Export limit exceeded: 10129 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10129 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-46052 | 1 Webassembly | 1 Binaryen | 2024-11-21 | 5.5 Medium |
| A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::Tuple::validate. | ||||
| CVE-2021-46048 | 1 Webassembly | 1 Binaryen | 2024-11-21 | 5.5 Medium |
| A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::readFunctions. | ||||
| CVE-2021-45981 | 1 Netscout | 1 Ngeniusone | 2024-11-21 | 9.8 Critical |
| NetScout nGeniusONE 6.3.2 allows an XML External Entity (XXE) attack. | ||||
| CVE-2021-45891 | 1 Zauner | 1 Arc | 2024-11-21 | 8.8 High |
| An issue was discovered in Softwarebuero Zauner ARC 4.2.0.4., that allows attackers to escalate privileges within the application, since all permission checks are done client-side, not server-side. | ||||
| CVE-2021-45885 | 1 Stormshield | 1 Network Security | 2024-11-21 | 7.5 High |
| An issue was discovered in Stormshield Network Security (SNS) 4.2.2 through 4.2.7 (fixed in 4.2.8). Under a specific update-migration scenario, the first SSH password change does not properly clear the old password. | ||||
| CVE-2021-45861 | 1 Tsmuxer Project | 1 Tsmuxer | 2024-11-21 | 5.5 Medium |
| There is an Assertion `num <= INT_BIT' failed at BitStreamReader::skipBits in /bitStream.h:132 of tsMuxer git-c6a0277. | ||||
| CVE-2021-45852 | 1 Projectworlds | 1 Hospital Management System In Php | 2024-11-21 | 5.3 Medium |
| An issue was discovered in Projectworlds Hospital Management System v1.0. Unauthorized malicious attackers can add patients without restriction via add_patient.php. | ||||
| CVE-2021-45832 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | 5.5 Medium |
| A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 at at hdf5/src/H5Eint.c, which causes a Denial of Service (context-dependent). | ||||
| CVE-2021-45708 | 1 Abomonation Project | 1 Abomonation | 2024-11-21 | 7.5 High |
| An issue was discovered in the abomonation crate through 2021-10-17 for Rust. Because transmute operations are insufficiently constrained, there can be an information leak or ASLR bypass. | ||||
| CVE-2021-45428 | 1 Telesquare | 2 Tlr-2005ksh, Tlr-2005ksh Firmware | 2024-11-21 | 9.8 Critical |
| TLR-2005KSH is affected by an incorrect access control vulnerability. THe PUT method is enabled so an attacker can upload arbitrary files including HTML and CGI formats. | ||||
| CVE-2021-45420 | 1 Emerson | 2 Dixell Xweb-500, Dixell Xweb-500 Firmware | 2024-11-21 | 9.8 Critical |
| Emerson Dixell XWEB-500 products are affected by arbitrary file write vulnerability in /cgi-bin/logo_extra_upload.cgi, /cgi-bin/cal_save.cgi, and /cgi-bin/lo_utils.cgi. An attacker will be able to write any file on the target system without any kind of authentication mechanism, and this can lead to denial of service and potentially remote code execution. Note: the product has not been supported since 2018 and should be removed or replaced | ||||
| CVE-2021-45408 | 1 Seeddms | 1 Seeddms | 2024-11-21 | 6.1 Medium |
| Open Redirect vulnerability exists in SeedDMS 6.0.15 in out.Login.php, which llows remote malicious users to redirect users to malicious sites using the "referuri" parameter. | ||||
| CVE-2021-45402 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 5.5 Medium |
| The check_alu_op() function in kernel/bpf/verifier.c in the Linux kernel through v5.16-rc5 did not properly update bounds while handling the mov32 instruction, which allows local users to obtain potentially sensitive address information, aka a "pointer leak." | ||||
| CVE-2021-45387 | 1 Broadcom | 1 Tcpreplay | 2024-11-21 | 5.5 Medium |
| tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv4() at tree.c. | ||||
| CVE-2021-45386 | 1 Broadcom | 1 Tcpreplay | 2024-11-21 | 5.5 Medium |
| tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv6() at tree.c | ||||
| CVE-2021-45328 | 1 Gitea | 1 Gitea | 2024-11-21 | 6.1 Medium |
| Gitea before 1.4.3 is affected by URL Redirection to Untrusted Site ('Open Redirect') via internal URLs. | ||||
| CVE-2021-45290 | 2 Fedoraproject, Webassembly | 2 Fedora, Binaryen | 2024-11-21 | 7.5 High |
| A Denial of Service vulnerability exits in Binaryen 103 due to an assertion abort in wasm::handle_unreachable. | ||||
| CVE-2021-45105 | 6 Apache, Debian, Netapp and 3 more | 131 Log4j, Debian Linux, Cloud Manager and 128 more | 2024-11-21 | 5.9 Medium |
| Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue was fixed in Log4j 2.17.0, 2.12.3, and 2.3.1. | ||||
| CVE-2021-45096 | 1 Knime | 1 Knime Analytics Platform | 2024-11-21 | 4.7 Medium |
| KNIME Analytics Platform before 4.5.0 is vulnerable to XXE (external XML entity injection) via a crafted workflow file (.knwf), aka AP-17730. | ||||
| CVE-2021-45024 | 1 Rocketsoftware | 1 Ags-zena | 2024-11-21 | 9.8 Critical |
| ASG technologies ( A Rocket Software Company) ASG-Zena Cross Platform Server Enterprise Edition 4.2.1 is vulnerable to XML External Entity (XXE). | ||||