Export limit exceeded: 341810 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (7956 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-28454 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2024-11-21 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2021-28305 | 1 Diesel | 1 Diesel | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the diesel crate before 1.4.6 for Rust. There is a use-after-free in the SQLite backend because the semantics of sqlite3_column_name are not followed. | ||||
| CVE-2021-28041 | 4 Fedoraproject, Netapp, Openbsd and 1 more | 11 Fedora, Cloud Backup, Hci Compute Node and 8 more | 2024-11-21 | 7.1 High |
| ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host. | ||||
| CVE-2021-28034 | 1 Stack Dst Project | 1 Stack Dst | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the stack_dst crate before 0.6.1 for Rust. Because of the push_inner behavior, a double free can occur upon a val.clone() panic. | ||||
| CVE-2021-28031 | 1 Scratchpad Project | 1 Scratchpad | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the scratchpad crate before 1.3.1 for Rust. The move_elements function can have a double-free upon a panic in a user-provided f function. | ||||
| CVE-2021-28028 | 1 Toodee Project | 1 Toodee | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the toodee crate before 0.3.0 for Rust. Row insertion can cause a double free upon an iterator panic. | ||||
| CVE-2021-27377 | 1 Yottadb | 1 Yottadb | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the yottadb crate before 1.2.0 for Rust. For some memory-allocation patterns, ydb_subscript_next_st and ydb_subscript_prev_st have a use-after-free. | ||||
| CVE-2021-27347 | 2 Debian, Long Range Zip Project | 2 Debian Linux, Long Range Zip | 2024-11-21 | 5.5 Medium |
| Use after free in lzma_decompress_buf function in stream.c in Irzip 0.631 allows attackers to cause Denial of Service (DoS) via a crafted compressed file. | ||||
| CVE-2021-27268 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Phantompdf, Windows | 2024-11-21 | 7.8 High |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects in PDF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12295. | ||||
| CVE-2021-27267 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Phantompdf, Windows | 2024-11-21 | 7.8 High |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects in PDF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12294. | ||||
| CVE-2021-27037 | 1 Autodesk | 1 Design Review | 2024-11-21 | 7.8 High |
| A maliciously crafted PNG, PDF or DWF file in Autodesk Design Review 2018, 2017, 2013, 2012, 2011 can be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by remote malicious actors to execute arbitrary code. | ||||
| CVE-2021-27033 | 1 Autodesk | 1 Design Review | 2024-11-21 | 7.8 High |
| A Double Free vulnerability allows remote attackers to execute arbitrary code on PDF files within affected installations of Autodesk Design Review 2018, 2017, 2013, 2012, 2011. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. | ||||
| CVE-2021-27031 | 1 Autodesk | 1 Fbx Review | 2024-11-21 | 7.8 High |
| A user may be tricked into opening a malicious FBX file which may exploit a use-after-free vulnerability in FBX's Review causing the application to reference a memory location controlled by an unauthorized third party, thereby running arbitrary code on the system. | ||||
| CVE-2021-26954 | 1 Qwutils Project | 1 Qwutils | 2024-11-21 | 5.3 Medium |
| An issue was discovered in the qwutils crate before 0.3.1 for Rust. When a Clone panic occurs, insert_slice_clone can perform a double drop. | ||||
| CVE-2021-26900 | 1 Microsoft | 8 Windows 10, Windows 10 1809, Windows 10 1909 and 5 more | 2024-11-21 | 7.8 High |
| Windows Win32k Elevation of Privilege Vulnerability | ||||
| CVE-2021-26689 | 1 Google | 1 Android | 2024-11-21 | 9.8 Critical |
| An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. The USB laf gadget has a use-after-free. The LG ID is LVE-SMP-200031 (February 2021). | ||||
| CVE-2021-26199 | 1 Jerryscript | 1 Jerryscript | 2024-11-21 | 6.5 Medium |
| An issue was discovered in JerryScript 2.4.0. There is a heap-use-after-free in ecma_bytecode_ref in ecma-helpers.c file. | ||||
| CVE-2021-26194 | 1 Jerryscript | 1 Jerryscript | 2024-11-21 | 6.5 Medium |
| An issue was discovered in JerryScript 2.4.0. There is a heap-use-after-free in ecma_is_lexical_environment in the ecma-helpers.c file. | ||||
| CVE-2021-25908 | 1 Fil-ocl Project | 1 Fil-ocl | 2024-11-21 | 7.5 High |
| An issue was discovered in the fil-ocl crate through 2021-01-04 for Rust. From<EventList> can lead to a double free. | ||||
| CVE-2021-25907 | 1 Containers Project | 1 Containers | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the containers crate before 0.9.11 for Rust. When a panic occurs, a util::{mutate,mutate2} double drop can be performed. | ||||