CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In April 2021(Memory Corruption)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2021-28452 119 Overflow Mem. Corr. 2021-04-13 2021-04-19
6.8
None Remote Medium Not required Partial Partial Partial
Microsoft Outlook Memory Corruption Vulnerability
2 CVE-2021-27028 787 Exec Code Mem. Corr. 2021-04-19 2021-09-16
6.8
None Remote Medium Not required Partial Partial Partial
A Memory Corruption Vulnerability in Autodesk FBX Review version 1.5.0 and prior may lead to remote code execution through maliciously crafted DLL files.
3 CVE-2021-22678 20 Exec Code Mem. Corr. 2021-04-23 2021-04-30
6.8
None Remote Medium Not required Partial Partial Partial
Cscape (All versions prior to 9.90 SP4) lacks proper validation of user-supplied data when parsing project files. This could lead to memory corruption. An attacker could leverage this vulnerability to execute code in the context of the current process.
4 CVE-2021-21784 787 Mem. Corr. 2021-04-13 2021-04-22
6.8
None Remote Medium Not required Partial Partial Partial
An out-of-bounds write vulnerability exists in the JPG format SOF marker processing of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability.
5 CVE-2021-21225 119 Overflow Mem. Corr. 2021-04-26 2021-06-01
6.8
None Remote Medium Not required Partial Partial Partial
Out of bounds memory access in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
6 CVE-2021-21093 788 Exec Code Mem. Corr. 2021-04-15 2021-04-20
6.8
None Remote Medium Not required Partial Partial Partial
Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
7 CVE-2021-21092 788 Exec Code Mem. Corr. 2021-04-15 2021-04-20
6.8
None Remote Medium Not required Partial Partial Partial
Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
8 CVE-2021-1892 20 Mem. Corr. 2021-04-07 2021-04-12
7.2
None Local Low Not required Complete Complete Complete
Memory corruption due to improper input validation while processing IO control which is nonstandard in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Wired Infrastructure and Networking
9 CVE-2021-1844 119 Exec Code Overflow Mem. Corr. 2021-04-02 2021-05-31
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3. Processing maliciously crafted web content may lead to arbitrary code execution.
10 CVE-2021-1760 119 Exec Code Overflow Mem. Corr. 2021-04-02 2021-04-09
4.3
None Remote Medium Not required Partial None None
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A malicious application could execute arbitrary code leading to compromise of user information.
11 CVE-2021-0429 416 Mem. Corr. 2021-04-13 2021-04-16
4.6
None Local Low Not required Partial Partial Partial
In pollOnce of ALooper.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-175074139
12 CVE-2020-29624 119 Exec Code Overflow Mem. Corr. 2021-04-02 2021-04-07
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption issue existed in the processing of font files. This issue was addressed with improved input validation. This issue is fixed in watchOS 7.2, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. Processing a maliciously crafted font file may lead to arbitrary code execution.
13 CVE-2020-29616 119 Exec Code Overflow Mem. Corr. 2021-04-02 2021-04-07
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution.
14 CVE-2020-27947 119 Exec Code Overflow Mem. Corr. 2021-04-02 2021-04-08
9.3
None Remote Medium Not required Complete Complete Complete
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. An application may be able to execute arbitrary code with kernel privileges.
15 CVE-2020-27944 119 Exec Code Overflow Mem. Corr. 2021-04-02 2021-04-07
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption issue existed in the processing of font files. This issue was addressed with improved input validation. This issue is fixed in watchOS 7.2, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. Processing a maliciously crafted font file may lead to arbitrary code execution.
16 CVE-2020-27943 119 Exec Code Overflow Mem. Corr. 2021-04-02 2021-04-07
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption issue existed in the processing of font files. This issue was addressed with improved input validation. This issue is fixed in tvOS 14.3, iOS 14.3 and iPadOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.2. Processing a maliciously crafted font file may lead to arbitrary code execution.
17 CVE-2020-27933 119 Exec Code Overflow Mem. Corr. 2021-04-02 2021-04-09
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, iCloud for Windows 7.20, watchOS 6.2.8, tvOS 13.4.8, macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra. Processing a maliciously crafted image may lead to arbitrary code execution.
18 CVE-2020-27931 119 Exec Code Overflow Mem. Corr. 2021-04-02 2021-04-06
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption issue existed in the processing of font files. This issue was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1, watchOS 7.0, tvOS 14.0. Processing a maliciously crafted font file may lead to arbitrary code execution.
19 CVE-2020-27915 119 Exec Code Overflow Mem. Corr. 2021-04-02 2021-04-07
9.3
None Remote Medium Not required Complete Complete Complete
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1. A malicious application may be able to execute arbitrary code with system privileges.
20 CVE-2020-27914 119 Exec Code Overflow Mem. Corr. 2021-04-02 2021-04-07
9.3
None Remote Medium Not required Complete Complete Complete
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1. A malicious application may be able to execute arbitrary code with system privileges.
21 CVE-2020-27907 119 Exec Code Overflow Mem. Corr. 2021-04-02 2021-04-07
9.3
None Remote Medium Not required Complete Complete Complete
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1. An application may be able to execute arbitrary code with kernel privileges.
22 CVE-2020-11236 20 DoS Mem. Corr. 2021-04-07 2021-04-12
7.8
None Remote Low Not required None None Complete
Memory corruption due to invalid value of total dimension in the non-histogram type KPI could lead to a denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile
23 CVE-2020-11210 20 Mem. Corr. 2021-04-07 2021-04-12
7.2
None Local Low Not required Complete Complete Complete
Possible memory corruption in RPM region due to improper XPU configuration in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
24 CVE-2020-9967 119 Overflow Mem. Corr. 2021-04-02 2021-07-14
9.3
None Remote Medium Not required Complete Complete Complete
Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, tvOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.0, iOS 14.0 and iPadOS 14.0. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory.
Total number of vulnerabilities : 24   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.