CVEs from 2021
Total
4,783
critical
critical 281
high
high 1,014
medium
medium 1,186
low
low 139
% Critical
5.9%
% with KEV
4.5%
% with exploit
5.4%
Top vendors
Top products
- simatic_wincc_runtime_advanced 28
- office 13
- primavera_gateway 10
- weblogic_server 9
- primavera_unifier 8
- modicon_m340_bmxp342020 8
- log4j 8
- mbed_tls 8
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-47541 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources() In mlx4_en_try_alloc_resources(), mlx4_en_copy_priv() is … | |||
| CVE-2021-47546 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ipv6: fix memory leak in fib6_rule_suppress The kernel leaks memory when a `fib` rule is present in IPv6 nftables firewall rules … | |||
| CVE-2021-47549 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: sata_fsl: fix UAF in sata_fsl_port_stop when rmmod sata_fsl When the `rmmod sata_fsl.ko` command is executed in the PPC64 GNU/Lin… | |||
| CVE-2021-47550 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdgpu: fix potential memleak In function amdgpu_get_xgmi_hive, when kobject_init_and_add failed There is a potential mem… | |||
| CVE-2021-47449 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ice: fix locking for Tx timestamp tracking flush Commit 4dd0d5c33c3e ("ice: add lock around Tx timestamp tracker flush") added a … | |||
| CVE-2021-47551 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdkfd: Fix kernel panic when reset failed and been triggered again In SRIOV configuration, the reset may failed to bring… | |||
| CVE-2021-47554 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: vdpa_sim: avoid putting an uninitialized iova_domain The system will crash if we put an uninitialized iova_domain, this could hap… | |||
| CVE-2021-47555 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: vlan: fix underflow for the real_dev refcnt Inject error before dev_hold(real_dev) in register_vlan_dev(), and execute the f… | |||
| CVE-2021-47571 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() The free_rtllib() function frees the "dev" pointer so there is … | |||
| CVE-2021-47558 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Disable Tx queues when reconfiguring the interface The Tx queues were not disabled in situations where the driver ne… | |||
| CVE-2021-47561 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: i2c: virtio: disable timeout handling If a timeout is hit, it can result is incorrect data on the I2C bus and/or memory corruptio… | |||
| CVE-2021-47559 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk() Coverity reports a possible NULL dereferencing problem: in smc_vl… | |||
| CVE-2021-47564 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix double free issue on err path fix error path handling in prestera_bridge_port_join() that cases prest… | |||
| CVE-2021-47570 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: staging: r8188eu: fix a memory leak in rtw_wx_read32() Free "ptmp" before returning -EINVAL. | |||
| CVE-2021-47565 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix kernel panic during drive powercycle test While looping over shost's sdev list it is possible that one of the … | |||
| CVE-2021-47567 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: powerpc/32: Fix hardlockup on vmap stack overflow Since the commit c118c7303ad5 ("powerpc/32: Fix vmap stack - Do not activate MM… | |||
| CVE-2021-47569 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: io_uring: fail cancellation for EXITING tasks WARNING: CPU: 1 PID: 20 at fs/io_uring.c:6269 io_try_cancel_userdata+0x3c5/0x640 fs… | |||
| CVE-2021-47586 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwmac-rk: fix oob read in rk_gmac_setup KASAN reports an out-of-bounds read in rk_gmac_setup on the line: while (o… | |||
| CVE-2021-47585 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix memory leak in __add_inode_ref() Line 1169 (#3) allocates a memory chunk for victim_name by kmalloc(), but when the f… | |||
| CVE-2021-47587 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: systemport: Add global locking for descriptor lifecycle The descriptor list is a shared resource across all of the transmit … | |||
| CVE-2021-21200 | unknown | — | — | — | Out of bounds read in WebUI Settings in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chrome security severity: Low) | |||
| CVE-2021-47589 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: igbvf: fix double free in `igbvf_probe` In `igbvf_probe`, if register_netdev() fails, the program will go to label err_hw_init, a… | |||
| CVE-2021-47595 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_ets: don't remove idle classes from the round-robin list Shuang reported that the following script: 1) tc qdisc … | |||
| CVE-2021-47600 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: dm btree remove: fix use after free in rebalance_children() Move dm_tm_unlock() after dm_tm_dec(). | |||
| CVE-2021-47601 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: tee: amdtee: fix an IS_ERR() vs NULL bug The __get_free_pages() function does not return error pointers it returns NULL so fix th… | |||
