CVEs from 2021
Total
4,783
critical
critical 281
high
high 1,014
medium
medium 1,186
low
low 139
% Critical
5.9%
% with KEV
4.5%
% with exploit
5.4%
Top vendors
Top products
- simatic_wincc_runtime_advanced 28
- office 13
- primavera_gateway 10
- weblogic_server 9
- primavera_unifier 8
- modicon_m340_bmxp342020 8
- log4j 8
- mbed_tls 8
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-39713 | unknown | — | — | — | Product: AndroidVersions: Android kernelAndroid ID: A-173788806References: Upstream kernel | |||
| CVE-2021-4032 | unknown | — | — | — | A vulnerability was found in the Linux kernel's KVM subsystem in arch/x86/kvm/lapic.c kvm_free_lapic when a failure allocation was detected. In this flaw the KVM subsystem may crash the kernel due to… | |||
| CVE-2021-39800 | unknown | — | — | — | In ion_ioctl of ion-ioctl.c, there is a possible way to leak kernel head data due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. … | |||
| CVE-2021-39801 | unknown | — | — | — | In ion_ioctl of ion-ioctl.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interact… | |||
| CVE-2021-39802 | unknown | — | — | — | In change_pte_range of mprotect.c , there is a possible way to make a shared mmap writable due to a permissions bypass. This could lead to local escalation of privilege with no additional execution p… | |||
| CVE-2021-4148 | unknown | — | — | — | A vulnerability was found in the Linux kernel's block_invalidatepage in fs/buffer.c in the filesystem. A missing sanity check may allow a local attacker with user privilege to cause a denial of servi… | |||
| CVE-2021-4149 | unknown | — | — | — | A vulnerability was found in btrfs_alloc_tree_b in fs/btrfs/extent-tree.c in the Linux kernel due to an improper lock operation in btrfs. In this flaw, a user with a local privilege may cause a denia… | |||
| CVE-2021-42008 | unknown | — | — | — | The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root… | |||
| CVE-2021-4202 | unknown | — | — | — | A use-after-free flaw was found in nci_request in net/nfc/nci/core.c in NFC Controller Interface (NCI) in the Linux kernel. This flaw could allow a local attacker with user privileges to cause a data… | |||
| CVE-2021-4440 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: x86/xen: Drop USERGS_SYSRET64 paravirt call commit afd30525a659ac0ae0904f0cb4a2ca75522c3123 upstream. USERGS_SYSRET64 is used to… | |||
| CVE-2021-43057 | unknown | — | — | — | An issue was discovered in the Linux kernel before 5.14.8. A use-after-free in selinux_ptrace_traceme (aka the SELinux handler for PTRACE_TRACEME) could be used by local attackers to cause memory cor… | |||
| CVE-2021-4441 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: spi: spi-zynq-qspi: Fix a NULL pointer dereference in zynq_qspi_exec_mem_op() In zynq_qspi_exec_mem_op(), kzalloc() is directly u… | |||
| CVE-2021-4439 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: isdn: cpai: check ctr->cnr to avoid array index out of bound The cmtp_add_connection() would add a cmtp session to a controller a… | |||
| CVE-2021-4453 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix a potential gpu_metrics_table memory leak Memory is allocated for gpu_metrics_table in renoir_init_smc_tables(), … | |||
| CVE-2021-4454 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: can: j1939: fix errant WARN_ON_ONCE in j1939_session_deactivate The conclusion "j1939_session_deactivate() should be called with … | |||
| CVE-2021-45095 | unknown | — | — | — | pep_sock_accept in net/phonet/pep.c in the Linux kernel through 5.15.8 has a refcount leak. | |||
| CVE-2021-46908 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: bpf: Use correct permission flag for mixed signed bounds arithmetic We forbid adding unknown scalars with mixed signed bounds due… | |||
| CVE-2021-47647 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: clk: qcom: ipq8074: fix PCI-E clock oops Fix PCI-E clock related kernel oops that are caused by a missing clock parent. pcie0_rc… | |||
| CVE-2021-46912 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: Make tcp_allowed_congestion_control readonly in non-init netns Currently, tcp_allowed_congestion_control is global and writa… | |||
| CVE-2021-46913 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: clone set element expression template memcpy() breaks when using connlimit in set elements. Use nft_expr_clo… | |||
| CVE-2021-46917 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix wq cleanup of WQCFG registers A pre-release silicon erratum workaround where wq reset does not clear WQCFG r… | |||
| CVE-2021-46919 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix wq size store permission state WQ size can only be changed when the device is disabled. Current code allows … | |||
| CVE-2021-46921 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: locking/qrwlock: Fix ordering in queued_write_lock_slowpath() While this code is executed with the wait_lock held, a reader can a… | |||
| CVE-2021-46929 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: sctp: use call_rcu to free endpoint This patch is to delay the endpoint free by calling call_rcu() to fix another use-after-free … | |||
