CVEs from 2021
Total
4,786
critical
critical 281
high
high 1,022
medium
medium 1,179
low
low 138
% Critical
5.9%
% with KEV
4.5%
% with exploit
5.3%
Top vendors
Top products
- simatic_wincc_runtime_advanced 28
- office 13
- primavera_gateway 10
- weblogic_server 9
- primavera_unifier 8
- modicon_m340_bmxp342020 8
- log4j 8
- mbed_tls 8
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-42382 | medium | — | 5.5 | — | A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s function | |||
| CVE-2021-20292 | medium | — | 5.5 | — | There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm in Nouveau DRM subsystem. The issue results from the lack of… | |||
| CVE-2021-3746 | medium | — | 5.5 | — | A flaw was found in the libtpms code that may cause access beyond the boundary of internal buffers. The vulnerability is triggered by specially-crafted TPM2 command packets that then trigger the issu… | |||
| CVE-2021-42762 | medium | — | 5.5 | — | BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not con… | |||
| CVE-2021-37231 | medium | — | 5.5 | — | A stack-buffer-overflow occurs in Atomicparsley 20210124.204813.840499f through APar_readX() in src/util.cpp while parsing a crafted mp4 file because of the missing boundary check. | |||
| CVE-2021-21838 | medium | — | 5.5 | — | Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause… | |||
| CVE-2021-43518 | medium | — | 5.5 | — | Teeworlds up to and including 0.7.5 is vulnerable to Buffer Overflow. A map parser does not validate m_Channels value coming from a map file, leading to a buffer overflow. A malicious server may offe… | |||
| CVE-2021-32294 | medium | — | 5.5 | — | An issue was discovered in libgig through 20200507. A heap-buffer-overflow exists in the function RIFF::List::GetSubList located in RIFF.cpp. It allows an attacker to cause code Execution. | |||
| CVE-2021-3618 | medium | — | 5.5 | — | ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certifica… | |||
| CVE-2021-3905 | medium | — | 5.5 | — | A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments. | |||
| CVE-2021-23210 | medium | — | 5.5 | — | A floating point exception (divide-by-zero) issue was discovered in SoX in functon read_samples() of voc.c file. An attacker with a crafted file, could cause an application to crash. | |||
| CVE-2021-31879 | medium | — | 5.5 | — | GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007. | |||
| CVE-2021-3561 | medium | — | 5.5 | — | An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could allow an attacker to provide a crafted malicious input causing the application to either crash or… | |||
| CVE-2021-23159 | medium | — | 5.5 | — | A vulnerability was found in SoX, where a heap-buffer-overflow occurs in function lsx_read_w_buf() in formats_i.c file. The vulnerability is exploitable with a crafted file, that could cause an appli… | |||
| CVE-2021-33363 | medium | — | 5.5 | — | Memory leak in the infe_box_read function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file. | |||
| CVE-2021-32439 | medium | — | 5.5 | — | Buffer overflow in the stbl_AppendSize function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file. | |||
| CVE-2021-36976 | medium | — | 5.5 | — | libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block). | |||
| CVE-2021-22540 | medium | — | 5.5 | — | cross-site scripting in dart | |||
| CVE-2021-37964 | medium | — | 5.5 | — | Inappropriate implementation in ChromeOS Networking in Google Chrome on ChromeOS prior to 94.0.4606.54 allowed an attacker with a rogue wireless access point to to potentially carryout a wifi imperso… | |||
| CVE-2021-36370 | medium | — | 5.5 | — | An issue was discovered in Midnight Commander through 4.8.26. When establishing an SFTP connection, the fingerprint of the server is neither checked nor displayed. As a result, a user connects to the… | |||
| CVE-2021-20308 | medium | — | 5.5 | — | Integer overflow in the htmldoc 1.9.11 and before may allow attackers to execute arbitrary code and cause a denial of service that is similar to CVE-2017-9181. | |||
| CVE-2021-23206 | medium | — | 5.5 | — | A flaw was found in htmldoc in v1.9.12 and prior. A stack buffer overflow in parse_table() in ps-pdf.cxx may lead to execute arbitrary code and denial of service. | |||
| CVE-2021-32269 | medium | — | 5.5 | — | An issue was discovered in gpac through 20200801. A NULL pointer dereference exists in the function ilst_item_box_dump located in box_dump.c. It allows an attacker to cause Denial of Service. | |||
