Search
Total
1388 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-36133 | 1 Aomedia | 1 Aomedia | 2021-12-03 | 6.8 MEDIUM | 8.8 HIGH |
| AOM v2.0.1 was discovered to contain a global buffer overflow via the component av1/encoder/partition_search.h. | |||||
| CVE-2021-20852 | 1 Elecom | 4 Wrh-733gbk, Wrh-733gbk Firmware, Wrh-733gwh and 1 more | 2021-12-02 | 5.2 MEDIUM | 6.8 MEDIUM |
| Buffer overflow vulnerability in ELECOM LAN routers (WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and prior) allows a network-adjacent attacker with an administrator privilege to execute an arbitrary OS command via unspecified vectors. | |||||
| CVE-2021-33035 | 1 Apache | 1 Openoffice | 2021-12-01 | 6.8 MEDIUM | 7.8 HIGH |
| Apache OpenOffice opens dBase/DBF documents and shows the contents as spreadsheets. DBF are database files with data organized in fields. When reading DBF data the size of certain fields is not checked: the data is just copied into local variables. A carefully crafted document could overflow the allocated space, leading to the execution of arbitrary code by altering the contents of the program stack. This issue affects Apache OpenOffice up to and including version 4.1.10 | |||||
| CVE-2017-12601 | 2 Debian, Opencv | 2 Debian Linux, Opencv | 2021-11-30 | 6.8 MEDIUM | 8.8 HIGH |
| OpenCV (Open Source Computer Vision Library) through 3.3 has a buffer overflow in the cv::BmpDecoder::readData function in modules/imgcodecs/src/grfmt_bmp.cpp when reading an image file by using cv::imread, as demonstrated by the 4-buf-overflow-readData-memcpy test case. | |||||
| CVE-2020-10188 | 5 Arista, Debian, Fedoraproject and 2 more | 5 Eos, Debian Linux, Fedora and 2 more | 2021-11-30 | 10.0 HIGH | 9.8 CRITICAL |
| utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions. | |||||
| CVE-2021-41054 | 2 Atftp Project, Debian | 2 Atftp, Debian Linux | 2021-11-30 | 5.0 MEDIUM | 7.5 HIGH |
| tftpd_file.c in atftp through 0.7.4 has a buffer overflow because buffer-size handling does not properly consider the combination of data, OACK, and other options. | |||||
| CVE-2021-44428 | 1 Ipuptime | 1 Pinkie | 2021-11-30 | 5.0 MEDIUM | 7.5 HIGH |
| Pinkie 2.15 allows remote attackers to cause a denial of service (daemon crash) via a TFTP read (RRQ) request, aka opcode 1. | |||||
| CVE-2021-44429 | 1 Vercot | 1 Serva | 2021-11-30 | 5.0 MEDIUM | 7.5 HIGH |
| Serva 4.4.0 allows remote attackers to cause a denial of service (daemon crash) via a TFTP read (RRQ) request, aka opcode 1, a related issue to CVE-2013-0145. | |||||
| CVE-2021-42785 | 1 Tightvnc | 1 Tightvnc | 2021-11-29 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer Overflow vulnerability in tvnviewer.exe of TightVNC Viewer allows a remote attacker to execute arbitrary instructions via a crafted FramebufferUpdate packet from a VNC server. | |||||
| CVE-2021-36333 | 1 Dell | 1 Emc Cloud Link | 2021-11-27 | 2.1 LOW | 5.5 MEDIUM |
| Dell EMC CloudLink 7.1 and all prior versions contain a Buffer Overflow Vulnerability. A local low privileged attacker, may potentially exploit this vulnerability, leading to an application crash. | |||||
| CVE-2021-37726 | 2 Arubanetworks, Siemens | 3 Aruba Instant, Scalance W1750d, Scalance W1750d Firmware | 2021-11-24 | 10.0 HIGH | 9.8 CRITICAL |
| A remote buffer overflow vulnerability was discovered in HPE Aruba Instant (IAP) version(s): Aruba Instant 8.7.x.x: 8.7.0.0 through 8.7.1.2. Aruba has released patches for Aruba Instant (IAP) that address this security vulnerability. | |||||
| CVE-2020-24633 | 1 Arubanetworks | 15 7005, 7008, 7010 and 12 more | 2021-11-18 | 10.0 HIGH | 9.8 CRITICAL |
| There are multiple buffer overflow vulnerabilities that could lead to unauthenticated remote code execution by sending especially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211) of access-points or controllers in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1, 2.2.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below. | |||||
| CVE-2020-15173 | 1 Accel-ppp | 1 Accel-ppp | 2021-11-18 | 7.5 HIGH | 9.8 CRITICAL |
| In ACCEL-PPP (an implementation of PPTP/PPPoE/L2TP/SSTP), there is a buffer overflow when receiving an l2tp control packet ith an AVP which type is a string and no hidden flags, length set to less than 6. If your application is used in open networks or there are untrusted nodes in the network it is highly recommended to apply the patch. The problem was patched with commit 2324bcd5ba12cf28f47357a8f03cd41b7c04c52b As a workaround changes of commit 2324bcd5ba12cf28f47357a8f03cd41b7c04c52b can be applied to older versions. | |||||
