Total
11736 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-26220 | 1 Ezxml Project | 1 Ezxml | 2021-02-10 | 5.8 MEDIUM | 8.1 HIGH |
| The ezxml_toxml function in ezxml 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool. | |||||
| CVE-2021-26221 | 1 Ezxml Project | 1 Ezxml | 2021-02-10 | 5.8 MEDIUM | 8.1 HIGH |
| The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool. | |||||
| CVE-2021-26222 | 1 Ezxml Project | 1 Ezxml | 2021-02-10 | 5.8 MEDIUM | 8.1 HIGH |
| The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool. | |||||
| CVE-2019-19319 | 3 Linux, Opensuse, Redhat | 3 Linux Kernel, Leap, Enterprise Linux | 2021-02-09 | 4.4 MEDIUM | 6.5 MEDIUM |
| In the Linux kernel before 5.2, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4_xattr_set_entry use-after-free in fs/ext4/xattr.c when a large old_size value is used in a memset call, aka CID-345c0dbf3a30. | |||||
| CVE-2021-3382 | 1 Gitea | 1 Gitea | 2021-02-08 | 5.0 MEDIUM | 7.5 HIGH |
| Stack buffer overflow vulnerability in gitea 1.9.0 through 1.13.1 allows remote attackers to cause a denial of service (crash) via vectors related to a file path. | |||||
| CVE-2020-25857 | 1 Realtek | 2 Rtl8195a, Rtl8195a Firmware | 2021-02-08 | 5.0 MEDIUM | 7.5 HIGH |
| The function ClientEAPOLKeyRecvd() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for an rtl_memcpy() operation, resulting in a stack buffer overflow which can be exploited for denial of service. An attacker can impersonate an Access Point and attack a vulnerable Wi-Fi client, by injecting a crafted packet into the WPA2 handshake. The attacker does not need to know the network's PSK. | |||||
| CVE-2020-1910 | 1 Whatsapp | 2 Whatsapp, Whatsapp Business | 2021-02-08 | 6.8 MEDIUM | 7.8 HIGH |
| A missing bounds check in WhatsApp for Android prior to v2.21.1.13 and WhatsApp Business for Android prior to v2.21.1.13 could have allowed out-of-bounds read and write if a user applied specific image filters to a specially crafted image and sent the resulting image. | |||||
| CVE-2020-25856 | 1 Realtek | 2 Rtl8195a, Rtl8195a Firmware | 2021-02-08 | 6.8 MEDIUM | 8.1 HIGH |
| The function DecWPA2KeyData() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for an rtl_memcpy() operation, resulting in a stack buffer overflow which can be exploited for remote code execution or denial of service. An attacker can impersonate an Access Point and attack a vulnerable Wi-Fi client, by injecting a crafted packet into the WPA2 handshake. The attacker needs to know the network's PSK in order to exploit this. | |||||
| CVE-2020-25855 | 1 Realtek | 2 Rtl8195a, Rtl8195a Firmware | 2021-02-08 | 6.8 MEDIUM | 8.1 HIGH |
| The function AES_UnWRAP() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for a memcpy() operation, resulting in a stack buffer overflow which can be exploited for remote code execution or denial of service. An attacker can impersonate an Access Point and attack a vulnerable Wi-Fi client, by injecting a crafted packet into the WPA2 handshake. The attacker needs to know the network's PSK in order to exploit this. | |||||
| CVE-2020-25854 | 1 Realtek | 2 Rtl8195a, Rtl8195a Firmware | 2021-02-08 | 6.8 MEDIUM | 8.1 HIGH |
| The function DecWPA2KeyData() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for an internal function, rt_arc4_crypt_veneer() or _AES_UnWRAP_veneer(), resulting in a stack buffer overflow which can be exploited for remote code execution or denial of service. An attacker can impersonate an Access Point and attack a vulnerable Wi-Fi client, by injecting a crafted packet into the WPA2 handshake. The attacker needs to know the network's PSK in order to exploit this. | |||||
| CVE-2021-25249 | 2 Microsoft, Trendmicro | 4 Windows, Apex One, Officescan and 1 more | 2021-02-05 | 7.2 HIGH | 7.8 HIGH |
| An out-of-bounds write information disclosure vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
| CVE-2020-1664 | 1 Juniper | 1 Junos | 2021-02-05 | 7.2 HIGH | 7.8 HIGH |
| A stack buffer overflow vulnerability in the device control daemon (DCD) on Juniper Networks Junos OS allows a low privilege local user to create a Denial of Service (DoS) against the daemon or execute arbitrary code in the system with root privilege. This issue affects Juniper Networks Junos OS: 17.3 versions prior to 17.3R3-S9; 17.4 versions prior to 17.4R2-S12, 17.4R3-S3; 18.1 versions prior to 18.1R3-S11; 18.2 versions prior to 18.2R3-S6; 18.2X75 versions prior to 18.2X75-D53, 18.2X75-D65; 18.3 versions prior to 18.3R2-S4, 18.3R3-S4; 18.4 versions prior to 18.4R2-S5, 18.4R3-S5; 19.1 versions prior to 19.1R3-S3; 19.2 versions prior to 19.2R1-S5, 19.2R3; 19.3 versions prior to 19.3R2-S4, 19.3R3; 19.4 versions prior to 19.4R1-S3, 19.4R2-S2, 19.4R3; 20.1 versions prior to 20.1R1-S4, 20.1R2; 20.2 versions prior to 20.2R1-S1, 20.2R2. Versions of Junos OS prior to 17.3 are unaffected by this vulnerability. | |||||
| CVE-2021-0343 | 1 Google | 1 Android | 2021-02-05 | 7.2 HIGH | 6.7 MEDIUM |
| In kisd, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05449962. | |||||
| CVE-2021-0353 | 1 Google | 1 Android | 2021-02-04 | 4.6 MEDIUM | 6.7 MEDIUM |
| In kisd, there is a possible memory corruption due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05425247. | |||||
| CVE-2021-0362 | 1 Google | 1 Android | 2021-02-04 | 4.6 MEDIUM | 6.7 MEDIUM |
| In aee, there is a possible memory corruption due to a stack buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05457070. | |||||
| CVE-2017-17480 | 3 Canonical, Debian, Uclouvain | 3 Ubuntu Linux, Debian Linux, Openjpeg | 2021-02-03 | 7.5 HIGH | 9.8 CRITICAL |
| In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the pgxtovolume function in jp3d/convert.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution. | |||||
| CVE-2020-27297 | 1 Honeywell | 1 Opc Ua Tunneller | 2021-02-03 | 7.5 HIGH | 9.8 CRITICAL |
| The affected product is vulnerable to a heap-based buffer overflow, which may allow an attacker to manipulate memory with controlled values and remotely execute code on the OPC UA Tunneller (versions prior to 6.3.0.8233). | |||||
| CVE-2020-0431 | 2 Google, Opensuse | 2 Android, Leap | 2021-02-03 | 4.6 MEDIUM | 6.7 MEDIUM |
| In kbd_keycode of keyboard.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-144161459 | |||||
| CVE-2020-25844 | 1 Panorama | 1 Nhiservisignadapter | 2021-02-03 | 7.5 HIGH | 9.8 CRITICAL |
| The digest generation function of NHIServiSignAdapter has not been verified for parameter’s length, which leads to a stack overflow loophole. Remote attackers can use the leak to execute code without privilege. | |||||
| CVE-2021-25900 | 1 Servo | 1 Smallvec | 2021-02-02 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the smallvec crate before 0.6.14 and 1.x before 1.6.1 for Rust. There is a heap-based buffer overflow in SmallVec::insert_many. | |||||