Total
10481 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-22414 | 1 Huawei | 2 Emui, Magic Ui | 2021-12-09 | 5.0 MEDIUM | 7.5 HIGH |
| There is a Memory Buffer Errors Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset. | |||||
| CVE-2021-22427 | 1 Huawei | 2 Emui, Magic Ui | 2021-12-09 | 6.8 MEDIUM | 8.1 HIGH |
| There is a Heap-based Buffer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to authentication bypass. | |||||
| CVE-2021-37011 | 1 Huawei | 1 Harmonyos | 2021-12-09 | 9.4 HIGH | 9.1 CRITICAL |
| There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read. | |||||
| CVE-2021-27034 | 1 Autodesk | 1 Design Review | 2021-12-08 | 6.8 MEDIUM | 7.8 HIGH |
| A heap-based buffer overflow could occur while parsing PICT, PCX, RCL or TIFF files in Autodesk Design Review 2018, 2017, 2013, 2012, 2011. This vulnerability can be exploited to execute arbitrary code. | |||||
| CVE-2021-24041 | 1 Whatsapp | 2 Whatsapp, Whatsapp Business | 2021-12-08 | 7.5 HIGH | 9.8 CRITICAL |
| A missing bounds check in image blurring code prior to WhatsApp for Android v2.21.22.7 and WhatsApp Business for Android v2.21.22.7 could have allowed an out-of-bounds write if a user sent a malicious image. | |||||
| CVE-2021-44048 | 1 Opendesign | 1 Drawings Explorer | 2021-12-07 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds write vulnerability exists when reading a TIF file using Open Design Alliance (ODA) Drawings Explorer before 2022.11. The specific issue exists after loading TIF files. Crafted data in a TIF file can trigger a write operation past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2021-44046 | 1 Opendesign | 1 Prc Sdk | 2021-12-07 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds write vulnerability exists when reading U3D files in Open Design Alliance PRC SDK before 2022.11. An unchecked return value of a function (verifying input data from a U3D file) leads to an out-of-bounds write. An attacker can leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2021-44045 | 1 Opendesign | 1 Drawings Sdk | 2021-12-07 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds write vulnerability exists when reading a DGN file using Open Design Alliance Drawings SDK before 2022.11. The specific issue exists within the parsing of DGN files. Crafted data in a DGN file and lack of proper validation for the XFAT sectors count can trigger a write operation past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2021-44044 | 1 Opendesign | 1 Drawings Sdk | 2021-12-07 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds write vulnerability exists when reading a JPG file using Open Design Alliance Drawings SDK before 2022.11. The specific issue exists with parsing JPG files. Crafted data in a JPG (4 extraneous bytes before the marker 0xca) can trigger a write operation past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2021-35344 | 1 Tsmuxer Project | 1 Tsmuxer | 2021-12-06 | 7.5 HIGH | 9.8 CRITICAL |
| tsMuxer v2.6.16 was discovered to contain a heap-based buffer overflow via the function BitStreamReader::getCurVal in bitStream.h. | |||||
| CVE-2021-35346 | 1 Tsmuxer Project | 1 Tsmuxer | 2021-12-06 | 7.5 HIGH | 9.8 CRITICAL |
| tsMuxer v2.6.16 was discovered to contain a heap-based buffer overflow via the function HevcSpsUnit::short_term_ref_pic_set(int) in hevc.cpp. | |||||
| CVE-2021-28237 | 1 Gnu | 1 Libredwg | 2021-12-06 | 7.5 HIGH | 9.8 CRITICAL |
| LibreDWG v0.12.3 was discovered to contain a heap-buffer overflow via decode_preR13. | |||||
| CVE-2020-0110 | 2 Google, Intel | 279 Android, Core I3-1000g1, Core I3-1000g1 Firmware and 276 more | 2021-12-06 | 4.6 MEDIUM | 7.8 HIGH |
| In psi_write of psi.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-148159562References: Upstream kernel | |||||
| CVE-2020-6361 | 1 Sap | 1 3d Visual Enterprise Viewer | 2021-12-06 | 4.3 MEDIUM | 4.3 MEDIUM |
| SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated RLE files received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. | |||||
| CVE-2020-6360 | 1 Sap | 1 3d Visual Enterprise Viewer | 2021-12-06 | 4.3 MEDIUM | 4.3 MEDIUM |
| SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated DIB file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. | |||||
| CVE-2020-6359 | 1 Sap | 1 3d Visual Enterprise Viewer | 2021-12-06 | 4.3 MEDIUM | 4.3 MEDIUM |
| SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PLT file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. | |||||
| CVE-2020-6358 | 1 Sap | 1 3d Visual Enterprise Viewer | 2021-12-06 | 4.3 MEDIUM | 4.3 MEDIUM |
| SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated FBX file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. | |||||
| CVE-2020-6357 | 1 Sap | 1 3d Visual Enterprise Viewer | 2021-12-06 | 4.3 MEDIUM | 4.3 MEDIUM |
| SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated U3D file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. | |||||
| CVE-2020-6356 | 1 Sap | 1 3d Visual Enterprise Viewer | 2021-12-04 | 4.3 MEDIUM | 4.3 MEDIUM |
| SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated BMP file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. | |||||
| CVE-2020-6355 | 1 Sap | 1 3d Visual Enterprise Viewer | 2021-12-04 | 4.3 MEDIUM | 4.3 MEDIUM |
| SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated TGA file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. | |||||