CVEs from 2021
Total
4,792
critical
critical 281
high
high 1,019
medium
medium 1,177
low
low 138
% Critical
5.9%
% with KEV
4.4%
% with exploit
5.3%
Top vendors
Top products
- simatic_wincc_runtime_advanced 28
- office 13
- primavera_gateway 10
- weblogic_server 9
- primavera_unifier 8
- modicon_m340_bmxp342020 8
- log4j 8
- mbed_tls 8
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-1788 | medium | — | 5.5 | 5y ago | A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS… | |||
| CVE-2021-21806 | medium | — | 5.5 | 5y ago | An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in remote code execution.… | |||
| CVE-2021-21779 | medium | — | 5.5 | 5y ago | A use-after-free vulnerability exists in the way Webkit’s GraphicsContext handles certain events in WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further… | |||
| CVE-2021-1801 | medium | — | 5.5 | 5y ago | This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.… | |||
| CVE-2021-1844 | medium | — | 5.5 | 5y ago | A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur… | |||
| CVE-2021-30720 | medium | — | 5.5 | 5y ago | A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious website may be able to … | |||
| CVE-2021-30734 | medium | — | 5.5 | 5y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing … | |||
| CVE-2021-30744 | medium | — | 5.5 | 5y ago | Description: A cross-origin issue with iframe elements was addressed with improved tracking of security origins. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big S… | |||
| CVE-2021-30749 | medium | — | 5.5 | 5y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing … | |||
| CVE-2021-1799 | medium | — | 5.5 | 5y ago | A port redirection issue was addressed with additional port validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watch… | |||
| CVE-2021-30795 | medium | — | 5.5 | 5y ago | A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web co… | |||
| CVE-2021-30682 | medium | — | 5.5 | 5y ago | A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able… | |||
| CVE-2021-30797 | medium | — | 5.5 | 5y ago | This issue was addressed with improved checks. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to code … | |||
| CVE-2021-30758 | medium | — | 5.5 | 5y ago | A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web conte… | |||
| CVE-2021-1765 | medium | — | 5.5 | 5y ago | This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted w… | |||
| CVE-2021-28650 | medium | — | 5.5 | 5y ago | RHSA-2021:4381: GNOME security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-30689 | medium | — | 5.5 | 5y ago | A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted … | |||
| CVE-2021-30799 | medium | — | 5.5 | 5y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave… | |||
| CVE-2021-20197 | medium | — | 5.5 | 5y ago | RHSA-2021:4364: binutils security update (Moderate) | |||
| CVE-2021-20284 | medium | — | 5.5 | 5y ago | RHSA-2021:4364: binutils security update (Moderate) | |||
| CVE-2021-3487 | medium | — | 5.5 | 5y ago | RHSA-2021:4364: binutils security update (Moderate) | |||
| CVE-2021-35942 | medium | — | 5.5 | 5y ago | RHSA-2021:4358: glibc security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-27645 | medium | — | 5.5 | 5y ago | RHSA-2021:4358: glibc security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-33574 | medium | — | 5.5 | 5y ago | RHSA-2021:4358: glibc security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-31440 | medium | — | 5.5 | 5y ago | This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.11.15. An attacker must first obtain the ability to execute low-privileged code on the tar… | |||
| CVE-2021-3732 | medium | — | 5.5 | 5y ago | A flaw was found in the Linux kernel's OverlayFS subsystem in the way the user mounts the TmpFS filesystem with OverlayFS. This flaw allows a local user to gain access to hidden files that should not… | |||
| CVE-2021-3679 | medium | — | 5.5 | 5y ago | A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (… | |||
| CVE-2021-33200 | medium | — | 5.5 | 5y ago | kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations, aka CID-bb01a1bba579. This can be abused to perform out-of-bounds reads and write… | |||
| CVE-2021-3564 | medium | — | 5.5 | 5y ago | A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to c… | |||
| CVE-2021-29650 | medium | — | 5.5 | 5y ago | An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/… | |||
| CVE-2021-28971 | medium | — | 5.5 | 5y ago | In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PE… | |||
| CVE-2021-20194 | medium | — | 5.5 | 5y ago | There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y , CONFIG_BPF=y , CONFIG_CGROUPS=y , CONFIG_CGROUP_BPF=y , CONFIG_HARD… | |||
| CVE-2021-29646 | medium | — | 5.5 | 5y ago | An issue was discovered in the Linux kernel before 5.11.11. tipc_nl_retrieve_key in net/tipc/node.c does not properly validate certain data sizes, aka CID-0217ed2848e8. | |||
