CVEs from 2021
Total
4,792
critical
critical 280
high
high 1,018
medium
medium 1,176
low
low 138
% Critical
5.8%
% with KEV
4.4%
% with exploit
5.3%
Top vendors
Top products
- simatic_wincc_runtime_advanced 28
- office 13
- primavera_gateway 10
- weblogic_server 9
- primavera_unifier 8
- modicon_m340_bmxp342020 8
- log4j 8
- communications_unified_inventory_management 7
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-38011 | high | — | 8.0 | — | Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2021-38016 | high | — | 8.0 | — | Insufficient policy enforcement in background fetch in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass same origin policy via a crafted HTML page. | |||
| CVE-2021-43540 | high | — | 8.0 | — | WebExtensions with the correct permissions were able to create and install ServiceWorkers for third-party websites that would not have been uninstalled with the extension. This vulnerability affects … | |||
| CVE-2021-47384 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field If driver read tmp value sufficient for (tmp… | |||
| CVE-2021-47432 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Don't overflow in peek() When we started spreading new inode numbers throughout most of the 64 bit inod… | |||
| CVE-2021-47497 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells If a cell has 'nbits' equal to a multiple of BITS_PER_BYTE the logic … | |||
| CVE-2021-47495 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: usbnet: sanity check for maxpacket maxpacket of 0 makes no sense and oopses as we need to divide by it. Give up. V2: fixed typo … | |||
| CVE-2021-47386 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: hwmon: (w83791d) Fix NULL pointer dereference by removing unnecessary structure field If driver read val value sufficient for (va… | |||
| CVE-2021-47101 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: asix: fix uninit-value in asix_mdio_read() asix_read_cmd() may read less than sizeof(smsr) bytes and in this case smsr will be un… | |||
| CVE-2021-47338 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: fbmem: Do not delete the mode that is still in use The execution of fb_delete_videomode() is not based on the result of the previ… | |||
| CVE-2021-47097 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Input: elantech - fix stack out of bound access in elantech_change_report_id() The array param[] in elantech_change_report_id() m… | |||
| CVE-2021-47609 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Fix string overflow in SCPI genpd driver Without the bound checks for scpi_pd->name, it could result in the b… | |||
| CVE-2021-47412 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: block: don't call rq_qos_ops->done_bio if the bio isn't tracked rq_qos framework is only applied on request based driver, so: 1)… | |||
| CVE-2021-47289 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ACPI: fix NULL pointer dereference Commit 71f642833284 ("ACPI: utils: Fix reference counting in for_each_acpi_dev_match()") start… | |||
| CVE-2021-46984 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: kyber: fix out of bounds access when preempted __blk_mq_sched_bio_merge() gets the ctx and hctx for the current CPU and passes th… | |||
| CVE-2021-47582 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: USB: core: Make do_proc_control() and do_proc_bulk() killable The USBDEVFS_CONTROL and USBDEVFS_BULK ioctls invoke usb_start_wait… | |||
| CVE-2021-47466 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mm, slub: fix potential memoryleak in kmem_cache_open() In error path, the random_seq of slub cache might be leaked. Fix this by… | |||
| CVE-2021-47352 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: virtio-net: Add validation for used length This adds validation for used length (might come from an untrusted device) to avoid da… | |||
| CVE-2021-47287 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: driver core: auxiliary bus: Fix memory leak when driver_register() fail If driver_register() returns with error we need to free t… | |||
| CVE-2021-47527 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: serial: core: fix transmit-buffer reset and memleak Commit 761ed4a94582 ("tty: serial_core: convert uart_close to use tty_port_cl… | |||
| CVE-2021-47321 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: watchdog: Fix possible use-after-free by calling del_timer_sync() This driver's remove path calls del_timer(). However, that func… | |||
| CVE-2021-47606 | high | — | 8.0 | 2y ago | Important: kernel security update | |||
| CVE-2021-47491 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mm: khugepaged: skip huge page collapse for special files The read-only THP for filesystems will collapse THP for files opened re… | |||
| CVE-2021-47304 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tcp: fix tcp_init_transfer() to not reset icsk_ca_initialized This commit fixes a bug (found by syzkaller) that could cause spuri… | |||
| CVE-2021-47284 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: isdn: mISDN: netjet: Fix crash in nj_probe: 'nj_setup' in netjet.c might fail with -EIO and in this case 'card->irq' is initializ… | |||
| CVE-2021-47257 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: fix null deref in parse dev addr Fix a logic error that could result in a null deref if the user sets the mode i… | |||