| CVE-2021-0284 | 1 Juniper | 1 Junos | 2021-11-17 | 7.8 HIGH | 7.5 HIGH |
| A buffer overflow vulnerability in the TCP/IP stack of Juniper Networks Junos OS allows an attacker to send specific sequences of packets to the device thereby causing a Denial of Service (DoS). By repeatedly sending these sequences of packets to the device, an attacker can sustain the Denial of Service (DoS) condition. The device will abnormally shut down as a result of these sent packets. A potential indicator of compromise will be the following message in the log files: "eventd[13955]: SYSTEM_ABNORMAL_SHUTDOWN: System abnormally shut down" This issue is only triggered by traffic destined to the device. Transit traffic will not trigger this issue. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S19; 15.1 versions prior to 15.1R7-S10; 17.3 versions prior to 17.3R3-S12; 18.4 versions prior to 18.4R2-S9, 18.4R3-S9; 19.1 versions prior to 19.1R3-S7; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R2-S7, 19.3R3-S3; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R2-S2, 20.4R3; 21.1 versions prior to 21.1R2; 21.2 versions prior to 21.2R1-S1, 21.2R2. | |||||
| CVE-2021-0283 | 1 Juniper | 1 Junos | 2021-11-17 | 7.8 HIGH | 7.5 HIGH |
| A buffer overflow vulnerability in the TCP/IP stack of Juniper Networks Junos OS allows an attacker to send specific sequences of packets to the device thereby causing a Denial of Service (DoS). By repeatedly sending these sequences of packets to the device, an attacker can sustain the Denial of Service (DoS) condition. The device will abnormally shut down as a result of these sent packets. A potential indicator of compromise will be the following message in the log files: "eventd[13955]: SYSTEM_ABNORMAL_SHUTDOWN: System abnormally shut down" These issue are only triggered by traffic destined to the device. Transit traffic will not trigger these issues. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S19; 15.1 versions prior to 15.1R7-S10; 16.1 version 16.1R1 and later versions; 16.2 version 16.2R1 and later versions; 17.1 version 17.1R1 and later versions; 17.2 version 17.2R1 and later versions; 17.3 versions prior to 17.3R3-S12; 17.4 version 17.4R1 and later versions; 18.1 versions prior to 18.1R3-S13; 18.2 version 18.2R1 and later versions; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2-S9, 18.4R3-S9; 19.1 versions prior to 19.1R3-S6; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R2-S7, 19.3R3-S3; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R2-S2, 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R2-S1, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2; 21.2 versions prior to 21.2R1-S1, 21.2R2. | |||||
| CVE-2018-14652 | 2 Debian, Redhat | 4 Debian Linux, Enterprise Linux Server, Enterprise Linux Virtualization and 1 more | 2021-11-17 | 4.0 MEDIUM | 6.5 MEDIUM |
| The Gluster file system through versions 3.12 and 4.1.4 is vulnerable to a buffer overflow in the 'features/index' translator via the code handling the 'GF_XATTR_CLRLK_CMD' xattr in the 'pl_getxattr' function. A remote authenticated attacker could exploit this on a mounted volume to cause a denial of service. | |||||
| CVE-2021-42731 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2021-11-17 | 9.3 HIGH | 7.8 HIGH |
| Adobe InDesign versions 16.4 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-3790 | 1 Binatoneglobal | 42 Cn28, Cn28 Firmware, Cn40 and 39 more | 2021-11-16 | 3.3 LOW | 6.5 MEDIUM |
| A buffer overflow was reported in the local web server of some Motorola-branded Binatone Hubble Cameras that could allow an unauthenticated attacker on the same network to perform a denial-of-service attack against the device. | |||||
| CVE-2021-30321 | 1 Qualcomm | 46 Aqt1000, Aqt1000 Firmware, Qca1062 and 43 more | 2021-11-16 | 10.0 HIGH | 9.8 CRITICAL |
| Possible buffer overflow due to lack of parameter length check during MBSSID scan IE parse in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity | |||||
| CVE-2021-42774 | 1 Broadcom | 1 Emulex Hba Manager | 2021-11-15 | 7.5 HIGH | 9.8 CRITICAL |
| Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, have a buffer overflow vulnerability in the remote firmware download feature that could allow remote unauthenticated users to perform various attacks. In non-secure mode, the user is unauthenticated. | |||||