| CVE-2021-47603 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: audit: improve robustness of the audit queue handling If the audit daemon were ever to get stuck in a stopped state the kernel's … | |||
| CVE-2021-47604 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: vduse: check that offset is within bounds in get_config() This condition checks "len" but it does not check "offset" and that cou… | |||
| CVE-2021-47605 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: vduse: fix memory corruption in vduse_dev_ioctl() The "config.offset" comes from the user. There needs to a check to prevent it … | |||
| CVE-2021-47607 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix kernel address leakage in atomic cmpxchg's r0 aux reg The implementation of BPF_CMPXCHG on a high level has the followin… | |||
| CVE-2021-47608 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix kernel address leakage in atomic fetch The change in commit 37086bfdc737 ("bpf: Propagate stack bounds to registers in a… | |||
| CVE-2021-47613 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: i2c: virtio: fix completion handling The driver currently assumes that the notify callback is only received when the device is do… | |||
| CVE-2021-47038 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: avoid deadlock between hci_dev->lock and socket lock Commit eab2404ba798 ("Bluetooth: Add BT_PHY socket option") added… | |||
| CVE-2021-47617 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: PCI: pciehp: Fix infinite loop in IRQ handler upon power fault The Power Fault Detected bit in the Slot Status register differs f… | |||
| CVE-2021-47620 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: refactor malicious adv data check Check for out-of-bound read was being performed at the end of while num_reports loop… | |||
| CVE-2021-47623 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: powerpc/fixmap: Fix VM debug warning on unmap Unmapping a fixmap entry is done by calling __set_fixmap() with FIXMAP_PAGE_CLEAR a… | |||
| CVE-2021-47637 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix deadlock in concurrent rename whiteout and inode writeback Following hung tasks: [ 77.028764] task:kworker/u8:4 s… | |||
| CVE-2021-47640 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Fix early region not updated correctly The shadow's page table is not updated when PTE_RPN_SHIFT is 24 and PAGE_SH… | |||
| CVE-2021-47645 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: staging: media: zoran: calculate the right buffer number for zoran_reap_stat_com On the case tmp_dcim=1, the index of buff… | |||
| CVE-2021-47648 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: gpu: host1x: Fix a memory leak in 'host1x_remove()' Add a missing 'host1x_channel_list_free()' call in the remove function, as al… | |||
| CVE-2021-47651 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: soc: qcom: rpmpd: Check for null return of devm_kcalloc Because of the possible failure of the allocation, data->domains might be… | |||
| CVE-2021-21373 | unknown | — | — | — | Nimble is a package manager for the Nim programming language. In Nim release versions before versions 1.2.10 and 1.4.4, "nimble refresh" fetches a list of Nimble packages over HTTPS by default. In ca… | |||
| CVE-2021-21441 | unknown | — | — | — | There is a XSS vulnerability in the ticket overview screens. It's possible to collect various information by having an e-mail shown in the overview screen. Attack can be performed by sending speciall… | |||
| CVE-2021-27216 | unknown | — | — | — | Exim 4 before 4.94.2 has Execution with Unnecessary Privileges. By leveraging a delete_pid_file race condition, a local user can delete arbitrary files as root. This involves the -oP and -oPX options. | |||
| CVE-2021-47453 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ice: Avoid crash from unnecessary IDA free In the remove path, there is an attempt to free the aux_idx IDA whether it was allocat… | |||
| CVE-2021-3929 | unknown | — | — | — | A DMA reentrancy issue was found in the NVM Express Controller (NVME) emulation in QEMU. This CVE is similar to CVE-2021-3750 and, just like it, when the reentrancy write triggers the reset function … | |||
| CVE-2021-46955 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix stack OOB read while fragmenting IPv4 packets running openvswitch on kernels built with KASAN, it's possible to … | |||
| CVE-2021-0606 | unknown | — | — | — | In drm_syncobj_handle_to_fd of drm_syncobj.c, there is a possible use after free due to incorrect refcounting. This could lead to local escalation of privilege with System execution privileges needed… | |||
| CVE-2021-0924 | unknown | — | — | — | In xhci_vendor_get_ops of xhci.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed… | |||
| CVE-2021-0695 | unknown | — | — | — | In get_sock_stat of xt_qtaguid.c, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with User execution privileges needed. User interacti… | |||
