CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In September 2021(Memory Corruption)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2021-40715 788 Exec Code Mem. Corr. 2021-09-29 2021-10-04
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Premiere Pro version 15.4 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious .exr file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.
2 CVE-2021-40710 788 Exec Code Mem. Corr. 2021-09-29 2021-10-04
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Premiere Pro version 15.4 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious .svg file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.
3 CVE-2021-40703 788 Exec Code Mem. Corr. 2021-09-27 2021-10-04
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Premiere Elements version 2021.2235820 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious m4a file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
4 CVE-2021-40702 788 Exec Code Mem. Corr. 2021-09-27 2021-10-04
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Premiere Elements version 2021.2235820 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious psd file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
5 CVE-2021-40701 788 Exec Code Mem. Corr. 2021-09-27 2021-10-04
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Premiere Elements version 2021.2235820 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious m4a file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
6 CVE-2021-40700 788 Exec Code Mem. Corr. 2021-09-27 2021-10-04
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Premiere Elements version 2021.2235820 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious TIFF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
7 CVE-2021-39846 787 Overflow Mem. Corr. 2021-09-29 2021-10-06
5.8
None Remote Medium Not required None Partial Partial
Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a stack overflow vulnerability due to insecure handling of a crafted PDF file, potentially resulting in memory corruption in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted PDF file in Acrobat Reader.
8 CVE-2021-39845 787 Overflow Mem. Corr. 2021-09-29 2021-10-06
5.8
None Remote Medium Not required None Partial Partial
Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a stack overflow vulnerability due to insecure handling of a crafted PDF file, potentially resulting in memory corruption in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted PDF file in Acrobat Reader.
9 CVE-2021-39832 788 Exec Code Mem. Corr. 2021-09-29 2021-10-08
6.8
None Remote Medium Not required Partial Partial Partial
Adobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release Update 2 (and earlier) are affected by a memory corruption vulnerability due to insecure handling of a malicious PDF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
10 CVE-2021-39830 788 Exec Code Mem. Corr. 2021-09-29 2021-10-08
6.8
None Remote Medium Not required Partial Partial Partial
Adobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release Update 2 (and earlier) are affected by a memory corruption vulnerability due to insecure handling of a malicious PDF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
11 CVE-2021-39824 788 Exec Code Mem. Corr. 2021-09-27 2021-10-07
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Premiere Elements version 2021.2235820 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious png file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
12 CVE-2021-39819 788 Exec Code Mem. Corr. 2021-09-27 2021-10-01
6.8
None Remote Medium Not required Partial Partial Partial
Adobe InCopy version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious XML file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
13 CVE-2021-39818 788 Exec Code Mem. Corr. 2021-09-27 2021-10-01
6.8
None Remote Medium Not required Partial Partial Partial
Adobe InCopy version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious TIFF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
14 CVE-2021-39817 119 Exec Code Overflow Mem. Corr. 2021-09-01 2021-09-08
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious Bridge file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
15 CVE-2021-39816 119 Exec Code Overflow Mem. Corr. 2021-09-01 2021-09-08
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious Bridge file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
16 CVE-2021-36078 119 Exec Code Overflow Mem. Corr. 2021-09-01 2021-09-09
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious Bridge file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
17 CVE-2021-36077 119 DoS Overflow Mem. Corr. 2021-09-01 2021-09-09
4.3
None Remote Medium Not required None None Partial
Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious SVG file, potentially resulting in local application denial of service in the context of the current user. User interaction is required to exploit this vulnerability.
18 CVE-2021-36076 119 Exec Code Overflow Mem. Corr. 2021-09-01 2021-09-09
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious Bridge file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
19 CVE-2021-36069 119 Exec Code Overflow Mem. Corr. 2021-09-01 2021-09-09
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious Bridge file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
20 CVE-2021-36068 119 Exec Code Overflow Mem. Corr. 2021-09-01 2021-09-09
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious Bridge file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
21 CVE-2021-36067 119 Exec Code Overflow Mem. Corr. 2021-09-01 2021-09-09
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious Bridge file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
22 CVE-2021-36059 119 Exec Code Overflow Mem. Corr. 2021-09-01 2021-09-08
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious Bridge file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
23 CVE-2021-36052 788 Exec Code Mem. Corr. 2021-09-01 2021-10-27
6.8
None Remote Medium Not required Partial Partial Partial
XMP Toolkit version 2020.1 (and earlier) is affected by a memory corruption vulnerability, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
24 CVE-2021-36049 788 Exec Code Mem. Corr. 2021-09-01 2021-09-08
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious Bridge file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
25 CVE-2021-36046 788 Exec Code Mem. Corr. 2021-09-01 2021-10-27
9.3
None Remote Medium Not required Complete Complete Complete
XMP Toolkit version 2020.1 (and earlier) is affected by a memory corruption vulnerability, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
26 CVE-2021-36017 119 Exec Code Overflow Mem. Corr. 2021-09-02 2021-09-08
9.3
None Remote Medium Not required Complete Complete Complete
Adobe After Effects version 18.2.1 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
27 CVE-2021-35996 788 Exec Code Mem. Corr. 2021-09-02 2021-09-08
9.3
None Remote Medium Not required Complete Complete Complete
Adobe After Effects version 18.2.1 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
28 CVE-2021-30805 787 Exec Code Mem. Corr. 2021-09-08 2021-09-16
10.0
None Remote Low Not required Complete Complete Complete
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. An application may be able to execute arbitrary code with kernel privileges.
