CVEs from 2021
Total
4,792
critical
critical 280
high
high 1,018
medium
medium 1,176
low
low 138
% Critical
5.8%
% with KEV
4.4%
% with exploit
5.3%
Top vendors
Top products
- simatic_wincc_runtime_advanced 28
- office 13
- primavera_gateway 10
- weblogic_server 9
- primavera_unifier 8
- modicon_m340_bmxp342020 8
- log4j 8
- communications_unified_inventory_management 7
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-28650 | medium | — | 5.5 | 5y ago | RHSA-2021:4381: GNOME security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-30689 | medium | — | 5.5 | 5y ago | A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted … | |||
| CVE-2021-1765 | medium | — | 5.5 | 5y ago | This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted w… | |||
| CVE-2021-1788 | medium | — | 5.5 | 5y ago | A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS… | |||
| CVE-2021-1801 | medium | — | 5.5 | 5y ago | This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.… | |||
| CVE-2021-1844 | medium | — | 5.5 | 5y ago | A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur… | |||
| CVE-2021-21775 | medium | — | 5.5 | 5y ago | A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak… | |||
| CVE-2021-21779 | medium | — | 5.5 | 5y ago | A use-after-free vulnerability exists in the way Webkit’s GraphicsContext handles certain events in WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further… | |||
| CVE-2021-21806 | medium | — | 5.5 | 5y ago | An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in remote code execution.… | |||
| CVE-2021-30682 | medium | — | 5.5 | 5y ago | A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able… | |||
| CVE-2021-30720 | medium | — | 5.5 | 5y ago | A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious website may be able to … | |||
| CVE-2021-30734 | medium | — | 5.5 | 5y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing … | |||
| CVE-2021-30749 | medium | — | 5.5 | 5y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing … | |||
| CVE-2021-30758 | medium | — | 5.5 | 5y ago | A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web conte… | |||
| CVE-2021-30797 | medium | — | 5.5 | 5y ago | This issue was addressed with improved checks. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to code … | |||
| CVE-2021-30795 | medium | — | 5.5 | 5y ago | A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web co… | |||
| CVE-2021-30799 | medium | — | 5.5 | 5y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave… | |||
| CVE-2021-1799 | medium | — | 5.5 | 5y ago | A port redirection issue was addressed with additional port validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watch… | |||
| CVE-2021-3487 | medium | — | 5.5 | 5y ago | RHSA-2021:4364: binutils security update (Moderate) | |||
| CVE-2021-20197 | medium | — | 5.5 | 5y ago | RHSA-2021:4364: binutils security update (Moderate) | |||
| CVE-2021-20284 | medium | — | 5.5 | 5y ago | RHSA-2021:4364: binutils security update (Moderate) | |||
| CVE-2021-27645 | medium | — | 5.5 | 5y ago | RHSA-2021:4358: glibc security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-35942 | medium | — | 5.5 | 5y ago | RHSA-2021:4358: glibc security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-33574 | medium | — | 5.5 | 5y ago | RHSA-2021:4358: glibc security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-20194 | medium | — | 5.5 | 5y ago | There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y , CONFIG_BPF=y , CONFIG_CGROUPS=y , CONFIG_CGROUP_BPF=y , CONFIG_HARD… | |||
| CVE-2021-0129 | medium | — | 5.5 | 5y ago | Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access. | |||
| CVE-2021-28950 | medium | — | 5.5 | 5y ago | An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A "stall on CPU" can occur because a retry loop continually finds the same bad inode, aka CID-775c5033a0d1. | |||
| CVE-2021-3659 | medium | — | 5.5 | 5y ago | A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash t… | |||
| CVE-2021-28971 | medium | — | 5.5 | 5y ago | In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PE… | |||
| CVE-2021-3635 | medium | — | 5.5 | 5y ago | A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. A user with root (CAP_SYS_ADMIN) access is able to panic the system when issuing netfilter netflow commands. | |||
| CVE-2021-29646 | medium | — | 5.5 | 5y ago | An issue was discovered in the Linux kernel before 5.11.11. tipc_nl_retrieve_key in net/tipc/node.c does not properly validate certain data sizes, aka CID-0217ed2848e8. | |||
| CVE-2021-29155 | medium | — | 5.5 | 5y ago | An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spe… | |||
| CVE-2021-29650 | medium | — | 5.5 | 5y ago | An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/… | |||
