Search Results (12153 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-46048 1 Webassembly 1 Binaryen 2024-11-21 5.5 Medium
A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::readFunctions.
CVE-2021-45981 1 Netscout 1 Ngeniusone 2024-11-21 9.8 Critical
NetScout nGeniusONE 6.3.2 allows an XML External Entity (XXE) attack.
CVE-2021-45891 1 Zauner 1 Arc 2024-11-21 8.8 High
An issue was discovered in Softwarebuero Zauner ARC 4.2.0.4., that allows attackers to escalate privileges within the application, since all permission checks are done client-side, not server-side.
CVE-2021-45885 1 Stormshield 1 Network Security 2024-11-21 7.5 High
An issue was discovered in Stormshield Network Security (SNS) 4.2.2 through 4.2.7 (fixed in 4.2.8). Under a specific update-migration scenario, the first SSH password change does not properly clear the old password.
CVE-2021-45861 1 Tsmuxer Project 1 Tsmuxer 2024-11-21 5.5 Medium
There is an Assertion `num <= INT_BIT' failed at BitStreamReader::skipBits in /bitStream.h:132 of tsMuxer git-c6a0277.
CVE-2021-45852 1 Projectworlds 1 Hospital Management System In Php 2024-11-21 5.3 Medium
An issue was discovered in Projectworlds Hospital Management System v1.0. Unauthorized malicious attackers can add patients without restriction via add_patient.php.
CVE-2021-45832 1 Hdfgroup 1 Hdf5 2024-11-21 5.5 Medium
A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 at at hdf5/src/H5Eint.c, which causes a Denial of Service (context-dependent).
CVE-2021-45708 1 Abomonation Project 1 Abomonation 2024-11-21 7.5 High
An issue was discovered in the abomonation crate through 2021-10-17 for Rust. Because transmute operations are insufficiently constrained, there can be an information leak or ASLR bypass.
CVE-2021-45428 1 Telesquare 2 Tlr-2005ksh, Tlr-2005ksh Firmware 2024-11-21 9.8 Critical
TLR-2005KSH is affected by an incorrect access control vulnerability. THe PUT method is enabled so an attacker can upload arbitrary files including HTML and CGI formats.
CVE-2021-45408 1 Seeddms 1 Seeddms 2024-11-21 6.1 Medium
Open Redirect vulnerability exists in SeedDMS 6.0.15 in out.Login.php, which llows remote malicious users to redirect users to malicious sites using the "referuri" parameter.
CVE-2021-45402 1 Linux 1 Linux Kernel 2024-11-21 5.5 Medium
The check_alu_op() function in kernel/bpf/verifier.c in the Linux kernel through v5.16-rc5 did not properly update bounds while handling the mov32 instruction, which allows local users to obtain potentially sensitive address information, aka a "pointer leak."
CVE-2021-45387 1 Broadcom 1 Tcpreplay 2024-11-21 5.5 Medium
tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv4() at tree.c.
CVE-2021-45386 1 Broadcom 1 Tcpreplay 2024-11-21 5.5 Medium
tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv6() at tree.c
CVE-2021-45328 1 Gitea 1 Gitea 2024-11-21 6.1 Medium
Gitea before 1.4.3 is affected by URL Redirection to Untrusted Site ('Open Redirect') via internal URLs.
CVE-2021-45290 2 Fedoraproject, Webassembly 2 Fedora, Binaryen 2024-11-21 7.5 High
A Denial of Service vulnerability exits in Binaryen 103 due to an assertion abort in wasm::handle_unreachable.
CVE-2021-45096 1 Knime 1 Knime Analytics Platform 2024-11-21 4.7 Medium
KNIME Analytics Platform before 4.5.0 is vulnerable to XXE (external XML entity injection) via a crafted workflow file (.knwf), aka AP-17730.
CVE-2021-45024 1 Rocketsoftware 1 Ags-zena 2024-11-21 9.8 Critical
ASG technologies ( A Rocket Software Company) ASG-Zena Cross Platform Server Enterprise Edition 4.2.1 is vulnerable to XML External Entity (XXE).
CVE-2021-44994 1 Jerryscript 1 Jerryscript 2024-11-21 5.5 Medium
There is an Assertion ''JERRY_CONTEXT (jmem_heap_allocated_size) == 0'' failed at /jerry-core/jmem/jmem-heap.c in Jerryscript 3.0.0.
CVE-2021-44993 1 Jerryscript 1 Jerryscript 2024-11-21 5.5 Medium
There is an Assertion ''ecma_is_value_boolean (base_value)'' failed at /jerry-core/ecma/operations/ecma-get-put-value.c in Jerryscript 3.0.0.
CVE-2021-44971 1 Tenda 4 Ac15, Ac15 Firmware, Ac5 and 1 more 2024-11-21 9.8 Critical
Multiple Tenda devices are affected by authentication bypass, such as AC15V1.0 Firmware V15.03.05.20_multi?AC5V1.0 Firmware V15.03.06.48_multi and so on. an attacker can obtain sensitive information, and even combine it with authenticated command injection to implement RCE.