Export limit exceeded: 43455 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (43455 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-26827 | 1 Tp-link | 2 Tl-wr2041\+, Tl-wr2041\+ Firmware | 2024-11-21 | 7.5 High |
| Buffer Overflow in TP-Link WR2041 v1 firmware for the TL-WR2041+ router allows remote attackers to cause a Denial-of-Service (DoS) by sending an HTTP request with a very long "ssid" parameter to the "/userRpm/popupSiteSurveyRpm.html" webpage, which crashes the router. | ||||
| CVE-2021-26825 | 1 Godotengine | 1 Godot Engine | 2024-11-21 | 7.8 High |
| An integer overflow issue exists in Godot Engine up to v3.2 that can be triggered when loading specially crafted.TGA image files. The vulnerability exists in ImageLoaderTGA::load_image() function at line: const size_t buffer_size = (tga_header.image_width * tga_header.image_height) * pixel_size; The bug leads to Dynamic stack buffer overflow. Depending on the context of the application, attack vector can be local or remote, and can lead to code execution and/or system crash. | ||||
| CVE-2021-26813 | 2 Fedoraproject, Markdown2 Project | 2 Fedora, Markdown2 | 2024-11-21 | 7.5 High |
| markdown2 >=1.0.1.18, fixed in 2.4.0, is affected by a regular expression denial of service vulnerability. If an attacker provides a malicious string, it can make markdown2 processing difficult or delayed for an extended period of time. | ||||
| CVE-2021-26805 | 1 Tsmuxer Project | 1 Tsmuxer | 2024-11-21 | 5.5 Medium |
| Buffer Overflow in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a malicious WAV file. | ||||
| CVE-2021-26777 | 1 Circutor | 2 Compact Dc-s Basic, Compact Dc-s Basic Firmware | 2024-11-21 | 9.8 Critical |
| Buffer overflow vulnerability in function SetFirewall in index.cgi in CIRCUTOR COMPACT DC-S BASIC smart metering concentrator Firwmare version CIR_CDC_v1.2.17, allows attackers to execute arbitrary code. | ||||
| CVE-2021-26728 | 1 Lannerinc | 2 Iac-ast2500a, Iac-ast2500a Firmware | 2024-11-21 | 10 Critical |
| Command injection and stack-based buffer overflow vulnerabilities in the KillDupUsr_func function of spx_restservice allow an attacker to execute arbitrary code with the same privileges as the server user (root). This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0. | ||||
| CVE-2021-26707 | 2 Merge-deep Project, Netapp | 2 Merge-deep, E-series Performance Analyzer | 2024-11-21 | 9.8 Critical |
| The merge-deep library before 3.0.3 for Node.js can be tricked into overwriting properties of Object.prototype or adding new properties to it. These properties are then inherited by every object in the program, thus facilitating prototype-pollution attacks against applications using this library. | ||||
| CVE-2021-26706 | 1 Micrium | 1 Uc\/lib | 2024-11-21 | 9.8 Critical |
| An issue was discovered in lib_mem.c in Micrium uC/OS uC/LIB 1.38.x and 1.39.00. The following memory allocation functions do not check for integer overflow when allocating a pool whose size exceeds the address space: Mem_PoolCreate, Mem_DynPoolCreate, and Mem_DynPoolCreateHW. Because these functions use multiplication to calculate the pool sizes, the operation may cause an integer overflow if the arguments are large enough. The resulting memory pool will be smaller than expected and may be exploited by an attacker. | ||||
| CVE-2021-26701 | 3 Fedoraproject, Microsoft, Redhat | 8 Fedora, .net, .net Core and 5 more | 2024-11-21 | 8.1 High |
| .NET Core Remote Code Execution Vulnerability | ||||
| CVE-2021-26691 | 6 Apache, Debian, Fedoraproject and 3 more | 10 Http Server, Debian Linux, Fedora and 7 more | 2024-11-21 | 9.8 Critical |
| In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow | ||||
| CVE-2021-26635 | 1 Bandisoft | 1 Ark Library | 2024-11-21 | 7.8 High |
| In the code that verifies the file size in the ark library, it is possible to manipulate the offset read from the target file due to the wrong use of the data type. An attacker could use this vulnerability to cause a stack buffer overflow and as a result, perform an attack such as remote code execution. | ||||
| CVE-2021-26623 | 2 Bandisoft, Microsoft | 2 Bandizip, Windows | 2024-11-21 | 7.8 High |
| A remote code execution vulnerability due to incomplete check for 'xheader_decode_path_record' function's parameter length value in the ark library. Remote attackers can induce exploit malicious code using this function. | ||||
| CVE-2021-26621 | 1 Netu | 2 Mex01, Mex01 Firmware | 2024-11-21 | 8.1 High |
| An Buffer Overflow vulnerability leading to remote code execution was discovered in MEX01. Remote attackers can use this vulnerability by using the property that the target program copies parameter values to memory through the strcpy() function. | ||||
| CVE-2021-26615 | 2 Bandisoft, Linux | 2 Ark Library, Linux Kernel | 2024-11-21 | 7.8 High |
| ARK library allows attackers to execute remote code via the parameter(path value) of Ark_NormalizeAndDupPAthNameW function because of an integer overflow. | ||||
| CVE-2021-26606 | 2 Dreamsecurity, Microsoft | 2 Magicline4nx.exe, Windows | 2024-11-21 | 9.8 Critical |
| A vulnerability in PKI Security Solution of Dream Security could allow arbitrary command execution. This vulnerability is due to insufficient validation of the authorization certificate. An attacker could exploit this vulnerability by sending a crafted HTTP request an affected program. A successful exploit could allow the attacker to remotely execute arbitrary code on a target system. | ||||
| CVE-2021-26603 | 2 Bandisoft, Microsoft | 2 Ark Library, Windows | 2024-11-21 | 8.6 High |
| A heap overflow issue was found in ARK library of bandisoft Co., Ltd when the Ark_DigPathA function parsed a file path. This vulnerability is due to missing support for string length check. | ||||
| CVE-2021-26577 | 1 Hpe | 2 Apollo 70 System, Baseboard Management Controller | 2024-11-21 | 7.8 High |
| The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so uploadsshkey function. | ||||
| CVE-2021-26573 | 1 Hpe | 2 Apollo 70 System, Baseboard Management Controller | 2024-11-21 | 7.8 High |
| The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webgeneratesslcfg function. | ||||
| CVE-2021-26572 | 1 Hpe | 2 Apollo 70 System, Baseboard Management Controller | 2024-11-21 | 7.8 High |
| The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webgetactivexcfg function. | ||||
| CVE-2021-26571 | 1 Hpe | 2 Apollo 70 System, Baseboard Management Controller | 2024-11-21 | 7.8 High |
| The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webgetactivexcfg function. | ||||