CVEs from 2021
Total
4,788
critical
critical 281
high
high 1,022
medium
medium 1,179
low
low 138
% Critical
5.9%
% with KEV
4.4%
% with exploit
5.3%
Top vendors
Top products
- simatic_wincc_runtime_advanced 28
- office 13
- primavera_gateway 10
- weblogic_server 9
- primavera_unifier 8
- modicon_m340_bmxp342020 8
- log4j 8
- mbed_tls 8
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-41817 | medium | — | 5.5 | 5y ago | RHSA-2022:6450: ruby:3.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-42574 | medium | — | 5.5 | 5y ago | An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control sequences, which can be used to craft sour… | |||
| CVE-2021-35603 | medium | — | 5.5 | 5y ago | RHSA-2022:0970: java-1.8.0-ibm security update (Moderate) | |||
| CVE-2021-35561 | medium | — | 5.5 | 5y ago | RHSA-2022:5837: java-1.8.0-ibm security update (Moderate) | |||
| CVE-2021-3778 | medium | — | 5.5 | 5y ago | RHSA-2021:4517: vim security update (Moderate) | |||
| CVE-2021-3796 | medium | — | 5.5 | 5y ago | RHSA-2021:4517: vim security update (Moderate) | |||
| CVE-2021-23336 | medium | — | 5.5 | 5y ago | The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.pars… | |||
| CVE-2021-36087 | medium | — | 5.5 | 5y ago | RHSA-2021:4513: libsepol security update (Moderate) | |||
| CVE-2021-36085 | medium | — | 5.5 | 5y ago | RHSA-2021:4513: libsepol security update (Moderate) | |||
| CVE-2021-36084 | medium | — | 5.5 | 5y ago | RHSA-2021:4513: libsepol security update (Moderate) | |||
| CVE-2021-36086 | medium | — | 5.5 | 5y ago | RHSA-2021:4513: libsepol security update (Moderate) | |||
| CVE-2021-22925 | medium | — | 5.5 | 5y ago | curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parse… | |||
| CVE-2021-22876 | medium | — | 5.5 | 5y ago | curl 7.1.1 to and including 7.75.0 is vulnerable to an "Exposure of Private Personal Information to an Unauthorized Actor" by leaking credentials in the HTTP Referer: header. libcurl does not strip o… | |||
| CVE-2021-22898 | medium | — | 5.5 | 5y ago | curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers… | |||
| CVE-2021-3445 | medium | — | 5.5 | 5y ago | RHSA-2021:4464: dnf security and bug fix update (Moderate) | |||
| CVE-2021-20232 | medium | — | 5.5 | 5y ago | RHSA-2021:4451: gnutls and nettle security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-3580 | medium | — | 5.5 | 5y ago | RHSA-2021:4451: gnutls and nettle security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-20231 | medium | — | 5.5 | 5y ago | RHSA-2021:4451: gnutls and nettle security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-3565 | medium | — | 5.5 | 5y ago | RHSA-2021:4413: tpm2-tools security and enhancement update (Moderate) | |||
| CVE-2021-33560 | medium | — | 5.5 | 5y ago | RHSA-2021:4409: libgcrypt security and bug fix update (Moderate) | |||
| CVE-2021-3426 | medium | — | 5.5 | 5y ago | There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disc… | |||
| CVE-2021-3800 | medium | — | 5.5 | 5y ago | RHSA-2021:4385: glib2 security and bug fix update (Moderate) | |||
| CVE-2021-25214 | medium | — | 5.5 | 5y ago | RHSA-2021:4384: bind security and bug fix update (Moderate) | |||
| CVE-2021-1765 | medium | — | 5.5 | 5y ago | This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted w… | |||
| CVE-2021-30795 | medium | — | 5.5 | 5y ago | A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web co… | |||
| CVE-2021-1801 | medium | — | 5.5 | 5y ago | This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.… | |||
| CVE-2021-1788 | medium | — | 5.5 | 5y ago | A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS… | |||
| CVE-2021-30799 | medium | — | 5.5 | 5y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave… | |||
| CVE-2021-30797 | medium | — | 5.5 | 5y ago | This issue was addressed with improved checks. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to code … | |||
| CVE-2021-30758 | medium | — | 5.5 | 5y ago | A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web conte… | |||
| CVE-2021-30749 | medium | — | 5.5 | 5y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing … | |||
| CVE-2021-28650 | medium | — | 5.5 | 5y ago | RHSA-2021:4381: GNOME security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-30689 | medium | — | 5.5 | 5y ago | A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted … | |||
| CVE-2021-30720 | medium | — | 5.5 | 5y ago | A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious website may be able to … | |||
| CVE-2021-1844 | medium | — | 5.5 | 5y ago | A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur… | |||
