How severe is CVE-2021-29630?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.1 out of 10.

What type of vulnerability is CVE-2021-29630?

This is classified as CWE-787, which is a common weakness in software security.

CVE-2021-29630

HIGH Year: 2021

CVSS v3 Score

8.1

High

CVSS v2 Score

7.6

High

Weakness Type

CWE-787

View all →

Vulnerability Description

In FreeBSD 13.0-STABLE before n246938-0729ba2f49c9, 12.2-STABLE before r370383, 11.4-STABLE before r370381, 13.0-RELEASE before p4, 12.2-RELEASE before p10, and 11.4-RELEASE before p13, the ggatec daemon does not validate the size of a response before writing it to a fixed-sized buffer allowing a malicious attacker in a privileged network position to overwrite the stack of ggatec and potentially execute arbitrary code.

CVE-2012-0754

HIGH

CVSS:8.1(High)

Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attack...

CWE-7872012

CVE-2016-2371

HIGH

CVSS:8.1(High)

An out-of-bounds write vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could cause memory corruption resulting in code execution.

CWE-7872016

CVE-2017-2780

HIGH

CVSS:8.1(High)

An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a buffer overflo...

CWE-7872017

CVE-2017-2781

HIGH

CVSS:8.1(High)

CWE-7872017

CVE-2018-5210

HIGH

CVSS:8.1(High)

On Samsung mobile devices with N(7.x) software and Exynos chipsets, attackers can conduct a Trustlet stack overflow attack for arbitrary TEE code execution, in conjunction with a brute-force attack to...

CWE-7872018

CVE-2019-11516

HIGH

CVSS:8.1(High)

An issue was discovered in the Bluetooth component of the Cypress (formerly owned by Broadcom) Wireless IoT codebase. Extended Inquiry Responses (EIRs) are improperly handled, which causes a heap-base...

CWE-7872019

CVE-2021-29630

Vulnerability Description

Related Vulnerabilities

CVE-2012-0754

CVE-2016-2371

CVE-2017-2780

CVE-2017-2781

CVE-2018-5210

CVE-2019-11516