CVEs from 2021
Total
4,788
critical
critical 281
high
high 1,022
medium
medium 1,179
low
low 138
% Critical
5.9%
% with KEV
4.4%
% with exploit
5.3%
Top vendors
Top products
- simatic_wincc_runtime_advanced 28
- office 13
- primavera_gateway 10
- weblogic_server 9
- primavera_unifier 8
- modicon_m340_bmxp342020 8
- log4j 8
- mbed_tls 8
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-20286 | unknown | — | — | — | A flaw was found in libnbd 1.7.3. An assertion failure in nbd_unlocked_opt_go in ilb/opt.c may lead to denial of service. | |||
| CVE-2021-44923 | unknown | — | — | — | A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_dump_vrml_dyn_field.isra function, which causes a segmentation fault and application crash. | |||
| CVE-2021-44925 | unknown | — | — | — | A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_svg_get_attribute_name function, which causes a segmentation fault and application crash. | |||
| CVE-2021-45263 | unknown | — | — | — | An invalid free vulnerability exists in gpac 1.1.0 via the gf_svg_delete_attribute_value function, which causes a segmentation fault and application crash. | |||
| CVE-2021-47038 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: avoid deadlock between hci_dev->lock and socket lock Commit eab2404ba798 ("Bluetooth: Add BT_PHY socket option") added… | |||
| CVE-2021-47487 | unknown | — | — | — | ||||
| CVE-2021-47566 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: proc/vmcore: fix clearing user buffer by properly using clear_user() To clear a user buffer we cannot simply use memset, we have … | |||
| CVE-2021-47453 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ice: Avoid crash from unnecessary IDA free In the remove path, there is an attempt to free the aux_idx IDA whether it was allocat… | |||
| CVE-2021-3929 | unknown | — | — | — | A DMA reentrancy issue was found in the NVM Express Controller (NVME) emulation in QEMU. This CVE is similar to CVE-2021-3750 and, just like it, when the reentrancy write triggers the reset function … | |||
| CVE-2021-33113 | unknown | — | — | — | ||||
| CVE-2021-26339 | unknown | — | — | — | ||||
| CVE-2021-47370 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure tx skbs always have the MPTCP ext Due to signed/unsigned comparison, the expression: info->size_goal - skb->len >… | |||
| CVE-2021-46976 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix crash in auto_retire The retire logic uses the 2 lower bits of the pointer to the retire function to store flags. H… | |||
| CVE-2021-2432 | unknown | — | — | — | Vulnerability in the Java SE product of Oracle Java SE (component: JNDI). The supported version that is affected is Java SE: 7u301. Difficult to exploit vulnerability allows unauthenticated attacker … | |||
| CVE-2021-47448 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mptcp: fix possible stall on recvmsg() recvmsg() can enter an infinite loop if the caller provides the MSG_WAITALL, the data pres… | |||
| CVE-2021-29662 | unknown | — | — | — | The Data::Validate::IP module through 0.29 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypa… | |||
| CVE-2021-36409 | unknown | — | — | — | There is an Assertion `scaling_list_pred_matrix_id_delta==1' failed at sps.cc:925 in libde265 v1.0.8 when decoding file, which allows attackers to cause a Denial of Service (DoS) by running the appli… | |||
| CVE-2021-35452 | unknown | — | — | — | An Incorrect Access Control vulnerability exists in libde265 v1.0.8 due to a SEGV in slice.cc. | |||
| CVE-2021-47085 | unknown | — | — | — | ||||
| CVE-2021-0146 | unknown | — | — | — | ||||
| CVE-2021-28147 | unknown | — | — | — | ||||
| CVE-2021-38597 | unknown | — | — | — | wolfSSL before 4.8.1 incorrectly skips OCSP verification in certain situations of irrelevant response data that contains the NoCheck extension. | |||
| CVE-2021-26345 | unknown | — | — | — | ||||
| CVE-2021-41036 | unknown | — | — | — | In versions prior to 1.1 of the Eclipse Paho MQTT C Client, the client does not check rem_len size in readpacket. | |||
