Export limit exceeded: 359575 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (84270 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-32469 | 1 Mediatek | 20 Mt7603e, Mt7603e Firmware, Mt7610 and 17 more | 2024-11-21 | 8.2 High |
| MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915 Affected Software Versions 7.4.0.0; Out-of-bounds read). | ||||
| CVE-2021-32468 | 1 Mediatek | 20 Mt7603e, Mt7603e Firmware, Mt7610 and 17 more | 2024-11-21 | 8.2 High |
| MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read). | ||||
| CVE-2021-32467 | 1 Mediatek | 18 Mt7603e, Mt7603e Firmware, Mt7612 and 15 more | 2024-11-21 | 8.2 High |
| MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read). | ||||
| CVE-2021-32466 | 2 Microsoft, Trendmicro | 2 Windows, Housecall For Home Networks | 2024-11-21 | 7.0 High |
| An uncontrolled search path element privilege escalation vulnerability in Trend Micro HouseCall for Home Networks version 5.3.1225 and below could allow an attacker to escalate privileges by placing a custom crafted file in a specific directory to load a malicious library. Please note that an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability. | ||||
| CVE-2021-32465 | 1 Trendmicro | 2 Apex One, Officescan | 2024-11-21 | 8.8 High |
| An incorrect permission preservation vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a remote user to perform an attack and bypass authentication on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | ||||
| CVE-2021-32464 | 1 Trendmicro | 2 Apex One, Officescan | 2024-11-21 | 7.8 High |
| An incorrect permission assignment privilege escalation vulnerability in Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security Services could allow an attacker to modify a specific script before it is executed. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | ||||
| CVE-2021-32463 | 2 Microsoft, Trendmicro | 3 Windows, Apex One, Worry-free Business Security | 2024-11-21 | 7.8 High |
| An incorrect permission assignment denial-of-service vulnerability in Trend Micro Apex One, Apex One as a Service (SaaS), Worry-Free Business Security 10.0 SP1 and Worry-Free Servgices could allow a local attacker to escalate privileges and delete files with system privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | ||||
| CVE-2021-32462 | 2 Microsoft, Trendmicro | 2 Windows, Password Manager | 2024-11-21 | 8.8 High |
| Trend Micro Password Manager (Consumer) version 5.0.0.1217 and below is vulnerable to an Exposed Hazardous Function Remote Code Execution vulnerability which could allow an unprivileged client to manipulate the registry and escalate privileges to SYSTEM on affected installations. Authentication is required to exploit this vulnerability. | ||||
| CVE-2021-32461 | 2 Microsoft, Trendmicro | 2 Windows, Password Manager | 2024-11-21 | 7.8 High |
| Trend Micro Password Manager (Consumer) version 5.0.0.1217 and below is vulnerable to an Integer Truncation Privilege Escalation vulnerability which could allow a local attacker to trigger a buffer overflow and escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | ||||
| CVE-2021-32460 | 2 Microsoft, Trendmicro | 2 Windows, Maximum Security 2021 | 2024-11-21 | 7.8 High |
| The Trend Micro Maximum Security 2021 (v17) consumer product is vulnerable to an improper access control vulnerability in the installer which could allow a local attacker to escalate privileges on a target machine. Please note than an attacker must already have local user privileges and access on the machine to exploit this vulnerability. | ||||
| CVE-2021-32458 | 1 Trendmicro | 1 Home Network Security | 2024-11-21 | 7.8 High |
| Trend Micro Home Network Security version 6.6.604 and earlier is vulnerable to an iotcl stack-based buffer overflow vulnerability which could allow an attacker to issue a specially crafted iotcl which could lead to code execution on affected devices. An attacker must first obtain the ability to execute low-privileged code on the target device in order to exploit this vulnerability. | ||||
| CVE-2021-32457 | 1 Trendmicro | 1 Home Network Security | 2024-11-21 | 7.8 High |
| Trend Micro Home Network Security version 6.6.604 and earlier is vulnerable to an iotcl stack-based buffer overflow vulnerability which could allow an attacker to issue a specially crafted iotcl to escalate privileges on affected devices. An attacker must first obtain the ability to execute low-privileged code on the target device in order to exploit this vulnerability. | ||||
| CVE-2021-32439 | 1 Gpac | 1 Gpac | 2024-11-21 | 7.8 High |
| Buffer overflow in the stbl_AppendSize function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file. | ||||
| CVE-2021-32424 | 1 Trendnet | 2 Tw100-s4w1ca, Tw100-s4w1ca Firmware | 2024-11-21 | 8.8 High |
| In TrendNet TW100-S4W1CA 2.3.32, due to a lack of proper session controls, a threat actor could make unauthorized changes to an affected router via a specially crafted web page. If an authenticated user were to interact with a malicious web page it could allow for a complete takeover of the router. | ||||
| CVE-2021-32422 | 1 Dpic Project | 1 Dpic | 2024-11-21 | 7.5 High |
| dpic 2021.01.01 has a Global buffer overflow in theyylex() function in main.c and reads out of the bound array. | ||||
| CVE-2021-32421 | 1 Dpic Project | 1 Dpic | 2024-11-21 | 7.5 High |
| dpic 2021.01.01 has a Heap Use-After-Free in thedeletestringbox() function in dpic.y. | ||||
| CVE-2021-32420 | 1 Dpic Project | 1 Dpic | 2024-11-21 | 7.5 High |
| dpic 2021.01.01 has a Heap-based Buffer Overflow in thestorestring function in dpic.y. | ||||
| CVE-2021-32403 | 1 Intelbras | 2 Rf 301k, Rf 301k Firmware | 2024-11-21 | 8.8 High |
| Intelbras Router RF 301K Firmware 1.1.2 is vulnerable to Cross Site Request Forgery (CSRF) due to lack of security mechanisms for token protection and unsafe inputs and modules. | ||||
| CVE-2021-32402 | 1 Intelbras | 2 Rf 301k, Rf 301k Firmware | 2024-11-21 | 8.8 High |
| Intelbras Router RF 301K Firmware 1.1.2 is vulnerable to Cross Site Request Forgery (CSRF) due to lack of validation and insecure configurations in inputs and modules. | ||||
| CVE-2021-32399 | 4 Debian, Linux, Netapp and 1 more | 27 Debian Linux, Linux Kernel, Cloud Backup and 24 more | 2024-11-21 | 7.0 High |
| net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller. | ||||