Show filters
1,988 Total Results
Displaying 741-750 of 1,988
Sort by:
Attacker Value
Unknown

CVE-2020-28385

Disclosure Date: March 15, 2021 (last updated February 22, 2025)
A vulnerability has been identified in Solid Edge SE2020 (All versions < SE2020MP13), Solid Edge SE2021 (All Versions < SE2021MP4). Affected applications lack proper validation of user-supplied data when parsing DFT files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12049)
Attacker Value
Unknown

CVE-2021-21488

Disclosure Date: March 09, 2021 (last updated February 22, 2025)
Knowledge Management versions 7.01, 7.02, 7.30, 7.31, 7.40, 7.50 allows a remote attacker with basic privileges to deserialize user-controlled data without verification, leading to insecure deserialization which triggers the attacker’s code, therefore impacting Availability.
Attacker Value
Unknown

CVE-2021-25252

Disclosure Date: March 03, 2021 (last updated February 22, 2025)
Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file.
Attacker Value
Unknown

CVE-2021-25122

Disclosure Date: March 01, 2021 (last updated February 22, 2025)
When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and 8.5.0 to 8.5.61 could duplicate request headers and a limited amount of request body from one request to another meaning user A and user B could both see the results of user A's request.
Attacker Value
Unknown

CVE-2021-25329

Disclosure Date: March 01, 2021 (last updated November 08, 2023)
The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with a configuration edge case that was highly unlikely to be used, the Tomcat instance was still vulnerable to CVE-2020-9494. Note that both the previously published prerequisites for CVE-2020-9484 and the previously published mitigations for CVE-2020-9484 also apply to this issue.
Attacker Value
Unknown

CVE-2021-24113

Disclosure Date: February 25, 2021 (last updated November 28, 2024)
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
0
Attacker Value
Unknown

CVE-2021-24100

Disclosure Date: February 25, 2021 (last updated November 28, 2024)
Microsoft Edge for Android Information Disclosure Vulnerability
0
Attacker Value
Unknown

CVE-2021-22651

Disclosure Date: February 23, 2021 (last updated February 22, 2025)
When loading a specially crafted file, Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are, while processing the extraction of temporary files, suffering from a directory traversal vulnerability, which allows an attacker to store arbitrary scripts into automatic startup folders.
Attacker Value
Unknown

CVE-2021-22645

Disclosure Date: February 23, 2021 (last updated February 22, 2025)
Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are vulnerable to an attack because the .bip documents display a “load” command, which can be pointed to a .dll from a remote network share. As a result, the .dll entry point can be executed without sufficient UI warning.
Attacker Value
Unknown

CVE-2021-22649

Disclosure Date: February 23, 2021 (last updated February 22, 2025)
Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 have multiple NULL pointer dereference issues while processing project files, which may allow an attacker to execute arbitrary code.