All CVEs — 2022 (Page 183/183)

Browse all CVEs by publication year. Use filters to refine.

CVSS ≥ 0.0

2022-01-03

High

CVE-2021-37125

Arbitrary file has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability .Successful exploitation of this vulnerability may cause confidentiality is affected.

CVSS: 7.5 CWE: CWE-200

Critical

CVE-2021-37120

There is a Double free vulnerability in Smartphone.Successful exploitation of this vulnerability may cause a kernel crash or privilege escalation.

CVSS: 9.8 CWE: CWE-415

Medium

CVE-2021-37118

The HwNearbyMain module has a Improper Handling of Exceptional Conditions vulnerability.Successful exploitation of this vulnerability may lead to message leak.

CVSS: 5.3 CWE: CWE-755

Critical

CVE-2021-37116

PCManager has a Weaknesses Introduced During Design vulnerability .Successful exploitation of this vulnerability may cause that the PIN of the subscriber is changed.

CVSS: 9.1 CWE: CWE-20

Medium

CVE-2021-37114

There is an Out-of-bounds read vulnerability in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.

CVSS: 5.3 CWE: CWE-125

Medium

CVE-2021-37112

Hisuite module has a External Control of System or Configuration Setting vulnerability.Successful exploitation of this vulnerability may lead to Firmware leak.

CVSS: 5.3 CWE: CWE-668

High

CVE-2021-37111

There is a Memory leakage vulnerability in Smartphone.Successful exploitation of this vulnerability may cause memory exhaustion.

CVSS: 7.5 CWE: CWE-770

Medium

CVE-2021-20148

ManageEngine ADSelfService Plus below build 6116 stores the password policy file for each domain under the html/ web root with a predictable filename based on the domain name. When ADSSP is configure…

CVSS: 4.3 CWE: CWE-552

Medium

CVE-2021-20147

ManageEngine ADSelfService Plus below build 6116 contains an observable response discrepancy in the UMCP operation of the ChangePasswordAPI. This allows an unauthenticated remote attacker to determin…

CVSS: 5.3 CWE: CWE-203

High

CVE-2020-23026

A NULL pointer dereference in the main() function dhry_1.c of dhrystone 2.1 causes a denial of service (DoS).

CVSS: 7.5 CWE: CWE-476

Medium

CVE-2021-46109

Invalid input sanitizing leads to reflected Cross Site Scripting (XSS) in ASUS RT-AC52U_B1 3.0.0.4.380.10931 can lead to a user session hijack.

CVSS: 6.1 CWE: CWE-79

Medium

CVE-2021-3837

openwhyd is vulnerable to Improper Authorization

CVSS: 6.1 CWE: CWE-285

Critical

CVE-2021-45428

TLR-2005KSH is affected by an incorrect access control vulnerability. THe PUT method is enabled so an attacker can upload arbitrary files including HTML and CGI formats.

CVSS: 9.8 CWE: CWE-639

Medium

CVE-2021-44674

An information exposure issue has been discovered in Opmantek Open-AudIT 4.2.0. The vulnerability allows an authenticated attacker to read file outside of the restricted directory.

CVSS: 6.5 CWE: CWE-22

Medium

CVE-2021-25040

The Booking Calendar WordPress plugin before 8.9.2 does not sanitise and escape the booking_type parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting

CVSS: 6.1 CWE: CWE-79

High

CVE-2021-25030

The Events Made Easy WordPress plugin before 2.2.36 does not sanitise and escape the search_text parameter before using it in a SQL statement via the eme_searchmail AJAX action, available to any auth…

CVSS: 8.8 CWE: CWE-89

Medium

CVE-2021-25027

The PowerPack Addons for Elementor WordPress plugin before 2.6.2 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site…

CVSS: 6.1 CWE: CWE-79

High

CVE-2021-25023

The Speed Booster Pack ⚡ PageSpeed Optimization Suite WordPress plugin before 4.3.3.1 does not escape the sbp_convert_table_name parameter before using it in a SQL statement to convert the related ta…