| CVE-2021-47408 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: serialize hash resizes and cleanups Syzbot was able to trigger the following warning [1] No repro found by… | |||
| CVE-2021-47624 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/sunrpc: fix reference count leaks in rpc_sysfs_xprt_state_change The refcount leak issues take place in an error handling pat… | |||
| CVE-2021-47468 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: isdn: mISDN: Fix sleeping function called from invalid context The driver can call card->isac.release() function from an atomic c… | |||
| CVE-2021-47461 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: userfaultfd: fix a race between writeprotect and exit_mmap() A race is possible when a process exits, its VMAs are removed by exi… | |||
| CVE-2021-46939 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tracing: Restructure trace_clock_global() to never block It was reported that a fix to the ring buffer recursion detection would … | |||
| CVE-2021-47018 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: powerpc/64: Fix the definition of the fixmap area At the time being, the fixmap area is defined at the top of the address space o… | |||
| CVE-2021-47548 | high | — | 8.0 | 2y ago | Important: kernel security update | |||
| CVE-2021-47596 | high | — | 8.0 | 2y ago | Important: kernel security update | |||
| CVE-2021-47356 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mISDN: fix possible use-after-free in HFC_cleanup() This module's remove path calls del_timer(). However, that function does not … | |||
| CVE-2021-47456 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: can: peak_pci: peak_pci_remove(): fix UAF When remove the module peek_pci, referencing 'chan' again after releasing 'dev' will ca… | |||
| CVE-2021-47353 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: udf: Fix NULL pointer dereference in udf_symlink function In function udf_symlink, epos.bh is assigned with the value returned by… | |||
| CVE-2021-47069 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry do_mq_timedreceive calls wq_sleep with a stack local add… | |||
| CVE-2021-47310 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: ti: fix UAF in tlan_remove_one priv is netdev private data and it cannot be used after free_netdev() call. Using priv after … | |||
| CVE-2021-46909 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ARM: footbridge: fix PCI interrupt mapping Since commit 30fdfb929e82 ("PCI: Add a call to pci_assign_irq() in pci_device_probe()"… | |||
| CVE-2021-47236 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: cdc_eem: fix tx fixup skb leak when usbnet transmit a skb, eem fixup it in eem_tx_fixup(), if skb_copy_expand() failed, it r… | |||
| CVE-2021-46972 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ovl: fix leaked dentry Since commit 6815f479ca90 ("ovl: use only uppermetacopy state in ovl_lookup()"), overlayfs doesn't put tem… | |||
| CVE-2021-47311 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: qcom/emac: fix UAF in emac_remove adpt is netdev private data and it cannot be used after free_netdev() call. Using adpt aft… | |||
| CVE-2021-47073 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios init_dell_smbios_wmi() only registers the dell_smbios_wmi_driver on … | |||
| CVE-2021-43815 | high | — | 8.0 | 2y ago | directory traversal in grafana | |||
| CVE-2021-47579 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ovl: fix warning in ovl_create_real() Syzbot triggered the following warning in ovl_workdir_create() -> ovl_create_real(): if (… | |||
| CVE-2021-43975 | high | — | 8.0 | 3y ago | In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-… | |||
| CVE-2021-47515 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: seg6: fix the iif in the IPv6 socket control block When an IPv4 packet is received, the ip_rcv_core(...) sets the receiving inter… | |||
| CVE-2021-47221 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: mm/slub: actually fix freelist pointer vs redzoning It turns out that SLUB redzoning ("slub_debug=Z") checks from s->object_size … | |||
| CVE-2021-33656 | high | — | 8.0 | 3y ago | When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds. | |||
| CVE-2021-33655 | high | — | 8.0 | 3y ago | Important: kernel security, bug fix, and enhancement update | |||
| CVE-2021-26341 | high | — | 8.0 | 3y ago | Important: kernel security, bug fix, and enhancement update | |||
| CVE-2021-47441 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: mlxsw: thermal: Fix out-of-bounds memory accesses Currently, mlxsw allows cooling states to be set above the maximum cooling stat… | |||
| CVE-2021-47560 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum: Protect driver from buggy firmware When processing port up/down events generated by the device's firmware, the d… | |||
| CVE-2021-35065 | high | — | 8.0 | 3y ago | RHSA-2023:1743: nodejs:14 security, bug fix, and enhancement update (Important) | |||
| CVE-2021-38578 | high | — | 8.0 | 3y ago | Important: edk2 security, bug fix, and enhancement update | |||
| CVE-2021-47592 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix tc flower deletion for VLAN priority Rx steering To replicate the issue:- 1) Add 1 flower filter for VLAN Prior… | |||
| CVE-2021-47393 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs Fan speed minimum can be enforced from sy… | |||
