Total
12951 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-25372 | 1 Samsung | 4 Android, Exynos 2100, Exynos 980 and 1 more | 2025-07-30 | 6.1 Medium |
| An improper boundary check in DSP driver prior to SMR Mar-2021 Release 1 allows out of bounds memory access. | ||||
| CVE-2021-28310 | 1 Microsoft | 11 Windows 10 1803, Windows 10 1809, Windows 10 1909 and 8 more | 2025-07-30 | 7.8 High |
| Win32k Elevation of Privilege Vulnerability | ||||
| CVE-2021-21220 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-07-30 | 8.8 High |
| Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2021-31755 | 1 Tenda | 2 Ac11, Ac11 Firmware | 2025-07-30 | 9.8 Critical |
| An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setmac allows attackers to execute arbitrary code on the system via a crafted post request. | ||||
| CVE-2021-28664 | 1 Arm | 3 Bifrost Gpu Kernel Driver, Midgard Gpu Kernel Driver, Valhall Gpu Kernel Driver | 2025-07-30 | 8.8 High |
| The Arm Mali GPU kernel driver allows privilege escalation or a denial of service (memory corruption) because an unprivileged user can achieve read/write access to read-only pages. This affects Bifrost r0p0 through r29p0 before r30p0, Valhall r19p0 through r29p0 before r30p0, and Midgard r8p0 through r30p0 before r31p0. | ||||
| CVE-2021-27562 | 1 Arm | 1 Trusted Firmware-m | 2025-07-30 | 5.5 Medium |
| In Arm Trusted Firmware M through 1.2, the NS world may trigger a system halt, an overwrite of secure data, or the printing out of secure data when calling secure functions under the NSPE handler mode. | ||||
| CVE-2021-33742 | 1 Microsoft | 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more | 2025-07-30 | 7.5 High |
| Windows MSHTML Platform Remote Code Execution Vulnerability | ||||
| CVE-2020-11261 | 1 Qualcomm | 798 Apq8009, Apq8009 Firmware, Apq8009w and 795 more | 2025-07-30 | 7.8 High |
| Memory corruption due to improper check to return error when user application requests memory allocation of a huge size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | ||||
| CVE-2021-35211 | 1 Solarwinds | 1 Serv-u | 2025-07-30 | 9 Critical |
| Microsoft discovered a remote code execution (RCE) vulnerability in the SolarWinds Serv-U product utilizing a Remote Memory Escape Vulnerability. If exploited, a threat actor may be able to gain privileged access to the machine hosting Serv-U Only. SolarWinds Serv-U Managed File Transfer and Serv-U Secure FTP for Windows before 15.2.3 HF2 are affected by this vulnerability. | ||||
| CVE-2021-34448 | 1 Microsoft | 18 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 15 more | 2025-07-30 | 6.8 Medium |
| Scripting Engine Memory Corruption Vulnerability | ||||
| CVE-2021-30883 | 1 Apple | 6 Ipad Os, Ipados, Iphone Os and 3 more | 2025-07-30 | 7.8 High |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 15.0.2 and iPadOS 15.0.2, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1, macOS Big Sur 11.6.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.. | ||||
| CVE-2021-30900 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-07-30 | 7.8 High |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 14.8.1 and iPadOS 14.8.1, iOS 15.1 and iPadOS 15.1. A malicious application may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2021-30761 | 2 Apple, Redhat | 3 Iphone Os, Enterprise Linux, Rhel Els | 2025-07-30 | 8.8 High |
| A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. | ||||
| CVE-2021-30665 | 2 Apple, Redhat | 7 Ipados, Iphone Os, Macos and 4 more | 2025-07-30 | 8.8 High |
| A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 7.4.1, iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. | ||||
| CVE-2021-38406 | 1 Deltaww | 1 Dopsoft | 2025-07-30 | 7.8 High |
| Delta Electronic DOPSoft 2 (Version 2.00.07 and prior) lacks proper validation of user-supplied data when parsing specific project files. This could result in multiple out-of-bounds write instances. An attacker could leverage this vulnerability to execute code in the context of the current process. | ||||
| CVE-2021-30632 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-07-30 | 8.8 High |
| Out of bounds write in V8 in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2021-30807 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2025-07-30 | 7.8 High |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.5.1, iOS 14.7.1 and iPadOS 14.7.1, watchOS 7.6.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. | ||||
| CVE-2022-21882 | 1 Microsoft | 9 Windows 10 1809, Windows 10 1909, Windows 10 20h2 and 6 more | 2025-07-30 | 7 High |
| Win32k Elevation of Privilege Vulnerability | ||||
| CVE-2021-4034 | 7 Canonical, Oracle, Polkit Project and 4 more | 37 Ubuntu Linux, Http Server, Zfs Storage Appliance Kit and 34 more | 2025-07-30 | 7.8 High |
| A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine. | ||||
| CVE-2022-20701 | 1 Cisco | 8 Rv340, Rv340 Firmware, Rv340w and 5 more | 2025-07-30 | 10 Critical |
| Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory. | ||||