Total
2602 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-42980 | 1 Nomachine | 1 Cloud Server | 2021-12-08 | 7.2 HIGH | 8.8 HIGH |
| NoMachine Cloud Server is affected by Buffer Overflow. IOCTL Handler 0x22001B in the NoMachine Cloud Server above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet. | |||||
| CVE-2021-42983 | 1 Nomachine | 1 Enterprise Client | 2021-12-08 | 7.2 HIGH | 8.8 HIGH |
| NoMachine Enterprise Client is affected by Buffer Overflow. IOCTL Handler 0x22001B in the NoMachine Enterprise Client above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet. | |||||
| CVE-2021-42972 | 1 Nomachine | 1 Server | 2021-12-08 | 7.2 HIGH | 8.8 HIGH |
| NoMachine Server is affected by Buffer Overflow. IOCTL Handler 0x22001B in the NoMachine Server above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet. | |||||
| CVE-2021-26777 | 1 Circutor | 2 Compact Dc-s Basic, Compact Dc-s Basic Firmware | 2021-12-06 | 10.0 HIGH | 9.8 CRITICAL |
| Buffer overflow vulnerability in function SetFirewall in index.cgi in CIRCUTOR COMPACT DC-S BASIC smart metering concentrator Firwmare version CIR_CDC_v1.2.17, allows attackers to execute arbitrary code. | |||||
| CVE-2021-20852 | 1 Elecom | 4 Wrh-733gbk, Wrh-733gbk Firmware, Wrh-733gwh and 1 more | 2021-12-02 | 5.2 MEDIUM | 6.8 MEDIUM |
| Buffer overflow vulnerability in ELECOM LAN routers (WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and prior) allows a network-adjacent attacker with an administrator privilege to execute an arbitrary OS command via unspecified vectors. | |||||
| CVE-2017-12601 | 2 Debian, Opencv | 2 Debian Linux, Opencv | 2021-11-30 | 6.8 MEDIUM | 8.8 HIGH |
| OpenCV (Open Source Computer Vision Library) through 3.3 has a buffer overflow in the cv::BmpDecoder::readData function in modules/imgcodecs/src/grfmt_bmp.cpp when reading an image file by using cv::imread, as demonstrated by the 4-buf-overflow-readData-memcpy test case. | |||||
| CVE-2021-41054 | 2 Atftp Project, Debian | 2 Atftp, Debian Linux | 2021-11-30 | 5.0 MEDIUM | 7.5 HIGH |
| tftpd_file.c in atftp through 0.7.4 has a buffer overflow because buffer-size handling does not properly consider the combination of data, OACK, and other options. | |||||
| CVE-2021-44428 | 1 Ipuptime | 1 Pinkie | 2021-11-30 | 5.0 MEDIUM | 7.5 HIGH |
| Pinkie 2.15 allows remote attackers to cause a denial of service (daemon crash) via a TFTP read (RRQ) request, aka opcode 1. | |||||
| CVE-2021-44429 | 1 Vercot | 1 Serva | 2021-11-30 | 5.0 MEDIUM | 7.5 HIGH |
| Serva 4.4.0 allows remote attackers to cause a denial of service (daemon crash) via a TFTP read (RRQ) request, aka opcode 1, a related issue to CVE-2013-0145. | |||||
| CVE-2021-42785 | 1 Tightvnc | 1 Tightvnc | 2021-11-29 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer Overflow vulnerability in tvnviewer.exe of TightVNC Viewer allows a remote attacker to execute arbitrary instructions via a crafted FramebufferUpdate packet from a VNC server. | |||||
| CVE-2021-36333 | 1 Dell | 1 Emc Cloud Link | 2021-11-27 | 2.1 LOW | 5.5 MEDIUM |
| Dell EMC CloudLink 7.1 and all prior versions contain a Buffer Overflow Vulnerability. A local low privileged attacker, may potentially exploit this vulnerability, leading to an application crash. | |||||
| CVE-2021-37726 | 2 Arubanetworks, Siemens | 3 Aruba Instant, Scalance W1750d, Scalance W1750d Firmware | 2021-11-24 | 10.0 HIGH | 9.8 CRITICAL |
| A remote buffer overflow vulnerability was discovered in HPE Aruba Instant (IAP) version(s): Aruba Instant 8.7.x.x: 8.7.0.0 through 8.7.1.2. Aruba has released patches for Aruba Instant (IAP) that address this security vulnerability. | |||||
| CVE-2020-24633 | 1 Arubanetworks | 15 7005, 7008, 7010 and 12 more | 2021-11-18 | 10.0 HIGH | 9.8 CRITICAL |
| There are multiple buffer overflow vulnerabilities that could lead to unauthenticated remote code execution by sending especially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211) of access-points or controllers in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1, 2.2.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below. | |||||
| CVE-2020-15173 | 1 Accel-ppp | 1 Accel-ppp | 2021-11-18 | 7.5 HIGH | 9.8 CRITICAL |
| In ACCEL-PPP (an implementation of PPTP/PPPoE/L2TP/SSTP), there is a buffer overflow when receiving an l2tp control packet ith an AVP which type is a string and no hidden flags, length set to less than 6. If your application is used in open networks or there are untrusted nodes in the network it is highly recommended to apply the patch. The problem was patched with commit 2324bcd5ba12cf28f47357a8f03cd41b7c04c52b As a workaround changes of commit 2324bcd5ba12cf28f47357a8f03cd41b7c04c52b can be applied to older versions. | |||||
| CVE-2021-42731 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2021-11-17 | 9.3 HIGH | 7.8 HIGH |
| Adobe InDesign versions 16.4 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-3790 | 1 Binatoneglobal | 42 Cn28, Cn28 Firmware, Cn40 and 39 more | 2021-11-16 | 3.3 LOW | 6.5 MEDIUM |
| A buffer overflow was reported in the local web server of some Motorola-branded Binatone Hubble Cameras that could allow an unauthenticated attacker on the same network to perform a denial-of-service attack against the device. | |||||
| CVE-2021-30321 | 1 Qualcomm | 46 Aqt1000, Aqt1000 Firmware, Qca1062 and 43 more | 2021-11-16 | 10.0 HIGH | 9.8 CRITICAL |
| Possible buffer overflow due to lack of parameter length check during MBSSID scan IE parse in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity | |||||
| CVE-2021-42774 | 1 Broadcom | 1 Emulex Hba Manager | 2021-11-15 | 7.5 HIGH | 9.8 CRITICAL |
| Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, have a buffer overflow vulnerability in the remote firmware download feature that could allow remote unauthenticated users to perform various attacks. In non-secure mode, the user is unauthenticated. | |||||
| CVE-2019-16240 | 1 Hp | 88 Officejet Pro 8210 D9l63a, Officejet Pro 8210 D9l63a Firmware, Officejet Pro 8210 D9l64a and 85 more | 2021-11-15 | 5.8 MEDIUM | 9.1 CRITICAL |
| A Buffer Overflow and Information Disclosure issue exists in HP OfficeJet Pro Printers before 001.1937C, and HP PageWide Managed Printers and HP PageWide Pro Printers before 001.1937D exists; A maliciously crafted print file might cause certain HP Inkjet printers to assert. Under certain circumstances, the printer produces a core dump to a local device. | |||||
| CVE-2020-23890 | 1 Wildbit-soft | 1 Wildbit Viewer | 2021-11-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| A buffer overflow in WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted JPG file. Related to Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at JPGCodec+0x753648. | |||||