Export limit exceeded: 43617 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (43617 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-25475 | 2 Google, Samsung | 4 Android, Exynos 2100, Exynos 980 and 1 more | 2024-11-21 | 3.9 Low |
| A possible heap-based buffer overflow vulnerability in DSP kernel driver prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution. | ||||
| CVE-2021-25469 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 6 Medium |
| A possible stack-based buffer overflow vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows arbitrary code execution. | ||||
| CVE-2021-25467 | 2 Google, Samsung | 4 Android, Exynos 2100, Exynos 980 and 1 more | 2024-11-21 | 5.3 Medium |
| Assuming system privilege is gained, possible buffer overflow vulnerabilities in the Vision DSP kernel driver prior to SMR Oct-2021 Release 1 allows privilege escalation to Root by hijacking loaded library. | ||||
| CVE-2021-25461 | 1 Google | 1 Android | 2024-11-21 | 4 Medium |
| An improper length check in APAService prior to SMR Sep-2021 Release 1 results in stack based Buffer Overflow. | ||||
| CVE-2021-25456 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| OOB read vulnerability in libswmfextractor.so library prior to SMR Sep-2021 Release 1 allows attackers to execute memcpy at arbitrary address via forged wmf file. | ||||
| CVE-2021-25455 | 1 Google | 1 Android | 2024-11-21 | 3.3 Low |
| OOB read vulnerability in libsaviextractor.so library prior to SMR Sep-2021 Release 1 allows attackers to access arbitrary address through pointer via forged avi file. | ||||
| CVE-2021-25454 | 1 Google | 1 Android | 2024-11-21 | 3.1 Low |
| OOB read vulnerability in libsaacextractor.so library prior to SMR Sep-2021 Release 1 allows attackers to execute remote DoS via forged aac file. | ||||
| CVE-2021-25449 | 1 Google | 1 Android | 2024-11-21 | 6.5 Medium |
| An improper input validation vulnerability in libsapeextractor library prior to SMR Sep-2021 Release 1 allows attackers to execute arbitrary code in mediaextractor process. | ||||
| CVE-2021-25408 | 2 Google, Samsung | 5 Android, Exynos 2100, Exynos 980 and 2 more | 2024-11-21 | 7.8 High |
| A possible buffer overflow vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write and code execution. | ||||
| CVE-2021-25387 | 1 Google | 1 Android | 2024-11-21 | 9 Critical |
| An improper input validation vulnerability in sflacfd_get_frm() in libsflacextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process. | ||||
| CVE-2021-25386 | 1 Google | 1 Android | 2024-11-21 | 9 Critical |
| An improper input validation vulnerability in sdfffd_parse_chunk_FVER() in libsdffextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process. | ||||
| CVE-2021-25385 | 1 Google | 1 Android | 2024-11-21 | 9 Critical |
| An improper input validation vulnerability in sdfffd_parse_chunk_PROP() in libsdffextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process. | ||||
| CVE-2021-25384 | 1 Google | 1 Android | 2024-11-21 | 9 Critical |
| An improper input validation vulnerability in sdfffd_parse_chunk_PROP() with Sample Rate Chunk in libsdffextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process. | ||||
| CVE-2021-25383 | 1 Google | 1 Android | 2024-11-21 | 9 Critical |
| An improper input validation vulnerability in scmn_mfal_read() in libsapeextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process. | ||||
| CVE-2021-25360 | 1 Google | 1 Android | 2024-11-21 | 9 Critical |
| An improper input validation vulnerability in libswmfextractor library prior to SMR APR-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process. | ||||
| CVE-2021-25328 | 1 Skyworthdigital | 2 Rn510, Rn510 Firmware | 2024-11-21 | 8.8 High |
| Skyworth Digital Technology RN510 V.3.1.0.4 RN510 V.3.1.0.4 contains a buffer overflow vulnerability in /cgi-bin/app-staticIP.asp. An authenticated attacker can send a specially crafted request to endpoint which can lead to a denial of service (DoS) or possible code execution on the device. | ||||
| CVE-2021-25310 | 1 Belkin | 3 Linksys Wrt160nl, Linksys Wrt160nl Firmware, Linksys Wrt 160nl | 2024-11-21 | 8.8 High |
| The administration web interface on Belkin Linksys WRT160NL 1.0.04.002_US_20130619 devices allows remote authenticated attackers to execute system commands with root privileges via shell metacharacters in the ui_language POST parameter to the apply.cgi form endpoint. This occurs in do_upgrade_post in mini_httpd. NOTE: This vulnerability only affects products that are no longer supported by the maintaine | ||||
| CVE-2021-25306 | 1 Gigaset | 2 Dx600a, Dx600a Firmware | 2024-11-21 | 7.5 High |
| A buffer overflow vulnerability in the AT command interface of Gigaset DX600A v41.00-175 devices allows remote attackers to force a device reboot by sending relatively long AT commands. | ||||
| CVE-2021-25293 | 2 Python, Redhat | 3 Pillow, Enterprise Linux, Quay | 2024-11-21 | 7.5 High |
| An issue was discovered in Pillow before 8.1.1. There is an out-of-bounds read in SGIRleDecode.c. | ||||
| CVE-2021-25292 | 2 Python, Redhat | 3 Pillow, Enterprise Linux, Quay | 2024-11-21 | 6.5 Medium |
| An issue was discovered in Pillow before 8.1.1. The PDF parser allows a regular expression DoS (ReDoS) attack via a crafted PDF file because of a catastrophic backtracking regex. | ||||