CVEs from 2021
Total
4,786
critical
critical 281
high
high 1,022
medium
medium 1,179
low
low 138
% Critical
5.9%
% with KEV
4.5%
% with exploit
5.3%
Top vendors
Top products
- simatic_wincc_runtime_advanced 28
- office 13
- primavera_gateway 10
- weblogic_server 9
- primavera_unifier 8
- modicon_m340_bmxp342020 8
- log4j 8
- mbed_tls 8
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-3185 | medium | — | 5.5 | — | A flaw was found in the gstreamer h264 component of gst-plugins-bad before v1.18.1 where when parsing a h264 header, an attacker could cause the stack to be smashed, memory corruption and possibly co… | |||
| CVE-2021-20274 | medium | — | 5.5 | — | A flaw was found in privoxy before 3.0.32. A crash may occur due a NULL-pointer dereference when the socks server misbehaves. | |||
| CVE-2021-40529 | medium | — | 5.5 | — | The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dan… | |||
| CVE-2021-22191 | medium | — | 5.5 | — | Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution via via packet injection or crafted capture file. | |||
| CVE-2021-42383 | medium | — | 5.5 | — | A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function | |||
| CVE-2021-42385 | medium | — | 5.5 | — | A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function | |||
| CVE-2021-22257 | medium | — | 5.5 | — | multiple issues in gitlab | |||
| CVE-2021-42377 | medium | — | 5.5 | — | An attacker-controlled pointer free in Busybox's hush applet leads to denial of service and possible code execution when processing a crafted shell command, due to the shell mishandling the &&& strin… | |||
| CVE-2021-41054 | medium | — | 5.5 | — | tftpd_file.c in atftp through 0.7.4 has a buffer overflow because buffer-size handling does not properly consider the combination of data, OACK, and other options. | |||
| CVE-2021-3755 | medium | — | 5.5 | — | arbitrary command execution in rsync | |||
| CVE-2021-30474 | medium | — | 5.5 | — | multiple issues in aom | |||
| CVE-2021-37601 | medium | — | 5.5 | — | muc.lib.lua in Prosody 0.11.0 through 0.11.9 allows remote attackers to obtain sensitive information (list of admins, members, owners, and banned entities of a Multi-User chat room) in some common co… | |||
| CVE-2021-32833 | medium | — | 5.5 | — | arbitrary filesystem access in emby-server | |||
| CVE-2021-39282 | medium | — | 5.5 | — | multiple issues in live-media | |||
| CVE-2021-21900 | medium | — | 5.5 | — | A code execution vulnerability exists in the dxfRW::processLType() functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dxf file can lead to a use-after-free vulnerability.… | |||
| CVE-2021-33896 | medium | — | 5.5 | — | Dino before 0.1.2 and 0.2.x before 0.2.1 allows Directory Traversal (only for creation of new files) via URI-encoded path separators. | |||
| CVE-2021-22238 | medium | — | 5.5 | — | multiple issues in gitlab | |||
| CVE-2021-21899 | medium | — | 5.5 | — | A code execution vulnerability exists in the dwgCompressor::copyCompBytes21 functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dwg file can lead to a heap buffer overflow… | |||
| CVE-2021-25218 | medium | — | 5.5 | — | In BIND 9.16.19, 9.17.16. Also, version 9.16.19-S1 of BIND Supported Preview Edition When a vulnerable version of named receives a query under the circumstances described above, the named process wil… | |||
| CVE-2021-46142 | medium | — | 5.5 | — | An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax. | |||
| CVE-2021-3681 | medium | — | 5.5 | — | information disclosure in ansible-core | |||
| CVE-2021-36980 | medium | — | 5.5 | — | Open vSwitch (aka openvswitch) 2.11.0 through 2.15.0 has a use-after-free in decode_NXAST_RAW_ENCAP (called from ofpact_decode and ofpacts_decode) during the decoding of a RAW_ENCAP action. | |||
| CVE-2021-30577 | medium | — | 5.5 | — | Insufficient policy enforcement in Installer in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to perform local privilege escalation via a crafted file. | |||
| CVE-2021-38380 | medium | — | 5.5 | — | multiple issues in live-media | |||
| CVE-2021-31214 | medium | — | 5.5 | — | arbitrary code execution in code | |||
| CVE-2021-23206 | medium | — | 5.5 | — | A flaw was found in htmldoc in v1.9.12 and prior. A stack buffer overflow in parse_table() in ps-pdf.cxx may lead to execute arbitrary code and denial of service. | |||
