM | 8.8 HIGH |
| Netgear RAX43 version 1.0.3.96 contains a buffer overrun vulnerability. The URL parsing functionality in the cgi-bin endpoint of the router containers a buffer overrun issue that can redirection control flow of the applicaiton. | |||||
| CVE-2021-45526 | 1 Netgear | 28 Ex6000, Ex6000 Firmware, Ex6120 and 25 more | 2022-01-07 | 6.5 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects EX6000 before 1.0.0.38, EX6120 before 1.0.0.48, EX6130 before 1.0.0.30, R6300v2 before 1.0.4.52, R6400 before 1.0.1.52, R7000 before 1.0.11.126, R7900 before 1.0.4.30, R8000 before 1.0.4.52, R7000P before 1.3.2.124, R8000P before 1.4.1.50, RAX80 before 1.0.3.88, R6900P before 1.3.2.124, R7900P before 1.4.1.50, and RAX75 before 1.0.3.88. | |||||
| CVE-2021-45525 | 1 Netgear | 30 Ex7000, Ex7000 Firmware, R6400 and 27 more | 2022-01-07 | 6.5 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects EX7000 before 1.0.1.80, R6400 before 1.0.1.50, R6400v2 before 1.0.4.118, R6700 before 1.0.2.8, R6700v3 before 1.0.4.118, R6900 before 1.0.2.8, R6900P before 1.3.2.124, R7000 before 1.0.9.88, R7000P before 1.3.2.124, R7900 before 1.0.3.18, R7900P before 1.4.1.50, R8000 before 1.0.4.46, R8000P before 1.4.1.50, RAX80 before 1.0.1.56, and WNR3500Lv2 before 1.2.0.62. | |||||
| CVE-2018-25020 | 1 Linux | 1 Linux Kernel | 2022-01-06 | 4.6 MEDIUM | 7.8 HIGH |
| The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter.c. | |||||
| CVE-2021-45529 | 1 Netgear | 20 Cbr40, Cbr40 Firmware, D7000v2 and 17 more | 2022-01-06 | 6.5 MEDIUM | 7.2 HIGH |
| Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects CBR40 before 2.3.5.12, D7000v2 before 1.0.0.66, D8500 before 1.0.3.58, R6400 before 1.0.1.70, R7000 before 1.0.11.126, R6900P before 1.3.2.124, R7000P before 1.3.2.124, R7900 before 1.0.4.30, R8000 before 1.0.4.52, and WNR3500Lv2 before 1.2.0.62. | |||||
| CVE-2021-45528 | 1 Netgear | 22 R6300v2, R6300v2 Firmware, R6400 and 19 more | 2022-01-06 | 6.5 MEDIUM | 7.2 HIGH |
| Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R6300v2 before 1.0.4.52, R6400 before 1.0.1.52, R6900 before 1.0.2.8, R7000 before 1.0.9.88, R7900 before 1.0.3.18, R8000 before 1.0.4.46, R7900P before 1.4.1.50, R8000P before 1.4.1.50, RAX75 before 1.0.3.88, RAX80 before 1.0.3.88, and WNR3500Lv2 before 1.2.0.62. | |||||
| CVE-2021-30993 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2022-01-03 | 6.8 MEDIUM | 8.1 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. An attacker in a privileged network position may be able to execute arbitrary code. | |||||
| CVE-2021-38160 | 4 Debian, Linux, Netapp and 1 more | 9 Debian Linux, Linux Kernel, Element Software and 6 more | 2022-01-01 | 7.2 HIGH | 7.8 HIGH |
| ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior. | |||||
| CVE-2020-5208 | 4 Debian, Fedoraproject, Ipmitool Project and 1 more | 4 Debian Linux, Fedora, Ipmitool and 1 more | 2021-12-30 | 6.5 MEDIUM | 8.8 HIGH |
| It's been found that multiple functions in ipmitool before 1.8.19 neglect proper checking of the data received from a remote LAN party, which may lead to buffer overflows and potentially to remote code execution on the ipmitool side. This is especially dangerous if ipmitool is run as a privileged user. This problem is fixed in version 1.8.19. | |||||