| CVE-2021-21806 | medium | — | 5.5 | 5y ago | An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in remote code execution.… | |||
| CVE-2021-30734 | medium | — | 5.5 | 5y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing … | |||
| CVE-2021-30744 | medium | — | 5.5 | 5y ago | Description: A cross-origin issue with iframe elements was addressed with improved tracking of security origins. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big S… | |||
| CVE-2021-30682 | medium | — | 5.5 | 5y ago | A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able… | |||
| CVE-2021-21775 | medium | — | 5.5 | 5y ago | A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak… | |||
| CVE-2021-21779 | medium | — | 5.5 | 5y ago | A use-after-free vulnerability exists in the way Webkit’s GraphicsContext handles certain events in WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further… | |||
| CVE-2021-1799 | medium | — | 5.5 | 5y ago | A port redirection issue was addressed with additional port validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watch… | |||
| CVE-2021-20197 | medium | — | 5.5 | 5y ago | RHSA-2021:4364: binutils security update (Moderate) | |||
| CVE-2021-3487 | medium | — | 5.5 | 5y ago | RHSA-2021:4364: binutils security update (Moderate) | |||
| CVE-2021-20284 | medium | — | 5.5 | 5y ago | RHSA-2021:4364: binutils security update (Moderate) | |||
| CVE-2021-27645 | medium | — | 5.5 | 5y ago | RHSA-2021:4358: glibc security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-35942 | medium | — | 5.5 | 5y ago | RHSA-2021:4358: glibc security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-33574 | medium | — | 5.5 | 5y ago | RHSA-2021:4358: glibc security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-0129 | medium | — | 5.5 | 5y ago | Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access. | |||
| CVE-2021-33200 | medium | — | 5.5 | 5y ago | kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations, aka CID-bb01a1bba579. This can be abused to perform out-of-bounds reads and write… | |||
| CVE-2021-29646 | medium | — | 5.5 | 5y ago | An issue was discovered in the Linux kernel before 5.11.11. tipc_nl_retrieve_key in net/tipc/node.c does not properly validate certain data sizes, aka CID-0217ed2848e8. | |||
| CVE-2021-29155 | medium | — | 5.5 | 5y ago | An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spe… | |||
| CVE-2021-3489 | medium | — | 5.5 | 5y ago | The eBPF RINGBUF bpf_ringbuf_reserve() function in the Linux kernel did not check that the allocated size was smaller than the ringbuf size, allowing an attacker to perform out-of-bounds writes withi… | |||
| CVE-2021-20194 | medium | — | 5.5 | 5y ago | There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y , CONFIG_BPF=y , CONFIG_CGROUPS=y , CONFIG_CGROUP_BPF=y , CONFIG_HARD… | |||
| CVE-2021-3679 | medium | — | 5.5 | 5y ago | A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (… | |||
| CVE-2021-3732 | medium | — | 5.5 | 5y ago | A flaw was found in the Linux kernel's OverlayFS subsystem in the way the user mounts the TmpFS filesystem with OverlayFS. This flaw allows a local user to gain access to hidden files that should not… | |||
| CVE-2021-3659 | medium | — | 5.5 | 5y ago | A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash t… | |||
| CVE-2021-28950 | medium | — | 5.5 | 5y ago | An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A "stall on CPU" can occur because a retry loop continually finds the same bad inode, aka CID-775c5033a0d1. | |||
| CVE-2021-28971 | medium | — | 5.5 | 5y ago | In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PE… | |||
| CVE-2021-3600 | medium | — | 5.5 | 5y ago | It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. A local attacker could use th… | |||
| CVE-2021-3635 | medium | — | 5.5 | 5y ago | A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. A user with root (CAP_SYS_ADMIN) access is able to panic the system when issuing netfilter netflow commands. | |||
| CVE-2021-3564 | medium | — | 5.5 | 5y ago | A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to c… | |||
| CVE-2021-3573 | medium | — | 5.5 | 5y ago | A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregist… | |||
| CVE-2021-23133 | medium | — | 5.5 | 5y ago | A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctp_des… | |||
| CVE-2021-29650 | medium | — | 5.5 | 5y ago | An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/… | |||
| CVE-2021-31829 | medium | — | 5.5 | 5y ago | kernel/bpf/verifier.c in the Linux kernel through 5.12.1 performs undesirable speculative loads, leading to disclosure of stack content via side-channel attacks, aka CID-801c6058d14a. The specific co… | |||
