Search Results (362966 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-29369 1 Gnuplot Project 1 Gnuplot 2024-11-21 9.8 Critical
The gnuplot package prior to version 0.1.0 for Node.js allows code execution via shell metacharacters in Gnuplot commands.
CVE-2021-29367 1 Irfanview 1 Irfanview 2024-11-21 7.8 High
A buffer overflow vulnerability in WPG+0x1dda of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted WPG file.
CVE-2021-29366 1 Irfanview 1 Irfanview 2024-11-21 7.8 High
A buffer overflow vulnerability in FORMATS!GetPlugInInfo+0x2de9 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.
CVE-2021-29365 1 Irfanview 1 Irfanview 2024-11-21 5.5 Medium
Irfanview 4.57 is affected by an infinite loop when processing a crafted BMP file in the EFFECTS!AutoCrop_W component. This can cause a denial of service (DOS).
CVE-2021-29364 1 Irfanview 1 Irfanview 2024-11-21 7.8 High
A buffer overflow vulnerability in Formats!ReadRAS_W+0x1001 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.
CVE-2021-29363 1 Irfanview 1 Irfanview 2024-11-21 7.8 High
A buffer overflow vulnerability in FORMATS!ReadRAS_W+0xa74 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.0xa74
CVE-2021-29362 1 Irfanview 1 Irfanview 2024-11-21 7.8 High
A buffer overflow vulnerability in FORMATS!ReadRAS_W+0xa30 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.
CVE-2021-29361 1 Irfanview 1 Irfanview 2024-11-21 7.8 High
A buffer overflow vulnerability in FORMATS!Read_Utah_RLE+0x340 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.
CVE-2021-29360 1 Irfanview 1 Irfanview 2024-11-21 7.8 High
A buffer overflow vulnerability in FORMATS!Read_Utah_RLE+0x37a of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.
CVE-2021-29358 1 Irfanview 1 Irfanview 2024-11-21 5.5 Medium
A buffer overflow vulnerability in FORMATS!ReadPVR_W+0xfa of Irfanview 4.57 allows attackers to cause a denial of service (DOS) via a crafted PVR file.
CVE-2021-29357 1 Outsystems 3 Lifetime Management Console, Outsystems, Platform Server 2024-11-21 8.6 High
The ECT Provider component in OutSystems Platform Server 10 before 10.0.1104.0 and 11 before 11.9.0 (and LifeTime management console before 11.7.0) allows SSRF for arbitrary outbound HTTP requests.
CVE-2021-29350 1 Shipment 100-design Material Download System Project 1 Shipment 100-design Material Download System 2024-11-21 7.2 High
SQL injection in the getip function in conn/function.php in 发货100-设计素材下载系统 1.1 allows remote attackers to inject arbitrary SQL commands via the X-Forwarded-For header to admin/product_add.php.
CVE-2021-29349 1 Mahara 1 Mahara 2024-11-21 6.5 Medium
Mahara 20.10 is affected by Cross Site Request Forgery (CSRF) that allows a remote attacker to remove inbox-mail on the server. The application fails to validate the CSRF token for a POST request. An attacker can craft a module/multirecipientnotification/inbox.php pieform_delete_all_notifications request, which leads to removing all messages from a mailbox.
CVE-2021-29343 1 Ovidentia 1 Ovidentia 2024-11-21 5.4 Medium
Ovidentia CMS 6.x contains a SQL injection vulnerability in the "id" parameter of index.php. The "checkbox" property into "text" data can be extracted and displayed in the text region or in source code.
CVE-2021-29337 1 Msi 1 Dragon Center 2024-11-21 7.8 High
MODAPI.sys in MSI Dragon Center 2.0.104.0 allows low-privileged users to access kernel memory and potentially escalate privileges via a crafted IOCTL 0x9c406104 call. This IOCTL provides the MmMapIoSpace feature for mapping physical memory.
CVE-2021-29329 1 Moddable 1 Moddable 2024-11-21 7.8 High
OpenSource Moddable v10.5.0 was discovered to contain a stack overflow in the fxBinaryExpressionNodeDistribute function at /moddable/xs/sources/xsTree.c.
CVE-2021-29328 1 Moddable 1 Moddable 2024-11-21 7.1 High
OpenSource Moddable v10.5.0 was discovered to contain buffer over-read in the fxDebugThrow function at /moddable/xs/sources/xsDebug.c.
CVE-2021-29327 1 Moddable 1 Moddable 2024-11-21 7.8 High
OpenSource Moddable v10.5.0 was discovered to contain a heap buffer overflow in the fx_ArrayBuffer function at /moddable/xs/sources/xsDataView.c.
CVE-2021-29326 1 Moddable 1 Moddable 2024-11-21 7.8 High
OpenSource Moddable v10.5.0 was discovered to contain a heap buffer overflow in the fxIDToString function at /moddable/xs/sources/xsSymbol.c.
CVE-2021-29325 1 Moddable 1 Moddable 2024-11-21 7.8 High
OpenSource Moddable v10.5.0 was discovered to contain a heap buffer overflow in the fx_String_prototype_repeat function at /moddable/xs/sources/xsString.c.