VIR Vulnerability Intelligence Relay

CVEs from 2021

6,087 normalized CVEs published or assigned in this year.

Total
6,087
critical
critical 273
high
high 975
medium
medium 1,141
low
low 135
% Critical
4.5%
% with KEV
3.5%
% with exploit
3.5%

Top vendors

Top products

  • office 13
  • 365_apps 6
  • office_long_term_servicing_channel 6
  • library_automation_system 5
  • single_connect 4
  • http_server 3
  • solidfire 2
  • student_information_management_system 2

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2021-30585 high 8.0 multiple issues in chromium archdebian
CVE-2021-30626 high 8.0 arbitrary code execution in chromium archdebian
CVE-2021-37986 high 8.0 multiple issues in chromium archdebian
CVE-2021-4058 high 8.0 multiple issues in chromium archdebian
CVE-2021-30584 high 8.0 multiple issues in chromium archdebian
CVE-2021-30571 high 8.0 multiple issues in chromium archdebian
CVE-2021-30517 high 8.0 multiple issues in chromium archdebian
CVE-2021-30591 high 8.0 multiple issues in chromium archdebian
CVE-2021-30513 high 8.0 multiple issues in chromium archdebian
CVE-2021-21113 high 8.0 multiple issues in chromium archdebian
CVE-2021-38021 high 8.0 multiple issues in chromium archdebian
CVE-2021-30567 high 8.0 multiple issues in chromium archdebian
CVE-2021-25746 high 8.0 information disclosure in kubectl-ingress-nginx archsuse
CVE-2021-30576 high 8.0 multiple issues in chromium archdebian
CVE-2021-37989 high 8.0 multiple issues in chromium archdebian
CVE-2021-38016 high 8.0 multiple issues in chromium archdebian
CVE-2021-30597 high 8.0 multiple issues in chromium archdebian
CVE-2021-38020 high 8.0 multiple issues in chromium archdebian
CVE-2021-25216 high 8.0 In BIND 9.5.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.11.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.1 of t… debianarchsuse
CVE-2021-30582 high 8.0 multiple issues in chromium archdebian
CVE-2021-39944 high 8.0 multiple issues in gitlab arch
CVE-2021-37993 high 8.0 multiple issues in chromium archdebian
CVE-2021-21158 high 8.0 insufficient validation in chromium arch
CVE-2021-30511 high 8.0 multiple issues in chromium archdebian
CVE-2021-30507 high 8.0 multiple issues in chromium archdebian
CVE-2021-30575 high 8.0 multiple issues in chromium archdebian
CVE-2021-30592 high 8.0 multiple issues in chromium archdebian
CVE-2021-37995 high 8.0 multiple issues in chromium archdebian
CVE-2021-21164 high 8.0 Insufficient data validation in Chrome on iOS in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page. archdebian
CVE-2021-38006 high 8.0 multiple issues in chromium archdebian
CVE-2021-37990 high 8.0 multiple issues in chromium archdebian
CVE-2021-38007 high 8.0 multiple issues in chromium archdebian
CVE-2021-38015 high 8.0 multiple issues in chromium archdebian
CVE-2021-38009 high 8.0 multiple issues in chromium archdebian
CVE-2021-38004 high 8.0 multiple issues in chromium archdebian
CVE-2021-25217 high 8.0 Important: dhcp security update archsusedebianrockylinux
CVE-2021-37991 high 8.0 multiple issues in chromium archdebian
CVE-2021-38005 high 8.0 multiple issues in chromium archdebian
CVE-2021-37996 high 8.0 multiple issues in chromium archdebian
CVE-2021-38001 high 8.0 multiple issues in chromium archdebian
CVE-2021-21199 high 8.0 Use after free in Aura in Google Chrome on Linux prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML pa… archdebian
CVE-2021-30559 high 8.0 arbitrary code execution in chromium archdebian
CVE-2021-30526 high 8.0 multiple issues in chromium archdebian
CVE-2021-30536 high 8.0 multiple issues in chromium archdebian
CVE-2021-21185 high 8.0 Insufficient policy enforcement in extensions in Google Chrome prior to 89.0.4389.72 allowed an attacker who convinced a user to install a malicious extension to obtain sensitive information via a cr… archdebian
CVE-2021-21187 high 8.0 Insufficient data validation in URL formatting in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. archdebian
CVE-2021-39888 high 8.0 multiple issues in gitlab arch
CVE-2021-30520 high 8.0 multiple issues in chromium archdebian
CVE-2021-38011 high 8.0 multiple issues in chromium archdebian
CVE-2021-30518 high 8.0 multiple issues in chromium archdebian
CVE-2021-30562 high 8.0 arbitrary code execution in chromium archdebian
CVE-2021-30557 high 8.0 arbitrary code execution in chromium archdebian
CVE-2021-37994 high 8.0 multiple issues in chromium archdebian
CVE-2021-23987 high 8.0 Mozilla developers and community members reported memory safety bugs present in Firefox 86 and Firefox ESR 78.8. Some of these bugs showed evidence of memory corruption and we presume that with enoug… archsusedebian
