CVEs from 2021
Total
4,792
critical
critical 280
high
high 1,018
medium
medium 1,176
low
low 138
% Critical
5.8%
% with KEV
4.4%
% with exploit
5.3%
Top vendors
Top products
- simatic_wincc_runtime_advanced 28
- office 13
- primavera_gateway 10
- weblogic_server 9
- primavera_unifier 8
- modicon_m340_bmxp342020 8
- log4j 8
- communications_unified_inventory_management 7
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-21781 | high | — | 8.0 | 4y ago | An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application… | |||
| CVE-2021-3743 | high | — | 8.0 | 4y ago | An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. A missing sanity check allows a local attacker to gain access to out-of-bounds memory, leadi… | |||
| CVE-2021-37159 | high | — | 8.0 | 4y ago | hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free. | |||
| CVE-2021-4037 | high | — | 8.0 | 4y ago | A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership an… | |||
| CVE-2021-3773 | high | — | 8.0 | 4y ago | RHSA-2022:1988: kernel security, bug fix, and enhancement update (Important) | |||
| CVE-2021-45486 | high | — | 8.0 | 4y ago | In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak because the hash table is very small. | |||
| CVE-2021-45485 | high | — | 8.0 | 4y ago | In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that… | |||
| CVE-2021-44733 | high | — | 8.0 | 4y ago | A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a s… | |||
| CVE-2021-43976 | high | — | 8.0 | 4y ago | In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_pan… | |||
| CVE-2021-43056 | high | — | 8.0 | 4y ago | An issue was discovered in the Linux kernel for powerpc before 5.14.15. It allows a malicious KVM guest to crash the host, when the host is running on Power8, due to an arch/powerpc/kvm/book3s_hv_rmh… | |||
| CVE-2021-42739 | high | — | 8.0 | 4y ago | The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles… | |||
| CVE-2021-3764 | high | — | 8.0 | 4y ago | A memory leak flaw was found in the Linux kernel's ccp_run_aes_gcm_cmd() function that allows an attacker to cause a denial of service. The vulnerability is similar to the older CVE-2019-18808. The h… | |||
| CVE-2021-3669 | high | — | 8.0 | 4y ago | A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS. | |||
| CVE-2021-3759 | high | — | 8.0 | 4y ago | A memory overflow vulnerability was found in the Linux kernel’s ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw al… | |||
| CVE-2021-3752 | high | — | 8.0 | 4y ago | A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to… | |||
| CVE-2021-29154 | high | — | 8.0 | 4y ago | BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/… | |||
| CVE-2021-43389 | high | — | 8.0 | 4y ago | An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c. | |||
| CVE-2021-43813 | high | — | 8.0 | 4y ago | directory traversal in grafana | |||
| CVE-2021-47501 | high | — | 8.0 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc When trying to dump VFs VSI RX/TX descriptors using debugfs there was a … | |||
| CVE-2021-47590 | high | — | 8.0 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: mptcp: fix deadlock in __mptcp_push_pending() __mptcp_push_pending() may call mptcp_flush_join_list() with subflow socket lock he… | |||
| CVE-2021-47498 | high | — | 8.0 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: dm rq: don't queue request to blk-mq during DM suspend DM uses blk-mq's quiesce/unquiesce to stop/start device mapper queue. But… | |||
| CVE-2021-4460 | high | — | 8.0 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix UBSAN shift-out-of-bounds warning If get_num_sdma_queues or get_num_xgmi_sdma_queues is 0, we end up doing a shif… | |||
| CVE-2021-47203 | high | — | 8.0 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq() When parsing the txq list in lpfc_drain_txq(), the driver attempts to p… | |||
| CVE-2021-47178 | high | — | 8.0 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Avoid smp_processor_id() in preemptible code The BUG message "BUG: using smp_processor_id() in preemptible [0… | |||
| CVE-2021-40490 | high | — | 8.0 | 4y ago | A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. | |||
| CVE-2021-4093 | high | — | 8.0 | 4y ago | A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State (SEV-ES). A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host ker… | |||
| CVE-2021-47435 | high | — | 8.0 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: dm: fix mempool NULL pointer race when completing IO dm_io_dec_pending() calls end_io_acct() first and will then dec md in-flight… | |||
| CVE-2021-47544 | high | — | 8.0 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: tcp: fix page frag corruption on page fault Steffen reported a TCP stream corruption for HTTP requests served by the apache web-s… | |||
| CVE-2021-47614 | high | — | 8.0 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix a user-after-free in add_pble_prm When irdma_hmc_sd_one fails, 'chunk' is freed while its still on the PBLE info … | |||
| CVE-2021-47301 | high | — | 8.0 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: igb: Fix use-after-free error during reset Cleans the next descriptor to watch (next_to_watch) when cleaning the TX ring. Failur… | |||
| CVE-2021-3923 | high | — | 8.0 | 4y ago | A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniba… | |||
| CVE-2021-25745 | high | — | 8.0 | 4y ago | Improper Input Validation in k8s.io/ingress-nginx | |||
| CVE-2021-3424 | high | — | 8.0 | 4y ago | Keycloak is vulnerable to IDN homograph attack | |||
| CVE-2021-3827 | high | — | 8.0 | 4y ago | ECP SAML binding bypasses authentication flows | |||
