Export limit exceeded: 81403 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (81403 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-46102 | 1 Solanalabs | 1 Rbpf | 2024-11-21 | 7.5 High |
| From version 0.2.14 to 0.2.16 for Solana rBPF, function "relocate" in the file src/elf.rs has an integer overflow bug because the sym.st_value is read directly from ELF file without checking. If the sym.st_value is rather large, an integer overflow is triggered while calculating the variable "addr" via "addr = (sym.st_value + refd_pa) as u64"; | ||||
| CVE-2021-46101 | 1 Gitforwindows | 1 Git | 2024-11-21 | 7.5 High |
| In Git for windows through 2.34.1 when using git pull to update the local warehouse, git.cmd can be run directly. | ||||
| CVE-2021-46097 | 1 Dolphinphp | 1 Dolphinphp | 2024-11-21 | 8.8 High |
| Dolphinphp v1.5.0 contains a remote code execution vulnerability in /application/common.php#action_log | ||||
| CVE-2021-46088 | 1 Zabbix | 1 Zabbix | 2024-11-21 | 7.2 High |
| Zabbix 4.0 LTS, 4.2, 4.4, and 5.0 LTS is vulnerable to Remote Code Execution (RCE). Any user with the "Zabbix Admin" role is able to run custom shell script on the application server in the context of the application user. | ||||
| CVE-2021-46086 | 1 Mindskip | 1 Xzs-mysql | 2024-11-21 | 7.5 High |
| xzs-mysql >= t3.4.0 is vulnerable to Insecure Permissions. The front end of this open source system is an online examination system. There is an unsafe vulnerability in the functional method of submitting examination papers. An attacker can use burpuite to modify parameters in the packet to destroy real data. | ||||
| CVE-2021-46082 | 1 Moxa | 12 Mgate 5101-pbm-mn, Mgate 5101-pbm-mn-t, Mgate 5101-pbm-mn-t Firmware and 9 more | 2024-11-21 | 7.5 High |
| Moxa TN-5900 v3.1 series routers, MGate 5109 v2.2 series protocol gateways, and MGate 5101-PBM-MN v2.1 series protocol gateways were discovered to contain a memory leak which allows attackers to cause a Denial of Service (DoS) via crafted packets. | ||||
| CVE-2021-46079 | 1 Vehicle Service Management System Project | 1 Vehicle Service Management System | 2024-11-21 | 7.2 High |
| An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to Html Injection. | ||||
| CVE-2021-46076 | 1 Vehicle Service Management System Project | 1 Vehicle Service Management System | 2024-11-21 | 8.8 High |
| Sourcecodester Vehicle Service Management System 1.0 is vulnerable to File upload. An attacker can upload a malicious php file in multiple endpoints it leading to Code Execution. | ||||
| CVE-2021-46075 | 1 Vehicle Service Management System Project | 1 Vehicle Service Management System | 2024-11-21 | 7.2 High |
| A Privilege Escalation vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. Staff account users can access the admin resources and perform CRUD Operations. | ||||
| CVE-2021-46064 | 1 Irfanview | 1 Irfanview | 2024-11-21 | 7.8 High |
| IrfanView 4.59 is vulnerable to buffer overflow via the function at address 0x413c70 (in 32bit version of the binary). The vulnerability triggers when the user opens malicious .tiff image. | ||||
| CVE-2021-46062 | 1 Mingsoft | 1 Mcms | 2024-11-21 | 7.1 High |
| MCMS v5.2.5 was discovered to contain an arbitrary file deletion vulnerability via the component oldFileName. | ||||
| CVE-2021-46037 | 1 Mingsoft | 1 Mcms | 2024-11-21 | 8.1 High |
| MCMS v5.2.4 was discovered to contain an arbitrary file deletion vulnerability via the component /template/unzip.do. | ||||
| CVE-2021-46020 | 1 Mruby | 1 Mruby | 2024-11-21 | 7.5 High |
| An untrusted pointer dereference in mrb_vm_exec() of mruby v3.0.0 can lead to a segmentation fault or application crash. | ||||
| CVE-2021-46010 | 1 Totolink | 2 A3100r, A3100r Firmware | 2024-11-21 | 8.8 High |
| Totolink A3100R V5.9c.4577 suffers from Use of Insufficiently Random Values via the web configuration. The SESSION_ID is predictable. An attacker can hijack a valid session and conduct further malicious operations. | ||||
| CVE-2021-46008 | 1 Totolink | 2 A3100r, A3100r Firmware | 2024-11-21 | 8.8 High |
| In totolink a3100r V5.9c.4577, the hard-coded telnet password can be discovered from official released firmware. An attacker, who has connected to the Wi-Fi, can easily telnet into the target with root shell if the telnet is function turned on. | ||||
| CVE-2021-45997 | 1 Tendacn | 4 G1, G1 Firmware, G3 and 1 more | 2024-11-21 | 7.5 High |
| Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetPortMapping. This vulnerability allows attackers to cause a Denial of Service (DoS) via the portMappingServer, portMappingProtocol, portMappingWan, porMappingtInternal, and portMappingExternal parameters. | ||||
| CVE-2021-45996 | 1 Tendacn | 4 G1, G1 Firmware, G3 and 1 more | 2024-11-21 | 7.5 High |
| Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetPortMapping. This vulnerability allows attackers to cause a Denial of Service (DoS) via the portMappingServer, portMappingProtocol, portMappingWan, porMappingtInternal, and portMappingExternal parameters. | ||||
| CVE-2021-45995 | 1 Tendacn | 4 G1, G1 Firmware, G3 and 1 more | 2024-11-21 | 7.5 High |
| Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetStaticRoute. This vulnerability allows attackers to cause a Denial of Service (DoS) via the staticRouteNet, staticRouteMask, and staticRouteGateway parameters. | ||||
| CVE-2021-45994 | 1 Tendacn | 4 G1, G1 Firmware, G3 and 1 more | 2024-11-21 | 7.5 High |
| Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formDelDhcpRule. This vulnerability allows attackers to cause a Denial of Service (DoS) via the delDhcpIndex parameter. | ||||
| CVE-2021-45993 | 1 Tendacn | 4 G1, G1 Firmware, G3 and 1 more | 2024-11-21 | 7.5 High |
| Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formIPMacBindModify. This vulnerability allows attackers to cause a Denial of Service (DoS) via the IPMacBindRuleIP and IPMacBindRuleMac parameters. | ||||