Total
1926 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-44432 | 1 Siemens | 2 Jt Open Toolkit, Jt Utilities | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products is vulnerable to stack based buffer overflow while parsing specially crafted JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-14845) | |||||
| CVE-2021-44165 | 1 Siemens | 8 7kg9501-0aa01-0aa1, 7kg9501-0aa01-0aa1 Firmware, 7kg9501-0aa01-2aa1 and 5 more | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41). The affected firmware contains a buffer overflow vulnerability in the web application that could allow a remote attacker with engineer or admin priviliges to potentially perform remote code execution. | |||||
| CVE-2021-44158 | 1 Asus | 2 Rt-ax56u, Rt-ax56u Firmware | 2024-11-21 | 7.7 HIGH | 8.0 HIGH |
| ASUS RT-AX56U Wi-Fi Router is vulnerable to stack-based buffer overflow due to improper validation for httpd parameter length. An authenticated local area network attacker can launch arbitrary code execution to control the system or disrupt service. | |||||
| CVE-2021-43983 | 1 We-con | 1 Levistudiou | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to multiple stack-based buffer overflow instances while parsing project files, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2021-43982 | 1 Deltaww | 1 Cncsoft | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Delta Electronics CNCSoft Versions 1.01.30 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2021-43556 | 1 Fatek | 1 Winproladder | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| FATEK WinProladder Versions 3.30_24518 and prior are vulnerable to a stack-based buffer overflow while processing project files, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2021-43301 | 2 Debian, Teluu | 2 Debian Linux, Pjsip | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Stack overflow in PJSUA API when calling pjsua_playlist_create. An attacker-controlled 'file_names' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation. | |||||
| CVE-2021-43300 | 2 Debian, Teluu | 2 Debian Linux, Pjsip | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Stack overflow in PJSUA API when calling pjsua_recorder_create. An attacker-controlled 'filename' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation. | |||||
| CVE-2021-43299 | 2 Debian, Teluu | 2 Debian Linux, Pjsip | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Stack overflow in PJSUA API when calling pjsua_player_create. An attacker-controlled 'filename' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation. | |||||
| CVE-2021-42756 | 1 Fortinet | 1 Fortiweb | 2024-11-21 | N/A | 9.8 CRITICAL |
| Multiple stack-based buffer overflow vulnerabilities [CWE-121] in the proxy daemon of FortiWeb 5.x all versions, 6.0.7 and below, 6.1.2 and below, 6.2.6 and below, 6.3.16 and below, 6.4 all versions may allow an unauthenticated remote attacker to achieve arbitrary code execution via specifically crafted HTTP requests. | |||||
| CVE-2021-42705 | 1 We-con | 1 Plc Editor | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| PLC Editor Versions 1.3.8 and prior is vulnerable to a stack-based buffer overflow while processing project files, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2021-42532 | 2 Adobe, Debian | 2 Xmp Toolkit Software Development Kit, Debian Linux | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file. | |||||
| CVE-2021-42531 | 2 Adobe, Debian | 2 Xmp Toolkit Software Development Kit, Debian Linux | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file. | |||||
| CVE-2021-42530 | 2 Adobe, Debian | 2 Xmp Toolkit Software Development Kit, Debian Linux | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file. | |||||
| CVE-2021-42529 | 2 Adobe, Debian | 2 Xmp Toolkit Software Development Kit, Debian Linux | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file. | |||||
| CVE-2021-40118 | 1 Cisco | 19 Adaptive Security Appliance, Adaptive Security Appliance Software, Asa 5505 and 16 more | 2024-11-21 | 7.1 HIGH | 8.6 HIGH |
| A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a malicious HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. | |||||
| CVE-2021-3790 | 1 Binatoneglobal | 42 Cn28, Cn28 Firmware, Cn40 and 39 more | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
| A buffer overflow was reported in the local web server of some Motorola-branded Binatone Hubble Cameras that could allow an unauthenticated attacker on the same network to perform a denial-of-service attack against the device. | |||||
| CVE-2021-3434 | 1 Zephyrproject | 1 Zephyr | 2024-11-21 | 4.6 MEDIUM | 4.9 MEDIUM |
| Stack based buffer overflow in le_ecred_conn_req(). Zephyr versions >= v2.5.0 Stack-based Buffer Overflow (CWE-121). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-8w87-6rfp-cfrm | |||||
| CVE-2021-3064 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| A memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to disrupt system processes and potentially execute arbitrary code with root privileges. The attacker must have network access to the GlobalProtect interface to exploit this issue. This issue impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.17. Prisma Access customers are not impacted by this issue. | |||||
| CVE-2021-3057 | 1 Paloaltonetworks | 1 Globalprotect | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
| A stack-based buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect app that enables a man-in-the-middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.9 on Windows; GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.8 on Windows; GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.8 on the Universal Windows Platform; GlobalProtect app 5.3 versions earlier than GlobalProtect app 5.3.1 on Linux. | |||||