Vulnerabilites CVE
Base de donnees CVE enrichie avec CISA KEV et NVD
| CVE ID | CVSS | Severite | KEV | Observations |
|---|---|---|---|---|
| CVE-2021-34945 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target... | 7.8 | HIGH | — | 0 |
| CVE-2021-34946 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target... | 7.8 | HIGH | — | 0 |
| CVE-2021-46020 An untrusted pointer dereference in mrb_vm_exec() of mruby v3.0.0 can lead to a segmentation fault or application crash. | 7.5 | HIGH | — | 0 |
| CVE-2021-34977 This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7000 1.0.11.116_10.2.100 routers. Authentication is not required to exploit this vul... | 8.8 | HIGH | — | 0 |
| CVE-2021-34978 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 1.1.0.78_1.0.1 routers. Authentication is not required to exploit this vulnera... | 8.8 | HIGH | — | 0 |
| CVE-2021-34979 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 1.1.0.78_1.0.1 routers. Authentication is not required to exploit this vulnera... | 8.8 | HIGH | — | 0 |
| CVE-2021-34980 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 1.1.0.78_1.0.1 routers. Authentication is not required to exploit this vulnera... | 8.8 | HIGH | — | 0 |
| CVE-2021-46169 Modex v2.11 was discovered to contain an Use-After-Free vulnerability via the component tcache. | 5.5 | MEDIUM | — | 0 |
| CVE-2021-34984 This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley ContextCapture 10.18.0.232. User interaction is required to exploit this vulnerability... | 5.5 | MEDIUM | — | 0 |
| CVE-2021-34985 This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley ContextCapture 10.18.0.232. User interaction is required to exploit this vulnerability... | 5.5 | MEDIUM | — | 0 |
| CVE-2021-34993 This vulnerability allows remote attackers to bypass authentication on affected installations of Commvault CommCell 11.22.22. Authentication is not required to exploit this vulnerability. The specific... | 9.8 | CRITICAL | — | 0 |
| CVE-2021-34994 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. Although authentication is required to exploit this vulnerability, the ex... | 8.8 | HIGH | — | 0 |
| CVE-2021-34995 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. Although authentication is required to exploit this vulnerability, the ex... | 8.8 | HIGH | — | 0 |
| CVE-2021-34996 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. Although authentication is required to exploit this vulnerability, the ex... | 8.8 | HIGH | — | 0 |
| CVE-2021-34998 This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Free Antivirus 20.2.0.0. An attacker must first obtain the ability to execute low-privilege... | 7.8 | HIGH | — | 0 |
| CVE-2021-45760 GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function gf_list_last(). This vulnerability allows attackers to cause a Denial of Service (DoS). | 5.5 | MEDIUM | — | 0 |
| CVE-2021-38677 A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running QcalAgent. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already... | 5.3 | MEDIUM | — | 0 |
| CVE-2021-38678 An open redirect vulnerability has been reported to affect QNAP device running QcalAgent. If exploited, this vulnerability allows attackers to redirect users to an untrusted page that contains malware... | 6.1 | MEDIUM | — | 0 |
| CVE-2021-38682 A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We hav... | 8.1 | HIGH | — | 0 |
| CVE-2021-38689 A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We hav... | 8.1 | HIGH | — | 0 |
| CVE-2021-38690 A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We hav... | 8.1 | HIGH | — | 0 |
| CVE-2021-38691 A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We hav... | 8.1 | HIGH | — | 0 |
| CVE-2021-38692 A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We hav... | 8.1 | HIGH | — | 0 |
| CVE-2021-46255 eyouCMS V1.5.5-UTF8-SP3_1 suffers from Arbitrary file deletion due to insufficient filtering of the parameter filename. | 8.1 | HIGH | — | 0 |
| CVE-2022-20635 Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the i... | 6.1 | MEDIUM | — | 0 |