| CVE-2021-46924 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: NFC: st21nfca: Fix memory leak in device probe and remove 'phy->pending_skb' is alloced when device probe, but forgot to free in … | |||
| CVE-2021-46926 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: intel-sdw-acpi: harden detection of controller The existing code currently sets a pointer to an ACPI handle before che… | |||
| CVE-2021-46932 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: Input: appletouch - initialize work before device registration Syzbot has reported warning in __flush_work(). This warning is cau… | |||
| CVE-2021-46935 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: binder: fix async_free_space accounting for empty parcels In 4.13, commit 74310e06be4d ("android: binder: Move buffer out of area… | |||
| CVE-2021-46937 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mm/damon/dbgfs: fix 'struct pid' leaks in 'dbgfs_target_ids_write()' DAMON debugfs interface increases the reference counts of 's… | |||
| CVE-2021-46942 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: io_uring: fix shared sqpoll cancellation hangs [ 736.982891] INFO: task iou-sqp-4294:4295 blocked for more than 122 seconds. [ … | |||
| CVE-2021-46944 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: staging/intel-ipu3: Fix memory leak in imu_fmt We are losing the reference to an allocated memory if try. Change the order… | |||
| CVE-2021-46945 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ext4: always panic when errors=panic is specified Before commit 014c9caa29d3 ("ext4: make ext4_abort() use __ext4_error()"), the … | |||
| CVE-2021-46958 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between transaction aborts and fsyncs leading to use-after-free There is a race between a task aborting a transac… | |||
| CVE-2021-46949 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: sfc: farch: fix TX queue lookup in TX flush done handling We're starting from a TXQ instance number ('qid'), not a TXQ type, so … | |||
| CVE-2021-46951 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: tpm: efi: Use local variable for calculating final log size When tpm_read_log_efi is called multiple times, which happens when on… | |||
| CVE-2021-46959 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: spi: Fix use-after-free with devm_spi_alloc_* We can't rely on the contents of the devres list during spi_unregister_controller()… | |||
| CVE-2021-46962 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mmc: uniphier-sd: Fix a resource leak in the remove function A 'tmio_mmc_host_free()' call is missing in the remove function, in … | |||
| CVE-2021-46963 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand() RIP: 0010:kmem_cache_free+0xfa/0x1b0 Call Trace: qla2xxx_mqueu… | |||
| CVE-2021-46968 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: fix zcard and zqueue hot-unplug memleak Tests with kvm and a kmemdebug kernel showed, that on hot unplug the zcard a… | |||
| CVE-2021-46966 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ACPI: custom_method: fix potential use-after-free issue In cm_write(), buf is always freed when reaching the end of the function.… | |||
| CVE-2021-46969 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: bus: mhi: core: Fix invalid error returning in mhi_queue mhi_queue returns an error when the doorbell is not accessible in the cu… | |||
| CVE-2021-46974 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix masking negation logic upon negative dst register The negation logic for the case where the off_reg is sitting in the ds… | |||
| CVE-2021-46977 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Disable preemption when probing user return MSRs Disable preemption when probing a user return MSR via RDSMR/WRMSR. If… | |||
| CVE-2021-46978 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: KVM: nVMX: Always make an attempt to map eVMCS after migration When enlightened VMCS is in use and nested state is migrated with … | |||
| CVE-2021-46982 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix race condition of overwrite vs truncate pos_fsstress testcase complains a panic as belew: ------------[ cut … | |||
| CVE-2021-46987 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock when cloning inline extents and using qgroups There are a few exceptional cases where cloning an inline exten… | |||
| CVE-2021-46986 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Free gadget structure only after freeing endpoints As part of commit e81a7018d93a ("usb: dwc3: allocate gadget… | |||
| CVE-2021-46988 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: userfaultfd: release page in error path to avoid BUG_ON Consider the following sequence of events: 1. Userspace issues a UFFD io… | |||
| CVE-2021-46990 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fix crashes when toggling entry flush barrier The entry flush mitigation can be enabled/disabled at runtime via a de… | |||
| CVE-2021-46996 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Fix a memleak from userdata error path in new objects Release object name if userdata allocation fails. | |||