| CVE-2021-0129 | medium | — | 5.5 | 5y ago | Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access. | |||
| CVE-2021-3659 | medium | — | 5.5 | 5y ago | A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash t… | |||
| CVE-2021-31829 | medium | — | 5.5 | 5y ago | kernel/bpf/verifier.c in the Linux kernel through 5.12.1 performs undesirable speculative loads, leading to disclosure of stack content via side-channel attacks, aka CID-801c6058d14a. The specific co… | |||
| CVE-2021-3635 | medium | — | 5.5 | 5y ago | A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. A user with root (CAP_SYS_ADMIN) access is able to panic the system when issuing netfilter netflow commands. | |||
| CVE-2021-31916 | medium | — | 5.5 | 5y ago | An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux kernel before 5.12. A bound check failure allows an attacker… | |||
| CVE-2021-33033 | medium | — | 5.5 | 5y ago | The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd.… | |||
| CVE-2021-3600 | medium | — | 5.5 | 5y ago | It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. A local attacker could use th… | |||
| CVE-2021-3573 | medium | — | 5.5 | 5y ago | A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregist… | |||
| CVE-2021-29155 | medium | — | 5.5 | 5y ago | An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spe… | |||
| CVE-2021-3489 | medium | — | 5.5 | 5y ago | The eBPF RINGBUF bpf_ringbuf_reserve() function in the Linux kernel did not check that the allocated size was smaller than the ringbuf size, allowing an attacker to perform out-of-bounds writes withi… | |||
| CVE-2021-23133 | medium | — | 5.5 | 5y ago | A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctp_des… | |||
| CVE-2021-20239 | medium | — | 5.5 | 5y ago | A flaw was found in the Linux kernel in versions before 5.4.92 in the BPF protocol. This flaw allows an attacker with a local account to leak information about kernel internal addresses. The highest … | |||
| CVE-2021-3348 | medium | — | 5.5 | 5y ago | nbd_add_socket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndb_queue_rq use-after-free that could be triggered by local attackers (with access to the nbd device) via an I/O requ… | |||
| CVE-2021-28950 | medium | — | 5.5 | 5y ago | An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A "stall on CPU" can occur because a retry loop continually finds the same bad inode, aka CID-775c5033a0d1. | |||
| CVE-2021-39365 | medium | — | 5.5 | 5y ago | RHSA-2021:4339: grilo security update (Moderate) | |||
| CVE-2021-31535 | medium | — | 5.5 | 5y ago | RHSA-2021:4326: libX11 security update (Moderate) | |||
| CVE-2021-28091 | medium | — | 5.5 | 5y ago | RHSA-2021:4325: lasso security and enhancement update (Moderate) | |||
| CVE-2021-3571 | medium | — | 5.5 | 5y ago | RHSA-2021:4321: linuxptp security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-37619 | medium | — | 5.5 | 5y ago | RHSA-2021:4319: compat-exiv2-026 security update (Moderate) | |||
| CVE-2021-37618 | medium | — | 5.5 | 5y ago | RHSA-2021:4319: compat-exiv2-026 security update (Moderate) | |||
| CVE-2021-28651 | medium | — | 5.5 | 5y ago | RHSA-2021:4292: squid:4 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-28652 | medium | — | 5.5 | 5y ago | RHSA-2021:4292: squid:4 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-33620 | medium | — | 5.5 | 5y ago | RHSA-2021:4292: squid:4 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-31808 | medium | — | 5.5 | 5y ago | RHSA-2021:4292: squid:4 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-28662 | medium | — | 5.5 | 5y ago | RHSA-2021:4292: squid:4 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-29922 | medium | — | 5.5 | 5y ago | RHSA-2021:4270: rust-toolset:rhel8 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-30641 | medium | — | 5.5 | 5y ago | Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF' | |||
| CVE-2021-26690 | medium | — | 5.5 | 5y ago | Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service | |||
| CVE-2021-3575 | medium | — | 5.5 | 5y ago | RHSA-2021:4251: openjpeg2 security update (Moderate) | |||
| CVE-2021-29338 | medium | — | 5.5 | 5y ago | RHSA-2021:4251: openjpeg2 security update (Moderate) | |||
| CVE-2021-26927 | medium | — | 5.5 | 5y ago | RHSA-2021:4235: jasper security update (Moderate) | |||
| CVE-2021-26926 | medium | — | 5.5 | 5y ago | RHSA-2021:4235: jasper security update (Moderate) | |||
| CVE-2021-3272 | medium | — | 5.5 | 5y ago | RHSA-2021:4235: jasper security update (Moderate) | |||
| CVE-2021-21702 | medium | — | 5.5 | 5y ago | RHSA-2021:4213: php:7.4 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-20095 | medium | — | 5.5 | 5y ago | RHSA-2021:4201: babel security and bug fix update (Moderate) | |||
