Total
13936 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-46393 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2026-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| There is a stack buffer overflow vulnerability in the formSetPPTPServer function of Tenda-AX3 router V16.03.12.10_CN. The v10 variable is directly retrieved from the http request parameter startIp. Then v10 will be splice to stack by function sscanf without any security check,which causes stack overflow. By POSTing the page /goform/SetPptpServerCfg with proper startIp, the attacker can easily perform remote code execution with carefully crafted overflow data. | |||||
| CVE-2021-46334 | 1 Moddable | 1 Moddable Sdk | 2026-06-17 | 6.8 MEDIUM | 7.8 HIGH |
| Moddable SDK v11.5.0 was discovered to contain a stack buffer overflow via the component __interceptor_strcat. | |||||
| CVE-2021-46332 | 1 Moddable | 1 Moddable Sdk | 2026-06-17 | 6.8 MEDIUM | 7.8 HIGH |
| Moddable SDK v11.5.0 was discovered to contain a heap-buffer-overflow via xs/sources/xsDataView.c in fxUint8Getter. | |||||
| CVE-2021-46328 | 1 Moddable | 1 Moddable Sdk | 2026-06-17 | 6.8 MEDIUM | 7.8 HIGH |
| Moddable SDK v11.5.0 was discovered to contain a heap-buffer-overflow via the component __libc_start_main. | |||||
| CVE-2021-46326 | 1 Moddable | 1 Moddable Sdk | 2026-06-17 | 6.8 MEDIUM | 7.8 HIGH |
| Moddable SDK v11.5.0 was discovered to contain a heap-buffer-overflow via the component __asan_memcpy. | |||||
| CVE-2021-46325 | 1 Espruino | 1 Espruino | 2026-06-17 | 6.8 MEDIUM | 7.8 HIGH |
| Espruino 2v10.246 was discovered to contain a stack buffer overflow via src/jsutils.c in vcbprintf. | |||||
| CVE-2021-46324 | 1 Espruino | 1 Espruino | 2026-06-17 | 6.8 MEDIUM | 7.8 HIGH |
| Espruino 2v11.251 was discovered to contain a stack buffer overflow via src/jsvar.c in jsvNewFromString. | |||||
| CVE-2021-46321 | 1 Tenda | 2 Ac11, Ac11 Firmware | 2026-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the wifiBasicCfg module. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data. | |||||
| CVE-2021-46265 | 1 Tenda | 2 Ac11, Ac11 Firmware | 2026-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the wanBasicCfg module. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data. | |||||
| CVE-2021-46264 | 1 Tenda | 2 Ac11, Ac11 Firmware | 2026-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the onlineList module. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data. | |||||
| CVE-2021-46263 | 1 Tenda | 2 Ac11, Ac11 Firmware | 2026-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the wifiTime module. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data. | |||||
| CVE-2021-46262 | 1 Tenda | 2 Ac11, Ac11 Firmware | 2026-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the PPPoE module. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data. | |||||
| CVE-2021-46238 | 1 Gpac | 1 Gpac | 2026-06-17 | 4.3 MEDIUM | 5.5 MEDIUM |
| GPAC v1.1.0 was discovered to contain a stack overflow via the function gf_node_get_name () at scenegraph/base_scenegraph.c. This vulnerability can lead to a program crash, causing a Denial of Service (DoS). | |||||
| CVE-2021-46174 | 1 Gnu | 1 Binutils | 2026-06-17 | N/A | 7.5 HIGH |
| Heap-based Buffer Overflow in function bfd_getl32 in Binutils objdump 3.37. | |||||
| CVE-2021-46168 | 1 Spinroot | 1 Spin | 2026-06-17 | 4.3 MEDIUM | 5.5 MEDIUM |
| Spin v6.5.1 was discovered to contain an out-of-bounds write in lex() at spinlex.c. | |||||
| CVE-2021-46162 | 1 Siemens | 1 Simcenter Femap | 2026-06-17 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in Simcenter Femap (All versions < V2022.1.1). Affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15048) | |||||
| CVE-2021-46161 | 1 Siemens | 1 Simcenter Femap | 2026-06-17 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap V2021.1 (All versions). Affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15302) | |||||
| CVE-2021-46160 | 1 Siemens | 1 Simcenter Femap | 2026-06-17 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap V2021.1 (All versions). Affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15286) | |||||
| CVE-2021-46159 | 1 Siemens | 1 Simcenter Femap | 2026-06-17 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap V2021.1 (All versions). Affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15050) | |||||
| CVE-2021-46157 | 1 Siemens | 1 Simcenter Femap | 2026-06-17 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap V2021.1 (All versions). Affected application contains a memory corruption vulnerability while parsing NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-14757) | |||||