Search
Total
6424 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-46265 | 1 Tenda | 2 Ac11, Ac11 Firmware | 2022-02-23 | 7.5 HIGH | 9.8 CRITICAL |
| Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the wanBasicCfg module. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data. | |||||
| CVE-2021-46321 | 1 Tenda | 2 Ac11, Ac11 Firmware | 2022-02-23 | 7.5 HIGH | 9.8 CRITICAL |
| Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the wifiBasicCfg module. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data. | |||||
| CVE-2021-44142 | 6 Canonical, Debian, Fedoraproject and 3 more | 23 Ubuntu Linux, Debian Linux, Fedora and 20 more | 2022-02-23 | 9.0 HIGH | 8.8 HIGH |
| The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root. | |||||
| CVE-2021-45392 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2022-02-23 | 7.8 HIGH | 7.5 HIGH |
| A Buffer Overflow vulnerability exists in Tenda Router AX12 V22.03.01.21_CN in the sub_422CE4 function in page /goform/setIPv6Status via the prefixDelegate parameter, which causes a Denial of Service. | |||||
| CVE-2022-0311 | 1 Google | 1 Chrome | 2022-02-22 | 6.8 MEDIUM | 8.8 HIGH |
| Heap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-0310 | 1 Google | 1 Chrome | 2022-02-22 | 6.8 MEDIUM | 8.8 HIGH |
| Heap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via specific user interactions. | |||||
| CVE-2021-45005 | 1 Artifex | 1 Mujs | 2022-02-22 | 7.5 HIGH | 9.8 CRITICAL |
| Artifex MuJS v1.1.3 was discovered to contain a heap buffer overflow which is caused by conflicting JumpList of nested try/finally statements. | |||||
| CVE-2021-30832 | 1 Apple | 2 Mac Os X, Macos | 2022-02-22 | 4.6 MEDIUM | 7.8 HIGH |
| A memory corruption issue was addressed with improved state management. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A local attacker may be able to elevate their privileges. | |||||
| CVE-2021-46656 | 2022-02-22 | N/A | N/A | ||
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15631. | |||||
| CVE-2021-29976 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2022-02-22 | 6.8 MEDIUM | 8.8 HIGH |
| Mozilla developers reported memory safety bugs present in code shared between Firefox and Thunderbird. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 78.12, Firefox ESR < 78.12, and Firefox < 90. | |||||
| CVE-2021-29977 | 1 Mozilla | 1 Firefox | 2022-02-22 | 6.8 MEDIUM | 8.8 HIGH |
| Mozilla developers reported memory safety bugs present in Firefox 89. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 90. | |||||
| CVE-2020-6860 | 2 Fedoraproject, Symonics | 2 Fedora, Libmysofa | 2022-02-20 | 6.8 MEDIUM | 8.8 HIGH |
| libmysofa 0.9.1 has a stack-based buffer overflow in readDataVar in hdf/dataobject.c during the reading of a header message attribute. | |||||
| CVE-2019-6454 | 8 Canonical, Debian, Fedoraproject and 5 more | 22 Ubuntu Linux, Debian Linux, Fedora and 19 more | 2022-02-20 | 4.9 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can exploit this by sending a specially crafted message to PID1, causing the stack pointer to jump over the stack guard pages into an unmapped memory region and trigger a denial of service (systemd PID1 crash and kernel panic). | |||||
| CVE-2021-45956 | 1 Thekelleys | 1 Dnsmasq | 2022-02-19 | 7.5 HIGH | 9.8 CRITICAL |
| ** DISPUTED ** Dnsmasq 2.86 has a heap-based buffer overflow in print_mac (called from log_packet and dhcp_reply). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge." | |||||
| CVE-2021-45955 | 1 Thekelleys | 1 Dnsmasq | 2022-02-19 | 7.5 HIGH | 9.8 CRITICAL |
| ** DISPUTED ** Dnsmasq 2.86 has a heap-based buffer overflow in resize_packet (called from FuzzResizePacket and fuzz_rfc1035.c) because of the lack of a proper bounds check upon pseudo header re-insertion. NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge." However, a contributor states that a security patch (mentioned in 016162.html) is needed. | |||||
