Export limit exceeded: 86685 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (86685 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-27591 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 7.8 High |
| When a user opens manipulated Portable Document Format (.PDF) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application. | ||||
| CVE-2021-27590 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 7.8 High |
| When a user opens manipulated Tag Image File Format (.TIFF) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application. | ||||
| CVE-2021-27589 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 7.8 High |
| When a user opens manipulated Scalable Vector Graphics (.SVG) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application. | ||||
| CVE-2021-27588 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 7.8 High |
| When a user opens manipulated HPGL format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application. | ||||
| CVE-2021-27587 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 7.8 High |
| When a user opens manipulated Jupiter Tessellation (.JT) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application. | ||||
| CVE-2021-27586 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 7.8 High |
| When a user opens manipulated Interchange File Format (.IFF) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application. | ||||
| CVE-2021-27585 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 7.8 High |
| When a user opens manipulated Computer Graphics Metafile (.CGM) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application. | ||||
| CVE-2021-27579 | 1 Snowsoftware | 1 Snow Inventory Agent | 2024-11-21 | 7.8 High |
| Snow Inventory Agent through 6.7.0 on Windows uses CPUID to report on processor types and versions that may be deployed and in use across an IT environment. A privilege-escalation vulnerability exists if CPUID is enabled, and thus it should be disabled via configuration settings. | ||||
| CVE-2021-27577 | 2 Apache, Debian | 2 Traffic Server, Debian Linux | 2024-11-21 | 7.5 High |
| Incorrect handling of url fragment vulnerability of Apache Traffic Server allows an attacker to poison the cache. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1. | ||||
| CVE-2021-27574 | 1 Remotemouse | 1 Emote Remote Mouse | 2024-11-21 | 8.1 High |
| An issue was discovered in Emote Remote Mouse through 4.0.0.0. It uses cleartext HTTP to check, and request, updates. Thus, attackers can machine-in-the-middle a victim to download a malicious binary in place of the real update, with no SSL errors or warnings. | ||||
| CVE-2021-27572 | 1 Remotemouse | 1 Emote Remote Mouse | 2024-11-21 | 8.1 High |
| An issue was discovered in Emote Remote Mouse through 4.0.0.0. Authentication Bypass can occur via Packet Replay. Remote unauthenticated users can execute arbitrary code via crafted UDP packets even when passwords are set. | ||||
| CVE-2021-27565 | 1 Hcc-embedded | 1 Nichestack | 2024-11-21 | 7.5 High |
| The web server in InterNiche NicheStack through 4.0.1 allows remote attackers to cause a denial of service (infinite loop and networking outage) via an unexpected valid HTTP request such as OPTIONS. This occurs because the HTTP request handler enters a miscoded wbs_loop() debugger hook. | ||||
| CVE-2021-27556 | 1 Easycorp | 1 Zentao | 2024-11-21 | 7.2 High |
| The Cron job tab in EasyCorp ZenTao 12.5.3 allows remote attackers (who have admin access) to execute arbitrary code by setting the type parameter to System. | ||||
| CVE-2021-27522 | 1 Learnsite Project | 1 Learnsite | 2024-11-21 | 8.8 High |
| Learnsite 1.2.5.0 contains a remote privilege escalation vulnerability in /Manager/index.aspx through the JudgIsAdmin() function. By modifying the initial letter of the key of a user cookie, the key of the administrator cookie can be obtained. | ||||
| CVE-2021-27516 | 2 Redhat, Uri.js Project | 2 Quay, Uri.js | 2024-11-21 | 7.5 High |
| URI.js (aka urijs) before 1.19.6 mishandles certain uses of backslash such as http:\/ and interprets the URI as a relative path. | ||||
| CVE-2021-27513 | 1 Eyesofnetwork | 1 Eyesofnetwork | 2024-11-21 | 8.8 High |
| The module admin_ITSM in EyesOfNetwork 5.3-10 allows remote authenticated users to upload arbitrary .xml.php files because it relies on "le filtre userside." | ||||
| CVE-2021-27509 | 1 Visualware | 1 Myconnection Server | 2024-11-21 | 7.5 High |
| In Visualware MyConnection Server before 11.0b build 5382, each published report is not associated with its own access code. | ||||
| CVE-2021-27504 | 2 Amazon, Ti | 6 Freertos, Simplelink Cc13xx Software Development Kit, Simplelink Cc26xx Software Development Kit and 3 more | 2024-11-21 | 7.4 High |
| Texas Instruments devices running FREERTOS, malloc returns a valid pointer to a small buffer on extremely large values, which can trigger an integer overflow vulnerability in 'malloc' for FreeRTOS, resulting in code execution. | ||||
| CVE-2021-27502 | 1 Ti | 14 Cc3200, Cc3220r, Cc3220s and 11 more | 2024-11-21 | 7.4 High |
| Texas Instruments TI-RTOS, when configured to use HeapMem heap(default), malloc returns a valid pointer to a small buffer on extremely large values, which can trigger an integer overflow vulnerability in 'HeapMem_allocUnprotected' and result in code execution. | ||||
| CVE-2021-27496 | 3 Datakit, Luxion, Siemens | 6 Crosscadware, Keyshot, Solid Edge Se2020 and 3 more | 2024-11-21 | 7.8 High |
| Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior lack proper validation of user-supplied data when parsing PRT files. This could lead to pointer dereferences of a value obtained from an untrusted source. An attacker could leverage this vulnerability to execute code in the context of the current process. | ||||