Export limit exceeded: 86631 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (86631 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-27039 | 1 Autodesk | 2 Autocad, Design Review | 2024-11-21 | 7.8 High |
| A maliciously crafted TIFF and PCX file can be forced to read and write beyond allocated boundaries when parsing the TIFF and PCX file for based overflow. This vulnerability can be exploited to execute arbitrary code. | ||||
| CVE-2021-27038 | 1 Autodesk | 1 Design Review | 2024-11-21 | 7.8 High |
| A Type Confusion vulnerability in Autodesk Design Review 2018, 2017, 2013, 2012, 2011 can occur when processing a maliciously crafted PDF file. A malicious actor can leverage this to execute arbitrary code. | ||||
| CVE-2021-27037 | 1 Autodesk | 1 Design Review | 2024-11-21 | 7.8 High |
| A maliciously crafted PNG, PDF or DWF file in Autodesk Design Review 2018, 2017, 2013, 2012, 2011 can be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by remote malicious actors to execute arbitrary code. | ||||
| CVE-2021-27036 | 1 Autodesk | 1 Design Review | 2024-11-21 | 7.8 High |
| A maliciously crafted PCX, PICT, RCL, TIF, BMP, PSD or TIFF file can be used to write beyond the allocated buffer while parsing PCX, PDF, PICT, RCL, BMP, PSD or TIFF files. This vulnerability can be exploited to execute arbitrary code | ||||
| CVE-2021-27035 | 1 Autodesk | 1 Design Review | 2024-11-21 | 7.8 High |
| A maliciously crafted TIFF, TIF, PICT, TGA, or DWF files in Autodesk Design Review 2018, 2017, 2013, 2012, 2011 can be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA or DWF files. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | ||||
| CVE-2021-27034 | 1 Autodesk | 1 Design Review | 2024-11-21 | 7.8 High |
| A heap-based buffer overflow could occur while parsing PICT, PCX, RCL or TIFF files in Autodesk Design Review 2018, 2017, 2013, 2012, 2011. This vulnerability can be exploited to execute arbitrary code. | ||||
| CVE-2021-27032 | 1 Autodesk | 1 Licensing Services | 2024-11-21 | 7.8 High |
| Autodesk Licensing Installer was found to be vulnerable to privilege escalation issues. A malicious user with limited privileges could run any number of tools on a system to identify services that are configured with weak permissions and are running under elevated privileges. These weak permissions could allow all users on the operating system to modify the service configuration and take ownership of the service. | ||||
| CVE-2021-27031 | 1 Autodesk | 1 Fbx Review | 2024-11-21 | 7.8 High |
| A user may be tricked into opening a malicious FBX file which may exploit a use-after-free vulnerability in FBX's Review causing the application to reference a memory location controlled by an unauthorized third party, thereby running arbitrary code on the system. | ||||
| CVE-2021-27030 | 1 Autodesk | 1 Fbx Review | 2024-11-21 | 7.8 High |
| A user may be tricked into opening a malicious FBX file which may exploit a Directory Traversal Remote Code Execution vulnerability in FBX’s Review causing it to run arbitrary code on the system. | ||||
| CVE-2021-27028 | 1 Autodesk | 1 Fbx Review | 2024-11-21 | 7.8 High |
| A Memory Corruption Vulnerability in Autodesk FBX Review version 1.5.0 and prior may lead to remote code execution through maliciously crafted DLL files. | ||||
| CVE-2021-27027 | 1 Autodesk | 1 Fbx Review | 2024-11-21 | 7.8 High |
| An Out-Of-Bounds Read Vulnerability in Autodesk FBX Review version 1.5.0 and prior may lead to code execution through maliciously crafted DLL files or information disclosure. | ||||
| CVE-2021-27024 | 1 Puppet | 1 Continuous Delivery | 2024-11-21 | 8.1 High |
| A flaw was discovered in Continuous Delivery for Puppet Enterprise (CD4PE) that results in a user with lower privileges being able to access a Puppet Enterprise API token. This issue is resolved in CD4PE 4.10.0 | ||||
| CVE-2021-27021 | 1 Puppet | 3 Puppet, Puppet Enterprise, Puppetdb | 2024-11-21 | 8.8 High |
| A flaw was discovered in Puppet DB, this flaw results in an escalation of privileges which allows the user to delete tables via an SQL query. | ||||
| CVE-2021-27020 | 1 Puppet | 1 Puppet Enterprise | 2024-11-21 | 8.8 High |
| Puppet Enterprise presented a security risk by not sanitizing user input when doing a CSV export. | ||||
| CVE-2021-27018 | 1 Puppet | 1 Remediate | 2024-11-21 | 7.5 High |
| The mechanism which performs certificate validation was discovered to have a flaw that resulted in certificates signed by an internal certificate authority to not be properly validated. This issue only affects clients that are configured to utilize Tenable.sc as the vulnerability data source. | ||||
| CVE-2021-27005 | 1 Netapp | 1 Ontap System Manager | 2024-11-21 | 7.5 High |
| Clustered Data ONTAP versions 9.6 and higher prior to 9.6P16, 9.7P16, 9.8P7 and 9.9.1P3 are susceptible to a vulnerability which could allow a remote attacker to cause a crash of the httpd server. | ||||
| CVE-2021-27002 | 1 Netapp | 1 Cloud Manager | 2024-11-21 | 7.5 High |
| NetApp Cloud Manager versions prior to 3.9.10 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to retrieve sensitive data via the web proxy. | ||||
| CVE-2021-26996 | 1 Netapp | 1 E-series Santricity Os Controller | 2024-11-21 | 7.5 High |
| E-Series SANtricity OS Controller Software 11.x versions prior to 11.70.1 are susceptible to a vulnerability which when successfully exploited could allow a remote attacker to discover system configuration and application information which may aid in crafting more complex attacks. | ||||
| CVE-2021-26995 | 1 Netapp | 1 E-series Santricity Os Controller | 2024-11-21 | 8.8 High |
| E-Series SANtricity OS Controller Software 11.x versions prior to 11.70.1 are susceptible to a vulnerability which when successfully exploited could allow privileged attackers to execute arbitrary code. | ||||
| CVE-2021-26992 | 1 Netapp | 1 Cloud Manager | 2024-11-21 | 7.5 High |
| Cloud Manager versions prior to 3.9.4 are susceptible to a vulnerability which could allow a remote attacker to cause a Denial of Service (DoS). | ||||