Latest CVE Feed
-
7.8
HIGHCVE-2021-22653
Multiple out-of-bounds write issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (ver... Read more
- EPSS Score: %0.30
- Published: Jan. 27, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-22652
Access to the Advantech iView versions prior to v5.7.03.6112 configuration are missing authentication, which may allow an unauthorized attacker to change the configuration and obtain code execution.... Read more
Affected Products : iview- EPSS Score: %40.86
- Published: Feb. 11, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-22651
When loading a specially crafted file, Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are, while processing the extracti... Read more
- EPSS Score: %1.71
- Published: Feb. 23, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-22649
Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 have multiple NULL pointer dereference issues while processing project fi... Read more
- EPSS Score: %0.22
- Published: Feb. 23, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-22647
Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are vulnerable to multiple out-of-bounds write issues while processing pr... Read more
- EPSS Score: %0.37
- Published: Feb. 23, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-22645
Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are vulnerable to an attack because the .bip documents display a “load” c... Read more
- EPSS Score: %0.25
- Published: Feb. 23, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-22643
Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are vulnerable to an out-of-bounds read while processing project files, w... Read more
- EPSS Score: %0.35
- Published: Feb. 23, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-22641
A heap-based buffer overflow issue has been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versi... Read more
- EPSS Score: %0.48
- Published: Jan. 27, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-22639
An uninitialized pointer issue has been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions ... Read more
- EPSS Score: %0.19
- Published: Jan. 27, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-22638
Fatek FvDesigner Version 1.5.76 and prior is vulnerable to an out-of-bounds read while processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution.... Read more
Affected Products : fvdesigner- EPSS Score: %0.17
- Published: Mar. 03, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-22637
Multiple stack-based buffer overflow issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server L... Read more
- EPSS Score: %0.36
- Published: Jan. 27, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-22636
Texas Instruments TI-RTOS, when configured to use HeapMem heap(default), malloc returns a valid pointer to a small buffer on extremely large values, which can trigger an integer overflow vulnerability in 'HeapMem_allocUnprotected' and result in cod... Read more
- EPSS Score: %0.04
- Published: Nov. 20, 2023
- Modified: Nov. 21, 2024
-
8.7
HIGHCVE-2021-22573
The vulnerability is that IDToken verifier does not verify if token is properly signed. Signature verification makes sure that the token's payload comes from valid provider, not from someone else. An attacker can provide a compromised token with custom pa... Read more
Affected Products : oauth_client_library_for_java- EPSS Score: %0.05
- Published: May. 03, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-22572
On unix-like systems, the system temporary directory is shared between all users on that system. The root cause is File.createTempFile creates files in the the system temporary directory with world readable permissions. Any sensitive information written t... Read more
Affected Products : data_transfer_project- EPSS Score: %0.01
- Published: Mar. 29, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-22571
A local attacker could read files from some other users' SA360 reports stored in the /tmp folder during staging process before the files are loaded in BigQuery. We recommend upgrading to version 1.0.3 or above.... Read more
Affected Products : sa360_webquery_to_bigquery_exporter- EPSS Score: %0.03
- Published: Mar. 18, 2022
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-22570
Nullptr dereference when a null char is present in a proto symbol. The symbol is parsed incorrectly, leading to an unchecked call into the proto file's name during generation of the resulting error message. Since the symbol is incorrectly parsed, the file... Read more
- EPSS Score: %0.12
- Published: Jan. 26, 2022
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-22569
An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. A small malicious payload can occupy the parser for several minutes by creating large numbers of short-liv... Read more
- EPSS Score: %0.35
- Published: Jan. 10, 2022
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2021-22568
When using the dart pub publish command to publish a package to a third-party package server, the request would be authenticated with an oauth2 access_token that is valid for publishing on pub.dev. Using these obtained credentials, an attacker can imperso... Read more
Affected Products : dart_software_development_kit- EPSS Score: %0.45
- Published: Dec. 09, 2021
- Modified: Nov. 21, 2024
-
4.6
MEDIUMCVE-2021-22567
Bidirectional Unicode text can be interpreted and compiled differently than how it appears in editors which can be exploited to get nefarious code passed a code review by appearing benign. An attacker could embed a source that is invisible to a code revie... Read more
Affected Products : dart_software_development_kit- EPSS Score: %0.23
- Published: Jan. 05, 2022
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-22566
An incorrect setting of UXN bits within mmu_flags_to_s1_pte_attr lead to privileged executable pages being mapped as executable from an unprivileged context. This can be leveraged by an attacker to bypass executability restrictions of kernel-mode pages fr... Read more
Affected Products : fuchsia- EPSS Score: %0.01
- Published: Jan. 18, 2022
- Modified: Nov. 21, 2024