| CVE-2021-3631 | medium | — | 5.5 | 5y ago | RHSA-2021:4191: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-3667 | medium | — | 5.5 | 5y ago | RHSA-2021:4191: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-3592 | medium | — | 5.5 | 5y ago | An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootp_input() function and could occur while processing a udp packet that is s… | |||
| CVE-2021-3595 | medium | — | 5.5 | 5y ago | An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the tftp_input() function and could occur while processing a udp packet that is sm… | |||
| CVE-2021-3594 | medium | — | 5.5 | 5y ago | An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp_input() function and could occur while processing a udp packet that is sma… | |||
| CVE-2021-3593 | medium | — | 5.5 | 5y ago | An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp6_input() function and could occur while processing a udp packet that is sm… | |||
| CVE-2021-3181 | medium | — | 5.5 | 5y ago | RHSA-2021:4181: mutt security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-32617 | medium | — | 5.5 | 5y ago | RHSA-2021:4173: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-29623 | medium | — | 5.5 | 5y ago | RHSA-2021:4173: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-29473 | medium | — | 5.5 | 5y ago | RHSA-2021:4173: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-29458 | medium | — | 5.5 | 5y ago | RHSA-2021:4173: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-29457 | medium | — | 5.5 | 5y ago | RHSA-2021:4173: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-29463 | medium | — | 5.5 | 5y ago | RHSA-2021:4173: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-29464 | medium | — | 5.5 | 5y ago | RHSA-2021:4173: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-3482 | medium | — | 5.5 | 5y ago | RHSA-2021:4173: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-29470 | medium | — | 5.5 | 5y ago | RHSA-2021:4173: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-3481 | medium | — | 5.5 | 5y ago | RHSA-2021:4172: qt5 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-29921 | medium | — | 5.5 | 5y ago | In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This (in some situations) allows attackers to bypass access control that is bas… | |||
| CVE-2021-3448 | medium | — | 5.5 | 5y ago | RHSA-2021:4153: dnsmasq security and bug fix update (Moderate) | |||
| CVE-2021-28210 | medium | — | 5.5 | 5y ago | RHSA-2021:4198: edk2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-4442 | medium | — | 5.5 | 5y ago | In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity tests to TCP_QUEUE_SEQ Qingyu Li reported a syzkaller bug where the repro changes RCV SEQ _after_ restoring data … | |||
| CVE-2021-46983 | medium | — | 5.5 | 5y ago | In the Linux kernel, the following vulnerability has been resolved: nvmet-rdma: Fix NULL deref when SEND is completed with error When running some traffic and taking down the link on peer, a retry … | |||
| CVE-2021-33098 | medium | — | 5.5 | 5y ago | Improper input validation in the Intel(R) Ethernet ixgbe driver for Linux before version 3.17.3 may allow an authenticated user to potentially enable denial of service via local access. | |||
| CVE-2021-47011 | medium | — | 5.5 | 5y ago | In the Linux kernel, the following vulnerability has been resolved: mm: memcontrol: slab: fix obtain a reference to a freeing memcg Patch series "Use obj_cgroup APIs to charge kmem pages", v5. Sin… | |||
| CVE-2021-46905 | medium | — | 5.5 | 5y ago | In the Linux kernel, the following vulnerability has been resolved: net: hso: fix NULL-deref on disconnect regression Commit 8a12f8836145 ("net: hso: fix null-ptr-deref during tty device unregistra… | |||
| CVE-2021-47080 | medium | — | 5.5 | 5y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Prevent divide-by-zero error triggered by the user The user_entry_size is supplied by the user and later used as a den… | |||
| CVE-2021-29657 | medium | — | 5.5 | 5y ago | arch/x86/kvm/svm/nested.c in the Linux kernel before 5.11.12 has a use-after-free in which an AMD KVM guest can bypass access control on host OS MSRs when there are nested guests, aka CID-a58d9166a75… | |||
| CVE-2021-3444 | medium | — | 5.5 | 5y ago | The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. A local attacker with the ability to load bpf programs c… | |||
| CVE-2021-41174 | medium | — | 5.5 | 5y ago | cross-site scripting in grafana | |||
| CVE-2021-33930 | medium | — | 5.5 | 5y ago | Buffer overflow vulnerability in function pool_installable_whatprovides in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. | |||
| CVE-2021-33929 | medium | — | 5.5 | 5y ago | Buffer overflow vulnerability in function pool_disabled_solvable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. | |||
| CVE-2021-33928 | medium | — | 5.5 | 5y ago | Buffer overflow vulnerability in function pool_installable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. |