Export limit exceeded: 344151 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (5439 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-31535 | 3 Fedoraproject, Redhat, X.org | 5 Fedora, Ansible Automation Platform, Enterprise Linux and 2 more | 2024-11-21 | 9.8 Critical |
| LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11 XLookupColor request (intended for server-side color lookup) contains a flaw allowing a client to send color-name requests with a name longer than the maximum size allowed by the protocol (and also longer than the maximum packet size for normal-sized packets). The user-controlled data exceeding the maximum size is then interpreted by the server as additional X protocol requests and executed, e.g., to disable X server authorization completely. For example, if the victim encounters malicious terminal control sequences for color codes, then the attacker may be able to take full control of the running graphical session. | ||||
| CVE-2021-31525 | 3 Fedoraproject, Golang, Redhat | 11 Fedora, Go, Advanced Cluster Security and 8 more | 2024-11-21 | 5.9 Medium |
| net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service (panic) via a large header to ReadRequest or ReadResponse. Server, Transport, and Client can each be affected in some configurations. | ||||
| CVE-2021-31292 | 4 Debian, Exiv2, Fedoraproject and 1 more | 4 Debian Linux, Exiv2, Fedora and 1 more | 2024-11-21 | 7.5 High |
| An integer overflow in CrwMap::encode0x1810 of Exiv2 0.27.3 allows attackers to trigger a heap-based buffer overflow and cause a denial of service (DOS) via crafted metadata. | ||||
| CVE-2021-31215 | 3 Debian, Fedoraproject, Schedmd | 3 Debian Linux, Fedora, Slurm | 2024-11-21 | 8.8 High |
| SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.7 allows remote code execution as SlurmUser because use of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling. | ||||
| CVE-2021-31204 | 3 Fedoraproject, Microsoft, Redhat | 6 Fedora, .net, .net Core and 3 more | 2024-11-21 | 7.3 High |
| .NET and Visual Studio Elevation of Privilege Vulnerability | ||||
| CVE-2021-31162 | 3 Fedoraproject, Redhat, Rust-lang | 4 Fedora, Devtools, Enterprise Linux and 1 more | 2024-11-21 | 9.8 Critical |
| In the standard library in Rust before 1.52.0, a double free can occur in the Vec::from_iter function if freeing the element panics. | ||||
| CVE-2021-30984 | 4 Apple, Debian, Fedoraproject and 1 more | 10 Ipados, Iphone Os, Macos and 7 more | 2024-11-21 | 7.5 High |
| A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2021-30954 | 4 Apple, Debian, Fedoraproject and 1 more | 10 Ipados, Iphone Os, Macos and 7 more | 2024-11-21 | 7.8 High |
| A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2021-30953 | 4 Apple, Debian, Fedoraproject and 1 more | 10 Ipados, Iphone Os, Macos and 7 more | 2024-11-21 | 8.8 High |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2021-30951 | 4 Apple, Debian, Fedoraproject and 1 more | 10 Ipados, Iphone Os, Macos and 7 more | 2024-11-21 | 8.8 High |
| A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2021-30936 | 4 Apple, Debian, Fedoraproject and 1 more | 10 Ipados, Iphone Os, Macos and 7 more | 2024-11-21 | 8.8 High |
| A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2021-30934 | 4 Apple, Debian, Fedoraproject and 1 more | 10 Ipados, Iphone Os, Macos and 7 more | 2024-11-21 | 8.8 High |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2021-30890 | 4 Apple, Debian, Fedoraproject and 1 more | 9 Ipados, Iphone Os, Macos and 6 more | 2024-11-21 | 6.1 Medium |
| A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to universal cross site scripting. | ||||
| CVE-2021-30887 | 4 Apple, Debian, Fedoraproject and 1 more | 9 Ipados, Iphone Os, Macos and 6 more | 2024-11-21 | 6.5 Medium |
| A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policy. | ||||
| CVE-2021-30851 | 4 Apple, Debian, Fedoraproject and 1 more | 10 Ipados, Iphone Os, Macos and 7 more | 2024-11-21 | 8.8 High |
| A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution. | ||||
| CVE-2021-30846 | 4 Apple, Debian, Fedoraproject and 1 more | 10 Ipados, Iphone Os, Macos and 7 more | 2024-11-21 | 7.8 High |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2021-30641 | 5 Apache, Debian, Fedoraproject and 2 more | 8 Http Server, Debian Linux, Fedora and 5 more | 2024-11-21 | 5.3 Medium |
| Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF' | ||||
| CVE-2021-30630 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | 4.3 Medium |
| Inappropriate implementation in Blink in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. | ||||
| CVE-2021-30629 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | 8.8 High |
| Use after free in Permissions in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2021-30628 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | 8.8 High |
| Stack buffer overflow in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. | ||||