Total
13464 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-45958 | 3 Debian, Fedoraproject, Ultrajson Project | 3 Debian Linux, Fedora, Ultrajson | 2024-11-21 | 5.5 Medium |
| UltraJSON (aka ujson) through 5.1.0 has a stack-based buffer overflow in Buffer_AppendIndentUnchecked (called from encode). Exploitation can, for example, use a large amount of indentation. | ||||
| CVE-2021-45957 | 1 Thekelleys | 1 Dnsmasq | 2024-11-21 | 9.8 Critical |
| Dnsmasq 2.86 has a heap-based buffer overflow in answer_request (called from FuzzAnswerTheRequest and fuzz_rfc1035.c). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge. | ||||
| CVE-2021-45956 | 1 Thekelleys | 1 Dnsmasq | 2024-11-21 | 9.8 Critical |
| Dnsmasq 2.86 has a heap-based buffer overflow in print_mac (called from log_packet and dhcp_reply). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge. | ||||
| CVE-2021-45955 | 1 Thekelleys | 1 Dnsmasq | 2024-11-21 | 9.8 Critical |
| Dnsmasq 2.86 has a heap-based buffer overflow in resize_packet (called from FuzzResizePacket and fuzz_rfc1035.c) because of the lack of a proper bounds check upon pseudo header re-insertion. NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge." However, a contributor states that a security patch (mentioned in 016162.html) is needed | ||||
| CVE-2021-45954 | 1 Thekelleys | 1 Dnsmasq | 2024-11-21 | 9.8 Critical |
| Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called from answer_auth and FuzzAuth). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge. | ||||
| CVE-2021-45953 | 1 Thekelleys | 1 Dnsmasq | 2024-11-21 | 9.8 Critical |
| Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called from hash_questions and fuzz_util.c). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge. | ||||
| CVE-2021-45952 | 1 Thekelleys | 1 Dnsmasq | 2024-11-21 | 9.8 Critical |
| Dnsmasq 2.86 has a heap-based buffer overflow in dhcp_reply (called from dhcp_packet and FuzzDhcp). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge. | ||||
| CVE-2021-45951 | 1 Thekelleys | 1 Dnsmasq | 2024-11-21 | 9.8 Critical |
| Dnsmasq 2.86 has a heap-based buffer overflow in check_bad_address (called from check_for_bogus_wildcard and FuzzCheckForBogusWildcard). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge. | ||||
| CVE-2021-45950 | 1 Gnu | 1 Libredwg | 2024-11-21 | 6.5 Medium |
| LibreDWG 0.12.4.4313 through 0.12.4.4367 has an out-of-bounds write in dwg_free_BLOCK_private (called from dwg_free_BLOCK and dwg_free_object). | ||||
| CVE-2021-45949 | 2 Artifex, Debian | 2 Ghostscript, Debian Linux | 2024-11-21 | 5.5 Medium |
| Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp). | ||||
| CVE-2021-45948 | 1 Assimp | 1 Assimp | 2024-11-21 | 5.5 Medium |
| Open Asset Import Library (aka assimp) 5.1.0 and 5.1.1 has a heap-based buffer overflow in _m3d_safestr (called from m3d_load and Assimp::M3DWrapper::M3DWrapper). | ||||
| CVE-2021-45947 | 1 Wasm3 Project | 1 Wasm3 | 2024-11-21 | 5.5 Medium |
| Wasm3 0.5.0 has an out-of-bounds write in Runtime_Release (called from EvaluateExpression and InitDataSegments). | ||||
| CVE-2021-45946 | 1 Wasm3 Project | 1 Wasm3 | 2024-11-21 | 5.5 Medium |
| Wasm3 0.5.0 has an out-of-bounds write in CompileBlock (called from Compile_LoopOrBlock and CompileBlockStatements). | ||||
| CVE-2021-45943 | 4 Debian, Fedoraproject, Oracle and 1 more | 4 Debian Linux, Fedora, Spatial And Graph and 1 more | 2024-11-21 | 5.5 Medium |
| GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile (called from PCIDSK::CPCIDSKSegment::ReadFromFile and PCIDSK::CPCIDSKBinarySegment::CPCIDSKBinarySegment). | ||||
| CVE-2021-45942 | 3 Debian, Fedoraproject, Openexr | 3 Debian Linux, Fedora, Openexr | 2024-11-21 | 5.5 Medium |
| OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in Imf_3_1::LineCompositeTask::execute (called from IlmThread_3_1::NullThreadPoolProvider::addTask and IlmThread_3_1::ThreadPool::addGlobalTask). NOTE: db217f2 may be inapplicable. | ||||
| CVE-2021-45941 | 1 Libbpf Project | 1 Libbpf | 2024-11-21 | 6.5 Medium |
| libbpf 0.6.0 and 0.6.1 has a heap-based buffer overflow (8 bytes) in __bpf_object__open (called from bpf_object__open_mem and bpf-object-fuzzer.c). | ||||
| CVE-2021-45940 | 1 Libbpf Project | 1 Libbpf | 2024-11-21 | 6.5 Medium |
| libbpf 0.6.0 and 0.6.1 has a heap-based buffer overflow (4 bytes) in __bpf_object__open (called from bpf_object__open_mem and bpf-object-fuzzer.c). | ||||
| CVE-2021-45939 | 1 Wolfssl | 1 Wolfmqtt | 2024-11-21 | 5.5 Medium |
| wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_WaitType and MqttClient_Subscribe). | ||||
| CVE-2021-45938 | 1 Wolfssl | 1 Wolfmqtt | 2024-11-21 | 5.5 Medium |
| wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_WaitType and MqttClient_Unsubscribe). | ||||
| CVE-2021-45937 | 1 Wolfssl | 1 Wolfmqtt | 2024-11-21 | 5.5 Medium |
| wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_WaitType and MqttClient_Connect). | ||||