CVSS: 7.2 CWE: CWE-89

Medium

CVE-2021-25022

The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.16.66 does not sanitise and escape the backup_timestamp and job_id parameter before outputting then back in admin pages, leading to R…

CVSS: 6.1 CWE: CWE-79

Medium

CVE-2021-25021

The OMGF | Host Google Fonts Locally WordPress plugin before 4.5.12 does not validate the cache directory setting, allowing high privilege users to use a path traversal vector and delete arbitrary fo…

CVSS: 4.9 CWE: CWE-22

Medium

CVE-2021-25020

The CAOS | Host Google Analytics Locally WordPress plugin before 4.1.9 does not validate the cache directory setting, allowing high privilege users to use a path traversal vector and delete arbitrary…

CVSS: 4.9 CWE: CWE-22

Medium

CVE-2021-25016

The Chaty WordPress plugin before 2.8.3 and Chaty Pro WordPress plugin before 2.8.2 do not sanitise and escape the search parameter before outputting it back in the admin dashboard, leading to a Refl…

CVSS: 6.1 CWE: CWE-79

Medium

CVE-2021-25001

The Booster for WooCommerce WordPress plugin before 5.4.9 does not sanitise and escape the wcj_create_products_xml_result parameter before outputting back in the admin dashboard when the Product XML…

CVSS: 6.1 CWE: CWE-79

Medium

CVE-2021-25000

The Booster for WooCommerce WordPress plugin before 5.4.9 does not sanitise and escape the wcj_delete_role parameter before outputting back in the admin dashboard when the General module is enabled,…

CVSS: 6.1 CWE: CWE-79

Medium

CVE-2021-24999

The Booster for WooCommerce WordPress plugin before 5.4.9 does not sanitise and escape the wcj_notice parameter before outputting it back in the admin dashboard when the Pdf Invoicing module is enabl…

CVSS: 6.1 CWE: CWE-79

Medium

CVE-2021-24991

The WooCommerce PDF Invoices & Packing Slips WordPress plugin before 2.10.5 does not escape the tab and section parameters before outputting it back in an attribute, leading to a Reflected Cross-Site…

CVSS: 4.8 CWE: CWE-79

Medium

CVE-2021-24973

The Site Reviews WordPress plugin before 5.17.3 does not sanitise and escape the site-reviews parameter of the glsr_action AJAX action (available to unauthenticated and any authenticated users), allo…

CVSS: 6.1 CWE: CWE-79

Medium

CVE-2021-24964

The LiteSpeed Cache WordPress plugin before 4.4.4 does not properly verify that requests are coming from QUIC.cloud servers, allowing attackers to make requests to certain endpoints by using a specif…

CVSS: 6.1 CWE: CWE-79

Medium

CVE-2021-24963

The LiteSpeed Cache WordPress plugin before 4.4.4 does not escape the qc_res parameter before outputting it back in the JS code of an admin page, leading to a Reflected Cross-Site Scripting

CVSS: 4.8 CWE: CWE-79

High

CVE-2021-24893

The Stars Rating WordPress plugin before 3.5.1 does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service in the comments section, or pending comment das…

CVSS: 7.5 CWE: CWE-400

High

CVE-2021-24831

All AJAX actions of the Tab WordPress plugin before 1.3.2 are available to both unauthenticated and authenticated users, allowing unauthenticated attackers to modify various data in the plugin, such…

CVSS: 7.5 CWE: CWE-862

Medium

CVE-2021-24828

The Mortgage Calculator / Loan Calculator WordPress plugin before 1.5.17 does not escape the some of the attributes of its mlcalc shortcode before outputting them, which could allow users with a role…

CVSS: 5.4 CWE: CWE-79

High

CVE-2021-24786

The Download Monitor WordPress plugin before 4.4.5 does not properly validate and escape the "orderby" GET parameter before using it in a SQL statement when viewing the logs, leading to an SQL Inject…