| CVE-2021-45957 | 1 Thekelleys | 1 Dnsmasq | 2022-02-19 | 7.5 HIGH | 9.8 CRITICAL |
| ** DISPUTED ** Dnsmasq 2.86 has a heap-based buffer overflow in answer_request (called from FuzzAnswerTheRequest and fuzz_rfc1035.c). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge." | |||||
| CVE-2021-45952 | 1 Thekelleys | 1 Dnsmasq | 2022-02-19 | 7.5 HIGH | 9.8 CRITICAL |
| ** DISPUTED ** Dnsmasq 2.86 has a heap-based buffer overflow in dhcp_reply (called from dhcp_packet and FuzzDhcp). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge." | |||||
| CVE-2021-45953 | 1 Thekelleys | 1 Dnsmasq | 2022-02-19 | 7.5 HIGH | 9.8 CRITICAL |
| ** DISPUTED ** Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called from hash_questions and fuzz_util.c). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge." | |||||
| CVE-2021-45951 | 1 Thekelleys | 1 Dnsmasq | 2022-02-19 | 7.5 HIGH | 9.8 CRITICAL |
| ** DISPUTED ** Dnsmasq 2.86 has a heap-based buffer overflow in check_bad_address (called from check_for_bogus_wildcard and FuzzCheckForBogusWildcard). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge." | |||||
| CVE-2021-45954 | 1 Thekelleys | 1 Dnsmasq | 2022-02-19 | 7.5 HIGH | 9.8 CRITICAL |
| ** DISPUTED ** Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called from answer_auth and FuzzAuth). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge." | |||||
| CVE-2021-38013 | 3 Debian, Fedoraproject, Google | 4 Debian Linux, Fedora, Chrome and 1 more | 2022-02-19 | 6.8 MEDIUM | 9.6 CRITICAL |
| Heap buffer overflow in fingerprint recognition in Google Chrome on ChromeOS prior to 96.0.4664.45 allowed a remote attacker who had compromised a WebUI renderer process to potentially perform a sandbox escape via a crafted HTML page. | |||||
| CVE-2021-37978 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2022-02-19 | 6.8 MEDIUM | 8.8 HIGH |
| Heap buffer overflow in Blink in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-37984 | 2 Debian, Google | 2 Debian Linux, Chrome | 2022-02-19 | 6.8 MEDIUM | 8.8 HIGH |
| Heap buffer overflow in PDFium in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-38014 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2022-02-19 | 6.8 MEDIUM | 8.8 HIGH |
| Out of bounds write in Swiftshader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-23428 | 2 Google, Samsung | 2 Android, Exynos | 2022-02-18 | 7.2 HIGH | 7.8 HIGH |
| An improper boundary check in eden_runtime hal service prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution. | |||||
| CVE-2021-39665 | 1 Google | 1 Android | 2022-02-18 | 4.3 MEDIUM | 6.5 MEDIUM |
| In checkSpsUpdated of AAVCAssembler.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-204077881 | |||||
| CVE-2021-4101 | 1 Google | 1 Chrome | 2022-02-18 | 6.8 MEDIUM | 8.8 HIGH |
| Heap buffer overflow in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-4058 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2022-02-18 | 6.8 MEDIUM | 8.8 HIGH |
| Heap buffer overflow in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-4055 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2022-02-18 | 6.8 MEDIUM | 8.8 HIGH |
| Heap buffer overflow in extensions in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. | |||||
| CVE-2022-0100 | 1 Google | 1 Chrome | 2022-02-18 | 6.8 MEDIUM | 8.8 HIGH |
| Heap buffer overflow in Media streams API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-37981 | 2 Debian, Google | 2 Debian Linux, Chrome | 2022-02-18 | 6.8 MEDIUM | 9.6 CRITICAL |
| Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | |||||
| CVE-2021-37979 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2022-02-18 | 6.8 MEDIUM | 8.8 HIGH |
| heap buffer overflow in WebRTC in Google Chrome prior to 94.0.4606.81 allowed a remote attacker who convinced a user to browse to a malicious website to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-0104 | 1 Google | 1 Chrome | 2022-02-18 | 6.8 MEDIUM | 8.8 HIGH |
