Total
6082 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-30939 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing a maliciously crafted image may lead to arbitrary code execution. | |||||
| CVE-2021-30911 | 1 Apple | 4 Ipados, Iphone Os, Mac Os X and 1 more | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, iOS 15.1 and iPadOS 15.1, macOS Big Sur 11.6.1. Processing a maliciously crafted USD file may disclose memory contents. | |||||
| CVE-2021-30910 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, tvOS 15.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted file may disclose user information. | |||||
| CVE-2021-30905 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina. Processing a maliciously crafted file may disclose user information. | |||||
| CVE-2021-30880 | 1 Apple | 2 Mac Os X, Macos | 2023-11-07 | 5.8 MEDIUM | 7.1 HIGH |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory. | |||||
| CVE-2021-30879 | 1 Apple | 2 Mac Os X, Macos | 2023-11-07 | 5.8 MEDIUM | 7.1 HIGH |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory. | |||||
| CVE-2021-30877 | 1 Apple | 2 Mac Os X, Macos | 2023-11-07 | 5.8 MEDIUM | 7.1 HIGH |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory. | |||||
| CVE-2021-30876 | 1 Apple | 2 Mac Os X, Macos | 2023-11-07 | 5.8 MEDIUM | 7.1 HIGH |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory. | |||||
| CVE-2021-30865 | 1 Apple | 2 Mac Os X, Macos | 2023-11-07 | 9.3 HIGH | 7.8 HIGH |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.6, Security Update 2021-005 Catalina. A malicious application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2021-30593 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-11-07 | 5.8 MEDIUM | 8.1 HIGH |
| Out of bounds read in Tab Strip in Google Chrome prior to 92.0.4515.131 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted HTML page. | |||||
| CVE-2021-30536 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-11-07 | 5.8 MEDIUM | 8.1 HIGH |
| Out of bounds read in V8 in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. | |||||
| CVE-2021-30511 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-11-07 | 5.8 MEDIUM | 8.1 HIGH |
| Out of bounds read in Tab Groups in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted HTML page. | |||||
| CVE-2021-28618 | 2 Adobe, Microsoft | 2 Animate, Windows | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| Adobe Animate version 21.0.6 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-28617 | 2 Adobe, Microsoft | 2 Animate, Windows | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| Adobe Animate version 21.0.6 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-28609 | 2 Adobe, Microsoft | 2 After Effects, Windows | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| Adobe After Effects version 18.2 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-28587 | 2 Adobe, Microsoft | 2 After Effects, Windows | 2023-11-07 | 4.3 MEDIUM | 3.3 LOW |
| After Effects versions 18.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-28555 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2023-11-07 | 4.3 MEDIUM | 6.5 MEDIUM |
| Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to get access to sensitive information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-28116 | 3 Debian, Fedoraproject, Squid-cache | 3 Debian Linux, Fedora, Squid | 2023-11-07 | 4.3 MEDIUM | 5.3 MEDIUM |
| Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data. This can be leveraged as part of a chain for remote code execution as nobody. | |||||
| CVE-2021-26926 | 2 Fedoraproject, Jasper Project | 2 Fedora, Jasper | 2023-11-07 | 5.8 MEDIUM | 7.1 HIGH |
| A flaw was found in jasper before 2.0.25. An out of bounds read issue was found in jp2_decode function whic may lead to disclosure of information or program crash. | |||||
| CVE-2021-25288 | 2 Fedoraproject, Python | 2 Fedora, Pillow | 2023-11-07 | 6.4 MEDIUM | 9.1 CRITICAL |
| An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2ku_gray_i. | |||||