CVSS: 7.2 CWE: CWE-89

Medium

CVE-2021-24680

The WP Travel Engine WordPress plugin before 5.3.1 does not escape the Description field in the Trip Destination/Activities/Trip Type and Pricing Category pages, allowing users with a role as low as…

CVSS: 5.4 CWE: CWE-79

High

CVE-2021-45917

The server-request receiver function of Shockwall system has an improper authentication vulnerability. An authenticated attacker of an agent computer within the local area network can use the local r…

CVSS: 8.0 CWE: CWE-287

Low

CVE-2021-45916

The programming function of Shockwall system has an improper input validation vulnerability. An authenticated attacker within the local area network can send malicious response to the server to disru…

CVSS: 3.5 CWE: CWE-20

High

CVE-2021-44158

ASUS RT-AX56U Wi-Fi Router is vulnerable to stack-based buffer overflow due to improper validation for httpd parameter length. An authenticated local area network attacker can launch arbitrary code e…

CVSS: 8.0 CWE: CWE-121

Medium

CVE-2021-35093

Possible memory corruption in BT controller when it receives an oversized LMP packet over 2-DH1 link and leads to denial of service in BlueCore

CVSS: 6.5 CWE: CWE-787

Critical

CVE-2021-30351

An out of bound memory access can occur due to improper validation of number of frames being passed during music playback in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon C…

CVSS: 9.8 CWE: CWE-120

Medium

CVE-2021-30348

Improper validation of LLM utility timers availability can lead to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Sna…

CVSS: 6.5 CWE: CWE-400

High

CVE-2021-30337

Possible use after free when process shell memory is freed using IOCTL call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consu…

CVSS: 8.4 CWE: CWE-416

High

CVE-2021-30336

Possible out of bound read due to lack of domain input validation while processing APK close session request in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT…

CVSS: 8.4 CWE: CWE-125

High

CVE-2021-30335

Possible assertion in QOS request due to improper validation when multiple add or update request are received simultaneously in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdrago…

CVSS: 8.4 CWE: CWE-617

High

CVE-2021-30303

Possible buffer overflow due to lack of buffer length check when segmented WMI command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Con…

CVSS: 7.8 CWE: CWE-120

Medium

CVE-2021-30298

Possible out of bound access due to improper validation of item size and DIAG memory pools data while switching between USB and PCIE interface in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon…

CVSS: 6.7 CWE: CWE-120

High

CVE-2021-30293

Possible assertion due to lack of input validation in PUSCH configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT

CVSS: 7.5 CWE: CWE-617

High

CVE-2021-30289

Possible buffer overflow due to lack of range check while processing a DIAG command for COEX management in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Sna…

CVSS: 7.8 CWE: CWE-119

High

CVE-2021-30283

Possible denial of service due to improper handling of debug register trap from user applications in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

CVSS: 7.1 CWE: CWE-755

High

CVE-2021-30282

Possible out of bound write in RAM partition table due to improper validation on number of partitions provided in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT…

CVSS: 8.4 CWE: CWE-129

High

CVE-2021-30279

Possible access control violation while setting current permission for VMIDs due to improper permission masking in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Ind…

CVSS: 7.8 CWE: CWE-281

High

CVE-2021-30278

Improper input validation in TrustZone memory transfer interface can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdrago…

CVSS: 7.1 CWE: CWE-20

Critical

CVE-2021-30275

Possible integer overflow in page alignment interface due to lack of address and size validation before alignment in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer…

CVSS: 9.3 CWE: CWE-190

High

CVE-2021-30274

Possible integer overflow in access control initialization interface due to lack and size and address validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer I…

CVSS: 8.4 CWE: CWE-190

High

CVE-2021-30273

Possible assertion due to improper handling of IPV6 packet with invalid length in destination options header in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT…

