Vulnerabilities (CVE)

Filtered by CWE-787
Total 10481 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-46816 3 Adobe, Apple, Microsoft 3 Premiere Pro, Macos, Windows 2022-06-30 6.8 MEDIUM 7.8 HIGH
Adobe Premiere Pro version 15.4 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file.
CVE-2021-46817 3 Adobe, Apple, Microsoft 3 Media Encoder, Macos, Windows 2022-06-30 6.8 MEDIUM 7.8 HIGH
Adobe Media Encoder version 15.4 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file.
CVE-2021-46818 3 Adobe, Apple, Microsoft 3 Media Encoder, Macos, Windows 2022-06-30 6.8 MEDIUM 7.8 HIGH
Adobe Media Encoder version 15.4 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file.
CVE-2021-28602 2 Adobe, Microsoft 2 After Effects, Windows 2022-06-29 6.8 MEDIUM 7.8 HIGH
Adobe After Effects version 18.2 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-28605 2 Adobe, Microsoft 2 After Effects, Windows 2022-06-29 9.3 HIGH 7.8 HIGH
Adobe After Effects version 18.2 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-28607 2 Adobe, Microsoft 2 After Effects, Windows 2022-06-29 9.3 HIGH 7.8 HIGH
Adobe After Effects version 18.2 (and earlier) is affected by a heap corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2020-13547 1 Foxitsoftware 1 Foxit Reader 2022-06-29 6.8 MEDIUM 8.8 HIGH
A type confusion vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger an improper use of an object, resulting in memory corruption and arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
CVE-2022-27869 1 Autodesk 1 Autocad 2022-06-29 6.8 MEDIUM 7.8 HIGH
A maliciously crafted TIFF file in Autodesk AutoCAD 2023 can be forced to read and write beyond allocated boundaries when parsing the TIFF file. This vulnerability can be exploited to execute arbitrary code.
CVE-2022-27870 1 Autodesk 1 Autocad 2022-06-29 6.8 MEDIUM 7.8 HIGH
A maliciously crafted TGA file in Autodesk AutoCAD 2023 may be used to write beyond the allocated buffer while parsing TGA file. This vulnerability may be exploited to execute arbitrary code.
CVE-2022-33034 1 Gnu 1 Libredwg 2022-06-29 6.8 MEDIUM 7.8 HIGH
LibreDWG v0.12.4.4608 was discovered to contain a stack overflow via the function copy_bytes at decode_r2007.c.
CVE-2018-25042 1 Bittorrent 1 Utorrent 2022-06-29 6.8 MEDIUM 8.8 HIGH
A vulnerability classified as critical has been found in uTorrent. This affects an unknown part. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to upgrade the affected component.
CVE-2021-41683 1 Jerryscript 1 Jerryscript 2022-06-28 6.8 MEDIUM 7.8 HIGH
There is a stack-overflow at ecma-helpers.c:326 in ecma_get_lex_env_type in JerryScript 2.4.0
CVE-2022-29496 1 Blynk 1 Blynk-library 2022-06-28 7.5 HIGH 9.8 CRITICAL
A stack-based buffer overflow vulnerability exists in the BlynkConsole.h runCommand functionality of Blynk -Library v1.0.1. A specially-crafted network request can lead to command execution. An attacker can send a network request to trigger this vulnerability.
CVE-2020-29614 1 Apple 5 Ipados, Iphone Os, Mac Os X and 2 more 2022-06-28 6.8 MEDIUM 7.8 HIGH
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. Processing a maliciously crafted file may lead to heap corruption.
CVE-2021-1808 1 Apple 6 Ipados, Iphone Os, Mac Os X and 3 more 2022-06-28 5.0 MEDIUM 7.5 HIGH
A memory corruption issue was addressed with improved validation. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. An application may be able to read restricted memory.
CVE-2020-27933 1 Apple 6 Icloud, Ipados, Iphone Os and 3 more 2022-06-28 6.8 MEDIUM 7.8 HIGH
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, iCloud for Windows 7.20, watchOS 6.2.8, tvOS 13.4.8, macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra. Processing a maliciously crafted image may lead to arbitrary code execution.
CVE-2020-9967 1 Apple 6 Ipados, Iphone Os, Mac Os X and 3 more 2022-06-28 9.3 HIGH 7.8 HIGH
Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, tvOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.0, iOS 14.0 and iPadOS 14.0. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory.
CVE-2020-20254 1 Mikrotik 1 Routeros 2022-06-28 4.0 MEDIUM 6.5 MEDIUM
Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).
CVE-2020-20265 1 Mikrotik 1 Routeros 2022-06-28 4.0 MEDIUM 6.5 MEDIUM
Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /ram/pckg/wireless/nova/bin/wireless process. An authenticated remote attacker can cause a Denial of Service due via a crafted packet.
CVE-2021-35590 2 Netapp, Oracle 3 Oncommand Insight, Snapcenter, Mysql Cluster 2022-06-28 6.5 MEDIUM 6.3 MEDIUM
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.33 and prior, 7.5.23 and prior, 7.6.19 and prior and 8.0.26 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H).