Total
11736 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-25832 | 1 Onlyoffice | 1 Document Server | 2021-03-15 | 7.5 HIGH | 9.8 CRITICAL |
| A heap buffer overflow vulnerability inside of BMP image processing was found at [core] module of ONLYOFFICE DocumentServer v4.0.0-9-v6.0.0. Using this vulnerability, an attacker is able to gain remote code executions on DocumentServer. | |||||
| CVE-2020-7553 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2021-03-15 | 6.8 MEDIUM | 7.8 HIGH |
| A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition. | |||||
| CVE-2020-1921 | 1 Facebook | 1 Hhvm | 2021-03-15 | 5.0 MEDIUM | 7.5 HIGH |
| In the crypt function, we attempt to null terminate a buffer using the size of the input salt without validating that the offset is within the buffer. This issue affects HHVM versions prior to 4.56.3, all versions between 4.57.0 and 4.80.1, all versions between 4.81.0 and 4.93.1, and versions 4.94.0, 4.95.0, 4.96.0, 4.97.0, 4.98.0. | |||||
| CVE-2021-0370 | 1 Google | 1 Android | 2021-03-15 | 4.6 MEDIUM | 6.7 MEDIUM |
| In Write of NxpMfcReader.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the NFC server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-169259605 | |||||
| CVE-2021-0456 | 1 Google | 1 Android | 2021-03-15 | 4.6 MEDIUM | 6.7 MEDIUM |
| In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-174769927 | |||||
| CVE-2021-0457 | 1 Google | 1 Android | 2021-03-15 | 4.6 MEDIUM | 6.7 MEDIUM |
| In the FingerTipS touch screen driver, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-157155375 | |||||
| CVE-2021-0461 | 1 Google | 1 Android | 2021-03-15 | 4.6 MEDIUM | 6.7 MEDIUM |
| In iaxxx_core_sensor_change_state of iaxxx-module.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-175124074 | |||||
| CVE-2021-0393 | 1 Google | 1 Android | 2021-03-12 | 6.8 MEDIUM | 7.8 HIGH |
| In Scanner::LiteralBuffer::NewCapacity of scanner.cc, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution if an attacker can supply a malicious PAC file, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-168041375 | |||||
| CVE-2021-0454 | 1 Google | 1 Android | 2021-03-12 | 7.2 HIGH | 6.7 MEDIUM |
| In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-175117047 | |||||
| CVE-2021-0455 | 1 Google | 1 Android | 2021-03-12 | 7.2 HIGH | 6.7 MEDIUM |
| In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-175116439 | |||||
| CVE-2020-16011 | 4 Debian, Google, Microsoft and 1 more | 5 Debian Linux, Chrome, Windows and 2 more | 2021-03-11 | 6.8 MEDIUM | 9.6 CRITICAL |
| Heap buffer overflow in UI in Google Chrome on Windows prior to 86.0.4240.183 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | |||||
| CVE-2021-27799 | 1 Zint | 1 Barcode Generator | 2021-03-10 | 5.0 MEDIUM | 7.5 HIGH |
| ean_leading_zeroes in backend/upcean.c in Zint Barcode Generator 2.9.1 has a stack-based buffer overflow that is reachable from the C API through an application that includes the Zint Barcode Generator library code. | |||||
| CVE-2020-27927 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2021-03-10 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. Processing a maliciously crafted font file may lead to arbitrary code execution. | |||||
| CVE-2020-27916 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2021-03-10 | 9.3 HIGH | 7.8 HIGH |
| An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. Processing a maliciously crafted audio file may lead to arbitrary code execution. | |||||
| CVE-2020-27912 | 1 Apple | 7 Icloud, Ipados, Iphone Os and 4 more | 2021-03-10 | 9.3 HIGH | 7.8 HIGH |
| An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, tvOS 14.2, iTunes 12.11 for Windows. Processing a maliciously crafted image may lead to arbitrary code execution. | |||||
| CVE-2021-22666 | 1 Fatek | 1 Fvdesigner | 2021-03-09 | 6.8 MEDIUM | 7.8 HIGH |
| Fatek FvDesigner Version 1.5.76 and prior is vulnerable to a stack-based buffer overflow while project files are being processed, allowing an attacker to craft a special project file that may permit arbitrary code execution. | |||||
| CVE-2021-22683 | 1 Fatek | 1 Fvdesigner | 2021-03-09 | 6.8 MEDIUM | 7.8 HIGH |
| Fatek FvDesigner Version 1.5.76 and prior is vulnerable to an out-of-bounds write while processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution. | |||||
| CVE-2020-27275 | 1 Deltaww | 1 Dopsoft | 2021-03-09 | 9.3 HIGH | 7.8 HIGH |
| Delta Electronics DOPSoft Version 4.0.8.21 and prior is vulnerable to an out-of-bounds write while processing project files, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2020-27281 | 1 Deltaww | 1 Cncsoft Screeneditor | 2021-03-09 | 6.8 MEDIUM | 7.8 HIGH |
| A stack-based buffer overflow may exist in Delta Electronics CNCSoft ScreenEditor versions 1.01.26 and prior when processing specially crafted project files, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2020-27287 | 1 Deltaww | 1 Cncsoft-b | 2021-03-09 | 6.8 MEDIUM | 7.8 HIGH |
| Delta Electronics CNCSoft-B Versions 1.0.0.2 and prior is vulnerable to an out-of-bounds write while processing project files, which may allow an attacker to execute arbitrary code. | |||||