Total
11483 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-1752 | 1 Apple | 2 Iphone Os, Ipod Touch | 2022-08-09 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in CFNetwork in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to URL handling. | |||||
| CVE-2010-1811 | 1 Apple | 2 Iphone Os, Ipod Touch | 2022-08-09 | 6.8 MEDIUM | N/A |
| ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF file. | |||||
| CVE-2010-1813 | 1 Apple | 2 Iphone Os, Ipod Touch | 2022-08-09 | 6.8 MEDIUM | N/A |
| WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving HTML object outlines. | |||||
| CVE-2021-45067 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2022-08-08 | 4.3 MEDIUM | 5.5 MEDIUM |
| Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Access of Memory Location After End of Buffer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-20239 | 3 Fedoraproject, Linux, Redhat | 3 Fedora, Linux Kernel, Enterprise Linux | 2022-08-05 | 2.1 LOW | 3.3 LOW |
| A flaw was found in the Linux kernel in versions before 5.4.92 in the BPF protocol. This flaw allows an attacker with a local account to leak information about kernel internal addresses. The highest threat from this vulnerability is to confidentiality. | |||||
| CVE-2021-20019 | 1 Sonicwall | 2 Sonicos, Sonicosv | 2022-08-05 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in SonicOS where the HTTP server response leaks partial memory by sending a crafted HTTP request, this can potentially lead to an internal sensitive data disclosure vulnerability. | |||||
| CVE-2014-8964 | 6 Fedoraproject, Mariadb, Opensuse and 3 more | 11 Fedora, Mariadb, Opensuse and 8 more | 2022-08-04 | 5.0 MEDIUM | N/A |
| Heap-based buffer overflow in PCRE 8.36 and earlier allows remote attackers to cause a denial of service (crash) or have other unspecified impact via a crafted regular expression, related to an assertion that allows zero repeats. | |||||
| CVE-2013-1861 | 7 Canonical, Debian, Mariadb and 4 more | 9 Ubuntu Linux, Debian Linux, Mariadb and 6 more | 2022-08-04 | 5.0 MEDIUM | N/A |
| MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points, which is not properly handled when processing the binary representation of this feature, related to a numeric calculation error. | |||||
| CVE-2022-34529 | 1 Wasm3 Project | 1 Wasm3 | 2022-08-03 | N/A | 5.5 MEDIUM |
| WASM3 v0.5.0 was discovered to contain a segmentation fault via the component Compile_Memory_CopyFill. | |||||
| CVE-2013-4484 | 2 Varnish-cache, Varnish Cache Project | 2 Varnish, Varnish Cache | 2022-08-02 | 5.0 MEDIUM | N/A |
| Varnish before 3.0.5 allows remote attackers to cause a denial of service (child-process crash and temporary caching outage) via a GET request with trailing whitespace characters and no URI. | |||||
| CVE-2017-8807 | 3 Debian, Varnish-cache, Varnish Cache Project | 3 Debian Linux, Varnish, Varnish Cache | 2022-08-02 | 6.4 MEDIUM | 9.1 CRITICAL |
| vbf_stp_error in bin/varnishd/cache/cache_fetch.c in Varnish HTTP Cache 4.1.x before 4.1.9 and 5.x before 5.2.1 allows remote attackers to obtain sensitive information from process memory because a VFP_GetStorage buffer is larger than intended in certain circumstances involving -sfile Stevedore transient objects. | |||||
| CVE-2004-2466 | 1 Efs Software | 1 Easy Chat Server | 2022-08-01 | 5.0 MEDIUM | N/A |
| chat.ghp in Easy Chat Server 1.2 allows remote attackers to cause a denial of service (server crash) via a long username parameter, possibly due to a buffer overflow. NOTE: it was later reported that 2.2 is also affected. | |||||
| CVE-2021-25449 | 1 Google | 1 Android | 2022-08-01 | 7.5 HIGH | 9.8 CRITICAL |
| An improper input validation vulnerability in libsapeextractor library prior to SMR Sep-2021 Release 1 allows attackers to execute arbitrary code in mediaextractor process. | |||||
| CVE-2020-35521 | 4 Fedoraproject, Libtiff, Netapp and 1 more | 4 Fedora, Libtiff, Ontap Select Deploy Administration Utility and 1 more | 2022-07-29 | 4.3 MEDIUM | 5.5 MEDIUM |
| A flaw was found in libtiff. Due to a memory allocation failure in tif_read.c, a crafted TIFF file can lead to an abort, resulting in denial of service. | |||||
| CVE-2020-35522 | 4 Fedoraproject, Libtiff, Netapp and 1 more | 4 Fedora, Libtiff, Ontap Select Deploy Administration Utility and 1 more | 2022-07-29 | 4.3 MEDIUM | 5.5 MEDIUM |
| In LibTIFF, there is a memory malloc failure in tif_pixarlog.c. A crafted TIFF document can lead to an abort, resulting in a remote denial of service attack. | |||||
| CVE-2022-26126 | 2 Fedoraproject, Frrouting | 2 Fedora, Frrouting | 2022-07-29 | 6.8 MEDIUM | 7.8 HIGH |
| Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to the use of strdup with a non-zero-terminated binary string in isis_nb_notifications.c. | |||||
| CVE-2021-21951 | 1 Anker | 2 Eufy Homebase 2, Eufy Homebase 2 Firmware | 2022-07-29 | 10.0 HIGH | 10.0 CRITICAL |
| An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h in function read_udp_push_config_file. A specially-crafted network packet can lead to code execution. | |||||
| CVE-2021-21950 | 1 Anker | 2 Eufy Homebase 2, Eufy Homebase 2 Firmware | 2022-07-29 | 10.0 HIGH | 10.0 CRITICAL |
| An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h in function recv_server_device_response_msg_process. A specially-crafted network packet can lead to code execution. | |||||
| CVE-2021-21808 | 1 Accusoft | 1 Imagegear | 2022-07-29 | 6.8 MEDIUM | 8.8 HIGH |
| A memory corruption vulnerability exists in the PNG png_palette_process functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to a heap buffer overflow. An attacker can provide malicious inputs to trigger this vulnerability. | |||||
| CVE-2020-13571 | 1 Accusoft | 1 Imagegear | 2022-07-29 | 6.8 MEDIUM | 8.8 HIGH |
| An out-of-bounds write vulnerability exists in the SGI RLE decompression functionality of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||