| CVE-2021-46242 HDF5 v1.13.1-1 was discovered to contain a heap-use-after free via the component H5AC_unpin_entry. | 8.8 | HIGH | — | 0 |
| CVE-2022-20637 Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the i... | 6.1 | MEDIUM | — | 0 |
| CVE-2022-20638 Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the i... | 6.1 | MEDIUM | — | 0 |
| CVE-2022-20639 Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the i... | 6.1 | MEDIUM | — | 0 |
| CVE-2022-20640 Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the i... | 6.1 | MEDIUM | — | 0 |
| CVE-2022-20641 Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the i... | 6.1 | MEDIUM | — | 0 |
| CVE-2022-20642 Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the i... | 6.1 | MEDIUM | — | 0 |
| CVE-2021-40736 Adobe Audition version 14.4 (and earlier) is affected by a memory corruption vulnerability, potentially resulting in arbitrary code execution in the context of the current user. User interaction is re... | N/A | NONE | — | 0 |
| CVE-2021-40737 Adobe Audition version 14.4 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability t... | 5.5 | MEDIUM | — | 0 |
| CVE-2021-40738 Adobe Audition version 14.4 (and earlier) is affected by a memory corruption vulnerability when parsing a WAV file, potentially resulting in arbitrary code execution in the context of the current user... | 7.8 | HIGH | — | 0 |
| CVE-2021-40739 Adobe Audition version 14.4 (and earlier) is affected by a memory corruption vulnerability when parsing a M4A file, potentially resulting in arbitrary code execution in the context of the current user... | 7.8 | HIGH | — | 0 |
| CVE-2021-40740 Adobe Audition version 14.4 (and earlier) is affected by a memory corruption vulnerability when parsing a M4A file, potentially resulting in arbitrary code execution in the context of the current user... | 7.8 | HIGH | — | 0 |
| CVE-2021-40741 Adobe Audition version 14.4 (and earlier) is affected by an Access of Memory Location After End of Buffer vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverag... | N/A | NONE | — | 0 |
| CVE-2021-40742 Adobe Audition version 14.4 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability t... | 5.5 | MEDIUM | — | 0 |
| CVE-2021-40750 Adobe Bridge version 11.1.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability t... | 5.5 | MEDIUM | — | 0 |
| CVE-2021-40762 Adobe Character Animator version 4.4 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulner... | 5.5 | MEDIUM | — | 0 |
| CVE-2021-40763 Adobe Character Animator version 4.4 (and earlier) is affected by a memory corruption vulnerability when parsing a WAF file, potentially resulting in arbitrary code execution in the context of the cur... | 7.8 | HIGH | — | 0 |
| CVE-2021-40764 Adobe Character Animator version 4.4 (and earlier) is affected by a memory corruption vulnerability when parsing a M4A file, potentially resulting in arbitrary code execution in the context of the cur... | 7.8 | HIGH | — | 0 |
| CVE-2021-40765 Adobe Character Animator version 4.4 (and earlier) is affected by a memory corruption vulnerability when parsing a M4A file, potentially resulting in arbitrary code execution in the context of the cur... | 7.8 | HIGH | — | 0 |
| CVE-2021-40766 Adobe Character Animator version 4.4 (and earlier versions) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulne... | 3.3 | LOW | — | 0 |
| CVE-2021-40767 Adobe Character Animator version 4.4 (and earlier) is affected by an Access of Memory Location After End of Buffer vulnerability when parsing a specially crafted file. An unauthenticated attacker coul... | N/A | NONE | — | 0 |
| CVE-2021-40768 Adobe Character Animator version 4.4 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulner... | 5.5 | MEDIUM | — | 0 |
| CVE-2021-40769 Adobe Character Animator version 4.4 (and earlier versions) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulne... | N/A | NONE | — | 0 |
| CVE-2021-40777 Adobe Media Encoder version 15.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the... | N/A | NONE | — | 0 |
| CVE-2021-40778 Adobe Media Encoder 15.4.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to... | 5.5 | MEDIUM | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.