Total
280 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-31956 | 1 Microsoft | 23 Windows 10, Windows 10 1507, Windows 10 1607 and 20 more | 2024-08-03 | 7.8 High |
| Windows NTFS Elevation of Privilege Vulnerability | ||||
| CVE-2021-31178 | 1 Microsoft | 6 365 Apps, Excel, Office and 3 more | 2024-08-03 | 5.5 Medium |
| Microsoft Office Information Disclosure Vulnerability | ||||
| CVE-2021-28362 | 1 Contiki-os | 1 Contiki | 2024-08-03 | 7.5 High |
| An issue was discovered in Contiki through 3.0. When sending an ICMPv6 error message because of invalid extension header options in an incoming IPv6 packet, there is an attempt to remove the RPL extension headers. Because the packet length and the extension header length are unchecked (with respect to the available data) at this stage, and these variables are susceptible to integer underflow, it is possible to construct an invalid extension header that will cause memory corruption issues and lead to a Denial-of-Service condition. This is related to rpl-ext-header.c. | ||||
| CVE-2021-28027 | 1 Bam Project | 1 Bam | 2024-08-03 | 9.8 Critical |
| An issue was discovered in the bam crate before 0.1.3 for Rust. There is an integer underflow and out-of-bounds write during the loading of a bgzip block. | ||||
| CVE-2021-27486 | 1 Fatek | 1 Winproladder | 2024-08-03 | 7.8 High |
| FATEK Automation WinProladder Versions 3.30 and prior is vulnerable to an integer underflow, which may cause an out-of-bounds write and allow an attacker to execute arbitrary code. | ||||
| CVE-2021-26945 | 1 Openexr | 1 Openexr | 2024-08-03 | 5.5 Medium |
| An integer overflow leading to a heap-buffer overflow was found in OpenEXR in versions before 3.0.1. An attacker could use this flaw to crash an application compiled with OpenEXR. | ||||
| CVE-2021-26260 | 3 Debian, Fedoraproject, Openexr | 3 Debian Linux, Fedora, Openexr | 2024-08-03 | 5.5 Medium |
| An integer overflow leading to a heap-buffer overflow was found in the DwaCompressor of OpenEXR in versions before 3.0.1. An attacker could use this flaw to crash an application compiled with OpenEXR. This is a different flaw from CVE-2021-23215. | ||||
| CVE-2021-25849 | 1 Moxa | 32 Vport 06ec-2v26m, Vport 06ec-2v26m Firmware, Vport 06ec-2v36m-ct and 29 more | 2024-08-03 | 7.5 High |
| An integer underflow was discovered in userdisk/vport_lldpd in Moxa Camera VPort 06EC-2V Series, version 1.1, improper validation of the PortID TLV leads to Denial of Service via a crafted lldp packet. | ||||
| CVE-2021-25846 | 1 Moxa | 32 Vport 06ec-2v26m, Vport 06ec-2v26m Firmware, Vport 06ec-2v36m-ct and 29 more | 2024-08-03 | 7.5 High |
| Improper validation of the ChassisID TLV in userdisk/vport_lldpd in Moxa Camera VPort 06EC-2V Series, version 1.1, allows attackers to cause a denial of service due to a negative number passed to the memcpy function via a crafted lldp packet. | ||||
| CVE-2021-25121 | 1 Bestwebsoft | 1 Rating | 2024-08-03 | 6.5 Medium |
| The Rating by BestWebSoft WordPress plugin before 1.6 does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service on the post/page when a user submit such rating | ||||
| CVE-2021-24894 | 1 Implecode | 1 Reviews Plus | 2024-08-03 | 6.5 Medium |
| The Reviews Plus WordPress plugin before 1.2.14 does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service in the review section when an authenticated user submit such rating and the reviews are set to be displayed on the post/page | ||||
| CVE-2021-22379 | 1 Huawei | 2 Emui, Magic Ui | 2024-08-03 | 7.5 High |
| There is an Integer Underflow (Wrap or Wraparound) Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause DoS of Samgr. | ||||
| CVE-2021-21897 | 3 Debian, Fedoraproject, Ribbonsoft | 4 Debian Linux, Extra Packages For Enterprise Linux, Fedora and 1 more | 2024-08-03 | 8.8 High |
| A code execution vulnerability exists in the DL_Dxf::handleLWPolylineData functionality of Ribbonsoft dxflib 3.17.0. A specially-crafted .dxf file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2021-21811 | 1 Att | 1 Xmill | 2024-08-03 | 9.8 Critical |
| A memory corruption vulnerability exists in the XML-parsing CreateLabelOrAttrib functionality of AT&T Labs’ Xmill 0.7. A specially crafted XML file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2021-20607 | 1 Mitsubishielectric | 3 Ezsocket, Gx Works2, Melsoft Navigator | 2024-08-03 | 5.5 Medium |
| Integer Underflow vulnerability in Mitsubishi Electric GX Works2 versions 1.606G and prior, Mitsubishi Electric MELSOFT Navigator versions 2.84N and prior and Mitsubishi Electric EZSocket versions 5.4 and prior allows an attacker to cause a DoS condition in the software by getting a user to open malicious project file specially crafted by an attacker. | ||||
| CVE-2021-20240 | 2 Fedoraproject, Gnome | 2 Fedora, Gdk-pixbuf | 2024-08-03 | 8.8 High |
| A flaw was found in gdk-pixbuf in versions before 2.42.0. An integer wraparound leading to an out of bounds write can occur when a crafted GIF image is loaded. An attacker may cause applications to crash or could potentially execute code on the victim system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | ||||
| CVE-2021-4066 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2024-08-03 | 8.8 High |
| Integer underflow in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2021-3472 | 4 Debian, Fedoraproject, Redhat and 1 more | 4 Debian Linux, Fedora, Enterprise Linux and 1 more | 2024-08-03 | 7.8 High |
| A flaw was found in xorg-x11-server in versions before 1.20.11. An integer underflow can occur in xserver which can lead to a local privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | ||||
| CVE-2021-3345 | 2 Gnupg, Oracle | 2 Libgcrypt, Communications Billing And Revenue Management | 2024-08-03 | 7.8 High |
| _gcry_md_block_write in cipher/hash-common.c in Libgcrypt version 1.9.0 has a heap-based buffer overflow when the digest final function sets a large count value. It is recommended to upgrade to 1.9.1 or later. | ||||
| CVE-2021-1920 | 1 Qualcomm | 342 Apq8009, Apq8009 Firmware, Apq8009w and 339 more | 2024-08-03 | 9.8 Critical |
| Integer underflow can occur due to improper handling of incoming RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables | ||||