Total
3485 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-33449 | 1 Cesanta | 1 Mjs | 2024-08-03 | 5.5 Medium |
| An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_bcode_part_get_by_offset() in mjs.c. | ||||
| CVE-2021-33439 | 1 Cesanta | 1 Mjs | 2024-08-03 | 5.5 Medium |
| An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is Integer overflow in gc_compact_strings() in mjs.c. | ||||
| CVE-2021-33445 | 1 Cesanta | 1 Mjs | 2024-08-03 | 5.5 Medium |
| An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_string_char_code_at() in mjs.c. | ||||
| CVE-2021-33458 | 1 Tortall | 1 Yasm | 2024-08-03 | 5.5 Medium |
| An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in find_cc() in modules/preprocs/nasm/nasm-pp.c. | ||||
| CVE-2021-33447 | 1 Cesanta | 1 Mjs | 2024-08-03 | 5.5 Medium |
| An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_print() in mjs.c. | ||||
| CVE-2021-33440 | 1 Cesanta | 1 Mjs | 2024-08-03 | 5.5 Medium |
| An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_bcode_commit() in mjs.c. | ||||
| CVE-2021-33460 | 1 Tortall | 1 Yasm | 2024-08-03 | 5.5 Medium |
| An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in if_condition() in modules/preprocs/nasm/nasm-pp.c. | ||||
| CVE-2021-33456 | 1 Tortall | 1 Yasm | 2024-08-03 | 5.5 Medium |
| An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in hash() in modules/preprocs/nasm/nasm-pp.c. | ||||
| CVE-2021-33442 | 1 Cesanta | 1 Mjs | 2024-08-03 | 5.5 Medium |
| An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in json_printf() in mjs.c. | ||||
| CVE-2021-33441 | 1 Cesanta | 1 Mjs | 2024-08-03 | 5.5 Medium |
| An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in exec_expr() in mjs.c. | ||||
| CVE-2021-33454 | 1 Tortall | 1 Yasm | 2024-08-03 | 5.5 Medium |
| An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in yasm_expr_get_intnum() in libyasm/expr.c. | ||||
| CVE-2021-33465 | 1 Tortall | 1 Yasm | 2024-08-03 | 5.5 Medium |
| An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in expand_mmacro() in modules/preprocs/nasm/nasm-pp.c. | ||||
| CVE-2021-33317 | 1 Trendnet | 18 Teg-30102ws, Teg-30102ws Firmware, Ti-g102i and 15 more | 2024-08-03 | 7.5 High |
| The TRENDnet TI-PG1284i switch(hw v2.0R) prior to version 2.0.2.S0 suffers from a null pointer dereference vulnerability. This vulnerability exists in its lldp related component. Due to fail to check if ChassisID TLV is contained in the packet, by sending a crafted lldp packet to the device, an attacker can crash the process due to null pointer dereference. | ||||
| CVE-2021-33254 | 2 Embedthis, Linux | 2 Appweb, Linux Kernel | 2024-08-03 | 7.5 High |
| An issue was discovered in src/http/httpLib.c in EmbedThis Appweb Community Edition 8.2.1, allows attackers to cause a denial of service via the stream paramter to the parseUri function. | ||||
| CVE-2021-33193 | 5 Apache, Fedoraproject, Oracle and 2 more | 8 Http Server, Fedora, Secure Backup and 5 more | 2024-08-03 | 7.5 High |
| A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48. | ||||
| CVE-2021-33068 | 2 Intel, Netapp | 2 Active Management Technology Firmware, Cloud Backup | 2024-08-03 | 6.5 Medium |
| Null pointer dereference in subsystem for Intel(R) AMT before versions 15.0.35 may allow an authenticated user to potentially enable denial of service via network access. | ||||
| CVE-2021-32843 | 1 Mobyproject | 1 Hyperkit | 2024-08-03 | 6.2 Medium |
| HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0.20210107 and prior of HyperKit, `virtio.c` has is a call to `vc_cfgread` that does not check for null which when called makes the host crash. This issue may lead to a guest crashing the host causing a denial of service. This issue is fixed in commit df0e46c7dbfd81a957d85e449ba41b52f6f7beb4. | ||||
| CVE-2021-32844 | 1 Mobyproject | 1 Hyperkit | 2024-08-03 | 6.2 Medium |
| HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0.20210107 and prior of HyperKit, ` vi_pci_write` has is a call to `vc_cfgwrite` that does not check for null which when called makes the host crash. This issue may lead to a guest crashing the host causing a denial of service. This issue is fixed in commit 451558fe8aaa8b24e02e34106e3bb9fe41d7ad13. | ||||
| CVE-2021-32781 | 2 Envoyproxy, Redhat | 2 Envoy, Service Mesh | 2024-08-03 | 8.6 High |
| Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions after Envoy sends a locally generated response it must stop further processing of request or response data. However when local response is generated due the internal buffer overflow while request or response is processed by the filter chain the operation may not be stopped completely and result in accessing a freed memory block. A specifically constructed request delivered by an untrusted downstream or upstream peer in the presence of extensions that modify and increase the size of request or response bodies resulting in a Denial of Service when using extensions that modify and increase the size of request or response bodies, such as decompressor filter. Envoy versions 1.19.1, 1.18.4, 1.17.4, 1.16.5 contain fixes to address incomplete termination of request processing after locally generated response. As a workaround disable Envoy's decompressor, json-transcoder or grpc-web extensions or proprietary extensions that modify and increase the size of request or response bodies, if feasible. | ||||
| CVE-2021-32611 | 1 Antisip | 1 Exosip2 | 2024-08-03 | 7.5 High |
| A NULL pointer dereference vulnerability exists in eXcall_api.c in Antisip eXosip2 through 5.2.0 when handling certain 3xx redirect responses. | ||||