| CVE-2021-31260 | medium | — | 5.5 | — | The MergeTrack function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||
| CVE-2021-30020 | medium | — | 5.5 | — | In the function gf_hevc_read_pps_bs_internal function in media_tools/av_parsers.c in GPAC 1.0.1 there is a loop, which with crafted file, pps->num_tile_columns may be larger than sizeof(pps->column_w… | |||
| CVE-2021-29474 | medium | — | 5.5 | — | information disclosure in hedgedoc | |||
| CVE-2021-30015 | medium | — | 5.5 | — | There is a Null Pointer Dereference in function filter_core/filter_pck.c:gf_filter_pck_new_alloc_internal in GPAC 1.0.1. The pid comes from function av1dmx_parse_flush_sample, the ctx.opid maybe NULL… | |||
| CVE-2021-30022 | medium | — | 5.5 | — | There is a integer overflow in media_tools/av_parsers.c in the gf_avc_read_pps_bs_internal in GPAC from 0.5.2 to 1.0.1. pps_id may be a negative number, so it will not return. However, avc->pps only … | |||
| CVE-2021-20243 | medium | — | 5.5 | — | A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. … | |||
| CVE-2021-20241 | medium | — | 5.5 | — | A flaw was found in ImageMagick in coders/jp2.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The hig… | |||
| CVE-2021-20245 | medium | — | 5.5 | — | A flaw was found in ImageMagick in coders/webp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The hi… | |||
| CVE-2021-39212 | medium | — | 5.5 | — | ImageMagick is free software delivered as a ready-to-run binary distribution or as source code that you may use, copy, modify, and distribute in both open and proprietary applications. In affected ve… | |||
| CVE-2021-3610 | medium | — | 5.5 | — | A heap-based buffer overflow vulnerability was found in ImageMagick in versions prior to 7.0.11-14 in ReadTIFFImage() in coders/tiff.c. This issue is due to an incorrect setting of the pixel array si… | |||
| CVE-2021-3962 | medium | — | 5.5 | — | A flaw was found in ImageMagick where it did not properly sanitize certain input before using it to invoke convert processes. This flaw allows an attacker to create a specially crafted image that lea… | |||
| CVE-2021-21706 | medium | — | 5.5 | — | In PHP versions 7.3.x below 7.3.31, 7.4.x below 7.4.24 and 8.0.x below 8.0.11, in Microsoft Windows environment, ZipArchive::extractTo may be tricked into writing a file outside target directory when… | |||
| CVE-2021-26825 | medium | — | 5.5 | — | An integer overflow issue exists in Godot Engine up to v3.2 that can be triggered when loading specially crafted.TGA image files. The vulnerability exists in ImageLoaderTGA::load_image() function at … | |||
| CVE-2021-21845 | medium | — | 5.5 | — | Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input in “stsc”… | |||
| CVE-2021-26437 | medium | — | 5.5 | — | multiple issues in code | |||
| CVE-2021-34479 | medium | — | 5.5 | — | multiple issues in code | |||
| CVE-2021-3496 | medium | — | 5.5 | — | A heap-based buffer overflow was found in jhead in version 3.06 in Get16u() in exif.c when processing a crafted file. | |||
| CVE-2021-21855 | medium | — | 5.5 | — | Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause… | |||
| CVE-2021-3349 | medium | — | 5.5 | — | GNOME Evolution through 3.38.3 produces a "Valid signature" message for an unknown identifier on a previously trusted key because Evolution does not retrieve enough information from the GnuPG API. NO… | |||
| CVE-2021-21843 | medium | — | 5.5 | — | Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause… | |||
| CVE-2021-41801 | medium | — | 5.5 | — | The ReplaceText extension through 1.41 for MediaWiki has Incorrect Access Control. When a user is blocked after submitting a replace job, the job is still run, even if it may be run at a later time (… | |||
| CVE-2021-42694 | medium | — | 5.5 | — | content spoofing in rust | |||
| CVE-2021-21862 | medium | — | 5.5 | — | Multiple exploitable integer truncation vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cau… | |||
| CVE-2021-32136 | medium | — | 5.5 | — | Heap buffer overflow in the print_udta function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file. | |||
| CVE-2021-21839 | medium | — | 5.5 | — | Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause… | |||
| CVE-2021-39918 | medium | — | 5.5 | — | multiple issues in gitlab | |||
| CVE-2021-39947 | medium | — | 5.5 | — | multiple issues in gitlab-runner | |||
| CVE-2021-22568 | medium | — | 5.5 | — | multiple issues in dart | |||
| CVE-2021-44974 | medium | — | 5.5 | — | radareorg radare2 version 5.5.2 is vulnerable to NULL Pointer Dereference via libr/bin/p/bin_symbols.c binary symbol parser. | |||
