Search
Total
3972 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-35055 | 1 Mediatek | 20 Mt7603e, Mt7603e Firmware, Mt7610 and 17 more | 2022-01-10 | 9.3 HIGH | 8.8 HIGH |
| MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write). | |||||
| CVE-2021-45078 | 4 Debian, Fedoraproject, Gnu and 1 more | 4 Debian Linux, Fedora, Binutils and 1 more | 2022-01-10 | 6.8 MEDIUM | 7.8 HIGH |
| stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. NOTE: this issue exists because of an incorrect fix for CVE-2018-12699. | |||||
| CVE-2021-37566 | 1 Mediatek | 18 Mt7603e, Mt7603e Firmware, Mt7610 and 15 more | 2022-01-10 | 9.3 HIGH | 8.8 HIGH |
| MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7610, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write). | |||||
| CVE-2021-45607 | 1 Netgear | 16 R6400v2, R6400v2 Firmware, R6700v3 and 13 more | 2022-01-07 | 6.5 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, RAX200 before 1.0.5.126, RAX75 before 1.0.5.126, and RAX80 before 1.0.5.126. | |||||
| CVE-2021-45606 | 1 Netgear | 30 R6400, R6400 Firmware, R6400v2 and 27 more | 2022-01-07 | 6.5 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R6400 before 1.0.1.70, R7000 before 1.0.11.126, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, RAX200 before 1.0.4.120, RS400 before 1.5.1.80, R6400v2 before 1.0.4.118, R7000P before 1.3.3.140, RAX80 before 1.0.4.120, R6700v3 before 1.0.4.118, R6900P before 1.3.3.140, and RAX75 before 1.0.4.120. | |||||
| CVE-2021-22555 | 3 Brocade, Linux, Netapp | 20 Fabric Operating System, Linux Kernel, Aff 500f and 17 more | 2022-01-06 | 4.6 MEDIUM | 7.8 HIGH |
| A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space | |||||
| CVE-2021-30937 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2022-01-06 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption vulnerability was addressed with improved locking. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. A malicious application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2021-45911 | 1 Gif2apng Project | 1 Gif2apng | 2022-01-06 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in gif2apng 1.9. There is a heap-based buffer overflow in the main function. It allows an attacker to write 2 bytes outside the boundaries of the buffer. | |||||
| CVE-2021-45910 | 1 Gif2apng Project | 1 Gif2apng | 2022-01-06 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in gif2apng 1.9. There is a heap-based buffer overflow within the main function. It allows an attacker to write data outside of the allocated buffer. The attacker has control over a part of the address that data is written to, control over the written data, and (to some extent) control over the amount of data that is written. | |||||
| CVE-2021-45909 | 1 Gif2apng Project | 1 Gif2apng | 2022-01-06 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in gif2apng 1.9. There is a heap-based buffer overflow vulnerability in the DecodeLZW function. It allows an attacker to write a large amount of arbitrary data outside the boundaries of a buffer. | |||||
| CVE-2021-45908 | 1 Gif2apng Project | 1 Gif2apng | 2022-01-06 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in gif2apng 1.9. There is a stack-based buffer overflow involving a while loop. An attacker has little influence over the data written to the stack, making it unlikely that the flow of control can be subverted. | |||||
| CVE-2021-45907 | 1 Gif2apng Project | 1 Gif2apng | 2022-01-06 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in gif2apng 1.9. There is a stack-based buffer overflow involving a for loop. An attacker has little influence over the data written to the stack, making it unlikely that the flow of control can be subverted. | |||||
| CVE-2021-45704 | 1 Metrics-util Project | 1 Metrics-util | 2022-01-06 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in the metrics-util crate before 0.7.0 for Rust. There is a data race and memory corruption because AtomicBucket<T> unconditionally implements the Send and Sync traits. | |||||
| CVE-2021-37583 | 1 Mediatek | 14 Mt7603e, Mt7603e Firmware, Mt7613 and 11 more | 2022-01-06 | 9.3 HIGH | 8.8 HIGH |
| MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write). | |||||
| CVE-2021-37584 | 1 Mediatek | 20 Mt7603e, Mt7603e Firmware, Mt7610 and 17 more | 2022-01-06 | 9.3 HIGH | 8.8 HIGH |
| MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write). | |||||
| CVE-2021-37568 | 1 Mediatek | 14 Mt7603e, Mt7603e Firmware, Mt7613 and 11 more | 2022-01-06 | 9.3 HIGH | 8.8 HIGH |
| MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write). | |||||
| CVE-2021-45680 | 1 Vec-const Project | 1 Vec-const | 2022-01-06 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the vec-const crate before 2.0.0 for Rust. It tries to construct a Vec from a pointer to a const slice, leading to memory corruption. | |||||