| Heap buffer overflow in ANGLE in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-0101 | 1 Google | 1 Chrome | 2022-02-18 | 6.8 MEDIUM | 8.8 HIGH |
| Heap buffer overflow in Bookmarks in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gesture to potentially exploit heap corruption via specific user gesture. | |||||
| CVE-2021-30322 | 1 Qualcomm | 196 Aqt1000, Aqt1000 Firmware, Ar8035 and 193 more | 2022-02-18 | 7.2 HIGH | 7.8 HIGH |
| Possible out of bounds write due to improper validation of number of GPIOs configured in an internal parameters array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2021-39675 | 1 Google | 1 Android | 2022-02-17 | 10.0 HIGH | 9.8 CRITICAL |
| In GKI_getbuf of gki_buffer.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-205729183 | |||||
| CVE-2022-20710 | 1 Cisco | 8 Rv340, Rv340 Firmware, Rv340w and 5 more | 2022-02-17 | 5.0 MEDIUM | 5.3 MEDIUM |
| Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2022-20700 | 1 Cisco | 18 Rv160, Rv160 Firmware, Rv160w and 15 more | 2022-02-17 | 10.0 HIGH | 9.8 CRITICAL |
| Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2022-20712 | 1 Cisco | 8 Rv340, Rv340 Firmware, Rv340w and 5 more | 2022-02-17 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2022-20749 | 1 Cisco | 8 Rv340, Rv340 Firmware, Rv340w and 5 more | 2022-02-17 | 10.0 HIGH | 9.8 CRITICAL |
| Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2022-24954 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2022-02-17 | 7.5 HIGH | 9.8 CRITICAL |
| Foxit PDF Reader before 11.2.1 and Foxit PDF Editor before 11.2.1 have a Stack-Based Buffer Overflow related to XFA, for the 'subform colSpan="-2"' and 'draw colSpan="1"' substrings. | |||||
| CVE-2022-21137 | 1 Omron | 1 Cx-one | 2022-02-16 | 6.8 MEDIUM | 7.8 HIGH |
| Omron CX-One Versions 4.60 and prior are vulnerable to a stack-based buffer overflow while processing specific project files, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2021-30919 | 1 Apple | 6 Ipad Os, Iphone Os, Mac Os X and 3 more | 2022-02-16 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted PDF may lead to arbitrary code execution. | |||||
| CVE-2021-0116 | 2 Intel, Netapp | 1360 Atom C3308, Atom C3308 Firmware, Atom C3336 and 1357 more | 2022-02-16 | 4.6 MEDIUM | 7.8 HIGH |
| Out-of-bounds write in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access. | |||||
| CVE-2021-33137 | 1 Intel | 1 Kernelflinger | 2022-02-15 | 4.6 MEDIUM | 7.8 HIGH |
| Out-of-bounds write in the Intel(R) Kernelflinger project may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2021-43336 | 1 Opendesign | 1 Drawings Software Development Kit | 2022-02-15 | 6.8 MEDIUM | 7.8 HIGH |
| An Out-of-Bounds Write vulnerability exists when reading a DXF file using Open Design Alliance Drawings SDK before 2022.11. The specific issue exists within the parsing of DXF files. Crafted data in a DXF file (an invalid number of properties) can trigger a write operation past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2022-20040 | 2 Google, Mediatek | 39 Android, Mt6735, Mt6737 and 36 more | 2022-02-14 | 4.6 MEDIUM | 7.8 HIGH |
| In power_hal_manager_service, there is a possible permission bypass due to a stack-based buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219150; Issue ID: ALPS06219150. | |||||
| CVE-2021-44648 | 1 Gnome | 1 Gdkpixbuf | 2022-02-12 | 6.8 MEDIUM | 8.8 HIGH |
| GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12. | |||||
| CVE-2021-4062 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2022-02-12 | 6.8 MEDIUM | 8.8 HIGH |
| Heap buffer overflow in BFCache in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-4079 | 2 Debian, Google | 2 Debian Linux, Chrome | 2022-02-12 | 6.8 MEDIUM | 8.8 HIGH |
| Out of bounds write in WebRTC in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via crafted WebRTC packets. | |||||