CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2021(Memory Corruption) (CVSS score >= 6)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2021-45704 362 Mem. Corr. 2021-12-27 2022-01-06
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in the metrics-util crate before 0.7.0 for Rust. There is a data race and memory corruption because AtomicBucket<T> unconditionally implements the Send and Sync traits.
2 CVE-2021-45687 502 Mem. Corr. 2021-12-27 2022-01-06
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in the raw-cpuid crate before 9.1.1 for Rust. If the serialize feature is used (which is not the the default), a Deserialize operation may lack sufficient validation, leading to memory corruption or a panic.
3 CVE-2021-44440 787 Exec Code Mem. Corr. 2021-12-14 2021-12-14
6.8
None Remote Medium Not required Partial Partial Partial
A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products is vulnerable to memory corruption condition while parsing specially crafted JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-14912)
4 CVE-2021-44179 787 Exec Code Mem. Corr. 2021-12-20 2021-12-22
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Dimension versions 3.4.3 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious GIF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
5 CVE-2021-43790 416 Mem. Corr. 2021-11-30 2021-12-01
6.8
None Remote Medium Not required Partial Partial Partial
Lucet is a native WebAssembly compiler and runtime. There is a bug in the main branch of `lucet-runtime` affecting all versions published to crates.io that allows a use-after-free in an Instance object that could result in memory corruption, data race, or other related issues. This bug was introduced early in the development of Lucet and is present in all releases. As a result of this bug, and dependent on the memory backing for the Instance objects, it is possible to trigger a use-after-free when the Instance is dropped. Users should upgrade to the main branch of the Lucet repository. Lucet no longer provides versioned releases on crates.io. There is no way to remediate this vulnerability without upgrading.
6 CVE-2021-43747 787 Exec Code Mem. Corr. 2021-12-20 2021-12-21
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious WAV file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
7 CVE-2021-43638 190 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-09
7.2
None Local Low Not required Complete Complete Complete
Amazon Amazon WorkSpaces agent is affected by Integer Overflow. IOCTL Handler 0x22001B in the Amazon WorkSpaces agent below v1.0.1.1537 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
8 CVE-2021-43637 120 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-09
7.2
None Local Low Not required Complete Complete Complete
Amazon WorkSpaces agent is affected by Buffer Overflow. IOCTL Handler 0x22001B in the Amazon WorkSpaces agent below v1.0.1.1537 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
9 CVE-2021-43535 416 Mem. Corr. 2021-12-08 2022-01-04
6.8
None Remote Medium Not required Partial Partial Partial
A use-after-free could have occured when an HTTP2 session object was released on a different thread, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 93, Thunderbird < 91.3, and Firefox ESR < 91.3.
10 CVE-2021-43534 787 Mem. Corr. 2021-12-08 2022-01-04
6.8
None Remote Medium Not required Partial Partial Partial
Mozilla developers and community members reported memory safety bugs present in Firefox 93 and Firefox ESR 91.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3.
11 CVE-2021-43215 94 Exec Code Mem. Corr. 2021-12-15 2021-12-29
6.8
None Remote Medium Not required Partial Partial Partial
iSNS Server Memory Corruption Vulnerability Can Lead to Remote Code Execution
12 CVE-2021-43057 416 Mem. Corr. 2021-10-28 2021-11-29
7.2
None Local Low Not required Complete Complete Complete
An issue was discovered in the Linux kernel before 5.14.8. A use-after-free in selinux_ptrace_traceme (aka the SELinux handler for PTRACE_TRACEME) could be used by local attackers to cause memory corruption and escalate privileges, aka CID-a3727a8bac0a. This occurs because of an attempt to access the subjective credentials of another task.
