CVE-2021-31292
Summary: An integer overflow in CrwMap::encode0x1810 of Exiv2 0.27.3 allows attackers to trigger a heap-based buffer overflow and cause a...
Vulnerabilities
CVE-2021-1106
Summary: NVIDIA Linux kernel distributions contain a vulnerability in nvmap, where writes may be allowed to read-only buffers, which may...
CVE-2020-28052
Summary: An issue was discovered in Legion of the Bouncy Castle BC Java 1.65 and 1.66. The OpenBSDBCrypt.checkPassword utility method...
CVE-2021-38592
Summary: Wasm3 0.5.0 has a heap-based buffer overflow in op_Const64 (called from EvaluateExpression and m3_LoadModule). Reference Links(if available): https://github.com/google/oss-fuzz-vulns/blob/main/vulns/wasm3/OSV-2021-676.yaml https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33554...
CVE-2021-38380
Summary: Live555 through 1.08 mishandles huge requests for the same MP3 stream, leading to recursion and s stack-based buffer over-read....
CVE-2020-7246 – qdPM / qdPM – Unrestricted file upload
Summary: CVE-2020-7246 is an unrestricted file upload vulnerability impacting qdPM versions 9.1 and earlier. An exploit was observed in open...
CVE-2021-32736
Summary: think-helper defines a set of helper functions for ThinkJS. In versions of think-helper prior to 1.1.3, the software receives...
CVE-2021-36741
Summary: An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free...
CVE-2021-3649
Summary: chatwoot is vulnerable to Inefficient Regular Expression Complexity Reference Links(if available): https://github.com/chatwoot/chatwoot/commit/aa7db90cd2d23dbcf22a94f1e4c100dd909e2172 https://huntr.dev/bounties/1625088985607-chatwoot/chatwoot CVSS Score (if available) v2: /...
CVE-2021-37663
Summary: TensorFlow is an end-to-end open source platform for machine learning. In affected versions due to incomplete validation in `tf.raw_ops.QuantizeV2`,...
CVE-2021-37665
Summary: TensorFlow is an end-to-end open source platform for machine learning. In affected versions due to incomplete validation in MKL...
CVE-2021-37655
Summary: TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can trigger a read...
CVE-2021-37654
Summary: TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can trigger a crash...
CVE-2021-33708
Summary: Due to insufficient input validation in Kyma, authenticated users can pass a Header of their choice and escalate privileges....
CVE-2021-37651
Summary: TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation for `tf.raw_ops.FractionalAvgPoolGrad` can be...
CVE-2021-38511
Summary: An issue was discovered in the tar crate before 0.4.36 for Rust. When symlinks are present in a TAR...
CVE-2019-11283
Summary: Cloud Foundry SMB Volume, versions prior to v2.0.3, accidentally outputs sensitive information to the logs. A remote user with...
CVE-2018-1265
Summary: Cloud Foundry Diego, release versions prior to 2.8.0, does not properly sanitize file paths in tar and zip files...
CVE-2018-1262
Summary: Cloud Foundry Foundation UAA, versions 4.12.X and 4.13.X, introduced a feature which could allow privilege escalation across identity zones...
CVE-2021-33486
Summary: All versions of the CODESYS V3 Runtime Toolkit for VxWorks from version V3.5.8.0 and before version V3.5.17.10 have Improper...
CVE-2021-38111
Summary: The DEF CON 27 badge allows remote attackers to exploit a buffer overflow by sending an oversized packet via...
CVE-2020-22036
Summary: A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_intra at libavfilter/vf_bwdif.c, which might lead to memory corruption...
CVE-2021-3246
Summary: A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted...
CVE-2021-3246
Summary: A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted...
