Export limit exceeded: 22880 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (22880 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-38430 | 1 Fatek | 1 Winproladder | 2024-11-21 | 7.8 High |
| FATEK Automation WinProladder versions 3.30 and prior proper validation of user-supplied data when parsing project files, which could result in a stack-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code. | ||||
| CVE-2021-38424 | 1 Deltaww | 1 Dialink | 2024-11-21 | 5.9 Medium |
| The tag interface of Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to an attacker injecting formulas into the tag data. Those formulas may then be executed when it is opened with a spreadsheet application. | ||||
| CVE-2021-38421 | 1 Fujielectric | 2 V-server, V-simulator | 2024-11-21 | 7.8 High |
| Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0.12.0 is vulnerable to an out-of-bounds read, which may allow an attacker to read sensitive information from other memory locations or cause a crash. | ||||
| CVE-2021-38415 | 1 Fujielectric | 2 V-server, V-simulator | 2024-11-21 | 7.8 High |
| Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0.12.0 is vulnerable a heap-based buffer overflow when parsing a specially crafted project file, which may allow an attacker to execute arbitrary code. | ||||
| CVE-2021-38413 | 1 Fujielectric | 2 V-server, V-simulator | 2024-11-21 | 7.8 High |
| Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0.12.0 is vulnerable to a stack-based buffer overflow, which may allow an attacker to achieve code execution. | ||||
| CVE-2021-38408 | 1 Advantech | 1 Webaccess | 2024-11-21 | 9.8 Critical |
| A stack-based buffer overflow vulnerability in Advantech WebAccess Versions 9.02 and prior caused by a lack of proper validation of the length of user-supplied data may allow remote code execution. | ||||
| CVE-2021-38394 | 1 Bostonscientific | 2 Zoom Latitude Pogrammer\/recorder\/monitor 3120, Zoom Latitude Pogrammer\/recorder\/monitor 3120 Firmware | 2024-11-21 | 6.2 Medium |
| An attacker with physical access to the device can extract the binary that checks for the hardware key and reverse engineer it, which could be used to create a physical duplicate of a valid hardware key. The hardware key allows access to special settings when inserted. | ||||
| CVE-2021-38389 | 1 Advantech | 1 Webaccess | 2024-11-21 | 9.8 Critical |
| Advantech WebAccess versions 9.02 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code. | ||||
| CVE-2021-38386 | 1 Contiki-os | 1 Contiki | 2024-11-21 | 7.5 High |
| In Contiki 3.0, a buffer overflow in the Telnet service allows remote attackers to cause a denial of service because the ls command is mishandled when a directory has many files with long names. | ||||
| CVE-2021-38380 | 1 Live555 | 1 Live555 | 2024-11-21 | 7.5 High |
| Live555 through 1.08 mishandles huge requests for the same MP3 stream, leading to recursion and s stack-based buffer over-read. An attacker can leverage this to launch a DoS attack. | ||||
| CVE-2021-38297 | 3 Fedoraproject, Golang, Redhat | 4 Fedora, Go, Enterprise Linux and 1 more | 2024-11-21 | 9.8 Critical |
| Go before 1.16.9 and 1.17.x before 1.17.2 has a Buffer Overflow via large arguments in a function invocation from a WASM module, when GOARCH=wasm GOOS=js is used. | ||||
| CVE-2021-38260 | 1 Nxp | 1 Mcuxpresso Software Development Kit | 2024-11-21 | 7.8 High |
| NXP MCUXpresso SDK v2.7.0 was discovered to contain a buffer overflow in the function USB_HostParseDeviceConfigurationDescriptor(). | ||||
| CVE-2021-38258 | 1 Nxp | 1 Mcuxpresso Software Development Kit | 2024-11-21 | 7.8 High |
| NXP MCUXpresso SDK v2.7.0 was discovered to contain a buffer overflow in the function USB_HostProcessCallback(). | ||||
| CVE-2021-38207 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.5 High |
| drivers/net/ethernet/xilinx/ll_temac_main.c in the Linux kernel before 5.12.13 allows remote attackers to cause a denial of service (buffer overflow and lockup) by sending heavy network traffic for about ten minutes. | ||||
| CVE-2021-38192 | 1 Prost Project | 1 Prost | 2024-11-21 | 7.5 High |
| An issue was discovered in the prost-types crate before 0.8.0 for Rust. An overflow can occur during conversion from Timestamp to SystemTime. | ||||
| CVE-2021-38172 | 1 Debian | 1 Perm | 2024-11-21 | 9.8 Critical |
| perM 0.4.0 has a Buffer Overflow related to strncpy. (Debian initially fixed this in 0.4.0-7.) | ||||
| CVE-2021-38115 | 1 Libgd | 1 Libgd | 2024-11-21 | 6.5 Medium |
| read_header_tga in gd_tga.c in the GD Graphics Library (aka LibGD) through 2.3.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file. | ||||
| CVE-2021-38109 | 1 Corel | 1 Coreldraw 2020 | 2024-11-21 | 5.5 Medium |
| Corel DrawStandard 2020 22.0.0.474 is affected by an Out-of-bounds Read vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to access unauthorized system memory in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious CDR file. | ||||
| CVE-2021-38108 | 1 Corel | 1 Wordperfect 2020 | 2024-11-21 | 5.5 Medium |
| Word97Import200.dll in Corel WordPerfect 2020 20.0.0.200 is affected by an Out-of-bounds Read vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to access unauthorized system memory in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious DOC file. | ||||
| CVE-2021-38107 | 1 Corel | 1 Coreldraw 2020 | 2024-11-21 | 5.5 Medium |
| CdrCore.dll in Corel DrawStandard 2020 22.0.0.474 is affected by an Out-of-bounds Read vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to access unauthorized system memory in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious CDR file. | ||||