CVEs from 2021
Total
4,784
critical
critical 281
high
high 1,014
medium
medium 1,186
low
low 139
% Critical
5.9%
% with KEV
4.5%
% with exploit
5.4%
Top vendors
Top products
- simatic_wincc_runtime_advanced 28
- office 13
- primavera_gateway 10
- weblogic_server 9
- primavera_unifier 8
- modicon_m340_bmxp342020 8
- log4j 8
- mbed_tls 8
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-44568 | medium | — | 5.5 | — | Two heap-overflow vulnerabilities exist in openSUSE/libsolv libsolv through 13 Dec 2020 in the decisionmap variable via the resolve_dependencies function at src/solver.c (line 1940 & line 1995), whic… | |||
| CVE-2021-38166 | medium | — | 5.5 | — | In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds write when many elements are placed in a single bucket. NOTE: exploitation might be impracti… | |||
| CVE-2021-3760 | medium | — | 5.5 | — | A flaw was found in the Linux kernel. A use-after-free vulnerability in the NFC stack can lead to a threat to confidentiality, integrity, and system availability. | |||
| CVE-2021-34693 | medium | — | 5.5 | — | net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized. | |||
| CVE-2021-3491 | medium | — | 5.5 | — | The io_uring subsystem in the Linux kernel allowed the MAX_RW_COUNT limit to be bypassed in the PROVIDE_BUFFERS operation, which led to negative values being usedin mem_rw when reading /proc/<PID>/me… | |||
| CVE-2021-33624 | medium | — | 5.5 | — | In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory loca… | |||
| CVE-2021-32606 | medium | — | 5.5 | — | In the Linux kernel 5.11 through 5.12.2, isotp_setsockopt in net/can/isotp.c allows privilege escalation to root by leveraging a use-after-free. (This does not affect earlier versions that lack CAN I… | |||
| CVE-2021-32078 | medium | — | 5.5 | — | An Out-of-Bounds Read was discovered in arch/arm/mach-footbridge/personal-pci.c in the Linux kernel through 5.12.11 because of the lack of a check for a value that shouldn't be negative, e.g., access… | |||
| CVE-2021-29647 | medium | — | 5.5 | — | An issue was discovered in the Linux kernel before 5.11.11. qrtr_recvmsg in net/qrtr/qrtr.c allows attackers to obtain sensitive information from kernel memory because of a partially uninitialized da… | |||
| CVE-2021-44974 | medium | — | 5.5 | — | radareorg radare2 version 5.5.2 is vulnerable to NULL Pointer Dereference via libr/bin/p/bin_symbols.c binary symbol parser. | |||
| CVE-2021-37861 | medium | — | 5.5 | — | information disclosure in mattermost | |||
| CVE-2021-22568 | medium | — | 5.5 | — | multiple issues in dart | |||
| CVE-2021-29266 | medium | — | 5.5 | — | An issue was discovered in the Linux kernel before 5.11.9. drivers/vhost/vdpa.c has a use-after-free because v->config_ctx has an invalid value upon re-opening a character device, aka CID-f6bbf0010ba… | |||
| CVE-2021-39939 | medium | — | 5.5 | — | multiple issues in gitlab-runner | |||
| CVE-2021-4022 | medium | — | 5.5 | — | multiple issues in rizin | |||
| CVE-2021-43814 | medium | — | 5.5 | — | multiple issues in rizin | |||
| CVE-2021-3935 | medium | — | 5.5 | — | When PgBouncer is configured to use "cert" authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of TLS certificate ver… | |||
| CVE-2021-39947 | medium | — | 5.5 | — | multiple issues in gitlab-runner | |||
| CVE-2021-29648 | medium | — | 5.5 | — | An issue was discovered in the Linux kernel before 5.11.11. The BPF subsystem does not properly consider that resolved_ids and resolved_sizes are intentionally uninitialized in the vmlinux BPF Type F… | |||
| CVE-2021-39918 | medium | — | 5.5 | — | multiple issues in gitlab | |||
| CVE-2021-39916 | medium | — | 5.5 | — | multiple issues in gitlab | |||
| CVE-2021-1093 | medium | — | 5.5 | — | multiple issues in nvidia-utils | |||
| CVE-2021-35057 | medium | — | 5.5 | — | multiple issues in hyperkitty | |||
| CVE-2021-42694 | medium | — | 5.5 | — | content spoofing in rust | |||
