Total
6166 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-0114 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-11-07 | 5.8 MEDIUM | 8.1 HIGH |
| Out of bounds memory access in Blink Serial API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page and virtual serial port driver. | |||||
| CVE-2021-4193 | 4 Apple, Debian, Fedoraproject and 1 more | 5 Mac Os X, Macos, Debian Linux and 2 more | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| vim is vulnerable to Out-of-bounds Read | |||||
| CVE-2021-4183 | 3 Fedoraproject, Oracle, Wireshark | 4 Fedora, Http Server, Zfs Storage Appliance Kit and 1 more | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| Crash in the pcapng file parser in Wireshark 3.6.0 allows denial of service via crafted capture file | |||||
| CVE-2021-4181 | 4 Debian, Fedoraproject, Oracle and 1 more | 5 Debian Linux, Fedora, Http Server and 2 more | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file | |||||
| CVE-2021-4166 | 7 Apple, Debian, Fedoraproject and 4 more | 8 Mac Os X, Macos, Debian Linux and 5 more | 2023-11-07 | 5.8 MEDIUM | 7.1 HIGH |
| vim is vulnerable to Out-of-bounds Read | |||||
| CVE-2021-4093 | 4 Canonical, Fedoraproject, Linux and 1 more | 4 Ubuntu Linux, Fedora, Linux Kernel and 1 more | 2023-11-07 | 7.2 HIGH | 8.8 HIGH |
| A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State (SEV-ES). A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction (for example, outs or ins) using the exit reason SVM_EXIT_IOIO. This issue results in a crash of the entire system or a potential guest-to-host escape scenario. | |||||
| CVE-2021-4048 | 5 Fedoraproject, Julialang, Lapack Project and 2 more | 8 Fedora, Julia, Lapack and 5 more | 2023-11-07 | 6.4 MEDIUM | 9.1 CRITICAL |
| An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version 0.3.18. Specially crafted inputs passed to these functions could cause an application using lapack to crash or possibly disclose portions of its memory. | |||||
| CVE-2021-46768 | 1 Amd | 4 Milanpi, Milanpi Firmware, Romepi and 1 more | 2023-11-07 | N/A | 5.5 MEDIUM |
| Insufficient input validation in SEV firmware may allow an attacker to perform out-of-bounds memory reads within the ASP boot loader, potentially leading to a denial of service. | |||||
| CVE-2021-45469 | 4 Debian, Fedoraproject, Linux and 1 more | 19 Debian Linux, Fedora, Linux Kernel and 16 more | 2023-11-07 | 4.6 MEDIUM | 7.8 HIGH |
| In __f2fs_setxattr in fs/f2fs/xattr.c in the Linux kernel through 5.15.11, there is an out-of-bounds memory access when an inode has an invalid last xattr entry. | |||||
| CVE-2021-45060 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2023-11-07 | 9.3 HIGH | 7.8 HIGH |
| Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-45055 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe InCopy version 16.4 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-44700 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| Adobe Illustrator versions 25.4.2 (and earlier) and 26.0.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-44269 | 2 Fedoraproject, Wavpack | 2 Fedora, Wavpack | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| An out of bounds read was found in Wavpack 5.4.0 in processing *.WAV files. This issue triggered in function WavpackPackSamples of file src/pack_utils.c, tainted variable cnt is too large, that makes pointer sptr read beyond heap bound. | |||||
| CVE-2021-44187 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2023-11-07 | 4.3 MEDIUM | 3.3 LOW |
| Adobe Bridge version 11.1.2 (and earlier) and version 12.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious SGI file. | |||||
| CVE-2021-44186 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2023-11-07 | 4.3 MEDIUM | 3.3 LOW |
| Adobe Bridge version 11.1.2 (and earlier) and version 12.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious SGI file. | |||||
| CVE-2021-44185 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2023-11-07 | 4.3 MEDIUM | 3.3 LOW |
| Adobe Bridge version 11.1.2 (and earlier) and version 12.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious RGB file. | |||||
| CVE-2021-44183 | 3 Adobe, Apple, Microsoft | 3 Dimension, Macos, Windows | 2023-11-07 | 4.3 MEDIUM | 3.3 LOW |
| Adobe Dimension versions 3.4.3 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious TIF file. | |||||
| CVE-2021-44182 | 3 Adobe, Apple, Microsoft | 3 Dimension, Macos, Windows | 2023-11-07 | 4.3 MEDIUM | 3.3 LOW |
| Adobe Dimension versions 3.4.3 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious SVG file. | |||||
| CVE-2021-44142 | 6 Canonical, Debian, Fedoraproject and 3 more | 23 Ubuntu Linux, Debian Linux, Fedora and 20 more | 2023-11-07 | 9.0 HIGH | 8.8 HIGH |
| The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root. | |||||
| CVE-2021-43763 | 3 Adobe, Apple, Microsoft | 3 Dimension, Macos, Windows | 2023-11-07 | 4.3 MEDIUM | 3.3 LOW |
| Adobe Dimension versions 3.4.3 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious TIF file. | |||||