Search Results (11943 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-46249 1 Scratchoauth2 Project 1 Scratchoauth2 2024-11-21 6.5 Medium
An authorization bypass exploited by a user-controlled key in SpecificApps REST API in ScratchOAuth2 before commit d856dc704b2504cd3b92cf089fdd366dd40775d6 allows app owners to set flags that indicate whether an app is verified on their own apps.
CVE-2021-46195 2 Gnu, Redhat 2 Gcc, Enterprise Linux 2024-11-21 5.5 Medium
GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. This vulnerability allows attackers to cause a Denial of Service (DoS) by consuming excessive CPU and memory resources.
CVE-2021-46055 1 Webassembly 1 Binaryen 2024-11-21 5.5 Medium
A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::visitRethrow(wasm::Rethrow*).
CVE-2021-46054 1 Webassembly 1 Binaryen 2024-11-21 5.5 Medium
A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::visitRethrow(wasm::Rethrow*).
CVE-2021-46052 1 Webassembly 1 Binaryen 2024-11-21 5.5 Medium
A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::Tuple::validate.
CVE-2021-46048 1 Webassembly 1 Binaryen 2024-11-21 5.5 Medium
A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::readFunctions.
CVE-2021-45981 1 Netscout 1 Ngeniusone 2024-11-21 9.8 Critical
NetScout nGeniusONE 6.3.2 allows an XML External Entity (XXE) attack.
CVE-2021-45891 1 Zauner 1 Arc 2024-11-21 8.8 High
An issue was discovered in Softwarebuero Zauner ARC 4.2.0.4., that allows attackers to escalate privileges within the application, since all permission checks are done client-side, not server-side.
CVE-2021-45885 1 Stormshield 1 Network Security 2024-11-21 7.5 High
An issue was discovered in Stormshield Network Security (SNS) 4.2.2 through 4.2.7 (fixed in 4.2.8). Under a specific update-migration scenario, the first SSH password change does not properly clear the old password.
CVE-2021-45861 1 Tsmuxer Project 1 Tsmuxer 2024-11-21 5.5 Medium
There is an Assertion `num <= INT_BIT' failed at BitStreamReader::skipBits in /bitStream.h:132 of tsMuxer git-c6a0277.
CVE-2021-45852 1 Projectworlds 1 Hospital Management System In Php 2024-11-21 5.3 Medium
An issue was discovered in Projectworlds Hospital Management System v1.0. Unauthorized malicious attackers can add patients without restriction via add_patient.php.
CVE-2021-45832 1 Hdfgroup 1 Hdf5 2024-11-21 5.5 Medium
A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 at at hdf5/src/H5Eint.c, which causes a Denial of Service (context-dependent).
CVE-2021-45708 1 Abomonation Project 1 Abomonation 2024-11-21 7.5 High
An issue was discovered in the abomonation crate through 2021-10-17 for Rust. Because transmute operations are insufficiently constrained, there can be an information leak or ASLR bypass.
CVE-2021-45428 1 Telesquare 2 Tlr-2005ksh, Tlr-2005ksh Firmware 2024-11-21 9.8 Critical
TLR-2005KSH is affected by an incorrect access control vulnerability. THe PUT method is enabled so an attacker can upload arbitrary files including HTML and CGI formats.
CVE-2021-45408 1 Seeddms 1 Seeddms 2024-11-21 6.1 Medium
Open Redirect vulnerability exists in SeedDMS 6.0.15 in out.Login.php, which llows remote malicious users to redirect users to malicious sites using the "referuri" parameter.
CVE-2021-45402 1 Linux 1 Linux Kernel 2024-11-21 5.5 Medium
The check_alu_op() function in kernel/bpf/verifier.c in the Linux kernel through v5.16-rc5 did not properly update bounds while handling the mov32 instruction, which allows local users to obtain potentially sensitive address information, aka a "pointer leak."
CVE-2021-45387 1 Broadcom 1 Tcpreplay 2024-11-21 5.5 Medium
tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv4() at tree.c.
CVE-2021-45386 1 Broadcom 1 Tcpreplay 2024-11-21 5.5 Medium
tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv6() at tree.c
CVE-2021-45328 1 Gitea 1 Gitea 2024-11-21 6.1 Medium
Gitea before 1.4.3 is affected by URL Redirection to Untrusted Site ('Open Redirect') via internal URLs.
CVE-2021-45290 2 Fedoraproject, Webassembly 2 Fedora, Binaryen 2024-11-21 7.5 High
A Denial of Service vulnerability exits in Binaryen 103 due to an assertion abort in wasm::handle_unreachable.