CVEs from 2021
Total
4,783
critical
critical 281
high
high 1,014
medium
medium 1,186
low
low 139
% Critical
5.9%
% with KEV
4.5%
% with exploit
5.4%
Top vendors
Top products
- simatic_wincc_runtime_advanced 28
- office 13
- primavera_gateway 10
- weblogic_server 9
- primavera_unifier 8
- modicon_m340_bmxp342020 8
- log4j 8
- mbed_tls 8
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-47344 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: zr364xx: fix memory leak in zr364xx_start_readpipe syzbot reported memory leak in zr364xx driver. The problem was in non-f… | |||
| CVE-2021-47334 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: misc/libmasm/module: Fix two use after free in ibmasm_init_one In ibmasm_init_one, it calls ibmasm_init_remote_input_dev(). Insid… | |||
| CVE-2021-47340 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: jfs: fix GPF in diFree Avoid passing inode with JFS_SBI(inode->i_sb)->ipimap == NULL to diFree()[1]. GFP will appear: struct in… | |||
| CVE-2021-47342 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ext4: fix possible UAF when remounting r/o a mmp-protected file system After commit 618f003199c6 ("ext4: fix memory leak in ext4_… | |||
| CVE-2021-47341 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: KVM: mmio: Fix use-after-free Read in kvm_vm_ioctl_unregister_coalesced_mmio BUG: KASAN: use-after-free in kvm_vm_ioctl_unregiste… | |||
| CVE-2021-47345 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix rdma_resolve_route() memory leak Fix a memory leak when "mda_resolve_route() is called more than once on the same "… | |||
| CVE-2021-47348 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid HDCP over-read and corruption Instead of reading the desired 5 bytes of the actual target field, the code … | |||
| CVE-2021-47350 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: powerpc/mm: Fix lockup on kernel exec fault The powerpc kernel is not prepared to handle exec faults from kernel. Especially, the… | |||
| CVE-2021-47354 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/sched: Avoid data corruptions Wait for all dependencies of a job to complete before killing it to avoid data corruptions. | |||
| CVE-2021-47364 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: comedi: Fix memory leak in compat_insnlist() `compat_insnlist()` handles the 32-bit version of the `COMEDI_INSNLIST` ioctl (whenw… | |||
| CVE-2021-47362 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Update intermediate power state for SI Update the current state as boot state during dpm initialization. During the s… | |||
| CVE-2021-47363 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: nexthop: Fix division by zero while replacing a resilient group The resilient nexthop group torture tests in fib_nexthop.sh expos… | |||
| CVE-2021-47366 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: afs: Fix corruption in reads at fpos 2G-4G from an OpenAFS server AFS-3 has two data fetch RPC variants, FS.FetchData and FS.Fetc… | |||
| CVE-2021-47372 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: macb: fix use after free on rmmod plat_dev->dev->platform_data is released by platform_device_unregister(), use of pclk and … | |||
| CVE-2021-47375 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: blktrace: Fix uaf in blk_trace access after removing by sysfs There is an use-after-free problem triggered by following process: … | |||
| CVE-2021-47376 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: bpf: Add oversize check before call kvcalloc() Commit 7661809d493b ("mm: don't allow oversized kvmalloc() calls") add the oversiz… | |||
| CVE-2021-47380 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: HID: amd_sfh: Fix potential NULL pointer dereference devm_add_action_or_reset() can suddenly invoke amd_mp2_pci_remove() at regis… | |||
| CVE-2021-47382 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: s390/qeth: fix deadlock during failing recovery Commit 0b9902c1fcc5 ("s390/qeth: fix deadlock during recovery") removed taking di… | |||
| CVE-2021-47388 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mac80211: fix use-after-free in CCMP/GCMP RX When PN checking is done in mac80211, for fragmentation we need to copy the PN to th… | |||
| CVE-2021-47394 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: unlink table before deleting it syzbot reports following UAF: BUG: KASAN: use-after-free in memcmp+0x18f/0x… | |||
| CVE-2021-47389 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: fix missing sev_decommission in sev_receive_start DECOMMISSION the current SEV context if binding an ASID fails after R… | |||
| CVE-2021-47396 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mac80211-hwsim: fix late beacon hrtimer handling Thomas explained in https://lore.kernel.org/r/87mtoeb4hb.ffs@tglx that our handl… | |||
| CVE-2021-47398 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Fix kernel pointer leak Pointers should be printed with %p or %px rather than cast to 'unsigned long long' and printed… | |||