| CVE-2021-21835 | medium | — | 5.5 | — | An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input when decoding th… | |||
| CVE-2021-32490 | medium | — | 5.5 | — | A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds write in function DJVU::filter_bv() via crafted djvu file may lead to application crash and other consequences. | |||
| CVE-2021-21856 | medium | — | 5.5 | — | Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause… | |||
| CVE-2021-31876 | medium | — | 5.5 | — | multiple issues in bitcoin-daemon | |||
| CVE-2021-38382 | medium | — | 5.5 | — | multiple issues in live-media | |||
| CVE-2021-44542 | medium | — | 5.5 | — | A memory leak vulnerability was found in Privoxy when handling errors. | |||
| CVE-2021-38114 | medium | — | 5.5 | — | libavcodec/dnxhddec.c in FFmpeg 4.4 does not check the return value of the init_vlc function, a similar issue to CVE-2013-0868. | |||
| CVE-2021-22117 | medium | — | 5.5 | — | RabbitMQ installers on Windows prior to version 3.8.16 do not harden plugin directory permissions, potentially allowing attackers with sufficient local filesystem permissions to add arbitrary plugins. | |||
| CVE-2021-34555 | medium | — | 5.5 | — | OpenDMARC 1.4.1 and 1.4.1.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a multi-value From header field. | |||
| CVE-2021-30471 | medium | — | 5.5 | — | A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call in PdfNamesTree::AddToDictionary function in src/podofo/doc/PdfNamesTree.cpp can lead to a stack overflow. | |||
| CVE-2021-4001 | medium | — | 5.5 | — | A race condition was found in the Linux kernel's ebpf verifier between bpf_map_update_elem and bpf_map_freeze due to a missing lock in kernel/bpf/syscall.c. In this flaw, a local user with a special … | |||
| CVE-2021-36754 | medium | — | 5.5 | — | PowerDNS Authoritative Server 4.5.0 before 4.5.1 allows anybody to crash the process by sending a specific query (QTYPE 65535) that causes an out-of-bounds exception. | |||
| CVE-2021-29647 | medium | — | 5.5 | — | An issue was discovered in the Linux kernel before 5.11.11. qrtr_recvmsg in net/qrtr/qrtr.c allows attackers to obtain sensitive information from kernel memory because of a partially uninitialized da… | |||
| CVE-2021-29266 | medium | — | 5.5 | — | An issue was discovered in the Linux kernel before 5.11.9. drivers/vhost/vdpa.c has a use-after-free because v->config_ctx has an invalid value upon re-opening a character device, aka CID-f6bbf0010ba… | |||
| CVE-2021-29648 | medium | — | 5.5 | — | An issue was discovered in the Linux kernel before 5.11.11. The BPF subsystem does not properly consider that resolved_ids and resolved_sizes are intentionally uninitialized in the vmlinux BPF Type F… | |||
| CVE-2021-28952 | medium | — | 5.5 | — | An issue was discovered in the Linux kernel through 5.11.8. The sound/soc/qcom/sdm845.c soundwire device driver has a buffer overflow when an unexpected port ID number is encountered, aka CID-1c668e1… | |||
| CVE-2021-41990 | medium | — | 5.5 | — | The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For example, this can be triggered by an unrelated self-signed CA certi… | |||
| CVE-2021-26932 | medium | — | 5.5 | — | An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen. Grant mapping operations often occur in batch hypercalls, where a number of operations are done in a single hypercall,… | |||
| CVE-2021-26931 | medium | — | 5.5 | — | An issue was discovered in the Linux kernel 2.6.39 through 5.10.16, as used in Xen. Block, net, and SCSI backends consider certain errors a plain bug, deliberately causing a kernel crash. For errors … | |||
| CVE-2021-44568 | medium | — | 5.5 | — | Two heap-overflow vulnerabilities exist in openSUSE/libsolv libsolv through 13 Dec 2020 in the decisionmap variable via the resolve_dependencies function at src/solver.c (line 1940 & line 1995), whic… | |||
| CVE-2021-36980 | medium | — | 5.5 | — | Open vSwitch (aka openvswitch) 2.11.0 through 2.15.0 has a use-after-free in decode_NXAST_RAW_ENCAP (called from ofpact_decode and ofpacts_decode) during the decoding of a RAW_ENCAP action. | |||
| CVE-2021-4142 | medium | — | 5.5 | — | Moderate: Satellite 6.11 Release | |||
| CVE-2021-34550 | medium | — | 5.5 | — | An issue was discovered in Tor before 0.4.6.5, aka TROVE-2021-006. The v3 onion service descriptor parsing allows out-of-bounds memory access, and a client crash, via a crafted onion service descript… | |||
