Export limit exceeded: 363356 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 363356 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 85536 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (85536 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-41539 | 1 Siemens | 1 Solid Edge | 2024-11-21 | 7.8 High |
| A vulnerability has been identified in Solid Edge SE2021 (All versions < SE2021MP8). The affected application contains a use-after-free vulnerability while parsing OBJ files. An attacker could leverage this vulnerability to execute code in the context of the current process (ZDI-CAN-13773). | ||||
| CVE-2021-41537 | 1 Siemens | 1 Solid Edge | 2024-11-21 | 7.8 High |
| A vulnerability has been identified in Solid Edge SE2021 (All versions < SE2021MP8). The affected application contains a use-after-free vulnerability while parsing OBJ files. An attacker could leverage this vulnerability to execute code in the context of the current process (ZDI-CAN-13789). | ||||
| CVE-2021-41536 | 1 Siemens | 1 Solid Edge | 2024-11-21 | 7.8 High |
| A vulnerability has been identified in Solid Edge SE2021 (All versions < SE2021MP8). The affected application contains a use-after-free vulnerability while parsing OBJ files. An attacker could leverage this vulnerability to execute code in the context of the current process (ZDI-CAN-13778). | ||||
| CVE-2021-41535 | 1 Siemens | 13 Nx 1957, Nx 1957 Firmware, Nx 1961 and 10 more | 2024-11-21 | 7.8 High |
| A vulnerability has been identified in NX 1953 Series (All versions < V1973.3700), NX 1980 Series (All versions < V1988), Solid Edge SE2021 (All versions < SE2021MP8). The affected application contains a use-after-free vulnerability while parsing OBJ files. An attacker could leverage this vulnerability to execute code in the context of the current process (ZDI-CAN-13771). | ||||
| CVE-2021-41531 | 1 Nlnetlabs | 1 Routinator | 2024-11-21 | 7.5 High |
| NLnet Labs Routinator prior to 0.10.0 produces invalid RTR payload if an RPKI CA uses too large values in the max-length parameter in a ROA. This will lead to RTR clients such as routers to reject the RPKI data set, effectively disabling Route Origin Validation. | ||||
| CVE-2021-41530 | 1 Forcepoint | 1 Next Generation Firewall | 2024-11-21 | 7.5 High |
| Forcepoint NGFW Engine versions 6.5.11 and earlier, 6.8.6 and earlier, and 6.10.0 are vulnerable to TCP reflected amplification vulnerability, if HTTP User Response has been configured. | ||||
| CVE-2021-41526 | 1 Flexera | 1 Revenera Installshield | 2024-11-21 | 7.8 High |
| A vulnerability has been reported in the windows installer (MSI) built with InstallScript custom action. This vulnerability may allow privilege escalation when invoked ‘repair’ of the MSI which has an InstallScript custom action. | ||||
| CVE-2021-41524 | 5 Apache, Fedoraproject, Netapp and 2 more | 5 Http Server, Fedora, Cloud Backup and 2 more | 2024-11-21 | 7.5 High |
| While fuzzing the 2.4.49 httpd, a new null pointer dereference was detected during HTTP/2 request processing, allowing an external source to DoS the server. This requires a specially crafted request. The vulnerability was recently introduced in version 2.4.49. No exploit is known to the project. | ||||
| CVE-2021-41504 | 1 Dlink | 4 Dcs-5000l, Dcs-5000l Firmware, Dcs-932l and 1 more | 2024-11-21 | 8.0 High |
| An Elevated Privileges issue exists in D-Link DCS-5000L v1.05 and DCS-932L v2.17 and older. The use of the digest-authentication for the devices command interface may allow further attack vectors that may compromise the cameras configuration and allow malicious users on the LAN to access the device. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | ||||
| CVE-2021-41503 | 2 D-link, Dlink | 5 Dcs-5000l Firmware, Dcs-932l Firmware, Dcs-5000l and 2 more | 2024-11-21 | 8 High |
| DCS-5000L v1.05 and DCS-932L v2.17 and older are affecged by Incorrect Acess Control. The use of the basic authentication for the devices command interface allows attack vectors that may compromise the cameras configuration and allow malicious users on the LAN to access the device. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | ||||
| CVE-2021-41500 | 2 Cvxopt Project, Fedoraproject | 2 Cvxopt, Fedora | 2024-11-21 | 7.5 High |
| Incomplete string comparison vulnerability exits in cvxopt.org cvxop <= 1.2.6 in APIs (cvxopt.cholmod.diag, cvxopt.cholmod.getfactor, cvxopt.cholmod.solve, cvxopt.cholmod.spsolve), which allows attackers to conduct Denial of Service attacks by construct fake Capsule objects. | ||||
| CVE-2021-41499 | 1 Pyo Project | 1 Pyo | 2024-11-21 | 7.5 High |
| Buffer Overflow Vulnerability exists in ajaxsoundstudio.com n Pyo < 1.03 in the Server_debug function, which allows remote attackers to conduct DoS attacks by deliberately passing on an overlong audio file name. | ||||
| CVE-2021-41498 | 1 Pyo Project | 1 Pyo | 2024-11-21 | 7.5 High |
| Buffer overflow in ajaxsoundstudio.com Pyo < and 1.03 in the Server_jack_init function. which allows attackers to conduct Denial of Service attacks by arbitrary constructing a overlong server name. | ||||
| CVE-2021-41497 | 1 Rare-technologies | 1 Bounter | 2024-11-21 | 7.5 High |
| Null pointer reference in CMS_Conservative_increment_obj in RaRe-Technologies bounter version 1.01 and 1.10, allows attackers to conduct Denial of Service attacks by inputting a huge width of hash bucket. | ||||
| CVE-2021-41490 | 1 Rice | 1 Open Motion Planning Library | 2024-11-21 | 7.5 High |
| Memory leaks in LazyPRM.cpp of OMPL v1.5.0 can cause unexpected behavior. | ||||
| CVE-2021-41460 | 1 Shopex | 1 Ecshop | 2024-11-21 | 7.5 High |
| ECShop 4.1.0 has SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information. | ||||
| CVE-2021-41459 | 1 Gpac | 1 Mp4box | 2024-11-21 | 7.5 High |
| There is a stack buffer overflow in MP4Box v1.0.1 at src/filters/dmx_nhml.c:1008 in the nhmldmx_send_sample() function szXmlFrom parameter which leads to a denial of service vulnerability. | ||||
| CVE-2021-41457 | 1 Gpac | 1 Mp4box | 2024-11-21 | 7.5 High |
| There is a stack buffer overflow in MP4Box 1.1.0 at src/filters/dmx_nhml.c in nhmldmx_init_parsing which leads to a denial of service vulnerability. | ||||
| CVE-2021-41456 | 1 Gpac | 1 Mp4box | 2024-11-21 | 7.5 High |
| There is a stack buffer overflow in MP4Box v1.0.1 at src/filters/dmx_nhml.c:1004 in the nhmldmx_send_sample() function szXmlTo parameter which leads to a denial of service vulnerability. | ||||
| CVE-2021-41451 | 1 Tp-link | 2 Archer Ax10, Archer Ax10 Firmware | 2024-11-21 | 7.5 High |
| A misconfiguration in HTTP/1.0 and HTTP/1.1 of the web interface in TP-Link AX10v1 before V1_211117 allows a remote unauthenticated attacker to send a specially crafted HTTP request and receive a misconfigured HTTP/0.9 response, potentially leading into a cache poisoning attack. | ||||