CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2021(Memory Corruption)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
301 CVE-2021-21059 788 Exec Code Mem. Corr. 2021-02-11 2021-09-08
9.3
None Remote Medium Not required Complete Complete Complete
Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
302 CVE-2021-21058 788 Exec Code Mem. Corr. 2021-02-11 2021-09-08
9.3
None Remote Medium Not required Complete Complete Complete
Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
303 CVE-2021-21048 788 Exec Code Mem. Corr. 2021-02-11 2021-09-08
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) are affected by a Memory Corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file
304 CVE-2021-21046 788 Mem. Corr. 2021-02-11 2021-09-08
4.3
None Remote Medium Not required None None Partial
Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to cause an application denial-of-service. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
305 CVE-2021-20987 787 DoS Mem. Corr. 2021-02-16 2021-05-13
9.0
None Remote Low Not required Partial Partial Complete
A denial of service and memory corruption vulnerability was found in Hilscher EtherNet/IP Core V2 prior to V2.13.0.21that may lead to code injection through network or make devices crash without recovery.
306 CVE-2021-20232 416 Mem. Corr. 2021-03-12 2021-05-17
7.5
None Remote Low Not required Partial Partial Partial
A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences.
307 CVE-2021-20231 416 Mem. Corr. 2021-03-12 2021-06-01
7.5
None Remote Low Not required Partial Partial Partial
A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead to memory corruption and other consequences.
308 CVE-2021-20204 416 Exec Code Mem. Corr. 2021-05-06 2021-11-29
7.5
None Remote Low Not required Partial Partial Partial
A heap memory corruption problem (use after free) can be triggered in libgetdata v0.10.0 when processing maliciously crafted dirfile databases. This degrades the confidentiality, integrity and availability of third-party software that uses libgetdata as a library. This vulnerability may lead to arbitrary code execution or privilege escalation depending on input/skills of attacker.
309 CVE-2021-3569 119 Overflow Mem. Corr. 2021-06-03 2021-06-14
2.1
None Local Low Not required None None Partial
A stack corruption bug was found in libtpms in versions before 0.7.2 and before 0.8.0 while decrypting data using RSA. This flaw could result in a SIGBUS (bad memory access) and termination of swtpm. The highest threat from this vulnerability is to system availability.
310 CVE-2021-3564 416 Mem. Corr. 2021-06-08 2021-07-08
2.1
None Local Low Not required None None Partial
A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. This flaw affects all the Linux kernel versions starting from 3.13.
311 CVE-2021-3561 119 Overflow Mem. Corr. 2021-05-26 2021-10-04
5.8
None Remote Medium Not required None Partial Partial
An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could allow an attacker to provide a crafted malicious input causing the application to either crash or in some cases cause memory corruption. The highest threat from this vulnerability is to integrity as well as system availability.
312 CVE-2021-3549 119 Overflow Mem. Corr. 2021-05-26 2021-06-04
5.8
None Remote Medium Not required None Partial Partial
An out of bounds flaw was found in GNU binutils objdump utility version 2.36. An attacker could use this flaw and pass a large section to avr_elf32_load_records_from_section() probably resulting in a crash or in some cases memory corruption. The highest threat from this vulnerability is to integrity as well as system availability.
313 CVE-2021-3407 415 Mem. Corr. 2021-02-23 2021-12-15
4.3
None Remote Medium Not required None None Partial
A flaw was found in mupdf 1.18.0. Double free of object during linearization may lead to memory corruption and other potential consequences.
314 CVE-2021-3375 787 DoS Exec Code Mem. Corr. 2021-02-15 2021-02-23
7.5
None Remote Low Not required Partial Partial Partial
ActivePresenter 6.1.6 is affected by a memory corruption vulnerability that may result in a denial of service (DoS) or arbitrary code execution.
315 CVE-2021-3185 120 Exec Code Mem. Corr. 2021-01-26 2021-02-03
7.5
None Remote Low Not required Partial Partial Partial
A flaw was found in the gstreamer h264 component of gst-plugins-bad before v1.18.1 where when parsing a h264 header, an attacker could cause the stack to be smashed, memory corruption and possibly code execution.