13 CVE-2021-43029 787 Exec Code Mem. Corr. 2021-12-20 2021-12-22
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious M4A file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
14 CVE-2021-43028 787 Exec Code Mem. Corr. 2021-12-20 2021-12-22
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious M4A file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
15 CVE-2021-43026 787 Exec Code Mem. Corr. 2021-12-20 2021-12-22
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious MXF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
16 CVE-2021-43025 787 Exec Code Mem. Corr. 2021-12-20 2021-12-22
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious SVG file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
17 CVE-2021-43024 787 Exec Code Mem. Corr. 2021-12-20 2021-12-22
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious WAV file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
18 CVE-2021-43023 787 Exec Code Mem. Corr. 2021-12-20 2021-12-22
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious EPS/TIFF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
19 CVE-2021-43022 787 Exec Code Mem. Corr. 2021-12-20 2021-12-22
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious PNG file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
20 CVE-2021-43021 787 Exec Code Mem. Corr. 2021-12-20 2021-12-22
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious EXR file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
21 CVE-2021-43015 788 Exec Code Mem. Corr. 2021-11-22 2021-11-24
9.3
None Remote Medium Not required Complete Complete Complete
Adobe InCopy version 16.4 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious GIF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.
22 CVE-2021-43013 788 Exec Code Mem. Corr. 2021-11-16 2021-11-17
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Media Encoder version 15.4.1 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
23 CVE-2021-43012 788 Exec Code Mem. Corr. 2021-11-16 2021-11-17
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Prelude version 10.1 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file.
24 CVE-2021-43011 788 Exec Code Mem. Corr. 2021-11-16 2021-11-17
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Prelude version 10.1 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file.
25 CVE-2021-43006 190 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-09
7.2
None Local Low Not required Complete Complete Complete
AmZetta Amzetta zPortal DVM Tools is affected by Integer Overflow. IOCTL Handler 0x22001B in the Amzetta zPortal DVM Tools <= v3.3.148.148 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
26 CVE-2021-43003 190 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-09
7.2
None Local Low Not required Complete Complete Complete
Amzetta zPortal Windows zClient is affected by Integer Overflow. IOCTL Handler 0x22001B in the Amzetta zPortal Windows zClient <= v3.2.8180.148 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
27 CVE-2021-43002 120 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-09
7.2
None Local Low Not required Complete Complete Complete
Amzetta zPortal DVM Tools is affected by Buffer Overflow. IOCTL Handler 0x22001B in the Amzetta zPortal DVM Tools <= v3.3.148.148 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
28 CVE-2021-43000 120 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-09
7.2
None Local Low Not required Complete Complete Complete
Amzetta zPortal Windows zClient is affected by Buffer Overflow. IOCTL Handler 0x22001B in the Amzetta zPortal Windows zClient <= v3.2.8180.148 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
29 CVE-2021-42996 190 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-09
7.2
None Local Low Not required Complete Complete Complete
Donglify is affected by Integer Overflow. IOCTL Handler 0x22001B in the Donglify above 1.0.12309 below 1.7.14110 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
30 CVE-2021-42994 120 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-08
7.2
None Local Low Not required Complete Complete Complete
Donglify is affected by Buffer Overflow. IOCTL Handler 0x22001B in the Donglify above 1.0.12309 below 1.7.14110 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
31 CVE-2021-42993 190 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-09
7.2
None Local Low Not required Complete Complete Complete
FlexiHub For Windows is affected by Integer Overflow. IOCTL Handler 0x22001B in the FlexiHub For Windows above 2.0.4340 below 5.3.14268 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
32 CVE-2021-42990 120 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-08
7.2
None Local Low Not required Complete Complete Complete
FlexiHub For Windows is affected by Buffer Overflow. IOCTL Handler 0x22001B in the FlexiHub For Windows above 2.0.4340 below 5.3.14268 allows local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
33 CVE-2021-42988 120 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-08
7.2
None Local Low Not required Complete Complete Complete
Eltima USB Network Gate is affected by Buffer Overflow. IOCTL Handler 0x22001B in the USB Network Gate above 7.0.1370 below 9.2.2420 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
