CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (Memory Corruption)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2021-43790 416 Mem. Corr. 2021-11-30 2021-12-01
6.8
None Remote Medium Not required Partial Partial Partial
Lucet is a native WebAssembly compiler and runtime. There is a bug in the main branch of `lucet-runtime` affecting all versions published to crates.io that allows a use-after-free in an Instance object that could result in memory corruption, data race, or other related issues. This bug was introduced early in the development of Lucet and is present in all releases. As a result of this bug, and dependent on the memory backing for the Instance objects, it is possible to trigger a use-after-free when the Instance is dropped. Users should upgrade to the main branch of the Lucet repository. Lucet no longer provides versioned releases on crates.io. There is no way to remediate this vulnerability without upgrading.
2 CVE-2021-43638 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-07
0.0
None ??? ??? ??? ??? ??? ???
Amazon Amazon WorkSpaces agent is affected by Integer Overflow. IOCTL Handler 0x22001B in the Amazon WorkSpaces agent below v1.0.1.1537 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
3 CVE-2021-43637 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-07
0.0
None ??? ??? ??? ??? ??? ???
Amazon WorkSpaces agent is affected by Buffer Overflow. IOCTL Handler 0x22001B in the Amazon WorkSpaces agent below v1.0.1.1537 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
4 CVE-2021-43057 416 Mem. Corr. 2021-10-28 2021-11-29
7.2
None Local Low Not required Complete Complete Complete
An issue was discovered in the Linux kernel before 5.14.8. A use-after-free in selinux_ptrace_traceme (aka the SELinux handler for PTRACE_TRACEME) could be used by local attackers to cause memory corruption and escalate privileges, aka CID-a3727a8bac0a. This occurs because of an attempt to access the subjective credentials of another task.
5 CVE-2021-43015 788 Exec Code Mem. Corr. 2021-11-22 2021-11-24
9.3
None Remote Medium Not required Complete Complete Complete
Adobe InCopy version 16.4 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious GIF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.
6 CVE-2021-43013 788 Exec Code Mem. Corr. 2021-11-16 2021-11-17
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Media Encoder version 15.4.1 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
7 CVE-2021-43012 788 Exec Code Mem. Corr. 2021-11-16 2021-11-17
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Prelude version 10.1 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file.
8 CVE-2021-43011 788 Exec Code Mem. Corr. 2021-11-16 2021-11-17
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Prelude version 10.1 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file.
9 CVE-2021-43006 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-07
0.0
None ??? ??? ??? ??? ??? ???
AmZetta Amzetta zPortal DVM Tools is affected by Integer Overflow. IOCTL Handler 0x22001B in the Amzetta zPortal DVM Tools <= v3.3.148.148 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
10 CVE-2021-43003 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-07
0.0
None ??? ??? ??? ??? ??? ???
Amzetta zPortal Windows zClient is affected by Integer Overflow. IOCTL Handler 0x22001B in the Amzetta zPortal Windows zClient <= v3.2.8180.148 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
11 CVE-2021-43002 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-07
0.0
None ??? ??? ??? ??? ??? ???
Amzetta zPortal DVM Tools is affected by Buffer Overflow. IOCTL Handler 0x22001B in the Amzetta zPortal DVM Tools <= v3.3.148.148 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
12 CVE-2021-43000 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-07
0.0
None ??? ??? ??? ??? ??? ???
Amzetta zPortal Windows zClient is affected by Buffer Overflow. IOCTL Handler 0x22001B in the Amzetta zPortal Windows zClient <= v3.2.8180.148 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
13 CVE-2021-42996 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-07
0.0
None ??? ??? ??? ??? ??? ???
Donglify is affected by Integer Overflow. IOCTL Handler 0x22001B in the Donglify above 1.0.12309 below 1.7.14110 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
14 CVE-2021-42994 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-07
0.0
None ??? ??? ??? ??? ??? ???
Donglify is affected by Buffer Overflow. IOCTL Handler 0x22001B in the Donglify above 1.0.12309 below 1.7.14110 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
15 CVE-2021-42993 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-07
0.0
None ??? ??? ??? ??? ??? ???
FlexiHub For Windows is affected by Integer Overflow. IOCTL Handler 0x22001B in the FlexiHub For Windows above 2.0.4340 below 5.3.14268 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
16 CVE-2021-42990 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-07
0.0
None ??? ??? ??? ??? ??? ???
