Total
10481 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-21782 | 1 Accusoft | 1 Imagegear | 2023-06-26 | 6.8 MEDIUM | 8.8 HIGH |
| An out-of-bounds write vulnerability exists in the SGI format buffer size processing functionality of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2021-21793 | 1 Accusoft | 1 Imagegear | 2023-06-26 | 6.8 MEDIUM | 8.8 HIGH |
| An out-of-bounds write vulnerability exists in the JPG sof_nb_comp header processing functionality of Accusoft ImageGear 19.8 and 19.9. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2021-3610 | 3 Fedoraproject, Imagemagick, Redhat | 3 Fedora, Imagemagick, Enterprise Linux | 2023-06-26 | 5.0 MEDIUM | 7.5 HIGH |
| A heap-based buffer overflow vulnerability was found in ImageMagick in versions prior to 7.0.11-14 in ReadTIFFImage() in coders/tiff.c. This issue is due to an incorrect setting of the pixel array size, which can lead to a crash and segmentation fault. | |||||
| CVE-2021-46598 | 1 Bentley | 3 Microstation, Microstation Connect, View | 2023-06-26 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15392. | |||||
| CVE-2021-46157 | 1 Siemens | 1 Simcenter Femap | 2023-06-26 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap V2021.1 (All versions). Affected application contains a memory corruption vulnerability while parsing NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-14757) | |||||
| CVE-2021-46153 | 1 Siemens | 1 Simcenter Femap | 2023-06-26 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap V2021.1 (All versions). Affected application contains a memory corruption vulnerability while parsing NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-14645, ZDI-CAN-15305, ZDI-CAN-15589, ZDI-CAN-15599) | |||||
| CVE-2021-44016 | 1 Siemens | 3 Jt2go, Solid Edge, Teamcenter Visualization | 2023-06-26 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in JT2Go (All versions < V13.2.0.7), Solid Edge SE2021 (All versions < SE2021MP9), Solid Edge SE2022 (All versions < SE2022MP1), Teamcenter Visualization V13.1 (All versions < V13.1.0.9), Teamcenter Visualization V13.2 (All versions < V13.2.0.7), Teamcenter Visualization V13.3 (All versions < V13.3.0.1). The plmxmlAdapterSE70.dll library is vulnerable to memory corruption condition while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-15110) | |||||
| CVE-2023-32201 | 1 Fujielectric | 2 Tellus, Tellus Lite | 2023-06-26 | N/A | 7.8 HIGH |
| Stack-based buffer overflow vulnerability exists in TELLUS v4.0.15.0 and TELLUS Lite v4.0.15.0. Opening a specially crafted SIM2 file may lead to information disclosure and/or arbitrary code execution. This vulnerability is different from CVE-2023-32538 and CVE-2023-32273. | |||||
| CVE-2014-125106 | 1 Nanopb Project | 1 Nanopb | 2023-06-26 | N/A | 9.8 CRITICAL |
| Nanopb before 0.3.1 allows size_t overflows in pb_dec_bytes and pb_dec_string. | |||||
| CVE-2022-0500 | 3 Fedoraproject, Linux, Netapp | 18 Fedora, Linux Kernel, H300e and 15 more | 2023-06-26 | 7.2 HIGH | 7.8 HIGH |
| A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel’s BPF subsystem due to the way a user loads BTF. This flaw allows a local user to crash or escalate their privileges on the system. | |||||
| CVE-2021-21939 | 1 Accusoft | 1 Imagegear | 2023-06-26 | 6.8 MEDIUM | 8.8 HIGH |
| A heap-based buffer overflow vulnerability exists in the XWD parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2021-3675 | 1 Synaptics | 1 Fingerprint Driver | 2023-06-26 | 3.6 LOW | 7.1 HIGH |
| Improper Input Validation vulnerability in synaTEE.signed.dll of Synaptics Fingerprint Driver allows a local authorized attacker to overwrite a heap tag, with potential loss of confidentiality. This issue affects: Synaptics Synaptics Fingerprint Driver 5.1.xxx.26 versions prior to xxx=340 on x86/64; 5.2.xxxx.26 versions prior to xxxx=3541 on x86/64; 5.2.2xx.26 versions prior to xx=29 on x86/64; 5.2.3xx.26 versions prior to xx=25 on x86/64; 5.3.xxxx.26 versions prior to xxxx=3543 on x86/64; 5.5.xx.1058 versions prior to xx=44 on x86/64; 5.5.xx.1102 versions prior to xx=34 on x86/64; 5.5.xx.1116 versions prior to xx=14 on x86/64; 6.0.xx.1104 versions prior to xx=50 on x86/64; 6.0.xx.1108 versions prior to xx=31 on x86/64; 6.0.xx.1111 versions prior to xx=58 on x86/64. | |||||
| CVE-2023-34612 | 1 Ph-json Project | 1 Ph-json | 2023-06-26 | N/A | 7.5 HIGH |
| An issue was discovered ph-json thru 9.5.5 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies. | |||||
| CVE-2023-35110 | 1 Jjson Project | 1 Jjson | 2023-06-26 | N/A | 7.5 HIGH |
| An issue was discovered jjson thru 0.1.7 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies. | |||||
| CVE-2023-34611 | 1 Mjson Project | 1 Mjson | 2023-06-26 | N/A | 7.5 HIGH |
| An issue was discovered mjson thru 1.4.1 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies. | |||||
| CVE-2023-34610 | 1 Json-io Project | 1 Json-io | 2023-06-26 | N/A | 7.5 HIGH |
| An issue was discovered json-io thru 4.14.0 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies. | |||||
| CVE-2023-34609 | 1 Flexjson Project | 1 Flexjson | 2023-06-26 | N/A | 7.5 HIGH |
| An issue was discovered flexjson thru 3.3 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies. | |||||
| CVE-2022-24063 | 1 Santesoft | 1 Dicom Viewer Pro | 2023-06-23 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro 13.2.0.21165. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15105. | |||||
| CVE-2022-28550 | 1 Jhead Project | 1 Jhead | 2023-06-23 | N/A | 9.8 CRITICAL |
| Matthias-Wandel/jhead jhead 3.06 is vulnerable to Buffer Overflow via shellescape(), jhead.c, jhead. jhead copies strings to a stack buffer when it detects a &i or &o. However, jhead does not check the boundary of the stack buffer. As a result, there will be a stack buffer overflow problem when multiple `&i` or `&o` are given. | |||||
| CVE-2023-29562 | 1 Tp-link | 2 Tl-wpa7510, Tl-wpa7510 Firmware | 2023-06-23 | N/A | 9.8 CRITICAL |
| TP-Link TL-WPA7510 (EU)_V2_190125 was discovered to contain a stack overflow via the operation parameter at /admin/locale. | |||||