Search
Total
6424 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-34875 | 1 Bentley | 2 Bentley View, Microstation | 2022-01-14 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. Crafted data in a 3DS file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14827. | |||||
| CVE-2021-34903 | 1 Bentley | 2 Bentley View, Microstation | 2022-01-14 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP files. Crafted data in a BMP file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14876. | |||||
| CVE-2021-34896 | 1 Bentley | 2 Bentley View, Microstation | 2022-01-14 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14863. | |||||
| CVE-2021-34907 | 1 Bentley | 2 Bentley View, Microstation | 2022-01-14 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14880. | |||||
| CVE-2021-34893 | 1 Bentley | 2 Bentley View, Microstation | 2022-01-14 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14846. | |||||
| CVE-2021-34871 | 1 Bentley | 2 Bentley View, Microstation | 2022-01-14 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14695. | |||||
| CVE-2021-34876 | 1 Bentley | 2 Bentley View, Microstation | 2022-01-14 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14828. | |||||
| CVE-2021-34877 | 1 Bentley | 2 Bentley View, Microstation | 2022-01-14 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14829. | |||||
| CVE-2021-34878 | 1 Bentley | 2 Bentley View, Microstation | 2022-01-14 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14830. | |||||
| CVE-2021-36417 | 1 Gpac | 1 Gpac | 2022-01-14 | 6.8 MEDIUM | 7.8 HIGH |
| A heap-based buffer overflow vulnerability exists in GPAC v1.0.1 in the gf_isom_dovi_config_get function in MP4Box, which causes a denial of service or execute arbitrary code via a crafted file. | |||||
| CVE-2021-24042 | 1 Whatsapp | 1 Whatsapp | 2022-01-14 | 7.5 HIGH | 9.8 CRITICAL |
| The calling logic for WhatsApp for Android prior to v2.21.23, WhatsApp Business for Android prior to v2.21.23, WhatsApp for iOS prior to v2.21.230, WhatsApp Business for iOS prior to v2.21.230, WhatsApp for KaiOS prior to v2.2143, WhatsApp Desktop prior to v2.2146 could have allowed an out-of-bounds write if a user makes a 1:1 call to a malicious actor. | |||||
| CVE-2021-39990 | 1 Huawei | 1 Harmonyos | 2022-01-14 | 7.5 HIGH | 9.8 CRITICAL |
| The screen lock module has a Stack-based Buffer Overflow vulnerability.Successful exploitation of this vulnerability may affect user experience. | |||||
| CVE-2022-22707 | 2 Debian, Lighttpd | 2 Debian Linux, Lighttpd | 2022-01-13 | 4.3 MEDIUM | 5.9 MEDIUM |
| In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded function of the mod_extforward plugin has a stack-based buffer overflow (4 bytes representing -1), as demonstrated by remote denial of service (daemon crash) in a non-default configuration. The non-default configuration requires handling of the Forwarded header in a somewhat unusual manner. Also, a 32-bit system is much more likely to be affected than a 64-bit system. | |||||
| CVE-2021-32998 | 1 Fanuc | 18 R-30ia, R-30ia Firmware, R-30ia Mate and 15 more | 2022-01-13 | 10.0 HIGH | 9.8 CRITICAL |
| The FANUC R-30iA and R-30iB series controllers are vulnerable to an out-of-bounds write, which may allow an attacker to remotely execute arbitrary code. INIT START/restore from backup required. | |||||
| CVE-2021-30942 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2022-01-13 | 6.8 MEDIUM | 7.8 HIGH |
| Description: A memory corruption issue in the processing of ICC profiles was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing a maliciously crafted image may lead to arbitrary code execution. | |||||
| CVE-2021-35093 | 1 Qualcomm | 4 Csr8510 A10, Csr8510 A10 Firmware, Csr8811 A12 and 1 more | 2022-01-13 | 3.3 LOW | 6.5 MEDIUM |
| Possible memory corruption in BT controller when it receives an oversized LMP packet over 2-DH1 link and leads to denial of service in BlueCore | |||||
| CVE-2021-40002 | 1 Huawei | 1 Harmonyos | 2022-01-13 | 5.8 MEDIUM | 8.8 HIGH |
| The Bluetooth module has an out-of-bounds write vulnerability. Successful exploitation of this vulnerability may result in malicious command execution at the remote end. | |||||
| CVE-2021-40009 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-01-13 | 5.0 MEDIUM | 5.3 MEDIUM |
