Export limit exceeded: 34736 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (42196 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-22671 | 1 Ti | 7 Cc3100 Software Development Kit, Cc3200 Software Development Kit, Simplelink Cc13x0 Software Development Kit and 4 more | 2024-11-21 | 9.8 Critical |
| Multiple integer overflow issues exist while processing long domain names, which may allow an attacker to remotely execute code on the SimpleLink Wi-Fi (MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK v4.30.00.06 and prior, CC13X0 SDK versions prior to v4.10.03, CC13X2 and CC26XX SDK versions prior to v4.40.00, CC3200 SDK v1.5.0 and prior, CC3100 SDK v1.3.0 and prior). | ||||
| CVE-2021-22668 | 1 Deltaww | 1 Cncsoft Screeneditor | 2024-11-21 | 9.8 Critical |
| Delta Industrial Automation CNCSoft ScreenEditor Versions 1.01.28 (with ScreenEditor Version 1.01.2) and prior are vulnerable to an out-of-bounds read while processing project files, which may allow an attacker to execute arbitrary code. | ||||
| CVE-2021-22666 | 1 Fatek | 1 Fvdesigner | 2024-11-21 | 7.8 High |
| Fatek FvDesigner Version 1.5.76 and prior is vulnerable to a stack-based buffer overflow while project files are being processed, allowing an attacker to craft a special project file that may permit arbitrary code execution. | ||||
| CVE-2021-22663 | 2 Hornerautomation, Siemens | 2 Cscape, Cscape | 2024-11-21 | 7.8 High |
| Cscape (All versions prior to 9.90 SP3.5) lacks proper validation of user-supplied data when parsing project files. This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to execute code in the context of the current process. | ||||
| CVE-2021-22660 | 1 Criticalmanufacturing | 1 Cncsoft-b | 2024-11-21 | 7.8 High |
| CNCSoft-B Versions 1.0.0.3 and prior is vulnerable to an out-of-bounds read, which may allow an attacker to execute arbitrary code. | ||||
| CVE-2021-22659 | 1 Rockwellautomation | 2 Micrologix 1400, Micrologix 1400 Firmware | 2024-11-21 | 8.6 High |
| Rockwell Automation MicroLogix 1400 Version 21.6 and below may allow a remote unauthenticated attacker to send a specially crafted Modbus packet allowing the attacker to retrieve or modify random values in the register. If successfully exploited, this may lead to a buffer overflow resulting in a denial-of-service condition. The FAULT LED will flash RED and communications may be lost. Recovery from denial-of-service condition requires the fault to be cleared by the user. | ||||
| CVE-2021-22655 | 1 Fujielectric | 2 V-server, V-simulator | 2024-11-21 | 7.8 High |
| Multiple out-of-bounds read issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0). | ||||
| CVE-2021-22649 | 2 Luxion, Siemens | 8 Keyshot, Keyshot Network Rendering, Keyshot Viewer and 5 more | 2024-11-21 | 7.8 High |
| Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 have multiple NULL pointer dereference issues while processing project files, which may allow an attacker to execute arbitrary code. | ||||
| CVE-2021-22643 | 2 Luxion, Siemens | 8 Keyshot, Keyshot Network Rendering, Keyshot Viewer and 5 more | 2024-11-21 | 7.8 High |
| Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are vulnerable to an out-of-bounds read while processing project files, which may allow an attacker to execute arbitrary code. | ||||
| CVE-2021-22641 | 1 Fujielectric | 2 V-server, V-simulator | 2024-11-21 | 7.8 High |
| A heap-based buffer overflow issue has been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0). | ||||
| CVE-2021-22638 | 1 Fatek | 1 Fvdesigner | 2024-11-21 | 7.8 High |
| Fatek FvDesigner Version 1.5.76 and prior is vulnerable to an out-of-bounds read while processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution. | ||||
| CVE-2021-22637 | 1 Fujielectric | 2 V-server, V-simulator | 2024-11-21 | 7.8 High |
| Multiple stack-based buffer overflow issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0). | ||||
| CVE-2021-22636 | 1 Ti | 14 Cc3200, Cc3220r, Cc3220s and 11 more | 2024-11-21 | 7.4 High |
| Texas Instruments TI-RTOS, when configured to use HeapMem heap(default), malloc returns a valid pointer to a small buffer on extremely large values, which can trigger an integer overflow vulnerability in 'HeapMem_allocUnprotected' and result in code execution. | ||||
| CVE-2021-22564 | 1 Libjxl Project | 1 Libjxl | 2024-11-21 | 4.5 Medium |
| For certain valid JPEG XL images with a size slightly larger than an integer number of groups (256x256 pixels) when processing the groups out of order the decoder can perform an out of bounds copy of image pixels from an image buffer in the heap to another. This copy can occur when processing the right or bottom edges of the image, but only when groups are processed in certain order. Groups can be processed out of order in multi-threaded decoding environments with heavy thread load but also with images that contain the groups in an arbitrary order in the file. It is recommended to upgrade past 0.6.0 or patch with https://github.com/libjxl/libjxl/pull/775 | ||||
| CVE-2021-22563 | 1 Libjxl Project | 1 Libjxl | 2024-11-21 | 4.5 Medium |
| Invalid JPEG XL images using libjxl can cause an out of bounds access on a std::vector<std::vector<T>> when rendering splines. The OOB read access can either lead to a segfault, or rendering splines based on other process memory. It is recommended to upgrade past 0.6.0 or patch with https://github.com/libjxl/libjxl/pull/757 | ||||
| CVE-2021-22552 | 1 Google | 1 Asylo | 2024-11-21 | 5.3 Medium |
| An untrusted memory read vulnerability in Asylo versions up to 0.6.1 allows an untrusted attacker to pass a syscall number in MessageReader that is then used by sysno() and can bypass validation. This can allow the attacker to read memory from within the secure enclave. We recommend updating to Asylo 0.6.3 or past https://github.com/google/asylo/commit/90d7619e9dd99bcdb6cd28c7649d741d254d9a1a | ||||
| CVE-2021-22547 | 1 Google | 1 Cloud Iot Device Sdk For Embedded C | 2024-11-21 | 6.3 Medium |
| In IoT Devices SDK, there is an implementation of calloc() that doesn't have a length check. An attacker could pass in memory objects larger than the buffer and wrap around to have a smaller buffer than required, allowing the attacker access to the other parts of the heap. We recommend upgrading the Google Cloud IoT Device SDK for Embedded C used to 1.0.3 or greater. | ||||
| CVE-2021-22543 | 5 Debian, Fedoraproject, Linux and 2 more | 29 Debian Linux, Fedora, Linux Kernel and 26 more | 2024-11-21 | 7.8 High |
| An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation. | ||||
| CVE-2021-22492 | 1 Google | 1 Android | 2024-11-21 | 8.8 High |
| An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Broadcom Bluetooth chipsets) software. The Bluetooth UART driver has a buffer overflow. The Samsung ID is SVE-2020-18731 (January 2021). | ||||
| CVE-2021-22487 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 7.5 High |
| There is an Out-of-bounds read vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service availability. | ||||