CVEs from 2021
Total
4,797
critical
critical 280
high
high 1,019
medium
medium 1,175
low
low 138
% Critical
5.8%
% with KEV
4.4%
% with exploit
5.3%
Top vendors
Top products
- simatic_wincc_runtime_advanced 28
- office 13
- primavera_gateway 10
- weblogic_server 9
- primavera_unifier 8
- modicon_m340_bmxp342020 8
- log4j 8
- communications_unified_inventory_management 7
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-47203 | high | — | 8.0 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq() When parsing the txq list in lpfc_drain_txq(), the driver attempts to p… | |||
| CVE-2021-47435 | high | — | 8.0 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: dm: fix mempool NULL pointer race when completing IO dm_io_dec_pending() calls end_io_acct() first and will then dec md in-flight… | |||
| CVE-2021-4093 | high | — | 8.0 | 4y ago | A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State (SEV-ES). A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host ker… | |||
| CVE-2021-40490 | high | — | 8.0 | 4y ago | A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. | |||
| CVE-2021-47501 | high | — | 8.0 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc When trying to dump VFs VSI RX/TX descriptors using debugfs there was a … | |||
| CVE-2021-4460 | high | — | 8.0 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix UBSAN shift-out-of-bounds warning If get_num_sdma_queues or get_num_xgmi_sdma_queues is 0, we end up doing a shif… | |||
| CVE-2021-47590 | high | — | 8.0 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: mptcp: fix deadlock in __mptcp_push_pending() __mptcp_push_pending() may call mptcp_flush_join_list() with subflow socket lock he… | |||
| CVE-2021-47498 | high | — | 8.0 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: dm rq: don't queue request to blk-mq during DM suspend DM uses blk-mq's quiesce/unquiesce to stop/start device mapper queue. But… | |||
| CVE-2021-47178 | high | — | 8.0 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Avoid smp_processor_id() in preemptible code The BUG message "BUG: using smp_processor_id() in preemptible [0… | |||
| CVE-2021-47544 | high | — | 8.0 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: tcp: fix page frag corruption on page fault Steffen reported a TCP stream corruption for HTTP requests served by the apache web-s… | |||
| CVE-2021-3923 | high | — | 8.0 | 4y ago | A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniba… | |||
| CVE-2021-47301 | high | — | 8.0 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: igb: Fix use-after-free error during reset Cleans the next descriptor to watch (next_to_watch) when cleaning the TX ring. Failur… | |||
| CVE-2021-25745 | high | — | 8.0 | 4y ago | Improper Input Validation in k8s.io/ingress-nginx | |||
| CVE-2021-3424 | high | — | 8.0 | 4y ago | Keycloak is vulnerable to IDN homograph attack | |||
| CVE-2021-3827 | high | — | 8.0 | 4y ago | ECP SAML binding bypasses authentication flows | |||
| CVE-2021-4028 | high | — | 8.0 | 4y ago | A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element t… | |||
| CVE-2021-20202 | high | — | 8.0 | 4y ago | Temporary Directory Hijacking Vulnerability in Keycloak | |||
| CVE-2021-45960 | high | — | 8.0 | 4y ago | RHSA-2022:0951: expat security update (Important) | |||
| CVE-2021-4154 | high | — | 8.0 | 4y ago | A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation b… | |||
| CVE-2021-30560 | high | — | 8.0 | 4y ago | Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2021-21237 | high | — | 8.0 | 4y ago | Git LFS is a command line extension for managing large files with Git. On Windows, if Git LFS operates on a malicious repository with a git.bat or git.exe file in the current directory, that program … | |||
| CVE-2021-45417 | high | — | 8.0 | 4y ago | RHSA-2022:0441: aide security update (Important) | |||
| CVE-2021-41035 | high | — | 8.0 | 4y ago | RHSA-2022:0345: java-1.8.0-ibm security update (Important) | |||
| CVE-2021-35560 | high | — | 8.0 | 4y ago | RHSA-2022:0345: java-1.8.0-ibm security update (Important) | |||
| CVE-2021-4155 | high | — | 8.0 | 4y ago | A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS … | |||
| CVE-2021-45463 | high | — | 8.0 | 4y ago | RHSA-2022:0177: gegl04 security update (Important) | |||
| CVE-2021-4140 | high | — | 8.0 | 4y ago | It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. | |||
