Total
3031 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-42681 | 1 Accops | 1 Hyworks Dvm Tools | 2024-08-04 | 8.8 High |
| A Buffer Overflow vulnerability exists in Accops HyWorks DVM Tools prior to v3.3.1.105. The IOCTL Handler 0x22001B allows local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet. | ||||
| CVE-2021-42716 | 2 Fedoraproject, Nothings | 2 Fedora, Stb Image.h | 2024-08-04 | 7.1 High |
| An issue was discovered in stb stb_image.h 2.27. The PNM loader incorrectly interpreted 16-bit PGM files as 8-bit when converting to RGBA, leading to a buffer overflow when later reinterpreting the result as a 16-bit buffer. An attacker could potentially have crashed a service using stb_image, or read up to 1024 bytes of non-consecutive heap data without control over the read location. | ||||
| CVE-2021-42553 | 1 St | 1 Stm32 Mw Usb Host | 2024-08-04 | 6.8 Medium |
| A buffer overflow vulnerability in stm32_mw_usb_host of STMicroelectronics in versions before 3.5.1 allows an attacker to execute arbitrary code when the descriptor contains more endpoints than USBH_MAX_NUM_ENDPOINTS. The library is typically integrated when using a RTOS such as FreeRTOS on STM32 MCUs. | ||||
| CVE-2021-41794 | 1 Open5gs | 1 Open5gs | 2024-08-04 | 7.5 High |
| ogs_fqdn_parse in Open5GS 1.0.0 through 2.3.3 inappropriately trusts a client-supplied length value, leading to a buffer overflow. The attacker can send a PFCP Session Establishment Request with "internet" as the PDI Network Instance. The first character is interpreted as a length value to be used in a memcpy call. The destination buffer is only 100 bytes long on the stack. Then, 'i' gets interpreted as 105 bytes to copy from the source buffer to the destination buffer. | ||||
| CVE-2021-41751 | 1 Jerryscript | 1 Jerryscript | 2024-08-04 | 9.8 Critical |
| Buffer overflow vulnerability in file ecma-builtin-array-prototype.c:909 in function ecma_builtin_array_prototype_object_slice in Jerryscript before commit e1ce7dd7271288be8c0c8136eea9107df73a8ce2 on Oct 20, 2021. | ||||
| CVE-2021-41499 | 1 Pyo Project | 1 Pyo | 2024-08-04 | 7.5 High |
| Buffer Overflow Vulnerability exists in ajaxsoundstudio.com n Pyo < 1.03 in the Server_debug function, which allows remote attackers to conduct DoS attacks by deliberately passing on an overlong audio file name. | ||||
| CVE-2021-41498 | 1 Pyo Project | 1 Pyo | 2024-08-04 | 7.5 High |
| Buffer overflow in ajaxsoundstudio.com Pyo < and 1.03 in the Server_jack_init function. which allows attackers to conduct Denial of Service attacks by arbitrary constructing a overlong server name. | ||||
| CVE-2021-41413 | 1 Ok-file-formats Project | 1 Ok-file-formats | 2024-08-04 | 7.8 High |
| ok-file-formats master 2021-9-12 is affected by a buffer overflow in ok_jpg_convert_data_unit_grayscale and ok_jpg_convert_YCbCr_to_RGB. | ||||
| CVE-2021-41216 | 1 Google | 1 Tensorflow | 2024-08-04 | 5.5 Medium |
| TensorFlow is an open source platform for machine learning. In affected versions the shape inference function for `Transpose` is vulnerable to a heap buffer overflow. This occurs whenever `perm` contains negative elements. The shape inference function does not validate that the indices in `perm` are all valid. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range. | ||||
| CVE-2021-41221 | 1 Google | 1 Tensorflow | 2024-08-04 | 7.8 High |
| TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for the `Cudnn*` operations in TensorFlow can be tricked into accessing invalid memory, via a heap buffer overflow. This occurs because the ranks of the `input`, `input_h` and `input_c` parameters are not validated, but code assumes they have certain values. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range. | ||||
| CVE-2021-41054 | 2 Atftp Project, Debian | 2 Atftp, Debian Linux | 2024-08-04 | 7.5 High |
| tftpd_file.c in atftp through 0.7.4 has a buffer overflow because buffer-size handling does not properly consider the combination of data, OACK, and other options. | ||||
| CVE-2021-40818 | 1 Glewlwyd Sso Server Project | 1 Glewlwyd Sso Server | 2024-08-04 | 9.8 Critical |
| scheme/webauthn.c in Glewlwyd SSO server through 2.5.3 has a buffer overflow during FIDO2 signature validation in webauthn registration. | ||||
| CVE-2021-40568 | 1 Gpac | 1 Gpac | 2024-08-04 | 7.8 High |
| A buffer overflow vulnerability exists in Gpac through 1.0.1 via a malformed MP4 file in the svc_parse_slice function in av_parsers.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges. | ||||
| CVE-2021-40239 | 1 Miniftpd Project | 1 Miniftpd | 2024-08-04 | 9.8 Critical |
| A Buffer Overflow vulnerability exists in the latest version of Miniftpd in the do_retr function in ftpproto.c | ||||
| CVE-2021-40284 | 1 Dlink | 2 Dsl-3782, Dsl-3782 Firmware | 2024-08-04 | 6.5 Medium |
| D-Link DSL-3782 EU v1.01:EU v1.03 is affected by a buffer overflow which can cause a denial of service. This vulnerability exists in the web interface "/cgi-bin/New_GUI/Igmp.asp". Authenticated remote attackers can trigger this vulnerability by sending a long string in parameter 'igmpsnoopEnable' via an HTTP request. | ||||
| CVE-2021-40241 | 1 Xfig Project | 1 Xfig | 2024-08-04 | 9.8 Critical |
| xfig 3.2.7 is vulnerable to Buffer Overflow. | ||||
| CVE-2021-40056 | 1 Huawei | 2 Emui, Magic Ui | 2024-08-04 | 7.5 High |
| There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2021-40062 | 1 Huawei | 2 Emui, Magic Ui | 2024-08-04 | 7.5 High |
| There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2021-40035 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-08-04 | 7.5 High |
| There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability. | ||||
| CVE-2021-40029 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-08-04 | 7.5 High |
| There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability. | ||||