Export limit exceeded: 347026 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 347026 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20149 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-26419 | 1 Microsoft | 9 Internet Explorer, Windows 10, Windows 7 and 6 more | 2024-11-21 | 7.5 High |
| Scripting Engine Memory Corruption Vulnerability | ||||
| CVE-2021-26392 | 1 Amd | 252 Amd 3015ce, Amd 3015ce Firmware, Amd 3015e and 249 more | 2024-11-21 | 7.8 High |
| Insufficient verification of missing size check in 'LoadModule' may lead to an out-of-bounds write potentially allowing an attacker with privileges to gain code execution of the OS/kernel by loading a malicious TA. | ||||
| CVE-2021-26386 | 1 Amd | 140 Ryzen 3 2200u, Ryzen 3 2200u Firmware, Ryzen 3 2300u and 137 more | 2024-11-21 | 7.8 High |
| A malicious or compromised UApp or ABL may be used by an attacker to issue a malformed system call to the Stage 2 Bootloader potentially leading to corrupt memory and code execution. | ||||
| CVE-2021-26384 | 1 Amd | 104 Athlon Gold 3150u, Athlon Gold 3150u Firmware, Athlon Silver 3050u and 101 more | 2024-11-21 | 7.8 High |
| A malformed SMI (System Management Interface) command may allow an attacker to establish a corrupted SMI Trigger Info data structure, potentially leading to out-of-bounds memory reads and writes when triggering an SMI resulting in a potential loss of resources. | ||||
| CVE-2021-26330 | 1 Amd | 116 Epyc 7001, Epyc 7001 Firmware, Epyc 7002 and 113 more | 2024-11-21 | 5.5 Medium |
| AMD System Management Unit (SMU) may experience a heap-based overflow which may result in a loss of resources. | ||||
| CVE-2021-26259 | 1 Htmldoc Project | 1 Htmldoc | 2024-11-21 | 7.8 High |
| A flaw was found in htmldoc in v1.9.12. Heap buffer overflow in render_table_row(),in ps-pdf.cxx may lead to arbitrary code execution and denial of service. | ||||
| CVE-2021-26252 | 3 Fedoraproject, Htmldoc Project, Redhat | 3 Fedora, Htmldoc, Enterprise Linux | 2024-11-21 | 7.8 High |
| A flaw was found in htmldoc in v1.9.12. Heap buffer overflow in pspdf_prepare_page(),in ps-pdf.cxx may lead to execute arbitrary code and denial of service. | ||||
| CVE-2021-26237 | 1 Faststone | 1 Image Viewer | 2024-11-21 | 7.8 High |
| FastStone Image Viewer <= 7.5 is affected by a user mode write access violation at 0x00402d7d, triggered when a user opens or views a malformed CUR file that is mishandled by FSViewer.exe. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution. | ||||
| CVE-2021-26236 | 1 Faststone | 1 Image Viewer | 2024-11-21 | 7.8 High |
| FastStone Image Viewer v.<= 7.5 is affected by a Stack-based Buffer Overflow at 0x005BDF49, affecting the CUR file parsing functionality (BITMAPINFOHEADER Structure, 'BitCount' file format field), that will end up corrupting the Structure Exception Handler (SEH). Attackers could exploit this issue to achieve code execution when a user opens or views a malformed/specially crafted CUR file. | ||||
| CVE-2021-26234 | 1 Faststone | 1 Image Viewer | 2024-11-21 | 7.8 High |
| FastStone Image Viewer <= 7.5 is affected by a user mode write access violation at 0x00402d8a, triggered when a user opens or views a malformed CUR file that is mishandled by FSViewer.exe. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution. | ||||
| CVE-2021-26233 | 1 Faststone | 1 Image Viewer | 2024-11-21 | 7.8 High |
| FastStone Image Viewer <= 7.5 is affected by a user mode write access violation near NULL at 0x005bdfcb, triggered when a user opens or views a malformed CUR file that is mishandled by FSViewer.exe. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution. | ||||
| CVE-2021-26222 | 1 Ezxml Project | 1 Ezxml | 2024-11-21 | 8.1 High |
| The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool. | ||||
| CVE-2021-26221 | 1 Ezxml Project | 1 Ezxml | 2024-11-21 | 8.1 High |
| The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool. | ||||
| CVE-2021-26220 | 1 Ezxml Project | 1 Ezxml | 2024-11-21 | 8.1 High |
| The ezxml_toxml function in ezxml 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool. | ||||
| CVE-2021-26195 | 1 Jerryscript | 1 Jerryscript | 2024-11-21 | 8.8 High |
| An issue was discovered in JerryScript 2.4.0. There is a heap-buffer-overflow in lexer_parse_number in js-lexer.c file. | ||||
| CVE-2021-26116 | 1 Fortinet | 1 Fortiauthenticator | 2024-11-21 | 6.7 Medium |
| An improper neutralization of special elements used in an OS command vulnerability in the command line interpreter of FortiAuthenticator before 6.3.1 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands. | ||||
| CVE-2021-26112 | 1 Fortinet | 1 Fortiwan | 2024-11-21 | 8.1 High |
| Multiple stack-based buffer overflow vulnerabilities [CWE-121] both in network daemons and in the command line interpreter of FortiWAN before 4.5.9 may allow an unauthenticated attacker to potentially corrupt control data in memory and execute arbitrary code via specifically crafted requests. | ||||
| CVE-2021-26106 | 1 Fortinet | 3 Fortiap, Fortiap-s, Fortiap-w2 | 2024-11-21 | 7.8 High |
| An improper neutralization of special elements used in an OS Command vulnerability in FortiAP's console 6.4.1 through 6.4.5 and 6.2.4 through 6.2.5 may allow an authenticated attacker to execute unauthorized commands by running the kdbg CLI command with specifically crafted arguments. | ||||
| CVE-2021-26104 | 1 Fortinet | 3 Fortianalyzer, Fortimanager, Fortiportal | 2024-11-21 | 7.8 High |
| Multiple OS command injection (CWE-78) vulnerabilities in the command line interface of FortiManager 6.2.7 and below, 6.4.5 and below and all versions of 6.2.x, 6.0.x and 5.6.x, FortiAnalyzer 6.2.7 and below, 6.4.5 and below and all versions of 6.2.x, 6.0.x and 5.6.x, and FortiPortal 5.2.5 and below, 5.3.5 and below and 6.0.4 and below may allow a local authenticated and unprivileged user to execute arbitrary shell commands as root via specifically crafted CLI command parameters. | ||||
| CVE-2021-26097 | 1 Fortinet | 1 Fortisandbox | 2024-11-21 | 8.8 High |
| An improper neutralization of special elements used in an OS Command vulnerability in FortiSandbox 3.2.0 through 3.2.2, 3.1.0 through 3.1.4, and 3.0.0 through 3.0.6 may allow an authenticated attacker with access to the web GUI to execute unauthorized code or commands via specifically crafted HTTP requests. | ||||