Total
5622 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-39674 | 1 Google | 1 Android | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| In btm_sec_connected and btm_sec_disconnected of btm_sec.cc file , there is a possible use after free. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-201083442 | |||||
| CVE-2021-39656 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| In __configfs_open_file of file.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-174049066References: Upstream kernel | |||||
| CVE-2021-39638 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| In periodic_io_work_func of lwis_periodic_io.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-195607566References: N/A | |||||
| CVE-2021-39634 | 1 Google | 1 Android | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| In fs/eventpoll.c, there is a possible use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-204450605References: Upstream kernel | |||||
| CVE-2021-39629 | 1 Google | 1 Android | 2024-11-21 | 6.9 MEDIUM | 7.0 HIGH |
| In phTmlNfc_Init and phTmlNfc_CleanUp of phTmlNfc.cc, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-197353344 | |||||
| CVE-2021-39620 | 1 Google | 1 Android | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| In ipcSetDataReference of Parcel.cpp, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-203847542 | |||||
| CVE-2021-39228 | 1 Linuxfoundation | 1 Tremor | 2024-11-21 | 7.5 HIGH | 6.5 MEDIUM |
| Tremor is an event processing system for unstructured data. A vulnerability exists between versions 0.7.2 and 0.11.6. This vulnerability is a memory safety Issue when using `patch` or `merge` on `state` and assign the result back to `state`. In this case, affected versions of Tremor and the tremor-script crate maintains references to memory that might have been freed already. And these memory regions can be accessed by retrieving the `state`, e.g. send it over TCP or HTTP. This requires the Tremor server (or any other program using tremor-script) to execute a tremor-script script that uses the mentioned language construct. The issue has been patched in version 0.11.6 by removing the optimization and always cloning the target expression of a Merge or Patch. If an upgrade is not possible, a possible workaround is to avoid the optimization by introducing a temporary variable and not immediately reassigning to `state`. | |||||
| CVE-2021-39216 | 2 Bytecodealliance, Fedoraproject | 2 Wasmtime, Fedora | 2024-11-21 | 3.3 LOW | 6.3 MEDIUM |
| Wasmtime is an open source runtime for WebAssembly & WASI. In Wasmtime from version 0.19.0 and before version 0.30.0 there was a use-after-free bug when passing `externref`s from the host to guest Wasm content. To trigger the bug, you have to explicitly pass multiple `externref`s from the host to a Wasm instance at the same time, either by passing multiple `externref`s as arguments from host code to a Wasm function, or returning multiple `externref`s to Wasm from a multi-value return function defined in the host. If you do not have host code that matches one of these shapes, then you are not impacted. If Wasmtime's `VMExternRefActivationsTable` became filled to capacity after passing the first `externref` in, then passing in the second `externref` could trigger a garbage collection. However the first `externref` is not rooted until we pass control to Wasm, and therefore could be reclaimed by the collector if nothing else was holding a reference to it or otherwise keeping it alive. Then, when control was passed to Wasm after the garbage collection, Wasm could use the first `externref`, which at this point has already been freed. We have reason to believe that the effective impact of this bug is relatively small because usage of `externref` is currently quite rare. The bug has been fixed, and users should upgrade to Wasmtime 0.30.0. If you cannot upgrade Wasmtime yet, you can avoid the bug by disabling reference types support in Wasmtime by passing `false` to `wasmtime::Config::wasm_reference_types`. | |||||
| CVE-2021-38656 | 1 Microsoft | 1 365 Apps | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Microsoft Word Remote Code Execution Vulnerability | |||||
| CVE-2021-38655 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Microsoft Excel Remote Code Execution Vulnerability | |||||
| CVE-2021-38504 | 2 Debian, Mozilla | 4 Debian Linux, Firefox, Firefox Esr and 1 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| When interacting with an HTML input element's file picker dialog with webkitdirectory set, a use-after-free could have resulted, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3. | |||||
| CVE-2021-38498 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| During process shutdown, a document could have caused a use-after-free of a languages service object, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 93, Thunderbird < 91.2, and Firefox ESR < 91.2. | |||||
| CVE-2021-38496 | 2 Debian, Mozilla | 4 Debian Linux, Firefox, Firefox Esr and 1 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| During operations on MessageTasks, a task may have been removed while it was still scheduled, resulting in memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.15, Thunderbird < 91.2, Firefox ESR < 91.2, Firefox ESR < 78.15, and Firefox < 93. | |||||
| CVE-2021-38467 | 1 Auvesy | 1 Versiondog | 2024-11-21 | 5.5 MEDIUM | 7.3 HIGH |
| A specific function code receives a raw pointer supplied by the user and deallocates this pointer. The user can then control what memory regions will be freed and cause use-after-free condition. | |||||
| CVE-2021-38438 | 1 Fatek | 1 Winproladder | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A use after free vulnerability in FATEK Automation WinProladder versions 3.30 and prior may be exploited when a valid user opens a malformed project file, which may allow arbitrary code execution. | |||||
| CVE-2021-38383 | 1 Owntone Project | 1 Owntone | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| OwnTone (aka owntone-server) through 28.1 has a use-after-free in net_bind() in misc.c. | |||||
| CVE-2021-38382 | 1 Live555 | 1 Live555 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Live555 through 1.08 does not handle Matroska and Ogg files properly. Sending two successive RTSP SETUP commands for the same track causes a Use-After-Free and daemon crash. | |||||
| CVE-2021-38381 | 1 Live555 | 1 Live555 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Live555 through 1.08 does not handle MPEG-1 or 2 files properly. Sending two successive RTSP SETUP commands for the same track causes a Use-After-Free and daemon crash. | |||||
| CVE-2021-38204 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-11-21 | 4.6 MEDIUM | 6.8 MEDIUM |
| drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations. | |||||
| CVE-2021-38011 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||