Export limit exceeded: 35188 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (35188 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-34444 | 1 Microsoft | 9 Windows Server 2004, Windows Server 2008, Windows Server 2008 R2 and 6 more | 2024-11-21 | 6.5 Medium |
| Windows DNS Server Denial of Service Vulnerability | ||||
| CVE-2021-34442 | 1 Microsoft | 9 Windows Server 2004, Windows Server 2008, Windows Server 2008 R2 and 6 more | 2024-11-21 | 8.8 High |
| Windows DNS Server Remote Code Execution Vulnerability | ||||
| CVE-2021-34441 | 1 Microsoft | 19 Windows 10, Windows 10 1507, Windows 10 1607 and 16 more | 2024-11-21 | 7.8 High |
| Microsoft Windows Media Foundation Remote Code Execution Vulnerability | ||||
| CVE-2021-34440 | 1 Microsoft | 19 Windows 10, Windows 10 1507, Windows 10 1607 and 16 more | 2024-11-21 | 5.5 Medium |
| GDI+ Information Disclosure Vulnerability | ||||
| CVE-2021-34439 | 1 Microsoft | 4 Windows 10, Windows 10 1507, Windows 10 1607 and 1 more | 2024-11-21 | 7.8 High |
| Microsoft Windows Media Foundation Remote Code Execution Vulnerability | ||||
| CVE-2021-34438 | 1 Microsoft | 9 Windows 10, Windows 10 1809, Windows 10 1909 and 6 more | 2024-11-21 | 7.8 High |
| Windows Font Driver Host Remote Code Execution Vulnerability | ||||
| CVE-2021-34432 | 1 Eclipse | 1 Mosquitto | 2024-11-21 | 7.5 High |
| In Eclipse Mosquitto versions 2.07 and earlier, the server will crash if the client tries to send a PUBLISH packet with topic length = 0. | ||||
| CVE-2021-34426 | 2 Keybase, Microsoft | 2 Keybase, Windows | 2024-11-21 | 5.3 Medium |
| A vulnerability was discovered in the Keybase Client for Windows before version 5.6.0 when a user executed the "keybase git lfs-config" command on the command-line. In versions prior to 5.6.0, a malicious actor with write access to a user\'s Git repository could leverage this vulnerability to potentially execute arbitrary Windows commands on a user\'s local system. | ||||
| CVE-2021-34404 | 2 Google, Nvidia | 2 Android, Shield Experience | 2024-11-21 | 7.1 High |
| Android images for T210 provided by NVIDIA contain a vulnerability in BROM, where failure to limit access to AHB-DMA when BROM fails may allow an unprivileged attacker with physical access to cause denial of service or impact integrity and confidentiality beyond the security scope of BROM. | ||||
| CVE-2021-34400 | 3 Linux, Microsoft, Nvidia | 137 Linux Kernel, Windows, Dgx-1 P100 and 134 more | 2024-11-21 | 4.1 Medium |
| NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed memory, which may lead to information disclosure. | ||||
| CVE-2021-34399 | 3 Linux, Microsoft, Nvidia | 137 Linux Kernel, Windows, Dgx-1 P100 and 134 more | 2024-11-21 | 4.1 Medium |
| NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed registers, which may lead to information disclosure. | ||||
| CVE-2021-34396 | 1 Nvidia | 5 Jetson Linux, Jetson Tx2, Jetson Tx2 4gb and 2 more | 2024-11-21 | 3 Low |
| Bootloader contains a vulnerability in access permission settings where unauthorized software may be able to overwrite NVIDIA MB2 code, which would result in limited denial of service. | ||||
| CVE-2021-34369 | 1 Accela | 1 Civic Platform | 2024-11-21 | 6.5 Medium |
| portlets/contact/ref/refContactDetail.do in Accela Civic Platform through 20.1 allows remote attackers to obtain sensitive information via a modified contactSeqNumber value. NOTE: the vendor states "the information that is being queried is authorized for an authenticated user of that application, so we consider this not applicable. | ||||
| CVE-2021-34268 | 1 St | 2 Stm32cube Middleware, Stm32h7b3 | 2024-11-21 | 4.6 Medium |
| An issue in the USBH_ParseDevDesc() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below causes a denial of service (DOS) via a malformed USB device packet. | ||||
| CVE-2021-34267 | 1 St | 2 Stm32cube Middleware, Stm32h7b3 | 2024-11-21 | 4.6 Medium |
| An in the USBH_MSC_InterfaceInit() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below causes a denial of service (DOS) when the system tries to communicate with the connected endpoint. | ||||
| CVE-2021-34261 | 1 St | 2 Stm32cube Middleware, Stm32h7b3 | 2024-11-21 | 4.6 Medium |
| An issue in USBH_ParseCfgDesc() of STMicroelectronics STM32Cube Middleware v1.8.0 and below causes a denial of service due to the system hanging when trying to set a remote wake-up feature. | ||||
| CVE-2021-34174 | 1 Broadcom | 4 Bcm4352, Bcm4352 Firmware, Bcm43684 and 1 more | 2024-11-21 | 4.6 Medium |
| A vulnerability exists in Broadcom BCM4352 and BCM43684 chips. Any wireless router using BCM4352 and BCM43684 will be affected, such as ASUS AX6100. An attacker may cause a Denial of Service (DoS) to any device connected to BCM4352 or BCM43684 routers via an association or reassociation frame. | ||||
| CVE-2021-34173 | 1 Espressif | 2 Esp32, Esp32 Firmware | 2024-11-21 | 7.5 High |
| An attacker can cause a Denial of Service and kernel panic in v4.2 and earlier versions of Espressif esp32 via a malformed beacon csa frame. The device requires a reboot to recover. | ||||
| CVE-2021-34150 | 1 Bluetrum | 2 Ab5301a, Ab5301a Firmware | 2024-11-21 | 6.5 Medium |
| The Bluetooth Classic implementation on Bluetrum AB5301A devices with unknown firmware versions does not properly handle the reception of oversized DM1 LMP packets while no other BT connections are active, allowing attackers in radio range to prevent new BT connections (disabling the AB5301A inquiry and page scan procedures) via a crafted LMP packet. The user needs to manually perform a power cycle (restart) of the device to restore BT connectivity. | ||||
| CVE-2021-34149 | 1 Ti | 2 Cc256xcqfn-em, Cc256xcqfn-em Firmware | 2024-11-21 | 6.5 Medium |
| The Bluetooth Classic implementation on the Texas Instruments CC256XCQFN-EM does not properly handle the reception of continuous LMP_AU_Rand packets, allowing attackers in radio range to trigger a denial of service (deadlock) of the device by flooding it with LMP_AU_Rand packets after the paging procedure. | ||||