Search Results (363502 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-40453 1 Microsoft 1 Hevc Video Extensions 2024-11-21 7.8 High
HEVC Video Extensions Remote Code Execution Vulnerability
CVE-2021-40452 1 Microsoft 1 Hevc Video Extensions 2024-11-21 7.8 High
HEVC Video Extensions Remote Code Execution Vulnerability
CVE-2021-40448 1 Microsoft 1 Accessibility Insights For Android 2024-11-21 6.3 Medium
Microsoft Accessibility Insights for Android Information Disclosure Vulnerability
CVE-2021-40447 1 Microsoft 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more 2024-11-21 7.8 High
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2021-40443 1 Microsoft 23 Windows 10, Windows 10 1507, Windows 10 1607 and 20 more 2024-11-21 7.8 High
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2021-40442 1 Microsoft 8 365 Apps, Excel, Office and 5 more 2024-11-21 7.8 High
Microsoft Excel Remote Code Execution Vulnerability
CVE-2021-40441 1 Microsoft 7 Windows 7, Windows 8.1, Windows Rt 8.1 and 4 more 2024-11-21 7.8 High
Windows Media Center Elevation of Privilege Vulnerability
CVE-2021-40440 1 Microsoft 1 Dynamics 365 Business Central 2024-11-21 5.4 Medium
Microsoft Dynamics Business Central Cross-site Scripting Vulnerability
CVE-2021-40439 1 Apache 1 Openoffice 2024-11-21 6.5 Medium
Apache OpenOffice has a dependency on expat software. Versions prior to 2.1.0 were subject to CVE-2013-0340 a "Billion Laughs" entity expansion denial of service attack and exploit via crafted XML files. ODF files consist of a set of XML files. All versions of Apache OpenOffice up to 4.1.10 are subject to this issue. expat in version 4.1.11 is patched.
CVE-2021-40418 1 Blackmagicdesign 1 Davinci Resolve 2024-11-21 9.8 Critical
When parsing a file that is submitted to the DPDecoder service as a job, the R3D SDK will mistakenly skip over the assignment of a property containing an object referring to a UUID that was parsed from a frame within the video container. Upon destruction of the object that owns it, the uninitialized member will be dereferenced and then destroyed using the object’s virtual destructor. Due to the object property being uninitialized, this can result in dereferencing an arbitrary pointer for the object’s virtual method table, which can result in code execution under the context of the application.
CVE-2021-40417 1 Blackmagicdesign 1 Davinci Resolve 2024-11-21 9.8 Critical
When parsing a file that is submitted to the DPDecoder service as a job, the service will use the combination of decoding parameters that were submitted with the job along with fields that were parsed for the submitted video by the R3D SDK to calculate the size of a heap buffer. Due to an integer overflow with regards to this calculation, this can result in an undersized heap buffer being allocated. When this heap buffer is written to, a heap-based buffer overflow will occur. This can result in code execution under the context of the application.
CVE-2021-40394 2 Debian, Gerbv Project 2 Debian Linux, Gerbv 2024-11-21 9.8 Critical
An out-of-bounds write vulnerability exists in the RS-274X aperture macro variables handling functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and the forked version of Gerbv (commit 71493260). A specially-crafted gerber file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2021-40393 2 Debian, Gerbv Project 2 Debian Linux, Gerbv 2024-11-21 9.8 Critical
An out-of-bounds write vulnerability exists in the RS-274X aperture macro variables handling functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and the forked version of Gerbv (commit 71493260). A specially-crafted gerber file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2021-40391 3 Debian, Fedoraproject, Gerbv Project 3 Debian Linux, Fedora, Gerbv 2024-11-21 9.8 Critical
An out-of-bounds write vulnerability exists in the drill format T-code tool number functionality of Gerbv 2.7.0, dev (commit b5f1eacd), and the forked version of Gerbv (commit 71493260). A specially-crafted drill file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2021-40387 1 Kaseya 1 Unitrends Backup Software 2024-11-21 8.8 High
An issue was discovered in the server software in Kaseya Unitrends Backup Software before 10.5.5-2. There is authenticated remote code execution.
CVE-2021-40386 1 Kaseya 1 Unitrends Backup 2024-11-21 9.8 Critical
Kaseya Unitrends Client/Agent through 10.5,5 allows remote attackers to execute arbitrary code.
CVE-2021-40385 1 Kaseya 1 Unitrends Backup Software 2024-11-21 8.8 High
An issue was discovered in the server software in Kaseya Unitrends Backup Software before 10.5.5-2. There is a privilege escalation from read-only user to admin.
CVE-2021-40382 1 Comprotech 8 Ip570, Ip570 Firmware, Ip60 and 5 more 2024-11-21 7.5 High
An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices. mjpegStreamer.cgi allows video screenshot access.
CVE-2021-40381 1 Comprotech 8 Ip570, Ip570 Firmware, Ip60 and 5 more 2024-11-21 7.5 High
An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices. index_MJpeg.cgi allows video access.
CVE-2021-40380 1 Comprotech 8 Ip570, Ip570 Firmware, Ip60 and 5 more 2024-11-21 7.5 High
An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices. cameralist.cgi and setcamera.cgi disclose credentials.