Export limit exceeded: 18090 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 79699 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (79699 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-46527 | 1 Cesanta | 1 Mjs | 2024-11-21 | 7.8 High |
| Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via mjs_get_cstring at src/mjs_string.c. | ||||
| CVE-2021-46526 | 1 Cesanta | 1 Mjs | 2024-11-21 | 7.8 High |
| Cesanta MJS v2.20.0 was discovered to contain a global buffer overflow via snquote at src/mjs_json.c. | ||||
| CVE-2021-46525 | 1 Cesanta | 1 Mjs | 2024-11-21 | 7.8 High |
| Cesanta MJS v2.20.0 was discovered to contain a heap-use-after-free via mjs_apply at src/mjs_exec.c. | ||||
| CVE-2021-46524 | 1 Cesanta | 1 Mjs | 2024-11-21 | 7.8 High |
| Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via snquote at mjs/src/mjs_json.c. | ||||
| CVE-2021-46523 | 1 Cesanta | 1 Mjs | 2024-11-21 | 7.8 High |
| Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via to_json_or_debug at mjs/src/mjs_json.c. | ||||
| CVE-2021-46522 | 1 Cesanta | 1 Mjs | 2024-11-21 | 7.8 High |
| Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via /usr/lib/x86_64-linux-gnu/libasan.so.4+0xaff53. | ||||
| CVE-2021-46521 | 1 Cesanta | 1 Mjs | 2024-11-21 | 7.8 High |
| Cesanta MJS v2.20.0 was discovered to contain a global buffer overflow via c_vsnprintf at mjs/src/common/str_util.c. | ||||
| CVE-2021-46520 | 1 Cesanta | 1 Mjs | 2024-11-21 | 7.8 High |
| Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via mjs_jprintf at src/mjs_util.c. | ||||
| CVE-2021-46519 | 1 Cesanta | 1 Mjs | 2024-11-21 | 7.8 High |
| Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via mjs_array_length at src/mjs_array.c. | ||||
| CVE-2021-46518 | 1 Cesanta | 1 Mjs | 2024-11-21 | 7.8 High |
| Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via mjs_disown at src/mjs_core.c. | ||||
| CVE-2021-46513 | 1 Cesanta | 1 Mjs | 2024-11-21 | 7.8 High |
| Cesanta MJS v2.20.0 was discovered to contain a global buffer overflow via mjs_mk_string at mjs/src/mjs_string.c. | ||||
| CVE-2021-46509 | 1 Cesanta | 1 Mjs | 2024-11-21 | 7.8 High |
| Cesanta MJS v2.20.0 was discovered to contain a stack overflow via snquote at mjs/src/mjs_json.c. | ||||
| CVE-2021-46483 | 1 Jsish | 1 Jsish | 2024-11-21 | 7.8 High |
| Jsish v3.5.0 was discovered to contain a heap buffer overflow via BooleanConstructor at src/jsiBool.c. | ||||
| CVE-2021-46482 | 1 Jsish | 1 Jsish | 2024-11-21 | 7.8 High |
| Jsish v3.5.0 was discovered to contain a heap buffer overflow via NumberConstructor at src/jsiNumber.c. | ||||
| CVE-2021-46462 | 1 F5 | 1 Njs | 2024-11-21 | 7.5 High |
| njs through 0.7.1, used in NGINX, was discovered to contain a segmentation violation via njs_object_set_prototype in /src/njs_object.c. | ||||
| CVE-2021-46459 | 1 Victor Cms Project | 1 Victor Cms | 2024-11-21 | 7.5 High |
| Victor CMS v1.0 was discovered to contain multiple SQL injection vulnerabilities in the component admin/users.php?source=add_user. These vulnerabilities can be exploited through a crafted POST request via the user_name, user_firstname,user_lastname, or user_email parameters. | ||||
| CVE-2021-46458 | 1 Victor Cms Project | 1 Victor Cms | 2024-11-21 | 7.5 High |
| Victor CMS v1.0 was discovered to contain a SQL injection vulnerability in the component admin/posts.php?source=add_post. This vulnerability can be exploited through a crafted POST request via the post_title parameter. | ||||
| CVE-2021-46441 | 1 Dlink | 2 Dir-825, Dir-825 Firmware | 2024-11-21 | 8.8 High |
| In the "webupg" binary of D-Link DIR-825 G1, because of the lack of parameter verification, attackers can use "cmd" parameters to execute arbitrary system commands after obtaining authorization. | ||||
| CVE-2021-46440 | 1 Strapi | 1 Strapi | 2024-11-21 | 7.5 High |
| Storing passwords in a recoverable format in the DOCUMENTATION plugin component of Strapi before 3.6.9 and 4.x before 4.1.5 allows an attacker to access a victim's HTTP request, get the victim's cookie, perform a base64 decode on the victim's cookie, and obtain a cleartext password, leading to getting API documentation for further API attacks. | ||||
| CVE-2021-46436 | 1 Zzcms | 1 Zzcms | 2024-11-21 | 7.2 High |
| An issue was discovered in ZZCMS 2021. There is a SQL injection vulnerability in ad_manage.php. | ||||