| CVE-2019-16240 | 1 Hp | 88 Officejet Pro 8210 D9l63a, Officejet Pro 8210 D9l63a Firmware, Officejet Pro 8210 D9l64a and 85 more | 2021-11-15 | 5.8 MEDIUM | 9.1 CRITICAL |
| A Buffer Overflow and Information Disclosure issue exists in HP OfficeJet Pro Printers before 001.1937C, and HP PageWide Managed Printers and HP PageWide Pro Printers before 001.1937D exists; A maliciously crafted print file might cause certain HP Inkjet printers to assert. Under certain circumstances, the printer produces a core dump to a local device. | |||||
| CVE-2020-23890 | 1 Wildbit-soft | 1 Wildbit Viewer | 2021-11-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| A buffer overflow in WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted JPG file. Related to Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at JPGCodec+0x753648. | |||||
| CVE-2020-23900 | 1 Wildbit-soft | 1 Wildbit Viewer | 2021-11-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| A buffer overflow in WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tga file. Related to Data from Faulting Address controls Code Flow starting at Editor!TMethodImplementationIntercept+0x57a3b. | |||||
| CVE-2020-23902 | 1 Wildbit-soft | 1 Wildbit Viewer | 2021-11-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| A buffer overflow in WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tga file. Related to Data from Faulting Address may be used as a return value starting at Editor!TMethodImplementationIntercept+0x528a3. | |||||
| CVE-2020-23884 | 1 Nomacs | 1 Nomacs | 2021-11-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| A buffer overflow in Nomacs v3.15.0 allows attackers to cause a denial of service (DoS) via a crafted MNG file. | |||||
| CVE-2021-42772 | 1 Broadcom | 2 Emulex Hba Manager, One Command Manager | 2021-11-12 | 6.8 MEDIUM | 9.8 CRITICAL |
| Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, have a buffer overflow vulnerability in the remote GetDumpFile command that could allow a user to attempt various attacks. In non-secure mode, the user is unauthenticated | |||||
| CVE-2012-2089 | 2 F5, Fedoraproject | 2 Nginx, Fedora | 2021-11-10 | 6.8 MEDIUM | N/A |
| Buffer overflow in ngx_http_mp4_module.c in the ngx_http_mp4_module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted MP4 file. | |||||
| CVE-2021-42624 | 1 Miniftpd Project | 1 Miniftpd | 2021-11-08 | 4.6 MEDIUM | 7.8 HIGH |
| A local buffer overflow vulnerability exists in the latest version of Miniftpd in ftpproto.c through the tmp variable, where a crafted payload can be sent to the affected function. | |||||
| CVE-2020-22035 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2021-11-05 | 6.8 MEDIUM | 8.8 HIGH |
| A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in get_block_row at libavfilter/vf_bm3d.c, which might lead to memory corruption and other potential consequences. | |||||
| CVE-2020-22020 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2021-11-05 | 4.3 MEDIUM | 6.5 MEDIUM |
| Buffer Overflow vulnerability in FFmpeg 4.2 in the build_diff_map function in libavfilter/vf_fieldmatch.c, which could let a remote malicious user cause a Denial of Service. | |||||
| CVE-2020-22019 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2021-11-05 | 4.3 MEDIUM | 6.5 MEDIUM |
| Buffer Overflow vulnerability in FFmpeg 4.2 at convolution_y_10bit in libavfilter/vf_vmafmotion.c, which could let a remote malicious user cause a Denial of Service. | |||||
| CVE-2020-22015 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2021-11-05 | 6.8 MEDIUM | 8.8 HIGH |
| Buffer Overflow vulnerability in FFmpeg 4.2 in mov_write_video_tag due to the out of bounds in libavformat/movenc.c, which could let a remote malicious user obtain sensitive information, cause a Denial of Service, or execute arbitrary code. | |||||
| CVE-2020-22026 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2021-11-05 | 4.3 MEDIUM | 6.5 MEDIUM |
| Buffer Overflow vulnerability exists in FFmpeg 4.2 in the config_input function at libavfilter/af_tremolo.c, which could let a remote malicious user cause a Denial of Service. | |||||
| CVE-2020-22028 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2021-11-05 | 4.3 MEDIUM | 6.5 MEDIUM |
| Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_vertically_8 at libavfilter/vf_avgblur.c, which could cause a remote Denial of Service. | |||||