CVSS: 7.5 CWE: CWE-617

High

CVE-2021-30272

Possible null pointer dereference in thread cache operation handler due to lack of validation of user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consum…

CVSS: 7.3 CWE: CWE-476

High

CVE-2021-30271

Possible null pointer dereference in trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Elec…

CVSS: 7.3 CWE: CWE-476

High

CVE-2021-30270

Possible null pointer dereference in thread profile trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdrago…

CVSS: 7.3 CWE: CWE-476

High

CVE-2021-30269

Possible null pointer dereference due to lack of TLB validation for user provided address in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity…

CVSS: 7.3 CWE: CWE-476

High

CVE-2021-30268

Possible heap Memory Corruption Issue due to lack of input validation when sending HWTC IQ Capture command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Sn…

CVSS: 7.8 CWE: CWE-120

High

CVE-2021-30267

Possible integer overflow to buffer overflow due to improper input validation in FTM ARA commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon…

CVSS: 7.8 CWE: CWE-190

High

CVE-2021-30262

Improper validation of a socket state when socket events are being sent to clients can lead to invalid access of memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Con…

CVSS: 8.4 CWE: CWE-416

Medium

CVE-2021-1918

Improper handling of resource allocation in virtual machines can lead to information exposure in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

CVSS: 6.5 CWE: CWE-668

High

CVE-2021-1894

Improper access control in TrustZone due to improper error handling while handling the signing key in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon…

CVSS: 7.1 CWE: CWE-755

High

CVE-2020-11263

An integer overflow due to improper check performed after the address and size passed are aligned in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, S…

CVSS: 7.3 CWE: CWE-190

High

CVE-2021-25994

In Userfrosting, versions v0.3.1 to v4.6.2 are vulnerable to Host Header Injection. By luring a victim application user to click on a link, an unauthenticated attacker can use the “forgot password” f…

CVSS: 8.8 CWE: CWE-74

Critical

CVE-2021-25981

In Talkyard, regular versions v0.2021.20 through v0.2021.33 and dev versions v0.2021.20 through v0.2021.34, are vulnerable to Insufficient Session Expiration. This may allow an attacker to reuse the…

CVSS: 9.8 CWE: CWE-613

Medium

CVE-2022-0079

showdoc is vulnerable to Generation of Error Message Containing Sensitive Information

CVSS: 5.3 CWE: CWE-209

2022-01-02

Medium

CVE-2021-36751

ENC DataVault 7.2.3 and before, and OEM versions, use an encryption algorithm that is vulnerable to data manipulation (without knowledge of the key). This is called ciphertext malleability. There is…

CVSS: 4.2 CWE: CWE-345

Critical

CVE-2022-0080

mruby is vulnerable to Heap-based Buffer Overflow

CVSS: 9.8 CWE: CWE-122

Medium

CVE-2022-22293

admin/limits.php in Dolibarr 7.0.2 allows HTML injection, as demonstrated by the MAIN_MAX_DECIMALS_TOT parameter.

CVSS: 5.4 CWE: CWE-79

2022-01-01

Medium

CVE-2021-44896

DMP Roadmap before 3.0.4 allows XSS.

CVSS: 6.1 CWE: CWE-79

High

CVE-2021-45972

The giftrans function in giftrans 1.12.2 contains a stack-based buffer overflow because a value inside the input file determines the amount of data to write. This allows an attacker to overwrite up t…

CVSS: 7.1 CWE: CWE-1284

High

CVE-2021-45960

In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memo…

CVSS: 8.8 CWE: CWE-682

Medium

CVE-2021-43333

The Datalogic DXU service on (for example) DL-Axist devices does not require authentication for configuration changes or disclosure of configuration settings.

CVSS: 6.5 CWE: CWE-306

High

CVE-2021-41819

CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby.

