Search Results (85326 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-3846 1 Firefly-iii 1 Firefly Iii 2024-11-21 8.8 High
firefly-iii is vulnerable to Unrestricted Upload of File with Dangerous Type
CVE-2021-3845 1 Ws Scrcpy Project 1 Ws Scrcpy 2024-11-21 7.5 High
ws-scrcpy is vulnerable to External Control of File Name or Path
CVE-2021-3842 3 Debian, Fedoraproject, Nltk 3 Debian Linux, Fedora, Nltk 2024-11-21 7.5 High
nltk is vulnerable to Inefficient Regular Expression Complexity
CVE-2021-3840 1 Lenovo 1 Antilles 2024-11-21 8.8 High
A dependency confusion vulnerability was reported in the Antilles open-source software prior to version 1.0.1 that could allow for remote code execution during installation due to a package listed in requirements.txt not existing in the public package index (PyPi). MITRE classifies this weakness as an Uncontrolled Search Path Element (CWE-427) in which a private package dependency may be replaced by an unauthorized package of the same name published to a well-known public repository such as PyPi. The configuration has been updated to only install components built by Antilles, removing all other public package indexes. Additionally, the antilles-tools dependency has been published to PyPi.
CVE-2021-3839 3 Dpdk, Fedoraproject, Redhat 4 Data Plane Development Kit, Fedora, Enterprise Linux and 1 more 2024-11-21 7.5 High
A flaw was found in the vhost library in DPDK. Function vhost_user_set_inflight_fd() does not validate `msg->payload.inflight.num_queues`, possibly causing out-of-bounds memory read/write. Any software using DPDK vhost library may crash as a result of this vulnerability.
CVE-2021-3835 1 Zephyrproject 1 Zephyr 2024-11-21 8.2 High
Buffer overflow in usb device class. Zephyr versions >= v2.6.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-fm6v-8625-99jf
CVE-2021-3828 1 Nltk 1 Nltk 2024-11-21 7.5 High
nltk is vulnerable to Inefficient Regular Expression Complexity
CVE-2021-3823 1 Bitdefender 1 Gravityzone 2024-11-21 7.1 High
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the UpdateServer component of Bitdefender GravityZone allows an attacker to execute arbitrary code on vulnerable instances. This issue affects: Bitdefender GravityZone versions prior to 3.3.8.249.
CVE-2021-3822 1 Jsoneditoronline 1 Jsoneditor 2024-11-21 7.5 High
jsoneditor is vulnerable to Inefficient Regular Expression Complexity
CVE-2021-3820 1 Inflect Project 1 Inflect 2024-11-21 7.5 High
inflect is vulnerable to Inefficient Regular Expression Complexity
CVE-2021-3819 1 Firefly-iii 1 Firefly Iii 2024-11-21 8.8 High
firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-3814 1 Redhat 2 3scale, 3scale Amp 2024-11-21 7.5 High
It was found that 3scale's APIdocs does not validate the access token, in the case of invalid token, it uses session auth instead. This conceivably bypasses access controls and permits unauthorized information disclosure.
CVE-2021-3810 1 Coder 1 Code-server 2024-11-21 7.5 High
code-server is vulnerable to Inefficient Regular Expression Complexity
CVE-2021-3807 3 Ansi-regex Project, Oracle, Redhat 10 Ansi-regex, Communications Cloud Native Core Policy, Acm and 7 more 2024-11-21 7.5 High
ansi-regex is vulnerable to Inefficient Regular Expression Complexity
CVE-2021-3805 3 Debian, Object-path Project, Redhat 3 Debian Linux, Object-path, Acm 2024-11-21 7.5 High
object-path is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CVE-2021-3804 1 Taro 1 Taro 2024-11-21 7.5 High
taro is vulnerable to Inefficient Regular Expression Complexity
CVE-2021-3803 2 Debian, Nth-check Project 2 Debian Linux, Nth-check 2024-11-21 7.5 High
nth-check is vulnerable to Inefficient Regular Expression Complexity
CVE-2021-3796 5 Debian, Fedoraproject, Netapp and 2 more 5 Debian Linux, Fedora, Ontap Select Deploy Administration Utility and 2 more 2024-11-21 7.3 High
vim is vulnerable to Use After Free
CVE-2021-3795 2 Redhat, Semver-regex Project 2 Acm, Semver-regex 2024-11-21 7.5 High
semver-regex is vulnerable to Inefficient Regular Expression Complexity
CVE-2021-3778 5 Debian, Fedoraproject, Netapp and 2 more 5 Debian Linux, Fedora, Ontap Select Deploy Administration Utility and 2 more 2024-11-21 7.8 High
vim is vulnerable to Heap-based Buffer Overflow