| CVE-2021-41801 | medium | — | 5.5 | — | The ReplaceText extension through 1.41 for MediaWiki has Incorrect Access Control. When a user is blocked after submitting a replace job, the job is still run, even if it may be run at a later time (… | |||
| CVE-2021-34479 | medium | — | 5.5 | — | multiple issues in code | |||
| CVE-2021-3496 | medium | — | 5.5 | — | A heap-based buffer overflow was found in jhead in version 3.06 in Get16u() in exif.c when processing a crafted file. | |||
| CVE-2021-26437 | medium | — | 5.5 | — | multiple issues in code | |||
| CVE-2021-4142 | medium | — | 5.5 | — | Moderate: Satellite 6.11 Release | |||
| CVE-2021-30199 | medium | — | 5.5 | — | In filters/reframe_latm.c in GPAC 1.0.1 there is a Null Pointer Dereference, when gf_filter_pck_get_data is called. The first arg pck may be null with a crafted mp4 file,which results in a crash. | |||
| CVE-2021-40516 | medium | — | 5.5 | — | WeeChat before 3.2.1 allows remote attackers to cause a denial of service (crash) via a crafted WebSocket frame that trigger an out-of-bounds read in plugins/relay/relay-websocket.c in the Relay plug… | |||
| CVE-2021-34477 | medium | — | 5.5 | — | privilege escalation in code | |||
| CVE-2021-34529 | medium | — | 5.5 | — | arbitrary code execution in code | |||
| CVE-2021-30473 | medium | — | 5.5 | — | multiple issues in aom | |||
| CVE-2021-40346 | medium | — | 5.5 | — | An integer overflow exists in HAProxy 2.0 through 2.5 in htx_add_header that can be exploited to perform an HTTP request smuggling attack, allowing an attacker to bypass all configured http-request H… | |||
| CVE-2021-28952 | medium | — | 5.5 | — | An issue was discovered in the Linux kernel through 5.11.8. The sound/soc/qcom/sdm845.c soundwire device driver has a buffer overflow when an unexpected port ID number is encountered, aka CID-1c668e1… | |||
| CVE-2021-41990 | medium | — | 5.5 | — | The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For example, this can be triggered by an unrelated self-signed CA certi… | |||
| CVE-2021-38381 | medium | — | 5.5 | — | multiple issues in live-media | |||
| CVE-2021-32270 | medium | — | 5.5 | — | An issue was discovered in gpac through 20200801. A NULL pointer dereference exists in the function vwid_box_del located in box_code_base.c. It allows an attacker to cause Denial of Service. | |||
| CVE-2021-39283 | medium | — | 5.5 | — | multiple issues in live-media | |||
| CVE-2021-38492 | medium | — | 5.5 | — | When delegating navigations to the operating system, Firefox would accept the `mk` scheme which might allow attackers to launch pages and execute scripts in Internet Explorer in unprivileged mode. *T… | |||
| CVE-2021-44538 | medium | — | 5.5 | — | The olm_session_describe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow. The Olm session object represents a cryptographic channel between two parties. Therefore, its state… | |||
| CVE-2021-22257 | medium | — | 5.5 | — | multiple issues in gitlab | |||
| CVE-2021-32833 | medium | — | 5.5 | — | arbitrary filesystem access in emby-server | |||
| CVE-2021-39282 | medium | — | 5.5 | — | multiple issues in live-media | |||
| CVE-2021-28302 | medium | — | 5.5 | — | A stack overflow in pupnp before version 1.14.5 can cause the denial of service through the Parser_parseDocument() function. ixmlNode_free() will release a child node recursively, which will consume … | |||
| CVE-2021-38380 | medium | — | 5.5 | — | multiple issues in live-media | |||
| CVE-2021-22567 | medium | — | 5.5 | — | multiple issues in dart | |||
| CVE-2021-32137 | medium | — | 5.5 | — | Heap buffer overflow in the URL_GetProtocolType function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file. | |||
| CVE-2021-32139 | medium | — | 5.5 | — | The gf_isom_vp_config_get function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||
| CVE-2021-30157 | medium | — | 5.5 | — | An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. On ChangesList special pages such as Special:RecentChanges and Special:Watchlist, some of the rcfilters-fi… | |||
