Export limit exceeded: 346601 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (78972 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-32461 | 2 Microsoft, Trendmicro | 2 Windows, Password Manager | 2024-11-21 | 7.8 High |
| Trend Micro Password Manager (Consumer) version 5.0.0.1217 and below is vulnerable to an Integer Truncation Privilege Escalation vulnerability which could allow a local attacker to trigger a buffer overflow and escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | ||||
| CVE-2021-32460 | 2 Microsoft, Trendmicro | 2 Windows, Maximum Security 2021 | 2024-11-21 | 7.8 High |
| The Trend Micro Maximum Security 2021 (v17) consumer product is vulnerable to an improper access control vulnerability in the installer which could allow a local attacker to escalate privileges on a target machine. Please note than an attacker must already have local user privileges and access on the machine to exploit this vulnerability. | ||||
| CVE-2021-32458 | 1 Trendmicro | 1 Home Network Security | 2024-11-21 | 7.8 High |
| Trend Micro Home Network Security version 6.6.604 and earlier is vulnerable to an iotcl stack-based buffer overflow vulnerability which could allow an attacker to issue a specially crafted iotcl which could lead to code execution on affected devices. An attacker must first obtain the ability to execute low-privileged code on the target device in order to exploit this vulnerability. | ||||
| CVE-2021-32457 | 1 Trendmicro | 1 Home Network Security | 2024-11-21 | 7.8 High |
| Trend Micro Home Network Security version 6.6.604 and earlier is vulnerable to an iotcl stack-based buffer overflow vulnerability which could allow an attacker to issue a specially crafted iotcl to escalate privileges on affected devices. An attacker must first obtain the ability to execute low-privileged code on the target device in order to exploit this vulnerability. | ||||
| CVE-2021-32439 | 1 Gpac | 1 Gpac | 2024-11-21 | 7.8 High |
| Buffer overflow in the stbl_AppendSize function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file. | ||||
| CVE-2021-32424 | 1 Trendnet | 2 Tw100-s4w1ca, Tw100-s4w1ca Firmware | 2024-11-21 | 8.8 High |
| In TrendNet TW100-S4W1CA 2.3.32, due to a lack of proper session controls, a threat actor could make unauthorized changes to an affected router via a specially crafted web page. If an authenticated user were to interact with a malicious web page it could allow for a complete takeover of the router. | ||||
| CVE-2021-32422 | 1 Dpic Project | 1 Dpic | 2024-11-21 | 7.5 High |
| dpic 2021.01.01 has a Global buffer overflow in theyylex() function in main.c and reads out of the bound array. | ||||
| CVE-2021-32421 | 1 Dpic Project | 1 Dpic | 2024-11-21 | 7.5 High |
| dpic 2021.01.01 has a Heap Use-After-Free in thedeletestringbox() function in dpic.y. | ||||
| CVE-2021-32420 | 1 Dpic Project | 1 Dpic | 2024-11-21 | 7.5 High |
| dpic 2021.01.01 has a Heap-based Buffer Overflow in thestorestring function in dpic.y. | ||||
| CVE-2021-32403 | 1 Intelbras | 2 Rf 301k, Rf 301k Firmware | 2024-11-21 | 8.8 High |
| Intelbras Router RF 301K Firmware 1.1.2 is vulnerable to Cross Site Request Forgery (CSRF) due to lack of security mechanisms for token protection and unsafe inputs and modules. | ||||
| CVE-2021-32402 | 1 Intelbras | 2 Rf 301k, Rf 301k Firmware | 2024-11-21 | 8.8 High |
| Intelbras Router RF 301K Firmware 1.1.2 is vulnerable to Cross Site Request Forgery (CSRF) due to lack of validation and insecure configurations in inputs and modules. | ||||
| CVE-2021-32399 | 4 Debian, Linux, Netapp and 1 more | 27 Debian Linux, Linux Kernel, Cloud Backup and 24 more | 2024-11-21 | 7.0 High |
| net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller. | ||||
| CVE-2021-32299 | 1 Pbrt Project | 1 Pbrt | 2024-11-21 | 7.8 High |
| An issue was discovered in pbrt through 20200627. A stack-buffer-overflow exists in the function pbrt::ParamSet::ParamSet() located in paramset.h. It allows an attacker to cause code Execution. | ||||
| CVE-2021-32298 | 1 Libiff Project | 1 Libiff | 2024-11-21 | 8.8 High |
| An issue was discovered in libiff through 20190123. A global-buffer-overflow exists in the function IFF_errorId located in error.c. It allows an attacker to cause code Execution. | ||||
| CVE-2021-32297 | 1 Lief-project | 1 Lief | 2024-11-21 | 8.8 High |
| An issue was discovered in LIEF through 0.11.4. A heap-buffer-overflow exists in the function main located in pe_reader.c. It allows an attacker to cause code Execution. | ||||
| CVE-2021-32294 | 1 Linuxsampler | 1 Libgig | 2024-11-21 | 8.8 High |
| An issue was discovered in libgig through 20200507. A heap-buffer-overflow exists in the function RIFF::List::GetSubList located in RIFF.cpp. It allows an attacker to cause code Execution. | ||||
| CVE-2021-32288 | 1 Nokia | 1 Heif | 2024-11-21 | 7.8 High |
| An issue was discovered in heif through v3.6.2. A global-buffer-overflow exists in the function HevcDecoderConfigurationRecord::getPicHeight() located in hevcdecoderconfigrecord.cpp. It allows an attacker to cause code Execution. | ||||
| CVE-2021-32287 | 1 Nokia | 1 Heif | 2024-11-21 | 7.8 High |
| An issue was discovered in heif through v3.6.2. A global-buffer-overflow exists in the function HevcDecoderConfigurationRecord::getPicWidth() located in hevcdecoderconfigrecord.cpp. It allows an attacker to cause code Execution. | ||||
| CVE-2021-32286 | 1 Hcxtools Project | 1 Hcxtoold | 2024-11-21 | 7.8 High |
| An issue was discovered in hcxtools through 6.1.6. A global-buffer-overflow exists in the function pcapngoptionwalk located in hcxpcapngtool.c. It allows an attacker to cause code Execution. | ||||
| CVE-2021-32284 | 1 Creolabs | 1 Gravity | 2024-11-21 | 7.8 High |
| An issue was discovered in gravity through 0.8.1. A NULL pointer dereference exists in the function ircode_register_pop_context_protect() located in gravity_ircode.c. It allows an attacker to cause Denial of Service. | ||||