Total
1596 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-36333 | 1 Dell | 1 Emc Cloud Link | 2021-11-26 | 2.1 LOW | 5.5 MEDIUM |
| Dell EMC CloudLink 7.1 and all prior versions contain a Buffer Overflow Vulnerability. A local low privileged attacker, may potentially exploit this vulnerability, leading to an application crash. | |||||
| CVE-2021-37726 | 2 Arubanetworks, Siemens | 3 Aruba Instant, Scalance W1750d, Scalance W1750d Firmware | 2021-11-24 | 10.0 HIGH | 9.8 CRITICAL |
| A remote buffer overflow vulnerability was discovered in HPE Aruba Instant (IAP) version(s): Aruba Instant 8.7.x.x: 8.7.0.0 through 8.7.1.2. Aruba has released patches for Aruba Instant (IAP) that address this security vulnerability. | |||||
| CVE-2020-24633 | 1 Arubanetworks | 15 7005, 7008, 7010 and 12 more | 2021-11-18 | 10.0 HIGH | 9.8 CRITICAL |
| There are multiple buffer overflow vulnerabilities that could lead to unauthenticated remote code execution by sending especially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211) of access-points or controllers in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1, 2.2.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below. | |||||
| CVE-2020-15173 | 1 Accel-ppp | 1 Accel-ppp | 2021-11-18 | 7.5 HIGH | 9.8 CRITICAL |
| In ACCEL-PPP (an implementation of PPTP/PPPoE/L2TP/SSTP), there is a buffer overflow when receiving an l2tp control packet ith an AVP which type is a string and no hidden flags, length set to less than 6. If your application is used in open networks or there are untrusted nodes in the network it is highly recommended to apply the patch. The problem was patched with commit 2324bcd5ba12cf28f47357a8f03cd41b7c04c52b As a workaround changes of commit 2324bcd5ba12cf28f47357a8f03cd41b7c04c52b can be applied to older versions. | |||||
| CVE-2021-42731 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2021-11-17 | 9.3 HIGH | 7.8 HIGH |
| Adobe InDesign versions 16.4 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-3790 | 1 Binatoneglobal | 42 Cn28, Cn28 Firmware, Cn40 and 39 more | 2021-11-16 | 3.3 LOW | 6.5 MEDIUM |
| A buffer overflow was reported in the local web server of some Motorola-branded Binatone Hubble Cameras that could allow an unauthenticated attacker on the same network to perform a denial-of-service attack against the device. | |||||
| CVE-2021-30321 | 1 Qualcomm | 46 Aqt1000, Aqt1000 Firmware, Qca1062 and 43 more | 2021-11-16 | 10.0 HIGH | 9.8 CRITICAL |
| Possible buffer overflow due to lack of parameter length check during MBSSID scan IE parse in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity | |||||
| CVE-2021-42774 | 1 Broadcom | 1 Emulex Hba Manager | 2021-11-15 | 7.5 HIGH | 9.8 CRITICAL |
| Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, have a buffer overflow vulnerability in the remote firmware download feature that could allow remote unauthenticated users to perform various attacks. In non-secure mode, the user is unauthenticated. | |||||
| CVE-2019-16240 | 1 Hp | 88 Officejet Pro 8210 D9l63a, Officejet Pro 8210 D9l63a Firmware, Officejet Pro 8210 D9l64a and 85 more | 2021-11-15 | 5.8 MEDIUM | 9.1 CRITICAL |
| A Buffer Overflow and Information Disclosure issue exists in HP OfficeJet Pro Printers before 001.1937C, and HP PageWide Managed Printers and HP PageWide Pro Printers before 001.1937D exists; A maliciously crafted print file might cause certain HP Inkjet printers to assert. Under certain circumstances, the printer produces a core dump to a local device. | |||||
| CVE-2020-23890 | 1 Wildbit-soft | 1 Wildbit Viewer | 2021-11-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| A buffer overflow in WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted JPG file. Related to Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at JPGCodec+0x753648. | |||||
| CVE-2020-23900 | 1 Wildbit-soft | 1 Wildbit Viewer | 2021-11-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| A buffer overflow in WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tga file. Related to Data from Faulting Address controls Code Flow starting at Editor!TMethodImplementationIntercept+0x57a3b. | |||||
| CVE-2020-23902 | 1 Wildbit-soft | 1 Wildbit Viewer | 2021-11-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| A buffer overflow in WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tga file. Related to Data from Faulting Address may be used as a return value starting at Editor!TMethodImplementationIntercept+0x528a3. | |||||
| CVE-2020-23884 | 1 Nomacs | 1 Nomacs | 2021-11-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| A buffer overflow in Nomacs v3.15.0 allows attackers to cause a denial of service (DoS) via a crafted MNG file. | |||||
| CVE-2021-42772 | 1 Broadcom | 2 Emulex Hba Manager, One Command Manager | 2021-11-12 | 6.8 MEDIUM | 9.8 CRITICAL |
| Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, have a buffer overflow vulnerability in the remote GetDumpFile command that could allow a user to attempt various attacks. In non-secure mode, the user is unauthenticated | |||||
| CVE-2012-2089 | 2 F5, Fedoraproject | 2 Nginx, Fedora | 2021-11-10 | 6.8 MEDIUM | N/A |
| Buffer overflow in ngx_http_mp4_module.c in the ngx_http_mp4_module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted MP4 file. | |||||
| CVE-2021-42624 | 1 Miniftpd Project | 1 Miniftpd | 2021-11-08 | 4.6 MEDIUM | 7.8 HIGH |
| A local buffer overflow vulnerability exists in the latest version of Miniftpd in ftpproto.c through the tmp variable, where a crafted payload can be sent to the affected function. | |||||
| CVE-2020-22035 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2021-11-05 | 6.8 MEDIUM | 8.8 HIGH |
| A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in get_block_row at libavfilter/vf_bm3d.c, which might lead to memory corruption and other potential consequences. | |||||
| CVE-2020-22019 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2021-11-05 | 4.3 MEDIUM | 6.5 MEDIUM |
| Buffer Overflow vulnerability in FFmpeg 4.2 at convolution_y_10bit in libavfilter/vf_vmafmotion.c, which could let a remote malicious user cause a Denial of Service. | |||||
| CVE-2020-22020 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2021-11-05 | 4.3 MEDIUM | 6.5 MEDIUM |
| Buffer Overflow vulnerability in FFmpeg 4.2 in the build_diff_map function in libavfilter/vf_fieldmatch.c, which could let a remote malicious user cause a Denial of Service. | |||||
| CVE-2020-22015 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2021-11-05 | 6.8 MEDIUM | 8.8 HIGH |
| Buffer Overflow vulnerability in FFmpeg 4.2 in mov_write_video_tag due to the out of bounds in libavformat/movenc.c, which could let a remote malicious user obtain sensitive information, cause a Denial of Service, or execute arbitrary code. | |||||