| CVE-2021-30470 | medium | — | 5.5 | — | A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call among PdfTokenizer::ReadArray(), PdfTokenizer::GetNextVariant() and PdfTokenizer::ReadDataType() functions can lead to a stack overflo… | |||
| CVE-2021-43398 | medium | — | 5.5 | — | private key recovery in crypto++ | |||
| CVE-2021-25321 | medium | — | 5.5 | — | A UNIX Symbolic Link (Symlink) Following vulnerability in arpwatch of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Factory, Leap 15.2 al… | |||
| CVE-2021-3770 | medium | — | 5.5 | — | vim is vulnerable to Heap-based Buffer Overflow | |||
| CVE-2021-40145 | medium | — | 5.5 | — | gdImageGd2Ptr in gd_gd2.c in the GD Graphics Library (aka LibGD) through 2.3.2 has a double free. NOTE: the vendor's position is "The GD2 image format is a proprietary image format of libgd. It has t… | |||
| CVE-2021-30159 | medium | — | 5.5 | — | An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. Users can bypass intended restrictions on deleting pages in certain "fast double move" situations. MovePag… | |||
| CVE-2021-32272 | medium | — | 5.5 | — | An issue was discovered in faad2 before 2.10.0. A heap-buffer-overflow exists in the function stszin located in mp4read.c. It allows an attacker to cause Code Execution. | |||
| CVE-2021-20229 | medium | — | 5.5 | — | A flaw was found in PostgreSQL in versions before 13.2. This flaw allows a user with SELECT privilege on one column to craft a special query that returns all columns of the table. The highest threat … | |||
| CVE-2021-22563 | medium | — | 5.5 | — | Invalid JPEG XL images using libjxl can cause an out of bounds access on a std::vector<std::vector<T>> when rendering splines. The OOB read access can either lead to a segfault, or rendering splines … | |||
| CVE-2021-30583 | medium | — | 5.5 | — | Insufficient policy enforcement in image handling in iOS in Google Chrome on iOS prior to 92.0.4515.107 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||
| CVE-2021-31211 | medium | — | 5.5 | — | arbitrary code execution in code | |||
| CVE-2021-26932 | medium | — | 5.5 | — | An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen. Grant mapping operations often occur in batch hypercalls, where a number of operations are done in a single hypercall,… | |||
| CVE-2021-22233 | medium | — | 5.5 | — | information disclosure in gitlab | |||
| CVE-2021-30475 | medium | — | 5.5 | — | arbitrary code execution in aom | |||
| CVE-2021-39241 | medium | — | 5.5 | — | An issue was discovered in HAProxy 2.0 before 2.0.24, 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. An HTTP method name may contain a space followed by the name of a protected resource.… | |||
| CVE-2021-30156 | medium | — | 5.5 | — | An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. Special:Contributions can leak that a "hidden" user exists. | |||
| CVE-2021-42375 | medium | — | 5.5 | — | An incorrect handling of a special element in Busybox's ash applet leads to denial of service when processing a crafted shell command, due to the shell mistaking specific characters for reserved char… | |||
| CVE-2021-3407 | medium | — | 5.5 | — | A flaw was found in mupdf 1.18.0. Double free of object during linearization may lead to memory corruption and other potential consequences. | |||
| CVE-2021-37232 | medium | — | 5.5 | — | A stack overflow vulnerability occurs in Atomicparsley 20210124.204813.840499f through APar_read64() in src/util.cpp due to the lack of buffer size of uint32_buffer while reading more bytes in APar_r… | |||
| CVE-2021-22185 | medium | — | 5.5 | — | multiple issues in gitlab | |||
| CVE-2021-35940 | medium | — | 5.5 | — | An out-of-bounds array read in the apr_time_exp*() functions was fixed in the Apache Portable Runtime 1.6.3 release (CVE-2017-12613). The fix for this issue was not carried forward to the APR 1.7.x b… | |||
| CVE-2021-22172 | medium | — | 5.5 | — | information disclosure in gitlab | |||
| CVE-2021-36976 | medium | — | 5.5 | — | libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block). | |||
| CVE-2021-42380 | medium | — | 5.5 | — | A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function | |||