| CVE-2021-31439 | unknown | — | — | — | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology DiskStation Manager. Authentication is not required to exploit this vulnerablity. … | |||
| CVE-2021-31315 | unknown | — | — | — | Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Stack Based Overflow in the blit function of their custom fork of the rlottie library. A remote attacker m… | |||
| CVE-2021-31215 | unknown | — | — | — | SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.7 allows remote code execution as SlurmUser because use of a PrologSlurmctld or EpilogSlurmctld script leads to environment misha… | |||
| CVE-2021-31321 | unknown | — | — | — | Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Stack Based Overflow in the gray_split_cubic function of their custom fork of the rlottie library. A remot… | |||
| CVE-2021-3587 | unknown | — | — | — | ||||
| CVE-2021-44962 | unknown | — | — | — | An out-of-bounds read vulnerability exists in the GCode::extrude() functionality of Slic3r libslic3r 1.3.0 and Master Commit b1a5500. A specially crafted stl file could lead to information disclosure… | |||
| CVE-2021-38089 | unknown | — | — | — | ||||
| CVE-2021-43400 | unknown | — | — | — | An issue was discovered in gatt-database.c in BlueZ 5.61. A use-after-free can occur when a client disconnects during D-Bus processing of a WriteValue call. | |||
| CVE-2021-33642 | unknown | — | — | — | ||||
| CVE-2021-47086 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: phonet/pep: refuse to enable an unbound pipe This ioctl() implicitly assumed that the socket was already bound to a valid local s… | |||
| CVE-2021-3419 | unknown | — | — | — | ||||
| CVE-2021-46049 | unknown | — | — | — | A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the gf_fileio_check function, which could cause a Denial of Service. | |||
| CVE-2021-46041 | unknown | — | — | — | A Segmentation Fault Vulnerability exists in GPAC 1.0.1 via the co64_box_new function, which causes a Denial of Service. | |||
| CVE-2021-46038 | unknown | — | — | — | A Pointer Dereference vulnerability exists in GPAC 1.0.1 in unlink_chunk.isra, which causes a Denial of Service (context-dependent). | |||
| CVE-2021-46039 | unknown | — | — | — | A Pointer Dereference Vulnerabilty exists in GPAC 1.0.1 via the shift_chunk_offsets.part function, which causes a Denial of Service (context-dependent). | |||
| CVE-2021-36158 | unknown | — | — | — | In the xrdp package (in branches through 3.14) for Alpine Linux, RDP sessions are vulnerable to man-in-the-middle attacks because pre-generated RSA certificates and private keys are used. | |||
| CVE-2021-3465 | unknown | — | — | — | ||||
| CVE-2021-47414 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: riscv: Flush current cpu icache before other cpus On SiFive Unmatched, I recently fell onto the following BUG when booting: [ … | |||
| CVE-2021-40569 | unknown | — | — | — | The binary MP4Box in Gpac through 1.0.1 has a double-free vulnerability in the iloc_entry_del funciton in box_code_meta.c, which allows attackers to cause a denial of service. | |||
| CVE-2021-45262 | unknown | — | — | — | An invalid free vulnerability exists in gpac 1.1.0 via the gf_sg_command_del function, which causes a segmentation fault and application crash. | |||
| CVE-2021-27862 | unknown | — | — | — | ||||
| CVE-2021-44512 | unknown | — | — | — | World-writable permissions on the /tmp/tmate/sessions directory in tmate-ssh-server 2.3.0 allow a local attacker to compromise the integrity of session handling, or obtain the read-write session ID f… | |||
| CVE-2021-44569 | unknown | — | — | — | ||||
| CVE-2021-21309 | unknown | — | — | — | Redis is an open-source, in-memory database that persists on disk. In affected versions of Redis an integer overflow bug in 32-bit Redis version 4.0 or newer could be exploited to corrupt the heap an… | |||
| CVE-2021-47563 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ice: avoid bpf_prog refcount underflow Ice driver has the routines for managing XDP resources that are shared between ndo_bpf op … | |||
| CVE-2021-27962 | unknown | — | — | — | ||||
