Export limit exceeded: 351254 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 22043 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (22043 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-27239 | 1 Netgear | 70 D6220, D6220 Firmware, D6400 and 67 more | 2024-11-21 | 8.8 High |
| This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400 and R6700 firmware version 1.0.4.98 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the upnpd service, which listens on UDP port 1900 by default. A crafted MX header field in an SSDP message can trigger an overflow of a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-11851. | ||||
| CVE-2021-27217 | 1 Yubico | 1 Yubihsm-shell | 2024-11-21 | 4.4 Medium |
| An issue was discovered in the _send_secure_msg() function of Yubico yubihsm-shell through 2.0.3. The function does not correctly validate the embedded length field of an authenticated message received from the device. Out-of-bounds reads performed by aes_remove_padding() can crash the running process, depending on the memory layout. This could be used by an attacker to cause a client-side denial of service. The yubihsm-shell project is included in the YubiHSM 2 SDK product. | ||||
| CVE-2021-27208 | 1 Xilinx | 4 Zynq-7000, Zynq-7000 Firmware, Zynq-7000s and 1 more | 2024-11-21 | 6.8 Medium |
| When booting a Zync-7000 SOC device from nand flash memory, the nand driver in the ROM does not validate the inputs when reading in any parameters in the nand’s parameter page. IF a field read in from the parameter page is too large, this causes a buffer overflow that could lead to arbitrary code execution. Physical access and modification of the board assembly on which the Zynq-7000 SoC device mounted is needed to replace the original NAND flash memory with a NAND flash emulation device for this attack to be successful. | ||||
| CVE-2021-27045 | 1 Autodesk | 1 Navisworks | 2024-11-21 | 7.8 High |
| A maliciously crafted PDF file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to read beyond allocated boundaries when parsing the PDF file. This vulnerability can be exploited to execute arbitrary code. | ||||
| CVE-2021-27044 | 1 Autodesk | 1 Fbx Review | 2024-11-21 | 7.8 High |
| A Out-Of-Bounds Read/Write Vulnerability in Autodesk FBX Review version 1.4.0 may lead to remote code execution through maliciously crafted DLL files or information disclosure. | ||||
| CVE-2021-27040 | 3 Autodesk, Iconics, Mitsubishielectric | 13 Advance Steel, Autocad, Autocad Architecture and 10 more | 2024-11-21 | 3.3 Low |
| A maliciously crafted DWG file can be forced to read beyond allocated boundaries when parsing the DWG file. This vulnerability can be exploited to execute arbitrary code. | ||||
| CVE-2021-27027 | 1 Autodesk | 1 Fbx Review | 2024-11-21 | 7.8 High |
| An Out-Of-Bounds Read Vulnerability in Autodesk FBX Review version 1.5.0 and prior may lead to code execution through maliciously crafted DLL files or information disclosure. | ||||
| CVE-2021-27020 | 1 Puppet | 1 Puppet Enterprise | 2024-11-21 | 8.8 High |
| Puppet Enterprise presented a security risk by not sanitizing user input when doing a CSV export. | ||||
| CVE-2021-26957 | 1 Xcb Project | 1 Xcb | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the xcb crate through 2021-02-04 for Rust. It has a soundness violation because there is an out-of-bounds read in xcb::xproto::change_property(), as demonstrated by a format=32 T=u8 situation where out-of-bounds bytes are sent to an X server. | ||||
| CVE-2021-26926 | 3 Fedoraproject, Jasper Project, Redhat | 3 Fedora, Jasper, Enterprise Linux | 2024-11-21 | 7.1 High |
| A flaw was found in jasper before 2.0.25. An out of bounds read issue was found in jp2_decode function whic may lead to disclosure of information or program crash. | ||||
| CVE-2021-26827 | 1 Tp-link | 2 Tl-wr2041\+, Tl-wr2041\+ Firmware | 2024-11-21 | 7.5 High |
| Buffer Overflow in TP-Link WR2041 v1 firmware for the TL-WR2041+ router allows remote attackers to cause a Denial-of-Service (DoS) by sending an HTTP request with a very long "ssid" parameter to the "/userRpm/popupSiteSurveyRpm.html" webpage, which crashes the router. | ||||
| CVE-2021-26805 | 1 Tsmuxer Project | 1 Tsmuxer | 2024-11-21 | 5.5 Medium |
| Buffer Overflow in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a malicious WAV file. | ||||
| CVE-2021-26777 | 1 Circutor | 2 Compact Dc-s Basic, Compact Dc-s Basic Firmware | 2024-11-21 | 9.8 Critical |
| Buffer overflow vulnerability in function SetFirewall in index.cgi in CIRCUTOR COMPACT DC-S BASIC smart metering concentrator Firwmare version CIR_CDC_v1.2.17, allows attackers to execute arbitrary code. | ||||
| CVE-2021-26728 | 1 Lannerinc | 2 Iac-ast2500a, Iac-ast2500a Firmware | 2024-11-21 | 10 Critical |
| Command injection and stack-based buffer overflow vulnerabilities in the KillDupUsr_func function of spx_restservice allow an attacker to execute arbitrary code with the same privileges as the server user (root). This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0. | ||||
| CVE-2021-26691 | 6 Apache, Debian, Fedoraproject and 3 more | 10 Http Server, Debian Linux, Fedora and 7 more | 2024-11-21 | 9.8 Critical |
| In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow | ||||
| CVE-2021-26635 | 1 Bandisoft | 1 Ark Library | 2024-11-21 | 7.8 High |
| In the code that verifies the file size in the ark library, it is possible to manipulate the offset read from the target file due to the wrong use of the data type. An attacker could use this vulnerability to cause a stack buffer overflow and as a result, perform an attack such as remote code execution. | ||||
| CVE-2021-26623 | 2 Bandisoft, Microsoft | 2 Bandizip, Windows | 2024-11-21 | 7.8 High |
| A remote code execution vulnerability due to incomplete check for 'xheader_decode_path_record' function's parameter length value in the ark library. Remote attackers can induce exploit malicious code using this function. | ||||
| CVE-2021-26621 | 1 Netu | 2 Mex01, Mex01 Firmware | 2024-11-21 | 8.1 High |
| An Buffer Overflow vulnerability leading to remote code execution was discovered in MEX01. Remote attackers can use this vulnerability by using the property that the target program copies parameter values to memory through the strcpy() function. | ||||
| CVE-2021-26606 | 2 Dreamsecurity, Microsoft | 2 Magicline4nx.exe, Windows | 2024-11-21 | 9.8 Critical |
| A vulnerability in PKI Security Solution of Dream Security could allow arbitrary command execution. This vulnerability is due to insufficient validation of the authorization certificate. An attacker could exploit this vulnerability by sending a crafted HTTP request an affected program. A successful exploit could allow the attacker to remotely execute arbitrary code on a target system. | ||||
| CVE-2021-26603 | 2 Bandisoft, Microsoft | 2 Ark Library, Windows | 2024-11-21 | 8.6 High |
| A heap overflow issue was found in ARK library of bandisoft Co., Ltd when the Ark_DigPathA function parsed a file path. This vulnerability is due to missing support for string length check. | ||||