Latest CVE Feed
-
7.8
HIGHCVE-2021-44701
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the c... Read more
- Published: Jan. 14, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-44700
Adobe Illustrator versions 25.4.2 (and earlier) and 26.0.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASL... Read more
- Published: Jan. 14, 2022
- Modified: Nov. 21, 2024
-
4.3
MEDIUMCVE-2021-44699
Adobe Audition versions 14.4 (and earlier), and 22.0 (and earlier)are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Expl... Read more
- Published: Dec. 20, 2021
- Modified: Nov. 21, 2024
-
4.3
MEDIUMCVE-2021-44698
Adobe Audition versions 14.4 (and earlier), and 22.0 (and earlier)are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Expl... Read more
- Published: Dec. 20, 2021
- Modified: Nov. 21, 2024
-
4.3
MEDIUMCVE-2021-44697
Adobe Audition versions 14.4 (and earlier), and 22.0 (and earlier)are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Expl... Read more
- Published: Dec. 20, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-44696
Adobe Prelude version 22.1.1 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue r... Read more
- Published: Jul. 12, 2023
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-44695
Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.... Read more
Affected Products : simatic_s7-1500_software_controller_firmware simatic_drive_controller_cpu_1504d_tf_firmware simatic_drive_controller_cpu_1507d_tf_firmware simatic_s7-1500_cpu_1510sp_f-1_pn_firmware simatic_s7-1500_cpu_1510sp-1_pn_firmware simatic_s7-1500_cpu_1511-1_pn_firmware simatic_s7-1500_cpu_1511c-1_pn_firmware simatic_s7-1500_cpu_1511f-1_pn_firmware simatic_s7-1500_cpu_1511t-1_pn_firmware simatic_s7-1500_cpu_1511tf-1_pn_firmware +236 more products- Published: Dec. 13, 2022
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-44694
Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.... Read more
Affected Products : simatic_s7-1500_software_controller_firmware simatic_drive_controller_cpu_1504d_tf_firmware simatic_drive_controller_cpu_1507d_tf_firmware simatic_s7-1500_cpu_1510sp_f-1_pn_firmware simatic_s7-1500_cpu_1510sp-1_pn_firmware simatic_s7-1500_cpu_1511-1_pn_firmware simatic_s7-1500_cpu_1511c-1_pn_firmware simatic_s7-1500_cpu_1511f-1_pn_firmware simatic_s7-1500_cpu_1511t-1_pn_firmware simatic_s7-1500_cpu_1511tf-1_pn_firmware +228 more products- Published: Dec. 13, 2022
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-44693
Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.... Read more
Affected Products : simatic_s7-1500_software_controller_firmware simatic_drive_controller_cpu_1504d_tf_firmware simatic_drive_controller_cpu_1507d_tf_firmware simatic_s7-1500_cpu_1510sp_f-1_pn_firmware simatic_s7-1500_cpu_1510sp-1_pn_firmware simatic_s7-1500_cpu_1511-1_pn_firmware simatic_s7-1500_cpu_1511c-1_pn_firmware simatic_s7-1500_cpu_1511f-1_pn_firmware simatic_s7-1500_cpu_1511t-1_pn_firmware simatic_s7-1500_cpu_1511tf-1_pn_firmware +236 more products- Published: Dec. 13, 2022
- Modified: Nov. 21, 2024
-
5.3
MEDIUMCVE-2021-44692
BuddyBoss Platform through 1.8.0 allows remote attackers to obtain the email address of each user. When creating a new user, it generates a Unique ID for their profile. This UID is their private email address with symbols removed and periods replaced with... Read more
Affected Products : buddyboss- Published: Jan. 26, 2022
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-44686
calibre before 5.32.0 contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service) in html_preprocess_rules in ebooks/conversion/preprocess.py.... Read more
- Published: Dec. 07, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-44685
Git-it through 4.4.0 allows OS command injection at the Branches Aren't Just For Birds challenge step. During the verification process, it attempts to run the reflog command followed by the current branch name (which is not sanitized for execution).... Read more
Affected Products : git-it- Published: Dec. 07, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-44684
naholyr github-todos 3.1.0 is vulnerable to command injection. The range argument for the _hook subcommand is concatenated without any validation, and is directly used by the exec function.... Read more
Affected Products : github-todos- Published: Dec. 07, 2021
- Modified: Nov. 21, 2024
-
8.2
HIGHCVE-2021-44683
The DuckDuckGo browser 7.64.4 on iOS allows Address Bar Spoofing due to mishandling of the JavaScript window.open function (used to open a secondary browser window). This could be exploited by tricking users into supplying sensitive information such as cr... Read more
Affected Products : duckduckgo- Published: Mar. 25, 2022
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-44682
An issue (6 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP serv... Read more
Affected Products : enterprise_vault- Published: Dec. 06, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-44681
An issue (5 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP serv... Read more
Affected Products : enterprise_vault- Published: Dec. 06, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-44680
An issue (4 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP serv... Read more
Affected Products : enterprise_vault- Published: Dec. 06, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-44679
An issue (3 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP serv... Read more
Affected Products : enterprise_vault- Published: Dec. 06, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-44678
An issue (2 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP serv... Read more
Affected Products : enterprise_vault- Published: Dec. 06, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-44677
An issue (1 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP serv... Read more
Affected Products : enterprise_vault- Published: Dec. 06, 2021
- Modified: Nov. 21, 2024