CVEs from 2021
Total
4,786
critical
critical 281
high
high 1,022
medium
medium 1,179
low
low 138
% Critical
5.9%
% with KEV
4.5%
% with exploit
5.3%
Top vendors
Top products
- simatic_wincc_runtime_advanced 28
- office 13
- primavera_gateway 10
- weblogic_server 9
- primavera_unifier 8
- modicon_m340_bmxp342020 8
- log4j 8
- mbed_tls 8
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-31260 | medium | — | 5.5 | — | The MergeTrack function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||
| CVE-2021-32269 | medium | — | 5.5 | — | An issue was discovered in gpac through 20200801. A NULL pointer dereference exists in the function ilst_item_box_dump located in box_dump.c. It allows an attacker to cause Denial of Service. | |||
| CVE-2021-36370 | medium | — | 5.5 | — | An issue was discovered in Midnight Commander through 4.8.26. When establishing an SFTP connection, the fingerprint of the server is neither checked nor displayed. As a result, a user connects to the… | |||
| CVE-2021-22540 | medium | — | 5.5 | — | cross-site scripting in dart | |||
| CVE-2021-3738 | medium | — | 5.5 | — | In DCE/RPC it is possible to share the handles (cookies for resource state) between multiple connections via a mechanism called 'association groups'. These handles can reference connections to our sa… | |||
| CVE-2021-32138 | medium | — | 5.5 | — | The DumpTrackInfo function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||
| CVE-2021-32268 | medium | — | 5.5 | — | Buffer overflow vulnerability in function gf_fprintf in os_file.c in gpac before 1.0.1 allows attackers to execute arbitrary code. The fixed version is 1.0.1. | |||
| CVE-2021-32271 | medium | — | 5.5 | — | An issue was discovered in gpac through 20200801. A stack-buffer-overflow exists in the function DumpRawUIConfig located in odf_dump.c. It allows an attacker to cause code Execution. | |||
| CVE-2021-21852 | medium | — | 5.5 | — | Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input at “stss”… | |||
| CVE-2021-44143 | medium | — | 5.5 | — | A flaw was found in mbsync in isync 1.4.0 through 1.4.3. Due to an unchecked condition, a malicious or compromised IMAP server could use a crafted mail message that lacks headers (i.e., one that star… | |||
| CVE-2021-31257 | medium | — | 5.5 | — | The HintFile function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||
| CVE-2021-21836 | medium | — | 5.5 | — | An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input using the “ctts”… | |||
| CVE-2021-31259 | medium | — | 5.5 | — | The gf_isom_cenc_get_default_info_internal function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||
| CVE-2021-21834 | medium | — | 5.5 | — | An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input when decoding th… | |||
| CVE-2021-21841 | medium | — | 5.5 | — | An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input when reading an … | |||
| CVE-2021-21844 | medium | — | 5.5 | — | Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input when enco… | |||
| CVE-2021-21851 | medium | — | 5.5 | — | Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input at “csgp”… | |||
| CVE-2021-21853 | medium | — | 5.5 | — | Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause… | |||
| CVE-2021-21860 | medium | — | 5.5 | — | An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an i… | |||
| CVE-2021-32437 | medium | — | 5.5 | — | The gf_hinter_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||
| CVE-2021-23959 | medium | — | 5.5 | — | An XSS bug in internal error pages could have led to various spoofing attacks, including other error pages and the address bar. Note: This issue only affected Firefox for Android. Other operating sys… | |||
| CVE-2021-37969 | medium | — | 5.5 | — | Inappropriate implementation in Google Updater in Google Chrome on Windows prior to 94.0.4606.54 allowed a remote attacker to perform local privilege escalation via a crafted file. | |||
| CVE-2021-23977 | medium | — | 5.5 | — | Firefox for Android suffered from a time-of-check-time-of-use vulnerability that allowed a malicious application to read sensitive data from application directories. Note: This issue is only affected… | |||
| CVE-2021-29993 | medium | — | 5.5 | — | Firefox for Android allowed navigations through the `intent://` protocol, which could be used to cause crashes and UI spoofs. *This bug only affects Firefox for Android. Other operating systems are u… | |||
| CVE-2021-22564 | medium | — | 5.5 | — | For certain valid JPEG XL images with a size slightly larger than an integer number of groups (256x256 pixels) when processing the groups out of order the decoder can perform an out of bounds copy of… | |||
