CVEs from 2021
Total
4,786
critical
critical 281
high
high 1,022
medium
medium 1,179
low
low 138
% Critical
5.9%
% with KEV
4.5%
% with exploit
5.3%
Top vendors
Top products
- simatic_wincc_runtime_advanced 28
- office 13
- primavera_gateway 10
- weblogic_server 9
- primavera_unifier 8
- modicon_m340_bmxp342020 8
- log4j 8
- mbed_tls 8
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-3935 | medium | — | 5.5 | — | When PgBouncer is configured to use "cert" authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of TLS certificate ver… | |||
| CVE-2021-43814 | medium | — | 5.5 | — | multiple issues in rizin | |||
| CVE-2021-39939 | medium | — | 5.5 | — | multiple issues in gitlab-runner | |||
| CVE-2021-4022 | medium | — | 5.5 | — | multiple issues in rizin | |||
| CVE-2021-22568 | medium | — | 5.5 | — | multiple issues in dart | |||
| CVE-2021-37861 | medium | — | 5.5 | — | information disclosure in mattermost | |||
| CVE-2021-44974 | medium | — | 5.5 | — | radareorg radare2 version 5.5.2 is vulnerable to NULL Pointer Dereference via libr/bin/p/bin_symbols.c binary symbol parser. | |||
| CVE-2021-34555 | medium | — | 5.5 | — | OpenDMARC 1.4.1 and 1.4.1.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a multi-value From header field. | |||
| CVE-2021-38115 | medium | — | 5.5 | — | read_header_tga in gd_tga.c in the GD Graphics Library (aka LibGD) through 2.3.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file. | |||
| CVE-2021-1095 | medium | — | 5.5 | — | multiple issues in nvidia-utils | |||
| CVE-2021-32135 | medium | — | 5.5 | — | The trak_box_size function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||
| CVE-2021-4095 | medium | — | 5.5 | — | A NULL pointer dereference was found in the Linux kernel's KVM when dirty ring logging is enabled without an active vCPU context. An unprivileged local attacker on the host may use this flaw to cause… | |||
| CVE-2021-4001 | medium | — | 5.5 | — | A race condition was found in the Linux kernel's ebpf verifier between bpf_map_update_elem and bpf_map_freeze due to a missing lock in kernel/bpf/syscall.c. In this flaw, a local user with a special … | |||
| CVE-2021-20227 | medium | — | 5.5 | — | A flaw was found in SQLite's SELECT query functionality (src/select.c). This flaw allows an attacker who is capable of running SQL queries locally on the SQLite database to cause a denial of service … | |||
| CVE-2021-3648 | medium | — | 5.5 | — | multiple issues in binutils | |||
| CVE-2021-3847 | medium | — | 5.5 | — | An unauthorized access to the execution of the setuid file with capabilities flaw in the Linux kernel OverlayFS subsystem was found in the way user copying a capable file from a nosuid mount into ano… | |||
| CVE-2021-38208 | medium | — | 5.5 | — | net/nfc/llcp_sock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service (NULL pointer dereference and BUG) by making a getsockname call after a certain typ… | |||
| CVE-2021-38204 | medium | — | 5.5 | — | drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in cer… | |||
| CVE-2021-41073 | medium | — | 5.5 | — | loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by… | |||
| CVE-2021-3739 | medium | — | 5.5 | — | A NULL pointer dereference flaw was found in the btrfs_rm_device function in fs/btrfs/volumes.c in the Linux Kernel, where triggering the bug requires ‘CAP_SYS_ADMIN’. This flaw allows a local attack… | |||
| CVE-2021-36584 | medium | — | 5.5 | — | An issue was discovered in GPAC 1.0.1. There is a heap-based buffer overflow in the function gp_rtp_builder_do_tx3g function in ietf/rtp_pck_3gpp.c, as demonstrated by MP4Box. This can cause a denial… | |||
| CVE-2021-33481 | medium | — | 5.5 | — | A stack-based buffer overflow vulnerability was discovered in gocr through 0.53-20200802 in try_to_divide_boxes() in pgm2asc.c. | |||
| CVE-2021-34338 | medium | — | 5.5 | — | multiple issues in ming | |||
| CVE-2021-20285 | medium | — | 5.5 | — | A flaw was found in upx canPack in p_lx_elf.cpp in UPX 3.96. This flaw allows attackers to cause a denial of service (SEGV or buffer overflow and application crash) or possibly have unspecified other… | |||
| CVE-2021-37231 | medium | — | 5.5 | — | A stack-buffer-overflow occurs in Atomicparsley 20210124.204813.840499f through APar_readX() in src/util.cpp while parsing a crafted mp4 file because of the missing boundary check. | |||
| CVE-2021-35477 | medium | — | 5.5 | — | In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting sto… | |||
