CVE-2021-36057

MEDIUM Year: 2021
CVSS v3 Score
4.0
Medium
CVSS v2 Score
2.1
Low
Weakness Type
CWE-123
View all →

Vulnerability Description

XMP Toolkit SDK version 2020.1 (and earlier) is affected by a write-what-where condition vulnerability caused during the application's memory allocation process. This may cause the memory management functions to become mismatched resulting in local application denial of service in the context of the current user.

Related Vulnerabilities

CVE-2024-47438

MEDIUM
CVSS:5.5(Medium)

Substance3D - Painter versions 10.1.0 and earlier are affected by a Write-what-where Condition vulnerability that could lead to a memory leak. This vulnerability allows an attacker to write a controll...

CWE-1232024

CVE-2014-5435

CRITICAL
CVSS:9.8(Critical)

An arbitrary memory write vulnerability exists in the dual_onsrv.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, that could lead to possible remote...

CWE-1232014

CVE-2015-8271

CRITICAL
CVSS:9.8(Critical)

The AMF3CD_AddProp function in amf.c in RTMPDump 2.4 allows remote RTMP Media servers to execute arbitrary code.

CWE-1232015

CVE-2020-2001

CRITICAL
CVSS:9.8(Critical)

An external control of path and data vulnerability in the Palo Alto Networks PAN-OS Panorama XSLT processing logic that allows an unauthenticated user with network access to PAN-OS management interfac...

CWE-1232020

CVE-2021-38441

CRITICAL
CVSS:9.8(Critical)

Eclipse CycloneDDS versions prior to 0.8.0 are vulnerable to a write-what-where condition, which may allow an attacker to write arbitrary values in the XML parser.

CWE-1232021

CVE-2021-38449

CRITICAL
CVSS:9.8(Critical)

Some API functions permit by-design writing or copying data into a given buffer. Since the client controls these parameters, an attacker could rewrite the memory in any location of the affected produc...

CWE-1232021