CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2021-0491 In memory management driver, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges nee... | 7.8 | HIGH | β | 0 |
| CVE-2021-23230 A SQL Injection vulnerability in the OPCUA interface of Gallagher Command Centre allows a remote unprivileged Command Centre Operator to modify Command Centre databases undetected. This issue affects:... | 9.9 | CRITICAL | β | 0 |
| CVE-2021-28210 An unlimited recursion in DxeCore in EDK II. | 7.8 | HIGH | β | 0 |
| CVE-2021-28211 A heap overflow in LzmaUefiDecompressGetInfo function in EDK II. | 6.7 | MEDIUM | β | 0 |
| CVE-2021-28213 Example EDK2 encrypted private key in the IpSecDxe.efi present potential security risks. | 7.5 | HIGH | β | 0 |
| CVE-2019-9475 In /proc/net of the kernel filesystem, there is a possible information leak due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed.... | 5.5 | MEDIUM | β | 0 |
| CVE-2021-0466 In startIpClient of ClientModeImpl.java, there is a possible identifier which could be used to track a device. This could lead to remote information disclosure to a proximal attacker, with no addition... | 7.5 | HIGH | β | 0 |
| CVE-2021-0472 In shouldLockKeyguard of LockTaskController.java, there is a possible way to exit App Pinning without a PIN due to a permissions bypass. This could lead to local escalation of privilege with no additi... | 7.8 | HIGH | β | 0 |
| CVE-2021-0492 In memory management driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. Use... | 7.8 | HIGH | β | 0 |
| CVE-2021-0473 In rw_t3t_process_error of rw_t3t.cc, there is a possible double free due to uninitialized data. This could lead to remote code execution over NFC with no additional execution privileges needed. User ... | 8.8 | HIGH | β | 0 |
| CVE-2021-0474 In avrc_msg_cback of avrc_api.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User i... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-0475 In on_l2cap_data_ind of btif_sock_l2cap.cc, there is possible memory corruption due to a use after free. This could lead to remote code execution over Bluetooth with no additional execution privileges... | 8.8 | HIGH | β | 0 |
| CVE-2021-0476 In FindOrCreatePeer of btif_av.cc, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User int... | 7.0 | HIGH | β | 0 |
| CVE-2021-0477 In notifyScreenshotError of ScreenshotNotificationsController.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User exe... | 7.8 | HIGH | β | 0 |
| CVE-2021-0480 In createPendingIntent of SnoozeHelper.java, there is a possible broadcast intent containing a sensitive identifier. This could lead to local information disclosure with no additional execution privil... | 5.5 | MEDIUM | β | 0 |
| CVE-2021-0481 In onActivityResult of EditUserPhotoController.java, there is a possible access of unauthorized files due to an unexpected URI handler. This could lead to local escalation of privilege with no additio... | 7.8 | HIGH | β | 0 |
| CVE-2021-0482 In BinderDiedCallback of MediaCodec.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed.... | 7.0 | HIGH | β | 0 |
| CVE-2021-0484 In readVector of IMediaPlayer.cpp, there is a possible read of uninitialized heap data due to a missing bounds check. This could lead to local information disclosure with no additional execution privi... | 5.5 | MEDIUM | β | 0 |
| CVE-2021-0485 In getMinimalSize of PipBoundsAlgorithm.java, there is a possible bypass of restrictions on background processes due to a permissions bypass. This could lead to local escalation of privilege with no a... | 7.8 | HIGH | β | 0 |
| CVE-2021-0487 In onCreate of CalendarDebugActivity.java, there is a possible way to export calendar data to the sdcard without user consent due to a tapjacking/overlay attack. This could lead to local escalation of... | 7.8 | HIGH | β | 0 |
| CVE-2021-0489 In memory management driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. Use... | 7.8 | HIGH | β | 0 |
| CVE-2021-0490 In memory management driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. Use... | 7.8 | HIGH | β | 0 |
| CVE-2021-0493 In memory management driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. Use... | 7.8 | HIGH | β | 0 |
| CVE-2021-0494 In memory management driver, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User i... | 7.8 | HIGH | β | 0 |
| CVE-2021-0495 In memory management driver, there is a possible out of bounds write due to uninitialized data. This could lead to local escalation of privilege with no additional execution privileges needed. User in... | 7.8 | HIGH | β | 0 |
| CVE-2021-0496 In memory management driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User intera... | 7.8 | HIGH | β | 0 |
