Total
5622 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-45720 | 1 Lru Project | 1 Lru | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the lru crate before 0.7.1 for Rust. The iterators have a use-after-free, as demonstrated by an access after a pop operation. | |||||
| CVE-2021-45719 | 1 Rusqlite Project | 1 Rusqlite | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. update_hook has a use-after-free. | |||||
| CVE-2021-45718 | 1 Rusqlite Project | 1 Rusqlite | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. rollback_hook has a use-after-free. | |||||
| CVE-2021-45717 | 1 Rusqlite Project | 1 Rusqlite | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. commit_hook has a use-after-free. | |||||
| CVE-2021-45716 | 1 Rusqlite Project | 1 Rusqlite | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. create_collation has a use-after-free. | |||||
| CVE-2021-45715 | 1 Rusqlite Project | 1 Rusqlite | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. create_window_function has a use-after-free. | |||||
| CVE-2021-45714 | 1 Rusqlite Project | 1 Rusqlite | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. create_aggregate_function has a use-after-free. | |||||
| CVE-2021-45713 | 1 Rusqlite Project | 1 Rusqlite | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. create_scalar_function has a use-after-free. | |||||
| CVE-2021-45702 | 1 Linuxfoundation | 1 Tremor-script | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the tremor-script crate before 0.11.6 for Rust. A merge operation may result in a use-after-free. | |||||
| CVE-2021-45701 | 1 Linuxfoundation | 1 Tremor-script | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the tremor-script crate before 0.11.6 for Rust. A patch operation may result in a use-after-free. | |||||
| CVE-2021-45483 | 1 Webkitgtk | 1 Webkitgtk | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::Frame::page, a different vulnerability than CVE-2021-30889. | |||||
| CVE-2021-45482 | 1 Webkitgtk | 1 Webkitgtk | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::ContainerNode::firstChild, a different vulnerability than CVE-2021-30889. | |||||
| CVE-2021-45291 | 1 Gpac | 1 Gpac | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The gf_dump_setup function in GPAC 1.0.1 allows malicoius users to cause a denial of service (Invalid memory address dereference) via a crafted file in the MP4Box command. | |||||
| CVE-2021-45263 | 1 Gpac | 1 Gpac | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An invalid free vulnerability exists in gpac 1.1.0 via the gf_svg_delete_attribute_value function, which causes a segmentation fault and application crash. | |||||
| CVE-2021-45262 | 1 Gpac | 1 Gpac | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An invalid free vulnerability exists in gpac 1.1.0 via the gf_sg_command_del function, which causes a segmentation fault and application crash. | |||||
| CVE-2021-45064 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-45063 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-45062 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-45059 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| Adobe InDesign version 16.4 (and earlier) is affected by a use-after-free vulnerability in the processing of a JPEG2000 file that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-45054 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| Adobe InCopy version 16.4 (and earlier) is affected by a use-after-free vulnerability in the processing of a JPEG2000 file that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||