Export limit exceeded: 347336 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 347336 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 79369 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (79369 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-39536 | 1 Libxsmm Project | 1 Libxsmm | 2024-11-21 | 8.8 High |
| An issue was discovered in libxsmm through v1.16.1-93. The JIT code has a heap-based buffer overflow. | ||||
| CVE-2021-39534 | 1 Juniper | 1 Libslax | 2024-11-21 | 8.8 High |
| An issue was discovered in libslax through v0.22.1. slaxIsCommentStart() in slaxlexer.c has a heap-based buffer overflow. | ||||
| CVE-2021-39533 | 1 Juniper | 1 Libslax | 2024-11-21 | 8.8 High |
| An issue was discovered in libslax through v0.22.1. slaxLexer() in slaxlexer.c has a heap-based buffer overflow. | ||||
| CVE-2021-39531 | 1 Juniper | 1 Libslax | 2024-11-21 | 8.8 High |
| An issue was discovered in libslax through v0.22.1. slaxLexer() in slaxlexer.c has a stack-based buffer overflow. | ||||
| CVE-2021-39530 | 1 Gnu | 1 Libredwg | 2024-11-21 | 8.8 High |
| An issue was discovered in libredwg through v0.10.1.3751. bit_wcs2nlen() in bits.c has a heap-based buffer overflow. | ||||
| CVE-2021-39528 | 1 Gnu | 1 Libredwg | 2024-11-21 | 8.8 High |
| An issue was discovered in libredwg through v0.10.1.3751. dwg_free_MATERIAL_private() in dwg.spec has a double free. | ||||
| CVE-2021-39527 | 1 Gnu | 1 Libredwg | 2024-11-21 | 8.8 High |
| An issue was discovered in libredwg through v0.10.1.3751. appinfo_private() in decode.c has a heap-based buffer overflow. | ||||
| CVE-2021-39525 | 1 Gnu | 1 Libredwg | 2024-11-21 | 8.8 High |
| An issue was discovered in libredwg through v0.10.1.3751. bit_read_fixed() in bits.c has a heap-based buffer overflow. | ||||
| CVE-2021-39522 | 1 Gnu | 1 Libredwg | 2024-11-21 | 8.8 High |
| An issue was discovered in libredwg through v0.10.1.3751. bit_wcs2len() in bits.c has a heap-based buffer overflow. | ||||
| CVE-2021-39503 | 1 Phpmywind | 1 Phpmywind | 2024-11-21 | 7.2 High |
| PHPMyWind 5.6 is vulnerable to Remote Code Execution. Becase input is filtered without "<, >, ?, =, `,...." In WriteConfig() function, an attacker can inject php code to /include/config.cache.php file. | ||||
| CVE-2021-39500 | 1 Eyoucms | 1 Eyoucms | 2024-11-21 | 7.5 High |
| Eyoucms 1.5.4 is vulnerable to Directory Traversal. Due to a lack of input data sanitizaton in param tpldir, filename, type, nid an attacker can inject "../" to escape and write file to writeable directories. | ||||
| CVE-2021-39480 | 1 Bingrep Project | 1 Bingrep | 2024-11-21 | 7.5 High |
| Bingrep v0.8.5 was discovered to contain a memory allocation failure which can cause a Denial of Service (DoS). | ||||
| CVE-2021-39474 | 1 Ubeeinteractive | 2 Ubc1319, Ubc1319 Firmware | 2024-11-21 | 7.2 High |
| Vulnerability in the product Docsis 3.0 UBC1319BA00 Router supported affected version 1319010201r009. The vulnerability allows an attacker with privileges and network access through the ping.cmd component to execute commands on the device. | ||||
| CVE-2021-39459 | 1 Redaxo | 1 Redaxo | 2024-11-21 | 7.2 High |
| Remote code execution in the modules component in Yakamara Media Redaxo CMS version 5.12.1 allows an authenticated CMS user to execute code on the hosting system via a module containing malicious PHP code. | ||||
| CVE-2021-39433 | 1 Biqs | 1 Biqsdrive | 2024-11-21 | 7.5 High |
| A local file inclusion (LFI) vulnerability exists in version BIQS IT Biqs-drive v1.83 and below when sending a specific payload as the file parameter to download/index.php. This allows the attacker to read arbitrary files from the server with the permissions of the configured web-user. | ||||
| CVE-2021-39402 | 1 Maianmedia | 1 Maianaffiliate | 2024-11-21 | 7.2 High |
| MaianAffiliate v.1.0 is suffers from code injection by adding a new product via the admin panel. The injected payload is reflected on the affiliate main page for all authenticated and unauthenticated visitors. | ||||
| CVE-2021-39376 | 1 Philips | 1 Tasy Electronic Medical Record | 2024-11-21 | 8.8 High |
| Philips Healthcare Tasy Electronic Medical Record (EMR) 3.06 allows SQL injection via the CorCad_F2/executaConsultaEspecifico IE_CORPO_ASSIST or CD_USUARIO_CONVENIO parameter. | ||||
| CVE-2021-39375 | 1 Philips | 1 Tasy Electronic Medical Record | 2024-11-21 | 8.8 High |
| Philips Healthcare Tasy Electronic Medical Record (EMR) 3.06 allows SQL injection via the WAdvancedFilter/getDimensionItemsByCode FilterValue parameter. | ||||
| CVE-2021-39373 | 1 Samsung | 2 Drive Manager, H3 | 2024-11-21 | 7.8 High |
| Samsung Drive Manager 2.0.104 on Samsung H3 devices allows attackers to bypass intended access controls on disk management. WideCharToMultiByte, WideCharStr, and MultiByteStr can contribute to password exposure. | ||||
| CVE-2021-39371 | 2 Debian, Osgeo | 3 Debian Linux, Owslib, Pywps | 2024-11-21 | 7.5 High |
| An XML external entity (XXE) injection in PyWPS before 4.4.5 allows an attacker to view files on the application server filesystem by assigning a path to the entity. OWSLib 0.24.1 may also be affected. | ||||