CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In June 2021(Memory Corruption)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2021-34384 787 DoS Exec Code Overflow Mem. Corr. 2021-06-30 2021-07-06
4.6
None Local Low Not required Partial Partial Partial
Bootloader contains a vulnerability in NVIDIA MB2 where a potential heap overflow could cause memory corruption, which might lead to denial of service or code execution.
2 CVE-2021-34379 119 Overflow Mem. Corr. 2021-06-30 2021-07-06
4.6
None Local Low Not required Partial Partial Partial
Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 10 is missing. The length of an I/O buffer parameter is not checked, which might lead to memory corruption.
3 CVE-2021-34374 20 DoS Mem. Corr. 2021-06-30 2021-07-06
4.6
None Local Low Not required Partial Partial Partial
Trusty contains a vulnerability in command handlers where the length of input buffers is not verified. This vulnerability can cause memory corruption, which may lead to information disclosure, escalation of privileges, and denial of service.
4 CVE-2021-33004 119 Exec Code Overflow Mem. Corr. 2021-06-24 2021-07-01
6.8
None Remote Medium Not required Partial Partial Partial
The affected product is vulnerable to memory corruption condition due to lack of proper validation of user supplied files, which may allow an attacker to execute arbitrary code. User interaction is required on the WebAccess HMI Designer (versions 2.1.9.95 and prior).
5 CVE-2021-32944 416 Exec Code Mem. Corr. 2021-06-17 2021-09-21
6.8
None Remote Medium Not required Partial Partial Partial
A use-after-free issue exists in the DGN file-reading procedure in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. This can result in a memory corruption or arbitrary code execution, allowing attackers to cause a denial-of-service condition or execute code in the context of the current process.
6 CVE-2021-31959 Mem. Corr. 2021-06-08 2021-06-14
6.8
None Remote Medium Not required Partial Partial Partial
Scripting Engine Memory Corruption Vulnerability
7 CVE-2021-31837 787 Exec Code Overflow Mem. Corr. 2021-06-09 2021-06-16
6.1
None Local Low Not required Partial Partial Complete
Memory corruption vulnerability in the driver file component in McAfee GetSusp prior to 4.0.0 could allow a program being investigated on the local machine to trigger a buffer overflow in GetSusp, leading to the execution of arbitrary code, potentially triggering a BSOD.
8 CVE-2021-31495 119 Exec Code Overflow Mem. Corr. 2021-06-15 2021-06-21
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13307.
9 CVE-2021-31493 119 Exec Code Overflow Mem. Corr. 2021-06-15 2021-06-21
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13304.
10 CVE-2021-29967 119 Overflow Mem. Corr. 2021-06-24 2021-06-25
6.8
None Remote Medium Not required Partial Partial Partial
Mozilla developers reported memory safety bugs present in Firefox 88 and Firefox ESR 78.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 78.11, Firefox < 89, and Firefox ESR < 78.11.
11 CVE-2021-29966 119 Overflow Mem. Corr. 2021-06-24 2021-09-20
6.8
None Remote Medium Not required Partial Partial Partial
Mozilla developers reported memory safety bugs present in Firefox 88. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 89.
12 CVE-2021-29947 119 Overflow Mem. Corr. 2021-06-24 2021-06-25
6.8
None Remote Medium Not required Partial Partial Partial
Mozilla developers and community members reported memory safety bugs present in Firefox 87. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 88.
13 CVE-2021-27627 20 Mem. Corr. 2021-06-09 2021-11-04
4.3
None Remote Medium Not required None None Partial
SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method ChartInterpreter::DoIt() which will trigger an internal memory corruption error in the system causing the system to crash and rendering it unavailable. In this attack, no data in the system can be viewed or modified.
14 CVE-2021-27626 20 Mem. Corr. 2021-06-09 2021-11-04
4.3
None Remote Medium Not required None None Partial
SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method CMiniXMLParser::Parse() which will trigger an internal memory corruption error in the system causing the system to crash and rendering it unavailable. In this attack, no data in the system can be viewed or modified.
15 CVE-2021-27625 20 Mem. Corr. 2021-06-09 2021-11-04
4.3
None Remote Medium Not required None None Partial
SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method IgsData::freeMemory() which will trigger an internal memory corruption error in the system causing the system to crash and rendering it unavailable. In this attack, no data in the system can be viewed or modified.