29 CVE-2021-30799 787 Exec Code Mem. Corr. 2021-09-08 2021-09-15
9.3
None Remote Medium Not required Complete Complete Complete
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. Processing maliciously crafted web content may lead to arbitrary code execution.
30 CVE-2021-30775 787 Exec Code Mem. Corr. 2021-09-08 2021-09-15
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Processing a maliciously crafted audio file may lead to arbitrary code execution.
31 CVE-2021-30761 787 Exec Code Mem. Corr. 2021-09-08 2021-09-14
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..
32 CVE-2021-30749 787 Exec Code Mem. Corr. 2021-09-08 2021-09-22
6.8
None Remote Medium Not required Partial Partial Partial
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to arbitrary code execution.
33 CVE-2021-30748 787 Exec Code Mem. Corr. 2021-09-08 2021-09-22
9.3
None Remote Medium Not required Complete Complete Complete
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 14.7, macOS Big Sur 11.5. An application may be able to execute arbitrary code with kernel privileges.
34 CVE-2021-30739 787 Mem. Corr. 2021-09-08 2021-09-22
4.6
None Local Low Not required Partial Partial Partial
A local attacker may be able to elevate their privileges. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. A memory corruption issue was addressed with improved validation.
35 CVE-2021-30737 787 Exec Code Mem. Corr. 2021-09-08 2021-09-22
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption issue in the ASN.1 decoder was addressed by removing the vulnerable code. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, iOS 12.5.4, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted certificate may lead to arbitrary code execution.
36 CVE-2021-30734 787 Exec Code Mem. Corr. 2021-09-08 2021-09-22
6.8
None Remote Medium Not required Partial Partial Partial
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to arbitrary code execution.
37 CVE-2021-30725 787 Exec Code Mem. Corr. 2021-09-08 2021-09-22
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution.
38 CVE-2021-30717 787 Exec Code Mem. Corr. 2021-09-08 2021-09-16
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. An attacker in a privileged network position may be able to execute arbitrary code.
39 CVE-2021-30710 787 DoS Mem. Corr. 2021-09-08 2021-09-16
5.8
None Remote Medium Not required Partial None Partial
A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. A malicious application may cause a denial of service or potentially disclose memory contents.
40 CVE-2021-30675 787 Mem. Corr. 2021-09-08 2021-09-16
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption issue was addressed with improved state management. This issue is fixed in Boot Camp 6.1.14. A malicious application may be able to elevate privileges.
41 CVE-2021-30672 787 +Priv Mem. Corr. 2021-09-08 2021-09-16
9.3
None Remote Medium Not required Complete Complete Complete
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. A malicious application may be able to gain root privileges.
42 CVE-2021-30665 119 Exec Code Overflow Mem. Corr. 2021-09-08 2021-09-16
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 7.4.1, iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..
43 CVE-2021-30354 190 Exec Code Overflow Mem. Corr. 2021-09-01 2021-09-10
9.3
None Remote Medium Not required Complete Complete Complete
Amazon Kindle e-reader prior to and including version 5.13.4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function CJBig2Image::expand() and results in a memory corruption that leads to code execution when parsing a crafted PDF book.
44 CVE-2021-28561 788 Exec Code Mem. Corr. 2021-09-02 2021-09-15
6.8
None Remote Medium Not required Partial Partial Partial
Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
45 CVE-2021-28136 787 Mem. Corr. 2021-09-07 2021-09-09
3.3
None Local Network Low Not required None None Partial
The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly handle the reception of multiple LMP IO Capability Request packets during the pairing process, allowing attackers in radio range to trigger memory corruption (and consequently a crash) in ESP32 via a replayed (duplicated) LMP packet.
46 CVE-2021-27046 787 Exec Code Mem. Corr. 2021-09-15 2021-09-28
4.4
None Local Medium Not required Partial Partial Partial
A Memory Corruption vulnerability for PDF files in Autodesk Navisworks 2019, 2020, 2021, 2022 may lead to code execution through maliciously crafted DLL files.
47 CVE-2021-26435 787 Mem. Corr. 2021-09-15 2021-09-24
6.8
None Remote Medium Not required Partial Partial Partial
Windows Scripting Engine Memory Corruption Vulnerability
48 CVE-2021-25462 476 Mem. Corr. 2021-09-09 2021-09-23
2.1
None Local Low Not required None None Partial
NULL pointer dereference vulnerability in NPU driver prior to SMR Sep-2021 Release 1 allows attackers to cause memory corruption.
49 CVE-2021-25458 476 Mem. Corr. 2021-09-09 2021-09-23
2.1
None Local Low Not required None None Partial
NULL pointer dereference vulnerability in ION driver prior to SMR Sep-2021 Release 1 allows attackers to cause memory corruption.
50 CVE-2021-21105 788 Exec Code Mem. Corr. 2021-09-08 2021-09-14
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Illustrator version 25.2 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve remote code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Total number of vulnerabilities : 65   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.