Total
7966 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-0427 | 1 Google | 1 Android | 2021-04-16 | 4.6 MEDIUM | 7.8 HIGH |
| In parseExclusiveStateAnnotation of LogEvent.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-174488848 | |||||
| CVE-2021-0439 | 1 Google | 1 Android | 2021-04-16 | 4.6 MEDIUM | 7.8 HIGH |
| In setPowerModeWithHandle of com_android_server_power_PowerManagerService.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-174243830 | |||||
| CVE-2021-24026 | 1 Whatsapp | 2 Whatsapp, Whatsapp Business | 2021-04-15 | 10.0 HIGH | 9.8 CRITICAL |
| A missing bounds check within the audio decoding pipeline for WhatsApp calls in WhatsApp for Android prior to v2.21.3, WhatsApp Business for Android prior to v2.21.3, WhatsApp for iOS prior to v2.21.32, and WhatsApp Business for iOS prior to v2.21.32 could have allowed an out-of-bounds write. | |||||
| CVE-2020-10015 | 1 Apple | 2 Mac Os X, Macos | 2021-04-13 | 9.3 HIGH | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2021-1744 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2021-04-12 | 9.3 HIGH | 7.8 HIGH |
| An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code execution. | |||||
| CVE-2021-1776 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2021-04-09 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted font file may lead to arbitrary code execution. | |||||
| CVE-2021-1747 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2021-04-08 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing maliciously crafted web content may lead to code execution. | |||||
| CVE-2018-17916 | 1 Aveva | 3 Edge, Indusoft Web Studio, Intouch Machine Edition 2014 | 2021-04-08 | 10.0 HIGH | 9.8 CRITICAL |
| InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2. A remote attacker could send a carefully crafted packet to exploit a stack-based buffer overflow vulnerability during tag, alarm, or event related actions such as read and write, with potential for code to be executed. If InduSoft Web Studio remote communication security was not enabled, or a password was left blank, a remote user could send a carefully crafted packet to invoke an arbitrary process, with potential for code to be executed. The code would be executed under the privileges of the InduSoft Web Studio or InTouch Edge HMI runtime and could lead to a compromise of the InduSoft Web Studio or InTouch Edge HMI server machine. | |||||
| CVE-2020-29611 | 1 Apple | 7 Icloud, Ipados, Iphone Os and 4 more | 2021-04-08 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, iCloud for Windows 12.0, watchOS 7.2. Processing a maliciously crafted image may lead to arbitrary code execution. | |||||
| CVE-2020-27952 | 1 Apple | 2 Mac Os X, Macos | 2021-04-08 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1. Processing a maliciously crafted font file may lead to arbitrary code execution. | |||||
| CVE-2020-27948 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2021-04-08 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in watchOS 7.2, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. Processing a maliciously crafted audio file may lead to arbitrary code execution. | |||||
| CVE-2020-29612 | 1 Apple | 2 Mac Os X, Macos | 2021-04-08 | 9.3 HIGH | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. A malicious application may be able to execute arbitrary code with system privileges. | |||||
| CVE-2021-1796 | 1 Apple | 2 Ipad Os, Iphone Os | 2021-04-07 | 7.5 HIGH | 9.8 CRITICAL |
| An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. | |||||
| CVE-2021-1795 | 1 Apple | 2 Ipad Os, Iphone Os | 2021-04-07 | 7.5 HIGH | 9.8 CRITICAL |
| An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. | |||||
| CVE-2020-9955 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2021-04-07 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in watchOS 7.0, tvOS 14.0, iOS 14.0 and iPadOS 14.0, macOS Big Sur 11.0.1. Processing a maliciously crafted image may lead to arbitrary code execution. | |||||
| CVE-2014-3676 | 1 Redhat | 1 Shim | 2021-04-07 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in Shim allows remote attackers to execute arbitrary code via a crafted IPv6 address, related to the "tftp:// DHCPv6 boot option." | |||||
| CVE-2020-27919 | 1 Apple | 1 Mac Os X | 2021-04-06 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1. Processing a maliciously crafted image may lead to arbitrary code execution. | |||||
| CVE-2021-29941 | 1 Reorder Project | 1 Reorder | 2021-04-06 | 7.5 HIGH | 7.3 HIGH |
| An issue was discovered in the reorder crate through 2021-02-24 for Rust. swap_index has an out-of-bounds write if an iterator returns a len() that is too small. | |||||
| CVE-2021-29942 | 1 Reorder Project | 1 Reorder | 2021-04-06 | 7.5 HIGH | 7.3 HIGH |
| An issue was discovered in the reorder crate through 2021-02-24 for Rust. swap_index can return uninitialized values if an iterator returns a len() that is too large. | |||||
| CVE-2021-29930 | 1 Arenavec Project | 1 Arenavec | 2021-04-06 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the arenavec crate through 2021-01-12 for Rust. A drop of uninitialized memory can sometimes occur upon a panic in T::default(). | |||||