CVEs from 2021
Total
4,795
critical
critical 281
high
high 1,022
medium
medium 1,179
low
low 138
% Critical
5.9%
% with KEV
4.4%
% with exploit
5.3%
Top vendors
Top products
- simatic_wincc_runtime_advanced 28
- office 13
- primavera_gateway 10
- weblogic_server 9
- primavera_unifier 8
- modicon_m340_bmxp342020 8
- log4j 8
- mbed_tls 8
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-3468 | medium | — | 5.5 | 3y ago | Moderate: avahi security update | |||
| CVE-2021-3502 | medium | — | 5.5 | 3y ago | Moderate: avahi security update | |||
| CVE-2021-43784 | medium | — | 5.5 | 3y ago | Moderate: runc security update | |||
| CVE-2021-32142 | medium | — | 5.5 | 3y ago | RHSA-2024:2994: LibRaw security update (Moderate) | |||
| CVE-2021-3782 | medium | — | 5.5 | 3y ago | RHSA-2023:2786: wayland security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-33645 | medium | — | 5.5 | 3y ago | RHSA-2023:2898: libtar security update (Moderate) | |||
| CVE-2021-33644 | medium | — | 5.5 | 3y ago | RHSA-2023:2898: libtar security update (Moderate) | |||
| CVE-2021-33643 | medium | — | 5.5 | 3y ago | RHSA-2023:2898: libtar security update (Moderate) | |||
| CVE-2021-33646 | medium | — | 5.5 | 3y ago | RHSA-2023:2898: libtar security update (Moderate) | |||
| CVE-2021-46790 | medium | — | 5.5 | 3y ago | RHSA-2023:2757: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-46829 | medium | — | 5.5 | 3y ago | Moderate: gdk-pixbuf2 security update | |||
| CVE-2021-44648 | medium | — | 5.5 | 3y ago | Moderate: gdk-pixbuf2 security update | |||
| CVE-2021-46822 | medium | — | 5.5 | 3y ago | Moderate: libjpeg-turbo security update | |||
| CVE-2021-44964 | medium | — | 5.5 | 3y ago | Moderate: lua security update | |||
| CVE-2021-43519 | medium | — | 5.5 | 3y ago | Moderate: lua security update | |||
| CVE-2021-46848 | medium | — | 5.5 | 3y ago | RHSA-2023:0116: libtasn1 security update (Moderate) | |||
| CVE-2021-44906 | medium | — | 5.5 | 3y ago | RHSA-2023:0050: nodejs:14 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-33621 | medium | — | 5.5 | 4y ago | RHSA-2024:3500: ruby:3.0 security update (Moderate) | |||
| CVE-2021-47103 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: inet: fully convert sk->sk_rx_dst to RCU rules syzbot reported various issues around early demux, one being included in this chan… | |||
| CVE-2021-28153 | medium | — | 5.5 | 4y ago | RHSA-2021:4385: glib2 security and bug fix update (Moderate) | |||
| CVE-2021-47378 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: destroy cm id before destroy qp to avoid use after free We should always destroy cm_id before destroy qp to avoid to g… | |||
| CVE-2021-47572 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix null pointer dereference when IPv6 is not enabled When we try to add an IPv6 nexthop and IPv6 is not enabled (!… | |||
| CVE-2021-47099 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: veth: ensure skb entering GRO are not cloned. After commit d3256efd8e8b ("veth: allow enabling NAPI even without XDP"), if GRO is… | |||
| CVE-2021-4158 | medium | — | 5.5 | 4y ago | A NULL pointer dereference issue was found in the ACPI code of QEMU. A malicious, privileged user within the guest could use this flaw to crash the QEMU process on the host, resulting in a denial of … | |||
| CVE-2021-21708 | medium | — | 5.5 | 4y ago | RHSA-2022:7628: php:7.4 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-3750 | medium | — | 5.5 | 4y ago | A DMA reentrancy issue was found in the USB EHCI controller emulation of QEMU. EHCI does not verify if the Buffer Pointer overlaps with its MMIO region when it transfers the USB packets. Crafted cont… | |||
| CVE-2021-34558 | medium | — | 5.5 | 4y ago | Moderate: container-tools:rhel8 security update | |||
| CVE-2021-33195 | medium | — | 5.5 | 4y ago | RHSA-2021:4226: grafana security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-20291 | medium | — | 5.5 | 4y ago | RHSA-2021:4154: container-tools:rhel8 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-47639 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Zap _all_ roots when unmapping gfn range in TDP MMU Zap both valid and invalid roots when zapping/unmapping a gfn r… | |||
| CVE-2021-47657 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Ensure that objs is not NULL in virtio_gpu_array_put_free() If virtio_gpu_object_shmem_init() fails (e.g. due to faul… | |||
| CVE-2021-4024 | medium | — | 5.5 | 4y ago | RHSA-2024:10289: container-tools:rhel8 security update (Moderate) | |||
| CVE-2021-47580 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Fix type in min_t to avoid stack OOB Change min_t() to use type "u32" instead of type "int" to avoid stack out … | |||
| CVE-2021-33197 | medium | — | 5.5 | 4y ago | RHSA-2021:4226: grafana security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-46828 | medium | — | 5.5 | 4y ago | Moderate: libtirpc security update | |||
| CVE-2021-33198 | medium | — | 5.5 | 4y ago | Moderate: container-tools:rhel8 security update | |||
| CVE-2021-3640 | medium | — | 5.5 | 4y ago | Moderate: kernel security, bug fix, and enhancement update | |||
| CVE-2021-28861 | medium | — | 5.5 | 4y ago | Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. N… | |||