| CVE-2021-1093 | medium | — | 5.5 | — | multiple issues in nvidia-utils | |||
| CVE-2021-44847 | medium | — | 5.5 | — | A stack-based buffer overflow in handle_request function in DHT.c in toxcore 0.1.9 through 0.1.11 and 0.2.0 through 0.2.12 (caused by an improper length calculation during the handling of received ne… | |||
| CVE-2021-29450 | medium | — | 5.5 | — | Wordpress is an open source CMS. One of the blocks in the WordPress editor can be exploited in a way that exposes password-protected posts and pages. This requires at least contributor privileges. Th… | |||
| CVE-2021-39200 | medium | — | 5.5 | — | WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions output data of the function wp_die() can be leaked under… | |||
| CVE-2021-41055 | medium | — | 5.5 | — | Gajim 1.2.x and 1.3.x before 1.3.3 allows remote attackers to cause a denial of service (crash) via a crafted XMPP Last Message Correction (XEP-0308) message in multi-user chat, where the message ID … | |||
| CVE-2021-3403 | medium | — | 5.5 | — | In ytnef 1.9.3, the TNEFSubjectHandler function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a double free which can be triggered via a … | |||
| CVE-2021-3404 | medium | — | 5.5 | — | In ytnef 1.9.3, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a heap buffer overflow which can be triggered via a c… | |||
| CVE-2021-30498 | medium | — | 5.5 | — | A flaw was found in libcaca. A heap buffer overflow in export.c in function export_tga might lead to memory corruption and other potential consequences. | |||
| CVE-2021-30499 | medium | — | 5.5 | — | A flaw was found in libcaca. A buffer overflow of export.c in function export_troff might lead to memory corruption and other potential consequences. | |||
| CVE-2021-1077 | medium | — | 5.5 | — | NVIDIA GPU Display Driver for Windows and Linux, R450 and R460 driver branch, contains a vulnerability where the software uses a reference count to manage a resource that is incorrectly updated, whic… | |||
| CVE-2021-20244 | medium | — | 5.5 | — | A flaw was found in ImageMagick in MagickCore/visual-effects.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division b… | |||
| CVE-2021-20246 | medium | — | 5.5 | — | A flaw was found in ImageMagick in MagickCore/resample.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero… | |||
| CVE-2021-33365 | medium | — | 5.5 | — | Memory leak in the gf_isom_get_root_od function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file. | |||
| CVE-2021-33479 | medium | — | 5.5 | — | A stack-based buffer overflow vulnerability was discovered in gocr through 0.53-20200802 in measure_pitch() in pgm2asc.c. | |||
| CVE-2021-37156 | medium | — | 5.5 | — | Redmine 4.2.0 and 4.2.1 allow existing user sessions to continue upon enabling two-factor authentication for the user's account, but the intended behavior is for those sessions to be terminated. | |||
| CVE-2021-34555 | medium | — | 5.5 | — | OpenDMARC 1.4.1 and 1.4.1.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a multi-value From header field. | |||
| CVE-2021-22117 | medium | — | 5.5 | — | RabbitMQ installers on Windows prior to version 3.8.16 do not harden plugin directory permissions, potentially allowing attackers with sufficient local filesystem permissions to add arbitrary plugins. | |||
| CVE-2021-3119 | medium | — | 5.5 | — | Zetetic SQLCipher 4.x before 4.4.3 has a NULL pointer dereferencing issue related to sqlcipher_export in crypto.c and sqlite3StrICmp in sqlite3.c. This may allow an attacker to perform a remote denia… | |||
| CVE-2021-37600 | medium | — | 5.5 | — | An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/se… | |||
| CVE-2021-1095 | medium | — | 5.5 | — | multiple issues in nvidia-utils | |||
| CVE-2021-1094 | medium | — | 5.5 | — | multiple issues in nvidia-utils | |||
| CVE-2021-27927 | medium | — | 5.5 | — | In Zabbix from 4.0.x before 4.0.28rc1, 5.0.0alpha1 before 5.0.10rc1, 5.2.x before 5.2.6rc1, and 5.4.0alpha1 before 5.4.0beta2, the CControllerAuthenticationUpdate controller lacks a CSRF protection m… | |||
| CVE-2021-27799 | medium | — | 5.5 | — | ean_leading_zeroes in backend/upcean.c in Zint Barcode Generator 2.9.1 has a stack-based buffer overflow that is reachable from the C API through an application that includes the Zint Barcode Generat… | |||
| CVE-2021-20227 | medium | — | 5.5 | — | A flaw was found in SQLite's SELECT query functionality (src/select.c). This flaw allows an attacker who is capable of running SQL queries locally on the SQLite database to cause a denial of service … | |||
