Total
7186 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-22354 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| There is an Information Disclosure Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause out-of-bounds read. | |||||
| CVE-2021-22306 | 1 Huawei | 2 Mate 30, Mate 30 Firmware | 2024-11-21 | 2.1 LOW | 4.6 MEDIUM |
| There is an out-of-bound read vulnerability in Mate 30 10.0.0.182(C00E180R6P2). A module does not verify the some input when dealing with messages. Attackers can exploit this vulnerability by sending malicious input through specific module. This could cause out-of-bound, compromising normal service. | |||||
| CVE-2021-22302 | 1 Huawei | 2 Taurus-al00a, Taurus-al00a Firmware | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
| There is an out-of-bound read vulnerability in Taurus-AL00A 10.0.0.1(C00E1R1P1). A module does not verify the some input. Attackers can exploit this vulnerability by sending malicious input through specific app. This could cause out-of-bound, compromising normal service. | |||||
| CVE-2021-21995 | 1 Vmware | 2 Cloud Foundation, Esxi | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| OpenSLP as used in ESXi has a denial-of-service vulnerability due a heap out-of-bounds read issue. A malicious actor with network access to port 427 on ESXi may be able to trigger a heap out-of-bounds read in OpenSLP service resulting in a denial-of-service condition. | |||||
| CVE-2021-21989 | 2 Microsoft, Vmware | 3 Windows, Horizon Client, Workstation | 2024-11-21 | 2.1 LOW | 6.5 MEDIUM |
| VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2) contain out-of-bounds read vulnerability in the Cortado ThinPrint component (TTC Parser). A malicious actor with access to a virtual machine or remote desktop may be able to exploit these issues leading to information disclosure from the TPView process running on the system where Workstation or Horizon Client for Windows is installed. | |||||
| CVE-2021-21988 | 2 Microsoft, Vmware | 3 Windows, Horizon Client, Workstation | 2024-11-21 | 2.1 LOW | 6.5 MEDIUM |
| VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2) contain out-of-bounds read vulnerability in the Cortado ThinPrint component (JPEG2000 Parser). A malicious actor with access to a virtual machine or remote desktop may be able to exploit these issues leading to information disclosure from the TPView process running on the system where Workstation or Horizon Client for Windows is installed. | |||||
| CVE-2021-21987 | 2 Microsoft, Vmware | 3 Windows, Horizon Client, Workstation | 2024-11-21 | 2.1 LOW | 6.5 MEDIUM |
| VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2) contain out-of-bounds read vulnerability in the Cortado ThinPrint component (TTC Parser). A malicious actor with access to a virtual machine or remote desktop may be able to exploit these issues leading to information disclosure from the TPView process running on the system where Workstation or Horizon Client for Windows is installed. | |||||
| CVE-2021-21777 | 1 Opener Project | 1 Opener | 2024-11-21 | 9.4 HIGH | 10.0 CRITICAL |
| An information disclosure vulnerability exists in the Ethernet/IP UDP handler functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A specially crafted network request can lead to an out-of-bounds read. | |||||
| CVE-2021-21557 | 1 Dell | 62 Poweredge C4140, Poweredge C4140 Firmware, Poweredge C6420 and 59 more | 2024-11-21 | 7.2 HIGH | 8.1 HIGH |
| Dell PowerEdge Server BIOS and select Dell Precision Rack BIOS contain an out-of-bounds array access vulnerability. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of service, arbitrary code execution, or information disclosure in System Management Mode. | |||||
| CVE-2021-21463 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PCX file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. | |||||
| CVE-2021-21410 | 1 Contiki-ng | 1 Contiki-ng | 2024-11-21 | 6.4 MEDIUM | 8.2 HIGH |
| Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An out-of-bounds read can be triggered by 6LoWPAN packets sent to devices running Contiki-NG 4.6 and prior. The IPv6 header decompression function (<code>uncompress_hdr_iphc</code>) does not perform proper boundary checks when reading from the packet buffer. Hence, it is possible to construct a compressed 6LoWPAN packet that will read more bytes than what is available from the packet buffer. As of time of publication, there is not a release with a patch available. Users can apply the patch for this vulnerability out-of-band as a workaround. | |||||
| CVE-2021-21200 | 1 Google | 1 Chrome | 2024-11-21 | N/A | 5.4 MEDIUM |
| Out of bounds read in WebUI Settings in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chrome security severity: Low) | |||||
| CVE-2021-21198 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | 4.3 MEDIUM | 7.4 HIGH |
| Out of bounds read in IPC in Google Chrome prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | |||||
| CVE-2021-21091 | 2 Adobe, Microsoft | 2 Bridge, Windows | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by an Out-of-bounds read vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-21089 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to locally escalate privileges in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-21076 | 2 Adobe, Microsoft | 2 Animate, Windows | 2024-11-21 | 5.8 MEDIUM | 7.1 HIGH |
| Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-21075 | 2 Adobe, Microsoft | 2 Animate, Windows | 2024-11-21 | 5.8 MEDIUM | 7.1 HIGH |
| Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-21074 | 2 Adobe, Microsoft | 2 Animate, Windows | 2024-11-21 | 5.8 MEDIUM | 7.1 HIGH |
| Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-21073 | 1 Adobe | 1 Animate | 2024-11-21 | 5.8 MEDIUM | 7.1 HIGH |
| Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-21072 | 2 Adobe, Microsoft | 2 Animate, Windows | 2024-11-21 | 5.8 MEDIUM | 7.1 HIGH |
| Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||