Total
1596 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-5208 | 4 Debian, Fedoraproject, Ipmitool Project and 1 more | 4 Debian Linux, Fedora, Ipmitool and 1 more | 2021-12-30 | 6.5 MEDIUM | 8.8 HIGH |
| It's been found that multiple functions in ipmitool before 1.8.19 neglect proper checking of the data received from a remote LAN party, which may lead to buffer overflows and potentially to remote code execution on the ipmitool side. This is especially dangerous if ipmitool is run as a privileged user. This problem is fixed in version 1.8.19. | |||||
| CVE-2021-30981 | 1 Apple | 2 Mac Os X, Macos | 2021-12-30 | 9.3 HIGH | 7.8 HIGH |
| A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.1, Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2021-30983 | 1 Apple | 2 Ipados, Iphone Os | 2021-12-28 | 9.3 HIGH | 7.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 15.2 and iPadOS 15.2. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2021-41499 | 1 Pyo Project | 1 Pyo | 2021-12-27 | 5.0 MEDIUM | 7.5 HIGH |
| Buffer Overflow Vulnerability exists in ajaxsoundstudio.com n Pyo < 1.03 in the Server_debug function, which allows remote attackers to conduct DoS attacks by deliberately passing on an overlong audio file name. | |||||
| CVE-2021-41498 | 1 Pyo Project | 1 Pyo | 2021-12-27 | 5.0 MEDIUM | 7.5 HIGH |
| Buffer overflow in ajaxsoundstudio.com Pyo < and 1.03 in the Server_jack_init function. which allows attackers to conduct Denial of Service attacks by arbitrary constructing a overlong server name. | |||||
| CVE-2021-43573 | 1 Realtek | 2 Rtl8195am, Rtl8195am Firmware | 2021-12-21 | 7.5 HIGH | 9.8 CRITICAL |
| A buffer overflow was discovered on Realtek RTL8195AM devices before 2.0.10. It exists in the client code when processing a malformed IE length of HT capability information in the Beacon and Association response frame. | |||||
| CVE-2020-18077 | 1 Ftpshell | 1 Ftpshell Server | 2021-12-21 | 5.0 MEDIUM | 7.5 HIGH |
| A buffer overflow vulnerability in the Virtual Path Mapping component of FTPShell v6.83 allows attackers to cause a denial of service (DoS). | |||||
| CVE-2021-33719 | 1 Siemens | 3 Siprotec 5 With Cpu Variant Cp050, Siprotec 5 With Cpu Variant Cp100, Siprotec 5 With Cpu Variant Cp300 | 2021-12-16 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability has been identified in SIPROTEC 5 relays with CPU variants CP050 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP100 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP300 (All versions < V8.80). Specially crafted packets sent to port 4443/tcp could cause a Denial-of-Service condition or potential remote code execution. | |||||
| CVE-2021-44154 | 1 Reprisesoftware | 1 Reprise License Manager | 2021-12-15 | 6.5 MEDIUM | 7.2 HIGH |
| An issue was discovered in Reprise RLM 14.2. By using an admin account, an attacker can write a payload to /goform/edit_opt, which will then be triggered when running the diagnostics (via /goform/diagnostics_doit), resulting in a buffer overflow. | |||||
| CVE-2021-3466 | 3 Fedoraproject, Gnu, Redhat | 3 Fedora, Libmicrohttpd, Enterprise Linux | 2021-12-15 | 10.0 HIGH | 9.8 CRITICAL |
| A flaw was found in libmicrohttpd. A missing bounds check in the post_process_urlencoded function leads to a buffer overflow, allowing a remote attacker to write arbitrary data in an application that uses libmicrohttpd. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Only version 0.9.70 is vulnerable. | |||||
| CVE-2021-33720 | 1 Siemens | 3 Siprotec 5 With Cpu Variant Cp050, Siprotec 5 With Cpu Variant Cp100, Siprotec 5 With Cpu Variant Cp300 | 2021-12-14 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability has been identified in SIPROTEC 5 relays with CPU variants CP050 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP100 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP300 (All versions < V8.80). Specially crafted packets sent to port 4443/tcp could cause a Denial-of-Service condition. | |||||
| CVE-2021-20045 | 1 Sonicwall | 10 Sma 200, Sma 200 Firmware, Sma 210 and 7 more | 2021-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| A buffer overflow vulnerability in SMA100 sonicfiles RAC_COPY_TO (RacNumber 36) method allows a remote unauthenticated attacker to potentially execute code as the 'nobody' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances. | |||||
| CVE-2020-21041 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2021-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| Buffer Overflow vulnerability exists in FFmpeg 4.1 via apng_do_inverse_blend in libavcodec/pngenc.c, which could let a remote malicious user cause a Denial of Service | |||||
| CVE-2020-9147 | 1 Huawei | 2 Emui, Magic Ui | 2021-12-09 | 4.4 MEDIUM | 7.8 HIGH |
| A memory buffer error vulnerability exists in a component interface of Huawei Smartphone. Local attackers may exploit this vulnerability by carefully constructing attack scenarios to cause out-of-bounds read. | |||||
| CVE-2021-42757 | 1 Fortinet | 4 Fortianalyzer, Fortimanager, Fortios and 1 more | 2021-12-09 | 4.6 MEDIUM | 6.7 MEDIUM |
| A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments. | |||||
| CVE-2020-12140 | 1 Contiki-ng | 1 Contiki-ng | 2021-12-09 | 8.3 HIGH | 8.8 HIGH |
| A buffer overflow in os/net/mac/ble/ble-l2cap.c in the BLE stack in Contiki-NG 4.4 and earlier allows an attacker to execute arbitrary code via malicious L2CAP frames. | |||||
| CVE-2021-42687 | 1 Accops | 1 Hyworks Windows Client | 2021-12-09 | 7.2 HIGH | 8.8 HIGH |
| A Buffer Overflow vulnerability exists in Accops HyWorks Windows Client prior to v 3.2.8.200. The IOCTL Handler 0x22005B allows local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet. | |||||
| CVE-2021-43637 | 1 Amazon | 1 Workspaces | 2021-12-09 | 7.2 HIGH | 8.8 HIGH |
| Amazon WorkSpaces agent is affected by Buffer Overflow. IOCTL Handler 0x22001B in the Amazon WorkSpaces agent below v1.0.1.1537 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet. | |||||
| CVE-2021-42683 | 1 Accops | 1 Hyworks Windows Client | 2021-12-09 | 7.2 HIGH | 8.8 HIGH |
| A Buffer Overflow vulnerability exists in Accops HyWorks Windows Client prior to v 3.2.8.200. The IOCTL Handler 0x22001B allows local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet. | |||||
| CVE-2021-42681 | 1 Accops | 1 Hyworks Dvm Tools | 2021-12-09 | 7.2 HIGH | 8.8 HIGH |
| A Buffer Overflow vulnerability exists in Accops HyWorks DVM Tools prior to v3.3.1.105. The IOCTL Handler 0x22001B allows local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet. | |||||