| CVE-2021-22567 | medium | — | 5.5 | — | multiple issues in dart | |||
| CVE-2021-37964 | medium | — | 5.5 | — | Inappropriate implementation in ChromeOS Networking in Google Chrome on ChromeOS prior to 94.0.4606.54 allowed an attacker with a rogue wireless access point to to potentially carryout a wifi imperso… | |||
| CVE-2021-36754 | medium | — | 5.5 | — | PowerDNS Authoritative Server 4.5.0 before 4.5.1 allows anybody to crash the process by sending a specific query (QTYPE 65535) that causes an out-of-bounds exception. | |||
| CVE-2021-38166 | medium | — | 5.5 | — | In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds write when many elements are placed in a single bucket. NOTE: exploitation might be impracti… | |||
| CVE-2021-3760 | medium | — | 5.5 | — | A flaw was found in the Linux kernel. A use-after-free vulnerability in the NFC stack can lead to a threat to confidentiality, integrity, and system availability. | |||
| CVE-2021-34693 | medium | — | 5.5 | — | net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized. | |||
| CVE-2021-3491 | medium | — | 5.5 | — | The io_uring subsystem in the Linux kernel allowed the MAX_RW_COUNT limit to be bypassed in the PROVIDE_BUFFERS operation, which led to negative values being usedin mem_rw when reading /proc/<PID>/me… | |||
| CVE-2021-33624 | medium | — | 5.5 | — | In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory loca… | |||
| CVE-2021-32606 | medium | — | 5.5 | — | In the Linux kernel 5.11 through 5.12.2, isotp_setsockopt in net/can/isotp.c allows privilege escalation to root by leveraging a use-after-free. (This does not affect earlier versions that lack CAN I… | |||
| CVE-2021-32078 | medium | — | 5.5 | — | An Out-of-Bounds Read was discovered in arch/arm/mach-footbridge/personal-pci.c in the Linux kernel through 5.12.11 because of the lack of a check for a value that shouldn't be negative, e.g., access… | |||
| CVE-2021-29647 | medium | — | 5.5 | — | An issue was discovered in the Linux kernel before 5.11.11. qrtr_recvmsg in net/qrtr/qrtr.c allows attackers to obtain sensitive information from kernel memory because of a partially uninitialized da… | |||
| CVE-2021-29266 | medium | — | 5.5 | — | An issue was discovered in the Linux kernel before 5.11.9. drivers/vhost/vdpa.c has a use-after-free because v->config_ctx has an invalid value upon re-opening a character device, aka CID-f6bbf0010ba… | |||
| CVE-2021-29648 | medium | — | 5.5 | — | An issue was discovered in the Linux kernel before 5.11.11. The BPF subsystem does not properly consider that resolved_ids and resolved_sizes are intentionally uninitialized in the vmlinux BPF Type F… | |||
| CVE-2021-3195 | medium | — | 5.5 | — | multiple issues in bitcoin-daemon | |||
| CVE-2021-28952 | medium | — | 5.5 | — | An issue was discovered in the Linux kernel through 5.11.8. The sound/soc/qcom/sdm845.c soundwire device driver has a buffer overflow when an unexpected port ID number is encountered, aka CID-1c668e1… | |||
| CVE-2021-41990 | medium | — | 5.5 | — | The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For example, this can be triggered by an unrelated self-signed CA certi… | |||
| CVE-2021-26932 | medium | — | 5.5 | — | An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen. Grant mapping operations often occur in batch hypercalls, where a number of operations are done in a single hypercall,… | |||
| CVE-2021-26931 | medium | — | 5.5 | — | An issue was discovered in the Linux kernel 2.6.39 through 5.10.16, as used in Xen. Block, net, and SCSI backends consider certain errors a plain bug, deliberately causing a kernel crash. For errors … | |||
| CVE-2021-23134 | medium | — | 5.5 | — | Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privi… | |||
| CVE-2021-20268 | medium | — | 5.5 | — | An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls dev_map_init_map or sock_map_alloc. This flaw all… | |||
| CVE-2021-20226 | medium | — | 5.5 | — | A use-after-free flaw was found in the io_uring in Linux kernel, where a local attacker with a user privilege could cause a denial of service problem on the system The issue results from the lack of … | |||
| CVE-2021-31876 | medium | — | 5.5 | — | multiple issues in bitcoin-daemon | |||
| CVE-2021-44974 | medium | — | 5.5 | — | radareorg radare2 version 5.5.2 is vulnerable to NULL Pointer Dereference via libr/bin/p/bin_symbols.c binary symbol parser. | |||