| CVE-2021-44716 | high | — | 8.0 | 5y ago | net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests. | |||
| CVE-2021-44227 | high | — | 8.0 | 5y ago | RHSA-2021:4916: mailman:2.1 security update (Important) | |||
| CVE-2021-23192 | high | — | 8.0 | 5y ago | RHSA-2021:5082: samba security update (Important) | |||
| CVE-2021-43528 | high | — | 8.0 | 5y ago | multiple issues in thunderbird | |||
| CVE-2021-43546 | high | — | 8.0 | 5y ago | It was possible to recreate previous cursor spoofing attacks against users with a zoomed native cursor. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95. | |||
| CVE-2021-41090 | high | — | 8.0 | 5y ago | Instance config inline secret exposure in Grafana in github.com/grafana/agent | |||
| CVE-2021-43541 | high | — | 8.0 | 5y ago | When invoking protocol handlers for external protocols, a supplied parameter URL containing spaces was not properly escaped. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and… | |||
| CVE-2021-43536 | high | — | 8.0 | 5y ago | Under certain circumstances, asynchronous functions could have caused a navigation to fail but expose the target URL. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefo… | |||
| CVE-2021-43543 | high | — | 8.0 | 5y ago | Documents loaded with the CSP sandbox directive could have escaped the sandbox's script restriction by embedding additional content. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.… | |||
| CVE-2021-43537 | high | — | 8.0 | 5y ago | An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Thunderbird < 91.4.0, F… | |||
| CVE-2021-43538 | high | — | 8.0 | 5y ago | By misusing a race in our notification code, an attacker could have forcefully hidden the notification for pages that had received full screen and pointer lock access, which could have been used for … | |||
| CVE-2021-43542 | high | — | 8.0 | 5y ago | Using XMLHttpRequest, an attacker could have identified installed applications by probing error messages for loading external protocols. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR <… | |||
| CVE-2021-43545 | high | — | 8.0 | 5y ago | Using the Location API in a loop could have caused severe application hangs and crashes. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95. | |||
| CVE-2021-43539 | high | — | 8.0 | 5y ago | Failure to correctly record the location of live pointers across wasm instance calls resulted in a GC occurring within the call not tracing those live pointers. This could have led to a use-after-fre… | |||
| CVE-2021-4129 | high | — | 8.0 | 5y ago | Mozilla developers and community members Julian Hector, Randell Jesup, Gabriele Svelto, Tyson Smith, Christian Holler, and Masayuki Nakano reported memory safety bugs present in Firefox 94. Some of t… | |||
| CVE-2021-42096 | high | — | 8.0 | 5y ago | RHSA-2021:4826: mailman:2.1 security update (Important) | |||
| CVE-2021-42097 | high | — | 8.0 | 5y ago | RHSA-2021:4826: mailman:2.1 security update (Important) | |||
| CVE-2021-22204 | medium | — | 8.0 | 5y ago | Improper neutralization of user data in the DjVu file format in Exiftool versions 7.44 and up allows arbitrary code execution when parsing the malicious image | |||
| CVE-2021-20317 | high | — | 8.0 | 5y ago | A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueue_add function in lib/timerqueue.c. This flaw allows a local attacker with special us… | |||
| CVE-2021-43267 | high | — | 8.0 | 5y ago | An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient valid… | |||
| CVE-2021-41159 | high | — | 8.0 | 5y ago | RHSA-2021:4622: freerdp security update (Important) | |||
| CVE-2021-41160 | high | — | 8.0 | 5y ago | RHSA-2021:4622: freerdp security update (Important) | |||
| CVE-2021-41208 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the code for boosted trees in TensorFlow is still missing validation. As a result, attackers can trigger denial of ser… | |||
| CVE-2021-41195 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the implementation of `tf.math.segment_*` operations results in a `CHECK`-fail related abort (and denial of service) i… | |||
| CVE-2021-41196 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the Keras pooling layers can trigger a segfault if the size of the pool is 0 or if a dimension is negative. This is du… | |||
| CVE-2021-41197 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions TensorFlow allows tensor to have a large number of dimensions and each dimension can be as large as desired. However, … | |||
