Export limit exceeded: 43538 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (43538 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-34259 | 1 St | 2 Stm32cube Middleware, Stm32h7b3 | 2024-11-21 | 6.8 Medium |
| A buffer overflow vulnerability in the USBH_ParseCfgDesc() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below allows attackers to execute arbitrary code. | ||||
| CVE-2021-34236 | 1 Netgear | 2 R8000, R8000 Firmware | 2024-11-21 | 9.8 Critical |
| Buffer Overflow in Netgear R8000 Router with firmware v1.0.4.56 allows remote attackers to execute arbitrary code or cause a denial-of-service by sending a crafted POST to '/bd_genie_create_account.cgi' with a sufficiently long parameter 'register_country'. | ||||
| CVE-2021-34203 | 1 Dlink | 2 Dir-2640-us, Dir-2640-us Firmware | 2024-11-21 | 8.1 High |
| D-Link DIR-2640-US 1.01B04 is vulnerable to Incorrect Access Control. Router ac2600 (dir-2640-us), when setting PPPoE, will start quagga process in the way of whole network monitoring, and this function uses the original default password and port. An attacker can easily use telnet to log in, modify routing information, monitor the traffic of all devices under the router, hijack DNS and phishing attacks. In addition, this interface is likely to be questioned by customers as a backdoor, because the interface should not be exposed. | ||||
| CVE-2021-34121 | 1 Htmldoc Project | 1 Htmldoc | 2024-11-21 | 7.8 High |
| An Out of Bounds flaw was discovered in htmodoc 1.9.12 in function parse_tree() in toc.cxx, this possibly leads to memory layout information leaking in the data. This might be used in a chain of vulnerability in order to reach code execution. | ||||
| CVE-2021-34087 | 1 Ultimaker | 6 Ultimaker 3, Ultimaker 3 Firmware, Ultimaker S3 and 3 more | 2024-11-21 | 7.1 High |
| In Ultimaker S3 3D printer, Ultimaker S5 3D printer, Ultimaker 3 3D printer S-line through 6.3 and Ultimaker 3 through 5.2.16, the local webserver can be used for clickjacking. This includes the settings page. | ||||
| CVE-2021-34085 | 1 Glensawyer | 1 Mp3gain | 2024-11-21 | 9.8 Critical |
| Read access violation in the III_dequantize_sample function in mpglibDBL/layer3.c in mp3gain through 1.5.2-r2 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact, a different vulnerability than CVE-2017-9872. CVE-2017-14409, and CVE-2018-10778. | ||||
| CVE-2021-34070 | 1 Tsmuxer Project | 1 Tsmuxer | 2024-11-21 | 5.5 Medium |
| Out-of-bounds Read in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file. | ||||
| CVE-2021-33938 | 2 Opensuse, Redhat | 4 Libsolv, Enterprise Linux, Satellite and 1 more | 2024-11-21 | 7.5 High |
| Buffer overflow vulnerability in function prune_to_recommended in src/policy.c in libsolv before 0.7.17 allows attackers to cause a Denial of Service. | ||||
| CVE-2021-33930 | 2 Opensuse, Redhat | 4 Libsolv, Enterprise Linux, Satellite and 1 more | 2024-11-21 | 7.5 High |
| Buffer overflow vulnerability in function pool_installable_whatprovides in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. | ||||
| CVE-2021-33929 | 2 Opensuse, Redhat | 4 Libsolv, Enterprise Linux, Satellite and 1 more | 2024-11-21 | 7.5 High |
| Buffer overflow vulnerability in function pool_disabled_solvable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. | ||||
| CVE-2021-33928 | 2 Opensuse, Redhat | 4 Libsolv, Enterprise Linux, Satellite and 1 more | 2024-11-21 | 7.5 High |
| Buffer overflow vulnerability in function pool_installable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. | ||||
| CVE-2021-33909 | 7 Debian, Fedoraproject, Linux and 4 more | 16 Debian Linux, Fedora, Linux Kernel and 13 more | 2024-11-21 | 7.8 High |
| fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05. | ||||
| CVE-2021-33886 | 1 Bbraun | 3 Infusomat Large Volume Pump 871305u, Spacecom2, Spacestation 8713142u | 2024-11-21 | 8.1 High |
| An improper sanitization of input vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote unauthenticated attacker to gain user-level command-line access by passing a raw external string straight through to printf statements. The attacker is required to be on the same network as the device. | ||||
| CVE-2021-33815 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 8.8 High |
| dwa_uncompress in libavcodec/exr.c in FFmpeg 4.4 allows an out-of-bounds array access because dc_count is not strictly checked. | ||||
| CVE-2021-33738 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2024-11-21 | 3.3 Low |
| A vulnerability has been identified in JT2Go (All versions < V13.2.0.2), Teamcenter Visualization (All versions < V13.2.0.2). The plmxmlAdapterSE70.dll library in affected applications lacks proper validation of user-supplied data when parsing PAR files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-13405) | ||||
| CVE-2021-33737 | 1 Siemens | 12 Simatic Cp343-1, Simatic Cp343-1 Advanced, Simatic Cp 343-1 Advanced Firmware and 9 more | 2024-11-21 | 7.5 High |
| A vulnerability has been identified in SIMATIC CP 343-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 ERPC (All versions), SIMATIC CP 343-1 Lean (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 Advanced (All versions < V3.3), SIPLUS NET CP 443-1 (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (All versions < V3.3). Sending a specially crafted packet to port 102/tcp of an affected device could cause a denial of service condition. A restart is needed to restore normal operations. | ||||
| CVE-2021-33720 | 1 Siemens | 3 Siprotec 5 With Cpu Variant Cp050, Siprotec 5 With Cpu Variant Cp100, Siprotec 5 With Cpu Variant Cp300 | 2024-11-21 | 7.5 High |
| A vulnerability has been identified in SIPROTEC 5 relays with CPU variants CP050 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP100 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP300 (All versions < V8.80). Specially crafted packets sent to port 4443/tcp could cause a Denial-of-Service condition. | ||||
| CVE-2021-33719 | 1 Siemens | 3 Siprotec 5 With Cpu Variant Cp050, Siprotec 5 With Cpu Variant Cp100, Siprotec 5 With Cpu Variant Cp300 | 2024-11-21 | 9.8 Critical |
| A vulnerability has been identified in SIPROTEC 5 relays with CPU variants CP050 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP100 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP300 (All versions < V8.80). Specially crafted packets sent to port 4443/tcp could cause a Denial-of-Service condition or potential remote code execution. | ||||
| CVE-2021-33697 | 1 Sap | 1 Businessobjects Business Intelligence | 2024-11-21 | 6.1 Medium |
| Under certain conditions, SAP BusinessObjects Business Intelligence Platform (SAPUI5), versions - 420, 430, can allow an unauthenticated attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities. | ||||
| CVE-2021-33680 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 6.5 Medium |
| SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated CGM file received from untrusted sources which causes buffer overflow and causes the application to crash and becoming temporarily unavailable until the user restarts the application. | ||||