| CVE-2021-0497 In memory management driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User intera... | 7.8 | HIGH | β | 0 |
| CVE-2021-0498 In memory management driver, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interacti... | 7.8 | HIGH | β | 0 |
| CVE-2021-21795 A heap-based buffer overflow vulnerability exists in the PSD read_icc_icCurve_data functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to an integer overflow that, in... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-21808 A memory corruption vulnerability exists in the PNG png_palette_process functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to a heap buffer overflow. An attacker can... | 8.8 | HIGH | β | 0 |
| CVE-2021-21824 An out-of-bounds write vulnerability exists in the JPG Handle_JPEG420 functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to memory corruption. An attacker can provid... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-21833 An improper array index validation vulnerability exists in the TIF IP_planar_raster_unpack functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to an out-of-bounds wri... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-27408 The affected product is vulnerable to an out-of-bounds read, which can cause information leakage leading to arbitrary code execution if chained to the out-of-bounds write vulnerability on the Welch Al... | 7.5 | HIGH | β | 0 |
| CVE-2021-27410 The affected product is vulnerable to an out-of-bounds write, which may result in corruption of data or code execution on the Welch Allyn medical device management tools (Welch Allyn Service Tool: ver... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-32930 The affected productβs configuration is vulnerable due to missing authentication, which may allow an attacker to change configurations and execute arbitrary code on the iView (versions prior to v5.7.0... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-32932 The affected product is vulnerable to a SQL injection, which may allow an unauthorized attacker to disclose information on the iView (versions prior to v5.7.03.6182). | 7.5 | HIGH | β | 0 |
| CVE-2020-7860 UnEGG v0.5 and eariler versions have a Integer overflow vulnerability, triggered when the user opens a malformed specific file that is mishandled by UnEGG. Attackers could exploit this and arbitrary c... | 7.8 | HIGH | β | 0 |
| CVE-2021-24357 In the Best Image Gallery & Responsive Photo Gallery β FooGallery WordPress plugin before 2.0.35, the Custom CSS field of each gallery is not properly sanitised or validated before being being output ... | 5.4 | MEDIUM | β | 0 |
| CVE-2021-27200 In WoWonder 3.0.4, remote attackers can take over any account due to the weak cryptographic algorithm in recover.php. The code parameter is easily predicted from the time of day. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-3256 KuaiFanCMS V5.x contains an arbitrary file read vulnerability in the html_url parameter of the chakanhtml.module.php file. | 6.5 | MEDIUM | β | 0 |
| CVE-2021-21382 Restund is an open source NAT traversal server. The restund TURN server can be instructed to open a relay to the loopback address range. This allows you to reach any other service running on localhost... | 8.6 | HIGH | β | 0 |
| CVE-2021-34679 Thycotic Password Reset Server before 5.3.0 allows credential disclosure. | 10.0 | CRITICAL | β | 0 |
| CVE-2020-12980 An out of bounds write and read vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service. | 7.8 | HIGH | β | 0 |
| CVE-2020-12981 An insufficient input validation in the AMD Graphics Driver for Windows 10 may allow unprivileged users to unload the driver, potentially causing memory corruptions in high privileged processes, which... | 7.8 | HIGH | β | 0 |
| CVE-2020-12982 An invalid object pointer free vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service. | 7.8 | HIGH | β | 0 |
| CVE-2020-12983 An out of bounds write vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privileges or denial of service. | 7.8 | HIGH | β | 0 |
| CVE-2020-12985 An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service. | 7.8 | HIGH | β | 0 |
| CVE-2020-12986 An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows 10 may cause arbitrary code execution in the kernel, leading to escalation of privilege or denial of service. | 7.8 | HIGH | β | 0 |
| CVE-2020-12987 A heap information leak/kernel pool address disclosure vulnerability in the AMD Graphics Driver for Windows 10 may lead to KASLR bypass. | 5.5 | MEDIUM | β | 0 |
| CVE-2020-12988 A potential denial of service (DoS) vulnerability exists in the integrated chipset that may allow a malicious attacker to hang the system when it is rebooted. | 7.5 | HIGH | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.