16 CVE-2021-27624 20 Mem. Corr. 2021-06-09 2021-11-04
4.3
None Remote Medium Not required None None Partial
SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method CiXMLIStreamRawBuffer::readRaw () which will trigger an internal memory corruption error in the system causing the system to crash and rendering it unavailable. In this attack, no data in the system can be viewed or modified.
17 CVE-2021-27623 20 Mem. Corr. 2021-06-09 2021-06-14
4.3
None Remote Medium Not required None None Partial
SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method CXmlUtility::CheckLength() which will trigger an internal memory corruption error in the system causing the system to crash and rendering it unavailable. In this attack, no data in the system can be viewed or modified.
18 CVE-2021-27622 20 Mem. Corr. 2021-06-09 2021-11-04
4.3
None Remote Medium Not required None None Partial
SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method CDrawRaster::LoadImageFromMemory() which will trigger an internal memory corruption error in the system causing the system to crash and rendering it unavailable. In this attack, no data in the system can be viewed or modified.
19 CVE-2021-27620 20 Mem. Corr. 2021-06-09 2021-11-04
4.3
None Remote Medium Not required None None Partial
SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method Ups::AddPart() which will trigger an internal memory corruption error in the system causing the system to crash and rendering it unavailable. In this attack, no data in the system can be viewed or modified.
20 CVE-2021-23994 909 Mem. Corr. 2021-06-24 2021-07-02
6.8
None Remote Medium Not required Partial Partial Partial
A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.
21 CVE-2021-21871 787 Mem. Corr. 2021-06-29 2021-07-02
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption vulnerability exists in the DMG File Format Handler functionality of PowerISO 7.9. A specially crafted DMG file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability. The vendor fixed it in a bug-release of the current version.
22 CVE-2021-21824 787 Mem. Corr. 2021-06-11 2021-06-21
4.6
None Local Low Not required Partial Partial Partial
An out-of-bounds write vulnerability exists in the JPG Handle_JPEG420 functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability.
23 CVE-2021-21808 787 Overflow Mem. Corr. 2021-06-11 2021-06-21
4.6
None Local Low Not required Partial Partial Partial
A memory corruption vulnerability exists in the PNG png_palette_process functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to a heap buffer overflow. An attacker can provide malicious inputs to trigger this vulnerability.
24 CVE-2021-3569 119 Overflow Mem. Corr. 2021-06-03 2021-06-14
2.1
None Local Low Not required None None Partial
A stack corruption bug was found in libtpms in versions before 0.7.2 and before 0.8.0 while decrypting data using RSA. This flaw could result in a SIGBUS (bad memory access) and termination of swtpm. The highest threat from this vulnerability is to system availability.
25 CVE-2021-3564 416 Mem. Corr. 2021-06-08 2021-07-08
2.1
None Local Low Not required None None Partial
A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. This flaw affects all the Linux kernel versions starting from 3.13.
26 CVE-2021-0535 416 Mem. Corr. 2021-06-22 2021-06-23
4.6
None Local Low Not required Partial Partial Partial
In wpas_ctrl_msg_queue_timeout of ctrl_iface_unix.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-168314741
27 CVE-2021-0533 362 Mem. Corr. 2021-06-21 2021-06-25
4.4
None Local Medium Not required Partial Partial Partial
In memory management driver, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-185193932
28 CVE-2021-0532 362 Mem. Corr. 2021-06-21 2021-06-23
4.4
None Local Medium Not required Partial Partial Partial
In memory management driver, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-185196177
29 CVE-2021-0531 416 Mem. Corr. 2021-06-21 2021-06-23
4.6
None Local Low Not required Partial Partial Partial
In memory management driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-185195272
30 CVE-2021-0529 667 Mem. Corr. 2021-06-21 2021-06-23
4.6
None Local Low Not required Partial Partial Partial
In memory management driver, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-185195268
31 CVE-2021-0528 415 Mem. Corr. 2021-06-21 2021-06-23
4.6
None Local Low Not required Partial Partial Partial
In memory management driver, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-185195266
32 CVE-2021-0527 416 Mem. Corr. 2021-06-21 2021-06-23
4.6
None Local Low Not required Partial Partial Partial
In memory management driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-185193931
33 CVE-2021-0498 415 Mem. Corr. 2021-06-11 2021-06-15
7.2
None Local Low Not required Complete Complete Complete
In memory management driver, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-183461321
34 CVE-2021-0497 416 Mem. Corr. 2021-06-11 2021-06-15
7.2
None Local Low Not required Complete Complete Complete
In memory management driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-183461320
35 CVE-2021-0496 416 Mem. Corr. 2021-06-11 2021-06-15
7.2
None Local Low Not required Complete Complete Complete
In memory management driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-183467912
36 CVE-2021-0482 416 Exec Code Mem. Corr. 2021-06-11 2021-06-16
6.9
None Local Medium Not required Complete Complete Complete
In BinderDiedCallback of MediaCodec.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-173791720
37 CVE-2021-0475 416 Exec Code Mem. Corr. 2021-06-11 2021-06-14
8.3
None Local Network Low Not required Complete Complete Complete
In on_l2cap_data_ind of btif_sock_l2cap.cc, there is possible memory corruption due to a use after free. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-10Android ID: A-175686168
38 CVE-2020-22036 787 Overflow Mem. Corr. 2021-06-01 2021-11-05
6.8
None Remote Medium Not required Partial Partial Partial
A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_intra at libavfilter/vf_bwdif.c, which might lead to memory corruption and other potential consequences.
