CVEs from 2021
Total
4,792
critical
critical 280
high
high 1,018
medium
medium 1,176
low
low 138
% Critical
5.8%
% with KEV
4.4%
% with exploit
5.3%
Top vendors
Top products
- simatic_wincc_runtime_advanced 28
- office 13
- primavera_gateway 10
- weblogic_server 9
- primavera_unifier 8
- modicon_m340_bmxp342020 8
- log4j 8
- communications_unified_inventory_management 7
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-4002 | high | — | 8.0 | 4y ago | A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of som… | |||
| CVE-2021-43389 | high | — | 8.0 | 4y ago | An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c. | |||
| CVE-2021-45485 | high | — | 8.0 | 4y ago | In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that… | |||
| CVE-2021-3764 | high | — | 8.0 | 4y ago | A memory leak flaw was found in the Linux kernel's ccp_run_aes_gcm_cmd() function that allows an attacker to cause a denial of service. The vulnerability is similar to the older CVE-2019-18808. The h… | |||
| CVE-2021-43056 | high | — | 8.0 | 4y ago | An issue was discovered in the Linux kernel for powerpc before 5.14.15. It allows a malicious KVM guest to crash the host, when the host is running on Power8, due to an arch/powerpc/kvm/book3s_hv_rmh… | |||
| CVE-2021-3612 | high | — | 8.0 | 4y ago | An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user t… | |||
| CVE-2021-0941 | high | — | 8.0 | 4y ago | In bpf_skb_change_head of filter.c, there is a possible out of bounds read due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User inte… | |||
| CVE-2021-3773 | high | — | 8.0 | 4y ago | RHSA-2022:1988: kernel security, bug fix, and enhancement update (Important) | |||
| CVE-2021-42739 | high | — | 8.0 | 4y ago | The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles… | |||
| CVE-2021-4197 | high | — | 8.0 | 4y ago | An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled… | |||
| CVE-2021-4037 | high | — | 8.0 | 4y ago | A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership an… | |||
| CVE-2021-41864 | high | — | 8.0 | 4y ago | prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds wri… | |||
| CVE-2021-4157 | high | — | 8.0 | 4y ago | An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS). A user, having access to the NF… | |||
| CVE-2021-4203 | high | — | 8.0 | 4y ago | A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker wit… | |||
| CVE-2021-37159 | high | — | 8.0 | 4y ago | hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free. | |||
| CVE-2021-3669 | high | — | 8.0 | 4y ago | A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS. | |||
| CVE-2021-43976 | high | — | 8.0 | 4y ago | In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_pan… | |||
| CVE-2021-43813 | high | — | 8.0 | 4y ago | directory traversal in grafana | |||
| CVE-2021-40490 | high | — | 8.0 | 4y ago | A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. | |||
| CVE-2021-47301 | high | — | 8.0 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: igb: Fix use-after-free error during reset Cleans the next descriptor to watch (next_to_watch) when cleaning the TX ring. Failur… | |||
| CVE-2021-47203 | high | — | 8.0 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq() When parsing the txq list in lpfc_drain_txq(), the driver attempts to p… | |||
| CVE-2021-4093 | high | — | 8.0 | 4y ago | A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State (SEV-ES). A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host ker… | |||
| CVE-2021-47501 | high | — | 8.0 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc When trying to dump VFs VSI RX/TX descriptors using debugfs there was a … | |||
| CVE-2021-47435 | high | — | 8.0 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: dm: fix mempool NULL pointer race when completing IO dm_io_dec_pending() calls end_io_acct() first and will then dec md in-flight… | |||
| CVE-2021-3923 | high | — | 8.0 | 4y ago | A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniba… | |||
| CVE-2021-4460 | high | — | 8.0 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix UBSAN shift-out-of-bounds warning If get_num_sdma_queues or get_num_xgmi_sdma_queues is 0, we end up doing a shif… | |||
| CVE-2021-47590 | high | — | 8.0 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: mptcp: fix deadlock in __mptcp_push_pending() __mptcp_push_pending() may call mptcp_flush_join_list() with subflow socket lock he… | |||
| CVE-2021-47498 | high | — | 8.0 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: dm rq: don't queue request to blk-mq during DM suspend DM uses blk-mq's quiesce/unquiesce to stop/start device mapper queue. But… | |||
| CVE-2021-47178 | high | — | 8.0 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Avoid smp_processor_id() in preemptible code The BUG message "BUG: using smp_processor_id() in preemptible [0… | |||
| CVE-2021-47544 | high | — | 8.0 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: tcp: fix page frag corruption on page fault Steffen reported a TCP stream corruption for HTTP requests served by the apache web-s… | |||
| CVE-2021-47614 | high | — | 8.0 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix a user-after-free in add_pble_prm When irdma_hmc_sd_one fails, 'chunk' is freed while its still on the PBLE info … | |||
| CVE-2021-25745 | high | — | 8.0 | 4y ago | Improper Input Validation in k8s.io/ingress-nginx | |||
| CVE-2021-3424 | high | — | 8.0 | 4y ago | Keycloak is vulnerable to IDN homograph attack | |||
| CVE-2021-3827 | high | — | 8.0 | 4y ago | ECP SAML binding bypasses authentication flows | |||