| CVE-2021-4028 | high | — | 8.0 | 4y ago | A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element t… | |||
| CVE-2021-20202 | high | — | 8.0 | 4y ago | Temporary Directory Hijacking Vulnerability in Keycloak | |||
| CVE-2021-45960 | high | — | 8.0 | 4y ago | RHSA-2022:0951: expat security update (Important) | |||
| CVE-2021-4154 | high | — | 8.0 | 4y ago | A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation b… | |||
| CVE-2021-30560 | high | — | 8.0 | 4y ago | Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2021-21237 | high | — | 8.0 | 4y ago | Git LFS is a command line extension for managing large files with Git. On Windows, if Git LFS operates on a malicious repository with a git.bat or git.exe file in the current directory, that program … | |||
| CVE-2021-45417 | high | — | 8.0 | 4y ago | RHSA-2022:0441: aide security update (Important) | |||
| CVE-2021-35560 | high | — | 8.0 | 4y ago | RHSA-2022:0345: java-1.8.0-ibm security update (Important) | |||
| CVE-2021-41035 | high | — | 8.0 | 4y ago | RHSA-2022:0345: java-1.8.0-ibm security update (Important) | |||
| CVE-2021-4155 | high | — | 8.0 | 4y ago | A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS … | |||
| CVE-2021-45463 | high | — | 8.0 | 4y ago | RHSA-2022:0177: gegl04 security update (Important) | |||
| CVE-2021-4140 | high | — | 8.0 | 5y ago | It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. | |||
| CVE-2021-44716 | high | — | 8.0 | 5y ago | net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests. | |||
| CVE-2021-44227 | high | — | 8.0 | 5y ago | RHSA-2021:4916: mailman:2.1 security update (Important) | |||
| CVE-2021-23192 | high | — | 8.0 | 5y ago | RHSA-2021:5082: samba security update (Important) | |||
| CVE-2021-43546 | high | — | 8.0 | 5y ago | It was possible to recreate previous cursor spoofing attacks against users with a zoomed native cursor. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95. | |||
| CVE-2021-43528 | high | — | 8.0 | 5y ago | multiple issues in thunderbird | |||
| CVE-2021-41090 | high | — | 8.0 | 5y ago | Instance config inline secret exposure in Grafana in github.com/grafana/agent | |||
| CVE-2021-43537 | high | — | 8.0 | 5y ago | An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Thunderbird < 91.4.0, F… | |||
| CVE-2021-43536 | high | — | 8.0 | 5y ago | Under certain circumstances, asynchronous functions could have caused a navigation to fail but expose the target URL. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefo… | |||
| CVE-2021-43542 | high | — | 8.0 | 5y ago | Using XMLHttpRequest, an attacker could have identified installed applications by probing error messages for loading external protocols. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR <… | |||
| CVE-2021-43541 | high | — | 8.0 | 5y ago | When invoking protocol handlers for external protocols, a supplied parameter URL containing spaces was not properly escaped. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and… | |||
| CVE-2021-43543 | high | — | 8.0 | 5y ago | Documents loaded with the CSP sandbox directive could have escaped the sandbox's script restriction by embedding additional content. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.… | |||
| CVE-2021-43539 | high | — | 8.0 | 5y ago | Failure to correctly record the location of live pointers across wasm instance calls resulted in a GC occurring within the call not tracing those live pointers. This could have led to a use-after-fre… | |||
| CVE-2021-43538 | high | — | 8.0 | 5y ago | By misusing a race in our notification code, an attacker could have forcefully hidden the notification for pages that had received full screen and pointer lock access, which could have been used for … | |||
| CVE-2021-43545 | high | — | 8.0 | 5y ago | Using the Location API in a loop could have caused severe application hangs and crashes. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95. | |||
| CVE-2021-4129 | high | — | 8.0 | 5y ago | Mozilla developers and community members Julian Hector, Randell Jesup, Gabriele Svelto, Tyson Smith, Christian Holler, and Masayuki Nakano reported memory safety bugs present in Firefox 94. Some of t… | |||
| CVE-2021-42096 | high | — | 8.0 | 5y ago | RHSA-2021:4826: mailman:2.1 security update (Important) | |||
| CVE-2021-42097 | high | — | 8.0 | 5y ago | RHSA-2021:4826: mailman:2.1 security update (Important) | |||
| CVE-2021-22204 | medium | — | 8.0 | 5y ago | Improper neutralization of user data in the DjVu file format in Exiftool versions 7.44 and up allows arbitrary code execution when parsing the malicious image | |||
| CVE-2021-20317 | high | — | 8.0 | 5y ago | A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueue_add function in lib/timerqueue.c. This flaw allows a local attacker with special us… | |||
| CVE-2021-43267 | high | — | 8.0 | 5y ago | An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient valid… | |||
| CVE-2021-41160 | high | — | 8.0 | 5y ago | RHSA-2021:4622: freerdp security update (Important) | |||
| CVE-2021-41159 | high | — | 8.0 | 5y ago | RHSA-2021:4622: freerdp security update (Important) | |||
| CVE-2021-41208 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the code for boosted trees in TensorFlow is still missing validation. As a result, attackers can trigger denial of ser… | |||
| CVE-2021-41195 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the implementation of `tf.math.segment_*` operations results in a `CHECK`-fail related abort (and denial of service) i… | |||
| CVE-2021-41196 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the Keras pooling layers can trigger a segfault if the size of the pool is 0 or if a dimension is negative. This is du… | |||
