Vulnerabilities (CVE)

Filtered by CWE-787
Total 10481 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-34871 1 Bentley 2 Bentley View, Microstation 2022-01-14 6.8 MEDIUM 7.8 HIGH
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14695.
CVE-2021-24042 1 Whatsapp 1 Whatsapp 2022-01-14 7.5 HIGH 9.8 CRITICAL
The calling logic for WhatsApp for Android prior to v2.21.23, WhatsApp Business for Android prior to v2.21.23, WhatsApp for iOS prior to v2.21.230, WhatsApp Business for iOS prior to v2.21.230, WhatsApp for KaiOS prior to v2.2143, WhatsApp Desktop prior to v2.2146 could have allowed an out-of-bounds write if a user makes a 1:1 call to a malicious actor.
CVE-2021-39990 1 Huawei 1 Harmonyos 2022-01-14 7.5 HIGH 9.8 CRITICAL
The screen lock module has a Stack-based Buffer Overflow vulnerability.Successful exploitation of this vulnerability may affect user experience.
CVE-2022-22707 2 Debian, Lighttpd 2 Debian Linux, Lighttpd 2022-01-13 4.3 MEDIUM 5.9 MEDIUM
In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded function of the mod_extforward plugin has a stack-based buffer overflow (4 bytes representing -1), as demonstrated by remote denial of service (daemon crash) in a non-default configuration. The non-default configuration requires handling of the Forwarded header in a somewhat unusual manner. Also, a 32-bit system is much more likely to be affected than a 64-bit system.
CVE-2021-35093 1 Qualcomm 4 Csr8510 A10, Csr8510 A10 Firmware, Csr8811 A12 and 1 more 2022-01-13 3.3 LOW 6.5 MEDIUM
Possible memory corruption in BT controller when it receives an oversized LMP packet over 2-DH1 link and leads to denial of service in BlueCore
CVE-2021-40002 1 Huawei 1 Harmonyos 2022-01-13 5.8 MEDIUM 8.8 HIGH
The Bluetooth module has an out-of-bounds write vulnerability. Successful exploitation of this vulnerability may result in malicious command execution at the remote end.
CVE-2021-40009 1 Huawei 3 Emui, Harmonyos, Magic Ui 2022-01-13 5.0 MEDIUM 5.3 MEDIUM
There is an Out-of-bounds write vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
CVE-2021-40028 1 Huawei 1 Harmonyos 2022-01-13 5.0 MEDIUM 7.5 HIGH
The eID module has an out-of-bounds memory write vulnerability,Successful exploitation of this vulnerability may affect data integrity.
CVE-2021-40026 1 Huawei 3 Emui, Harmonyos, Magic Ui 2022-01-13 5.0 MEDIUM 7.5 HIGH
There is a Heap-based buffer overflow vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
CVE-2021-40021 1 Huawei 1 Harmonyos 2022-01-13 5.0 MEDIUM 7.5 HIGH
The eID module has an out-of-bounds memory write vulnerability,Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2021-39996 1 Huawei 3 Emui, Harmonyos, Magic Ui 2022-01-13 7.5 HIGH 9.8 CRITICAL
There is a Heap-based buffer overflow vulnerability with the NFC module in smartphones. Successful exploitation of this vulnerability may cause memory overflow.
CVE-2021-40000 1 Huawei 1 Harmonyos 2022-01-12 5.8 MEDIUM 8.8 HIGH
The Bluetooth module has an out-of-bounds write vulnerability. Successful exploitation of this vulnerability may result in malicious command execution at the remote end.
CVE-2021-45830 1 Hdfgroup 1 Hdf5 2022-01-12 4.3 MEDIUM 5.5 MEDIUM
A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via H5F_addr_decode_len in /hdf5/src/H5Fint.c, which could cause a Denial of Service.
CVE-2021-45833 1 Hdfgroup 1 Hdf5 2022-01-12 4.3 MEDIUM 5.5 MEDIUM
A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 via the H5D__create_chunk_file_map_hyper function in /hdf5/src/H5Dchunk.c, which causes a Denial of Service (context-dependent).
CVE-2021-45928 1 Libjxl Project 1 Libjxl 2022-01-12 2.1 LOW 5.5 MEDIUM
libjxl b02d6b9, as used in libvips 8.11 through 8.11.2 and other products, has an out-of-bounds write in jxl::ModularFrameDecoder::DecodeGroup (called from jxl::FrameDecoder::ProcessACGroup and jxl::ThreadPool::RunCallState<jxl::FrameDecoder::ProcessSections).
CVE-2021-45939 1 Wolfssl 1 Wolfmqtt 2022-01-11 4.3 MEDIUM 5.5 MEDIUM
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_WaitType and MqttClient_Subscribe).
CVE-2021-45938 1 Wolfssl 1 Wolfmqtt 2022-01-11 4.3 MEDIUM 5.5 MEDIUM
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_WaitType and MqttClient_Unsubscribe).
CVE-2021-45937 1 Wolfssl 1 Wolfmqtt 2022-01-11 4.3 MEDIUM 5.5 MEDIUM
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_WaitType and MqttClient_Connect).
CVE-2021-45936 1 Wolfssl 1 Wolfmqtt 2022-01-11 4.3 MEDIUM 5.5 MEDIUM
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttDecode_Disconnect (called from MqttClient_DecodePacket and MqttClient_WaitType).
CVE-2021-45934 1 Wolfssl 1 Wolfmqtt 2022-01-11 4.3 MEDIUM 5.5 MEDIUM
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_HandlePacket and MqttClient_WaitType).