| CVE-2021-30472 | medium | — | 5.5 | — | A flaw was found in PoDoFo 0.9.7. A stack-based buffer overflow in PdfEncryptMD5Base::ComputeOwnerKey function in PdfEncrypt.cpp is possible because of a improper check of the keyLength value. | |||
| CVE-2021-3739 | medium | — | 5.5 | — | A NULL pointer dereference flaw was found in the btrfs_rm_device function in fs/btrfs/volumes.c in the Linux Kernel, where triggering the bug requires ‘CAP_SYS_ADMIN’. This flaw allows a local attack… | |||
| CVE-2021-38204 | medium | — | 5.5 | — | drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in cer… | |||
| CVE-2021-38208 | medium | — | 5.5 | — | net/nfc/llcp_sock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service (NULL pointer dereference and BUG) by making a getsockname call after a certain typ… | |||
| CVE-2021-3847 | medium | — | 5.5 | — | An unauthorized access to the execution of the setuid file with capabilities flaw in the Linux kernel OverlayFS subsystem was found in the way user copying a capable file from a nosuid mount into ano… | |||
| CVE-2021-4001 | medium | — | 5.5 | — | A race condition was found in the Linux kernel's ebpf verifier between bpf_map_update_elem and bpf_map_freeze due to a missing lock in kernel/bpf/syscall.c. In this flaw, a local user with a special … | |||
| CVE-2021-4095 | medium | — | 5.5 | — | A NULL pointer dereference was found in the Linux kernel's KVM when dirty ring logging is enabled without an active vCPU context. An unprivileged local attacker on the host may use this flaw to cause… | |||
| CVE-2021-38115 | medium | — | 5.5 | — | read_header_tga in gd_tga.c in the GD Graphics Library (aka LibGD) through 2.3.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file. | |||
| CVE-2021-22169 | medium | — | 5.5 | — | information disclosure in gitlab | |||
| CVE-2021-38291 | medium | — | 5.5 | — | FFmpeg version (git commit de8e6e67e7523e48bb27ac224a0b446df05e1640) suffers from a an assertion failure at src/libavutil/mathematics.c. | |||
| CVE-2021-42694 | medium | — | 5.5 | — | content spoofing in rust | |||
| CVE-2021-41801 | medium | — | 5.5 | — | The ReplaceText extension through 1.41 for MediaWiki has Incorrect Access Control. When a user is blocked after submitting a replace job, the job is still run, even if it may be run at a later time (… | |||
| CVE-2021-3496 | medium | — | 5.5 | — | A heap-based buffer overflow was found in jhead in version 3.06 in Get16u() in exif.c when processing a crafted file. | |||
| CVE-2021-34479 | medium | — | 5.5 | — | multiple issues in code | |||
| CVE-2021-26437 | medium | — | 5.5 | — | multiple issues in code | |||
| CVE-2021-22233 | medium | — | 5.5 | — | information disclosure in gitlab | |||
| CVE-2021-21848 | medium | — | 5.5 | — | An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. The library will actually reuse the parser for at… | |||
| CVE-2021-29653 | medium | — | 5.5 | — | certificate verification bypass in vault | |||
| CVE-2021-21849 | medium | — | 5.5 | — | An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an int… | |||
| CVE-2021-30156 | medium | — | 5.5 | — | An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. Special:Contributions can leak that a "hidden" user exists. | |||
| CVE-2021-3407 | medium | — | 5.5 | — | A flaw was found in mupdf 1.18.0. Double free of object during linearization may lead to memory corruption and other potential consequences. | |||
| CVE-2021-22185 | medium | — | 5.5 | — | multiple issues in gitlab | |||
| CVE-2021-44568 | medium | — | 5.5 | — | Two heap-overflow vulnerabilities exist in openSUSE/libsolv libsolv through 13 Dec 2020 in the decisionmap variable via the resolve_dependencies function at src/solver.c (line 1940 & line 1995), whic… | |||
| CVE-2021-20226 | medium | — | 5.5 | — | A use-after-free flaw was found in the io_uring in Linux kernel, where a local attacker with a user privilege could cause a denial of service problem on the system The issue results from the lack of … | |||
| CVE-2021-20268 | medium | — | 5.5 | — | An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls dev_map_init_map or sock_map_alloc. This flaw all… | |||
| CVE-2021-23134 | medium | — | 5.5 | — | Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privi… | |||
| CVE-2021-26931 | medium | — | 5.5 | — | An issue was discovered in the Linux kernel 2.6.39 through 5.10.16, as used in Xen. Block, net, and SCSI backends consider certain errors a plain bug, deliberately causing a kernel crash. For errors … | |||
| CVE-2021-26932 | medium | — | 5.5 | — | An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen. Grant mapping operations often occur in batch hypercalls, where a number of operations are done in a single hypercall,… | |||