| CVE-2021-0936 | unknown | — | — | — | In acc_read of f_accessory.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User inte… | |||
| CVE-2021-0929 | unknown | — | — | — | In ion_dma_buf_end_cpu_access and related functions of ion.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional ex… | |||
| CVE-2021-33061 | unknown | — | — | — | Insufficient control flow management for the Intel(R) 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access. | |||
| CVE-2021-33135 | unknown | — | — | — | Uncontrolled resource consumption in the Linux kernel drivers for Intel(R) SGX may allow an authenticated user to potentially enable denial of service via local access. | |||
| CVE-2021-46938 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: dm rq: fix double free of blk_mq_tag_set in dev remove after table load fails When loading a device-mapper table for a request-ba… | |||
| CVE-2021-38199 | unknown | — | — | — | fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arran… | |||
| CVE-2021-38203 | unknown | — | — | — | btrfs in the Linux kernel before 5.13.4 allows attackers to cause a denial of service (deadlock) via processes that trigger allocation of new system chunks during times when there is a shortage of fr… | |||
| CVE-2021-38206 | unknown | — | — | — | The mac80211 subsystem in the Linux kernel before 5.12.13, when a device supporting only 5 GHz is used, allows attackers to cause a denial of service (NULL pointer dereference in the radiotap parser)… | |||
| CVE-2021-4148 | unknown | — | — | — | A vulnerability was found in the Linux kernel's block_invalidatepage in fs/buffer.c in the filesystem. A missing sanity check may allow a local attacker with user privilege to cause a denial of servi… | |||
| CVE-2021-4149 | unknown | — | — | — | A vulnerability was found in btrfs_alloc_tree_b in fs/btrfs/extent-tree.c in the Linux kernel due to an improper lock operation in btrfs. In this flaw, a user with a local privilege may cause a denia… | |||
| CVE-2021-42008 | unknown | — | — | — | The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root… | |||
| CVE-2021-4202 | unknown | — | — | — | A use-after-free flaw was found in nci_request in net/nfc/nci/core.c in NFC Controller Interface (NCI) in the Linux kernel. This flaw could allow a local attacker with user privileges to cause a data… | |||
| CVE-2021-45095 | unknown | — | — | — | pep_sock_accept in net/phonet/pep.c in the Linux kernel through 5.15.8 has a refcount leak. | |||
| CVE-2021-29221 | unknown | — | — | — | A local privilege escalation vulnerability was discovered in Erlang/OTP prior to version 23.2.3. By adding files to an existing installation's directory, a local attacker could hijack accounts of oth… | |||
| CVE-2021-46912 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: Make tcp_allowed_congestion_control readonly in non-init netns Currently, tcp_allowed_congestion_control is global and writa… | |||
| CVE-2021-46913 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: clone set element expression template memcpy() breaks when using connlimit in set elements. Use nft_expr_clo… | |||
| CVE-2021-46917 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix wq cleanup of WQCFG registers A pre-release silicon erratum workaround where wq reset does not clear WQCFG r… | |||
| CVE-2021-46919 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix wq size store permission state WQ size can only be changed when the device is disabled. Current code allows … | |||
| CVE-2021-46921 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: locking/qrwlock: Fix ordering in queued_write_lock_slowpath() While this code is executed with the wait_lock held, a reader can a… | |||
| CVE-2021-46929 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: sctp: use call_rcu to free endpoint This patch is to delay the endpoint free by calling call_rcu() to fix another use-after-free … | |||
| CVE-2021-46924 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: NFC: st21nfca: Fix memory leak in device probe and remove 'phy->pending_skb' is alloced when device probe, but forgot to free in … | |||
| CVE-2021-46926 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: intel-sdw-acpi: harden detection of controller The existing code currently sets a pointer to an ACPI handle before che… | |||
| CVE-2021-46959 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: spi: Fix use-after-free with devm_spi_alloc_* We can't rely on the contents of the devres list during spi_unregister_controller()… | |||
| CVE-2021-46962 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mmc: uniphier-sd: Fix a resource leak in the remove function A 'tmio_mmc_host_free()' call is missing in the remove function, in … | |||
| CVE-2021-46963 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand() RIP: 0010:kmem_cache_free+0xfa/0x1b0 Call Trace: qla2xxx_mqueu… | |||
| CVE-2021-46968 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: fix zcard and zqueue hot-unplug memleak Tests with kvm and a kmemdebug kernel showed, that on hot unplug the zcard a… | |||
