Export limit exceeded: 14080 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (14080 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-41036 | 1 Eclipse | 1 Paho Mqtt C\/c\+\+ Client | 2024-11-21 | 9.8 Critical |
| In versions prior to 1.1 of the Eclipse Paho MQTT C Client, the client does not check rem_len size in readpacket. | ||||
| CVE-2021-41027 | 1 Fortinet | 1 Fortiweb | 2024-11-21 | 7.3 High |
| A stack-based buffer overflow in Fortinet FortiWeb version 6.4.1 and 6.4.0, allows an authenticated attacker to execute unauthorized code or commands via crafted certificates loaded into the device. | ||||
| CVE-2021-41017 | 1 Fortinet | 1 Fortiweb | 2024-11-21 | 8.8 High |
| Multiple heap-based buffer overflow vulnerabilities in some web API controllers of FortiWeb 6.4.1, 6.4.0, and 6.3.0 through 6.3.15 may allow a remote authenticated attacker to execute arbitrary code or commands via specifically crafted HTTP requests. | ||||
| CVE-2021-40942 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| In GPAC MP4Box v1.1.0, there is a heap-buffer-overflow in the function filter_parse_dyn_args function in filter_core/filter.c:1454, as demonstrated by GPAC. This can cause a denial of service (DOS). | ||||
| CVE-2021-40827 | 2 Clementine-player, Microsoft | 2 Clementine, Windows | 2024-11-21 | 7.8 High |
| Clementine Music Player through 1.3.1 (when a GLib 2.0.0 DLL is used) is vulnerable to a Read Access Violation on Block Data Move, affecting the MP3 file parsing functionality at memcpy+0x265. The vulnerability is triggered when the user opens a crafted MP3 file or loads a remote stream URL that is mishandled by Clementine. Attackers could exploit this issue to cause a crash (DoS) of the clementine.exe process or achieve arbitrary code execution in the context of the current logged-in Windows user. | ||||
| CVE-2021-40656 | 1 Libsixel Project | 1 Libsixel | 2024-11-21 | 8.8 High |
| libsixel before 1.10 is vulnerable to Buffer Overflow in libsixel/src/quant.c:867. | ||||
| CVE-2021-40647 | 1 Man2html Project | 1 Man2html | 2024-11-21 | 5.5 Medium |
| In man2html 1.6g, a specific string being read in from a file will overwrite the size parameter in the top chunk of the heap. This at least causes the program to segmentation abort if the heap size parameter isn't aligned correctly. In version before GLIBC version 2.29 and aligned correctly, it allows arbitrary write anywhere in the programs memory. | ||||
| CVE-2021-40556 | 1 Asus | 2 Rt-ax56u, Rt-ax56u Firmware | 2024-11-21 | 8.8 High |
| A stack overflow vulnerability exists in the httpd service in ASUS RT-AX56U Router Version 3.0.0.4.386.44266. This vulnerability is caused by the strcat function called by "caupload" input handle function allowing the user to enter 0xFFFF bytes into the stack. This vulnerability allows an attacker to execute commands remotely. The vulnerability requires authentication. | ||||
| CVE-2021-40394 | 2 Debian, Gerbv Project | 2 Debian Linux, Gerbv | 2024-11-21 | 9.8 Critical |
| An out-of-bounds write vulnerability exists in the RS-274X aperture macro variables handling functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and the forked version of Gerbv (commit 71493260). A specially-crafted gerber file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2021-40393 | 2 Debian, Gerbv Project | 2 Debian Linux, Gerbv | 2024-11-21 | 9.8 Critical |
| An out-of-bounds write vulnerability exists in the RS-274X aperture macro variables handling functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and the forked version of Gerbv (commit 71493260). A specially-crafted gerber file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2021-40391 | 3 Debian, Fedoraproject, Gerbv Project | 3 Debian Linux, Fedora, Gerbv | 2024-11-21 | 9.8 Critical |
| An out-of-bounds write vulnerability exists in the drill format T-code tool number functionality of Gerbv 2.7.0, dev (commit b5f1eacd), and the forked version of Gerbv (commit 71493260). A specially-crafted drill file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2021-40265 | 1 Freeimage Project | 1 Freeimage | 2024-11-21 | 8.8 High |
| A heap overflow bug exists FreeImage before 1.18.0 via ofLoad function in PluginJPEG.cpp. | ||||
| CVE-2021-40263 | 1 Freeimage Project | 1 Freeimage | 2024-11-21 | 8.8 High |
| A heap overflow vulnerability in FreeImage 1.18.0 via the ofLoad function in PluginTIFF.cpp. | ||||
| CVE-2021-40262 | 1 Freeimage Project | 1 Freeimage | 2024-11-21 | 6.5 Medium |
| A stack exhaustion issue was discovered in FreeImage before 1.18.0 via the Validate function in PluginRAW.cpp. | ||||
| CVE-2021-40212 | 1 Daum | 1 Potplayer | 2024-11-21 | 9.8 Critical |
| An exploitable out-of-bounds write vulnerability in PotPlayer 1.7.21523 build 210729 may lead to code execution, information disclosure, and denial of service. | ||||
| CVE-2021-40165 | 1 Autodesk | 19 Autocad, Autocad Advance Steel, Autocad Architecture and 16 more | 2024-11-21 | 7.8 High |
| A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code. | ||||
| CVE-2021-40164 | 1 Autodesk | 19 Autocad, Autocad Advance Steel, Autocad Architecture and 16 more | 2024-11-21 | 7.8 High |
| A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code. | ||||
| CVE-2021-40163 | 1 Autodesk | 19 Autocad, Autocad Advance Steel, Autocad Architecture and 16 more | 2024-11-21 | 7.8 High |
| A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component. | ||||
| CVE-2021-40161 | 1 Autodesk | 13 Advance Steel, Autocad, Autocad Architecture and 10 more | 2024-11-21 | 7.8 High |
| A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through PDFTron earlier than 9.0.7 version. | ||||
| CVE-2021-40156 | 1 Autodesk | 1 Navisworks | 2024-11-21 | 7.8 High |
| A maliciously crafted DWG file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to write beyond allocated boundaries when parsing the DWG files. This vulnerability can be exploited to execute arbitrary code. | ||||