Export limit exceeded: 335876 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (15154 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-22432 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 9.8 Critical |
| There is a vulnerability when configuring permission isolation in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access. | ||||
| CVE-2021-22431 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 9.8 Critical |
| There is a vulnerability when configuring permission isolation in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access. | ||||
| CVE-2021-22429 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 9.8 Critical |
| There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed. | ||||
| CVE-2021-22426 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 9.8 Critical |
| There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed. | ||||
| CVE-2021-22254 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 3.1 Low |
| Under very specific conditions a user could be impersonated using Gitlab shell. This vulnerability affects GitLab CE/EE 13.1 and later through 14.1.2, 14.0.7 and 13.12.9. | ||||
| CVE-2021-22142 | 1 Elastic | 1 Kibana | 2024-11-21 | 6.6 Medium |
| Kibana contains an embedded version of the Chromium browser that the Reporting feature uses to generate the downloadable reports. If a user with permissions to generate reports is able to render arbitrary HTML with this browser, they may be able to leverage known Chromium vulnerabilities to conduct further attacks. Kibana contains a number of protections to prevent this browser from rendering arbitrary content. | ||||
| CVE-2021-22096 | 4 Netapp, Oracle, Redhat and 1 more | 12 Active Iq Unified Manager, Management Services For Element Software And Netapp Hci, Metrocluster Tiebreaker and 9 more | 2024-11-21 | 4.3 Medium |
| In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries. | ||||
| CVE-2021-21951 | 1 Anker | 2 Eufy Homebase 2, Eufy Homebase 2 Firmware | 2024-11-21 | 10.0 Critical |
| An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h in function read_udp_push_config_file. A specially-crafted network packet can lead to code execution. | ||||
| CVE-2021-21950 | 1 Anker | 2 Eufy Homebase 2, Eufy Homebase 2 Firmware | 2024-11-21 | 10.0 Critical |
| An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h in function recv_server_device_response_msg_process. A specially-crafted network packet can lead to code execution. | ||||
| CVE-2021-21899 | 3 Debian, Fedoraproject, Librecad | 3 Debian Linux, Fedora, Libdxfrw | 2024-11-21 | 8.8 High |
| A code execution vulnerability exists in the dwgCompressor::copyCompBytes21 functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dwg file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2021-21898 | 3 Debian, Fedoraproject, Librecad | 3 Debian Linux, Fedora, Libdxfrw | 2024-11-21 | 8.8 High |
| A code execution vulnerability exists in the dwgCompressor::decompress18() functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dwg file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2021-21862 | 1 Gpac | 1 Gpac | 2024-11-21 | 8.8 High |
| Multiple exploitable integer truncation vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an improper memory allocation resulting in a heap-based buffer overflow that causes memory corruption The implementation of the parser used for the “Xtra” FOURCC code is handled. An attacker can convince a user to open a video to trigger this vulnerability. | ||||
| CVE-2021-21858 | 2 Debian, Gpac | 2 Debian Linux, Gpac | 2024-11-21 | 8.8 High |
| Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked addition arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability. | ||||
| CVE-2021-21857 | 2 Debian, Gpac | 2 Debian Linux, Gpac | 2024-11-21 | 8.8 High |
| Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked addition arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability. | ||||
| CVE-2021-21856 | 1 Gpac | 1 Gpac | 2024-11-21 | 8.8 High |
| Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked addition arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability. | ||||
| CVE-2021-21855 | 2 Debian, Gpac | 2 Debian Linux, Gpac | 2024-11-21 | 8.8 High |
| Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked addition arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability. | ||||
| CVE-2021-21854 | 2 Debian, Gpac | 2 Debian Linux, Gpac | 2024-11-21 | 8.8 High |
| Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked addition arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability. | ||||
| CVE-2021-21853 | 2 Debian, Gpac | 2 Debian Linux, Gpac | 2024-11-21 | 8.8 High |
| Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked addition arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability. | ||||
| CVE-2021-21849 | 2 Debian, Gpac | 2 Debian Linux, Gpac | 2024-11-21 | 8.8 High |
| An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow when the library encounters an atom using the “tfra” FOURCC code due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability. | ||||
| CVE-2021-21848 | 2 Debian, Gpac | 2 Debian Linux, Gpac | 2024-11-21 | 8.8 High |
| An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. The library will actually reuse the parser for atoms with the “stsz” FOURCC code when parsing atoms that use the “stz2” FOURCC code and can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability. | ||||