| CVE-2021-41197 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions TensorFlow allows tensor to have a large number of dimensions and each dimension can be as large as desired. However, … | |||
| CVE-2021-41198 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions if `tf.tile` is called with a large input argument then the TensorFlow process will crash due to a `CHECK`-failure cau… | |||
| CVE-2021-41199 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions if `tf.image.resize` is called with a large input argument then the TensorFlow process will crash due to a `CHECK`-fai… | |||
| CVE-2021-41200 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions if `tf.summary.create_file_writer` is called with non-scalar arguments code crashes due to a `CHECK`-fail. The fix wil… | |||
| CVE-2021-41201 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affeced versions during execution, `EinsumHelper::ParseEquation()` is supposed to set the flags in `input_has_ellipsis` vector and `*out… | |||
| CVE-2021-41202 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions while calculating the size of the output within the `tf.range` kernel, there is a conditional statement of type `int64… | |||
| CVE-2021-41203 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions an attacker can trigger undefined behavior, integer overflows, segfaults and `CHECK`-fail crashes if they can change s… | |||
| CVE-2021-41204 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions during TensorFlow's Grappler optimizer phase, constant folding might attempt to deep copy a resource tensor. This resu… | |||
| CVE-2021-41205 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the shape inference functions for the `QuantizeAndDequantizeV*` operations can trigger a read outside of bounds of hea… | |||
| CVE-2021-41206 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions several TensorFlow operations are missing validation for the shapes of the tensor arguments involved in the call. Depe… | |||
| CVE-2021-41207 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the implementation of `ParallelConcat` misses some input validation and can produce a division by 0. The fix will be i… | |||
| CVE-2021-41209 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the implementations for convolution operators trigger a division by 0 if passed empty filter tensor arguments. The fix… | |||
| CVE-2021-41210 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the shape inference functions for `SparseCountSparseOutput` can trigger a read outside of bounds of heap allocated arr… | |||
| CVE-2021-41211 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `QuantizeV2` can trigger a read outside of bounds of heap allocated array. This occurs wh… | |||
| CVE-2021-41212 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `tf.ragged.cross` can trigger a read outside of bounds of heap allocated array. The fix w… | |||
| CVE-2021-41213 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the code behind `tf.function` API can be made to deadlock when two `tf.function` decorated Python functions are mutual… | |||
| CVE-2021-41214 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `tf.ragged.cross` has an undefined behavior due to binding a reference to `nullptr`. The … | |||
| CVE-2021-41215 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `DeserializeSparse` can trigger a null pointer dereference. This is because the shape inf… | |||
| CVE-2021-41216 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the shape inference function for `Transpose` is vulnerable to a heap buffer overflow. This occurs whenever `perm` cont… | |||
| CVE-2021-41217 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the process of building the control flow graph for a TensorFlow model is vulnerable to a null pointer exception when n… | |||
| CVE-2021-41218 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `AllToAll` can be made to execute a division by 0. This occurs whenever the `split_count`… | |||
| CVE-2021-41219 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the code for sparse matrix multiplication is vulnerable to undefined behavior via binding a reference to `nullptr`. Th… | |||
| CVE-2021-41220 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the async implementation of `CollectiveReduceV2` suffers from a memory leak and a use after free. This occurs due to t… | |||
| CVE-2021-41221 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for the `Cudnn*` operations in TensorFlow can be tricked into accessing invalid memory, via a… | |||
| CVE-2021-41222 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the implementation of `SplitV` can trigger a segfault is an attacker supplies negative arguments. This occurs whenever… | |||
| CVE-2021-41223 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the implementation of `FusedBatchNorm` kernels is vulnerable to a heap OOB access. The fix will be included in TensorF… | |||
| CVE-2021-41224 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the implementation of `SparseFillEmptyRows` can be made to trigger a heap OOB access. This occurs whenever the size of… | |||
| CVE-2021-41225 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions TensorFlow's Grappler optimizer has a use of unitialized variable. If the `train_nodes` vector (obtained from the save… | |||
| CVE-2021-41226 | high | — | 8.0 | 5y ago | TensorFlow is an open source platform for machine learning. In affected versions the implementation of `SparseBinCount` is vulnerable to a heap OOB access. This is because of missing validation betwe… |