39 CVE-2020-22035 120 Overflow Mem. Corr. 2021-06-01 2021-11-05
6.8
None Remote Medium Not required Partial Partial Partial
A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in get_block_row at libavfilter/vf_bm3d.c, which might lead to memory corruption and other potential consequences.
40 CVE-2020-12981 20 DoS Mem. Corr. 2021-06-11 2021-12-30
7.2
None Local Low Not required Complete Complete Complete
An insufficient input validation in the AMD Graphics Driver for Windows 10 may allow unprivileged users to unload the driver, potentially causing memory corruptions in high privileged processes, which can lead to escalation of privileges or denial of service.
41 CVE-2020-11261 20 Mem. Corr. 2021-06-09 2021-06-16
7.2
None Local Low Not required Complete Complete Complete
Memory corruption due to improper check to return error when user application requests memory allocation of a huge size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
42 CVE-2020-11259 119 Overflow Mem. Corr. 2021-06-09 2021-06-16
7.2
None Local Low Not required Complete Complete Complete
Memory corruption due to lack of validation of pointer arguments passed to Trustzone BSP in Snapdragon Wired Infrastructure and Networking
43 CVE-2020-11258 119 Overflow Mem. Corr. 2021-06-09 2021-06-16
7.2
None Local Low Not required Complete Complete Complete
Memory corruption due to lack of validation of pointer arguments passed to Trustzone BSP in Snapdragon Wired Infrastructure and Networking
44 CVE-2020-11257 119 Overflow Mem. Corr. 2021-06-09 2021-06-16
7.2
None Local Low Not required Complete Complete Complete
Memory corruption due to lack of validation of pointer arguments passed to TrustZone BSP in Snapdragon Wired Infrastructure and Networking
45 CVE-2020-11256 119 Overflow Mem. Corr. 2021-06-09 2021-06-16
7.2
None Local Low Not required Complete Complete Complete
Memory corruption due to lack of check of validation of pointer to buffer passed to trustzone in Snapdragon Wired Infrastructure and Networking
46 CVE-2020-11240 131 Mem. Corr. 2021-06-09 2021-06-15
7.2
None Local Low Not required Complete Complete Complete
Memory corruption due to ioctl command size was incorrectly set to the size of a pointer and not enough storage is allocated for the copy of the user argument in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
47 CVE-2020-11176 295 Overflow Mem. Corr. 2021-06-09 2021-06-16
10.0
None Remote Low Not required Complete Complete Complete
While processing server certificate from IPSec server, certificate validation for subject alternative name API can cause heap overflow which can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile
48 CVE-2020-11165 120 Overflow Mem. Corr. 2021-06-09 2021-06-15
7.2
None Local Low Not required Complete Complete Complete
Memory corruption due to buffer overflow while copying the message provided by HLOS into buffer without validating the length of buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
49 CVE-2020-7870 20 Mem. Corr. 2021-06-29 2021-07-02
6.5
None Remote Low ??? Partial Partial Partial
A memory corruption vulnerability exists when ezPDF improperly handles the parameter. This vulnerability exists due to insufficient validation of the parameter.
Total number of vulnerabilities : 49   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.