CVE-2021-30626

Out of bounds memory entree in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVSS:0.0) (Concluding Update:2021-10-08)

2021-10-07T20:00:00-04:00October 7th, 2021|Memory Corruption|

CVE-2021-25491

A vulnerability in mfc driver prior to SMR Oct-2021 Release 1 allows memory corruption via NULL-pointer dereference. (CVSS:0.0) (Concluding Update:2021-10-06)

2021-10-05T20:00:00-04:00October 5th, 2021|Memory Corruption|

CVE-2021-41121

Vyper is a Pythonic Clever Contract Language for the EVM. In affected versions when performing a function call inside a literal struct, there is a memory corruption issue that occurs because of an incorrect pointer to the the top of the stack. This issue has been resolved in version 0.3.0. (CVSS:0.0) (Final Update:2021-10-06)

2021-10-05T20:00:00-04:00October 5th, 2021|Memory Corruption|

CVE-2021-34758

A vulnerability in the memory management of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an authenticated, local attacker to corrupt a shared memory segment, resulting in a denial of service (DoS) precondition. This vulnerability is owed to insufficient entree controls to a shared memory resource. An attacker could exploit this vulnerability by corrupting a shared memory segment on an affected device. A successful exploit could allow the attacker to cause the device to reload. The device will recover from the corruption upon reboot. (CVSS:0.0) (Closing Update:2021-10-06)

2021-10-05T20:00:00-04:00October 5th, 2021|Memory Corruption|

CVE-2021-32626

Redis is an open source, in-memory database that persists on disk. In affected versions specially crafted Lua scripts executing in Redis can cause the heap-based Lua stack to be overflowed, owed to incomplete checks for this stipulation. This can result with heap corruption and potentially remote code execution. This problem exists in all versions of Redis with Lua scripting support, starting from 2.6. The problem is fixed in versions 6.2.6, 6.0.16 and 5.0.14. For users unable to update an additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from executing Lua scripts. This can be done using ACL to restrict EVAL and EVALSHA commands. (CVSS:0.0) (Closing Update:2021-10-04)

2021-10-03T20:00:00-04:00October 3rd, 2021|Memory Corruption|

CVE-2021-39845

Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a stack overflow vulnerability due to insecure handling of a crafted PDF file, potentially resulting in memory corruption in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted PDF file in Acrobat Reader. (CVSS:0.0) (Concluding Update:2021-09-29)

2021-09-28T20:00:00-04:00September 28th, 2021|Memory Corruption|

CVE-2021-39846

Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a stack overflow vulnerability owed to insecure handling of a crafted PDF file, potentially resulting in memory corruption in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted PDF file in Acrobat Reader. (CVSS:0.0) (Last Update:2021-09-29)

2021-09-28T20:00:00-04:00September 28th, 2021|Memory Corruption|

CVE-2021-40710

Adobe Premiere Pro version 15.4 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious .svg file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability. (CVSS:0.0) (Terminal Update:2021-09-29)

2021-09-28T20:00:00-04:00September 28th, 2021|Memory Corruption|

CVE-2021-40715

Adobe Premiere Pro version 15.4 (and earlier) is affected by a memory corruption vulnerability owed to insecure handling of a malicious .exr file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability. (CVSS:0.0) (Last Update:2021-09-29)

2021-09-28T20:00:00-04:00September 28th, 2021|Memory Corruption|

CVE-2021-40702

Adobe Premiere Elements version 2021.2235820 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious psd file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. (CVSS:0.0) (Concluding Update:2021-09-27)

2021-09-26T20:00:00-04:00September 26th, 2021|Memory Corruption|
Go to Top