Vulnerabilities (CVE)

Filtered by CWE-787
Total 12074 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-3375 1 Atomisystems 1 Activepresenter 2024-11-21 7.5 HIGH 9.8 CRITICAL
ActivePresenter 6.1.6 is affected by a memory corruption vulnerability that may result in a denial of service (DoS) or arbitrary code execution.
CVE-2021-3345 2 Gnupg, Oracle 2 Libgcrypt, Communications Billing And Revenue Management 2024-11-21 7.2 HIGH 7.8 HIGH
_gcry_md_block_write in cipher/hash-common.c in Libgcrypt version 1.9.0 has a heap-based buffer overflow when the digest final function sets a large count value. It is recommended to upgrade to 1.9.1 or later.
CVE-2021-3330 1 Zephyrproject 1 Zephyr 2024-11-21 5.8 MEDIUM 7.1 HIGH
RCE/DOS: Linked-list corruption leading to large out-of-bounds write while sorting for forged fragment list in Zephyr. Zephyr versions >= >=2.4.0 contain Out-of-bounds Write (CWE-787). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-fj4r-373f-9456
CVE-2021-3246 3 Debian, Fedoraproject, Libsndfile Project 3 Debian Linux, Fedora, Libsndfile 2024-11-21 6.8 MEDIUM 8.8 HIGH
A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted WAV file.
CVE-2021-3185 1 Freedesktop 1 Gst-plugins-bad 2024-11-21 7.5 HIGH 9.8 CRITICAL
A flaw was found in the gstreamer h264 component of gst-plugins-bad before v1.18.1 where when parsing a h264 header, an attacker could cause the stack to be smashed, memory corruption and possibly code execution.
CVE-2021-3182 1 Dlink 2 Dcs-5220, Dcs-5220 Firmware 2024-11-21 7.7 HIGH 8.0 HIGH
D-Link DCS-5220 devices have a buffer overflow. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
CVE-2021-3064 1 Paloaltonetworks 1 Pan-os 2024-11-21 10.0 HIGH 9.8 CRITICAL
A memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to disrupt system processes and potentially execute arbitrary code with root privileges. The attacker must have network access to the GlobalProtect interface to exploit this issue. This issue impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.17. Prisma Access customers are not impacted by this issue.
CVE-2021-3057 1 Paloaltonetworks 1 Globalprotect 2024-11-21 9.3 HIGH 8.1 HIGH
A stack-based buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect app that enables a man-in-the-middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.9 on Windows; GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.8 on Windows; GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.8 on the Universal Windows Platform; GlobalProtect app 5.3 versions earlier than GlobalProtect app 5.3.1 on Linux.
CVE-2021-3056 1 Paloaltonetworks 1 Pan-os 2024-11-21 8.5 HIGH 8.8 HIGH
A memory corruption vulnerability in Palo Alto Networks PAN-OS GlobalProtect Clientless VPN enables an authenticated attacker to execute arbitrary code with root user privileges during SAML authentication. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.9; PAN-OS 10.0 versions earlier than PAN-OS 10.0.1. Prisma Access customers with Prisma Access 2.1 Preferred firewalls are impacted by this issue.
CVE-2021-39996 1 Huawei 3 Emui, Harmonyos, Magic Ui 2024-11-21 7.5 HIGH 9.8 CRITICAL
There is a Heap-based buffer overflow vulnerability with the NFC module in smartphones. Successful exploitation of this vulnerability may cause memory overflow.
CVE-2021-39990 1 Huawei 1 Harmonyos 2024-11-21 7.5 HIGH 9.8 CRITICAL
The screen lock module has a Stack-based Buffer Overflow vulnerability.Successful exploitation of this vulnerability may affect user experience.
CVE-2021-39846 3 Adobe, Apple, Microsoft 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more 2024-11-21 5.8 MEDIUM 6.1 MEDIUM
Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a stack overflow vulnerability due to insecure handling of a crafted PDF file, potentially resulting in memory corruption in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted PDF file in Acrobat Reader.
CVE-2021-39845 3 Adobe, Apple, Microsoft 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more 2024-11-21 5.8 MEDIUM 6.1 MEDIUM
Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a stack overflow vulnerability due to insecure handling of a crafted PDF file, potentially resulting in memory corruption in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted PDF file in Acrobat Reader.
CVE-2021-39843 3 Adobe, Apple, Microsoft 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more 2024-11-21 6.8 MEDIUM 7.8 HIGH
Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-39831 2 Adobe, Microsoft 2 Framemaker, Windows 2024-11-21 6.8 MEDIUM 7.8 HIGH
Adobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release Update 2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious PDF file.
CVE-2021-39829 2 Adobe, Microsoft 2 Framemaker, Windows 2024-11-21 6.8 MEDIUM 7.8 HIGH
Adobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release Update 2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious PDF file.
CVE-2021-39825 1 Adobe 1 Photoshop Elements 2024-11-21 6.8 MEDIUM 7.8 HIGH
Photoshop Elements versions 2021 build 19.0 (20210304.m.156367) (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious TTF file.
CVE-2021-39822 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2024-11-21 N/A 7.8 HIGH
Adobe InDesign versions 16.3 (and earlier), and 16.3.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious BMP file.
CVE-2021-39820 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2024-11-21 6.8 MEDIUM 7.8 HIGH
Adobe InDesign versions 16.3 (and earlier), and 16.3.1 (and earlier) is affected by an Out-of-bounds Write vulnerability due to insecure handling of a malicious TIFF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
CVE-2021-39814 1 Google 1 Android 2024-11-21 7.2 HIGH 6.7 MEDIUM
In ppmp_validate_wsm of drm_fw.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-216792660References: N/A