| CVE-2021-41198 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions if `tf.tile` is called with a large input argument then the TensorFlow process will crash due to a `CHECK`-failure cau… | |||
| CVE-2021-41199 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions if `tf.image.resize` is called with a large input argument then the TensorFlow process will crash due to a `CHECK`-fai… | |||
| CVE-2021-41200 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions if `tf.summary.create_file_writer` is called with non-scalar arguments code crashes due to a `CHECK`-fail. The fix wil… | |||
| CVE-2021-41201 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affeced versions during execution, `EinsumHelper::ParseEquation()` is supposed to set the flags in `input_has_ellipsis` vector and `*out… | |||
| CVE-2021-41202 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions while calculating the size of the output within the `tf.range` kernel, there is a conditional statement of type `int64… | |||
| CVE-2021-41203 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions an attacker can trigger undefined behavior, integer overflows, segfaults and `CHECK`-fail crashes if they can change s… | |||
| CVE-2021-41204 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions during TensorFlow's Grappler optimizer phase, constant folding might attempt to deep copy a resource tensor. This resu… | |||
| CVE-2021-41205 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the shape inference functions for the `QuantizeAndDequantizeV*` operations can trigger a read outside of bounds of hea… | |||
| CVE-2021-41206 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions several TensorFlow operations are missing validation for the shapes of the tensor arguments involved in the call. Depe… | |||
| CVE-2021-41207 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the implementation of `ParallelConcat` misses some input validation and can produce a division by 0. The fix will be i… | |||
| CVE-2021-41209 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the implementations for convolution operators trigger a division by 0 if passed empty filter tensor arguments. The fix… | |||
| CVE-2021-41210 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the shape inference functions for `SparseCountSparseOutput` can trigger a read outside of bounds of heap allocated arr… | |||
| CVE-2021-41211 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `QuantizeV2` can trigger a read outside of bounds of heap allocated array. This occurs wh… | |||
| CVE-2021-41212 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `tf.ragged.cross` can trigger a read outside of bounds of heap allocated array. The fix w… | |||
| CVE-2021-41213 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the code behind `tf.function` API can be made to deadlock when two `tf.function` decorated Python functions are mutual… | |||
| CVE-2021-41214 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `tf.ragged.cross` has an undefined behavior due to binding a reference to `nullptr`. The … | |||
| CVE-2021-41215 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `DeserializeSparse` can trigger a null pointer dereference. This is because the shape inf… | |||
| CVE-2021-41216 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the shape inference function for `Transpose` is vulnerable to a heap buffer overflow. This occurs whenever `perm` cont… | |||
| CVE-2021-41217 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the process of building the control flow graph for a TensorFlow model is vulnerable to a null pointer exception when n… | |||
| CVE-2021-41218 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `AllToAll` can be made to execute a division by 0. This occurs whenever the `split_count`… | |||
| CVE-2021-41219 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the code for sparse matrix multiplication is vulnerable to undefined behavior via binding a reference to `nullptr`. Th… | |||
| CVE-2021-41220 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the async implementation of `CollectiveReduceV2` suffers from a memory leak and a use after free. This occurs due to t… | |||
| CVE-2021-41221 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for the `Cudnn*` operations in TensorFlow can be tricked into accessing invalid memory, via a… | |||