| CVE-2021-40540 | medium | — | 5.5 | — | ulfius_uri_logger in Ulfius HTTP Framework before 2.7.4 omits con_info initialization and a con_info->request NULL check for certain malformed HTTP requests. | |||
| CVE-2021-3681 | medium | — | 5.5 | — | information disclosure in ansible-core | |||
| CVE-2021-46142 | medium | — | 5.5 | — | An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax. | |||
| CVE-2021-21899 | medium | — | 5.5 | — | A code execution vulnerability exists in the dwgCompressor::copyCompBytes21 functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dwg file can lead to a heap buffer overflow… | |||
| CVE-2021-33896 | medium | — | 5.5 | — | Dino before 0.1.2 and 0.2.x before 0.2.1 allows Directory Traversal (only for creation of new files) via URI-encoded path separators. | |||
| CVE-2021-21900 | medium | — | 5.5 | — | A code execution vulnerability exists in the dxfRW::processLType() functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dxf file can lead to a use-after-free vulnerability.… | |||
| CVE-2021-37601 | medium | — | 5.5 | — | muc.lib.lua in Prosody 0.11.0 through 0.11.9 allows remote attackers to obtain sensitive information (list of admins, members, owners, and banned entities of a Multi-User chat room) in some common co… | |||
| CVE-2021-3755 | medium | — | 5.5 | — | arbitrary command execution in rsync | |||
| CVE-2021-34434 | medium | — | 5.5 | — | In Eclipse Mosquitto versions 2.0 to 2.0.11, when using the dynamic security plugin, if the ability for a client to make subscriptions on a topic is revoked when a durable client is offline, then exi… | |||
| CVE-2021-20275 | medium | — | 5.5 | — | A flaw was found in privoxy before 3.0.32. A invalid read of size two may occur in chunked_body_is_complete() leading to denial of service. | |||
| CVE-2021-27229 | medium | — | 5.5 | — | arbitrary code execution in mumble | |||
| CVE-2021-20242 | medium | — | 5.5 | — | denial of service in imagemagick | |||
| CVE-2021-32437 | medium | — | 5.5 | — | The gf_hinter_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||
| CVE-2021-30500 | medium | — | 5.5 | — | Null pointer dereference was found in upx PackLinuxElf::canUnpack() in p_lx_elf.cpp,in version UPX 4.0.0. That allow attackers to execute arbitrary code and cause a denial of service via a crafted fi… | |||
| CVE-2021-38492 | medium | — | 5.5 | — | When delegating navigations to the operating system, Firefox would accept the `mk` scheme which might allow attackers to launch pages and execute scripts in Internet Explorer in unprivileged mode. *T… | |||
| CVE-2021-44538 | medium | — | 5.5 | — | The olm_session_describe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow. The Olm session object represents a cryptographic channel between two parties. Therefore, its state… | |||
| CVE-2021-30577 | medium | — | 5.5 | — | Insufficient policy enforcement in Installer in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to perform local privilege escalation via a crafted file. | |||
| CVE-2021-32773 | medium | — | 5.5 | — | Racket is a general-purpose programming language and an ecosystem for language-oriented programming. In versions prior to 8.2, code evaluated using the Racket sandbox could cause system modules to in… | |||
| CVE-2021-23977 | medium | — | 5.5 | — | Firefox for Android suffered from a time-of-check-time-of-use vulnerability that allowed a malicious application to read sensitive data from application directories. Note: This issue is only affected… | |||
| CVE-2021-33366 | medium | — | 5.5 | — | Memory leak in the gf_isom_oinf_read_entry function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file. | |||
| CVE-2021-33364 | medium | — | 5.5 | — | Memory leak in the def_parent_box_new function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file. | |||
| CVE-2021-31262 | medium | — | 5.5 | — | The AV1_DuplicateConfig function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||
| CVE-2021-21898 | medium | — | 5.5 | — | A code execution vulnerability exists in the dwgCompressor::decompress18() functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dwg file can lead to an out-of-bounds write.… | |||
| CVE-2021-33361 | medium | — | 5.5 | — | Memory leak in the afra_box_read function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file. | |||
| CVE-2021-30159 | medium | — | 5.5 | — | An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. Users can bypass intended restrictions on deleting pages in certain "fast double move" situations. MovePag… |