‼ CVE-2021-45064 ‼
📖 Read
via "National Vulnerability Database".
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-38126 ‼
📖 Read
via "National Vulnerability Database".
Potential vulnerabilities have been identified in Micro Focus ArcSight Enterprise Security Manager, affecting versions 7.4.x and 7.5.x. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS).📖 Read
via "National Vulnerability Database".
‼ CVE-2021-44712 ‼
📖 Read
via "National Vulnerability Database".
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Access of Memory Location After End of Buffer vulnerability that could lead to application denial-of-service. Exploitation of this issue requires user interaction in that a victim must open a malicious file.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-44707 ‼
📖 Read
via "National Vulnerability Database".
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-44715 ‼
📖 Read
via "National Vulnerability Database".
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-39623 ‼
📖 Read
via "National Vulnerability Database".
In doRead of SimpleDecodingSource.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-194105348📖 Read
via "National Vulnerability Database".
‼ CVE-2021-39634 ‼
📖 Read
via "National Vulnerability Database".
In fs/eventpoll.c, there is a possible use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-204450605References: Upstream kernel📖 Read
via "National Vulnerability Database".
‼ CVE-2022-0130 ‼
📖 Read
via "National Vulnerability Database".
Tenable.sc versions 5.14.0 through 5.19.1 were found to contain a remote code execution vulnerability which could allow a remote, unauthenticated attacker to execute code under special circumstances. An attacker would first have to stage a specific file type in the web server root of the Tenable.sc host prior to remote exploitation.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-45773 ‼
📖 Read
via "National Vulnerability Database".
A NULL pointer dereference in CS104_IPAddress_setFromString at src/iec60870/cs104/cs104_slave.c of lib60870 commit 0d5e76e can lead to a segmentation fault or application crash.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-39681 ‼
📖 Read
via "National Vulnerability Database".
In delete_protocol of main.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-200251074References: N/A📖 Read
via "National Vulnerability Database".
‼ CVE-2021-23138 ‼
📖 Read
via "National Vulnerability Database".
WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-39626 ‼
📖 Read
via "National Vulnerability Database".
In onAttach of ConnectedDeviceDashboardFragment.java, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-194695497📖 Read
via "National Vulnerability Database".
‼ CVE-2021-0959 ‼
📖 Read
via "National Vulnerability Database".
In jit_memory_region.cc, there is a possible bypass of memory restrictions due to a logic error in the code. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-200284993📖 Read
via "National Vulnerability Database".
‼ CVE-2022-21137 ‼
📖 Read
via "National Vulnerability Database".
Omron CX-One Versions 4.60 and prior are vulnerable to a stack-based buffer overflow while processing specific project files, which may allow an attacker to execute arbitrary code.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-45775 ‼
📖 Read
via "National Vulnerability Database".
GNU Inetutils 2.2.16-cf091 was discovered to contain an infinite loop in domacro at domacro.c.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-45769 ‼
📖 Read
via "National Vulnerability Database".
A NULL pointer dereference in AcseConnection_parseMessage at src/mms/iso_acse/acse.c of libiec61850 v1.5.0 can lead to a segmentation fault or application crash.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-45779 ‼
📖 Read
via "National Vulnerability Database".
A NULL pointer dereference in unsetcmd() at inetutils/telnet/commands.c of GNU Inetutils v2.2.16-cf091 can lead to a segmentation fault or application crash.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-23157 ‼
📖 Read
via "National Vulnerability Database".
WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execute code.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-39621 ‼
📖 Read
via "National Vulnerability Database".
In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-185126319📖 Read
via "National Vulnerability Database".
‼ CVE-2021-45068 ‼
📖 Read
via "National Vulnerability Database".
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-45763 ‼
📖 Read
via "National Vulnerability Database".
GPAC v1.1.0 was discovered to contain an invalid call in the function gf_node_changed(). This vulnerability can lead to a Denial of Service (DoS).📖 Read
via "National Vulnerability Database".