Export limit exceeded: 359582 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 359582 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 84273 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (84273 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-32476 | 1 Moodle | 1 Moodle | 2024-11-21 | 7.5 High |
| A denial-of-service risk was identified in the draft files area, due to it not respecting user file upload limits. Moodle versions 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions are affected. | ||||
| CVE-2021-32474 | 1 Moodle | 1 Moodle | 2024-11-21 | 7.2 High |
| An SQL injection risk existed on sites with MNet enabled and configured, via an XML-RPC call from the connected peer host. Note that this required site administrator access or access to the keypair. Moodle 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions are affected. | ||||
| CVE-2021-32471 | 1 Mit | 1 Universal Turing Machine | 2024-11-21 | 7.8 High |
| Insufficient input validation in the Marvin Minsky 1967 implementation of the Universal Turing Machine allows program users to execute arbitrary code via crafted data. For example, a tape head may have an unexpected location after the processing of input composed of As and Bs (instead of 0s and 1s). NOTE: the discoverer states "this vulnerability has no real-world implications." | ||||
| CVE-2021-32469 | 1 Mediatek | 20 Mt7603e, Mt7603e Firmware, Mt7610 and 17 more | 2024-11-21 | 8.2 High |
| MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915 Affected Software Versions 7.4.0.0; Out-of-bounds read). | ||||
| CVE-2021-32468 | 1 Mediatek | 20 Mt7603e, Mt7603e Firmware, Mt7610 and 17 more | 2024-11-21 | 8.2 High |
| MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read). | ||||
| CVE-2021-32467 | 1 Mediatek | 18 Mt7603e, Mt7603e Firmware, Mt7612 and 15 more | 2024-11-21 | 8.2 High |
| MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read). | ||||
| CVE-2021-32466 | 2 Microsoft, Trendmicro | 2 Windows, Housecall For Home Networks | 2024-11-21 | 7.0 High |
| An uncontrolled search path element privilege escalation vulnerability in Trend Micro HouseCall for Home Networks version 5.3.1225 and below could allow an attacker to escalate privileges by placing a custom crafted file in a specific directory to load a malicious library. Please note that an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability. | ||||
| CVE-2021-32465 | 1 Trendmicro | 2 Apex One, Officescan | 2024-11-21 | 8.8 High |
| An incorrect permission preservation vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a remote user to perform an attack and bypass authentication on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | ||||
| CVE-2021-32464 | 1 Trendmicro | 2 Apex One, Officescan | 2024-11-21 | 7.8 High |
| An incorrect permission assignment privilege escalation vulnerability in Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security Services could allow an attacker to modify a specific script before it is executed. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | ||||
| CVE-2021-32463 | 2 Microsoft, Trendmicro | 3 Windows, Apex One, Worry-free Business Security | 2024-11-21 | 7.8 High |
| An incorrect permission assignment denial-of-service vulnerability in Trend Micro Apex One, Apex One as a Service (SaaS), Worry-Free Business Security 10.0 SP1 and Worry-Free Servgices could allow a local attacker to escalate privileges and delete files with system privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | ||||
| CVE-2021-32462 | 2 Microsoft, Trendmicro | 2 Windows, Password Manager | 2024-11-21 | 8.8 High |
| Trend Micro Password Manager (Consumer) version 5.0.0.1217 and below is vulnerable to an Exposed Hazardous Function Remote Code Execution vulnerability which could allow an unprivileged client to manipulate the registry and escalate privileges to SYSTEM on affected installations. Authentication is required to exploit this vulnerability. | ||||
| CVE-2021-32461 | 2 Microsoft, Trendmicro | 2 Windows, Password Manager | 2024-11-21 | 7.8 High |
| Trend Micro Password Manager (Consumer) version 5.0.0.1217 and below is vulnerable to an Integer Truncation Privilege Escalation vulnerability which could allow a local attacker to trigger a buffer overflow and escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | ||||
| CVE-2021-32460 | 2 Microsoft, Trendmicro | 2 Windows, Maximum Security 2021 | 2024-11-21 | 7.8 High |
| The Trend Micro Maximum Security 2021 (v17) consumer product is vulnerable to an improper access control vulnerability in the installer which could allow a local attacker to escalate privileges on a target machine. Please note than an attacker must already have local user privileges and access on the machine to exploit this vulnerability. | ||||
| CVE-2021-32458 | 1 Trendmicro | 1 Home Network Security | 2024-11-21 | 7.8 High |
| Trend Micro Home Network Security version 6.6.604 and earlier is vulnerable to an iotcl stack-based buffer overflow vulnerability which could allow an attacker to issue a specially crafted iotcl which could lead to code execution on affected devices. An attacker must first obtain the ability to execute low-privileged code on the target device in order to exploit this vulnerability. | ||||
| CVE-2021-32457 | 1 Trendmicro | 1 Home Network Security | 2024-11-21 | 7.8 High |
| Trend Micro Home Network Security version 6.6.604 and earlier is vulnerable to an iotcl stack-based buffer overflow vulnerability which could allow an attacker to issue a specially crafted iotcl to escalate privileges on affected devices. An attacker must first obtain the ability to execute low-privileged code on the target device in order to exploit this vulnerability. | ||||
| CVE-2021-32439 | 1 Gpac | 1 Gpac | 2024-11-21 | 7.8 High |
| Buffer overflow in the stbl_AppendSize function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file. | ||||
| CVE-2021-32424 | 1 Trendnet | 2 Tw100-s4w1ca, Tw100-s4w1ca Firmware | 2024-11-21 | 8.8 High |
| In TrendNet TW100-S4W1CA 2.3.32, due to a lack of proper session controls, a threat actor could make unauthorized changes to an affected router via a specially crafted web page. If an authenticated user were to interact with a malicious web page it could allow for a complete takeover of the router. | ||||
| CVE-2021-32422 | 1 Dpic Project | 1 Dpic | 2024-11-21 | 7.5 High |
| dpic 2021.01.01 has a Global buffer overflow in theyylex() function in main.c and reads out of the bound array. | ||||
| CVE-2021-32421 | 1 Dpic Project | 1 Dpic | 2024-11-21 | 7.5 High |
| dpic 2021.01.01 has a Heap Use-After-Free in thedeletestringbox() function in dpic.y. | ||||
| CVE-2021-32420 | 1 Dpic Project | 1 Dpic | 2024-11-21 | 7.5 High |
| dpic 2021.01.01 has a Heap-based Buffer Overflow in thestorestring function in dpic.y. | ||||