| CVE-2021-4028 | high | — | 8.0 | 4y ago | A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element t… | |||
| CVE-2021-20202 | high | — | 8.0 | 4y ago | Temporary Directory Hijacking Vulnerability in Keycloak | |||
| CVE-2021-45960 | high | — | 8.0 | 4y ago | RHSA-2022:0951: expat security update (Important) | |||
| CVE-2021-4154 | high | — | 8.0 | 4y ago | A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation b… | |||
| CVE-2021-30560 | high | — | 8.0 | 4y ago | Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2021-21237 | high | — | 8.0 | 4y ago | Git LFS is a command line extension for managing large files with Git. On Windows, if Git LFS operates on a malicious repository with a git.bat or git.exe file in the current directory, that program … | |||
| CVE-2021-45417 | high | — | 8.0 | 4y ago | RHSA-2022:0441: aide security update (Important) | |||
| CVE-2021-35560 | high | — | 8.0 | 4y ago | RHSA-2022:0345: java-1.8.0-ibm security update (Important) | |||
| CVE-2021-41035 | high | — | 8.0 | 4y ago | RHSA-2022:0345: java-1.8.0-ibm security update (Important) | |||
| CVE-2021-4155 | high | — | 8.0 | 4y ago | A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS … | |||
| CVE-2021-45463 | high | — | 8.0 | 4y ago | RHSA-2022:0177: gegl04 security update (Important) | |||
| CVE-2021-4140 | high | — | 8.0 | 5y ago | It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. | |||
| CVE-2021-44716 | high | — | 8.0 | 5y ago | net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests. | |||
| CVE-2021-44227 | high | — | 8.0 | 5y ago | RHSA-2021:4916: mailman:2.1 security update (Important) | |||
| CVE-2021-23192 | high | — | 8.0 | 5y ago | RHSA-2021:5082: samba security update (Important) | |||
| CVE-2021-43546 | high | — | 8.0 | 5y ago | It was possible to recreate previous cursor spoofing attacks against users with a zoomed native cursor. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95. | |||
| CVE-2021-43528 | high | — | 8.0 | 5y ago | multiple issues in thunderbird | |||
| CVE-2021-41090 | high | — | 8.0 | 5y ago | Instance config inline secret exposure in Grafana in github.com/grafana/agent | |||
| CVE-2021-43539 | high | — | 8.0 | 5y ago | Failure to correctly record the location of live pointers across wasm instance calls resulted in a GC occurring within the call not tracing those live pointers. This could have led to a use-after-fre… | |||
| CVE-2021-43537 | high | — | 8.0 | 5y ago | An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Thunderbird < 91.4.0, F… | |||
| CVE-2021-43536 | high | — | 8.0 | 5y ago | Under certain circumstances, asynchronous functions could have caused a navigation to fail but expose the target URL. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefo… | |||
| CVE-2021-43542 | high | — | 8.0 | 5y ago | Using XMLHttpRequest, an attacker could have identified installed applications by probing error messages for loading external protocols. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR <… | |||
| CVE-2021-43545 | high | — | 8.0 | 5y ago | Using the Location API in a loop could have caused severe application hangs and crashes. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95. | |||
| CVE-2021-43541 | high | — | 8.0 | 5y ago | When invoking protocol handlers for external protocols, a supplied parameter URL containing spaces was not properly escaped. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and… | |||
| CVE-2021-43543 | high | — | 8.0 | 5y ago | Documents loaded with the CSP sandbox directive could have escaped the sandbox's script restriction by embedding additional content. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.… | |||
| CVE-2021-43538 | high | — | 8.0 | 5y ago | By misusing a race in our notification code, an attacker could have forcefully hidden the notification for pages that had received full screen and pointer lock access, which could have been used for … | |||
| CVE-2021-4129 | high | — | 8.0 | 5y ago | Mozilla developers and community members Julian Hector, Randell Jesup, Gabriele Svelto, Tyson Smith, Christian Holler, and Masayuki Nakano reported memory safety bugs present in Firefox 94. Some of t… | |||
| CVE-2021-42096 | high | — | 8.0 | 5y ago | RHSA-2021:4826: mailman:2.1 security update (Important) | |||
| CVE-2021-42097 | high | — | 8.0 | 5y ago | RHSA-2021:4826: mailman:2.1 security update (Important) | |||
| CVE-2021-22204 | medium | — | 8.0 | 5y ago | Improper neutralization of user data in the DjVu file format in Exiftool versions 7.44 and up allows arbitrary code execution when parsing the malicious image | |||
| CVE-2021-20317 | high | — | 8.0 | 5y ago | A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueue_add function in lib/timerqueue.c. This flaw allows a local attacker with special us… | |||
| CVE-2021-43267 | high | — | 8.0 | 5y ago | An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient valid… | |||
| CVE-2021-41160 | high | — | 8.0 | 5y ago | RHSA-2021:4622: freerdp security update (Important) | |||
| CVE-2021-41159 | high | — | 8.0 | 5y ago | RHSA-2021:4622: freerdp security update (Important) | |||
| CVE-2021-41208 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the code for boosted trees in TensorFlow is still missing validation. As a result, attackers can trigger denial of ser… | |||
| CVE-2021-41195 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the implementation of `tf.math.segment_*` operations results in a `CHECK`-fail related abort (and denial of service) i… | |||
| CVE-2021-41196 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the Keras pooling layers can trigger a segfault if the size of the pool is 0 or if a dimension is negative. This is du… | |||