| CVE-2021-23180 | medium | — | 5.5 | — | A flaw was found in htmldoc in v1.9.12 and before. Null pointer dereference in file_extension(),in file.c may lead to execute arbitrary code and denial of service. | |||
| CVE-2021-3532 | medium | — | 5.5 | — | information disclosure in ansible | |||
| CVE-2021-34340 | medium | — | 5.5 | — | multiple issues in ming | |||
| CVE-2021-34341 | medium | — | 5.5 | — | multiple issues in ming | |||
| CVE-2021-31255 | medium | — | 5.5 | — | Buffer overflow in the abst_box_read function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file. | |||
| CVE-2021-32438 | medium | — | 5.5 | — | The gf_media_export_filters function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||
| CVE-2021-37964 | medium | — | 5.5 | — | Inappropriate implementation in ChromeOS Networking in Google Chrome on ChromeOS prior to 94.0.4606.54 allowed an attacker with a rogue wireless access point to to potentially carryout a wifi imperso… | |||
| CVE-2021-44541 | medium | — | 5.5 | — | A vulnerability was found in Privoxy which was fixed in process_encrypted_request_headers() by freeing header memory when failing to get the request destination. | |||
| CVE-2021-3605 | medium | — | 5.5 | — | There's a flaw in OpenEXR's rleUncompress functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds… | |||
| CVE-2021-41991 | medium | — | 5.5 | — | The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests with different certificates to fill the cache and later trigger the replacement o… | |||
| CVE-2021-42374 | medium | — | 5.5 | — | An out-of-bounds heap read in Busybox's unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed. This can be triggered by any applet/format th… | |||
| CVE-2021-42382 | medium | — | 5.5 | — | A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s function | |||
| CVE-2021-3618 | medium | — | 5.5 | — | ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certifica… | |||
| CVE-2021-3905 | medium | — | 5.5 | — | A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments. | |||
| CVE-2021-2161 | medium | — | 5.5 | — | Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u291, 8u281, 11.… | |||
| CVE-2021-26930 | medium | — | 5.5 | — | An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. To service requests to the PV backend, the driver maps grant references provided by the frontend. In this process, er… | |||
| CVE-2021-23976 | medium | — | 5.5 | — | When accepting a malicious intent from other installed apps, Firefox for Android accepted manifests from arbitrary file paths and allowed declaring webapp manifests for other origins. This could be u… | |||
| CVE-2021-3561 | medium | — | 5.5 | — | An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could allow an attacker to provide a crafted malicious input causing the application to either crash or… | |||
| CVE-2021-20308 | medium | — | 5.5 | — | Integer overflow in the htmldoc 1.9.11 and before may allow attackers to execute arbitrary code and cause a denial of service that is similar to CVE-2017-9181. | |||
| CVE-2021-31879 | medium | — | 5.5 | — | GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007. | |||
| CVE-2021-26931 | medium | — | 5.5 | — | An issue was discovered in the Linux kernel 2.6.39 through 5.10.16, as used in Xen. Block, net, and SCSI backends consider certain errors a plain bug, deliberately causing a kernel crash. For errors … | |||
| CVE-2021-28041 | medium | — | 5.5 | — | ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an … | |||
| CVE-2021-20294 | medium | — | 5.5 | — | A flaw was found in binutils readelf 2.35 program. An attacker who is able to convince a victim using readelf to read a crafted file could trigger a stack buffer overflow, out-of-bounds write of arbi… | |||
| CVE-2021-23134 | medium | — | 5.5 | — | Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privi… | |||
| CVE-2021-30123 | medium | — | 5.5 | — | FFmpeg <=4.3 contains a buffer overflow vulnerability in libavcodec through a crafted file that may lead to remote code execution. |