| CVE-2021-32280 | unknown | — | — | — | An issue was discovered in fig2dev before 3.2.8.. A NULL pointer dereference exists in the function compute_closed_spline() located in trans_spline.c. It allows an attacker to cause Denial of Service… | |||
| CVE-2021-31323 | unknown | — | — | — | Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Heap Buffer Overflow in the LottieParserImpl::parseDashProperty function of their custom fork of the rlott… | |||
| CVE-2021-31318 | unknown | — | — | — | Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Type Confusion in the LOTCompLayerItem::LOTCompLayerItem function of their custom fork of the rlottie libr… | |||
| CVE-2021-31319 | unknown | — | — | — | Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by an Integer Overflow in the LOTGradient::populate function of their custom fork of the rlottie library. A rem… | |||
| CVE-2021-26713 | unknown | — | — | — | A stack-based buffer overflow in res_rtp_asterisk.c in Sangoma Asterisk before 16.16.1, 17.x before 17.9.2, and 18.x before 18.2.1 and Certified Asterisk before 16.8-cert6 allows an authenticated Web… | |||
| CVE-2021-27854 | unknown | — | — | — | ||||
| CVE-2021-44223 | unknown | — | — | — | WordPress before 5.8 lacks support for the Update URI plugin header. This makes it easier for remote attackers to execute arbitrary code via a supply-chain attack against WordPress installations that… | |||
| CVE-2021-40263 | unknown | — | — | — | A heap overflow vulnerability in FreeImage 1.18.0 via the ofLoad function in PluginTIFF.cpp. | |||
| CVE-2021-4020 | unknown | — | — | — | janus-gateway is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||
| CVE-2021-0157 | unknown | — | — | — | ||||
| CVE-2021-46981 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: nbd: Fix NULL pointer in flush_workqueue Open /dev/nbdX first, the config_refs will be 1 and the pointers in nbd_device are still… | |||
| CVE-2021-47598 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: sch_cake: do not call cake_destroy() from cake_init() qdiscs are not supposed to call their own destroy() method from init(), bec… | |||
| CVE-2021-47481 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Initialize the ODP xarray when creating an ODP MR Normally the zero fill would hide the missing initialization, but an… | |||
| CVE-2021-47531 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix mmap to include VM_IO and VM_DONTDUMP In commit 510410bfc034 ("drm/msm: Implement mmap as GEM object function") we s… | |||
| CVE-2021-47557 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_ets: don't peek at classes beyond 'nbands' when the number of DRR classes decreases, the round-robin active list c… | |||
| CVE-2021-47169 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: serial: rp2: use 'request_firmware' instead of 'request_firmware_nowait' In 'rp2_probe', the driver registers 'rp2_uart_interrupt… | |||
| CVE-2021-47175 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net/sched: fq_pie: fix OOB access in the traffic path the following script: # tc qdisc add dev eth0 handle 0x1 root fq_pie flo… | |||
| CVE-2021-47488 | unknown | — | — | — | ||||
| CVE-2021-46955 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix stack OOB read while fragmenting IPv4 packets running openvswitch on kernels built with KASAN, it's possible to … | |||
| CVE-2021-42702 | unknown | — | — | — | Inkscape version 0.91 can access an uninitialized pointer, which may allow an attacker to have access to unauthorized information. | |||
| CVE-2021-44215 | unknown | — | — | — | ||||
| CVE-2021-26220 | unknown | — | — | — | The ezxml_toxml function in ezxml 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool. | |||
| CVE-2021-3882 | unknown | — | — | — | LedgerSMB does not set the 'Secure' attribute on the session authorization cookie when the client uses HTTPS and the LedgerSMB server is behind a reverse proxy. By tricking a user to use an unencrypt… | |||
| CVE-2021-42530 | unknown | — | — | — | XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploita… | |||
