Search Results (85612 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-42683 1 Accops 1 Hyworks Windows Client 2024-11-21 8.8 High
A Buffer Overflow vulnerability exists in Accops HyWorks Windows Client prior to v 3.2.8.200. The IOCTL Handler 0x22001B allows local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
CVE-2021-42682 1 Accops 1 Hyworks Dvm Tools 2024-11-21 8.8 High
An Integer Overflow vulnerability exists in Accops HyWorks DVM Tools prior to v3.3.1.105 .The IOCTL Handler 0x22001B allows local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
CVE-2021-42681 1 Accops 1 Hyworks Dvm Tools 2024-11-21 8.8 High
A Buffer Overflow vulnerability exists in Accops HyWorks DVM Tools prior to v3.3.1.105. The IOCTL Handler 0x22001B allows local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
CVE-2021-42671 1 Engineers Online Portal Project 1 Engineers Online Portal 2024-11-21 7.5 High
An incorrect access control vulnerability exists in Sourcecodester Engineers Online Portal in PHP in nia_munoz_monitoring_system/admin/uploads. An attacker can leverage this vulnerability in order to bypass access controls and access all the files uploaded to the web server without the need of authentication or authorization.
CVE-2021-42666 1 Engineers Online Portal Project 1 Engineers Online Portal 2024-11-21 8.8 High
A SQL Injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the id parameter to quiz_question.php, which could let a malicious user extract sensitive data from the web server and in some cases use this vulnerability in order to get a remote code execution on the remote web server.
CVE-2021-42655 1 Sscms 1 Siteserver Cms 2024-11-21 8.8 High
SiteServer CMS V6.15.51 is affected by a SQL injection vulnerability.
CVE-2021-42651 1 Pentest Collaboration Framework Project 1 Pentest Collaboration Framework 2024-11-21 8.8 High
A Server Side Template Injection (SSTI) vulnerability in Pentest-Collaboration-Framework v1.0.8 allows an authenticated remote attacker to execute arbitrary code through /project/PROJECTNAME/reports/.
CVE-2021-42643 1 Cmseasy 1 Cmseasy 2024-11-21 8.8 High
cmseasy V7.7.5_20211012 is affected by an arbitrary file write vulnerability. Through this vulnerability, a PHP script file is written to the website server, and accessing this file can lead to a code execution vulnerability.
CVE-2021-42642 1 Printerlogic 1 Web Stack 2024-11-21 7.5 High
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to disclose the plaintext console username and password for a printer.
CVE-2021-42641 1 Printerlogic 1 Web Stack 2024-11-21 7.5 High
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to disclose the username and email address of all users.
CVE-2021-42638 3 Apple, Linux, Printerlogic 3 Macos, Linux Kernel, Web Stack 2024-11-21 8.1 High
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below do not sanitize user input resulting in pre-auth remote code execution.
CVE-2021-42635 3 Apple, Linux, Printerlogic 3 Macos, Linux Kernel, Web Stack 2024-11-21 8.1 High
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use a hardcoded APP_KEY value, leading to pre-auth remote code execution.
CVE-2021-42631 3 Apple, Linux, Printerlogic 4 Macos, Linux Kernel, Virtual Appliance and 1 more 2024-11-21 8.1 High
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below deserializes attacker controlled leading to pre-auth remote code execution.
CVE-2021-42624 1 Miniftpd Project 1 Miniftpd 2024-11-21 7.8 High
A local buffer overflow vulnerability exists in the latest version of Miniftpd in ftpproto.c through the tmp variable, where a crafted payload can be sent to the affected function.
CVE-2021-42614 2 Fedoraproject, Halibut Project 2 Fedora, Halibut 2024-11-21 7.8 High
A use after free in info_width_internal in bk_info.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have unspecified other impact via a crafted text document.
CVE-2021-42613 2 Fedoraproject, Halibut Project 2 Fedora, Halibut 2024-11-21 7.8 High
A double free in cleanup_index in index.c in Halibut 1.2 allows an attacker to cause a denial of service or possibly have other unspecified impact via a crafted text document.
CVE-2021-42612 2 Fedoraproject, Halibut Project 2 Fedora, Halibut 2024-11-21 7.8 High
A use after free in cleanup_index in index.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have other unspecified impact via a crafted text document.
CVE-2021-42586 1 Gnu 1 Libredwg 2024-11-21 8.8 High
A heap buffer overflow was discovered in copy_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file.
CVE-2021-42585 1 Gnu 1 Libredwg 2024-11-21 8.8 High
A heap buffer overflow was discovered in copy_compressed_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file.
CVE-2021-42583 1 Foxcpp 1 Maddy 2024-11-21 7.5 High
A Broken or Risky Cryptographic Algorithm exists in Max Mazurov Maddy before 0.5.2, which is an unnecessary risk that may result in the exposure of sensitive information.