| CVE-2020-22021 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2021-11-05 | 4.3 MEDIUM | 6.5 MEDIUM |
| Buffer Overflow vulnerability in FFmpeg 4.2 at filter_edges function in libavfilter/vf_yadif.c, which could let a remote malicious user cause a Denial of Service. | |||||
| CVE-2021-43082 | 1 Apache | 1 Traffic Server | 2021-11-05 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in the stats-over-http plugin of Apache Traffic Server allows an attacker to overwrite memory. This issue affects Apache Traffic Server 9.1.0. | |||||
| CVE-2020-23109 | 1 Struktur | 1 Libheif | 2021-11-05 | 5.8 MEDIUM | 8.1 HIGH |
| Buffer overflow vulnerability in function convert_colorspace in heif_colorconversion.cc in libheif v1.6.2, allows attackers to cause a denial of service and disclose sensitive information, via a crafted HEIF file. | |||||
| CVE-2020-23679 | 1 Linux Network Project | 1 Linux Network Project | 2021-11-05 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer overflow vulnerability in Renleilei1992 Linux_Network_Project 1.0, allows attackers to execute arbitrary code, via the password field. | |||||
| CVE-2021-39238 | 1 Hp | 3 Futuresmart 3, Futuresmart 4, Futuresmart 5 | 2021-11-04 | 7.5 HIGH | 9.8 CRITICAL |
| Certain HP Enterprise LaserJet, HP LaserJet Managed, HP Enterprise PageWide, HP PageWide Managed products may be vulnerable to potential buffer overflow. | |||||
| CVE-2001-1323 | 1 Mit | 1 Kerberos 5 | 2021-11-04 | 7.5 HIGH | N/A |
| Buffer overflow in MIT Kerberos 5 (krb5) 1.2.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via base-64 encoded data, which is not properly handled when the radix_encode function processes file glob output from the ftpglob function. | |||||
| CVE-2020-21574 | 1 C-http Project | 1 C-http | 2021-11-04 | 5.0 MEDIUM | 7.5 HIGH |
| Buffer overflow vulnerability in YotsuyaNight c-http v0.1.0, allows attackers to cause a denial of service via a long url request which is passed to the delimitedread function. | |||||
| CVE-2020-21572 | 1 Gilcc Project | 1 Gilcc | 2021-11-04 | 5.0 MEDIUM | 7.5 HIGH |
| Buffer overflow vulnerability in function src_parser_trans_stage_1_2_3 trgil gilcc before commit 803969389ca9c06237075a7f8eeb1a19e6651759, allows attackers to cause a denial of service. | |||||
| CVE-2020-20658 | 1 Libiec Iccp Mod Project | 1 Libiec Iccp Mod | 2021-11-03 | 5.0 MEDIUM | 7.5 HIGH |
| Buffer overflow vulnerability in fcovatti libiec_iccp_mod v1.5, allows attackers to cause a denail of service when trying to calloc an unexpectiedly large space. | |||||
| CVE-2020-20657 | 1 Libiec Iccp Mod Project | 1 Libiec Iccp Mod | 2021-11-03 | 5.0 MEDIUM | 7.5 HIGH |
| Buffer overflow vulnerability in fcovatti libiec_iccp_mod v1.5, allows attackers to cause a denial of service via an unexpected packet while trying to connect. | |||||
| CVE-2020-18440 | 1 Phpok | 1 Phpok | 2021-11-03 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer overflow vulnerability in framework/init.php in qinggan phpok 5.1, allows attackers to execute arbitrary code. | |||||
| CVE-2021-31627 | 1 Tendacn | 2 Ac9, Ac9 Firmware | 2021-11-03 | 5.8 MEDIUM | 8.8 HIGH |
| Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.19(6318), and AC9 V3.0 V15.03.06.42_multi, allows attackers to execute arbitrary code via the index parameter. | |||||
| CVE-2021-27722 | 1 Nsasoft | 1 Spotauditor | 2021-11-03 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Nsasoft US LLC SpotAuditor 5.3.5. The program can be crashed by entering 300 bytes char data into the "Key" or "Name" field while registering. | |||||
| CVE-2021-42917 | 1 Kodi | 1 Kodi | 2021-11-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| Buffer overflow vulnerability in Kodi xbmc up to 19.0, allows attackers to cause a denial of service due to improper length of values passed to istream. | |||||
| CVE-2021-31624 | 1 Tendacn | 2 Ac9, Ac9 Firmware | 2021-11-02 | 5.8 MEDIUM | 8.8 HIGH |
| Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.19(6318), and AC9 V3.0 V15.03.06.42_multi, allows attackers to execute arbitrary code via the urls parameter. | |||||
| CVE-2021-36999 | 1 Huawei | 2 Emui, Magic Ui | 2021-11-01 | 6.8 MEDIUM | 7.8 HIGH |
| There is a Buffer overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability by sending malicious images and inducing users to open the images may cause remote code execution. | |||||