Total
12415 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-21047 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) are affected by an Out-of-bounds Write vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-21046 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to cause an application denial-of-service. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-21044 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Write vulnerability when parsing a crafted jpeg file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-21038 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Write vulnerability when parsing a crafted jpeg file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-20987 | 2 Hilscher, Pepperl-fuchs | 23 Ethernet\/ip Adapter, Ethernet\/ip Adapter Firmware, Pcv100-f200-b25-v1d-6011 and 20 more | 2024-11-21 | 7.8 HIGH | 8.6 HIGH |
| A denial of service and memory corruption vulnerability was found in Hilscher EtherNet/IP Core V2 prior to V2.13.0.21that may lead to code injection through network or make devices crash without recovery. | |||||
| CVE-2021-20986 | 2 Hilscher, Pepperl-fuchs | 73 Profinet Io Device, Profinet Io Device Firmware, Ohv-f230-b17 and 70 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A Denial of Service vulnerability was found in Hilscher PROFINET IO Device V3 in versions prior to V3.14.0.7. This may lead to unexpected loss of cyclic communication or interruption of acyclic communication. | |||||
| CVE-2021-20573 | 2 Ibm, Microsoft | 2 Security Identity Manager Adapter, Windows | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM Security Identity Manager Adapters 6.0 and 7.0 are vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote authenticated attacker could overflow the and cause the server to crash. IBM X-Force ID: 199249. | |||||
| CVE-2021-20572 | 2 Ibm, Microsoft | 2 Security Identity Manager Adapter, Windows | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM Security Identity Manager Adapters 6.0 and 7.0 are vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A remote authenticated attacker could overflow the and cause the server to crash. IBM X-Force ID: 199247. | |||||
| CVE-2021-20546 | 1 Ibm | 2 Spectrum Protect Client, Spectrum Protect For Space Management | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| IBM Spectrum Protect Client 8.1.0.0 through 8.1.11.0 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and cause the application to crash. IBM X-Force ID: 198934 | |||||
| CVE-2021-20515 | 5 Hp, Ibm, Linux and 2 more | 6 Hp-ux, Aix, Informix Dynamic Server and 3 more | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| IBM Informix Dynamic Server 14.10 is vulnerable to a stack based buffer overflow, caused by improper bounds checking. A local privileged user could overflow a buffer and execute arbitrary code on the system or cause a denial of service condition. IBM X-Force ID: 198366. | |||||
| CVE-2021-20494 | 1 Ibm | 1 Security Identity Manager Adapter | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM Security Identity Manager Adapters 6.0 and 7.0 are vulnerable to a heap based buffer overflow, caused by improper bounds. An authenticared user could overflow the buffer and cause the service to crash. IBM X-Force ID: 197882. | |||||
| CVE-2021-20491 | 1 Ibm | 1 Spectrum Protect | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
| IBM Spectrum Protect Server 7.1 and 8.1 is subject to a stack-based buffer overflow caused by improper bounds checking during the parsing of commands. By issuing such a command with an improper parameter, an authorized administrator could overflow a buffer and cause the server to crash. IBM X-Force ID: 197792. | |||||
| CVE-2021-20349 | 1 Ibm | 1 Tivoli Workload Scheduler | 2024-11-21 | 4.6 MEDIUM | 5.3 MEDIUM |
| IBM Tivoli Workload Scheduler 9.4 and 9.5 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and gain lower level privileges. IBM X-Force ID: 194599. | |||||
| CVE-2021-20325 | 1 Redhat | 1 Enterprise Linux | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Missing fixes for CVE-2021-40438 and CVE-2021-26691 in the versions of httpd, as shipped in Red Hat Enterprise Linux 8.5.0, causes a security regression compared to the versions shipped in Red Hat Enterprise Linux 8.4. A user who installs or updates to Red Hat Enterprise Linux 8.5.0 would be vulnerable to the mentioned CVEs, even if they were properly fixed in Red Hat Enterprise Linux 8.4. CVE-2021-20325 was assigned to that Red Hat specific security regression and it does not affect the upstream versions of httpd. | |||||
| CVE-2021-20314 | 3 Fedoraproject, Libspf2, Redhat | 3 Fedora, Libspf2, Enterprise Linux | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Stack buffer overflow in libspf2 versions below 1.2.11 when processing certain SPF macros can lead to Denial of service and potentially code execution via malicious crafted SPF explanation messages. | |||||
| CVE-2021-20305 | 5 Debian, Fedoraproject, Netapp and 2 more | 6 Debian Linux, Fedora, Active Iq Unified Manager and 3 more | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability. | |||||
| CVE-2021-20298 | 2 Debian, Openexr | 2 Debian Linux, Openexr | 2024-11-21 | N/A | 7.5 HIGH |
| A flaw was found in OpenEXR's B44Compressor. This flaw allows an attacker who can submit a crafted file to be processed by OpenEXR, to exhaust all memory accessible to the application. The highest threat from this vulnerability is to system availability. | |||||
| CVE-2021-20294 | 1 Gnu | 1 Binutils | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A flaw was found in binutils readelf 2.35 program. An attacker who is able to convince a victim using readelf to read a crafted file could trigger a stack buffer overflow, out-of-bounds write of arbitrary data supplied by the attacker. The highest impact of this flaw is to confidentiality, integrity, and availability. | |||||
| CVE-2021-20277 | 3 Debian, Fedoraproject, Samba | 3 Debian Linux, Fedora, Samba | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The highest threat from this vulnerability is to system availability. | |||||
| CVE-2021-20236 | 3 Fedoraproject, Redhat, Zeromq | 4 Fedora, Ceph Storage, Enterprise Linux and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A flaw was found in the ZeroMQ server in versions before 4.3.3. This flaw allows a malicious client to cause a stack buffer overflow on the server by sending crafted topic subscription requests and then unsubscribing. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. | |||||