| CVE-2021-31829 | medium | — | 5.5 | 5y ago | kernel/bpf/verifier.c in the Linux kernel through 5.12.1 performs undesirable speculative loads, leading to disclosure of stack content via side-channel attacks, aka CID-801c6058d14a. The specific co… | |||
| CVE-2021-31916 | medium | — | 5.5 | 5y ago | An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux kernel before 5.12. A bound check failure allows an attacker… | |||
| CVE-2021-3348 | medium | — | 5.5 | 5y ago | nbd_add_socket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndb_queue_rq use-after-free that could be triggered by local attackers (with access to the nbd device) via an I/O requ… | |||
| CVE-2021-33200 | medium | — | 5.5 | 5y ago | kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations, aka CID-bb01a1bba579. This can be abused to perform out-of-bounds reads and write… | |||
| CVE-2021-3679 | medium | — | 5.5 | 5y ago | A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (… | |||
| CVE-2021-3732 | medium | — | 5.5 | 5y ago | A flaw was found in the Linux kernel's OverlayFS subsystem in the way the user mounts the TmpFS filesystem with OverlayFS. This flaw allows a local user to gain access to hidden files that should not… | |||
| CVE-2021-20239 | medium | — | 5.5 | 5y ago | A flaw was found in the Linux kernel in versions before 5.4.92 in the BPF protocol. This flaw allows an attacker with a local account to leak information about kernel internal addresses. The highest … | |||
| CVE-2021-23133 | medium | — | 5.5 | 5y ago | A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctp_des… | |||
| CVE-2021-31440 | medium | — | 5.5 | 5y ago | This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.11.15. An attacker must first obtain the ability to execute low-privileged code on the tar… | |||
| CVE-2021-3564 | medium | — | 5.5 | 5y ago | A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to c… | |||
| CVE-2021-3489 | medium | — | 5.5 | 5y ago | The eBPF RINGBUF bpf_ringbuf_reserve() function in the Linux kernel did not check that the allocated size was smaller than the ringbuf size, allowing an attacker to perform out-of-bounds writes withi… | |||
| CVE-2021-3600 | medium | — | 5.5 | 5y ago | It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. A local attacker could use th… | |||
| CVE-2021-3573 | medium | — | 5.5 | 5y ago | A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregist… | |||
| CVE-2021-33033 | medium | — | 5.5 | 5y ago | The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd.… | |||
| CVE-2021-39365 | medium | — | 5.5 | 5y ago | RHSA-2021:4339: grilo security update (Moderate) | |||
| CVE-2021-31535 | medium | — | 5.5 | 5y ago | RHSA-2021:4326: libX11 security update (Moderate) | |||
| CVE-2021-28091 | medium | — | 5.5 | 5y ago | RHSA-2021:4325: lasso security and enhancement update (Moderate) | |||
| CVE-2021-3571 | medium | — | 5.5 | 5y ago | RHSA-2021:4321: linuxptp security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-37619 | medium | — | 5.5 | 5y ago | RHSA-2021:4319: compat-exiv2-026 security update (Moderate) | |||
| CVE-2021-37618 | medium | — | 5.5 | 5y ago | RHSA-2021:4319: compat-exiv2-026 security update (Moderate) | |||
| CVE-2021-33620 | medium | — | 5.5 | 5y ago | RHSA-2021:4292: squid:4 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-31808 | medium | — | 5.5 | 5y ago | RHSA-2021:4292: squid:4 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-28662 | medium | — | 5.5 | 5y ago | RHSA-2021:4292: squid:4 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-28652 | medium | — | 5.5 | 5y ago | RHSA-2021:4292: squid:4 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-28651 | medium | — | 5.5 | 5y ago | RHSA-2021:4292: squid:4 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-29922 | medium | — | 5.5 | 5y ago | RHSA-2021:4270: rust-toolset:rhel8 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-30641 | medium | — | 5.5 | 5y ago | Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF' | |||
| CVE-2021-26690 | medium | — | 5.5 | 5y ago | Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service | |||
| CVE-2021-3575 | medium | — | 5.5 | 5y ago | RHSA-2021:4251: openjpeg2 security update (Moderate) | |||
| CVE-2021-29338 | medium | — | 5.5 | 5y ago | RHSA-2021:4251: openjpeg2 security update (Moderate) | |||
| CVE-2021-26926 | medium | — | 5.5 | 5y ago | RHSA-2021:4235: jasper security update (Moderate) | |||
| CVE-2021-26927 | medium | — | 5.5 | 5y ago | RHSA-2021:4235: jasper security update (Moderate) | |||
| CVE-2021-3272 | medium | — | 5.5 | 5y ago | RHSA-2021:4235: jasper security update (Moderate) | |||
| CVE-2021-21702 | medium | — | 5.5 | 5y ago | RHSA-2021:4213: php:7.4 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-20095 | medium | — | 5.5 | 5y ago | RHSA-2021:4201: babel security and bug fix update (Moderate) | |||
| CVE-2021-3592 | medium | — | 5.5 | 5y ago | An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootp_input() function and could occur while processing a udp packet that is s… | |||
