Search Results (367167 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-44423 1 Opendesign 1 Drawings Explorer 2024-11-21 7.8 High
An out-of-bounds read vulnerability exists when reading a BMP file using Open Design Alliance (ODA) Drawings Explorer before 2022.12. The specific issue exists after loading BMP files. Unchecked input data from a crafted BMP file leads to an out-of-bounds read. An attacker can leverage this vulnerability to execute code in the context of the current process.
CVE-2021-44422 1 Opendesign 1 Drawings Sdk 2024-11-21 7.8 High
An Improper Input Validation Vulnerability exists when reading a BMP file using Open Design Alliance Drawings SDK before 2022.12. Crafted data in a BMP file can trigger a write operation past the end of an allocated buffer, or lead to a heap-based buffer overflow. An attacker can leverage this vulnerability to execute code in the context of the current process.
CVE-2021-44421 1 Occlum Project 1 Occlum 2024-11-21 5.5 Medium
The pointer-validation logic in util/mem_util.rs in Occlum before 0.26.0 for Intel SGX acts as a confused deputy that allows a local attacker to access unauthorized information via side-channel analysis.
CVE-2021-44420 5 Canonical, Debian, Djangoproject and 2 more 7 Ubuntu Linux, Debian Linux, Django and 4 more 2024-11-21 7.3 High
In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before 3.2.10, HTTP requests for URLs with trailing newlines could bypass upstream access control based on URL paths.
CVE-2021-44352 1 Tendacn 2 Ac15, Ac15 Firmware 2024-11-21 9.8 Critical
A Stack-based Buffer Overflow vulnerability exists in the Tenda AC15 V15.03.05.18_multi device via the list parameter in a post request in goform/SetIpMacBind.
CVE-2021-44351 1 Naviwebs 1 Navigate Cms 2024-11-21 7.5 High
An arbitrary file read vulnerability exists in NavigateCMS 2.9 via /navigate/navigate_download.php id parameter.
CVE-2021-44350 1 Thinkphp 1 Thinkphp 2024-11-21 9.8 Critical
SQL Injection vulnerability exists in ThinkPHP5 5.0.x <=5.1.22 via the parseOrder function in Builder.php.
CVE-2021-44349 1 Yejiao 1 Tuzicms 2024-11-21 9.8 Critical
SQL Injection vulnerability exists in TuziCMS v2.0.6 via the id parameter in App\Manage\Controller\DownloadController.class.php.
CVE-2021-44348 1 Yejiao 1 Tuzicms 2024-11-21 9.8 Critical
SQL Injection vulnerability exists in TuziCMS v2.0.6 via the id parameer in App\Manage\Controller\AdvertController.class.php.
CVE-2021-44347 1 Yejiao 1 Tuzicms 2024-11-21 9.8 Critical
SQL Injection vulnerability exists in TuziCMS v2.0.6 in App\Manage\Controller\GuestbookController.class.php.
CVE-2021-44345 1 Wvti 1 One Card Integrated Management System 2024-11-21 7.5 High
Beijing Wisdom Vision Technology Industry Co., Ltd One Card Integrated Management System 3.0 is vulnerable to SQL Injection.
CVE-2021-44343 1 Ok-file-formats Project 1 Ok-file-formats 2024-11-21 7.8 High
David Brackeen ok-file-formats 203defd is vulnerable to Buffer Overflow. When the function of the ok-file-formats project is used, a heap-buffer-overflow occurred in function ok_png_read_data() in "/ok_png.c".
CVE-2021-44342 1 Ok-file-formats Project 1 Ok-file-formats 2024-11-21 7.8 High
David Brackeen ok-file-formats 203defd is vulnerable to Buffer Overflow via function ok_png_transform_scanline() in "/ok_png.c:494".
CVE-2021-44340 1 Ok-file-formats Project 1 Ok-file-formats 2024-11-21 7.8 High
David Brackeen ok-file-formats dev version is vulnerable to Buffer Overflow. When the function of the ok-file-formats project is used, a heap-buffer-overflow occurred in function ok_jpg_generate_huffman_table() in "/ok_jpg.c:403".
CVE-2021-44339 1 Ok-file-formats Project 1 Ok-file-formats 2024-11-21 7.8 High
David Brackeen ok-file-formats 203defd is vulnerable to Buffer Overflow. When the function of the ok-file-formats project is used, a heap-buffer-overflow occurred in function ok_png_transform_scanline() in "/ok_png.c:712".
CVE-2021-44335 1 Ok-file-formats Project 1 Ok-file-formats 2024-11-21 7.8 High
David Brackeen ok-file-formats 203defd is vulnerable to Buffer Overflow. When the function of the ok-file-formats project is used, a heap-buffer-overflow occurs in function ok_png_transform_scanline() in "/ok_png.c:533".
CVE-2021-44334 1 Ok-file-formats Project 1 Ok-file-formats 2024-11-21 7.8 High
David Brackeen ok-file-formats 97f78ca is vulnerable to Buffer Overflow. When the function of the ok-file-formats project is used, a heap-buffer-overflow occurs in function ok_jpg_convert_YCbCr_to_RGB() in "/ok_jpg.c:513" .
CVE-2021-44331 1 Arm 1 Adaptive Scalable Texture Compression Encoder 2024-11-21 7.8 High
ARM astcenc 3.2.0 is vulnerable to Buffer Overflow in function encode_ise().
CVE-2021-44321 1 Mini-inventory-and-sales-management-system Project 1 Mini-inventory-and-sales-management-system 2024-11-21 5.0 Medium
Mini-Inventory-and-Sales-Management-System is affected by Cross Site Request Forgery (CSRF), where an attacker can update/delete items in the inventory. The attacker must be logged into the application create a malicious file for updating the inventory details and items.
CVE-2021-44317 1 Phpgurukul 1 Bus Pass Management System 2024-11-21 5.4 Medium
In Bus Pass Management System v1.0, parameters 'pagedes' and `About Us` are affected with a Stored Cross-site scripting vulnerability.