| CVE-2021-47399 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ixgbe: Fix NULL pointer dereference in ixgbe_xdp_setup The ixgbe driver currently generates a NULL pointer dereference with some … | |||
| CVE-2021-47403 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ipack: ipoctal: fix module reference leak A reference to the carrier module was taken on every open but was only released once wh… | |||
| CVE-2021-47404 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: HID: betop: fix slab-out-of-bounds Write in betop_probe Syzbot reported slab-out-of-bounds Write bug in hid-betopff driver. The p… | |||
| CVE-2021-36100 | unknown | — | — | — | Specially crafted string in OTRS system configuration can allow the execution of any system command. | |||
| CVE-2021-47405 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: HID: usbhid: free raw_report buffers in usbhid_stop Free the unsent raw_report buffers when the device is removed. Fixes a memor… | |||
| CVE-2021-47406 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ext4: add error checking to ext4_ext_replay_set_iblocks() If the call to ext4_map_blocks() fails due to an corrupted file system,… | |||
| CVE-2021-47416 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: phy: mdio: fix memory leak Syzbot reported memory leak in MDIO bus interface, the problem was in wrong state logic. MDIOBUS_ALLO… | |||
| CVE-2021-47421 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: handle the case of pci_channel_io_frozen only in amdgpu_pci_resume In current code, when a PCI error state pci_channe… | |||
| CVE-2021-47417 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: libbpf: Fix memory leak in strset Free struct strset itself, not just its internal parts. | |||
| CVE-2021-47387 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: cpufreq: schedutil: Use kobject release() method to free sugov_tunables The struct sugov_tunables is protected by the kobject, so… | |||
| CVE-2021-40633 | unknown | — | — | — | A memory leak (out-of-memory) in gif2rgb in util/gif2rgb.c in giflib 5.1.4 allows remote attackers trigger an out of memory exception or denial of service via a gif format file. | |||
| CVE-2021-30558 | unknown | — | — | — | Insufficient policy enforcement in content security policy in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chrome security… | |||
| CVE-2021-36691 | unknown | — | — | — | libjxl v0.5.0 is affected by a Assertion failed issue in lib/jxl/image.cc jxl::PlaneBase::PlaneBase(). When encoding a malicous GIF file using cjxl, an attacker can trigger a denial of service. | |||
| CVE-2021-36692 | unknown | — | — | — | libjxl v0.3.7 is affected by a Divide By Zero in issue in lib/extras/codec_apng.cc jxl::DecodeImageAPNG(). When encoding a malicous APNG file using cjxl, an attacker can trigger a denial of service. | |||
| CVE-2021-45928 | unknown | — | — | — | libjxl b02d6b9, as used in libvips 8.11 through 8.11.2 and other products, has an out-of-bounds write in jxl::ModularFrameDecoder::DecodeGroup (called from jxl::FrameDecoder::ProcessACGroup and jxl::… | |||
| CVE-2021-47100 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module Hi, When testing install and uninstall of ipmi_si.ko and ipmi_ms… | |||
| CVE-2021-4316 | unknown | — | — | — | Inappropriate implementation in Cast UI in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to spoof browser UI via a crafted HTML page. (Chromium security severity: Low) | |||
| CVE-2021-47212 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Update error handler for UCTX and UMEM In the fast unload flow, the device state is set to internal error, which indica… | |||
| CVE-2021-44118 | unknown | — | — | — | SPIP 4.0.0 is affected by a Cross Site Scripting (XSS) vulnerability. To exploit the vulnerability, a visitor must browse to a malicious SVG file. The vulnerability allows an authenticated attacker t… | |||
| CVE-2021-44120 | unknown | — | — | — | SPIP 4.0.0 is affected by a Cross Site Scripting (XSS) vulnerability in ecrire/public/interfaces.php, adding the function safehtml to the vulnerable fields. An editor is able to modify his personal i… | |||
| CVE-2021-44123 | unknown | — | — | — | SPIP 4.0.0 is affected by a remote command execution vulnerability. To exploit the vulnerability, an attacker must craft a malicious picture with a double extension, upload it and then click on it to… | |||
| CVE-2021-3236 | unknown | — | — | — | vim 8.2.2348 is affected by null pointer dereference, allows local attackers to cause a denial of service (DoS) via the ex_buffer_all method. | |||
| CVE-2021-3995 | unknown | — | — | — | A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows an unprivileged local attacker to unmount… | |||
| CVE-2021-4166 | unknown | — | — | — | vim is vulnerable to Out-of-bounds Read | |||
| CVE-2021-4136 | unknown | — | — | — | vim is vulnerable to Heap-based Buffer Overflow | |||
| CVE-2021-4173 | unknown | — | — | — | vim is vulnerable to Use After Free | |||
| CVE-2021-4187 | unknown | — | — | — | vim is vulnerable to Use After Free | |||
