Total
13867 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-36218 | 1 Skale | 1 Sgxwallet | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in SKALE sgxwallet 1.58.3. sgx_disp_ippsAES_GCMEncrypt allows an out-of-bounds write, resulting in a segfault and compromised enclave. This issue describes a buffer overflow, which was resolved prior to v1.77.0 and not reproducible in latest sgxwallet v1.77.0 | |||||
| CVE-2021-36194 | 1 Fortinet | 1 Fortiweb | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Multiple stack-based buffer overflows in the API controllers of FortiWeb 6.4.1, 6.4.0, and 6.3.0 through 6.3.15 may allow an authenticated attacker to achieve arbitrary code execution via specially crafted requests. | |||||
| CVE-2021-36186 | 1 Fortinet | 1 Fortiweb | 2024-11-21 | 7.5 HIGH | 8.8 HIGH |
| A stack-based buffer overflow in Fortinet FortiWeb version 6.4.0, version 6.3.15 and below, 6.2.5 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests | |||||
| CVE-2021-36179 | 1 Fortinet | 1 Fortiweb | 2024-11-21 | 6.5 MEDIUM | 8.0 HIGH |
| A stack-based buffer overflow in Fortinet FortiWeb version 6.3.14 and below, 6.2.4 and below allows attacker to execute unauthorized code or commands via crafted parameters in CLI command execution | |||||
| CVE-2021-36173 | 1 Fortinet | 14 Fortigate-1100e, Fortigate-200f, Fortigate-2600f and 11 more | 2024-11-21 | 6.8 MEDIUM | 8.0 HIGH |
| A heap-based buffer overflow in the firmware signature verification function of FortiOS versions 7.0.1, 7.0.0, 6.4.0 through 6.4.6, 6.2.0 through 6.2.9, and 6.0.0 through 6.0.13 may allow an attacker to execute arbitrary code via specially crafted installation images. | |||||
| CVE-2021-36134 | 2 Microsoft, Netop | 2 Windows, Vision Pro | 2024-11-21 | 3.3 LOW | 7.4 HIGH |
| Out of bounds write vulnerability in the JPEG parsing code of Netop Vision Pro up to and including 9.7.2 allows an adjacent unauthenticated attacker to write to arbitrary memory potentially leading to a Denial of Service (DoS). | |||||
| CVE-2021-36089 | 2 Linux, Zope | 2 Linux Kernel, Grok | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Grok 7.6.6 through 9.2.0 has a heap-based buffer overflow in grk::FileFormatDecompress::apply_palette_clr (called from grk::FileFormatDecompress::applyColour). | |||||
| CVE-2021-36083 | 1 Kde | 1 Kimageformats | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| KDE KImageFormats 5.70.0 through 5.81.0 has a stack-based buffer overflow in XCFImageFormat::loadTileRLE. | |||||
| CVE-2021-36082 | 1 Ntop | 1 Ndpi | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| ntop nDPI 3.4 has a stack-based buffer overflow in processClientServerHello. | |||||
| CVE-2021-36073 | 2 Adobe, Microsoft | 2 Bridge, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Adobe Bridge version 11.1 (and earlier) is affected by a heap-based buffer overflow vulnerability when parsing a crafted .SGI file. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-36072 | 2 Adobe, Microsoft | 2 Bridge, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Adobe Bridge versions 11.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-36066 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Adobe Photoshop versions 21.2.10 (and earlier) and 22.4.3 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-36065 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Adobe Photoshop versions 21.2.10 (and earlier) and 22.4.3 (and earlier) are affected by a heap-based buffer overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-36049 | 1 Adobe | 1 Bridge | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious Bridge file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | |||||
| CVE-2021-36017 | 2 Adobe, Microsoft | 2 After Effects, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Adobe After Effects version 18.2.1 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-36015 | 2 Adobe, Microsoft | 2 Media Encoder, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Adobe Media Encoder version 15.2 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-36009 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Adobe Illustrator version 25.2.3 (and earlier) is affected by an memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-36004 | 2 Adobe, Microsoft | 2 Indesign, Windows | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe InDesign version 16.0 (and earlier) is affected by an Out-of-bounds Write vulnerability in the CoolType library. An unauthenticated attacker could leverage this vulnerability to achieve remote code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-36000 | 2 Adobe, Microsoft | 2 Character Animator, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Adobe Character Animator version 4.2 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-35999 | 2 Adobe, Microsoft | 2 Prelude, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Adobe Prelude version 10.0 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||