| CVE-2021-37861 | medium | — | 5.5 | — | information disclosure in mattermost | |||
| CVE-2021-22568 | medium | — | 5.5 | — | multiple issues in dart | |||
| CVE-2021-3472 | medium | — | 5.5 | — | A flaw was found in xorg-x11-server in versions before 1.20.11. An integer underflow can occur in xserver which can lead to a local privilege escalation. The highest threat from this vulnerability is… | |||
| CVE-2021-4022 | medium | — | 5.5 | — | multiple issues in rizin | |||
| CVE-2021-39939 | medium | — | 5.5 | — | multiple issues in gitlab-runner | |||
| CVE-2021-43814 | medium | — | 5.5 | — | multiple issues in rizin | |||
| CVE-2021-3935 | medium | — | 5.5 | — | When PgBouncer is configured to use "cert" authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of TLS certificate ver… | |||
| CVE-2021-39947 | medium | — | 5.5 | — | multiple issues in gitlab-runner | |||
| CVE-2021-39918 | medium | — | 5.5 | — | multiple issues in gitlab | |||
| CVE-2021-39916 | medium | — | 5.5 | — | multiple issues in gitlab | |||
| CVE-2021-32137 | medium | — | 5.5 | — | Heap buffer overflow in the URL_GetProtocolType function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file. | |||
| CVE-2021-32139 | medium | — | 5.5 | — | The gf_isom_vp_config_get function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||
| CVE-2021-35197 | medium | — | 5.5 | — | In MediaWiki before 1.31.15, 1.32.x through 1.35.x before 1.35.3, and 1.36.x before 1.36.1, bots have certain unintended API access. When a bot account has a "sitewide block" applied, it is able to s… | |||
| CVE-2021-30155 | medium | — | 5.5 | — | An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. ContentModelChange does not check if a user has correct permissions to create and set the content model of… | |||
| CVE-2021-32440 | medium | — | 5.5 | — | The Media_RewriteODFrame function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||
| CVE-2021-44543 | medium | — | 5.5 | — | An XSS vulnerability was found in Privoxy which was fixed in cgi_error_no_template() by encode the template name when Privoxy is configured to servce the user-manual itself. | |||
| CVE-2021-44540 | medium | — | 5.5 | — | A vulnerability was found in Privoxy which was fixed in get_url_spec_param() by freeing memory of compiled pattern spec before bailing. | |||
| CVE-2021-20272 | medium | — | 5.5 | — | A flaw was found in privoxy before 3.0.32. An assertion failure could be triggered with a crafted CGI request leading to server crash. | |||
| CVE-2021-28216 | medium | — | 5.5 | — | BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting PcdFirmwarePerformanceDataTableS3Support to FALSE. | |||
| CVE-2021-28156 | medium | — | 5.5 | — | HashiCorp Consul Enterprise version 1.8.0 up to 1.9.4 audit log can be bypassed by specifically crafted HTTP events. Fixed in 1.9.5, and 1.8.10. | |||
| CVE-2021-32134 | medium | — | 5.5 | — | The gf_odf_desc_copy function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||
| CVE-2021-22116 | medium | — | 5.5 | — | denial of service in rabbitmq | |||
| CVE-2021-31256 | medium | — | 5.5 | — | Memory leak in the stbl_GetSampleInfos function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file. | |||
| CVE-2021-21704 | medium | — | 5.5 | — | In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using Firebird PDO driver extension, a malicious database server could cause crashes in various database functions, … | |||
| CVE-2021-35057 | medium | — | 5.5 | — | multiple issues in hyperkitty | |||
| CVE-2021-42381 | medium | — | 5.5 | — | A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init function | |||
| CVE-2021-3561 | medium | — | 5.5 | — | An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could allow an attacker to provide a crafted malicious input causing the application to either crash or… | |||
| CVE-2021-30022 | medium | — | 5.5 | — | There is a integer overflow in media_tools/av_parsers.c in the gf_avc_read_pps_bs_internal in GPAC from 0.5.2 to 1.0.1. pps_id may be a negative number, so it will not return. However, avc->pps only … | |||
| CVE-2021-30015 | medium | — | 5.5 | — | There is a Null Pointer Dereference in function filter_core/filter_pck.c:gf_filter_pck_new_alloc_internal in GPAC 1.0.1. The pid comes from function av1dmx_parse_flush_sample, the ctx.opid maybe NULL… | |||
