Export limit exceeded: 21764 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (21764 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-36411 | 2 Debian, Struktur | 2 Debian Linux, Libde265 | 2024-11-21 | 5.5 Medium |
| An issue has been found in libde265 v1.0.8 due to incorrect access control. A SEGV caused by a READ memory access in function derive_boundaryStrength of deblock.cc has occurred. The vulnerability causes a segmentation fault and application crash, which leads to remote denial of service. | ||||
| CVE-2021-36347 | 1 Dell | 4 Integrated Dell Remote Access Controller 8, Integrated Dell Remote Access Controller 8 Firmware, Integrated Dell Remote Access Controller 9 and 1 more | 2024-11-21 | 7.2 High |
| iDRAC9 versions prior to 5.00.20.00 and iDRAC8 versions prior to 2.82.82.82 contain a stack-based buffer overflow vulnerability. An authenticated remote attacker with high privileges could potentially exploit this vulnerability to control process execution and gain access to the iDRAC operating system. | ||||
| CVE-2021-36334 | 1 Dell | 1 Emc Cloud Link | 2024-11-21 | 5.9 Medium |
| Dell EMC CloudLink 7.1 and all prior versions contain a CSV formula Injection Vulnerability. A remote high privileged attacker, may potentially exploit this vulnerability, leading to arbitrary code execution on end user machine | ||||
| CVE-2021-36333 | 1 Dell | 1 Emc Cloud Link | 2024-11-21 | 5.5 Medium |
| Dell EMC CloudLink 7.1 and all prior versions contain a Buffer Overflow Vulnerability. A local low privileged attacker, may potentially exploit this vulnerability, leading to an application crash. | ||||
| CVE-2021-36301 | 1 Dell | 2 Emc Idrac8 Firmware, Emc Idrac9 Firmware | 2024-11-21 | 5.9 Medium |
| Dell iDRAC 9 prior to version 4.40.40.00 and iDRAC 8 prior to version 2.80.80.80 contain a Stack Buffer Overflow in Racadm. An authenticated remote attacker may potentially exploit this vulnerability to control process execution and gain access to the underlying operating system. | ||||
| CVE-2021-36159 | 1 Freebsd | 1 Libfetch | 2024-11-21 | 9.1 Critical |
| libfetch before 2021-07-26, as used in apk-tools, xbps, and other products, mishandles numeric strings for the FTP and HTTP protocols. The FTP passive mode implementation allows an out-of-bounds read because strtol is used to parse the relevant numbers into address bytes. It does not check if the line ends prematurely. If it does, the for-loop condition checks for the '\0' terminator one byte too late. | ||||
| CVE-2021-36148 | 1 Linux | 1 Acrn | 2024-11-21 | 7.8 High |
| An issue was discovered in ACRN before 2.5. dmar_free_irte in hypervisor/arch/x86/vtd.c allows an irte_alloc_bitmap buffer overflow. | ||||
| CVE-2021-36071 | 2 Adobe, Microsoft | 2 Bridge, Windows | 2024-11-21 | 3.3 Low |
| Adobe Bridge versions 11.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2021-36065 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2024-11-21 | 7.8 High |
| Adobe Photoshop versions 21.2.10 (and earlier) and 22.4.3 (and earlier) are affected by a heap-based buffer overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2021-35988 | 1 Adobe | 2 Acrobat Dc, Acrobat Reader Dc | 2024-11-21 | 3.3 Low |
| Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2021-35987 | 1 Adobe | 2 Acrobat Dc, Acrobat Reader Dc | 2024-11-21 | 3.3 Low |
| Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2021-35977 | 1 Digi | 35 6350-sr, 6350-sr Firmware, Cm and 32 more | 2024-11-21 | 9.8 Critical |
| An issue was discovered in Digi RealPort for Windows through 4.8.488.0. A buffer overflow exists in the handling of ADDP discovery response messages. This could result in arbitrary code execution. | ||||
| CVE-2021-35945 | 1 Couchbase | 1 Couchbase Server | 2024-11-21 | 7.5 High |
| Couchbase Server 6.5.x, 6.6.0 through 6.6.2, and 7.0.0, has a Buffer Overflow. A specially crafted network packet sent from an attacker can crash memcached. | ||||
| CVE-2021-35944 | 1 Couchbase | 1 Couchbase Server | 2024-11-21 | 7.5 High |
| Couchbase Server 6.5.x, 6.6.x through 6.6.2, and 7.0.0 has a Buffer Overflow. A specially crafted network packet sent from an attacker can crash memcached. | ||||
| CVE-2021-35940 | 2 Apache, Oracle | 2 Portable Runtime, Http Server | 2024-11-21 | 7.1 High |
| An out-of-bounds array read in the apr_time_exp*() functions was fixed in the Apache Portable Runtime 1.6.3 release (CVE-2017-12613). The fix for this issue was not carried forward to the APR 1.7.x branch, and hence version 1.7.0 regressed compared to 1.6.3 and is vulnerable to the same issue. | ||||
| CVE-2021-35598 | 2 Netapp, Oracle | 3 Oncommand Insight, Snapcenter, Mysql Cluster | 2024-11-21 | 6.3 Medium |
| Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.33 and prior, 7.5.23 and prior, 7.6.19 and prior and 8.0.26 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). | ||||
| CVE-2021-35594 | 2 Netapp, Oracle | 3 Oncommand Insight, Snapcenter, Mysql Cluster | 2024-11-21 | 6.3 Medium |
| Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.33 and prior, 7.5.23 and prior, 7.6.19 and prior and 8.0.26 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). | ||||
| CVE-2021-35592 | 2 Netapp, Oracle | 3 Oncommand Insight, Snapcenter, Mysql Cluster | 2024-11-21 | 6.3 Medium |
| Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.5.23 and prior, 7.6.19 and prior and 8.0.26 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). | ||||
| CVE-2021-35474 | 2 Apache, Debian | 2 Traffic Server, Debian Linux | 2024-11-21 | 9.8 Critical |
| Stack-based Buffer Overflow vulnerability in cachekey plugin of Apache Traffic Server. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1. | ||||
| CVE-2021-35452 | 2 Debian, Struktur | 2 Debian Linux, Libde265 | 2024-11-21 | 6.5 Medium |
| An Incorrect Access Control vulnerability exists in libde265 v1.0.8 due to a SEGV in slice.cc. | ||||