316 CVE-2021-3064 787 Exec Code Mem. Corr. 2021-11-10 2021-11-15
10.0
None Remote Low Not required Complete Complete Complete
A memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to disrupt system processes and potentially execute arbitrary code with root privileges. The attacker must have network access to the GlobalProtect interface to exploit this issue. This issue impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.17. Prisma Access customers are not impacted by this issue.
317 CVE-2021-3056 787 Exec Code Mem. Corr. 2021-11-10 2021-11-15
8.5
None Remote Medium ??? Complete Complete Complete
A memory corruption vulnerability in Palo Alto Networks PAN-OS GlobalProtect Clientless VPN enables an authenticated attacker to execute arbitrary code with root user privileges during SAML authentication. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.9; PAN-OS 10.0 versions earlier than PAN-OS 10.0.1. Prisma Access customers with Prisma Access 2.1 Preferred firewalls are impacted by this issue.
318 CVE-2021-1959 787 Mem. Corr. 2021-10-20 2021-10-26
7.2
None Local Low Not required Complete Complete Complete
Possible memory corruption due to lack of bound check of input index in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
319 CVE-2021-1934 415 Mem. Corr. 2021-09-09 2021-09-21
7.2
None Local Low Not required Complete Complete Complete
Possible memory corruption due to improper check when application loader object is explicitly destructed while application is unloading in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT
320 CVE-2021-1921 367 Mem. Corr. 2021-11-12 2021-11-15
6.9
None Local Medium Not required Complete Complete Complete
Possible memory corruption due to Improper handling of hypervisor unmap operations for concurrent memory operations in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
321 CVE-2021-1892 20 Mem. Corr. 2021-04-07 2021-04-12
7.2
None Local Low Not required Complete Complete Complete
Memory corruption due to improper input validation while processing IO control which is nonstandard in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Wired Infrastructure and Networking
322 CVE-2021-1890 119 Overflow Mem. Corr. 2021-07-13 2021-07-15
7.2
None Local Low Not required Complete Complete Complete
Improper length check of public exponent in RSA import key function could cause memory corruption. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables
323 CVE-2021-1888 415 Mem. Corr. 2021-07-13 2021-07-15
7.2
None Local Low Not required Complete Complete Complete
Memory corruption in key parsing and import function due to double freeing the same heap allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables
324 CVE-2021-1886 787 Mem. Corr. 2021-07-13 2021-07-15
7.2
None Local Low Not required Complete Complete Complete
Incorrect handling of pointers in trusted application key import mechanism could cause memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables
325 CVE-2021-1882 787 +Priv Mem. Corr. 2021-09-08 2021-09-20
7.5
None Remote Low Not required Partial Partial Partial
A memory corruption issue was addressed with improved validation. This issue is fixed in Security Update 2021-002 Catalina, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. An application may be able to gain elevated privileges.
326 CVE-2021-1875 415 Mem. Corr. 2021-09-08 2021-09-16
6.8
None Remote Medium Not required Partial Partial Partial
A double free issue was addressed with improved memory management. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing a maliciously crafted file may lead to heap corruption.
327 CVE-2021-1847 787 Exec Code Mem. Corr. 2021-09-08 2021-09-16
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution.
328 CVE-2021-1844 119 Exec Code Overflow Mem. Corr. 2021-04-02 2021-05-31
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3. Processing maliciously crafted web content may lead to arbitrary code execution.
329 CVE-2021-1840 20 Mem. Corr. 2021-09-08 2021-09-15
4.6
None Local Low Not required Partial Partial Partial
A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. A local attacker may be able to elevate their privileges.
330 CVE-2021-1828 787 Mem. Corr. 2021-09-08 2021-09-16
8.8
None Remote Medium Not required None Complete Complete
A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. An application may be able to cause unexpected system termination or write kernel memory.
331 CVE-2021-1817 787 Exec Code Mem. Corr. 2021-09-08 2021-09-16
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to arbitrary code execution.
332 CVE-2021-1809 125 Mem. Corr. 2021-09-08 2021-09-16
5.0
None Remote Low Not required Partial None None
A memory corruption issue was addressed with improved validation. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. A malicious application may be able to read restricted memory.
333 CVE-2021-1808 125 Mem. Corr. 2021-09-08 2021-09-16
5.0
None Remote Low Not required Partial None None
A memory corruption issue was addressed with improved validation. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. An application may be able to read restricted memory.