| CVE-2021-29474 | medium | — | 5.5 | — | information disclosure in hedgedoc | |||
| CVE-2021-30020 | medium | — | 5.5 | — | In the function gf_hevc_read_pps_bs_internal function in media_tools/av_parsers.c in GPAC 1.0.1 there is a loop, which with crafted file, pps->num_tile_columns may be larger than sizeof(pps->column_w… | |||
| CVE-2021-31260 | medium | — | 5.5 | — | The MergeTrack function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||
| CVE-2021-32269 | medium | — | 5.5 | — | An issue was discovered in gpac through 20200801. A NULL pointer dereference exists in the function ilst_item_box_dump located in box_dump.c. It allows an attacker to cause Denial of Service. | |||
| CVE-2021-36370 | medium | — | 5.5 | — | An issue was discovered in Midnight Commander through 4.8.26. When establishing an SFTP connection, the fingerprint of the server is neither checked nor displayed. As a result, a user connects to the… | |||
| CVE-2021-22540 | medium | — | 5.5 | — | cross-site scripting in dart | |||
| CVE-2021-20308 | medium | — | 5.5 | — | Integer overflow in the htmldoc 1.9.11 and before may allow attackers to execute arbitrary code and cause a denial of service that is similar to CVE-2017-9181. | |||
| CVE-2021-42375 | medium | — | 5.5 | — | An incorrect handling of a special element in Busybox's ash applet leads to denial of service when processing a crafted shell command, due to the shell mistaking specific characters for reserved char… | |||
| CVE-2021-23169 | medium | — | 5.5 | — | A heap-buffer overflow was found in the copyIntoFrameBuffer function of OpenEXR in versions before 3.0.1. An attacker could use this flaw to execute arbitrary code with the permissions of the user ru… | |||
| CVE-2021-29993 | medium | — | 5.5 | — | Firefox for Android allowed navigations through the `intent://` protocol, which could be used to cause crashes and UI spoofs. *This bug only affects Firefox for Android. Other operating systems are u… | |||
| CVE-2021-26825 | medium | — | 5.5 | — | An integer overflow issue exists in Godot Engine up to v3.2 that can be triggered when loading specially crafted.TGA image files. The vulnerability exists in ImageLoaderTGA::load_image() function at … | |||
| CVE-2021-42694 | medium | — | 5.5 | — | content spoofing in rust | |||
| CVE-2021-41801 | medium | — | 5.5 | — | The ReplaceText extension through 1.41 for MediaWiki has Incorrect Access Control. When a user is blocked after submitting a replace job, the job is still run, even if it may be run at a later time (… | |||
| CVE-2021-31924 | medium | — | 5.5 | — | Yubico pam-u2f before 1.1.1 has a logic issue that, depending on the pam-u2f configuration and the application used, could lead to a local PIN bypass. This issue does not allow user presence (touch) … | |||
| CVE-2021-39200 | medium | — | 5.5 | — | WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions output data of the function wp_die() can be leaked under… | |||
| CVE-2021-3403 | medium | — | 5.5 | — | In ytnef 1.9.3, the TNEFSubjectHandler function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a double free which can be triggered via a … | |||
| CVE-2021-3404 | medium | — | 5.5 | — | In ytnef 1.9.3, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a heap buffer overflow which can be triggered via a c… | |||
| CVE-2021-42384 | medium | — | 5.5 | — | A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special function | |||
| CVE-2021-26826 | medium | — | 5.5 | — | A stack overflow issue exists in Godot Engine up to v3.2 and is caused by improper boundary checks when loading .TGA image files. Depending on the context of the application, attack vector can be loc… | |||
| CVE-2021-30580 | medium | — | 5.5 | — | Insufficient policy enforcement in Android intents in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious application to obtain potentially sensitive … | |||
| CVE-2021-23957 | medium | — | 5.5 | — | Navigations through the Android-specific `intent` URL scheme could have been misused to escape iframe sandbox. Note: This issue only affected Firefox for Android. Other operating systems are unaffect… | |||
| CVE-2021-30184 | medium | — | 5.5 | — | GNU Chess 6.2.7 allows attackers to execute arbitrary code via crafted PGN (Portable Game Notation) data. This is related to a buffer overflow in the use of a .tmp.epd temporary file in the cmd_pgnlo… |