CVSS: 7.5 CWE: CWE-565

Medium

CVE-2021-44717

Go before 1.16.12 and 1.17.x before 1.17.5 on UNIX allows write operations to an unintended file or unintended network connection as a consequence of erroneous closing of file descriptor 0 after file…

CVSS: 4.8 CWE: CWE-404

High

CVE-2021-44716

net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.

CVSS: 7.5 CWE: CWE-400

High

CVE-2021-41817

Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1.

CVSS: 7.5 CWE: CWE-1333

Medium

CVE-2021-45943

GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile (called from PCIDSK::CPCIDSKSegment::ReadFromFile and PCIDSK::CPCIDSKBinarySegment::CPCIDSKBinarySegment…

CVSS: 5.5 CWE: CWE-787

Medium

CVE-2021-45942

OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in Imf_3_1::LineCompositeTask::execute (called from IlmThread_3_1::NullThreadPoolProvider::addTask and IlmThread_3_1::ThreadPool::addGlobal…

CVSS: 5.5 CWE: CWE-787

Medium

CVE-2021-45941

libbpf 0.6.0 and 0.6.1 has a heap-based buffer overflow (8 bytes) in __bpf_object__open (called from bpf_object__open_mem and bpf-object-fuzzer.c).

CVSS: 6.5 CWE: CWE-787

Medium

CVE-2021-45940

libbpf 0.6.0 and 0.6.1 has a heap-based buffer overflow (4 bytes) in __bpf_object__open (called from bpf_object__open_mem and bpf-object-fuzzer.c).

CVSS: 6.5 CWE: CWE-787

Medium

CVE-2021-45939

wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_WaitType and MqttClient_Subscribe).

CVSS: 5.5 CWE: CWE-787

Medium

CVE-2021-45938

wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_WaitType and MqttClient_Unsubscribe).

CVSS: 5.5 CWE: CWE-787

Medium

CVE-2021-45937

wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_WaitType and MqttClient_Connect).

CVSS: 5.5 CWE: CWE-787

Medium

CVE-2021-45936

wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttDecode_Disconnect (called from MqttClient_DecodePacket and MqttClient_WaitType).

CVSS: 5.5 CWE: CWE-787

Medium

CVE-2021-45935

Grok 9.5.0 has a heap-based buffer overflow in openhtj2k::T1OpenHTJ2K::decompress (called from std::__1::__packaged_task_func<std::__1::__bind<grk::T1DecompressScheduler::deco and std::__1::packaged_…

CVSS: 5.5 CWE: CWE-787

Medium

CVE-2021-45934

wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_HandlePacket and MqttClient_WaitType).

CVSS: 5.5 CWE: CWE-787

Medium

CVE-2021-45933

wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow (8 bytes) in MqttDecode_Publish (called from MqttClient_DecodePacket and MqttClient_HandlePacket).

CVSS: 5.5 CWE: CWE-787

Medium

CVE-2021-45932

wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow (4 bytes) in MqttDecode_Publish (called from MqttClient_DecodePacket and MqttClient_HandlePacket).

CVSS: 5.5 CWE: CWE-787

Medium

CVE-2021-45931

HarfBuzz 2.9.0 has an out-of-bounds write in hb_bit_set_invertible_t::set (called from hb_sparseset_t<hb_bit_set_invertible_t>::set and hb_set_copy).

CVSS: 6.5 CWE: CWE-787

Medium

CVE-2021-45930

Qt SVG in Qt 5.0.0 through 5.15.2 and 6.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate::QCommonArrayOps<QPainterPath::Element>::growAppend (called from QPainterPath::addPath and QPathClipp…

CVSS: 5.5 CWE: CWE-787

Medium

CVE-2021-45928

libjxl b02d6b9, as used in libvips 8.11 through 8.11.2 and other products, has an out-of-bounds write in jxl::ModularFrameDecoder::DecodeGroup (called from jxl::FrameDecoder::ProcessACGroup and jxl::…

CVSS: 5.5 CWE: CWE-787

High

CVE-2021-45927

MDB Tools (aka mdbtools) 0.9.2 has a stack-based buffer overflow (at 0x7ffd6e029ee0) in mdb_numeric_to_string (called from mdb_xfer_bound_data and _mdb_attempt_bind).