| CVE-2021-45681 | 1 Derive-com-impl Project | 1 Derive-com-impl | 2022-01-06 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the derive-com-impl crate before 0.1.2 for Rust. An invalid reference (and memory corruption) can occur because AddRef might not be called before returning a pointer. | |||||
| CVE-2021-44013 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2022-01-06 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The DL180pdfl.dll contains an out of bounds write past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15103) | |||||
| CVE-2021-44001 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2022-01-06 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The DL180pdfl.dll contains an out of bounds write past the end of an allocated structure while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-14974) | |||||
| CVE-2021-44002 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2022-01-06 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The Jt1001.dll contains an out of bounds write past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15058) | |||||
| CVE-2021-37569 | 1 Mediatek | 14 Mt7603e, Mt7603e Firmware, Mt7613 and 11 more | 2022-01-06 | 9.3 HIGH | 8.8 HIGH |
| MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write). | |||||
| CVE-2021-45605 | 1 Netgear | 16 R6400, R6400 Firmware, R6900p and 13 more | 2022-01-05 | 6.5 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R6400 before 1.0.1.68, R7000 before 1.0.11.116, R6900P before 1.3.3.140, R7000P before 1.3.3.140, R7900 before 1.0.4.38, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, and XR300 before 1.0.3.50. | |||||
| CVE-2021-45573 | 1 Netgear | 16 Ac2100, Ac2100 Firmware, Ac2400 and 13 more | 2022-01-05 | 5.8 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects R6260 before 1.1.0.76, R6800 before 1.2.0.62, R6700v2 before 1.2.0.62, R6900v2 before 1.2.0.62, R7450 before 1.2.0.62, AC2100 before 1.2.0.62, AC2400 before 1.2.0.62, and AC2600 before 1.2.0.62. | |||||
| CVE-2021-45636 | 1 Netgear | 2 D7000, D7000 Firmware | 2022-01-05 | 5.8 MEDIUM | 8.8 HIGH |
| NETGEAR D7000 devices before 1.0.1.82 are affected by a stack-based buffer overflow by an unauthenticated attacker. | |||||
| CVE-2021-0326 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Android | 2022-01-04 | 7.9 HIGH | 7.5 HIGH |
| In p2p_copy_client_info of p2p.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi Direct search, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-172937525 | |||||
| CVE-2020-1457 | 1 Microsoft | 1 Windows 10 | 2022-01-04 | 6.8 MEDIUM | 7.8 HIGH |
| A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory, aka 'Microsoft Windows Codecs Library Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1425. | |||||
| CVE-2021-43534 | 2 Debian, Mozilla | 4 Debian Linux, Firefox, Firefox Esr and 1 more | 2022-01-04 | 6.8 MEDIUM | 8.8 HIGH |
| Mozilla developers and community members reported memory safety bugs present in Firefox 93 and Firefox ESR 91.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3. | |||||
| CVE-2021-30971 | 1 Apple | 4 Ipados, Iphone Os, Mac Os X and 1 more | 2022-01-03 | 9.3 HIGH | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.1, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2, Security Update 2021-008 Catalina. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution. | |||||
| CVE-2019-9719 | 1 Libav | 1 Libav | 2022-01-01 | 6.8 MEDIUM | 8.8 HIGH |
| ** DISPUTED ** A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows attackers to corrupt the stack via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c misuses snprintf. NOTE: Third parties dispute that this is a vulnerability because “no evidence of a vulnerability is provided” and only “a generic warning from a static code analysis” is provided. | |||||
| CVE-2019-8717 | 1 Apple | 2 Mac Os X, Tvos | 2022-01-01 | 7.2 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15, tvOS 13. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2019-13730 | 6 Debian, Fedoraproject, Google and 3 more | 9 Debian Linux, Fedora, Chrome and 6 more | 2022-01-01 | 6.8 MEDIUM | 8.8 HIGH |
| Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2019-11764 | 2 Canonical, Mozilla | 4 Ubuntu Linux, Firefox, Firefox Esr and 1 more | 2022-01-01 | 6.8 MEDIUM | 8.8 HIGH |
| Mozilla developers and community members reported memory safety bugs present in Firefox 69 and Firefox ESR 68.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2. | |||||
| CVE-2020-0002 | 1 Google | 1 Android | 2022-01-01 | 9.3 HIGH | 8.8 HIGH |
| In ih264d_init_decoder of ih264d_api.c, there is a possible out of bounds write due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation Product: Android Versions: Android-8.0, Android-8.1, Android-9, and Android-10 Android ID: A-142602711 | |||||
