Total
13866 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-23206 | 1 Htmldoc Project | 1 Htmldoc | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A flaw was found in htmldoc in v1.9.12 and prior. A stack buffer overflow in parse_table() in ps-pdf.cxx may lead to execute arbitrary code and denial of service. | |||||
| CVE-2021-23169 | 2 Fedoraproject, Openexr | 2 Fedora, Openexr | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| A heap-buffer overflow was found in the copyIntoFrameBuffer function of OpenEXR in versions before 3.0.1. An attacker could use this flaw to execute arbitrary code with the permissions of the user running the application compiled against OpenEXR. | |||||
| CVE-2021-23157 | 1 We-con | 1 Levistudiou | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execute code. | |||||
| CVE-2021-23138 | 1 We-con | 1 Levistudiou | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code. | |||||
| CVE-2021-22973 | 1 F5 | 10 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 7 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| On BIG-IP version 16.0.x before 16.0.1.1, 15.1.x before 15.1.2, 14.1.x before 14.1.3.1, 13.1.x before 13.1.3.5, and all 12.1.x versions, JSON parser function does not protect against out-of-bounds memory accesses or writes. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated. | |||||
| CVE-2021-22807 | 1 Schneider-electric | 1 Guicon | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A CWE-787: Out-of-bounds Write vulnerability exists that could cause arbitrary code execution when a malicious *.gd1 configuration file is loaded into the GUIcon tool. Affected Product: Eurotherm by Schneider Electric GUIcon Version 2.0 (Build 683.003) and prior | |||||
| CVE-2021-22755 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A CWE-787: Out-of-bounds write vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in disclosure of information or remote code execution due to lack of sanity checks on user-supplied data, when a malicious CGF file is imported to IGSS Definition. | |||||
| CVE-2021-22754 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A CWE-787: Out-of-bounds write vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in loss of data or remote code execution due to lack of proper validation of user-supplied data, when a malicious CGF file is imported to IGSS Definition. | |||||
| CVE-2021-22752 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A CWE-787: Out-of-bounds write vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in loss of data or remote code execution due to missing size checks, when a malicious WSP (Workspace) file is being parsed by IGSS Definition. | |||||
| CVE-2021-22751 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A CWE-787: Out-of-bounds write vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in disclosure of information or execution of arbitrary code due to lack of input validation, when a malicious CGF (Configuration Group File) file is imported to IGSS Definition. | |||||
| CVE-2021-22750 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A CWE-787: Out-of-bounds write vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21041 and prior that could result in loss of data or remote code execution due to missing length checks, when a malicious CGF file is imported to IGSS Definition. | |||||
| CVE-2021-22683 | 1 Fatek | 1 Fvdesigner | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Fatek FvDesigner Version 1.5.76 and prior is vulnerable to an out-of-bounds write while processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution. | |||||
| CVE-2021-22678 | 1 Hornerautomation | 1 Cscape | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Cscape (All versions prior to 9.90 SP4) lacks proper validation of user-supplied data when parsing project files. This could lead to memory corruption. An attacker could leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2021-22673 | 1 Ti | 7 Cc3100 Software Development Kit, Cc3200 Software Development Kit, Simplelink Cc13x0 Software Development Kit and 4 more | 2024-11-21 | 6.0 MEDIUM | 8.0 HIGH |
| The affected product is vulnerable to stack-based buffer overflow while processing over-the-air firmware updates from the CDN server, which may allow an attacker to remotely execute code on the SimpleLink Wi-Fi (MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK v4.30.00.06 and prior, CC13X0 SDK versions prior to v4.10.03, CC13X2 and CC26XX SDK versions prior to v4.40.00, CC3200 SDK v1.5.0 and prior, CC3100 SDK v1.3.0 and prior). | |||||
| CVE-2021-22672 | 1 Deltaww | 1 Cncsoft Screeneditor | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Delta Electronics' CNCSoft ScreenEditor in versions prior to v1.01.30 could allow the corruption of data, a denial-of-service condition, or code execution. The vulnerability may allow an attacker to remotely execute arbitrary code. | |||||
| CVE-2021-22666 | 1 Fatek | 1 Fvdesigner | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Fatek FvDesigner Version 1.5.76 and prior is vulnerable to a stack-based buffer overflow while project files are being processed, allowing an attacker to craft a special project file that may permit arbitrary code execution. | |||||
| CVE-2021-22664 | 1 Criticalmanufacturing | 1 Cncsoft-b | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| CNCSoft-B Versions 1.0.0.3 and prior is vulnerable to an out-of-bounds write, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2021-22653 | 1 Fujielectric | 2 V-server, V-simulator | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Multiple out-of-bounds write issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0). | |||||
| CVE-2021-22647 | 2 Luxion, Siemens | 8 Keyshot, Keyshot Network Rendering, Keyshot Viewer and 5 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are vulnerable to multiple out-of-bounds write issues while processing project files, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2021-22641 | 1 Fujielectric | 2 V-server, V-simulator | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A heap-based buffer overflow issue has been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0). | |||||