|
195321
|
7.8 |
HIGH
Local
|
microsoft
|
high_efficiency_video_coding
|
HEVC Video Extensions Remote Code Execution Vulnerability
|
NVD-CWE-noinfo
|
CVE-2021-24089
|
2024-11-21 14:52 |
2021-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195322
|
9.8 |
CRITICAL
Network
|
facebook
|
gameroom
|
The fbgames protocol handler registered as part of Facebook Gameroom does not properly quote arguments passed to the executable. That allows a malicious URL to cause code execution. This issue affect…
|
CWE-88
Argument Injection
|
CVE-2021-24030
|
2024-11-21 14:52 |
2021-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195323
|
9.8 |
CRITICAL
Network
|
facebook
|
hhvm
|
Due to incorrect string size calculations inside the preg_quote function, a large input string passed to the function can trigger an integer overflow leading to a heap overflow. This issue affects HH…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2021-24025
|
2024-11-21 14:52 |
2021-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195324
|
5.6 |
MEDIUM
Network
|
facebook
|
react-dev-utils
|
react-dev-utils prior to v11.0.4 exposes a function, getProcessForPort, where an input argument is concatenated into a command string to be executed. This function is typically used from react-script…
|
CWE-78
OS Command
|
CVE-2021-24033
|
2024-11-21 14:52 |
2021-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195325
|
4.7 |
MEDIUM
Local
|
facebook
|
zstandard
|
Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for CVE-2021-24031, the Zstandard command-line utility created output files with default permissions and restricted those permissions…
|
CWE-276
Incorrect Default Permissions
|
CVE-2021-24032
|
2024-11-21 14:52 |
2021-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195326
|
5.5 |
MEDIUM
Local
|
facebook
|
zstandard
|
In the Zstandard command-line utility prior to v1.4.1, output files were created with default permissions. Correct file permissions (matching the input) would only be set at completion time. Output f…
|
CWE-276
Incorrect Default Permissions
|
CVE-2021-24031
|
2024-11-21 14:52 |
2021-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195327
|
8.8 |
HIGH
Network
|
mozilla
|
firefox
|
Mozilla developers reported memory safety bugs present in Firefox 85. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been expl…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-23979
|
2024-11-21 14:52 |
2021-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195328
|
8.8 |
HIGH
Network
|
mozilla
debian
|
firefox
firefox_esr
thunderbird
debian_linux
|
Mozilla developers reported memory safety bugs present in Firefox 85 and Firefox ESR 78.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-23978
|
2024-11-21 14:52 |
2021-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195329
|
8.8 |
HIGH
Network
|
mozilla
|
firefox
|
Mozilla developers reported memory safety bugs present in Firefox 84. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been expl…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-23965
|
2024-11-21 14:52 |
2021-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195330
|
8.8 |
HIGH
Network
|
mozilla
|
firefox
firefox_esr
thunderbird
|
Mozilla developers reported memory safety bugs present in Firefox 84 and Firefox ESR 78.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-23964
|
2024-11-21 14:52 |
2021-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
