Total
7228 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-37007 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause kernel crash. | |||||
| CVE-2021-36411 | 2 Debian, Struktur | 2 Debian Linux, Libde265 | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue has been found in libde265 v1.0.8 due to incorrect access control. A SEGV caused by a READ memory access in function derive_boundaryStrength of deblock.cc has occurred. The vulnerability causes a segmentation fault and application crash, which leads to remote denial of service. | |||||
| CVE-2021-36160 | 6 Apache, Broadcom, Debian and 3 more | 13 Http Server, Brocade Fabric Operating System Firmware, Debian Linux and 10 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive). | |||||
| CVE-2021-36159 | 1 Freebsd | 1 Libfetch | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| libfetch before 2021-07-26, as used in apk-tools, xbps, and other products, mishandles numeric strings for the FTP and HTTP protocols. The FTP passive mode implementation allows an out-of-bounds read because strtol is used to parse the relevant numbers into address bytes. It does not check if the line ends prematurely. If it does, the for-loop condition checks for the '\0' terminator one byte too late. | |||||
| CVE-2021-36087 | 2 Fedoraproject, Selinux Project | 2 Fedora, Selinux | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block. | |||||
| CVE-2021-36079 | 2 Adobe, Microsoft | 2 Bridge, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Adobe Bridge version 11.1 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted .SGI file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-36074 | 2 Adobe, Microsoft | 2 Bridge, Windows | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| Adobe Bridge versions 11.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-36071 | 2 Adobe, Microsoft | 2 Bridge, Windows | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| Adobe Bridge versions 11.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-36060 | 2 Adobe, Microsoft | 2 Media Encoder, Windows | 2024-11-21 | N/A | 5.5 MEDIUM |
| Adobe Media Encoder version 15.2 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-36053 | 2 Adobe, Debian | 2 Xmp Toolkit Software Development Kit, Debian Linux | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| XMP Toolkit SDK versions 2020.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-36045 | 2 Adobe, Debian | 2 Xmp Toolkit Software Development Kit, Debian Linux | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| XMP Toolkit SDK versions 2020.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-36019 | 2 Adobe, Microsoft | 2 After Effects, Windows | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| Adobe After Effects version 18.2.1 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-36018 | 2 Adobe, Microsoft | 2 After Effects, Windows | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| Adobe After Effects version 18.2.1 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-36016 | 2 Adobe, Microsoft | 2 Media Encoder, Windows | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| Adobe Media Encoder version 15.2 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to read arbitrary file system information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-36013 | 1 Adobe | 1 Media Encoder | 2024-11-21 | 6.8 MEDIUM | 3.3 LOW |
| Adobe Media Encoder version 15.2 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-36010 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| Adobe Illustrator version 25.2.3 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-36003 | 2 Adobe, Microsoft | 2 Audition, Windows | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Adobe Audition version 14.2 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-36001 | 2 Adobe, Microsoft | 2 Character Animator, Windows | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| Adobe Character Animator version 4.2 (and earlier) is affected by an out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-35992 | 2 Adobe, Microsoft | 2 Bridge, Windows | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| Adobe Bridge version 11.0.2 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-35988 | 1 Adobe | 2 Acrobat Dc, Acrobat Reader Dc | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||