Search Results (363638 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-33451 1 Long Range Zip Project 1 Long Range Zip 2024-11-21 5.5 Medium
An issue was discovered in lrzip version 0.641. There are memory leaks in fill_buffer() in stream.c.
CVE-2021-33450 1 Nasm 1 Netwide Assembler 2024-11-21 5.5 Medium
An issue was discovered in NASM version 2.16rc0. There are memory leaks in nasm_calloc() in nasmlib/alloc.c.
CVE-2021-33449 1 Cesanta 1 Mjs 2024-11-21 5.5 Medium
An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_bcode_part_get_by_offset() in mjs.c.
CVE-2021-33448 1 Cesanta 1 Mjs 2024-11-21 5.5 Medium
An issue was discovered in mjs(mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is stack buffer overflow at 0x7fffe9049390.
CVE-2021-33447 1 Cesanta 1 Mjs 2024-11-21 5.5 Medium
An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_print() in mjs.c.
CVE-2021-33446 1 Cesanta 1 Mjs 2024-11-21 5.5 Medium
An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_next() in mjs.c.
CVE-2021-33445 1 Cesanta 1 Mjs 2024-11-21 5.5 Medium
An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_string_char_code_at() in mjs.c.
CVE-2021-33444 1 Cesanta 1 Mjs 2024-11-21 5.5 Medium
An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in getprop_builtin_foreign() in mjs.c.
CVE-2021-33443 1 Cesanta 1 Mjs 2024-11-21 5.5 Medium
An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is stack buffer overflow in mjs_execute() in mjs.c.
CVE-2021-33442 1 Cesanta 1 Mjs 2024-11-21 5.5 Medium
An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in json_printf() in mjs.c.
CVE-2021-33441 1 Cesanta 1 Mjs 2024-11-21 5.5 Medium
An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in exec_expr() in mjs.c.
CVE-2021-33440 1 Cesanta 1 Mjs 2024-11-21 5.5 Medium
An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_bcode_commit() in mjs.c.
CVE-2021-33439 1 Cesanta 1 Mjs 2024-11-21 5.5 Medium
An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is Integer overflow in gc_compact_strings() in mjs.c.
CVE-2021-33438 1 Cesanta 1 Mjs 2024-11-21 5.5 Medium
An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is stack buffer overflow in json_parse_array() in mjs.c.
CVE-2021-33437 1 Cesanta 1 Mjs 2024-11-21 5.5 Medium
An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There are memory leaks in frozen_cb() in mjs.c.
CVE-2021-33436 2 Microsoft, Nomachine 2 Windows, Nomachine 2024-11-21 7.3 High
NoMachine for Windows prior to version 6.15.1 and 7.5.2 suffer from local privilege escalation due to the lack of safe DLL loading. This vulnerability allows local non-privileged users to perform DLL Hijacking via any writable directory listed under the system path and ultimately execute code as NT AUTHORITY\SYSTEM.
CVE-2021-33430 2 Numpy, Redhat 2 Numpy, Openstack 2024-11-21 5.3 Medium
A Buffer Overflow vulnerability exists in NumPy 1.9.x in the PyArray_NewFromDescr_int function of ctors.c when specifying arrays of large dimensions (over 32) from Python code, which could let a malicious user cause a Denial of Service. NOTE: The vendor does not agree this is a vulneraility; In (very limited) circumstances a user may be able provoke the buffer overflow, the user is most likely already privileged to at least provoke denial of service by exhausting memory. Triggering this further requires the use of uncommon API (complicated structured dtypes), which is very unlikely to be available to an unprivileged user
CVE-2021-33425 1 Openwrt 1 Openwrt 2024-11-21 5.4 Medium
A stored cross-site scripting (XSS) vulnerability was discovered in the Web Interface for OpenWRT LuCI version 19.07 which allows attackers to inject arbitrary Javascript in the OpenWRT Hostname via the Hostname Change operation.
CVE-2021-33408 1 Abinitio 1 Control\>center 2024-11-21 6.5 Medium
Local File Inclusion vulnerability in Ab Initio Control>Center before 4.0.2.6 allows remote attackers to retrieve arbitrary files. Fixed in v4.0.2.6 and v4.0.3.1.
CVE-2021-33403 1 Blocklancertoken Project 1 Blocklancertoken 2024-11-21 7.5 High
An integer overflow in the transfer function of a smart contract implementation for Lancer Token, an Ethereum ERC20 token, allows the owner to cause unexpected financial losses between two large accounts during a transaction.