Export limit exceeded: 20030 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20030 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-34202 | 1 Dlink | 2 Dir-2640-us, Dir-2640-us Firmware | 2024-11-21 | 7.8 High |
| There are multiple out-of-bounds vulnerabilities in some processes of D-Link AC2600(DIR-2640) 1.01B04. Ordinary permissions can be elevated to administrator permissions, resulting in local arbitrary code execution. An attacker can combine other vulnerabilities to further achieve the purpose of remote code execution. | ||||
| CVE-2021-34201 | 1 Dlink | 2 Dir-2640-us, Dir-2640-us Firmware | 2024-11-21 | 7.1 High |
| D-Link DIR-2640-US 1.01B04 is vulnerable to Buffer Overflow. There are multiple out-of-bounds vulnerabilities in some processes of D-Link AC2600(DIR-2640). Local ordinary users can overwrite the global variables in the .bss section, causing the process crashes or changes. | ||||
| CVE-2021-34123 | 1 Atasm Project | 1 Atasm | 2024-11-21 | 9.8 Critical |
| An issue was discovered on atasm, version 1.09. A stack-buffer-overflow vulnerability in function aprintf() in asm.c allows attackers to execute arbitrary code on the system via a crafted file. | ||||
| CVE-2021-34119 | 1 Htmldoc Project | 1 Htmldoc | 2024-11-21 | 7.8 High |
| A flaw was discovered in htmodoc 1.9.12 in function parse_paragraph in ps-pdf.cxx ,this flaw possibly allows possible code execution and a denial of service via a crafted file. | ||||
| CVE-2021-34111 | 1 Thecus | 2 N4800eco, N4800eco Firmware | 2024-11-21 | 9.8 Critical |
| Thecus 4800Eco was discovered to contain a command injection vulnerability via the username parameter in /adm/setmain.php. | ||||
| CVE-2021-34084 | 1 S3-uploader Project | 1 S3-uploader | 2024-11-21 | 9.8 Critical |
| OS command injection vulnerability in Turistforeningen node-s3-uploader through 2.0.3 for Node.js allows attackers to execute arbitrary commands via the metadata() function. | ||||
| CVE-2021-34083 | 1 Google-it Project | 1 Google-it | 2024-11-21 | 8.1 High |
| Google-it is a Node.js package which allows its users to send search queries to Google and receive the results in a JSON format. When using the 'Open in browser' option in versions up to 1.6.2, google-it will unsafely concat the result's link retrieved from google to a shell command, potentially exposing the server to RCE. | ||||
| CVE-2021-34082 | 1 Proctree Project | 1 Proctree | 2024-11-21 | 9.8 Critical |
| OS Command Injection vulnerability in allenhwkim proctree through 0.1.1 and commit 0ac10ae575459457838f14e21d5996f2fa5c7593 for Node.js, allows attackers to execute arbitrary commands via the fix function. | ||||
| CVE-2021-34081 | 1 Gitsome Project | 1 Gitsome | 2024-11-21 | 8.8 High |
| OS Command Injection vulnerability in bbultman gitsome through 0.2.3 allows attackers to execute arbitrary commands via a crafted tag name of the target git repository. | ||||
| CVE-2021-34080 | 1 Ssl-utils Project | 1 Ssl-utils | 2024-11-21 | 9.8 Critical |
| OS Command Injection vulnerability in es128 ssl-utils 1.0.0 for Node.js allows attackers to execute arbitrary commands via unsanitized shell metacharacters provided to the createCertRequest() and the createCert() functions. | ||||
| CVE-2021-34079 | 1 Docker-tester Project | 1 Docker-tester | 2024-11-21 | 9.8 Critical |
| OS Command injection vulnerability in Mintzo Docker-Tester through 1.2.1 allows attackers to execute arbitrary commands via shell metacharacters in the 'ports' entry of a crafted docker-compose.yml file. | ||||
| CVE-2021-34078 | 1 Adp | 1 Lifion-verifiy-dependencies | 2024-11-21 | 8.8 High |
| lifion-verify-dependencies through 1.1.0 is vulnerable to OS command injection via a crafted dependency name on the scanned project's package.json file. | ||||
| CVE-2021-34071 | 1 Tsmuxer Project | 1 Tsmuxer | 2024-11-21 | 5.5 Medium |
| Heap based buffer overflow in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file. | ||||
| CVE-2021-34068 | 1 Tsmuxer Project | 1 Tsmuxer | 2024-11-21 | 5.5 Medium |
| Heap based buffer overflow in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file. | ||||
| CVE-2021-34067 | 1 Tsmuxer Project | 1 Tsmuxer | 2024-11-21 | 5.5 Medium |
| Heap based buffer overflow in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file. | ||||
| CVE-2021-33962 | 1 Chinamobileltd | 2 An Lianbao Wf-1, An Lianbao Wf Firmware-1 | 2024-11-21 | 9.8 Critical |
| China Mobile An Lianbao WF-1 router v1.0.1 is affected by an OS command injection vulnerability in the web interface /api/ZRUsb/pop_usb_device component. | ||||
| CVE-2021-33945 | 1 Ricoh | 132 Aficio Sp 3500sf, Aficio Sp 3500sf Firmware, M 2700 and 129 more | 2024-11-21 | 9.8 Critical |
| RICOH Printer series SP products 320DN, SP 325DNw, SP 320SN, SP 320SFN, SP 325SNw, SP 325SFNw, SP 330SN, Aficio SP 3500SF, SP 221S, SP 220SNw, SP 221SNw, SP 221SF, SP 220SFNw, SP 221SFNw v1.06 were discovered to contain a stack buffer overflow in the file /etc/wpa_supplicant.conf. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data. | ||||
| CVE-2021-33938 | 2 Opensuse, Redhat | 4 Libsolv, Enterprise Linux, Satellite and 1 more | 2024-11-21 | 7.5 High |
| Buffer overflow vulnerability in function prune_to_recommended in src/policy.c in libsolv before 0.7.17 allows attackers to cause a Denial of Service. | ||||
| CVE-2021-33930 | 2 Opensuse, Redhat | 4 Libsolv, Enterprise Linux, Satellite and 1 more | 2024-11-21 | 7.5 High |
| Buffer overflow vulnerability in function pool_installable_whatprovides in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. | ||||
| CVE-2021-33929 | 2 Opensuse, Redhat | 4 Libsolv, Enterprise Linux, Satellite and 1 more | 2024-11-21 | 7.5 High |
| Buffer overflow vulnerability in function pool_disabled_solvable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. | ||||