| CVE-2021-23648 | medium | — | 5.5 | 4y ago | RHSA-2022:7519: grafana security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-47646 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: Revert "Revert "block, bfq: honor already-setup queue merges"" A crash [1] happened to be triggered in conjunction with commit 2d… | |||
| CVE-2021-20199 | medium | — | 5.5 | 4y ago | RHSA-2021:1796: container-tools:rhel8 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-3611 | medium | — | 5.5 | 4y ago | A stack overflow vulnerability was found in the Intel HD Audio device (intel-hda) of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of servic… | |||
| CVE-2021-25220 | medium | — | 5.5 | 4y ago | Moderate: dhcp security and enhancement update | |||
| CVE-2021-47649 | medium | — | 5.5 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: udmabuf: validate ubuf->pagecount Syzbot has reported GPF in sg_alloc_append_table_from_pages(). The problem was in ubuf->pages =… | |||
| CVE-2021-0561 | medium | — | 5.5 | 4y ago | Moderate: flac security update | |||
| CVE-2021-30002 | medium | — | 5.5 | 4y ago | An issue was discovered in the Linux kernel before 5.11.3 when a webcam device exists. video_usercopy in drivers/media/v4l2-core/v4l2-ioctl.c has a memory leak for large arguments, aka CID-fb18802a33… | |||
| CVE-2021-21707 | medium | — | 5.5 | 4y ago | RHSA-2022:7628: php:7.4 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-0308 | medium | — | 5.5 | 4y ago | RHSA-2022:7700: gdisk security update (Moderate) | |||
| CVE-2021-47213 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-3497 | medium | — | 5.5 | 4y ago | GStreamer before 1.18.4 might access already-freed memory in error code paths when demuxing certain malformed Matroska files. | |||
| CVE-2021-44533 | medium | — | 5.5 | 4y ago | RHSA-2022:9073: nodejs:16 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-4048 | medium | — | 5.5 | 4y ago | RHSA-2022:7639: openblas security update (Moderate) | |||
| CVE-2021-44532 | medium | — | 5.5 | 4y ago | RHSA-2022:9073: nodejs:16 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-44531 | medium | — | 5.5 | 4y ago | RHSA-2022:9073: nodejs:16 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-25636 | medium | — | 5.5 | 4y ago | LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature … | |||
| CVE-2021-35623 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-35647 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-35641 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-35645 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-35648 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-35636 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-35644 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2479 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-35633 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2478 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-35642 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2481 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-35608 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-35546 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-35596 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-35597 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-35575 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-35622 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-35625 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-35626 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-35631 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-35632 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-35635 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-35639 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-35643 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-35646 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-35591 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-35577 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-35607 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-35612 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-35628 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-35630 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-35637 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-35610 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-35624 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-35627 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-35640 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-35638 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-35602 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-35634 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-33502 | medium | — | 5.5 | 4y ago | RHSA-2022:0350: nodejs:14 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-3807 | medium | — | 5.5 | 4y ago | RHSA-2022:6449: nodejs:16 security and bug fix update (Moderate) | |||
| CVE-2021-3563 | medium | — | 5.5 | 4y ago | A flaw was found in openstack-keystone. Only the first 72 characters of an application secret are verified allowing attackers bypass some password complexity which administrators may be counting on. … | |||
| CVE-2021-46663 | medium | — | 5.5 | 4y ago | RHSA-2022:6443: mariadb:10.3 security and bug fix update (Moderate) | |||
| CVE-2021-46661 | medium | — | 5.5 | 4y ago | RHSA-2022:6443: mariadb:10.3 security and bug fix update (Moderate) |