| CVE-2021-46994 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: can: mcp251x: fix resume from sleep before interface was brought up Since 8ce8c0abcba3 the driver queues work via priv->restart_w… | |||
| CVE-2021-46999 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: sctp: do asoc update earlier in sctp_sf_do_dupcook_a There's a panic that occurs in a few of envs, the call trace is as below: … | |||
| CVE-2021-47000 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ceph: fix inode leak on getattr error in __fh_to_dentry | |||
| CVE-2021-47005 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Fix NULL pointer dereference for ->get_features() get_features ops of pci_epc_ops may return NULL, causing NULL po… | |||
| CVE-2021-47007 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: f2fs: fix panic during f2fs_resize_fs() f2fs_resize_fs() hangs in below callstack with testcase: - mkfs 16GB image & mount image … | |||
| CVE-2021-47017 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ath10k: Fix a use after free in ath10k_htc_send_bundle In ath10k_htc_send_bundle, the bundle_skb could be freed by dev_kfree_skb_… | |||
| CVE-2021-47024 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: free queued packets when closing socket As reported by syzbot [1], there is a memory leak while closing the socket.… | |||
| CVE-2021-47022 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mt76: mt7615: fix memleak when mt7615_unregister_device() mt7615_tx_token_put() should get call before mt76_free_pending_txwi(). | |||
| CVE-2021-47025 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: Always enable the clk on resume In mtk_iommu_runtime_resume always enable the clk, even if m4u_dom is null. Other… | |||
| CVE-2021-47031 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: fix memory leak in mt7921_coredump_work Fix possible memory leak in mt7921_coredump_work. | |||
| CVE-2021-47033 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mt76: mt7615: fix tx skb dma unmap The first pointer in the txp needs to be unmapped as well, otherwise it will leak DMA mapping … | |||
| CVE-2021-47035 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Remove WO permissions on second-level paging entries When the first level page table is used for IOVA translation, it… | |||
| CVE-2021-47040 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: io_uring: fix overflows checks in provide buffers Colin reported before possible overflow and sign extension problems in io_provi… | |||
| CVE-2021-47039 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ataflop: potential out of bounds in do_format() The function uses "type" as an array index: q = unit[drive].disk[type]->queue; … | |||
| CVE-2021-47044 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix shift-out-of-bounds in load_balance() Syzbot reported a handful of occurrences where an sd->nr_balance_failed can… | |||
| CVE-2021-47046 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix off by one in hdmi_14_process_transaction() The hdcp_i2c_offsets[] array did not have an entry for HDCP_MESS… | |||
| CVE-2021-47047 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: spi: spi-zynqmp-gqspi: return -ENOMEM if dma_map_single fails The spi controller supports 44-bit address space on AXI in DMA mode… | |||
| CVE-2021-47053 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: crypto: sun8i-ss - Fix memory leak of pad It appears there are several failure return paths that don't seem to be free'ing pad. F… | |||
| CVE-2021-47059 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: crypto: sun8i-ss - fix result memory leak on error path This patch fixes a memory leak on an error path. | |||
| CVE-2021-47061 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: KVM: Destroy I/O bus devices on unregister failure _after_ sync'ing SRCU If allocating a new instance of an I/O bus fails when un… | |||
| CVE-2021-47063 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm: bridge/panel: Cleanup connector on bridge detach If we don't call drm_connector_cleanup() manually in panel_bridge_detach(),… | |||
| CVE-2021-47065 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: rtw88: Fix array overrun in rtw_get_tx_power_params() Using a kernel with the Undefined Behaviour Sanity Checker (UBSAN) enabled,… | |||
| CVE-2021-47066 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: async_xor: increase src_offs when dropping destination page Now we support sharing one page if PAGE_SIZE is not equal stripe size… | |||
| CVE-2021-47079 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: platform/x86: ideapad-laptop: fix a NULL pointer dereference The third parameter of dytc_cql_command should not be NULL since it … | |||
| CVE-2021-47071 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: uio_hv_generic: Fix a memory leak in error handling paths If 'vmbus_establish_gpadl()' fails, the (recv|send)_gpadl will not be u… | |||
| CVE-2021-47074 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: nvme-loop: fix memory leak in nvme_loop_create_ctrl() When creating loop ctrl in nvme_loop_create_ctrl(), if nvme_init_ctrl() fai… | |||
