Total
12595 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2021-46157 | 1 Siemens | 1 Simcenter Femap | 2024-08-04 | 7.8 High |
A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap V2021.1 (All versions). Affected application contains a memory corruption vulnerability while parsing NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-14757) | ||||
CVE-2021-46023 | 1 Mruby | 1 Mruby | 2024-08-04 | 7.5 High |
An Untrusted Pointer Dereference was discovered in function mrb_vm_exec in mruby before 3.1.0-rc. The vulnerability causes a segmentation fault and application crash. | ||||
CVE-2021-46053 | 1 Webassembly | 1 Binaryen | 2024-08-04 | 5.5 Medium |
A Denial of Service vulnerability exists in Binaryen 103. The program terminates with signal SIGKILL. | ||||
CVE-2021-46020 | 1 Mruby | 1 Mruby | 2024-08-04 | 7.5 High |
An untrusted pointer dereference in mrb_vm_exec() of mruby v3.0.0 can lead to a segmentation fault or application crash. | ||||
CVE-2021-45764 | 1 Gpac | 1 Gpac | 2024-08-04 | 5.5 Medium |
GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function shift_chunk_offsets.isra(). | ||||
CVE-2021-45762 | 1 Gpac | 1 Gpac | 2024-08-04 | 5.5 Medium |
GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function gf_sg_vrml_mf_reset(). This vulnerability allows attackers to cause a Denial of Service (DoS). | ||||
CVE-2021-45760 | 1 Gpac | 1 Gpac | 2024-08-04 | 5.5 Medium |
GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function gf_list_last(). This vulnerability allows attackers to cause a Denial of Service (DoS). | ||||
CVE-2021-45709 | 1 Crypto2 Project | 1 Crypto2 | 2024-08-04 | 9.8 Critical |
An issue was discovered in the crypto2 crate through 2021-10-08 for Rust. During Chacha20 encryption and decryption, an unaligned read of a u32 may occur. | ||||
CVE-2021-45767 | 1 Gpac | 1 Gpac | 2024-08-04 | 5.5 Medium |
GPAC 1.1.0 was discovered to contain an invalid memory address dereference via the function lsr_read_id(). This vulnerability can lead to a Denial of Service (DoS). | ||||
CVE-2021-45293 | 2 Fedoraproject, Webassembly | 2 Fedora, Binaryen | 2024-08-04 | 5.5 Medium |
A Denial of Service vulnerability exists in Binaryen 103 due to an Invalid memory address dereference in wasm::WasmBinaryBuilder::visitLet. | ||||
CVE-2021-44992 | 1 Jerryscript | 1 Jerryscript | 2024-08-04 | 5.5 Medium |
There is an Assertion ''ecma_object_is_typedarray (obj_p)'' failed at /jerry-core/ecma/operations/ecma-typedarray-object.c in Jerryscript 3.0.0. | ||||
CVE-2021-44975 | 1 Radare | 1 Radare2 | 2024-08-04 | 5.5 Medium |
radareorg radare2 5.5.2 is vulnerable to Buffer Overflow via /libr/core/anal_objc.c mach-o parser. | ||||
CVE-2021-45078 | 5 Debian, Fedoraproject, Gnu and 2 more | 5 Debian Linux, Fedora, Binutils and 2 more | 2024-08-04 | 7.8 High |
stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. NOTE: this issue exists because of an incorrect fix for CVE-2018-12699. | ||||
CVE-2021-44920 | 1 Gpac | 1 Gpac | 2024-08-04 | 5.5 Medium |
An invalid memory address dereference vulnerability exists in gpac 1.1.0 in the dump_od_to_saf.isra function, which causes a segmentation fault and application crash. | ||||
CVE-2021-44499 | 1 Fisglobal | 1 Gt.m | 2024-08-04 | 7.5 High |
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can cause a call to $Extract to force an signed integer holding the size of a buffer to take on a large negative number, which is then used as the length of a memcpy call that occurs on the stack, causing a buffer overflow. | ||||
CVE-2021-44538 | 4 Cinny Project, Debian, Matrix and 1 more | 6 Cinny, Debian Linux, Element and 3 more | 2024-08-04 | 9.8 Critical |
The olm_session_describe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow. The Olm session object represents a cryptographic channel between two parties. Therefore, its state is partially controllable by the remote party of the channel. Attackers can construct a crafted sequence of messages to manipulate the state of the receiver's session in such a way that, for some buffer sizes, a buffer overflow happens on a call to olm_session_describe. Furthermore, safe buffer sizes were undocumented. The overflow content is partially controllable by the attacker and limited to ASCII spaces and digits. The known affected products are Element Web And SchildiChat Web. | ||||
CVE-2021-44496 | 1 Fisglobal | 1 Gt.m | 2024-08-04 | 9.8 Critical |
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can control the size variable and buffer that is passed to a call to memcpy. An attacker can use this to overwrite key data structures and gain control of the flow of execution. | ||||
CVE-2021-44440 | 1 Siemens | 2 Jt Open Toolkit, Jt Utilities | 2024-08-04 | 7.8 High |
A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products is vulnerable to memory corruption condition while parsing specially crafted JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-14912) | ||||
CVE-2021-44503 | 1 Fisglobal | 1 Gt.m | 2024-08-04 | 7.5 High |
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can cause a call to va_arg on an empty variadic parameter list, most likely causing a memory segmentation fault. | ||||
CVE-2021-41496 | 2 Numpy, Redhat | 2 Numpy, Openstack | 2024-08-04 | 5.5 Medium |
Buffer overflow in the array_from_pyobj function of fortranobject.c in NumPy < 1.19, which allows attackers to conduct a Denial of Service attacks by carefully constructing an array with negative values. NOTE: The vendor does not agree this is a vulnerability; the negative dimensions can only be created by an already privileged user (or internally) |