| CVE-2021-41990 | medium | — | 5.5 | — | The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For example, this can be triggered by an unrelated self-signed CA certi… | |||
| CVE-2021-28952 | medium | — | 5.5 | — | An issue was discovered in the Linux kernel through 5.11.8. The sound/soc/qcom/sdm845.c soundwire device driver has a buffer overflow when an unexpected port ID number is encountered, aka CID-1c668e1… | |||
| CVE-2021-29648 | medium | — | 5.5 | — | An issue was discovered in the Linux kernel before 5.11.11. The BPF subsystem does not properly consider that resolved_ids and resolved_sizes are intentionally uninitialized in the vmlinux BPF Type F… | |||
| CVE-2021-29266 | medium | — | 5.5 | — | An issue was discovered in the Linux kernel before 5.11.9. drivers/vhost/vdpa.c has a use-after-free because v->config_ctx has an invalid value upon re-opening a character device, aka CID-f6bbf0010ba… | |||
| CVE-2021-29647 | medium | — | 5.5 | — | An issue was discovered in the Linux kernel before 5.11.11. qrtr_recvmsg in net/qrtr/qrtr.c allows attackers to obtain sensitive information from kernel memory because of a partially uninitialized da… | |||
| CVE-2021-32078 | medium | — | 5.5 | — | An Out-of-Bounds Read was discovered in arch/arm/mach-footbridge/personal-pci.c in the Linux kernel through 5.12.11 because of the lack of a check for a value that shouldn't be negative, e.g., access… | |||
| CVE-2021-33624 | medium | — | 5.5 | — | In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory loca… | |||
| CVE-2021-3491 | medium | — | 5.5 | — | The io_uring subsystem in the Linux kernel allowed the MAX_RW_COUNT limit to be bypassed in the PROVIDE_BUFFERS operation, which led to negative values being usedin mem_rw when reading /proc/<PID>/me… | |||
| CVE-2021-34693 | medium | — | 5.5 | — | net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized. | |||
| CVE-2021-3760 | medium | — | 5.5 | — | A flaw was found in the Linux kernel. A use-after-free vulnerability in the NFC stack can lead to a threat to confidentiality, integrity, and system availability. | |||
| CVE-2021-38166 | medium | — | 5.5 | — | In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds write when many elements are placed in a single bucket. NOTE: exploitation might be impracti… | |||
| CVE-2021-42762 | medium | — | 5.5 | — | BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not con… | |||
| CVE-2021-36980 | medium | — | 5.5 | — | Open vSwitch (aka openvswitch) 2.11.0 through 2.15.0 has a use-after-free in decode_NXAST_RAW_ENCAP (called from ofpact_decode and ofpacts_decode) during the decoding of a RAW_ENCAP action. | |||
| CVE-2021-32490 | medium | — | 5.5 | — | A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds write in function DJVU::filter_bv() via crafted djvu file may lead to application crash and other consequences. | |||
| CVE-2021-3418 | medium | — | 5.5 | — | If certificates that signed grub are installed into db, grub can be booted directly. It will then boot any kernel without signature validation. The booted kernel will think it was booted in secureboo… | |||
| CVE-2021-34548 | medium | — | 5.5 | — | An issue was discovered in Tor before 0.4.6.5, aka TROVE-2021-003. An attacker can forge RELAY_END or RELAY_RESOLVED to bypass the intended access control for ending a stream. | |||
| CVE-2021-34549 | medium | — | 5.5 | — | An issue was discovered in Tor before 0.4.6.5, aka TROVE-2021-005. Hashing is mishandled for certain retrieval of circuit data. Consequently. an attacker can trigger the use of an attacker-chosen cir… | |||
| CVE-2021-25218 | medium | — | 5.5 | — | In BIND 9.16.19, 9.17.16. Also, version 9.16.19-S1 of BIND Supported Preview Edition When a vulnerable version of named receives a query under the circumstances described above, the named process wil… | |||
| CVE-2021-22191 | medium | — | 5.5 | — | Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution via via packet injection or crafted capture file. | |||
| CVE-2021-32278 | medium | — | 5.5 | — | An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function lt_prediction located in lt_predict.c. It allows an attacker to cause code Execution. | |||
| CVE-2021-28213 | medium | — | 5.5 | — | Example EDK2 encrypted private key in the IpSecDxe.efi present potential security risks. | |||
| CVE-2021-27229 | medium | — | 5.5 | — | arbitrary code execution in mumble | |||
| CVE-2021-30501 | medium | — | 5.5 | — | An assertion abort was found in upx MemBuffer::alloc() in mem.cpp, in version UPX 4.0.0. The flow allows attackers to cause a denial of service (abort) via a crafted file. |