| CVE-2021-3506 | medium | — | 5.5 | — | An out-of-bounds (OOB) memory access flaw was found in fs/f2fs/node.c in the f2fs module in the Linux kernel in versions before 5.12.0-rc4. A bounds check failure allows a local attacker to gain acce… | |||
| CVE-2021-35039 | medium | — | 5.5 | — | kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID-0c18f29aae7c. Without CONFIG_MODULE_SIG, verification that a kernel module is signed, for loading via ini… | |||
| CVE-2021-3483 | medium | — | 5.5 | — | A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. T… | |||
| CVE-2021-20292 | medium | — | 5.5 | — | There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm in Nouveau DRM subsystem. The issue results from the lack of… | |||
| CVE-2021-34556 | medium | — | 5.5 | — | In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism… | |||
| CVE-2021-28038 | medium | — | 5.5 | — | An issue was discovered in the Linux kernel through 5.11.3, as used with Xen PV. A certain part of the netback driver lacks necessary treatment of errors such as failed memory allocations (as a resul… | |||
| CVE-2021-28688 | medium | — | 5.5 | — | The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain conditions… | |||
| CVE-2021-28951 | medium | — | 5.5 | — | An issue was discovered in fs/io_uring.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (deadlock) because exit may be waiting to park a SQPOLL thread, but concu… | |||
| CVE-2021-28964 | medium | — | 5.5 | — | A race condition was discovered in get_old_root in fs/btrfs/ctree.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (BUG) because of a lack of locking on an exten… | |||
| CVE-2021-28972 | medium | — | 5.5 | — | In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace… | |||
| CVE-2021-29264 | medium | — | 5.5 | — | An issue was discovered in the Linux kernel through 5.11.10. drivers/net/ethernet/freescale/gianfar.c in the Freescale Gianfar Ethernet driver allows attackers to cause a system crash because a negat… | |||
| CVE-2021-29649 | medium | — | 5.5 | — | An issue was discovered in the Linux kernel before 5.11.11. The user mode driver (UMD) has a copy_process() memory leak, related to a lack of cleanup steps in kernel/usermode_driver.c and kernel/bpf/… | |||
| CVE-2021-31924 | medium | — | 5.5 | — | Yubico pam-u2f before 1.1.1 has a logic issue that, depending on the pam-u2f configuration and the application used, could lead to a local PIN bypass. This issue does not allow user presence (touch) … | |||
| CVE-2021-35940 | medium | — | 5.5 | — | An out-of-bounds array read in the apr_time_exp*() functions was fixed in the Apache Portable Runtime 1.6.3 release (CVE-2017-12613). The fix for this issue was not carried forward to the APR 1.7.x b… | |||
| CVE-2021-36976 | medium | — | 5.5 | — | libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block). | |||
| CVE-2021-38114 | medium | — | 5.5 | — | libavcodec/dnxhddec.c in FFmpeg 4.4 does not check the return value of the init_vlc function, a similar issue to CVE-2013-0868. | |||
| CVE-2021-31879 | medium | — | 5.5 | — | GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007. | |||
| CVE-2021-32493 | medium | — | 5.5 | — | A flaw was found in djvulibre-3.5.28 and earlier. A heap buffer overflow in function DJVU::GBitmap::decode() via crafted djvu file may lead to application crash and other consequences. | |||
| CVE-2021-26937 | medium | — | 5.5 | — | encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service (invalid write access and application crash) or possibly have unspecified other impact via a crafted UTF-8 … | |||
| CVE-2021-3657 | medium | — | 5.5 | — | A flaw was found in mbsync versions prior to 1.4.4. Due to inadequate handling of extremely large (>=2GiB) IMAP literals, malicious or compromised IMAP servers, and hypothetically even external email… | |||
| CVE-2021-28041 | medium | — | 5.5 | — | ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an … | |||
| CVE-2021-31255 | medium | — | 5.5 | — | Buffer overflow in the abst_box_read function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file. | |||
| CVE-2021-30583 | medium | — | 5.5 | — | Insufficient policy enforcement in image handling in iOS in Google Chrome on iOS prior to 92.0.4515.107 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||
| CVE-2021-22563 | medium | — | 5.5 | — | Invalid JPEG XL images using libjxl can cause an out of bounds access on a std::vector<std::vector<T>> when rendering splines. The OOB read access can either lead to a segfault, or rendering splines … | |||
