Total
32453 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-46787 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The AMS module has a vulnerability of improper permission control.Successful exploitation of this vulnerability may cause non-system application processes to crash. | |||||
| CVE-2021-46785 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| The Property module has a vulnerability in permission control.This vulnerability can be exploited to obtain the unique device identifier. | |||||
| CVE-2021-46774 | 1 Amd | 274 Epyc 7001, Epyc 7001 Firmware, Epyc 7203 and 271 more | 2024-11-21 | N/A | 6.7 MEDIUM |
| Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in denial-of-service. | |||||
| CVE-2021-46771 | 1 Amd | 46 Epyc 72f3, Epyc 72f3 Firmware, Epyc 7313 and 43 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Insufficient validation of addresses in AMD Secure Processor (ASP) firmware system call may potentially lead to arbitrary code execution by a compromised user application. | |||||
| CVE-2021-46758 | 1 Amd | 122 Ryzen 3 4300u, Ryzen 3 4300u Firmware, Ryzen 3 5125c and 119 more | 2024-11-21 | N/A | 6.1 MEDIUM |
| Insufficient validation of SPI flash addresses in the ASP (AMD Secure Processor) bootloader may allow an attacker to read data in memory mapped beyond SPI flash resulting in a potential loss of availability and integrity. | |||||
| CVE-2021-46742 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| The multi-window module has a vulnerability of unauthorized insertion and tampering of Settings.Secure data.Successful exploitation of this vulnerability may affect the availability. | |||||
| CVE-2021-46741 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The basic framework and setting module have defects, which were introduced during the design. Successful exploitation of this vulnerability may affect system integrity. | |||||
| CVE-2021-46703 | 1 Razorengine Project | 1 Razorengine | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In the IsolatedRazorEngine component of Antaris RazorEngine through 4.5.1-alpha001, an attacker can execute arbitrary .NET code in a sandboxed environment (if users can externally control template contents). NOTE: This vulnerability only affects products that are no longer supported by the maintainer | |||||
| CVE-2021-46665 | 2 Fedoraproject, Mariadb | 2 Fedora, Mariadb | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| MariaDB through 10.5.9 allows a sql_parse.cc application crash because of incorrect used_tables expectations. | |||||
| CVE-2021-46663 | 2 Fedoraproject, Mariadb | 2 Fedora, Mariadb | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| MariaDB through 10.5.13 allows a ha_maria::extra application crash via certain SELECT statements. | |||||
| CVE-2021-46662 | 1 Mariadb | 1 Mariadb | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| MariaDB through 10.5.9 allows a set_var.cc application crash via certain uses of an UPDATE statement in conjunction with a nested subquery. | |||||
| CVE-2021-46661 | 2 Fedoraproject, Mariadb | 2 Fedora, Mariadb | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| MariaDB through 10.5.9 allows an application crash in find_field_in_tables and find_order_in_list via an unused common table expression (CTE). | |||||
| CVE-2021-46659 | 2 Fedoraproject, Mariadb | 2 Fedora, Mariadb | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| MariaDB before 10.7.2 allows an application crash because it does not recognize that SELECT_LEX::nest_level is local to each VIEW. | |||||
| CVE-2021-46658 | 1 Mariadb | 1 Mariadb | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| save_window_function_values in MariaDB before 10.6.3 allows an application crash because of incorrect handling of with_window_func=true for a subquery. | |||||
| CVE-2021-46657 | 1 Mariadb | 1 Mariadb | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| get_sort_by_table in MariaDB before 10.6.2 allows an application crash via certain subquery uses of ORDER BY. | |||||
| CVE-2021-46556 | 1 Cesanta | 1 Mjs | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_bcode_insert_offset at src/mjs_bcode.c. This vulnerability can lead to a Denial of Service (DoS). | |||||
| CVE-2021-46554 | 1 Cesanta | 1 Mjs | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_json_stringify at src/mjs_json.c. This vulnerability can lead to a Denial of Service (DoS). | |||||
| CVE-2021-46553 | 1 Cesanta | 1 Mjs | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_set_internal at src/mjs_object.c. This vulnerability can lead to a Denial of Service (DoS). | |||||
| CVE-2021-46550 | 1 Cesanta | 1 Mjs | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via free_json_frame at src/mjs_json.c. This vulnerability can lead to a Denial of Service (DoS). | |||||
| CVE-2021-46549 | 1 Cesanta | 1 Mjs | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via parse_cval_type at src/mjs_ffi.c. This vulnerability can lead to a Denial of Service (DoS). | |||||