UBUNTU-CVE-2021-35063

Suricata before 5.0.7 and 6.x before 6.0.3 has a "critical evasion."...

CVE-2021-31206

Microsoft Exchange Server Remote Code Execution Vulnerability...

Siemens JT2GO 缓冲区错误漏洞

Siemens Jt2go and Siemens Teamcenter Visualization are both products of Siemens AG, Germany. Siemens Jt2go is a JT file viewer. Siemens Teamcenter Visualization is a software that provides team collaboration capabilities for designing 2D and 3D scenes. A buffer over-read vulnerability exists in...

OPENSUSE-SU-2021:0940-1 Security update for bouncycastle

This update for bouncycastle fixes the following issues: - CVE-2020-15522: Fixed a timing issue within the EC math library bsc1186328. This update was imported from the SUSE:SLE-15-SP2:Update update project...

UBUNTU-CVE-2021-3532

Rejected reason: This CVE is marked as INVALID and not a bug...

UBUNTU-CVE-2021-3587

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-38208. Reason: This candidate is a reservation duplicate of CVE-2021-38208. Notes: All CVE users should reference CVE-2021-38208 instead of this candidate. All references and descriptions in this candidate have been removed t...

CVE-2021-28438

Windows Console Driver Denial of Service Vulnerability...

CVE-2021-28332

Remote Procedure Call Runtime Remote Code Execution Vulnerability...

UBUNTU-CVE-2021-29939

An issue was discovered in the stackvector crate through 2021-02-19 for Rust. There is an out-of-bounds write in StackVec::extend if sizehint provides certain anomalous data...

GHSA-P43W-G3C5-G5MQ Out of bounds read in Pillow

An issue was discovered in Pillow before 8.1.1. There is an out-of-bounds read in SGIRleDecode.c...

UBUNTU-CVE-2021-23362

The package hosted-git-info before 3.0.8 are vulnerable to Regular Expression Denial of Service ReDoS via regular expression shortcutMatch in the fromUrl function in index.js. The affected regular expression exhibits polynomial worst-case time complexity...

Cesanta Mongoose out-of-bounds write vulnerability (CNVD-2021-12086)

Mongoose is a C/C++ network library. An out-of-bounds write vulnerability exists in the mgtlsinit function in Cesanta Mongoose 7.0, 6.7-6.18. An attacker can exploit this vulnerability via a connection request to cause an out-of-bounds write after the memory pool is exhausted...

CVE-2020-12523

On Phoenix Contact mGuard Devices versions before 8.8.3 LAN ports get functional after reboot even if they are disabled in the device configuration. For mGuard devices with integrated switch on the LAN side, single switch ports can be disabled by device configuration. After a reboot these ports g...

CVE-2020-17145

Azure DevOps Server and Team Foundation Services Spoofing Vulnerability...

CVE-2020-17020

Microsoft Word Security Feature Bypass Vulnerability...

CVE-2020-16970

Azure Sphere Unsigned Code Execution Vulnerability...

CVE-2020-28045

An unsigned-library issue was discovered in ProlinOS through 2.4.161.8859R. This OS requires installed applications and all system binaries to be signed either by the manufacturer or by the Point Of Sale application developer and distributor. The signature is a 2048-byte RSA signature verified in...

CVE-2020-28045

CVE-2020-28045 affects ProlinOS up to 2.4.161.8859R. Root cause: shared libraries are not required to be signed and are not verified, allowing an attacker with local access to load a crafted shared object via LD_PRELOAD, bypassing kernel ELF verification and executing unsigned code. This creates ...

USN-4493-1 cryptsetup vulnerability

It was discovered that cryptsetup incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code...

UBUNTU-CVE-2020-13132

An issue was discovered in Yubico libykpiv before 2.1.0. An attacker can trigger an incorrect free in the ykpivutilgeneratekey function in lib/util.c through incorrect error handling code. This could be used to cause a denial of service attack...