Export limit exceeded: 20161 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20161 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-33388 | 1 Dpic Project | 1 Dpic | 2024-11-21 | 9.8 Critical |
| dpic 2021.04.10 has a Heap Buffer Overflow in themakevar() function in dpic.y | ||||
| CVE-2021-33362 | 1 Gpac | 1 Gpac | 2024-11-21 | 7.8 High |
| Stack buffer overflow in the hevc_parse_vps_extension function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file. | ||||
| CVE-2021-33358 | 1 Raspap | 1 Raspap | 2024-11-21 | 8.8 High |
| Multiple vulnerabilities exist in RaspAP 2.3 to 2.6.5 in the "interface", "ssid" and "wpa_passphrase" POST parameters in /hostapd, when the parameter values contain special characters such as ";" or "$()" which enables an authenticated attacker to execute arbitrary OS commands. | ||||
| CVE-2021-33357 | 1 Raspap | 1 Raspap | 2024-11-21 | 9.8 Critical |
| A vulnerability exists in RaspAP 2.6 to 2.6.5 in the "iface" GET parameter in /ajax/networking/get_netcfg.php, when the "iface" parameter value contains special characters such as ";" which enables an unauthenticated attacker to execute arbitrary OS commands. | ||||
| CVE-2021-33289 | 4 Debian, Fedoraproject, Redhat and 1 more | 5 Debian Linux, Fedora, Advanced Virtualization and 2 more | 2024-11-21 | 7.8 High |
| In NTFS-3G versions < 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution. | ||||
| CVE-2021-33286 | 3 Debian, Redhat, Tuxera | 4 Debian Linux, Advanced Virtualization, Enterprise Linux and 1 more | 2024-11-21 | 7.8 High |
| In NTFS-3G versions < 2021.8.22, when a specially crafted unicode string is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution. | ||||
| CVE-2021-33274 | 1 Dlink | 2 Dir-809, Dir-809 Firmware | 2024-11-21 | 9.8 Critical |
| D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_20190410 were discovered to contain a stack buffer overflow vulnerability in the function FUN_80040af8 in /formWlanSetup. This vulnerability is triggered via a crafted POST request. | ||||
| CVE-2021-33271 | 1 Dlink | 2 Dir-809, Dir-809 Firmware | 2024-11-21 | 9.8 Critical |
| D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_20190410 were discovered to contain a stack buffer overflow vulnerability in the function sub_80046EB4 in /formSetPortTr. This vulnerability is triggered via a crafted POST request. | ||||
| CVE-2021-33270 | 1 Dlink | 2 Dir-809, Dir-809 Firmware | 2024-11-21 | 9.8 Critical |
| D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_20190410 were discovered to contain a stack buffer overflow vulnerability in the function FUN_800462c4 in /formAdvFirewall. This vulnerability is triggered via a crafted POST request. | ||||
| CVE-2021-33269 | 1 Dlink | 2 Dir-809, Dir-809 Firmware | 2024-11-21 | 9.8 Critical |
| D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_20190410 were discovered to contain a stack buffer overflow vulnerability in the function FUN_8004776c in /formVirtualServ. This vulnerability is triggered via a crafted POST request. | ||||
| CVE-2021-33268 | 1 Dlink | 2 Dir-809, Dir-809 Firmware | 2024-11-21 | 9.8 Critical |
| D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_20190410 were discovered to contain a stack buffer overflow vulnerability in the function sub_8003183C in /fromLogin. This vulnerability is triggered via a crafted POST request. | ||||
| CVE-2021-33267 | 1 Dlink | 2 Dir-809, Dir-809 Firmware | 2024-11-21 | 9.8 Critical |
| D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_20190410 were discovered to contain a stack buffer overflow vulnerability in the function FUN_80034d60 in /formStaticDHCP. This vulnerability is triggered via a crafted POST request. | ||||
| CVE-2021-33266 | 1 Dlink | 2 Dir-809, Dir-809 Firmware | 2024-11-21 | 9.8 Critical |
| D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_20190410 were discovered to contain a stack buffer overflow vulnerability in the function FUN_8004776c in /formVirtualApp. This vulnerability is triggered via a crafted POST request. | ||||
| CVE-2021-33265 | 1 Dlink | 2 Dir-809, Dir-809 Firmware | 2024-11-21 | 9.8 Critical |
| D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_20190410 were discovered to contain a stack buffer overflow vulnerability in the function FUN_80046eb4 in /formSetPortTr. This vulnerability is triggered via a crafted POST request. | ||||
| CVE-2021-33217 | 1 Commscope | 1 Ruckus Iot Controller | 2024-11-21 | 8.8 High |
| An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. The Web Application allows Arbitrary Read/Write actions by authenticated users. The API allows an HTTP POST of arbitrary content into any file on the filesystem as root. | ||||
| CVE-2021-33200 | 4 Fedoraproject, Linux, Netapp and 1 more | 20 Fedora, Linux Kernel, Cloud Backup and 17 more | 2024-11-21 | 7.8 High |
| kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations, aka CID-bb01a1bba579. This can be abused to perform out-of-bounds reads and writes in kernel memory, leading to local privilege escalation to root. In particular, there is a corner case where the off reg causes a masking direction change, which then results in an incorrect final aux->alu_limit. | ||||
| CVE-2021-33191 | 1 Apache | 1 Nifi Minifi C\+\+ | 2024-11-21 | 9.8 Critical |
| From Apache NiFi MiNiFi C++ version 0.5.0 the c2 protocol implements an "agent-update" command which was designed to patch the application binary. This "patching" command defaults to calling a trusted binary, but might be modified to an arbitrary value through a "c2-update" command. Said command is then executed using the same privileges as the application binary. This was addressed in version 0.10.0 | ||||
| CVE-2021-33186 | 1 Serenityos | 1 Serenityos | 2024-11-21 | 7.5 High |
| SerenityOS in test-crypto.cpp contains a stack buffer overflow which could allow attackers to obtain sensitive information. | ||||
| CVE-2021-33086 | 1 Intel | 206 Nuc 10 Performance Kit Nuc10i3fnh, Nuc 10 Performance Kit Nuc10i3fnh Firmware, Nuc 10 Performance Kit Nuc10i3fnhf and 203 more | 2024-11-21 | 5.5 Medium |
| Out-of-bounds write in firmware for some Intel(R) NUCs may allow an authenticated user to potentially enable denial of service via local access. | ||||
| CVE-2021-33055 | 2 Microsoft, Zohocorp | 2 Windows, Manageengine Adselfservice Plus | 2024-11-21 | 9.8 Critical |
| Zoho ManageEngine ADSelfService Plus through 6102 allows unauthenticated remote code execution in non-English editions. | ||||