| CVE-2021-20176 | unknown | — | — | — | A divide-by-zero flaw was found in ImageMagick 6.9.11-57 and 7.0.10-57 in gem.c. This flaw allows an attacker who submits a crafted file that is processed by ImageMagick to trigger undefined behavior… | |||
| CVE-2021-20310 | unknown | — | — | — | A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero ConvertXYZToJzazbz() of MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is sub… | |||
| CVE-2021-20313 | unknown | — | — | — | A flaw was found in ImageMagick in versions before 7.0.11. A potential cipher leak when the calculate signatures in TransformSignature is possible. The highest threat from this vulnerability is to da… | |||
| CVE-2021-4219 | unknown | — | — | — | A flaw was found in ImageMagick. The vulnerability occurs due to improper use of open functions and leads to a denial of service. This flaw allows an attacker to crash the system. | |||
| CVE-2021-3498 | unknown | — | — | — | GStreamer before 1.18.4 might cause heap corruption when parsing certain malformed Matroska files. | |||
| CVE-2021-47635 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix to add refcount once page is set private MM defined the rule [1] very clearly that once page was set with PG_private f… | |||
| CVE-2021-47634 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ubi: Fix race condition between ctrl_cdev_ioctl and ubi_cdev_ioctl Hulk Robot reported a KASAN report about use-after-free: ====… | |||
| CVE-2021-23168 | unknown | — | — | — | Out of bounds read for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow an unauthenticated user to potentially enable denial of service via adjacent access. | |||
| CVE-2021-23223 | unknown | — | — | — | Improper initialization for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable escalation of privilege via local access. | |||
| CVE-2021-44545 | unknown | — | — | — | Improper input validation for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow an unauthenticated user to potentially enable denial of service via adjacent access. | |||
| CVE-2021-47618 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ARM: 9170/1: fix panic when kasan and kprobe are enabled arm32 uses software to simulate the instruction replaced by kprobe. some… | |||
| CVE-2021-47602 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mac80211: track only QoS data frames for admission control For admission control, obviously all of that only works for QoS data f… | |||
| CVE-2021-47594 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mptcp: never allow the PM to close a listener subflow Currently, when deleting an endpoint the netlink PM treverses all the local… | |||
| CVE-2021-47584 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: iocost: Fix divide-by-zero on donation from low hweight cgroup The donation calculation logic assumes that the donor has non-zero… | |||
| CVE-2021-46997 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: arm64: entry: always set GIC_PRIO_PSR_I_SET during entry Zenghui reports that booting a kernel with "irqchip.gicv3_pseudo_nmi=1" … | |||
| CVE-2021-20209 | unknown | — | — | — | A memory leak vulnerability was found in Privoxy before 3.0.29 in the show-status CGI handler when no action files are configured. | |||
| CVE-2021-20213 | unknown | — | — | — | A flaw was found in Privoxy in versions before 3.0.29. Dereference of a NULL-pointer that could result in a crash if accept-intercepted-requests was enabled, Privoxy failed to get the request destina… | |||
| CVE-2021-20219 | unknown | — | — | — | A denial of service vulnerability was found in n_tty_receive_char_special in drivers/tty/n_tty.c of the Linux kernel. In this flaw a local attacker with a normal user privilege could delay the loop (… | |||
| CVE-2021-20224 | unknown | — | — | — | An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum() function in MagickCore/quantum-export.c. Function calls to GetPixelIndex() could result in values outside the range of r… | |||
| CVE-2021-20255 | unknown | — | — | — | A stack overflow via an infinite recursion vulnerability was found in the eepro100 i8255x device emulator of QEMU. This issue occurs while processing controller commands due to a DMA reentry issue. T… | |||
| CVE-2021-20261 | unknown | — | — | — | A race condition was found in the Linux kernels implementation of the floppy disk drive controller driver software. The impact of this issue is lessened by the fact that the default permissions on th… | |||
| CVE-2021-20309 | unknown | — | — | — | A flaw was found in ImageMagick in versions before 7.0.11 and before 6.9.12, where a division by zero in WaveImage() of MagickCore/visual-effects.c may trigger undefined behavior via a crafted image … | |||
| CVE-2021-20311 | unknown | — | — | — | A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero in sRGBTransformImage() in the MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that… | |||
| CVE-2021-20312 | unknown | — | — | — | A flaw was found in ImageMagick in versions 7.0.11, where an integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c may trigger undefined behavior via a crafted image file that is submitted by… |