Total
10481 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-34871 | 1 Bentley | 2 Bentley View, Microstation | 2022-01-14 | 6.8 MEDIUM | 7.8 HIGH |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14695. | |||||
CVE-2021-24042 | 1 Whatsapp | 1 Whatsapp | 2022-01-14 | 7.5 HIGH | 9.8 CRITICAL |
The calling logic for WhatsApp for Android prior to v2.21.23, WhatsApp Business for Android prior to v2.21.23, WhatsApp for iOS prior to v2.21.230, WhatsApp Business for iOS prior to v2.21.230, WhatsApp for KaiOS prior to v2.2143, WhatsApp Desktop prior to v2.2146 could have allowed an out-of-bounds write if a user makes a 1:1 call to a malicious actor. | |||||
CVE-2021-39990 | 1 Huawei | 1 Harmonyos | 2022-01-14 | 7.5 HIGH | 9.8 CRITICAL |
The screen lock module has a Stack-based Buffer Overflow vulnerability.Successful exploitation of this vulnerability may affect user experience. | |||||
CVE-2022-22707 | 2 Debian, Lighttpd | 2 Debian Linux, Lighttpd | 2022-01-13 | 4.3 MEDIUM | 5.9 MEDIUM |
In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded function of the mod_extforward plugin has a stack-based buffer overflow (4 bytes representing -1), as demonstrated by remote denial of service (daemon crash) in a non-default configuration. The non-default configuration requires handling of the Forwarded header in a somewhat unusual manner. Also, a 32-bit system is much more likely to be affected than a 64-bit system. | |||||
CVE-2021-35093 | 1 Qualcomm | 4 Csr8510 A10, Csr8510 A10 Firmware, Csr8811 A12 and 1 more | 2022-01-13 | 3.3 LOW | 6.5 MEDIUM |
Possible memory corruption in BT controller when it receives an oversized LMP packet over 2-DH1 link and leads to denial of service in BlueCore | |||||
CVE-2021-40002 | 1 Huawei | 1 Harmonyos | 2022-01-13 | 5.8 MEDIUM | 8.8 HIGH |
The Bluetooth module has an out-of-bounds write vulnerability. Successful exploitation of this vulnerability may result in malicious command execution at the remote end. | |||||
CVE-2021-40009 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-01-13 | 5.0 MEDIUM | 5.3 MEDIUM |
There is an Out-of-bounds write vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity. | |||||
CVE-2021-40028 | 1 Huawei | 1 Harmonyos | 2022-01-13 | 5.0 MEDIUM | 7.5 HIGH |
The eID module has an out-of-bounds memory write vulnerability,Successful exploitation of this vulnerability may affect data integrity. | |||||
CVE-2021-40026 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-01-13 | 5.0 MEDIUM | 7.5 HIGH |
There is a Heap-based buffer overflow vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity. | |||||
CVE-2021-40021 | 1 Huawei | 1 Harmonyos | 2022-01-13 | 5.0 MEDIUM | 7.5 HIGH |
The eID module has an out-of-bounds memory write vulnerability,Successful exploitation of this vulnerability may affect data confidentiality. | |||||
CVE-2021-39996 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-01-13 | 7.5 HIGH | 9.8 CRITICAL |
There is a Heap-based buffer overflow vulnerability with the NFC module in smartphones. Successful exploitation of this vulnerability may cause memory overflow. | |||||
CVE-2021-40000 | 1 Huawei | 1 Harmonyos | 2022-01-12 | 5.8 MEDIUM | 8.8 HIGH |
The Bluetooth module has an out-of-bounds write vulnerability. Successful exploitation of this vulnerability may result in malicious command execution at the remote end. | |||||
CVE-2021-45830 | 1 Hdfgroup | 1 Hdf5 | 2022-01-12 | 4.3 MEDIUM | 5.5 MEDIUM |
A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via H5F_addr_decode_len in /hdf5/src/H5Fint.c, which could cause a Denial of Service. | |||||
CVE-2021-45833 | 1 Hdfgroup | 1 Hdf5 | 2022-01-12 | 4.3 MEDIUM | 5.5 MEDIUM |
A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 via the H5D__create_chunk_file_map_hyper function in /hdf5/src/H5Dchunk.c, which causes a Denial of Service (context-dependent). | |||||
CVE-2021-45928 | 1 Libjxl Project | 1 Libjxl | 2022-01-12 | 2.1 LOW | 5.5 MEDIUM |
libjxl b02d6b9, as used in libvips 8.11 through 8.11.2 and other products, has an out-of-bounds write in jxl::ModularFrameDecoder::DecodeGroup (called from jxl::FrameDecoder::ProcessACGroup and jxl::ThreadPool::RunCallState<jxl::FrameDecoder::ProcessSections). | |||||
CVE-2021-45939 | 1 Wolfssl | 1 Wolfmqtt | 2022-01-11 | 4.3 MEDIUM | 5.5 MEDIUM |
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_WaitType and MqttClient_Subscribe). | |||||
CVE-2021-45938 | 1 Wolfssl | 1 Wolfmqtt | 2022-01-11 | 4.3 MEDIUM | 5.5 MEDIUM |
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_WaitType and MqttClient_Unsubscribe). | |||||
CVE-2021-45937 | 1 Wolfssl | 1 Wolfmqtt | 2022-01-11 | 4.3 MEDIUM | 5.5 MEDIUM |
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_WaitType and MqttClient_Connect). | |||||
CVE-2021-45936 | 1 Wolfssl | 1 Wolfmqtt | 2022-01-11 | 4.3 MEDIUM | 5.5 MEDIUM |
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttDecode_Disconnect (called from MqttClient_DecodePacket and MqttClient_WaitType). | |||||
CVE-2021-45934 | 1 Wolfssl | 1 Wolfmqtt | 2022-01-11 | 4.3 MEDIUM | 5.5 MEDIUM |
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_HandlePacket and MqttClient_WaitType). |