| CVE-2021-41222 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the implementation of `SplitV` can trigger a segfault is an attacker supplies negative arguments. This occurs whenever… | |||
| CVE-2021-41223 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the implementation of `FusedBatchNorm` kernels is vulnerable to a heap OOB access. The fix will be included in TensorF… | |||
| CVE-2021-41224 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the implementation of `SparseFillEmptyRows` can be made to trigger a heap OOB access. This occurs whenever the size of… | |||
| CVE-2021-41225 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions TensorFlow's Grappler optimizer has a use of unitialized variable. If the `train_nodes` vector (obtained from the save… | |||
| CVE-2021-41226 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the implementation of `SparseBinCount` is vulnerable to a heap OOB access. This is because of missing validation betwe… | |||
| CVE-2021-41227 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the `ImmutableConst` operation in TensorFlow can be tricked into reading arbitrary memory contents. This is because th… | |||
| CVE-2021-41228 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions TensorFlow's `saved_model_cli` tool is vulnerable to a code injection as it calls `eval` on user supplied strings. Thi… | |||
| CVE-2021-35578 | high | — | 8.0 | 5y ago | RHSA-2022:0345: java-1.8.0-ibm security update (Important) | |||
| CVE-2021-35567 | high | — | 8.0 | 5y ago | RHSA-2021:4135: java-17-openjdk security update (Important) | |||
| CVE-2021-35586 | high | — | 8.0 | 5y ago | RHSA-2022:0345: java-1.8.0-ibm security update (Important) | |||
| CVE-2021-35559 | high | — | 8.0 | 5y ago | RHSA-2022:0345: java-1.8.0-ibm security update (Important) | |||
| CVE-2021-35564 | high | — | 8.0 | 5y ago | RHSA-2022:0345: java-1.8.0-ibm security update (Important) | |||
| CVE-2021-20325 | high | — | 8.0 | 5y ago | Missing fixes for CVE-2021-40438 and CVE-2021-26691 in the versions of httpd, as shipped in Red Hat Enterprise Linux 8.5.0, causes a security regression compared to the versions shipped in Red Hat En… | |||
| CVE-2021-38506 | high | — | 8.0 | 5y ago | Through a series of navigations, Firefox could have entered fullscreen mode without notification or warning to the user. This could lead to spoofing attacks on the browser UI including phishing. This… | |||
| CVE-2021-38503 | high | — | 8.0 | 5y ago | The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame. This vulnerability affe… | |||
| CVE-2021-43529 | high | — | 8.0 | 5y ago | RHSA-2021:4130: thunderbird security update (Important) | |||
| CVE-2021-38507 | high | — | 8.0 | 5y ago | The Opportunistic Encryption feature of HTTP2 (RFC 8164) allows a connection to be transparently upgraded to TLS while retaining the visual properties of an HTTP connection, including being same-orig… | |||
| CVE-2021-38504 | high | — | 8.0 | 5y ago | When interacting with an HTML input element's file picker dialog with webkitdirectory set, a use-after-free could have resulted, leading to memory corruption and a potentially exploitable crash. This… | |||
| CVE-2021-38509 | high | — | 8.0 | 5y ago | Due to an unusual sequence of attacker-controlled events, a Javascript alert() dialog with arbitrary (although unstyled) contents could be displayed over top an uncontrolled webpage of the attacker's… | |||
| CVE-2021-38508 | high | — | 8.0 | 5y ago | By displaying a form validity message in the correct location at the same time as a permission prompt (such as for geolocation), the validity message could have obscured the prompt, resulting in the … | |||
| CVE-2021-43534 | high | — | 8.0 | 5y ago | Mozilla developers and community members reported memory safety bugs present in Firefox 93 and Firefox ESR 91.2. Some of these bugs showed evidence of memory corruption and we presume that with enoug… | |||
| CVE-2021-43535 | high | — | 8.0 | 5y ago | A use-after-free could have occured when an HTTP2 session object was released on a different thread, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firef… | |||
| CVE-2021-3656 | high | — | 8.0 | 5y ago | A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a ne… | |||
| CVE-2021-0512 | high | — | 8.0 | 5y ago | In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional … |