Total
13373 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-43247 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server and 2 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Windows TCP/IP Driver Elevation of Privilege Vulnerability | |||||
| CVE-2021-43215 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | 6.8 MEDIUM | 9.8 CRITICAL |
| iSNS Server Memory Corruption Vulnerability Can Lead to Remote Code Execution | |||||
| CVE-2021-43174 | 2 Debian, Nlnetlabs | 2 Debian Linux, Routinator | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| NLnet Labs Routinator versions 0.9.0 up to and including 0.10.1, support the gzip transfer encoding when querying RRDP repositories. This encoding can be used by an RRDP repository to cause an out-of-memory crash in these versions of Routinator. RRDP uses XML which allows arbitrary amounts of white space in the encoded data. The gzip scheme compresses such white space extremely well, leading to very small compressed files that become huge when being decompressed for further processing, big enough that Routinator runs out of memory when parsing input data waiting for the next XML element. | |||||
| CVE-2021-43086 | 1 Arm | 1 Adaptive Scalable Texture Compression Encoder | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| ARM astcenc 3.2.0 is vulnerable to Buffer Overflow. When the compression function of the astc-encoder project with -cl option was used, a stack-buffer-overflow occurred in function encode_ise() in function compress_symbolic_block_for_partition_2planes() in "/Source/astcenc_compress_symbolic.cpp". | |||||
| CVE-2021-43071 | 1 Fortinet | 1 Fortiweb | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| A heap-based buffer overflow in Fortinet FortiWeb version 6.4.1 and 6.4.0, version 6.3.15 and below, version 6.2.6 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests to the LogReport API controller. | |||||
| CVE-2021-43029 | 2 Adobe, Microsoft | 2 Premiere Rush, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious M4A file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | |||||
| CVE-2021-43028 | 2 Adobe, Microsoft | 2 Premiere Rush, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious M4A file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | |||||
| CVE-2021-43026 | 2 Adobe, Microsoft | 2 Premiere Rush, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious MXF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | |||||
| CVE-2021-43025 | 2 Adobe, Microsoft | 2 Premiere Rush, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious SVG file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | |||||
| CVE-2021-43024 | 2 Adobe, Microsoft | 2 Premiere Rush, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious WAV file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | |||||
| CVE-2021-43023 | 2 Adobe, Microsoft | 2 Premiere Rush, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious EPS/TIFF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | |||||
| CVE-2021-43022 | 2 Adobe, Microsoft | 2 Premiere Rush, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious PNG file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | |||||
| CVE-2021-43021 | 2 Adobe, Microsoft | 2 Premiere Rush, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious EXR file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | |||||
| CVE-2021-43018 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2024-11-21 | N/A | 7.8 HIGH |
| Adobe Photoshop versions 23.0.2 and 22.5.4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious JPG file. | |||||
| CVE-2021-42756 | 1 Fortinet | 1 Fortiweb | 2024-11-21 | N/A | 9.8 CRITICAL |
| Multiple stack-based buffer overflow vulnerabilities [CWE-121] in the proxy daemon of FortiWeb 5.x all versions, 6.0.7 and below, 6.1.2 and below, 6.2.6 and below, 6.3.16 and below, 6.4 all versions may allow an unauthenticated remote attacker to achieve arbitrary code execution via specifically crafted HTTP requests. | |||||
| CVE-2021-42739 | 5 Debian, Fedoraproject, Linux and 2 more | 8 Debian Linux, Fedora, Linux Kernel and 5 more | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking. | |||||
| CVE-2021-42727 | 2 Adobe, Microsoft | 2 Robohelp Server, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Adobe Bridge 11.1.1 (and earlier) is affected by a stack overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file in Bridge. | |||||
| CVE-2021-42707 | 1 We-con | 1 Plc Editor | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| PLC Editor Versions 1.3.8 and prior is vulnerable to an out-of-bounds write while processing project files, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2021-42704 | 1 Inkscape | 1 Inkscape | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Inkscape version 0.91 is vulnerable to an out-of-bounds write, which may allow an attacker to arbitrary execute code. | |||||
| CVE-2021-42692 | 1 Tinytoml Project | 1 Tinytoml | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| There is a stack-overflow vulnerability in tinytoml v0.4 that can cause a crash or DoS. | |||||