CVE-2021-30537 high 8.0 multiple issues in chromium archdebian
CVE-2021-38019 high 8.0 multiple issues in chromium archdebian
CVE-2021-30523 high 8.0 multiple issues in chromium archdebian
CVE-2021-4053 high 8.0 multiple issues in chromium archdebian
CVE-2021-30516 high 8.0 multiple issues in chromium archdebian
CVE-2021-30572 high 8.0 multiple issues in chromium archdebian
CVE-2021-30539 high 8.0 multiple issues in chromium archdebian
CVE-2021-30569 high 8.0 multiple issues in chromium archdebian
CVE-2021-30538 high 8.0 multiple issues in chromium archdebian
CVE-2021-37985 high 8.0 multiple issues in chromium archdebian
CVE-2021-30543 high 8.0 multiple issues in chromium archdebian
CVE-2021-21207 high 8.0 Use after free in IndexedDB in Google Chrome prior to 90.0.4430.72 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chro… archdebian
CVE-2021-30555 high 8.0 arbitrary code execution in chromium archdebian
CVE-2021-30568 high 8.0 multiple issues in chromium archdebian
CVE-2021-30515 high 8.0 multiple issues in chromium archdebian
CVE-2021-23960 high 8.0 Performing garbage collection on re-declared JavaScript variables resulted in a user-after-poison, and a potentially exploitable crash. This vulnerability affects Firefox < 85, Thunderbird < 78.7, an… archsusedebian
CVE-2021-29462 high 8.0 The Portable SDK for UPnP Devices is an SDK for development of UPnP device and control point applications. The server part of pupnp (libupnp) appears to be vulnerable to DNS rebinding attacks because… archdebian
CVE-2021-43396 high 8.0 In iconvdata/iso-2022-jp-3.c in the GNU C Library (aka glibc) 2.34, remote attackers can force iconv() to emit a spurious '\0' character via crafted ISO-2022-JP-3 data that is accompanied by an inter… archsusedebian
CVE-2021-30578 high 8.0 multiple issues in chromium archdebian
CVE-2021-30574 high 8.0 multiple issues in chromium archdebian
CVE-2021-30565 high 8.0 multiple issues in chromium archdebian
CVE-2021-21172 high 8.0 Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 89.0.4389.72 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. archdebian
CVE-2021-37984 high 8.0 multiple issues in chromium archdebian
CVE-2021-21231 high 8.0 Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. archdebian
CVE-2021-38018 high 8.0 multiple issues in chromium archdebian
CVE-2021-37988 high 8.0 multiple issues in chromium archdebian
CVE-2021-30593 high 8.0 multiple issues in chromium archdebian
CVE-2021-38385 high 8.0 Tor before 0.3.5.16, 0.4.5.10, and 0.4.6.7 mishandles the relationship between batch-signature verification and single-signature verification, leading to a remote assertion failure, aka TROVE-2021-00… archdebian
CVE-2021-30596 high 8.0 multiple issues in chromium archdebian
CVE-2021-38499 high 8.0 Mozilla developers reported memory safety bugs present in Firefox 92. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been expl… archdebian
CVE-2021-29966 high 8.0 Mozilla developers reported memory safety bugs present in Firefox 88. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been expl… archdebian
CVE-2021-4054 high 8.0 multiple issues in chromium archdebian
CVE-2021-38008 high 8.0 multiple issues in chromium archdebian
CVE-2021-29971 high 8.0 If a user had granted a permission to a webpage and saved that grant, any webpage running on the same host - irrespective of scheme or port - would be granted that permission. *This bug only affects … archdebian
CVE-2021-29973 high 8.0 Password autofill was enabled without user interaction on insecure websites on Firefox for Android. This was corrected to require user interaction with the page before a user's password would be ente… archdebian
CVE-2021-38013 high 8.0 multiple issues in chromium archdebian
CVE-2021-38014 high 8.0 multiple issues in chromium archdebian
CVE-2021-4061 high 8.0 multiple issues in chromium archdebian
CVE-2021-37982 high 8.0 multiple issues in chromium archdebian
CVE-2021-4063 high 8.0 multiple issues in chromium archdebian
CVE-2021-38022 high 8.0 multiple issues in chromium archdebian
CVE-2021-37981 high 8.0 multiple issues in chromium archdebian
CVE-2021-38017 high 8.0 multiple issues in chromium archdebian
CVE-2021-37998 high 8.0 multiple issues in chromium archdebian
CVE-2021-4059 high 8.0 multiple issues in chromium archdebian
CVE-2021-29428 high 8.0 In Gradle before version 7.0, on Unix-like systems, the system temporary directory can be created with open permissions that allow multiple users to create and delete files within it. Gradle builds c… archsusedebian