| CVE-2021-30159 | medium | — | 5.5 | — | An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. Users can bypass intended restrictions on deleting pages in certain "fast double move" situations. MovePag… | |||
| CVE-2021-40145 | medium | — | 5.5 | — | gdImageGd2Ptr in gd_gd2.c in the GD Graphics Library (aka LibGD) through 2.3.2 has a double free. NOTE: the vendor's position is "The GD2 image format is a proprietary image format of libgd. It has t… | |||
| CVE-2021-3770 | medium | — | 5.5 | — | vim is vulnerable to Heap-based Buffer Overflow | |||
| CVE-2021-25321 | medium | — | 5.5 | — | A UNIX Symbolic Link (Symlink) Following vulnerability in arpwatch of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Factory, Leap 15.2 al… | |||
| CVE-2021-30155 | medium | — | 5.5 | — | An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. ContentModelChange does not check if a user has correct permissions to create and set the content model of… | |||
| CVE-2021-30157 | medium | — | 5.5 | — | An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. On ChangesList special pages such as Special:RecentChanges and Special:Watchlist, some of the rcfilters-fi… | |||
| CVE-2021-35197 | medium | — | 5.5 | — | In MediaWiki before 1.31.15, 1.32.x through 1.35.x before 1.35.3, and 1.36.x before 1.36.1, bots have certain unintended API access. When a bot account has a "sitewide block" applied, it is able to s… | |||
| CVE-2021-32139 | medium | — | 5.5 | — | The gf_isom_vp_config_get function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||
| CVE-2021-32137 | medium | — | 5.5 | — | Heap buffer overflow in the URL_GetProtocolType function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file. | |||
| CVE-2021-22567 | medium | — | 5.5 | — | multiple issues in dart | |||
| CVE-2021-28302 | medium | — | 5.5 | — | A stack overflow in pupnp before version 1.14.5 can cause the denial of service through the Parser_parseDocument() function. ixmlNode_free() will release a child node recursively, which will consume … | |||
| CVE-2021-21847 | medium | — | 5.5 | — | Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input in “stts”… | |||
| CVE-2021-30014 | medium | — | 5.5 | — | There is a integer overflow in media_tools/av_parsers.c in the hevc_parse_slice_segment function in GPAC from v0.9.0-preview to 1.0.1 which results in a crash. | |||
| CVE-2021-29279 | medium | — | 5.5 | — | There is a integer overflow in function filter_core/filter_props.c:gf_props_assign_value in GPAC 1.0.1. In which, the arg const GF_PropertyValue *value,maybe value->value.data.size is a negative numb… | |||
| CVE-2021-31214 | medium | — | 5.5 | — | arbitrary code execution in code | |||
| CVE-2021-26826 | medium | — | 5.5 | — | A stack overflow issue exists in Godot Engine up to v3.2 and is caused by improper boundary checks when loading .TGA image files. Depending on the context of the application, attack vector can be loc… | |||
| CVE-2021-26825 | medium | — | 5.5 | — | An integer overflow issue exists in Godot Engine up to v3.2 that can be triggered when loading specially crafted.TGA image files. The vulnerability exists in ImageLoaderTGA::load_image() function at … | |||
| CVE-2021-30022 | medium | — | 5.5 | — | There is a integer overflow in media_tools/av_parsers.c in the gf_avc_read_pps_bs_internal in GPAC from 0.5.2 to 1.0.1. pps_id may be a negative number, so it will not return. However, avc->pps only … | |||
| CVE-2021-30015 | medium | — | 5.5 | — | There is a Null Pointer Dereference in function filter_core/filter_pck.c:gf_filter_pck_new_alloc_internal in GPAC 1.0.1. The pid comes from function av1dmx_parse_flush_sample, the ctx.opid maybe NULL… | |||
| CVE-2021-29474 | medium | — | 5.5 | — | information disclosure in hedgedoc | |||
| CVE-2021-30020 | medium | — | 5.5 | — | In the function gf_hevc_read_pps_bs_internal function in media_tools/av_parsers.c in GPAC 1.0.1 there is a loop, which with crafted file, pps->num_tile_columns may be larger than sizeof(pps->column_w… | |||
| CVE-2021-31260 | medium | — | 5.5 | — | The MergeTrack function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||
| CVE-2021-32269 | medium | — | 5.5 | — | An issue was discovered in gpac through 20200801. A NULL pointer dereference exists in the function ilst_item_box_dump located in box_dump.c. It allows an attacker to cause Denial of Service. | |||