CVSS: 7.8 CWE: CWE-787

High

CVE-2021-45926

MDB Tools (aka mdbtools) 0.9.2 has a stack-based buffer overflow (at 0x7ffd0c689be0) in mdb_numeric_to_string (called from mdb_xfer_bound_data and _mdb_attempt_bind).

CVSS: 7.8 CWE: CWE-787

Medium

CVE-2021-45958

UltraJSON (aka ujson) through 5.1.0 has a stack-based buffer overflow in Buffer_AppendIndentUnchecked (called from encode). Exploitation can, for example, use a large amount of indentation.

CVSS: 5.5 CWE: CWE-787

Critical

CVE-2021-45957

Dnsmasq 2.86 has a heap-based buffer overflow in answer_request (called from FuzzAnswerTheRequest and fuzz_rfc1035.c). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do no…

CVSS: 9.8 CWE: CWE-787

Critical

CVE-2021-45956

Dnsmasq 2.86 has a heap-based buffer overflow in print_mac (called from log_packet and dhcp_reply). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vu…

CVSS: 9.8 CWE: CWE-787

Critical

CVE-2021-45955

Dnsmasq 2.86 has a heap-based buffer overflow in resize_packet (called from FuzzResizePacket and fuzz_rfc1035.c) because of the lack of a proper bounds check upon pseudo header re-insertion. NOTE: th…

CVSS: 9.8 CWE: CWE-787

Critical

CVE-2021-45954

Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called from answer_auth and FuzzAuth). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real…

CVSS: 9.8 CWE: CWE-787

Critical

CVE-2021-45953

Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called from hash_questions and fuzz_util.c). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent…

CVSS: 9.8 CWE: CWE-787

Critical

CVE-2021-45952

Dnsmasq 2.86 has a heap-based buffer overflow in dhcp_reply (called from dhcp_packet and FuzzDhcp). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vu…

CVSS: 9.8 CWE: CWE-787

Critical

CVE-2021-45951

Dnsmasq 2.86 has a heap-based buffer overflow in check_bad_address (called from check_for_bogus_wildcard and FuzzCheckForBogusWildcard). NOTE: the vendor's position is that CVE-2021-45951 through CVE…

CVSS: 9.8 CWE: CWE-787

Medium

CVE-2021-45950

LibreDWG 0.12.4.4313 through 0.12.4.4367 has an out-of-bounds write in dwg_free_BLOCK_private (called from dwg_free_BLOCK and dwg_free_object).

CVSS: 6.5 CWE: CWE-787

Medium

CVE-2021-45949

Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp).

CVSS: 5.5 CWE: CWE-787

Medium

CVE-2021-45948

Open Asset Import Library (aka assimp) 5.1.0 and 5.1.1 has a heap-based buffer overflow in _m3d_safestr (called from m3d_load and Assimp::M3DWrapper::M3DWrapper).

CVSS: 5.5 CWE: CWE-787

Medium

CVE-2021-45947

Wasm3 0.5.0 has an out-of-bounds write in Runtime_Release (called from EvaluateExpression and InitDataSegments).

CVSS: 5.5 CWE: CWE-787

Medium

CVE-2021-45946

Wasm3 0.5.0 has an out-of-bounds write in CompileBlock (called from Compile_LoopOrBlock and CompileBlockStatements).

CVSS: 5.5 CWE: CWE-787

Medium

CVE-2021-45944

Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in sampled_data_sample (called from sampled_data_continue and interp).

CVSS: 5.5 CWE: CWE-416

Medium

CVE-2021-45929

Wasm3 0.5.0 has an out-of-bounds write in CompileBlock (called from CompileElseBlock and Compile_If).

CVSS: 5.5 CWE: CWE-787