Export limit exceeded: 20025 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20025 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-22557 | 1 Google | 1 Slo Generator | 2024-11-21 | 5.3 Medium |
| SLO generator allows for loading of YAML files that if crafted in a specific format can allow for code execution within the context of the SLO Generator. We recommend upgrading SLO Generator past https://github.com/google/slo-generator/pull/173 | ||||
| CVE-2021-22548 | 1 Google | 1 Asylo | 2024-11-21 | 6.5 Medium |
| An attacker can change the pointer to untrusted memory to point to trusted memory region which causes copying trusted memory to trusted memory, if the latter is later copied out, it allows for reading of memory regions from the trusted region. It is recommended to update past 0.6.2 or git commit https://github.com/google/asylo/commit/53ed5d8fd8118ced1466e509606dd2f473707a5c | ||||
| CVE-2021-22495 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 5.5 Medium |
| An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) (Exynos chipsets) software. The Mali GPU driver allows out-of-bounds access and a device reset. The Samsung ID is SVE-2020-19174 (January 2021). | ||||
| CVE-2021-22465 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 5.5 Medium |
| A component of the HarmonyOS has a Heap-based Buffer Overflow vulnerability. Local attackers may exploit this vulnerability to cause Kernel System unavailable. | ||||
| CVE-2021-22438 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 9.8 Critical |
| There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause malicious code to be executed. | ||||
| CVE-2021-22427 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 8.1 High |
| There is a Heap-based Buffer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to authentication bypass. | ||||
| CVE-2021-22423 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 7.8 High |
| A component of the HarmonyOS has a Out-of-bounds Write Vulnerability. Local attackers may exploit this vulnerability to cause integer overflow. | ||||
| CVE-2021-22414 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 7.5 High |
| There is a Memory Buffer Errors Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset. | ||||
| CVE-2021-22411 | 1 Huawei | 10 Ngfw Module, Ngfw Module Firmware, Secospace Usg6300 and 7 more | 2024-11-21 | 6.5 Medium |
| There is an out-of-bounds write vulnerability in some Huawei products. The code of a module have a bad judgment logic. Attackers can exploit this vulnerability by performing multiple abnormal activities to trigger the bad logic and cause out-of-bounds write. This may compromise the normal service of the module.Affected product versions include: NGFW Module versions V500R005C00SPC100,V500R005C00SPC200;Secospace USG6300 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200;Secospace USG6500 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200;Secospace USG6600 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200;USG9500 versions V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200. | ||||
| CVE-2021-22362 | 1 Huawei | 8 Cloudengine 12800, Cloudengine 12800 Firmware, Cloudengine 5800 and 5 more | 2024-11-21 | 5.3 Medium |
| There is an out of bounds write vulnerability in some Huawei products. An attacker can exploit this vulnerability by sending crafted data in the packet to the target device. Due to insufficient validation of message, successful exploit can cause certain service abnormal.Affected product versions include:CloudEngine 12800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800;CloudEngine 5800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800@;CloudEngine 6800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R005C20SPC800,V200R019C00SPC800,V200R019C10SPC800;CloudEngine 7800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800. | ||||
| CVE-2021-22345 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 9.8 Critical |
| There is an Input Verification Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause out-of-bounds memory write. | ||||
| CVE-2021-22335 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 7.8 High |
| There is a Memory Buffer Improper Operation Limit vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause exceptions in image processing. | ||||
| CVE-2021-22330 | 1 Huawei | 2 P30, P30 Firmware | 2024-11-21 | 6.5 Medium |
| There is an out of bounds write vulnerability in Huawei Smartphone HUAWEI P30 versions 9.1.0.131(C00E130R1P21) when processing a message. An unauthenticated attacker can exploit this vulnerability by sending specific message to the target device. Due to insufficient validation of the input parameter, successful exploit can cause the process and the service to be abnormal. | ||||
| CVE-2021-22327 | 1 Huawei | 2 P30, P30 Firmware | 2024-11-21 | 6.5 Medium |
| There is an arbitrary memory write vulnerability in Huawei smart phone when processing file parsing. Due to insufficient validation of the input files, successful exploit could cause certain service abnormal. Affected product versions include:HUAWEI P30 versions 10.0.0.186(C10E7R5P1), 10.0.0.186(C461E4R3P1), 10.0.0.188(C00E85R2P11), 10.0.0.188(C01E88R2P11),10.0.0.188(C605E19R1P3), 10.0.0.190(C185E4R7P1), 10.0.0.190(C431E22R2P5), 10.0.0.190(C432E22R2P5),10.0.0.190(C605E19R1P3), 10.0.0.190(C636E4R3P4), 10.0.0.192(C635E3R2P4). | ||||
| CVE-2021-22130 | 1 Fortinet | 1 Fortiproxy | 2024-11-21 | 6.7 Medium |
| A stack-based buffer overflow vulnerability in FortiProxy physical appliance CLI 2.0.0 to 2.0.1, 1.2.0 to 1.2.9, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 may allow an authenticated, remote attacker to perform a Denial of Service attack by running the `diagnose sys cpuset` with a large cpuset mask value. Fortinet is not aware of any successful exploitation of this vulnerability that would lead to code execution. | ||||
| CVE-2021-22127 | 1 Fortinet | 1 Forticlient | 2024-11-21 | 7.1 High |
| An improper input validation vulnerability in FortiClient for Linux 6.4.x before 6.4.3, FortiClient for Linux 6.2.x before 6.2.9 may allow an unauthenticated attacker to execute arbitrary code on the host operating system as root via tricking the user into connecting to a network with a malicious name. | ||||
| CVE-2021-22125 | 1 Fortinet | 1 Fortisandbox | 2024-11-21 | 6.3 Medium |
| An instance of improper neutralization of special elements in the sniffer module of FortiSandbox before 3.2.2 may allow an authenticated administrator to execute commands on the underlying system's shell via altering the content of its configuration file. | ||||
| CVE-2021-22123 | 1 Fortinet | 1 Fortiweb | 2024-11-21 | 7.6 High |
| An OS command injection vulnerability in FortiWeb's management interface 6.3.7 and below, 6.2.3 and below, 6.1.x, 6.0.x, 5.9.x may allow a remote authenticated attacker to execute arbitrary commands on the system via the SAML server configuration page. | ||||
| CVE-2021-22045 | 2 Apple, Vmware | 5 Mac Os X, Cloud Foundation, Esxi and 2 more | 2024-11-21 | 7.8 High |
| VMware ESXi (7.0, 6.7 before ESXi670-202111101-SG and 6.5 before ESXi650-202110101-SG), VMware Workstation (16.2.0) and VMware Fusion (12.2.0) contains a heap-overflow vulnerability in CD-ROM device emulation. A malicious actor with access to a virtual machine with CD-ROM device emulation may be able to exploit this vulnerability in conjunction with other issues to execute code on the hypervisor from a virtual machine. | ||||
| CVE-2021-21976 | 1 Vmware | 1 Vsphere Replication | 2024-11-21 | 7.2 High |
| vSphere Replication 8.3.x prior to 8.3.1.2, 8.2.x prior to 8.2.1.1, 8.1.x prior to 8.1.2.3 and 6.5.x prior to 6.5.1.5 contain a post-authentication command injection vulnerability which may allow an authenticated admin user to perform a remote code execution. | ||||