| CVE-2021-47299 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: xdp, net: Fix use-after-free in bpf_xdp_link_release The problem occurs between dev_get_by_index() and dev_xdp_attach_link(). At … | |||
| CVE-2021-38714 | unknown | — | — | — | In Plib through 1.85, there is an integer overflow vulnerability that could result in arbitrary code execution. The vulnerability is found in ssgLoadTGA() function in src/ssg/ssgLoadTGA.cxx file. | |||
| CVE-2021-25319 | unknown | — | — | — | A Incorrect Default Permissions vulnerability in the packaging of virtualbox of openSUSE Factory allows local attackers in the vboxusers groupu to escalate to root. This issue affects: openSUSE Facto… | |||
| CVE-2021-32419 | unknown | — | — | — | An issue in Schism Tracker v20200412 fixed in v.20200412 allows attacker to obtain sensitive information via the fmt_mtm_load_song function in fmt/mtm.c. | |||
| CVE-2021-44647 | unknown | — | — | — | Lua v5.4.3 and above are affected by SEGV by type confusion in funcnamefromcode function in ldebug.c which can cause a local denial of service. | |||
| CVE-2021-3888 | unknown | — | — | — | libmobi is vulnerable to Use of Out-of-range Pointer Offset | |||
| CVE-2021-25802 | unknown | — | — | — | A buffer overflow vulnerability in the AVI_ExtractSubtitle component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file. | |||
| CVE-2021-46054 | unknown | — | — | — | A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::visitRethrow(wasm::Rethrow*). | |||
| CVE-2021-1043 | unknown | — | — | — | ||||
| CVE-2021-45951 | unknown | — | — | — | ||||
| CVE-2021-3751 | unknown | — | — | — | libmobi is vulnerable to Out-of-bounds Write | |||
| CVE-2021-32747 | unknown | — | — | — | Icinga Web 2 is an open source monitoring web interface, framework, and command-line interface. A vulnerability in which custom variables are exposed to unauthorized users exists between versions 2.0… | |||
| CVE-2021-4318 | unknown | — | — | — | Object corruption in Blink in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2021-22142 | unknown | — | — | — | ||||
| CVE-2021-4317 | unknown | — | — | — | Use after free in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2021-3889 | unknown | — | — | — | libmobi is vulnerable to Use of Out-of-range Pointer Offset | |||
| CVE-2021-40348 | unknown | — | — | — | ||||
| CVE-2021-41737 | unknown | — | — | — | In Faust 2.23.1, an input file with the lines "// r visualisation tCst" and "//process = +: L: abM-^Q;" and "process = route(3333333333333333333,2,1,2,3,1) : *;" leads to stack consumption. | |||
| CVE-2021-29507 | unknown | — | — | — | GENIVI Diagnostic Log and Trace (DLT) provides a log and trace interface. In versions of GENIVI DLT between 2.10.0 and 2.18.6, a configuration file containing the special characters could cause a vul… | |||
| CVE-2021-4209 | unknown | — | — | — | A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of… | |||
| CVE-2021-4217 | unknown | — | — | — | A flaw was found in unzip. The vulnerability occurs due to improper handling of Unicode strings, which can lead to a null pointer dereference. This flaw allows an attacker to input a specially crafte… | |||
| CVE-2021-42700 | unknown | — | — | — | Inkscape 0.91 is vulnerable to an out-of-bounds read, which may allow an attacker to have access to unauthorized information. | |||
| CVE-2021-3548 | unknown | — | — | — | A flaw was found in dmg2img through 20170502. dmg2img did not validate the size of the read buffer during memcpy() inside the main() function. This possibly leads to memory layout information leaking… | |||
| CVE-2021-20213 | unknown | — | — | — | A flaw was found in Privoxy in versions before 3.0.29. Dereference of a NULL-pointer that could result in a crash if accept-intercepted-requests was enabled, Privoxy failed to get the request destina… | |||
| CVE-2021-3816 | unknown | — | — | — | Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary HTML in the group_prefix field during the creation of a new group via "Copy" method at user_group_admin.ph… | |||
| CVE-2021-0166 | unknown | — | — | — |