Export limit exceeded: 21674 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (21674 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-3790 | 1 Binatoneglobal | 42 Cn28, Cn28 Firmware, Cn40 and 39 more | 2024-11-21 | 6.5 Medium |
| A buffer overflow was reported in the local web server of some Motorola-branded Binatone Hubble Cameras that could allow an unauthenticated attacker on the same network to perform a denial-of-service attack against the device. | ||||
| CVE-2021-3788 | 1 Binatoneglobal | 42 Cn28, Cn28 Firmware, Cn40 and 39 more | 2024-11-21 | 6.8 Medium |
| An exposed debug interface was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker with physical access unauthorized access to the device. | ||||
| CVE-2021-3778 | 5 Debian, Fedoraproject, Netapp and 2 more | 5 Debian Linux, Fedora, Ontap Select Deploy Administration Utility and 2 more | 2024-11-21 | 7.8 High |
| vim is vulnerable to Heap-based Buffer Overflow | ||||
| CVE-2021-3770 | 3 Fedoraproject, Netapp, Vim | 3 Fedora, Ontap Select Deploy Administration Utility, Vim | 2024-11-21 | 7.8 High |
| vim is vulnerable to Heap-based Buffer Overflow | ||||
| CVE-2021-3756 | 2 Fedoraproject, Symonics | 2 Fedora, Libmysofa | 2024-11-21 | 9.8 Critical |
| libmysofa is vulnerable to Heap-based Buffer Overflow | ||||
| CVE-2021-3753 | 3 Linux, Netapp, Redhat | 18 Linux Kernel, Active Iq Unified Manager, Bootstrap Os and 15 more | 2024-11-21 | 4.7 Medium |
| A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidentiality. | ||||
| CVE-2021-3743 | 5 Fedoraproject, Linux, Netapp and 2 more | 22 Fedora, Linux Kernel, H300e and 19 more | 2024-11-21 | 7.1 High |
| An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. A missing sanity check allows a local attacker to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2021-3711 | 6 Debian, Netapp, Openssl and 3 more | 32 Debian Linux, Active Iq Unified Manager, Clustered Data Ontap and 29 more | 2024-11-21 | 9.8 Critical |
| In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size required to hold the decrypted plaintext. The application can then allocate a sufficiently sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL value for the "out" parameter. A bug in the implementation of the SM2 decryption code means that the calculation of the buffer size required to hold the plaintext returned by the first call to EVP_PKEY_decrypt() can be smaller than the actual size required by the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is called by the application a second time with a buffer that is too small. A malicious attacker who is able present SM2 content for decryption to an application could cause attacker chosen data to overflow the buffer by up to a maximum of 62 bytes altering the contents of other data held after the buffer, possibly changing application behaviour or causing the application to crash. The location of the buffer is application dependent but is typically heap allocated. Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k). | ||||
| CVE-2021-3692 | 1 Yiiframework | 1 Yii | 2024-11-21 | 5.3 Medium |
| yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator | ||||
| CVE-2021-3689 | 1 Yiiframework | 1 Yii | 2024-11-21 | 7.5 High |
| yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator | ||||
| CVE-2021-3625 | 1 Zephyrproject | 1 Zephyr | 2024-11-21 | 9.6 Critical |
| Buffer overflow in Zephyr USB DFU DNLOAD. Zephyr versions >= v2.5.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-c3gr-hgvr-f363 | ||||
| CVE-2021-3607 | 3 Debian, Fedoraproject, Qemu | 3 Debian Linux, Fedora, Qemu | 2024-11-21 | 6.0 Medium |
| An integer overflow was found in the QEMU implementation of VMWare's paravirtual RDMA device in versions prior to 6.1.0. The issue occurs while handling a "PVRDMA_REG_DSRHIGH" write from the guest due to improper input validation. This flaw allows a privileged guest user to make QEMU allocate a large amount of memory, resulting in a denial of service. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2021-3605 | 3 Debian, Openexr, Redhat | 3 Debian Linux, Openexr, Enterprise Linux | 2024-11-21 | 5.5 Medium |
| There's a flaw in OpenEXR's rleUncompress functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability. | ||||
| CVE-2021-3600 | 4 Canonical, Fedoraproject, Linux and 1 more | 4 Ubuntu Linux, Fedora, Linux Kernel and 1 more | 2024-11-21 | 7.8 High |
| It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. A local attacker could use this to possibly execute arbitrary code. | ||||
| CVE-2021-3598 | 3 Debian, Openexr, Redhat | 3 Debian Linux, Openexr, Enterprise Linux | 2024-11-21 | 5.5 Medium |
| There's a flaw in OpenEXR's ImfDeepScanLineInputFile functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability. | ||||
| CVE-2021-3588 | 1 Bluez | 1 Bluez | 2024-11-21 | 3.3 Low |
| The cli_feat_read_cb() function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading. | ||||
| CVE-2021-3581 | 1 Zephyrproject | 1 Zephyr | 2024-11-21 | 7 High |
| Buffer Access with Incorrect Length Value in zephyr. Zephyr versions >= >=2.5.0 contain Buffer Access with Incorrect Length Value (CWE-805). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-8q65-5gqf-fmw5 | ||||
| CVE-2021-3571 | 3 Fedoraproject, Linuxptp Project, Redhat | 3 Fedora, Linuxptp, Enterprise Linux | 2024-11-21 | 7.1 High |
| A flaw was found in the ptp4l program of the linuxptp package. When ptp4l is operating on a little-endian architecture as a PTP transparent clock, a remote attacker could send a crafted one-step sync message to cause an information leak or crash. The highest threat from this vulnerability is to data confidentiality and system availability. This flaw affects linuxptp versions before 3.1.1 and before 2.0.1. | ||||
| CVE-2021-3569 | 2 Libtpms Project, Redhat | 2 Libtpms, Enterprise Linux | 2024-11-21 | 5.5 Medium |
| A stack corruption bug was found in libtpms in versions before 0.7.2 and before 0.8.0 while decrypting data using RSA. This flaw could result in a SIGBUS (bad memory access) and termination of swtpm. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2021-3555 | 1 Eufylife | 4 Solo Indoorcam C24, Solo Indoorcam C24 Firmware, Solo Indoorcam P24 and 1 more | 2024-11-21 | 7.6 High |
| A Buffer Overflow vulnerability in the RSTP server component of Eufy Indoor 2K Indoor Camera allows a local attacker to achieve remote code execution. This issue affects: Eufy Indoor 2K Indoor Camera 2.0.9.3 version and prior versions. | ||||