| CVE-2021-3595 | medium | — | 5.5 | 5y ago | An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the tftp_input() function and could occur while processing a udp packet that is sm… | |||
| CVE-2021-3667 | medium | — | 5.5 | 5y ago | RHSA-2021:4191: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-3631 | medium | — | 5.5 | 5y ago | RHSA-2021:4191: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-3593 | medium | — | 5.5 | 5y ago | An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp6_input() function and could occur while processing a udp packet that is sm… | |||
| CVE-2021-3594 | medium | — | 5.5 | 5y ago | An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp_input() function and could occur while processing a udp packet that is sma… | |||
| CVE-2021-3181 | medium | — | 5.5 | 5y ago | RHSA-2021:4181: mutt security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-29470 | medium | — | 5.5 | 5y ago | RHSA-2021:4173: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-29463 | medium | — | 5.5 | 5y ago | RHSA-2021:4173: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-29464 | medium | — | 5.5 | 5y ago | RHSA-2021:4173: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-29623 | medium | — | 5.5 | 5y ago | RHSA-2021:4173: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-29473 | medium | — | 5.5 | 5y ago | RHSA-2021:4173: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-29458 | medium | — | 5.5 | 5y ago | RHSA-2021:4173: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-32617 | medium | — | 5.5 | 5y ago | RHSA-2021:4173: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-29457 | medium | — | 5.5 | 5y ago | RHSA-2021:4173: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-3482 | medium | — | 5.5 | 5y ago | RHSA-2021:4173: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-3481 | medium | — | 5.5 | 5y ago | RHSA-2021:4172: qt5 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-29921 | medium | — | 5.5 | 5y ago | In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This (in some situations) allows attackers to bypass access control that is bas… | |||
| CVE-2021-3448 | medium | — | 5.5 | 5y ago | RHSA-2021:4153: dnsmasq security and bug fix update (Moderate) | |||
| CVE-2021-47011 | medium | — | 5.5 | 5y ago | In the Linux kernel, the following vulnerability has been resolved: mm: memcontrol: slab: fix obtain a reference to a freeing memcg Patch series "Use obj_cgroup APIs to charge kmem pages", v5. Sin… | |||
| CVE-2021-3444 | medium | — | 5.5 | 5y ago | The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. A local attacker with the ability to load bpf programs c… | |||
| CVE-2021-46905 | medium | — | 5.5 | 5y ago | In the Linux kernel, the following vulnerability has been resolved: net: hso: fix NULL-deref on disconnect regression Commit 8a12f8836145 ("net: hso: fix null-ptr-deref during tty device unregistra… | |||
| CVE-2021-29657 | medium | — | 5.5 | 5y ago | arch/x86/kvm/svm/nested.c in the Linux kernel before 5.11.12 has a use-after-free in which an AMD KVM guest can bypass access control on host OS MSRs when there are nested guests, aka CID-a58d9166a75… | |||
| CVE-2021-47080 | medium | — | 5.5 | 5y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Prevent divide-by-zero error triggered by the user The user_entry_size is supplied by the user and later used as a den… | |||
| CVE-2021-28210 | medium | — | 5.5 | 5y ago | RHSA-2021:4198: edk2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-4442 | medium | — | 5.5 | 5y ago | In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity tests to TCP_QUEUE_SEQ Qingyu Li reported a syzkaller bug where the repro changes RCV SEQ _after_ restoring data … | |||
| CVE-2021-33098 | medium | — | 5.5 | 5y ago | Improper input validation in the Intel(R) Ethernet ixgbe driver for Linux before version 3.17.3 may allow an authenticated user to potentially enable denial of service via local access. | |||
| CVE-2021-46983 | medium | — | 5.5 | 5y ago | In the Linux kernel, the following vulnerability has been resolved: nvmet-rdma: Fix NULL deref when SEND is completed with error When running some traffic and taking down the link on peer, a retry … | |||
| CVE-2021-41174 | medium | — | 5.5 | 5y ago | cross-site scripting in grafana | |||
| CVE-2021-33928 | medium | — | 5.5 | 5y ago | Buffer overflow vulnerability in function pool_installable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. | |||
| CVE-2021-33938 | medium | — | 5.5 | 5y ago | Buffer overflow vulnerability in function prune_to_recommended in src/policy.c in libsolv before 0.7.17 allows attackers to cause a Denial of Service. | |||
| CVE-2021-33930 | medium | — | 5.5 | 5y ago | Buffer overflow vulnerability in function pool_installable_whatprovides in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. |