| CVE-2021-41197 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions TensorFlow allows tensor to have a large number of dimensions and each dimension can be as large as desired. However, … | |||
| CVE-2021-41198 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions if `tf.tile` is called with a large input argument then the TensorFlow process will crash due to a `CHECK`-failure cau… | |||
| CVE-2021-41199 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions if `tf.image.resize` is called with a large input argument then the TensorFlow process will crash due to a `CHECK`-fai… | |||
| CVE-2021-41200 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions if `tf.summary.create_file_writer` is called with non-scalar arguments code crashes due to a `CHECK`-fail. The fix wil… | |||
| CVE-2021-41201 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affeced versions during execution, `EinsumHelper::ParseEquation()` is supposed to set the flags in `input_has_ellipsis` vector and `*out… | |||
| CVE-2021-41202 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions while calculating the size of the output within the `tf.range` kernel, there is a conditional statement of type `int64… | |||
| CVE-2021-41203 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions an attacker can trigger undefined behavior, integer overflows, segfaults and `CHECK`-fail crashes if they can change s… | |||
| CVE-2021-41204 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions during TensorFlow's Grappler optimizer phase, constant folding might attempt to deep copy a resource tensor. This resu… | |||
| CVE-2021-41205 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the shape inference functions for the `QuantizeAndDequantizeV*` operations can trigger a read outside of bounds of hea… | |||
| CVE-2021-41206 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions several TensorFlow operations are missing validation for the shapes of the tensor arguments involved in the call. Depe… | |||
| CVE-2021-41207 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the implementation of `ParallelConcat` misses some input validation and can produce a division by 0. The fix will be i… | |||
| CVE-2021-41209 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the implementations for convolution operators trigger a division by 0 if passed empty filter tensor arguments. The fix… | |||
| CVE-2021-41210 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the shape inference functions for `SparseCountSparseOutput` can trigger a read outside of bounds of heap allocated arr… | |||
| CVE-2021-41211 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `QuantizeV2` can trigger a read outside of bounds of heap allocated array. This occurs wh… | |||
| CVE-2021-41212 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `tf.ragged.cross` can trigger a read outside of bounds of heap allocated array. The fix w… | |||
| CVE-2021-41213 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the code behind `tf.function` API can be made to deadlock when two `tf.function` decorated Python functions are mutual… | |||
| CVE-2021-41214 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `tf.ragged.cross` has an undefined behavior due to binding a reference to `nullptr`. The … | |||
| CVE-2021-41215 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `DeserializeSparse` can trigger a null pointer dereference. This is because the shape inf… | |||
| CVE-2021-41216 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the shape inference function for `Transpose` is vulnerable to a heap buffer overflow. This occurs whenever `perm` cont… | |||
| CVE-2021-41217 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the process of building the control flow graph for a TensorFlow model is vulnerable to a null pointer exception when n… | |||
| CVE-2021-41218 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `AllToAll` can be made to execute a division by 0. This occurs whenever the `split_count`… | |||
| CVE-2021-41219 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the code for sparse matrix multiplication is vulnerable to undefined behavior via binding a reference to `nullptr`. Th… | |||
| CVE-2021-41220 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the async implementation of `CollectiveReduceV2` suffers from a memory leak and a use after free. This occurs due to t… | |||
| CVE-2021-41221 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for the `Cudnn*` operations in TensorFlow can be tricked into accessing invalid memory, via a… | |||
| CVE-2021-41222 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the implementation of `SplitV` can trigger a segfault is an attacker supplies negative arguments. This occurs whenever… | |||
| CVE-2021-41223 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the implementation of `FusedBatchNorm` kernels is vulnerable to a heap OOB access. The fix will be included in TensorF… | |||
| CVE-2021-41224 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the implementation of `SparseFillEmptyRows` can be made to trigger a heap OOB access. This occurs whenever the size of… | |||
| CVE-2021-41225 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions TensorFlow's Grappler optimizer has a use of unitialized variable. If the `train_nodes` vector (obtained from the save… | |||
| CVE-2021-41226 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the implementation of `SparseBinCount` is vulnerable to a heap OOB access. This is because of missing validation betwe… |