Export limit exceeded: 366692 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (366692 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-38102 | 1 Corel | 1 Presentations 2020 | 2024-11-21 | 5.5 Medium |
| IPPP82.FLT in Corel Presentations 2020 20.0.0.200 is affected by an Out-of-bounds Read vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to access unauthorized system memory in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious PPT file. This is different from CVE-2021-38105. | ||||
| CVE-2021-38101 | 1 Corel | 1 Photopaint 2020 | 2024-11-21 | 7.8 High |
| CDRRip.dll in Corel PhotoPaint Standard 2020 22.0.0.474 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious CPT file. This is different from CVE-2021-38099. | ||||
| CVE-2021-38100 | 1 Corel | 1 Photopaint 2020 | 2024-11-21 | 7.8 High |
| Corel PhotoPaint Standard 2020 22.0.0.474 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious CPT file. | ||||
| CVE-2021-38099 | 1 Corel | 1 Photopaint 2020 | 2024-11-21 | 7.8 High |
| CDRRip.dll in Corel PhotoPaint Standard 2020 22.0.0.474 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious CPT file. This is different from CVE-2021-38101. | ||||
| CVE-2021-38098 | 1 Corel | 1 Pdf Fusion | 2024-11-21 | 7.8 High |
| Corel PDF Fusion 2.6.2.0 is affected by a Heap Corruption vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious PDF file. | ||||
| CVE-2021-38097 | 1 Corel | 1 Pdf Fusion | 2024-11-21 | 7.8 High |
| Corel PDF Fusion 2.6.2.0 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious PDF file. | ||||
| CVE-2021-38096 | 1 Corel | 1 Pdf Fusion | 2024-11-21 | 7.8 High |
| Coreip.dll in Corel PDF Fusion 2.6.2.0 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious PDF file. | ||||
| CVE-2021-38095 | 1 Planview | 1 Spigit | 2024-11-21 | 7.5 High |
| The REST API in Planview Spigit 4.5.3 allows remote unauthenticated attackers to query sensitive user accounts data, as demonstrated by an api/v1/users/1 request. | ||||
| CVE-2021-38094 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 8.8 High |
| Integer Overflow vulnerability in function filter_sobel in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts. | ||||
| CVE-2021-38093 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 8.8 High |
| Integer Overflow vulnerability in function filter_robert in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts. | ||||
| CVE-2021-38092 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 8.8 High |
| Integer Overflow vulnerability in function filter_prewitt in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts. | ||||
| CVE-2021-38091 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 8.8 High |
| Integer Overflow vulnerability in function filter16_sobel in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts. | ||||
| CVE-2021-38090 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 8.8 High |
| Integer Overflow vulnerability in function filter16_roberts in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts. | ||||
| CVE-2021-38088 | 2 Acronis, Microsoft | 2 Cyber Protect, Windows | 2024-11-21 | 7.8 High |
| Acronis Cyber Protect 15 for Windows prior to build 27009 allowed local privilege escalation via binary hijacking. | ||||
| CVE-2021-38087 | 1 Acronis | 1 Cyber Protect | 2024-11-21 | 6.1 Medium |
| Reflected cross-site scripting (XSS) was possible on the login page in Acronis Cyber Protect 15 prior to build 27009. | ||||
| CVE-2021-38086 | 2 Acronis, Microsoft | 2 Cyber Protect, Windows | 2024-11-21 | 7.8 High |
| Acronis Cyber Protect 15 for Windows prior to build 27009 and Acronis Agent for Windows prior to build 26226 allowed local privilege escalation via DLL hijacking. | ||||
| CVE-2021-38085 | 1 Canon | 2 Pixma Tr150, Pixma Tr150 Firmware | 2024-11-21 | 7.8 High |
| The Canon TR150 print driver through 3.71.2.10 is vulnerable to a privilege escalation issue. During the add printer process, a local attacker can overwrite CNMurGE.dll and, if timed properly, the overwritten DLL will be loaded into a SYSTEM process resulting in escalation of privileges. This occurs because the driver drops a world-writable DLL into a CanonBJ %PROGRAMDATA% location that gets loaded by printisolationhost (a system process). | ||||
| CVE-2021-38084 | 1 Courier-mta | 1 Courier Mail Server | 2024-11-21 | 8.1 High |
| An issue was discovered in the POP3 component of Courier Mail Server before 1.1.5. Meddler-in-the-middle attackers can pipeline commands after the POP3 STLS command, injecting plaintext commands into an encrypted user session. | ||||
| CVE-2021-38022 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2024-11-21 | 6.5 Medium |
| Inappropriate implementation in WebAuthentication in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | ||||
| CVE-2021-38021 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2024-11-21 | 6.5 Medium |
| Inappropriate implementation in referrer in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | ||||