| There is an Out-of-bounds write vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity. | |||||
| CVE-2021-43554 | 1 Fatek | 1 Winproladder | 2022-01-13 | 6.8 MEDIUM | 7.8 HIGH |
| FATEK WinProladder Versions 3.30_24518 and prior are vulnerable to an out-of-bounds write while processing project files, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2021-40028 | 1 Huawei | 1 Harmonyos | 2022-01-13 | 5.0 MEDIUM | 7.5 HIGH |
| The eID module has an out-of-bounds memory write vulnerability,Successful exploitation of this vulnerability may affect data integrity. | |||||
| CVE-2021-40026 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-01-13 | 5.0 MEDIUM | 7.5 HIGH |
| There is a Heap-based buffer overflow vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity. | |||||
| CVE-2021-40021 | 1 Huawei | 1 Harmonyos | 2022-01-13 | 5.0 MEDIUM | 7.5 HIGH |
| The eID module has an out-of-bounds memory write vulnerability,Successful exploitation of this vulnerability may affect data confidentiality. | |||||
| CVE-2021-40014 | 1 Huawei | 1 Harmonyos | 2022-01-13 | 5.0 MEDIUM | 7.5 HIGH |
| The bone voice ID trusted application (TA) has a heap overflow vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. | |||||
| CVE-2021-39996 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-01-13 | 7.5 HIGH | 9.8 CRITICAL |
| There is a Heap-based buffer overflow vulnerability with the NFC module in smartphones. Successful exploitation of this vulnerability may cause memory overflow. | |||||
| CVE-2021-40000 | 1 Huawei | 1 Harmonyos | 2022-01-12 | 5.8 MEDIUM | 8.8 HIGH |
| The Bluetooth module has an out-of-bounds write vulnerability. Successful exploitation of this vulnerability may result in malicious command execution at the remote end. | |||||
| CVE-2021-45830 | 1 Hdfgroup | 1 Hdf5 | 2022-01-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via H5F_addr_decode_len in /hdf5/src/H5Fint.c, which could cause a Denial of Service. | |||||
| CVE-2021-45833 | 1 Hdfgroup | 1 Hdf5 | 2022-01-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 via the H5D__create_chunk_file_map_hyper function in /hdf5/src/H5Dchunk.c, which causes a Denial of Service (context-dependent). | |||||
| CVE-2021-45928 | 1 Libjxl Project | 1 Libjxl | 2022-01-12 | 2.1 LOW | 5.5 MEDIUM |
| libjxl b02d6b9, as used in libvips 8.11 through 8.11.2 and other products, has an out-of-bounds write in jxl::ModularFrameDecoder::DecodeGroup (called from jxl::FrameDecoder::ProcessACGroup and jxl::ThreadPool::RunCallState<jxl::FrameDecoder::ProcessSections). | |||||
| CVE-2021-45927 | 1 Mdbtools Project | 1 Mdbtools | 2022-01-12 | 4.6 MEDIUM | 7.8 HIGH |
| MDB Tools (aka mdbtools) 0.9.2 has a stack-based buffer overflow (at 0x7ffd6e029ee0) in mdb_numeric_to_string (called from mdb_xfer_bound_data and _mdb_attempt_bind). | |||||
| CVE-2021-45926 | 1 Mdbtools Project | 1 Mdbtools | 2022-01-12 | 4.6 MEDIUM | 7.8 HIGH |
| MDB Tools (aka mdbtools) 0.9.2 has a stack-based buffer overflow (at 0x7ffd0c689be0) in mdb_numeric_to_string (called from mdb_xfer_bound_data and _mdb_attempt_bind). | |||||
| CVE-2021-3761 | 1 Cloudflare | 1 Octorpki | 2022-01-12 | 5.0 MEDIUM | 7.5 HIGH |
| Any CA issuer in the RPKI can trick OctoRPKI prior to 1.3.0 into emitting an invalid VRP "MaxLength" value, causing RTR sessions to terminate. An attacker can use this to disable RPKI Origin Validation in a victim network (for example AS 13335 - Cloudflare) prior to launching a BGP hijack which during normal operations would be rejected as "RPKI invalid". Additionally, in certain deployments RTR session flapping in and of itself also could cause BGP routing churn, causing availability issues. | |||||
| CVE-2021-43174 | 1 Nlnetlabs | 1 Routinator | 2022-01-12 | 5.0 MEDIUM | 7.5 HIGH |
| NLnet Labs Routinator versions 0.9.0 up to and including 0.10.1, support the gzip transfer encoding when querying RRDP repositories. This encoding can be used by an RRDP repository to cause an out-of-memory crash in these versions of Routinator. RRDP uses XML which allows arbitrary amounts of white space in the encoded data. The gzip scheme compresses such white space extremely well, leading to very small compressed files that become huge when being decompressed for further processing, big enough that Routinator runs out of memory when parsing input data waiting for the next XML element. | |||||