| CVE-2021-36370 | medium | — | 5.5 | — | An issue was discovered in Midnight Commander through 4.8.26. When establishing an SFTP connection, the fingerprint of the server is neither checked nor displayed. As a result, a user connects to the… | |||
| CVE-2021-22540 | medium | — | 5.5 | — | cross-site scripting in dart | |||
| CVE-2021-3738 | medium | — | 5.5 | — | In DCE/RPC it is possible to share the handles (cookies for resource state) between multiple connections via a mechanism called 'association groups'. These handles can reference connections to our sa… | |||
| CVE-2021-32138 | medium | — | 5.5 | — | The DumpTrackInfo function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||
| CVE-2021-32437 | medium | — | 5.5 | — | The gf_hinter_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||
| CVE-2021-23977 | medium | — | 5.5 | — | Firefox for Android suffered from a time-of-check-time-of-use vulnerability that allowed a malicious application to read sensitive data from application directories. Note: This issue is only affected… | |||
| CVE-2021-22564 | medium | — | 5.5 | — | For certain valid JPEG XL images with a size slightly larger than an integer number of groups (256x256 pixels) when processing the groups out of order the decoder can perform an out of bounds copy of… | |||
| CVE-2021-1093 | medium | — | 5.5 | — | multiple issues in nvidia-utils | |||
| CVE-2021-1077 | medium | — | 5.5 | — | NVIDIA GPU Display Driver for Windows and Linux, R450 and R460 driver branch, contains a vulnerability where the software uses a reference count to manage a resource that is incorrectly updated, whic… | |||
| CVE-2021-20244 | medium | — | 5.5 | — | A flaw was found in ImageMagick in MagickCore/visual-effects.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division b… | |||
| CVE-2021-22117 | medium | — | 5.5 | — | RabbitMQ installers on Windows prior to version 3.8.16 do not harden plugin directory permissions, potentially allowing attackers with sufficient local filesystem permissions to add arbitrary plugins. | |||
| CVE-2021-3119 | medium | — | 5.5 | — | Zetetic SQLCipher 4.x before 4.4.3 has a NULL pointer dereferencing issue related to sqlcipher_export in crypto.c and sqlite3StrICmp in sqlite3.c. This may allow an attacker to perform a remote denia… | |||
| CVE-2021-37600 | medium | — | 5.5 | — | An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/se… | |||
| CVE-2021-1094 | medium | — | 5.5 | — | multiple issues in nvidia-utils | |||
| CVE-2021-27927 | medium | — | 5.5 | — | In Zabbix from 4.0.x before 4.0.28rc1, 5.0.0alpha1 before 5.0.10rc1, 5.2.x before 5.2.6rc1, and 5.4.0alpha1 before 5.4.0beta2, the CControllerAuthenticationUpdate controller lacks a CSRF protection m… | |||
| CVE-2021-27799 | medium | — | 5.5 | — | ean_leading_zeroes in backend/upcean.c in Zint Barcode Generator 2.9.1 has a stack-based buffer overflow that is reachable from the C API through an application that includes the Zint Barcode Generat… | |||
| CVE-2021-22169 | medium | — | 5.5 | — | information disclosure in gitlab | |||
| CVE-2021-38291 | medium | — | 5.5 | — | FFmpeg version (git commit de8e6e67e7523e48bb27ac224a0b446df05e1640) suffers from a an assertion failure at src/libavutil/mathematics.c. | |||
| CVE-2021-3472 | medium | — | 5.5 | — | A flaw was found in xorg-x11-server in versions before 1.20.11. An integer underflow can occur in xserver which can lead to a local privilege escalation. The highest threat from this vulnerability is… | |||
| CVE-2021-35057 | medium | — | 5.5 | — | multiple issues in hyperkitty | |||
| CVE-2021-42694 | medium | — | 5.5 | — | content spoofing in rust | |||
| CVE-2021-41801 | medium | — | 5.5 | — | The ReplaceText extension through 1.41 for MediaWiki has Incorrect Access Control. When a user is blocked after submitting a replace job, the job is still run, even if it may be run at a later time (… | |||
| CVE-2021-3496 | medium | — | 5.5 | — | A heap-based buffer overflow was found in jhead in version 3.06 in Get16u() in exif.c when processing a crafted file. | |||
| CVE-2021-34479 | medium | — | 5.5 | — | multiple issues in code | |||
| CVE-2021-26437 | medium | — | 5.5 | — | multiple issues in code | |||
| CVE-2021-40516 | medium | — | 5.5 | — | WeeChat before 3.2.1 allows remote attackers to cause a denial of service (crash) via a crafted WebSocket frame that trigger an out-of-bounds read in plugins/relay/relay-websocket.c in the Relay plug… | |||
| CVE-2021-34477 | medium | — | 5.5 | — | privilege escalation in code |