| CVE-2021-47479 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: staging: rtl8712: fix use-after-free in rtl8712_dl_fw Syzbot reported use-after-free in rtl8712_dl_fw(). The problem was in race … | |||
| CVE-2021-3682 | unknown | — | — | — | A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. It occurs when dropping packets during a bulk transfer from a SPICE client due to the packet queue bein… | |||
| CVE-2021-3498 | unknown | — | — | — | GStreamer before 1.18.4 might cause heap corruption when parsing certain malformed Matroska files. | |||
| CVE-2021-4324 | unknown | — | — | — | Insufficient policy enforcement in Google Update in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to read arbitrary files via a malicious file. (Chromium security severity: Medium) | |||
| CVE-2021-4323 | unknown | — | — | — | Insufficient validation of untrusted input in Extensions in Google Chrome prior to 90.0.4430.72 allowed an attacker who convinced a user to install a malicious extension to access local files via a c… | |||
| CVE-2021-4320 | unknown | — | — | — | Use after free in Blink in Google Chrome prior to 92.0.4515.107 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. (Chromium s… | |||
| CVE-2021-38023 | unknown | — | — | — | Use after free in Extensions in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2021-47588 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: sit: do not call ipip6_dev_free() from sit_init_net() ipip6_dev_free is sit dev->priv_destructor, already called by register_netd… | |||
| CVE-2021-27216 | unknown | — | — | — | Exim 4 before 4.94.2 has Execution with Unnecessary Privileges. By leveraging a delete_pid_file race condition, a local user can delete arbitrary files as root. This involves the -oP and -oPX options. | |||
| CVE-2021-47553 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: sched/scs: Reset task stack state in bringup_cpu() To hot unplug a CPU, the idle task on that CPU calls a few layers of C code be… | |||
| CVE-2021-47086 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: phonet/pep: refuse to enable an unbound pipe This ioctl() implicitly assumed that the socket was already bound to a valid local s… | |||
| CVE-2021-40226 | unknown | — | — | — | xpdfreader 4.03 is vulnerable to Buffer Overflow. | |||
| CVE-2021-47087 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: tee: optee: Fix incorrect page free bug Pointer to the allocated pages (struct page *page) has already progressed towards the end… | |||
| CVE-2021-47077 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Add pointer checks in qedf_update_link_speed() The following trace was observed: [ 14.042059] Call Trace: [ 14… | |||
| CVE-2021-47481 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Initialize the ODP xarray when creating an ODP MR Normally the zero fill would hide the missing initialization, but an… | |||
| CVE-2021-47075 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: nvmet: fix memory leak in nvmet_alloc_ctrl() When creating ctrl in nvmet_alloc_ctrl(), if the cntlid_min is larger than cntlid_ma… | |||
| CVE-2021-47068 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net/nfc: fix use-after-free llcp_sock_bind/connect Commits 8a4cd82d ("nfc: fix refcount leak in llcp_sock_connect()") and c33b1cc… | |||
| CVE-2021-47531 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix mmap to include VM_IO and VM_DONTDUMP In commit 510410bfc034 ("drm/msm: Implement mmap as GEM object function") we s… | |||
| CVE-2021-20213 | unknown | — | — | — | A flaw was found in Privoxy in versions before 3.0.29. Dereference of a NULL-pointer that could result in a crash if accept-intercepted-requests was enabled, Privoxy failed to get the request destina… | |||
| CVE-2021-47557 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_ets: don't peek at classes beyond 'nbands' when the number of DRR classes decreases, the round-robin active list c… | |||
| CVE-2021-20219 | unknown | — | — | — | A denial of service vulnerability was found in n_tty_receive_char_special in drivers/tty/n_tty.c of the Linux kernel. In this flaw a local attacker with a normal user privilege could delay the loop (… | |||
| CVE-2021-47064 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mt76: fix potential DMA mapping leak With buf uninitialized in mt76_dma_tx_queue_skb_raw, its field skip_unmap could potentially … | |||
| CVE-2021-20224 | unknown | — | — | — | An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum() function in MagickCore/quantum-export.c. Function calls to GetPixelIndex() could result in values outside the range of r… | |||
| CVE-2021-20255 | unknown | — | — | — | A stack overflow via an infinite recursion vulnerability was found in the eepro100 i8255x device emulator of QEMU. This issue occurs while processing controller commands due to a DMA reentry issue. T… | |||
| CVE-2021-20261 | unknown | — | — | — | A race condition was found in the Linux kernels implementation of the floppy disk drive controller driver software. The impact of this issue is lessened by the fact that the default permissions on th… | |||
