Total
8568 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-31430 | 1 Parallels | 1 Parallels Desktop | 2024-11-21 | 6.0 Medium |
| This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.5-47309. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the IDE virtual device. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-13188. | ||||
| CVE-2021-31354 | 1 Juniper | 2 Junos, Junos Os Evolved | 2024-11-21 | 7.1 High |
| An Out Of Bounds (OOB) access vulnerability in the handling of responses by a Juniper Agile License (JAL) Client in Juniper Networks Junos OS and Junos OS Evolved, configured in Network Mode (to use Juniper Agile License Manager) may allow an attacker to cause a partial Denial of Service (DoS), or lead to remote code execution (RCE). The vulnerability exists in the packet parsing logic on the client that processes the response from the server using a custom protocol. An attacker with control of a JAL License Manager, or with access to the local broadcast domain, may be able to spoof a new JAL License Manager and/or craft a response to the Junos OS License Client, leading to exploitation of this vulnerability. This issue only affects Junos systems configured in Network Mode. Systems that are configured in Standalone Mode (the default mode of operation for all systems) are not vulnerable to this issue. This issue affects: Juniper Networks Junos OS: 19.2 versions prior to 19.2R3-S3; 19.3 versions prior to 19.3R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2. Juniper Networks Junos OS Evolved: version 20.1R1-EVO and later versions, prior to 21.2R2-EVO. This issue does not affect Juniper Networks Junos OS versions prior to 19.2R1. | ||||
| CVE-2021-31348 | 2 Debian, Ezxml Project | 2 Debian Linux, Ezxml | 2024-11-21 | 6.5 Medium |
| An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_parse_str() performs incorrect memory handling while parsing crafted XML files (out-of-bounds read after a certain strcspn failure). | ||||
| CVE-2021-31292 | 4 Debian, Exiv2, Fedoraproject and 1 more | 4 Debian Linux, Exiv2, Fedora and 1 more | 2024-11-21 | 7.5 High |
| An integer overflow in CrwMap::encode0x1810 of Exiv2 0.27.3 allows attackers to trigger a heap-based buffer overflow and cause a denial of service (DOS) via crafted metadata. | ||||
| CVE-2021-31174 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2024-11-21 | 5.5 Medium |
| Microsoft Excel Information Disclosure Vulnerability | ||||
| CVE-2021-31013 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-11-21 | 5.5 Medium |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.1, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2. Processing a maliciously crafted font may result in the disclosure of process memory. | ||||
| CVE-2021-31002 | 1 Apple | 1 Macos | 2024-11-21 | 7.8 High |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.6.2. A malicious application may be able to execute arbitrary code with system privileges. | ||||
| CVE-2021-30991 | 1 Apple | 2 Ipados, Iphone Os | 2024-11-21 | 7.8 High |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.2 and iPadOS 15.2. A malicious application may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2021-30973 | 1 Apple | 4 Ipados, Iphone Os, Mac Os X and 1 more | 2024-11-21 | 5.5 Medium |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Monterey 12.1, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2, Security Update 2021-008 Catalina. Processing a maliciously crafted file may disclose user information. | ||||
| CVE-2021-30958 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2024-11-21 | 7.8 High |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Playing a malicious audio file may lead to arbitrary code execution. | ||||
| CVE-2021-30953 | 4 Apple, Debian, Fedoraproject and 1 more | 10 Ipados, Iphone Os, Macos and 7 more | 2024-11-21 | 8.8 High |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2021-30939 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2024-11-21 | 7.8 High |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing a maliciously crafted image may lead to arbitrary code execution. | ||||
| CVE-2021-30911 | 1 Apple | 4 Ipados, Iphone Os, Mac Os X and 1 more | 2024-11-21 | 5.5 Medium |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, iOS 15.1 and iPadOS 15.1, macOS Big Sur 11.6.1. Processing a maliciously crafted USD file may disclose memory contents. | ||||
| CVE-2021-30910 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2024-11-21 | 5.5 Medium |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, tvOS 15.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted file may disclose user information. | ||||
| CVE-2021-30905 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2024-11-21 | 5.5 Medium |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina. Processing a maliciously crafted file may disclose user information. | ||||
| CVE-2021-30880 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 7.1 High |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory. | ||||
| CVE-2021-30879 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 7.1 High |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory. | ||||
| CVE-2021-30877 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 7.1 High |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory. | ||||
| CVE-2021-30876 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 7.1 High |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory. | ||||
| CVE-2021-30865 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 7.8 High |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.6, Security Update 2021-005 Catalina. A malicious application may be able to execute arbitrary code with kernel privileges. | ||||