| CVE-2021-30981 | 1 Apple | 2 Mac Os X, Macos | 2021-12-30 | 9.3 HIGH | 7.8 HIGH |
| A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.1, Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2021-43518 | 1 Teeworlds | 1 Teeworlds | 2021-12-27 | 6.8 MEDIUM | 7.8 HIGH |
| Teeworlds up to and including 0.7.5 is vulnerable to Buffer Overflow. A map parser does not validate m_Channels value coming from a map file, leading to a buffer overflow. A malicious server may offer a specially crafted map that will overwrite client's stack causing denial of service or code execution. | |||||
| CVE-2021-41499 | 1 Pyo Project | 1 Pyo | 2021-12-27 | 5.0 MEDIUM | 7.5 HIGH |
| Buffer Overflow Vulnerability exists in ajaxsoundstudio.com n Pyo < 1.03 in the Server_debug function, which allows remote attackers to conduct DoS attacks by deliberately passing on an overlong audio file name. | |||||
| CVE-2021-41498 | 1 Pyo Project | 1 Pyo | 2021-12-27 | 5.0 MEDIUM | 7.5 HIGH |
| Buffer overflow in ajaxsoundstudio.com Pyo < and 1.03 in the Server_jack_init function. which allows attackers to conduct Denial of Service attacks by arbitrary constructing a overlong server name. | |||||
| CVE-2021-39922 | 3 Debian, Fedoraproject, Wireshark | 3 Debian Linux, Fedora, Wireshark | 2021-12-26 | 5.0 MEDIUM | 7.5 HIGH |
| Buffer overflow in the C12.22 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file | |||||
| CVE-2021-39925 | 2 Fedoraproject, Wireshark | 2 Fedora, Wireshark | 2021-12-26 | 5.0 MEDIUM | 7.5 HIGH |
| Buffer overflow in the Bluetooth SDP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file | |||||
| CVE-2021-30889 | 1 Apple | 5 Ipad Os, Iphone Os, Macos and 2 more | 2021-12-21 | 6.8 MEDIUM | 8.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2020-18077 | 1 Ftpshell | 1 Ftpshell Server | 2021-12-21 | 5.0 MEDIUM | 7.5 HIGH |
| A buffer overflow vulnerability in the Virtual Path Mapping component of FTPShell v6.83 allows attackers to cause a denial of service (DoS). | |||||
| CVE-2021-44154 | 1 Reprisesoftware | 1 Reprise License Manager | 2021-12-15 | 6.5 MEDIUM | 7.2 HIGH |
| An issue was discovered in Reprise RLM 14.2. By using an admin account, an attacker can write a payload to /goform/edit_opt, which will then be triggered when running the diagnostics (via /goform/diagnostics_doit), resulting in a buffer overflow. | |||||
| CVE-2021-39926 | 3 Debian, Fedoraproject, Wireshark | 3 Debian Linux, Fedora, Wireshark | 2021-12-15 | 5.0 MEDIUM | 7.5 HIGH |
| Buffer overflow in the Bluetooth HCI_ISO dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file | |||||
| CVE-2021-33720 | 1 Siemens | 3 Siprotec 5 With Cpu Variant Cp050, Siprotec 5 With Cpu Variant Cp100, Siprotec 5 With Cpu Variant Cp300 | 2021-12-14 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability has been identified in SIPROTEC 5 relays with CPU variants CP050 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP100 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP300 (All versions < V8.80). Specially crafted packets sent to port 4443/tcp could cause a Denial-of-Service condition. | |||||
| CVE-2019-20839 | 4 Debian, Fedoraproject, Libvncserver Project and 1 more | 4 Debian Linux, Fedora, Libvncserver and 1 more | 2021-12-14 | 5.0 MEDIUM | 7.5 HIGH |
| libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filename. | |||||