| CVE-2021-47671 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: can: etas_es58x: es58x_rx_err_msg(): fix memory leak in error path In es58x_rx_err_msg(), if can->do_set_mode() fails, the functi… | |||
| CVE-2021-33631 | high | — | 8.0 | 3y ago | Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux (filesystem modules) allows Forced Integer Overflow.This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3, … | |||
| CVE-2021-47455 | high | — | 8.0 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: ptp: Fix possible memory leak in ptp_clock_register() I got memory leak as follows when doing fault injection test: unreferenced… | |||
| CVE-2021-47373 | high | — | 8.0 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Fix potential VPE leak on error In its_vpe_irq_domain_alloc, when its_vpe_init() returns an error, there is a… | |||
| CVE-2021-42340 | high | — | 8.0 | 4y ago | The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1.0-M5, 10.0.0-M1 to 10.0.11, 9.0.40 to 9.0.53 and 8.5.60 to 8.5.71 introduced a memory leak. The object introduced to collect metrics f… | |||
| CVE-2021-47556 | high | — | 8.0 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: ethtool: ioctl: fix potential NULL deref in ethtool_set_coalesce() ethtool_set_coalesce() now uses both the .get_coalesce() and .… | |||
| CVE-2021-3839 | high | — | 8.0 | 4y ago | Important: dpdk security and bug fix update | |||
| CVE-2021-34485 | high | — | 8.0 | 4y ago | RHSA-2021:3148: .NET 5.0 security and bugfix update (Important) | |||
| CVE-2021-3632 | high | — | 8.0 | 4y ago | Keycloak allows anyone to register new security device or key for any user by using WebAuthn password-less login flow | |||
| CVE-2021-3513 | high | — | 8.0 | 4y ago | Incorrect implementation of lockout feature in Keycloak | |||
| CVE-2021-46784 | high | — | 8.0 | 4y ago | RHSA-2022:5526: squid:4 security update (Important) | |||
| CVE-2021-3696 | high | — | 8.0 | 4y ago | Important: grub2, mokutil, shim, and shim-unsigned-x64 security update | |||
| CVE-2021-3697 | high | — | 8.0 | 4y ago | Important: grub2, mokutil, shim, and shim-unsigned-x64 security update | |||
| CVE-2021-3695 | high | — | 8.0 | 4y ago | Important: grub2, mokutil, shim, and shim-unsigned-x64 security update | |||
| CVE-2021-43616 | high | — | 8.0 | 4y ago | The npm ci command in npm 7.x and 8.x through 8.1.3 proceeds with an installation even if dependency information in package-lock.json differs from package.json. This behavior is inconsistent with the… | |||
| CVE-2021-21670 | high | — | 8.0 | 4y ago | multiple issues in jenkins | |||
| CVE-2021-21671 | high | — | 8.0 | 4y ago | multiple issues in jenkins | |||
| CVE-2021-24112 | high | — | 8.0 | 4y ago | .NET Core Remote Code Execution Vulnerability | |||
| CVE-2021-21605 | high | — | 8.0 | 4y ago | multiple issues in jenkins | |||
| CVE-2021-21607 | high | — | 8.0 | 4y ago | multiple issues in jenkins | |||
| CVE-2021-21611 | high | — | 8.0 | 4y ago | multiple issues in jenkins | |||
| CVE-2021-21610 | high | — | 8.0 | 4y ago | multiple issues in jenkins | |||
| CVE-2021-21603 | high | — | 8.0 | 4y ago | multiple issues in jenkins | |||
| CVE-2021-21609 | high | — | 8.0 | 4y ago | multiple issues in jenkins | |||
| CVE-2021-21602 | high | — | 8.0 | 4y ago | multiple issues in jenkins | |||
| CVE-2021-21608 | high | — | 8.0 | 4y ago | multiple issues in jenkins | |||
| CVE-2021-21606 | high | — | 8.0 | 4y ago | multiple issues in jenkins | |||
| CVE-2021-21604 | high | — | 8.0 | 4y ago | multiple issues in jenkins | |||
| CVE-2021-44717 | high | — | 8.0 | 4y ago | RHSA-2021:5160: go-toolset:rhel8 security and bug fix update (Important) | |||
| CVE-2021-47076 | high | — | 8.0 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Return CQE error if invalid lkey was supplied RXE is missing update of WQE status in LOCAL_WRITE failures. This caused… | |||
| CVE-2021-4037 | high | — | 8.0 | 4y ago | A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership an… | |||
| CVE-2021-20322 | high | — | 8.0 | 4y ago | A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw al… | |||
| CVE-2021-4002 | high | — | 8.0 | 4y ago | A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of som… | |||
| CVE-2021-4083 | high | — | 8.0 | 4y ago | A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigg… | |||
| CVE-2021-0941 | high | — | 8.0 | 4y ago | In bpf_skb_change_head of filter.c, there is a possible out of bounds read due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User inte… | |||
| CVE-2021-3669 | high | — | 8.0 | 4y ago | A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS. | |||
| CVE-2021-37159 | high | — | 8.0 | 4y ago | hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free. | |||
| CVE-2021-3743 | high | — | 8.0 | 4y ago | An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. A missing sanity check allows a local attacker to gain access to out-of-bounds memory, leadi… | |||
| CVE-2021-3752 | high | — | 8.0 | 4y ago | A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to… | |||
| CVE-2021-3773 | high | — | 8.0 | 4y ago | RHSA-2022:1988: kernel security, bug fix, and enhancement update (Important) | |||
| CVE-2021-43389 | high | — | 8.0 | 4y ago | An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c. | |||
| CVE-2021-4203 | high | — | 8.0 | 4y ago | A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker wit… |