Export limit exceeded: 23217 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (23217 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-30797 | 2 Apple, Redhat | 8 Ipados, Iphone Os, Macos and 5 more | 2024-11-21 | 8.8 High |
| This issue was addressed with improved checks. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to code execution. | ||||
| CVE-2021-30795 | 2 Apple, Redhat | 7 Iphone Os, Macos, Safari and 4 more | 2024-11-21 | 8.8 High |
| A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2021-30758 | 2 Apple, Redhat | 7 Iphone Os, Macos, Safari and 4 more | 2024-11-21 | 8.8 High |
| A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2021-30749 | 2 Apple, Redhat | 8 Ipados, Iphone Os, Macos and 5 more | 2024-11-21 | 8.8 High |
| Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2021-30744 | 2 Apple, Redhat | 8 Ipados, Iphone Os, Macos and 5 more | 2024-11-21 | 6.1 Medium |
| Description: A cross-origin issue with iframe elements was addressed with improved tracking of security origins. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting. | ||||
| CVE-2021-30734 | 2 Apple, Redhat | 8 Ipados, Iphone Os, Macos and 5 more | 2024-11-21 | 8.8 High |
| Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2021-30720 | 2 Apple, Redhat | 8 Ipados, Iphone Os, Macos and 5 more | 2024-11-21 | 5.4 Medium |
| A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious website may be able to access restricted ports on arbitrary servers. | ||||
| CVE-2021-30689 | 2 Apple, Redhat | 8 Ipados, Iphone Os, Macos and 5 more | 2024-11-21 | 6.1 Medium |
| A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting. | ||||
| CVE-2021-30682 | 2 Apple, Redhat | 8 Ipados, Iphone Os, Macos and 5 more | 2024-11-21 | 5.5 Medium |
| A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak sensitive user information. | ||||
| CVE-2021-30641 | 5 Apache, Debian, Fedoraproject and 2 more | 8 Http Server, Debian Linux, Fedora and 5 more | 2024-11-21 | 5.3 Medium |
| Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF' | ||||
| CVE-2021-30640 | 4 Apache, Debian, Oracle and 1 more | 10 Tomcat, Debian Linux, Communications Cloud Native Core Policy and 7 more | 2024-11-21 | 6.5 Medium |
| A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm. This issue affects Apache Tomcat 10.0.0-M1 to 10.0.5; 9.0.0.M1 to 9.0.45; 8.5.0 to 8.5.65. | ||||
| CVE-2021-30547 | 5 Debian, Fedoraproject, Google and 2 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2024-11-21 | 8.8 High |
| Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | ||||
| CVE-2021-30483 | 2 Isomorphic-git, Redhat | 3 Isomorphic-git, Rhev Hypervisor, Rhev Manager | 2024-11-21 | 5.3 Medium |
| isomorphic-git before 1.8.2 allows Directory Traversal via a crafted repository. | ||||
| CVE-2021-30471 | 3 Fedoraproject, Podofo Project, Redhat | 3 Fedora, Podofo, Enterprise Linux | 2024-11-21 | 5.5 Medium |
| A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call in PdfNamesTree::AddToDictionary function in src/podofo/doc/PdfNamesTree.cpp can lead to a stack overflow. | ||||
| CVE-2021-30470 | 3 Fedoraproject, Podofo Project, Redhat | 3 Fedora, Podofo, Enterprise Linux | 2024-11-21 | 5.5 Medium |
| A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call among PdfTokenizer::ReadArray(), PdfTokenizer::GetNextVariant() and PdfTokenizer::ReadDataType() functions can lead to a stack overflow. | ||||
| CVE-2021-30469 | 3 Fedoraproject, Podofo Project, Redhat | 3 Fedora, Podofo, Enterprise Linux | 2024-11-21 | 5.5 Medium |
| A flaw was found in PoDoFo 0.9.7. An use-after-free in PoDoFo::PdfVecObjects::Clear() function can cause a denial of service via a crafted PDF file. | ||||
| CVE-2021-30468 | 3 Apache, Oracle, Redhat | 8 Cxf, Tomee, Business Intelligence and 5 more | 2024-11-21 | 7.5 High |
| A vulnerability in the JsonMapObjectReaderWriter of Apache CXF allows an attacker to submit malformed JSON to a web service, which results in the thread getting stuck in an infinite loop, consuming CPU indefinitely. This issue affects Apache CXF versions prior to 3.4.4; Apache CXF versions prior to 3.3.11. | ||||
| CVE-2021-30465 | 3 Fedoraproject, Linuxfoundation, Redhat | 6 Fedora, Runc, Enterprise Linux and 3 more | 2024-11-21 | 8.5 High |
| runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be able to create multiple containers with a fairly specific mount configuration. The problem occurs via a symlink-exchange attack that relies on a race condition. | ||||
| CVE-2021-30151 | 3 Contribsys, Debian, Redhat | 3 Sidekiq, Debian Linux, Satellite | 2024-11-21 | 6.1 Medium |
| Sidekiq through 5.1.3 and 6.x through 6.2.0 allows XSS via the queue name of the live-poll feature when Internet Explorer is used. | ||||
| CVE-2021-30129 | 3 Apache, Oracle, Redhat | 13 Sshd, Banking Payments, Banking Trade Finance and 10 more | 2024-11-21 | 6.5 Medium |
| A vulnerability in sshd-core of Apache Mina SSHD allows an attacker to overflow the server causing an OutOfMemory error. This issue affects the SFTP and port forwarding features of Apache Mina SSHD version 2.0.0 and later versions. It was addressed in Apache Mina SSHD 2.7.0 | ||||