| CVE-2021-46966 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ACPI: custom_method: fix potential use-after-free issue In cm_write(), buf is always freed when reaching the end of the function.… | |||
| CVE-2021-46969 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: bus: mhi: core: Fix invalid error returning in mhi_queue mhi_queue returns an error when the doorbell is not accessible in the cu… | |||
| CVE-2021-46974 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix masking negation logic upon negative dst register The negation logic for the case where the off_reg is sitting in the ds… | |||
| CVE-2021-46977 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Disable preemption when probing user return MSRs Disable preemption when probing a user return MSR via RDSMR/WRMSR. If… | |||
| CVE-2021-46978 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: KVM: nVMX: Always make an attempt to map eVMCS after migration When enlightened VMCS is in use and nested state is migrated with … | |||
| CVE-2021-46982 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix race condition of overwrite vs truncate pos_fsstress testcase complains a panic as belew: ------------[ cut … | |||
| CVE-2021-46987 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock when cloning inline extents and using qgroups There are a few exceptional cases where cloning an inline exten… | |||
| CVE-2021-46986 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Free gadget structure only after freeing endpoints As part of commit e81a7018d93a ("usb: dwc3: allocate gadget… | |||
| CVE-2021-46988 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: userfaultfd: release page in error path to avoid BUG_ON Consider the following sequence of events: 1. Userspace issues a UFFD io… | |||
| CVE-2021-47033 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mt76: mt7615: fix tx skb dma unmap The first pointer in the txp needs to be unmapped as well, otherwise it will leak DMA mapping … | |||
| CVE-2021-47035 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Remove WO permissions on second-level paging entries When the first level page table is used for IOVA translation, it… | |||
| CVE-2021-47040 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: io_uring: fix overflows checks in provide buffers Colin reported before possible overflow and sign extension problems in io_provi… | |||
| CVE-2021-47039 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ataflop: potential out of bounds in do_format() The function uses "type" as an array index: q = unit[drive].disk[type]->queue; … | |||
| CVE-2021-47044 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix shift-out-of-bounds in load_balance() Syzbot reported a handful of occurrences where an sd->nr_balance_failed can… | |||
| CVE-2021-47046 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix off by one in hdmi_14_process_transaction() The hdcp_i2c_offsets[] array did not have an entry for HDCP_MESS… | |||
| CVE-2021-47047 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: spi: spi-zynqmp-gqspi: return -ENOMEM if dma_map_single fails The spi controller supports 44-bit address space on AXI in DMA mode… | |||
| CVE-2021-47053 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: crypto: sun8i-ss - Fix memory leak of pad It appears there are several failure return paths that don't seem to be free'ing pad. F… | |||
| CVE-2021-47059 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: crypto: sun8i-ss - fix result memory leak on error path This patch fixes a memory leak on an error path. | |||
| CVE-2021-47061 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: KVM: Destroy I/O bus devices on unregister failure _after_ sync'ing SRCU If allocating a new instance of an I/O bus fails when un… | |||
| CVE-2021-20310 | unknown | — | — | — | A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero ConvertXYZToJzazbz() of MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is sub… | |||
| CVE-2021-20313 | unknown | — | — | — | A flaw was found in ImageMagick in versions before 7.0.11. A potential cipher leak when the calculate signatures in TransformSignature is possible. The highest threat from this vulnerability is to da… | |||
| CVE-2021-4219 | unknown | — | — | — | A flaw was found in ImageMagick. The vulnerability occurs due to improper use of open functions and leads to a denial of service. This flaw allows an attacker to crash the system. | |||
| CVE-2021-40633 | unknown | — | — | — | A memory leak (out-of-memory) in gif2rgb in util/gif2rgb.c in giflib 5.1.4 allows remote attackers trigger an out of memory exception or denial of service via a gif format file. | |||
| CVE-2021-40084 | unknown | — | — | — | opensysusers through 0.6 does not safely use eval on files in sysusers.d that may contain shell metacharacters. For example, it allows command execution via a crafted GECOS field whereas systemd-sysu… | |||
| CVE-2021-43114 | unknown | — | — | — | FORT Validator versions prior to 1.5.2 will crash if an RPKI CA publishes an X.509 EE certificate. This will lead to RTR clients such as BGP routers to lose access to the RPKI VRP data set, effective… |