334 CVE-2021-1760 119 Exec Code Overflow Mem. Corr. 2021-04-02 2021-04-09
4.3
None Remote Medium Not required Partial None None
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A malicious application could execute arbitrary code leading to compromise of user information.
335 CVE-2021-1705 Mem. Corr. 2021-01-12 2021-01-20
7.6
None Remote High Not required Complete Complete Complete
Microsoft Edge (HTML-based) Memory Corruption Vulnerability
336 CVE-2021-1619 824 DoS Mem. Corr. Bypass 2021-09-23 2021-10-07
6.4
None Remote Low Not required None Partial Partial
A vulnerability in the authentication, authorization, and accounting (AAA) function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass NETCONF or RESTCONF authentication and do either of the following: Install, manipulate, or delete the configuration of an affected device Cause memory corruption that results in a denial of service (DoS) on an affected device This vulnerability is due to an uninitialized variable. An attacker could exploit this vulnerability by sending a series of NETCONF or RESTCONF requests to an affected device. A successful exploit could allow the attacker to use NETCONF or RESTCONF to install, manipulate, or delete the configuration of a network device or to corrupt memory on the device, resulting a DoS.
337 CVE-2021-1041 125 Mem. Corr. 2021-12-15 2021-12-20
2.1
None Local Low Not required Partial None None
In (TBD) of (TBD), there is a possible out of bounds read due to memory corruption. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-182950799References: N/A
338 CVE-2021-0955 362 Mem. Corr. 2021-12-15 2021-12-20
6.9
None Local Medium Not required Complete Complete Complete
In pf_write_buf of FuseDaemon.cpp, there is possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-192085766
339 CVE-2021-0936 416 Mem. Corr. 2021-10-25 2021-10-26
4.6
None Local Low Not required Partial Partial Partial
In acc_read of f_accessory.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-173789633References: Upstream kernel
340 CVE-2021-0901 190 Mem. Corr. 2021-12-17 2021-12-22
4.6
None Local Low Not required Partial Partial Partial
In apusys, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05664618.
341 CVE-2021-0899 416 Mem. Corr. 2021-12-17 2021-12-22
4.6
None Local Low Not required Partial Partial Partial
In apusys, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05672059.
342 CVE-2021-0898 416 Mem. Corr. 2021-12-17 2021-12-22
4.6
None Local Low Not required Partial Partial Partial
In apusys, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05672071.
343 CVE-2021-0893 416 Mem. Corr. 2021-12-17 2021-12-22
4.6
None Local Low Not required Partial Partial Partial
In apusys, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05687474.
344 CVE-2021-0870 362 Exec Code Mem. Corr. 2021-10-22 2021-11-29
9.3
None Remote Medium Not required Complete Complete Complete
In RW_SetActivatedTagType of rw_main.cc, there is possible memory corruption due to a race condition. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-192472262
345 CVE-2021-0679 755 Mem. Corr. 2021-12-17 2021-12-22
4.6
None Local Low Not required Partial Partial Partial
In apusys, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05687781.
346 CVE-2021-0671 787 Mem. Corr. 2021-11-18 2021-11-20
7.2
None Local Low Not required Complete Complete Complete
In apusys, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05664273; Issue ID: ALPS05664273.
347 CVE-2021-0670 416 Mem. Corr. 2021-11-18 2021-11-20
7.2
None Local Low Not required Complete Complete Complete
In apusys, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05654663; Issue ID: ALPS05654663.
348 CVE-2021-0669 416 Mem. Corr. 2021-11-18 2021-11-20
7.2
None Local Low Not required Complete Complete Complete
In apusys, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05681550; Issue ID: ALPS05681550.
349 CVE-2021-0668 755 Mem. Corr. 2021-11-18 2021-11-20
7.2
None Local Low Not required Complete Complete Complete
In apusys, there is a possible memory corruption due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05670521; Issue ID: ALPS05670521.
350 CVE-2021-0667 416 Mem. Corr. 2021-11-18 2021-11-19
4.6
None Local Low Not required Partial Partial Partial
In apusys, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05670581; Issue ID: ALPS05670581.
Total number of vulnerabilities : 415   Page : 1 2 3 4 5 6 7 (This Page)8 9
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.