Total
11483 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-0004 | 2 Fedoraproject, Intel | 3 Fedora, Ethernet Controller E810, Ethernet Controller E810 Firmware | 2022-03-31 | 2.1 LOW | 4.4 MEDIUM |
| Improper buffer restrictions in the firmware of Intel(R) Ethernet Adapters 800 Series Controllers and associated adapters before version 1.5.3.0 may allow a privileged user to potentially enable denial of service via local access. | |||||
| CVE-2019-9810 | 2 Mozilla, Redhat | 7 Firefox, Firefox Esr, Thunderbird and 4 more | 2022-03-30 | 6.8 MEDIUM | 8.8 HIGH |
| Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. This vulnerability affects Firefox < 66.0.1, Firefox ESR < 60.6.1, and Thunderbird < 60.6.1. | |||||
| CVE-2021-4011 | 3 Debian, Fedoraproject, X.org | 3 Debian Linux, Fedora, X Server | 2022-03-30 | 7.2 HIGH | 7.8 HIGH |
| A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SwapCreateRegister function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | |||||
| CVE-2021-4010 | 3 Debian, Fedoraproject, X.org | 3 Debian Linux, Fedora, X Server | 2022-03-30 | 7.2 HIGH | 7.8 HIGH |
| A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcScreenSaverSuspend function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | |||||
| CVE-2021-4009 | 3 Debian, Fedoraproject, X.org | 3 Debian Linux, Fedora, X Server | 2022-03-30 | 7.2 HIGH | 7.8 HIGH |
| A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcXFixesCreatePointerBarrier function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | |||||
| CVE-2021-4008 | 3 Debian, Fedoraproject, X.org | 3 Debian Linux, Fedora, X Server | 2022-03-30 | 7.2 HIGH | 7.8 HIGH |
| A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcRenderCompositeGlyphs function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | |||||
| CVE-2022-22612 | 1 Apple | 6 Ipados, Iphone Os, Itunes and 3 more | 2022-03-24 | 6.8 MEDIUM | 7.8 HIGH |
| A memory consumption issue was addressed with improved memory handling. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, iTunes 12.12.3 for Windows, watchOS 8.5, macOS Monterey 12.3. Processing a maliciously crafted image may lead to heap corruption. | |||||
| CVE-2021-39708 | 1 Google | 1 Android | 2022-03-23 | 10.0 HIGH | 9.8 CRITICAL |
| In gatt_process_notification of gatt_cl.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-206128341 | |||||
| CVE-2021-42724 | 2 Adobe, Microsoft | 2 Bridge, Windows | 2022-03-22 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Bridge version 11.1.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | |||||
| CVE-2021-40777 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2022-03-22 | 9.3 HIGH | 7.8 HIGH |
| Adobe Media Encoder version 15.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | |||||
| CVE-2021-42262 | 1 Softing | 3 Datafeed Opc Suite, Opc Ua C\+\+ Software Development Kit, Secure Integration Server | 2022-03-18 | 4.0 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Softing OPC UA C++ SDK before 5.70. An invalid XML element in the type dictionary makes the OPC/UA client crash due to an out-of-memory condition. | |||||
| CVE-2022-25818 | 1 Google | 1 Android | 2022-03-15 | 7.5 HIGH | 9.8 CRITICAL |
| Improper boundary check in UWB stack prior to SMR Mar-2022 Release 1 allows arbitrary code execution. | |||||
| CVE-2022-24322 | 1 Schneider-electric | 1 Ecostruxure Control Expert | 2022-03-11 | 4.3 MEDIUM | 5.9 MEDIUM |
| A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause a disruption of communication between the Modicon controller and the engineering software when an attacker is able to intercept and manipulate specific Modbus response data. Affected Product: EcoStruxure Control Expert (V15.0 SP1 and prior) | |||||
| CVE-2021-1094 | 2 Debian, Nvidia | 2 Debian Linux, Gpu Display Driver | 2022-03-09 | 3.6 LOW | 6.1 MEDIUM |
| NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where an out of bounds array access may lead to denial of service or information disclosure. | |||||
| CVE-2022-26129 | 1 Frrouting | 1 Frrouting | 2022-03-09 | 6.8 MEDIUM | 7.8 HIGH |
| Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the subtlv length in the functions, parse_hello_subtlv, parse_ihu_subtlv, and parse_update_subtlv in babeld/message.c. | |||||
| CVE-2022-26128 | 1 Frrouting | 1 Frrouting | 2022-03-09 | 6.8 MEDIUM | 7.8 HIGH |
| A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to a wrong check on the input packet length in the babel_packet_examin function in babeld/message.c. | |||||
| CVE-2022-26125 | 1 Frrouting | 1 Frrouting | 2022-03-09 | 6.8 MEDIUM | 7.8 HIGH |
| Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the input packet length in isisd/isis_tlvs.c. | |||||
| CVE-2022-26127 | 1 Frrouting | 1 Frrouting | 2022-03-09 | 6.8 MEDIUM | 7.8 HIGH |
| A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to missing a check on the input packet length in the babel_packet_examin function in babeld/message.c. | |||||
| CVE-2021-20325 | 1 Redhat | 1 Enterprise Linux | 2022-03-08 | 10.0 HIGH | 9.8 CRITICAL |
| Missing fixes for CVE-2021-40438 and CVE-2021-26691 in the versions of httpd, as shipped in Red Hat Enterprise Linux 8.5.0, causes a security regression compared to the versions shipped in Red Hat Enterprise Linux 8.4. A user who installs or updates to Red Hat Enterprise Linux 8.5.0 would be vulnerable to the mentioned CVEs, even if they were properly fixed in Red Hat Enterprise Linux 8.4. CVE-2021-20325 was assigned to that Red Hat specific security regression and it does not affect the upstream versions of httpd. | |||||
| CVE-2021-22479 | 1 Huawei | 1 Harmonyos | 2022-03-07 | 4.9 MEDIUM | 5.5 MEDIUM |
| The interface of a certain HarmonyOS module has an invalid address access vulnerability. Successful exploitation of this vulnerability may lead to kernel crash. | |||||