34 CVE-2021-42987 190 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-08
7.2
None Local Low Not required Complete Complete Complete
Eltima USB Network Gate is affected by Integer Overflow. IOCTL Handler 0x22001B in the USB Network Gate above 7.0.1370 below 9.2.2420 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
35 CVE-2021-42986 190 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-08
7.2
None Local Low Not required Complete Complete Complete
NoMachine Enterprise Client is affected by Integer Overflow. IOCTL Handler 0x22001B in the NoMachine Enterprise Client above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
36 CVE-2021-42983 120 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-08
7.2
None Local Low Not required Complete Complete Complete
NoMachine Enterprise Client is affected by Buffer Overflow. IOCTL Handler 0x22001B in the NoMachine Enterprise Client above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
37 CVE-2021-42980 120 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-08
7.2
None Local Low Not required Complete Complete Complete
NoMachine Cloud Server is affected by Buffer Overflow. IOCTL Handler 0x22001B in the NoMachine Cloud Server above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
38 CVE-2021-42979 190 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-08
7.2
None Local Low Not required Complete Complete Complete
NoMachine Cloud Server is affected by Integer Overflow. IOCTL Handler 0x22001B in the NoMachine Cloud Server above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
39 CVE-2021-42977 190 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-08
7.2
None Local Low Not required Complete Complete Complete
NoMachine Enterprise Desktop is affected by Integer Overflow. IOCTL Handler 0x22001B in the NoMachine Enterprise Desktop above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
40 CVE-2021-42976 120 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-08
7.2
None Local Low Not required Complete Complete Complete
NoMachine Enterprise Desktop is affected by Buffer Overflow. IOCTL Handler 0x22001B in the NoMachine Enterprise Desktop above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
41 CVE-2021-42973 190 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-08
7.2
None Local Low Not required Complete Complete Complete
NoMachine Server is affected by Integer Overflow. IOCTL Handler 0x22001B in the NoMachine Server above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
42 CVE-2021-42972 120 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-08
7.2
None Local Low Not required Complete Complete Complete
NoMachine Server is affected by Buffer Overflow. IOCTL Handler 0x22001B in the NoMachine Server above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
43 CVE-2021-42738 788 Exec Code Mem. Corr. 2021-11-22 2021-11-24
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Prelude version 10.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious MXF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.
44 CVE-2021-42737 788 Exec Code Mem. Corr. 2021-11-22 2021-11-24
6.8
None Remote Medium Not required Partial Partial Partial
Adobe Prelude version 10.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious WAV file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.
45 CVE-2021-42726 788 Exec Code Mem. Corr. 2021-11-16 2021-11-17
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Media Encoder version 15.4 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file.
46 CVE-2021-42723 788 Exec Code Mem. Corr. 2021-11-16 2021-11-17
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Premiere Pro version 15.4 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file.
47 CVE-2021-42721 119 Exec Code Overflow Mem. Corr. 2021-11-16 2021-11-17
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Media Encoder version 15.4 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file.
48 CVE-2021-42688 190 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-09
7.2
None Local Low Not required Complete Complete Complete
An Integer Overflow vulnerability exists in Accops HyWorks Windows Client prior to v 3.2.8.200. The IOCTL Handler 0x22005B in the Accops HyWorks Windows Client prior to v 3.2.8.200 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
49 CVE-2021-42687 120 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-09
7.2
None Local Low Not required Complete Complete Complete
A Buffer Overflow vulnerability exists in Accops HyWorks Windows Client prior to v 3.2.8.200. The IOCTL Handler 0x22005B allows local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
50 CVE-2021-42686 190 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-09
7.2
None Local Low Not required Complete Complete Complete
An Integer Overflow exists in Accops HyWorks Windows Client prior to v 3.2.8.200. The IOCTL Handler 0x22001B in the Accops HyWorks Windows Client prior to v 3.2.8.200 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
Total number of vulnerabilities : 360   Page : 1 (This Page)2 3 4 5 6 7 8
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.