| CVE-2020-6379 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2022-01-01 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in V8 in Google Chrome prior to 79.0.3945.130 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2019-13334 | 1 Foxitsoftware | 1 Phantompdf | 2022-01-01 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the conversion of DXF files to PDF. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8774. | |||||
| CVE-2020-0792 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2022-01-01 | 7.2 HIGH | 8.8 HIGH |
| An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0715, CVE-2020-0745. | |||||
| CVE-2020-3764 | 2 Adobe, Microsoft | 2 Media Encoder, Windows | 2022-01-01 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Media Encoder versions 14.0 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2020-9308 | 3 Canonical, Fedoraproject, Libarchive | 3 Ubuntu Linux, Fedora, Libarchive | 2022-01-01 | 6.8 MEDIUM | 8.8 HIGH |
| archive_read_support_format_rar5.c in libarchive before 3.4.2 attempts to unpack a RAR5 file with an invalid or corrupted header (such as a header size of zero), leading to a SIGSEGV or possibly unspecified other impact. | |||||
| CVE-2020-6801 | 2 Canonical, Mozilla | 2 Ubuntu Linux, Firefox | 2022-01-01 | 6.8 MEDIUM | 8.8 HIGH |
| Mozilla developers reported memory safety bugs present in Firefox 72. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 73. | |||||
| CVE-2020-6800 | 2 Canonical, Mozilla | 4 Ubuntu Linux, Firefox, Firefox Esr and 1 more | 2022-01-01 | 6.8 MEDIUM | 8.8 HIGH |
| Mozilla developers and community members reported memory safety bugs present in Firefox 72 and Firefox ESR 68.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. In general, these flaws cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts. This vulnerability affects Thunderbird < 68.5, Firefox < 73, and Firefox < ESR68.5. | |||||
| CVE-2020-14382 | 4 Canonical, Cryptsetup Project, Fedoraproject and 1 more | 4 Ubuntu Linux, Cryptsetup, Fedora and 1 more | 2022-01-01 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability was found in upstream release cryptsetup-2.2.0 where, there's a bug in LUKS2 format validation code, that is effectively invoked on every device/image presenting itself as LUKS2 container. The bug is in segments validation code in file 'lib/luks2/luks2_json_metadata.c' in function hdr_validate_segments(struct crypt_device *cd, json_object *hdr_jobj) where the code does not check for possible overflow on memory allocation used for intervals array (see statement "intervals = malloc(first_backup * sizeof(*intervals));"). Due to the bug, library can be *tricked* to expect such allocation was successful but for far less memory then originally expected. Later it may read data FROM image crafted by an attacker and actually write such data BEYOND allocated memory. | |||||
| CVE-2020-7552 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2022-01-01 | 6.8 MEDIUM | 7.8 HIGH |
| A CWE-787: Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247, that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition. | |||||
| CVE-2020-7551 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2022-01-01 | 6.8 MEDIUM | 7.8 HIGH |
| A CWE-787: Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247, that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition. | |||||
| CVE-2019-14563 | 2 Debian, Tianocore | 2 Debian Linux, Edk2 | 2022-01-01 | 4.6 MEDIUM | 7.8 HIGH |
| Integer truncation in EDK II may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-20740 | 3 Debian, Fedoraproject, Pdfresurrect Project | 3 Debian Linux, Fedora, Pdfresurrect | 2022-01-01 | 6.8 MEDIUM | 7.8 HIGH |
| PDFResurrect before 0.20 lack of header validation checks causes heap-buffer-overflow in pdf_get_version(). | |||||
| CVE-2020-26797 | 2 Fedoraproject, Mediaarea | 2 Fedora, Mediainfo | 2022-01-01 | 5.0 MEDIUM | 7.5 HIGH |
| Mediainfo before version 20.08 has a heap buffer overflow vulnerability via MediaInfoLib::File_Gxf::ChooseParser_ChannelGrouping. | |||||
| CVE-2020-12983 | 2 Amd, Microsoft | 3 Radeon Pro Software, Radeon Software, Windows 10 | 2021-12-30 | 4.6 MEDIUM | 7.8 HIGH |
| An out of bounds write vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privileges or denial of service. | |||||
| CVE-2020-6378 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2021-12-30 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in speech in Google Chrome prior to 79.0.3945.130 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-30985 | 1 Apple | 2 Ipados, Iphone Os | 2021-12-29 | 9.3 HIGH | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.2 and iPadOS 15.2. A malicious application may be able to execute arbitrary code with kernel privileges. | |||||