| CVE-2021-45939 | 1 Wolfssl | 1 Wolfmqtt | 2022-01-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_WaitType and MqttClient_Subscribe). | |||||
| CVE-2021-45938 | 1 Wolfssl | 1 Wolfmqtt | 2022-01-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_WaitType and MqttClient_Unsubscribe). | |||||
| CVE-2021-45937 | 1 Wolfssl | 1 Wolfmqtt | 2022-01-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_WaitType and MqttClient_Connect). | |||||
| CVE-2021-45936 | 1 Wolfssl | 1 Wolfmqtt | 2022-01-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttDecode_Disconnect (called from MqttClient_DecodePacket and MqttClient_WaitType). | |||||
| CVE-2021-45934 | 1 Wolfssl | 1 Wolfmqtt | 2022-01-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_HandlePacket and MqttClient_WaitType). | |||||
| CVE-2021-45933 | 1 Wolfssl | 1 Wolfmqtt | 2022-01-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow (8 bytes) in MqttDecode_Publish (called from MqttClient_DecodePacket and MqttClient_HandlePacket). | |||||
| CVE-2021-45932 | 1 Wolfssl | 1 Wolfmqtt | 2022-01-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow (4 bytes) in MqttDecode_Publish (called from MqttClient_DecodePacket and MqttClient_HandlePacket). | |||||
| CVE-2021-45935 | 1 Grok Project | 1 Grok | 2022-01-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| Grok 9.5.0 has a heap-based buffer overflow in openhtj2k::T1OpenHTJ2K::decompress (called from std::__1::__packaged_task_func<std::__1::__bind<grk::T1DecompressScheduler::deco and std::__1::packaged_task<int). | |||||
| CVE-2021-45940 | 1 Libbpf Project | 1 Libbpf | 2022-01-11 | 4.3 MEDIUM | 6.5 MEDIUM |
| libbpf 0.6.0 and 0.6.1 has a heap-based buffer overflow (4 bytes) in __bpf_object__open (called from bpf_object__open_mem and bpf-object-fuzzer.c). | |||||
| CVE-2021-45941 | 1 Libbpf Project | 1 Libbpf | 2022-01-11 | 4.3 MEDIUM | 6.5 MEDIUM |
| libbpf 0.6.0 and 0.6.1 has a heap-based buffer overflow (8 bytes) in __bpf_object__open (called from bpf_object__open_mem and bpf-object-fuzzer.c). | |||||
| CVE-2021-45950 | 1 Gnu | 1 Libredwg | 2022-01-11 | 4.3 MEDIUM | 6.5 MEDIUM |
| LibreDWG 0.12.4.4313 through 0.12.4.4367 has an out-of-bounds write in dwg_free_BLOCK_private (called from dwg_free_BLOCK and dwg_free_object). | |||||
| CVE-2021-44158 | 1 Asus | 2 Rt-ax56u, Rt-ax56u Firmware | 2022-01-10 | 7.7 HIGH | 8.0 HIGH |
| ASUS RT-AX56U Wi-Fi Router is vulnerable to stack-based buffer overflow due to improper validation for httpd parameter length. An authenticated local area network attacker can launch arbitrary code execution to control the system or disrupt service. | |||||
| CVE-2021-45638 | 1 Netgear | 28 D6220, D6220 Firmware, D6400 and 25 more | 2022-01-10 | 7.5 HIGH | 9.8 CRITICAL |
| Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.68, D6400 before 1.0.0.102, D7000v2 before 1.0.0.74, D8500 before 1.0.3.60, DC112A before 1.0.0.56, R6300v2 before 1.0.4.50, R6400 before 1.0.1.68, R7000 before 1.0.11.116, R7100LG before 1.0.0.70, RBS40V before 2.6.2.8, RBW30 before 2.6.2.2, RS400 before 1.5.1.80, R7000P before 1.3.2.132, and R6900P before 1.3.2.132. | |||||
| CVE-2021-37563 | 1 Mediatek | 20 Mt7603e, Mt7603e Firmware, Mt7610 and 17 more | 2022-01-10 | 9.3 HIGH | 8.8 HIGH |
| MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write). | |||||
| CVE-2021-37561 | 1 Mediatek | 20 Mt7603e, Mt7603e Firmware, Mt7610 and 17 more | 2022-01-10 | 9.3 HIGH | 8.8 HIGH |
| MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write). | |||||
| CVE-2021-37560 | 1 Mediatek | 20 Mt7603e, Mt7603e Firmware, Mt7610 and 17 more | 2022-01-10 | 9.3 HIGH | 8.8 HIGH |
| MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write). | |||||
| CVE-2021-35055 | 1 Mediatek | 20 Mt7603e, Mt7603e Firmware, Mt7610 and 17 more | 2022-01-10 | 9.3 HIGH | 8.8 HIGH |
| MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write). | |||||
| CVE-2019-1010238 | 1 Gnome | 1 Pango | 2022-01-10 | 7.5 HIGH | 9.8 CRITICAL |
| Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when application pass invalid utf-8 strings to functions like pango_itemize. | |||||