Export limit exceeded: 357847 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 83491 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (83491 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-29366 | 1 Irfanview | 1 Irfanview | 2024-11-21 | 7.8 High |
| A buffer overflow vulnerability in FORMATS!GetPlugInInfo+0x2de9 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file. | ||||
| CVE-2021-29364 | 1 Irfanview | 1 Irfanview | 2024-11-21 | 7.8 High |
| A buffer overflow vulnerability in Formats!ReadRAS_W+0x1001 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file. | ||||
| CVE-2021-29363 | 1 Irfanview | 1 Irfanview | 2024-11-21 | 7.8 High |
| A buffer overflow vulnerability in FORMATS!ReadRAS_W+0xa74 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.0xa74 | ||||
| CVE-2021-29362 | 1 Irfanview | 1 Irfanview | 2024-11-21 | 7.8 High |
| A buffer overflow vulnerability in FORMATS!ReadRAS_W+0xa30 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file. | ||||
| CVE-2021-29361 | 1 Irfanview | 1 Irfanview | 2024-11-21 | 7.8 High |
| A buffer overflow vulnerability in FORMATS!Read_Utah_RLE+0x340 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file. | ||||
| CVE-2021-29360 | 1 Irfanview | 1 Irfanview | 2024-11-21 | 7.8 High |
| A buffer overflow vulnerability in FORMATS!Read_Utah_RLE+0x37a of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file. | ||||
| CVE-2021-29357 | 1 Outsystems | 3 Lifetime Management Console, Outsystems, Platform Server | 2024-11-21 | 8.6 High |
| The ECT Provider component in OutSystems Platform Server 10 before 10.0.1104.0 and 11 before 11.9.0 (and LifeTime management console before 11.7.0) allows SSRF for arbitrary outbound HTTP requests. | ||||
| CVE-2021-29350 | 1 Shipment 100-design Material Download System Project | 1 Shipment 100-design Material Download System | 2024-11-21 | 7.2 High |
| SQL injection in the getip function in conn/function.php in 发货100-设计素材下载系统 1.1 allows remote attackers to inject arbitrary SQL commands via the X-Forwarded-For header to admin/product_add.php. | ||||
| CVE-2021-29337 | 1 Msi | 1 Dragon Center | 2024-11-21 | 7.8 High |
| MODAPI.sys in MSI Dragon Center 2.0.104.0 allows low-privileged users to access kernel memory and potentially escalate privileges via a crafted IOCTL 0x9c406104 call. This IOCTL provides the MmMapIoSpace feature for mapping physical memory. | ||||
| CVE-2021-29329 | 1 Moddable | 1 Moddable | 2024-11-21 | 7.8 High |
| OpenSource Moddable v10.5.0 was discovered to contain a stack overflow in the fxBinaryExpressionNodeDistribute function at /moddable/xs/sources/xsTree.c. | ||||
| CVE-2021-29328 | 1 Moddable | 1 Moddable | 2024-11-21 | 7.1 High |
| OpenSource Moddable v10.5.0 was discovered to contain buffer over-read in the fxDebugThrow function at /moddable/xs/sources/xsDebug.c. | ||||
| CVE-2021-29327 | 1 Moddable | 1 Moddable | 2024-11-21 | 7.8 High |
| OpenSource Moddable v10.5.0 was discovered to contain a heap buffer overflow in the fx_ArrayBuffer function at /moddable/xs/sources/xsDataView.c. | ||||
| CVE-2021-29326 | 1 Moddable | 1 Moddable | 2024-11-21 | 7.8 High |
| OpenSource Moddable v10.5.0 was discovered to contain a heap buffer overflow in the fxIDToString function at /moddable/xs/sources/xsSymbol.c. | ||||
| CVE-2021-29325 | 1 Moddable | 1 Moddable | 2024-11-21 | 7.8 High |
| OpenSource Moddable v10.5.0 was discovered to contain a heap buffer overflow in the fx_String_prototype_repeat function at /moddable/xs/sources/xsString.c. | ||||
| CVE-2021-29324 | 1 Moddable | 1 Moddable | 2024-11-21 | 7.8 High |
| OpenSource Moddable v10.5.0 was discovered to contain a stack overflow via the component /moddable/xs/sources/xsScript.c. | ||||
| CVE-2021-29302 | 1 Tp-link | 2 Tl-wr802n, Tl-wr802n Firmware | 2024-11-21 | 8.1 High |
| TP-Link TL-WR802N(US), Archer_C50v5_US v4_200 <= 2020.06 contains a buffer overflow vulnerability in the httpd process in the body message. The attack vector is: The attacker can get shell of the router by sending a message through the network, which may lead to remote code execution. | ||||
| CVE-2021-29296 | 2 D-link, Dlink | 3 Dir-825, Dir-825, Dir-825 Firmware | 2024-11-21 | 7.5 High |
| Null Pointer Dereference vulnerability in D-Link DIR-825 2.10b02, which could let a remote malicious user cause a denial of service. The vulnerability could be triggered by sending an HTTP request with URL /vct_wan; the sbin/httpd would invoke the strchr function and take NULL as a first argument, which finally leads to the segmentation fault. NOTE: The DIR-825 and all hardware revisions is considered End of Life and as such this issue will not be patched | ||||
| CVE-2021-29295 | 1 Dlink | 2 Dsp-w215, Dsp-w215 Firmware | 2024-11-21 | 7.5 High |
| Null Pointer Dereference vulnerability exists in D-Link DSP-W215 1.10, which could let a remote malicious user cause a denial of servie via usr/bin/lighttpd. It could be triggered by sending an HTTP request without URL in the start line directly to the device. NOTE: The DSP-W215 and all hardware revisions is considered End of Life and as such this issue will not be patched | ||||
| CVE-2021-29294 | 1 Dlink | 2 Dsl-2740r, Dsl-2740r Firmware | 2024-11-21 | 7.5 High |
| Null Pointer Dereference vulnerability exists in D-Link DSL-2740R UK_1.01, which could let a remove malicious user cause a denial of service via the send_hnap_unauthorized function. It could be triggered by sending crafted POST request to /HNAP1/. NOTE: The DSL-2740R and all hardware revisions are considered End of Life and as such this issue will not be patched | ||||
| CVE-2021-29279 | 1 Gpac | 1 Gpac | 2024-11-21 | 7.8 High |
| There is a integer overflow in function filter_core/filter_props.c:gf_props_assign_value in GPAC 1.0.1. In which, the arg const GF_PropertyValue *value,maybe value->value.data.size is a negative number. In result, memcpy in gf_props_assign_value failed. | ||||