FlexiHub For Windows is affected by Buffer Overflow. IOCTL Handler 0x22001B in the FlexiHub For Windows above 2.0.4340 below 5.3.14268 allows local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
17 CVE-2021-42988 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-07
0.0
None ??? ??? ??? ??? ??? ???
Eltima USB Network Gate is affected by Buffer Overflow. IOCTL Handler 0x22001B in the USB Network Gate above 7.0.1370 below 9.2.2420 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
18 CVE-2021-42987 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-07
0.0
None ??? ??? ??? ??? ??? ???
Eltima USB Network Gate is affected by Integer Overflow. IOCTL Handler 0x22001B in the USB Network Gate above 7.0.1370 below 9.2.2420 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
19 CVE-2021-42986 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-07
0.0
None ??? ??? ??? ??? ??? ???
NoMachine Enterprise Client is affected by Integer Overflow. IOCTL Handler 0x22001B in the NoMachine Enterprise Client above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
20 CVE-2021-42983 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-07
0.0
None ??? ??? ??? ??? ??? ???
NoMachine Enterprise Client is affected by Buffer Overflow. IOCTL Handler 0x22001B in the NoMachine Enterprise Client above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
21 CVE-2021-42980 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-07
0.0
None ??? ??? ??? ??? ??? ???
NoMachine Cloud Server is affected by Buffer Overflow. IOCTL Handler 0x22001B in the NoMachine Cloud Server above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
22 CVE-2021-42979 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-07
0.0
None ??? ??? ??? ??? ??? ???
NoMachine Cloud Server is affected by Integer Overflow. IOCTL Handler 0x22001B in the NoMachine Cloud Server above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
23 CVE-2021-42977 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-07
0.0
None ??? ??? ??? ??? ??? ???
NoMachine Enterprise Desktop is affected by Integer Overflow. IOCTL Handler 0x22001B in the NoMachine Enterprise Desktop above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
24 CVE-2021-42976 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-07
0.0
None ??? ??? ??? ??? ??? ???
NoMachine Enterprise Desktop is affected by Buffer Overflow. IOCTL Handler 0x22001B in the NoMachine Enterprise Desktop above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
25 CVE-2021-42973 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-07
0.0
None ??? ??? ??? ??? ??? ???
NoMachine Server is affected by Integer Overflow. IOCTL Handler 0x22001B in the NoMachine Server above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
26 CVE-2021-42972 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-07
0.0
None ??? ??? ??? ??? ??? ???
NoMachine Server is affected by Buffer Overflow. IOCTL Handler 0x22001B in the NoMachine Server above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
27 CVE-2021-42738 788 Exec Code Mem. Corr. 2021-11-22 2021-11-24
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Prelude version 10.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious MXF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.
28 CVE-2021-42737 788 Exec Code Mem. Corr. 2021-11-22 2021-11-24
6.8
None Remote Medium Not required Partial Partial Partial
Adobe Prelude version 10.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious WAV file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.
29 CVE-2021-42726 788 Exec Code Mem. Corr. 2021-11-16 2021-11-17
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Media Encoder version 15.4 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file.
30 CVE-2021-42723 788 Exec Code Mem. Corr. 2021-11-16 2021-11-17
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Premiere Pro version 15.4 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file.
31 CVE-2021-42721 119 Exec Code Overflow Mem. Corr. 2021-11-16 2021-11-17
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Media Encoder version 15.4 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file.
32 CVE-2021-42341 Mem. Corr. 2021-10-14 2021-10-20
5.0
None Remote Low Not required None None Partial
checkpath in OpenRC before 0.44.7 uses the direct output of strlen() to allocate strings, which does not account for the '\0' byte at the end of the string. This results in memory corruption. CVE-2021-42341 was introduced in git commit 63db2d99e730547339d1bdd28e8437999c380cae, which was introduced as part of OpenRC 0.44.0 development.
