Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-28619 | 2 Adobe, Microsoft | 2 Animate, Windows | 2021-08-30 | 4.3 MEDIUM | 5.5 MEDIUM |
| Adobe Animate version 21.0.6 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-28620 | 2 Adobe, Microsoft | 2 Animate, Windows | 2021-08-30 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Animate version 21.0.6 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-28621 | 2 Adobe, Microsoft | 2 Animate, Windows | 2021-08-30 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Animate version 21.0.6 (and earlier) is affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-28622 | 2 Adobe, Microsoft | 2 Animate, Windows | 2021-08-30 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Animate version 21.0.6 (and earlier) is affected by an Out-of-bounds Write vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-28630 | 2 Adobe, Microsoft | 2 Animate, Windows | 2021-08-30 | 6.8 MEDIUM | 3.3 LOW |
| Adobe Animate version 21.0.6 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose potential sensitive information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-28629 | 2 Adobe, Microsoft | 2 Animate, Windows | 2021-08-30 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Animate version 21.0.6 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-28614 | 2 Adobe, Microsoft | 2 After Effects, Windows | 2021-08-30 | 5.8 MEDIUM | 7.1 HIGH |
| Adobe After Effects version 18.2 (and earlier) is affected by an Our-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive memory information and cause a denial of service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-28612 | 2 Adobe, Microsoft | 2 After Effects, Windows | 2021-08-30 | 5.8 MEDIUM | 7.1 HIGH |
| Adobe After Effects version 18.2 (and earlier) is affected by an Our-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive memory information and cause a denial of service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2020-18917 | 1 Dedecms | 1 Dedecms | 2021-08-30 | 6.8 MEDIUM | 8.8 HIGH |
| The plus/search.php component in DedeCMS 5.7 SP2 allows remote attackers to execute arbitrary PHP code via the typename parameter because the contents of typename.inc are under an attacker's control. | |||||
| CVE-2021-40083 | 1 Nic | 1 Knot Resolver | 2021-08-30 | 5.0 MEDIUM | 7.5 HIGH |
| Knot Resolver before 5.3.2 is prone to an assertion failure, triggerable by a remote attacker in an edge case (NSEC3 with too many iterations used for a positive wildcard proof). | |||||
| CVE-2021-23406 | 1 Pac-resolver Project | 1 Pac-resolver | 2021-08-30 | 7.5 HIGH | 9.8 CRITICAL |
| This affects the package pac-resolver before 5.0.0. This can occur when used with untrusted input, due to unsafe PAC file handling. **NOTE:** The fix for this vulnerability is applied in the node-degenerator library, a dependency written by the same maintainer. | |||||
| CVE-2021-39602 | 1 Miniftpd Project | 1 Miniftpd | 2021-08-30 | 4.0 MEDIUM | 6.5 MEDIUM |
| A Buffer Overflow vulnerabilty exists in Miniftpd 1.0 in the do_mkd function in the ftpproto.c file, which could let a remote malicious user cause a Denial of Service. | |||||
| CVE-2021-28596 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2021-08-30 | 9.3 HIGH | 7.8 HIGH |
| Adobe Framemaker version 2020.0.1 (and earlier) and 2019.0.8 (and earlier) are affected by an Out-of-bounds Write vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-36013 | 1 Adobe | 1 Media Encoder | 2021-08-30 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Media Encoder version 15.2 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-39361 | 1 Gnome | 1 Evolution-rss | 2021-08-30 | 4.3 MEDIUM | 5.9 MEDIUM |
| In GNOME evolution-rss through 0.3.96, network-soup.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011. | |||||
| CVE-2021-39599 | 1 Cxuu | 1 Cxuucms | 2021-08-30 | 4.3 MEDIUM | 6.1 MEDIUM |
| Multiple Cross Site Scripting (XSS) vulnerabilities exists in CXUUCMS 3.1 in the search and c parameters in (1) public/search.php and in the (2) c parameter in admin.php. | |||||
| CVE-2021-39362 | 1 Recaptcha Solver Project | 1 Recaptcha Solver | 2021-08-30 | 4.3 MEDIUM | 6.1 MEDIUM |
| An XSS issue was discovered in ReCaptcha Solver 5.7. A response from Anti-Captcha.com, RuCaptcha.com, 2captcha.com, DEATHbyCAPTCHA.com, ImageTyperz.com, or BestCaptchaSolver.com in setCaptchaCode() is inserted into the DOM as HTML, resulting in full control over the user's browser by these servers. | |||||
| CVE-2008-0149 | 1 Tutos | 1 Tutos | 2021-08-30 | 5.0 MEDIUM | N/A |
| TUTOS 1.3 allows remote attackers to read system information via a direct request to php/admin/phpinfo.php, which calls the phpinfo function. | |||||
| CVE-2021-3617 | 1 Lenovo | 6 Smart Camera C2e, Smart Camera C2e Firmware, Smart Camera X3 and 3 more | 2021-08-30 | 6.5 MEDIUM | 7.2 HIGH |
| A vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E that could allow command injection by setting a specially crafted network configuration. This vulnerability is the same as CNVD-2020-68652. | |||||
| CVE-2021-3616 | 1 Lenovo | 6 Smart Camera C2e, Smart Camera C2e Firmware, Smart Camera X3 and 3 more | 2021-08-30 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E that could allow an unauthorized user to view device information, alter firmware content and device configuration. This vulnerability is the same as CNVD-2020-68651. | |||||