| CVE-2021-31916 | medium | — | 5.5 | 5y ago | An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux kernel before 5.12. A bound check failure allows an attacker… | |||
| CVE-2021-33033 | medium | — | 5.5 | 5y ago | The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd.… | |||
| CVE-2021-31440 | medium | — | 5.5 | 5y ago | This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.11.15. An attacker must first obtain the ability to execute low-privileged code on the tar… | |||
| CVE-2021-3348 | medium | — | 5.5 | 5y ago | nbd_add_socket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndb_queue_rq use-after-free that could be triggered by local attackers (with access to the nbd device) via an I/O requ… | |||
| CVE-2021-20239 | medium | — | 5.5 | 5y ago | A flaw was found in the Linux kernel in versions before 5.4.92 in the BPF protocol. This flaw allows an attacker with a local account to leak information about kernel internal addresses. The highest … | |||
| CVE-2021-39365 | medium | — | 5.5 | 5y ago | RHSA-2021:4339: grilo security update (Moderate) | |||
| CVE-2021-31535 | medium | — | 5.5 | 5y ago | RHSA-2021:4326: libX11 security update (Moderate) | |||
| CVE-2021-28091 | medium | — | 5.5 | 5y ago | RHSA-2021:4325: lasso security and enhancement update (Moderate) | |||
| CVE-2021-3571 | medium | — | 5.5 | 5y ago | RHSA-2021:4321: linuxptp security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-37619 | medium | — | 5.5 | 5y ago | RHSA-2021:4319: compat-exiv2-026 security update (Moderate) | |||
| CVE-2021-37618 | medium | — | 5.5 | 5y ago | RHSA-2021:4319: compat-exiv2-026 security update (Moderate) | |||
| CVE-2021-31808 | medium | — | 5.5 | 5y ago | RHSA-2021:4292: squid:4 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-28651 | medium | — | 5.5 | 5y ago | RHSA-2021:4292: squid:4 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-28652 | medium | — | 5.5 | 5y ago | RHSA-2021:4292: squid:4 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-33620 | medium | — | 5.5 | 5y ago | RHSA-2021:4292: squid:4 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-28662 | medium | — | 5.5 | 5y ago | RHSA-2021:4292: squid:4 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-29922 | medium | — | 5.5 | 5y ago | library/std/src/net/parser.rs in Rust before 1.53.0 does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypa… | |||
| CVE-2021-26690 | medium | — | 5.5 | 5y ago | Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service | |||
| CVE-2021-30641 | medium | — | 5.5 | 5y ago | Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF' | |||
| CVE-2021-29338 | medium | — | 5.5 | 5y ago | RHSA-2021:4251: openjpeg2 security update (Moderate) | |||
| CVE-2021-3575 | medium | — | 5.5 | 5y ago | RHSA-2021:4251: openjpeg2 security update (Moderate) | |||
| CVE-2021-26926 | medium | — | 5.5 | 5y ago | RHSA-2021:4235: jasper security update (Moderate) | |||
| CVE-2021-26927 | medium | — | 5.5 | 5y ago | RHSA-2021:4235: jasper security update (Moderate) | |||
| CVE-2021-3272 | medium | — | 5.5 | 5y ago | RHSA-2021:4235: jasper security update (Moderate) | |||
| CVE-2021-21702 | medium | — | 5.5 | 5y ago | RHSA-2021:4213: php:7.4 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-20095 | medium | — | 5.5 | 5y ago | RHSA-2021:4201: babel security and bug fix update (Moderate) | |||
| CVE-2021-3593 | medium | — | 5.5 | 5y ago | An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp6_input() function and could occur while processing a udp packet that is sm… | |||
| CVE-2021-3592 | medium | — | 5.5 | 5y ago | An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootp_input() function and could occur while processing a udp packet that is s… | |||
| CVE-2021-3631 | medium | — | 5.5 | 5y ago | RHSA-2021:4191: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-3667 | medium | — | 5.5 | 5y ago | RHSA-2021:4191: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-3594 | medium | — | 5.5 | 5y ago | An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp_input() function and could occur while processing a udp packet that is sma… | |||
| CVE-2021-3595 | medium | — | 5.5 | 5y ago | An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the tftp_input() function and could occur while processing a udp packet that is sm… | |||
| CVE-2021-3181 | medium | — | 5.5 | 5y ago | RHSA-2021:4181: mutt security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-29458 | medium | — | 5.5 | 5y ago | RHSA-2021:4173: exiv2 security, bug fix, and enhancement update (Moderate) |