Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6112 matches found

Microsoft CVE
Microsoft CVEadded 2021/12/16 8:0 a.m.3 views

A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.26 handled component references in CDEF box in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened.

...

5.5CVSS7AI score0.00266EPSS
Exploits0
OSV
OSVadded 2021/12/15 7:15 p.m.3 views

CVE-2021-0675

In alac decoder, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06064258; Issue ID: ALPS06064258...

7.8CVSS7.4AI score0.00018EPSS
Exploits0References1
NVD
NVDadded 2021/12/15 7:15 p.m.17 views

CVE-2021-0675

In alac decoder, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06064258; Issue ID: ALPS06064258...

7.8CVSS0.00018EPSS
Exploits0References1
Prion
Prionadded 2021/12/15 7:15 p.m.20 views

Out-of-bounds

In alac decoder, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06064258; Issue ID: ALPS06064258...

7.2CVSS7.7AI score0.00018EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2021/12/15 6:5 p.m.19 views

CVE-2021-0675

In alac decoder, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06064258; Issue ID: ALPS06064258...

8AI score0.00018EPSS
Exploits0References1
CVE
CVEadded 2021/12/15 6:5 p.m.124 views

CVE-2021-0675

The CVE-2021-0675 entry affects the alac decoder and is due to an incorrect bounds check, causing an out-of-bounds write that enables local privilege escalation without user interaction. Documented impact and exploitation status indicate local escalation of privilege with complete confidentiality...

7.8CVSS7.8AI score0.00018EPSS
Exploits0References1Affected Software1
RedHat Linux
RedHat Linuxadded 2021/12/14 9:31 p.m.4 views

netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data

A flaw was found in Netty's netty-codec due to size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could cause a denial of service...

7.5CVSS7.4AI score0.01187EPSS
Exploits0References5
Zero Day Initiative
Zero Day Initiativeadded 2021/12/14 12:0 a.m.15 views

Tencent WeChat WXAM Decoder Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tencent WeChat. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the WXAM...

4.3CVSS1.7AI score
Exploits0
Zero Day Initiative
Zero Day Initiativeadded 2021/12/14 12:0 a.m.7 views

Tencent WeChat WXAM Decoder Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent WeChat. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the WXAM decoder. T...

8.8CVSS3.9AI score
Exploits0
Zero Day Initiative
Zero Day Initiativeadded 2021/12/14 12:0 a.m.20 views

Tencent WeChat WXAM Decoder Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent WeChat. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the WXAM decoder. T...

8.8CVSS4AI score
Exploits0
Zero Day Initiative
Zero Day Initiativeadded 2021/12/14 12:0 a.m.15 views

Tencent WeChat WXAM Decoder Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent WeChat. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the WXAM decoder. T...

8.8CVSS3.9AI score
Exploits0
NVD
NVDadded 2021/12/08 10:15 p.m.11 views

CVE-2021-23862

A crafted configuration packet sent by an authenticated administrative user can be used to execute arbitrary commands in system context. This issue also affects installations of the VRM, DIVAR IP, BVMS with VRM installed, the VIDEOJET decoder VJD-7513 and VJD-8000...

9CVSS0.00528EPSS
Exploits0References1
Prion
Prionadded 2021/12/08 10:15 p.m.14 views

Design/Logic Flaw

A crafted configuration packet sent by an authenticated administrative user can be used to execute arbitrary commands in system context. This issue also affects installations of the VRM, DIVAR IP, BVMS with VRM installed, the VIDEOJET decoder VJD-7513 and VJD-8000...

9CVSS7.2AI score0.00528EPSS
Exploits0References1Affected Software4
Cvelist
Cvelistadded 2021/12/08 9:17 p.m.12 views

CVE-2021-23862 Authenticated Remote Code Execution

A crafted configuration packet sent by an authenticated administrative user can be used to execute arbitrary commands in system context. This issue also affects installations of the VRM, DIVAR IP, BVMS with VRM installed, the VIDEOJET decoder VJD-7513 and VJD-8000...

7.2CVSS7.5AI score0.00528EPSS
Exploits0References1
CVE
CVEadded 2021/12/08 9:17 p.m.42 views

CVE-2021-23862

CVE-2021-23862 describes an authenticated command-injection flaw: a crafted configuration packet sent by an authenticated administrative user can execute arbitrary commands in the system context. Affected products include Bosch VRM, DIVAR IP, BVMS with VRM installed, and the VIDEOJET decoder (VJD...

9CVSS7.2AI score0.00528EPSS
Exploits0References1Affected Software2
Positive Technologies
Positive Technologiesadded 2021/12/08 12:0 a.m.2 views

PT-2021-15575 · Bosch · Vrm +3

Name of the Vulnerable Software and Affected Versions: BVMS with VRM installed versions affected versions not specified DIVAR IP versions affected versions not specified VIDEOJET decoder versions affected versions not specified VRM versions affected versions not specified Description: A crafted...

9CVSS7.4AI score0.00528EPSS
Exploits0References5
Zero Day Initiative
Zero Day Initiativeadded 2021/12/07 12:0 a.m.8 views

Tencent WeChat WXAM Decoder Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tencent WeChat. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the WXAM...

4.3CVSS1.7AI score
Exploits0
Zero Day Initiative
Zero Day Initiativeadded 2021/12/07 12:0 a.m.19 views

Tencent WeChat WAXM Decoder Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent WeChat. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the WXAM Decoder. T...

8.8CVSS2.7AI score
Exploits0
Zero Day Initiative
Zero Day Initiativeadded 2021/12/07 12:0 a.m.11 views

Tencent WeChat WXAM Decoder Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tencent WeChat. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the WXAM...

4.3CVSS1.7AI score
Exploits0
Zero Day Initiative
Zero Day Initiativeadded 2021/12/07 12:0 a.m.12 views

Tencent WeChat WXAM Decoder Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tencent WeChat. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the WXAM...

4.3CVSS1.7AI score
Exploits0
Rows per page
Query Builder