Export limit exceeded: 16342 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (21410 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-27248 | 1 Dlink | 2 Dap-2020, Dap-2020 Firmware | 2024-11-21 | 8.8 High |
| This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 v1.01rc001 Wi-Fi access points. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of CGI scripts. When parsing the getpage parameter, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-10932. | ||||
| CVE-2021-27247 | 1 Tencent | 1 Wechat | 2024-11-21 | 6.5 Medium |
| This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tencent WeChat 2.9.5 desktop version. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the WXAM decoder. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-11907. | ||||
| CVE-2021-27246 | 1 Tp-link | 2 Ac1750, Ac1750 Firmware | 2024-11-21 | 8.0 High |
| This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer A7 AC1750 1.0.15 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of MAC addresses by the tdpServer endpoint. A crafted TCP message can write stack pointers to the stack. An attacker can leverage this vulnerability to execute code in the context of the root user. Was ZDI-CAN-12306. | ||||
| CVE-2021-27244 | 1 Parallels | 1 Parallels Desktop | 2024-11-21 | 6.5 Medium |
| This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 16.0.1-48919. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-11925. | ||||
| CVE-2021-27239 | 1 Netgear | 70 D6220, D6220 Firmware, D6400 and 67 more | 2024-11-21 | 8.8 High |
| This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400 and R6700 firmware version 1.0.4.98 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the upnpd service, which listens on UDP port 1900 by default. A crafted MX header field in an SSDP message can trigger an overflow of a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-11851. | ||||
| CVE-2021-27217 | 1 Yubico | 1 Yubihsm-shell | 2024-11-21 | 4.4 Medium |
| An issue was discovered in the _send_secure_msg() function of Yubico yubihsm-shell through 2.0.3. The function does not correctly validate the embedded length field of an authenticated message received from the device. Out-of-bounds reads performed by aes_remove_padding() can crash the running process, depending on the memory layout. This could be used by an attacker to cause a client-side denial of service. The yubihsm-shell project is included in the YubiHSM 2 SDK product. | ||||
| CVE-2021-27208 | 1 Xilinx | 4 Zynq-7000, Zynq-7000 Firmware, Zynq-7000s and 1 more | 2024-11-21 | 6.8 Medium |
| When booting a Zync-7000 SOC device from nand flash memory, the nand driver in the ROM does not validate the inputs when reading in any parameters in the nand’s parameter page. IF a field read in from the parameter page is too large, this causes a buffer overflow that could lead to arbitrary code execution. Physical access and modification of the board assembly on which the Zynq-7000 SoC device mounted is needed to replace the original NAND flash memory with a NAND flash emulation device for this attack to be successful. | ||||
| CVE-2021-27045 | 1 Autodesk | 1 Navisworks | 2024-11-21 | 7.8 High |
| A maliciously crafted PDF file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to read beyond allocated boundaries when parsing the PDF file. This vulnerability can be exploited to execute arbitrary code. | ||||
| CVE-2021-27044 | 1 Autodesk | 1 Fbx Review | 2024-11-21 | 7.8 High |
| A Out-Of-Bounds Read/Write Vulnerability in Autodesk FBX Review version 1.4.0 may lead to remote code execution through maliciously crafted DLL files or information disclosure. | ||||
| CVE-2021-27040 | 3 Autodesk, Iconics, Mitsubishielectric | 13 Advance Steel, Autocad, Autocad Architecture and 10 more | 2024-11-21 | 3.3 Low |
| A maliciously crafted DWG file can be forced to read beyond allocated boundaries when parsing the DWG file. This vulnerability can be exploited to execute arbitrary code. | ||||
| CVE-2021-27027 | 1 Autodesk | 1 Fbx Review | 2024-11-21 | 7.8 High |
| An Out-Of-Bounds Read Vulnerability in Autodesk FBX Review version 1.5.0 and prior may lead to code execution through maliciously crafted DLL files or information disclosure. | ||||
| CVE-2021-27020 | 1 Puppet | 1 Puppet Enterprise | 2024-11-21 | 8.8 High |
| Puppet Enterprise presented a security risk by not sanitizing user input when doing a CSV export. | ||||
| CVE-2021-26957 | 1 Xcb Project | 1 Xcb | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the xcb crate through 2021-02-04 for Rust. It has a soundness violation because there is an out-of-bounds read in xcb::xproto::change_property(), as demonstrated by a format=32 T=u8 situation where out-of-bounds bytes are sent to an X server. | ||||
| CVE-2021-26926 | 3 Fedoraproject, Jasper Project, Redhat | 3 Fedora, Jasper, Enterprise Linux | 2024-11-21 | 7.1 High |
| A flaw was found in jasper before 2.0.25. An out of bounds read issue was found in jp2_decode function whic may lead to disclosure of information or program crash. | ||||
| CVE-2021-26827 | 1 Tp-link | 2 Tl-wr2041\+, Tl-wr2041\+ Firmware | 2024-11-21 | 7.5 High |
| Buffer Overflow in TP-Link WR2041 v1 firmware for the TL-WR2041+ router allows remote attackers to cause a Denial-of-Service (DoS) by sending an HTTP request with a very long "ssid" parameter to the "/userRpm/popupSiteSurveyRpm.html" webpage, which crashes the router. | ||||
| CVE-2021-26805 | 1 Tsmuxer Project | 1 Tsmuxer | 2024-11-21 | 5.5 Medium |
| Buffer Overflow in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a malicious WAV file. | ||||
| CVE-2021-26777 | 1 Circutor | 2 Compact Dc-s Basic, Compact Dc-s Basic Firmware | 2024-11-21 | 9.8 Critical |
| Buffer overflow vulnerability in function SetFirewall in index.cgi in CIRCUTOR COMPACT DC-S BASIC smart metering concentrator Firwmare version CIR_CDC_v1.2.17, allows attackers to execute arbitrary code. | ||||
| CVE-2021-26728 | 1 Lannerinc | 2 Iac-ast2500a, Iac-ast2500a Firmware | 2024-11-21 | 10 Critical |
| Command injection and stack-based buffer overflow vulnerabilities in the KillDupUsr_func function of spx_restservice allow an attacker to execute arbitrary code with the same privileges as the server user (root). This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0. | ||||
| CVE-2021-26691 | 6 Apache, Debian, Fedoraproject and 3 more | 10 Http Server, Debian Linux, Fedora and 7 more | 2024-11-21 | 9.8 Critical |
| In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow | ||||
| CVE-2021-26635 | 1 Bandisoft | 1 Ark Library | 2024-11-21 | 7.8 High |
| In the code that verifies the file size in the ark library, it is possible to manipulate the offset read from the target file due to the wrong use of the data type. An attacker could use this vulnerability to cause a stack buffer overflow and as a result, perform an attack such as remote code execution. | ||||