Export limit exceeded: 363169 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 363169 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363169 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-27597 1 Sap 1 Netweaver Abap 2024-11-21 7.5 High
SAP NetWeaver AS for ABAP (RFC Gateway), versions - KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7.53,7.73,7.77,7.81,7.82,7.83, allows an unauthenticated attacker without specific knowledge of the system to send a specially crafted packet over a network which will trigger an internal error in the system due to improper input validation in method memmove() causing the system to crash and rendering it unavailable. In this attack, no data in the system can be viewed or modified.
CVE-2021-27596 1 Sap 1 3d Visual Enterprise Viewer 2024-11-21 3.3 Low
When a user opens manipulated Autodesk 3D Studio for MS-DOS (.3DS) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
CVE-2021-27595 1 Sap 1 3d Visual Enterprise Viewer 2024-11-21 3.3 Low
When a user opens manipulated Portable Document Format (.PDF) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
CVE-2021-27594 1 Sap 1 3d Visual Enterprise Viewer 2024-11-21 3.3 Low
When a user opens manipulated Windows Bitmap (.BMP) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
CVE-2021-27593 1 Sap 1 3d Visual Enterprise Viewer 2024-11-21 3.3 Low
When a user opens manipulated Graphics Interchange Format (.GIF) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
CVE-2021-27592 1 Sap 1 3d Visual Enterprise Viewer 2024-11-21 7.8 High
When a user opens manipulated Universal 3D (.U3D) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
CVE-2021-27591 1 Sap 1 3d Visual Enterprise Viewer 2024-11-21 7.8 High
When a user opens manipulated Portable Document Format (.PDF) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.
CVE-2021-27590 1 Sap 1 3d Visual Enterprise Viewer 2024-11-21 7.8 High
When a user opens manipulated Tag Image File Format (.TIFF) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.
CVE-2021-27589 1 Sap 1 3d Visual Enterprise Viewer 2024-11-21 7.8 High
When a user opens manipulated Scalable Vector Graphics (.SVG) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.
CVE-2021-27588 1 Sap 1 3d Visual Enterprise Viewer 2024-11-21 7.8 High
When a user opens manipulated HPGL format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.
CVE-2021-27587 1 Sap 1 3d Visual Enterprise Viewer 2024-11-21 7.8 High
When a user opens manipulated Jupiter Tessellation (.JT) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.
CVE-2021-27586 1 Sap 1 3d Visual Enterprise Viewer 2024-11-21 7.8 High
When a user opens manipulated Interchange File Format (.IFF) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.
CVE-2021-27585 1 Sap 1 3d Visual Enterprise Viewer 2024-11-21 7.8 High
When a user opens manipulated Computer Graphics Metafile (.CGM) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.
CVE-2021-27584 1 Sap 1 3d Visual Enterprise Viewer 2024-11-21 3.3 Low
When a user opens manipulated PhotoShop Document (.PSD) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.
CVE-2021-27583 1 Rangerstudio 1 Directus 2024-11-21 5.3 Medium
In Directus 8.x through 8.8.1, an attacker can discover whether a user is present in the database through the password reset feature. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
CVE-2021-27582 1 Mitreid 1 Connect 2024-11-21 9.1 Critical
org/mitre/oauth2/web/OAuthConfirmationController.java in the OpenID Connect server implementation for MITREid Connect through 1.3.3 contains a Mass Assignment (aka Autobinding) vulnerability. This arises due to unsafe usage of the @ModelAttribute annotation during the OAuth authorization flow, in which HTTP request parameters affect an authorizationRequest.
CVE-2021-27581 1 Kentico 1 Kentico Cms 2024-11-21 9.8 Critical
The Blog module in Kentico CMS 5.5 R2 build 5.5.3996 allows SQL injection via the tagname parameter.
CVE-2021-27579 1 Snowsoftware 1 Snow Inventory Agent 2024-11-21 7.8 High
Snow Inventory Agent through 6.7.0 on Windows uses CPUID to report on processor types and versions that may be deployed and in use across an IT environment. A privilege-escalation vulnerability exists if CPUID is enabled, and thus it should be disabled via configuration settings.
CVE-2021-27578 1 Apache 1 Zeppelin 2024-11-21 6.1 Medium
Cross Site Scripting vulnerability in markdown interpreter of Apache Zeppelin allows an attacker to inject malicious scripts. This issue affects Apache Zeppelin Apache Zeppelin versions prior to 0.9.0.
CVE-2021-27577 2 Apache, Debian 2 Traffic Server, Debian Linux 2024-11-21 7.5 High
Incorrect handling of url fragment vulnerability of Apache Traffic Server allows an attacker to poison the cache. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1.