CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3260 matches found

CVE•added 2021/08/20 9:2 p.m.•69 views

CVE-2021-21826

CVE-2021-21826 is a heap-based buffer overflow in AT&T Labs Xmill 0.7, within XML Decompression DecodeTreeBlock. A crafted XMI file triggers a UINT32-derived length for an internal buffer, enabling a attacker-controlled input to overflow. The initial description confirms the vulnerability, includ...

9.8CVSS9.5AI score0.01136EPSS

Exploits1References1Affected Software1

NVD•added 2021/08/18 1:15 p.m.•15 views

CVE-2021-21825

A heap-based buffer overflow vulnerability exists in the XML Decompression PlainTextUncompressor::UncompressItem functionality of AT&T Labs’ Xmill 0.7. A specially crafted XMI file can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability...

9.8CVSS0.02274EPSS

Exploits1References1

Prion•added 2021/08/18 1:15 p.m.•21 views

Heap overflow

7.5CVSS9.8AI score0.02274EPSS

Exploits1References1Affected Software1

Cvelist•added 2021/08/18 12:52 p.m.•18 views

CVE-2021-21825

8.1CVSS10AI score0.02274EPSS

Exploits1References1

Fedora•added 2021/08/16 1:18 a.m.•23 views

[SECURITY] Fedora 34 Update: rust-weezl-0.1.5-3.fc34

Fast LZW compression and decompression...

9.8CVSS1.6AI score0.01923EPSS

Exploits0

NVD•added 2021/08/13 7:15 p.m.•19 views

CVE-2021-21829

A heap-based buffer overflow vulnerability exists in the XML Decompression EnumerationUncompressor::UncompressItem functionality of AT&T Labs’ Xmill 0.7. A specially crafted XMI file can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability...

9.8CVSS0.02545EPSS

Exploits1References1

NVD•added 2021/08/13 7:15 p.m.•13 views

CVE-2021-21830

A heap-based buffer overflow vulnerability exists in the XML Decompression LabelDict::Load functionality of AT&T Labs’ Xmill 0.7. A specially crafted XMI file can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability...

9.8CVSS0.02274EPSS

Exploits1References1

OSV•added 2021/08/13 7:15 p.m.•5 views

CVE-2021-21829

9.8CVSS7.8AI score0.02545EPSS

Exploits1References1

Prion•added 2021/08/13 7:15 p.m.•16 views

Heap overflow

7.5CVSS9.8AI score0.02274EPSS

Exploits1References1Affected Software1

Cvelist•added 2021/08/13 6:17 p.m.•28 views

CVE-2021-21829

8.1CVSS10AI score0.02545EPSS

Exploits1References1

Cvelist•added 2021/08/13 6:16 p.m.•21 views

CVE-2021-21830

8.1CVSS10AI score0.02274EPSS

Exploits1References1

CVE•added 2021/08/13 6:16 p.m.•97 views

CVE-2021-21830

AT&T Labs Xmill 0.7 contains a heap-based buffer overflow in the XML Decompression LabelDict::Load path that can be triggered by a crafted XMI file, leading to remote code execution. CVE-2021-21830 is the assigned identifier for this vulnerability, with Red Hat and CVE listings reiterating the sa...

9.8CVSS9.8AI score0.02274EPSS

Exploits1References1Affected Software1

CNNVD•added 2021/08/10 12:0 a.m.•4 views

AT&T Labs Xmill 缓冲区错误漏洞

AT&T Labs Xmill is a new tool for efficiently compressing XML data from AT&T Labs, USA. A security vulnerability exists in the XML Decompression DecodeTreeBlock feature of AT&T Labs Xmill 0.7, which allows an attacker to supply a specially crafted XMI file leading to remote code execution...

9.8CVSS8.2AI score0.01136EPSS

Exploits1References6

CNNVD•added 2021/08/10 12:0 a.m.•6 views

Alexcrichton Tar-rs 路径遍历漏洞

Alexcrichton Tar-rs is a tar archive read/write library for Rust. A path traversal vulnerability exists in Alexcrichton Tar-rs, which stems from a logical error in the implementation of the product's decompression feature, and could allow an attacker to create files in other directories by...

7.5CVSS7.2AI score0.01392EPSS

Exploits1References2

CNNVD•added 2021/08/10 12:0 a.m.•4 views

AT&T Labs Xmill 缓冲区错误漏洞

9.8CVSS8.2AI score0.01136EPSS

Exploits1References6

CNNVD•added 2021/08/10 12:0 a.m.•7 views

AT&T Labs Xmill 缓冲区错误漏洞

AT&T Labs Xmill is a new tool for efficiently compressing XML data from AT&T Labs, USA. A security vulnerability exists in the XML Decompression PlainTextUncompressor::UncompressItem function in AT&T Labs Xmill version 0.7. An attacker could exploit the vulnerability to remotely execute code...

9.8CVSS7.8AI score0.02274EPSS

Exploits1References4

CNNVD•added 2021/08/10 12:0 a.m.•4 views

AT&T Labs Xmill 缓冲区错误漏洞

9.8CVSS8.2AI score0.01136EPSS

Exploits1References5

Talos•added 2021/08/10 12:0 a.m.•63 views

AT&T Labs Xmill XML decompression DecodeTreeBlock multiple heap-based buffer overflow vulnerabilities

Summary Multiple heap-based buffer overflow vulnerabilities exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7. A specially crafted XMI File can lead to remote code execution. An attacker can provide a malicious file to trigger these vulnerabilities. Tested...

8.7AI score

Exploits0

Talos•added 2021/08/10 12:0 a.m.•48 views

AT&T Labs Xmill XML decompression EnumerationUncompressor::UncompressItem heap-based buffer overflow vulnerability

Summary A heap-based buffer overflow vulnerability exists in the XML Decompression EnumerationUncompressor::UncompressItem functionality of AT&T Labs’ Xmill 0.7. A specially crafted XMI file can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability...

9.8CVSS9.3AI score0.02545EPSS

Exploits1

Talos•added 2021/08/10 12:0 a.m.•41 views

AT&T Labs Xmill XML decompression LabelDict::Load heap-based buffer overflow vulnerability

Summary A heap-based buffer overflow vulnerability exists in the XML Decompression LabelDict::Load functionality of AT&T Labs’ Xmill 0.7. A specially crafted XMI file can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions AT&T La...

9.8CVSS9.1AI score0.02274EPSS

Exploits1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by