| CVE-2021-20309 | unknown | — | — | — | A flaw was found in ImageMagick in versions before 7.0.11 and before 6.9.12, where a division by zero in WaveImage() of MagickCore/visual-effects.c may trigger undefined behavior via a crafted image … | |||
| CVE-2021-20311 | unknown | — | — | — | A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero in sRGBTransformImage() in the MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that… | |||
| CVE-2021-20312 | unknown | — | — | — | A flaw was found in ImageMagick in versions 7.0.11, where an integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c may trigger undefined behavior via a crafted image file that is submitted by… | |||
| CVE-2021-47058 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: regmap: set debugfs_name to NULL after it is freed There is a upstream commit cffa4b2122f5("regmap:debugfs: Fix a memory leak whe… | |||
| CVE-2021-47082 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: tun: avoid double free in tun_free_netdev Avoid double free in tun_free_netdev() by moving the dev->tstats and tun->security allo… | |||
| CVE-2021-47056 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init ADF_STATUS_PF_RUNNING is (only) used and checked by adf_vf2p… | |||
| CVE-2021-47051 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: spi: fsl-lpspi: Fix PM reference leak in lpspi_prepare_xfer_hardware() pm_runtime_get_sync will increment pm usage counter even i… | |||
| CVE-2021-47050 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: memory: renesas-rpc-if: fix possible NULL pointer dereference of resource The platform_get_resource_byname() can return NULL whic… | |||
| CVE-2021-47049 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Use after free in __vmbus_open() The "open_info" variable is added to the &vmbus_connection.chn_msg_list, but… | |||
| CVE-2021-47043 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: venus: core: Fix some resource leaks in the error path of 'venus_probe()' If an error occurs after a successful 'of_icc_ge… | |||
| CVE-2021-47042 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Free local data after use Fixes the following memory leak in dc_link_construct(): unreferenced object 0xffffa03… | |||
| CVE-2021-47032 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mt76: mt7915: fix tx skb dma unmap The first pointer in the txp needs to be unmapped as well, otherwise it will leak DMA mapping … | |||
| CVE-2021-47029 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mt76: connac: fix kernel warning adding monitor interface Fix the following kernel warning adding a monitor interface in mt76_con… | |||
| CVE-2021-47028 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mt76: mt7915: fix txrate reporting Properly check rate_info to fix unexpected reporting. [ 1215.161863] Call trace: [ 1215.16430… | |||
| CVE-2021-47026 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs-clt: destroy sysfs after removing session from active list A session can be removed dynamically by sysfs interface "rem… | |||
| CVE-2021-47021 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mt76: mt7915: fix memleak when mt7915_unregister_device() mt7915_tx_token_put() should get call before mt76_free_pending_txwi(). | |||
| CVE-2021-47030 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mt76: mt7615: fix memory leak in mt7615_coredump_work Similar to the issue fixed in mt7921_coredump_work, fix a possible memory l… | |||
| CVE-2021-47015 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix RX consumer index logic in the error path. In bnxt_rx_pkt(), the RX buffers are expected to complete in order. If th… | |||
| CVE-2021-47020 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: soundwire: stream: fix memory leak in stream config error path When stream config is failed, master runtime will release all slav… | |||
| CVE-2021-47010 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: Only allow init netns to set default tcp cong to a restricted algo tcp_set_default_congestion_control() is netns-safe in tha… | |||
| CVE-2021-47003 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix potential null dereference on pointer status There are calls to idxd_cmd_exec that pass a null status pointe… | |||
| CVE-2021-47001 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: xprtrdma: Fix cwnd update ordering After a reconnect, the reply handler is opening the cwnd (and thus enabling more RPC Calls to … | |||
| CVE-2021-46995 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: can: mcp251xfd: mcp251xfd_probe(): fix an error pointer dereference in probe When we converted this code to use dev_err_probe() w… | |||
| CVE-2021-46985 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ACPI: scan: Fix a memory leak in an error handling path If 'acpi_device_set_name()' fails, we must free 'acpi_device_bus_id->bus_… | |||
| CVE-2021-21200 | unknown | — | — | — | Out of bounds read in WebUI Settings in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chrome security severity: Low) |