33 CVE-2021-42279 787 Mem. Corr. 2021-11-10 2021-11-12
5.1
None Remote High Not required Partial Partial Partial
Chakra Scripting Engine Memory Corruption Vulnerability
34 CVE-2021-42267 119 Exec Code Overflow Mem. Corr. 2021-11-18 2021-11-18
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Animate version 21.0.9 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious FLA file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
35 CVE-2021-42266 788 Exec Code Mem. Corr. 2021-11-18 2021-11-18
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Animate version 21.0.9 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious FLA file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
36 CVE-2021-41253 122 Overflow Mem. Corr. 2021-11-08 2021-11-15
6.8
None Remote Medium Not required Partial Partial Partial
Zydis is an x86/x86-64 disassembler library. Users of Zydis versions v3.2.0 and older that use the string functions provided in `zycore` in order to append untrusted user data to the formatter buffer within their custom formatter hooks can run into heap buffer overflows. Older versions of Zydis failed to properly initialize the string object within the formatter buffer, forgetting to initialize a few fields, leaving their value to chance. This could then in turn cause zycore functions like `ZyanStringAppend` to make incorrect calculations for the new target size, resulting in heap memory corruption. This does not affect the regular uncustomized Zydis formatter, because Zydis internally doesn't use the string functions in zycore that act upon these fields. However, because the zycore string functions are the intended way to work with the formatter buffer for users of the library that wish to extend the formatter, we still consider this to be a vulnerability in Zydis. This bug is patched starting in version 3.2.1. As a workaround, users may refrain from using zycore string functions in their formatter hooks until updating to a patched version.
37 CVE-2021-41121 119 Overflow Mem. Corr. 2021-10-06 2021-10-15
6.5
None Remote Low ??? Partial Partial Partial
Vyper is a Pythonic Smart Contract Language for the EVM. In affected versions when performing a function call inside a literal struct, there is a memory corruption issue that occurs because of an incorrect pointer to the the top of the stack. This issue has been resolved in version 0.3.0.
38 CVE-2021-40775 788 Exec Code Mem. Corr. 2021-11-22 2021-11-24
6.8
None Remote Medium Not required Partial Partial Partial
Adobe Prelude version 10.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious SVG file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.
39 CVE-2021-40772 788 Exec Code Mem. Corr. 2021-11-22 2021-11-24
6.8
None Remote Medium Not required Partial Partial Partial
Adobe Prelude version 10.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious M4A file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.
40 CVE-2021-40771 788 Exec Code Mem. Corr. 2021-11-22 2021-11-24
6.8
None Remote Medium Not required Partial Partial Partial
Adobe Prelude version 10.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious WAV file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.
41 CVE-2021-40770 788 Exec Code Mem. Corr. 2021-11-22 2021-11-24
6.8
None Remote Medium Not required Partial Partial Partial
Adobe Prelude version 10.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious M4A file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.
42 CVE-2021-40760 788 Exec Code Mem. Corr. 2021-11-18 2021-11-19
9.3
None Remote Medium Not required Complete Complete Complete
Adobe After Effects version 18.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious .m4a file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.
43 CVE-2021-40759 788 Exec Code Mem. Corr. 2021-11-18 2021-11-19
9.3
None Remote Medium Not required Complete Complete Complete
Adobe After Effects version 18.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious .m4a file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.
44 CVE-2021-40758 788 Exec Code Mem. Corr. 2021-11-18 2021-11-19
9.3
None Remote Medium Not required Complete Complete Complete
Adobe After Effects version 18.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious WAV file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.
45 CVE-2021-40757 788 Exec Code Mem. Corr. 2021-11-18 2021-11-19
9.3
None Remote Medium Not required Complete Complete Complete
Adobe After Effects version 18.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious MXF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.
46 CVE-2021-40755 119 Exec Code Overflow Mem. Corr. 2021-11-18 2021-11-19
9.3
None Remote Medium Not required Complete Complete Complete
Adobe After Effects version 18.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious SGI file in the DoReadContinue function, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
47 CVE-2021-40754 788 Exec Code Mem. Corr. 2021-11-18 2021-11-19
9.3
None Remote Medium Not required Complete Complete Complete
Adobe After Effects version 18.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious WAV file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.
48 CVE-2021-40753 788 Exec Code Mem. Corr. 2021-11-18 2021-11-19
9.3
None Remote Medium Not required Complete Complete Complete
Adobe After Effects version 18.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious SVG file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.
49 CVE-2021-40752 788 Exec Code Mem. Corr. 2021-11-18 2021-11-19
9.3
None Remote Medium Not required Complete Complete Complete
Adobe After Effects version 18.4 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious .m4a file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.
50 CVE-2021-40751 788 Exec Code Mem. Corr. 2021-11-18 2021-11-19
9.3
None Remote Medium Not required Complete Complete Complete
Adobe After Effects version 18.4 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious .m4a file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.
Total number of vulnerabilities : 6376   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.