Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4210 matches found

RedhatCVE
RedhatCVEadded 2021/08/11 7:26 p.m.53 views

CVE-2021-38209

A flaw was found in the Linux kernel. Observation of changes in any net namespace is possible due to these changes being leaked into all other net namespaces. The highest threat from this vulnerability is to data confidentiality...

3.3CVSS2.1AI score0.00047EPSS
Exploits0References3
RedHat Linux
RedHat Linuxadded 2021/08/10 11:21 a.m.0 views

kernel: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c

A flaw was discovered in processing setsockopt IPTSOSETREPLACE or IP6TSOSETREPLACE for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space. This action is usually restricted to root-privileged users but can also be leverage...

8.3CVSS6.7AI score0.85239EPSS
Exploits21References7
CNVD
CNVDadded 2021/08/10 12:0 a.m.48 views

Linux kernel information disclosure vulnerability (CNVD-2021-60524)

Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. Linux kernel has a security vulnerability that could be exploited by an attacker to obtain any information changed in the network namespace and use this information to launch further attacks on the...

3.3CVSS2AI score0.00047EPSS
Exploits0References1
OSV
OSVadded 2021/08/08 8:15 p.m.1 views

DEBIAN-CVE-2021-38209

net/netfilter/nfconntrackstandalone.c in the Linux kernel before 5.12.2 allows observation of changes in any net namespace because these changes are leaked into all other net namespaces. This is related to the NFSYSCTLCTMAX, NFSYSCTLCTEXPECTMAX, and NFSYSCTLCTBUCKETS sysctls...

3.3CVSS6.4AI score0.00047EPSS
Exploits0References1
OSV
OSVadded 2021/08/08 8:15 p.m.4 views

CVE-2021-38209

net/netfilter/nfconntrackstandalone.c in the Linux kernel before 5.12.2 allows observation of changes in any net namespace because these changes are leaked into all other net namespaces. This is related to the NFSYSCTLCTMAX, NFSYSCTLCTEXPECTMAX, and NFSYSCTLCTBUCKETS sysctls...

3.3CVSS8.3AI score
Exploits0References2
OSV
OSVadded 2021/08/08 8:15 p.m.1 views

AZL-6593 CVE-2021-38209 affecting package kernel for versions less than 5.10.78.1-1

net/netfilter/nfconntrackstandalone.c in the Linux kernel before 5.12.2 allows observation of changes in any net namespace because these changes are leaked into all other net namespaces. This is related to the NFSYSCTLCTMAX, NFSYSCTLCTEXPECTMAX, and NFSYSCTLCTBUCKETS sysctls...

3.3CVSS6.7AI score0.00047EPSS
Exploits0References1
UbuntuCve
UbuntuCveadded 2021/08/08 8:15 p.m.35 views

CVE-2021-38209

net/netfilter/nfconntrackstandalone.c in the Linux kernel before 5.12.2 allows observation of changes in any net namespace because these changes are leaked into all other net namespaces. This is related to the NFSYSCTLCTMAX, NFSYSCTLCTEXPECTMAX, and NFSYSCTLCTBUCKETS sysctls...

3.3CVSS6.8AI score0.00047EPSS
Exploits0References3
OSV
OSVadded 2021/08/08 8:15 p.m.1 views

UBUNTU-CVE-2021-38209

net/netfilter/nfconntrackstandalone.c in the Linux kernel before 5.12.2 allows observation of changes in any net namespace because these changes are leaked into all other net namespaces. This is related to the NFSYSCTLCTMAX, NFSYSCTLCTEXPECTMAX, and NFSYSCTLCTBUCKETS sysctls...

3.3CVSS6.7AI score0.00047EPSS
Exploits0References4
Debian CVE
Debian CVEadded 2021/08/08 7:21 p.m.41 views

CVE-2021-38209

net/netfilter/nfconntrackstandalone.c in the Linux kernel before 5.12.2 allows observation of changes in any net namespace because these changes are leaked into all other net namespaces. This is related to the NFSYSCTLCTMAX, NFSYSCTLCTEXPECTMAX, and NFSYSCTLCTBUCKETS sysctls...

3.3CVSS5.9AI score0.00047EPSS
Exploits0
CVE
CVEadded 2021/08/08 7:21 p.m.220 views

CVE-2021-38209

CVE-2021-38209 affects the Linux kernel prior to 5.12.2, where nf_conntrack_standalone.c leaks namespace changes across all net namespaces via NF_SYSCTL_CT_MAX, NF_SYSCTL_CT_EXPECT_MAX, and NF_SYSCTL_CT_BUCKETS. The issue enables observation of changes in any net namespace because updates are lea...

3.3CVSS5AI score0.00047EPSS
Exploits0References2Affected Software1
Veracode
Veracodeadded 2021/07/29 12:21 p.m.19 views

Information Disclosure

github.com/hashicorp/vault is vulnerable to information disclosure. The vulnerability exists due to a failure to revoke dynamic secrets for a mount in a deleted namespace...

7.5CVSS1.6AI score0.00286EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blogadded 2021/07/28 5:57 p.m.59 views

Improper Resource Shutdown or Release in HashiCorp Vault

HashiCorp Vault Enterprise 0.11.0 through 1.3.1 fails, in certain circumstances, to revoke dynamic secrets for a mount in a deleted namespace. Fixed in 1.3.2...

7.5CVSS7.2AI score0.00286EPSS
Exploits0References4Affected Software1
OSV
OSVadded 2021/07/28 5:57 p.m.18 views

GHSA-9VH5-R4QW-V3VV Improper Resource Shutdown or Release in HashiCorp Vault

HashiCorp Vault Enterprise 0.11.0 through 1.3.1 fails, in certain circumstances, to revoke dynamic secrets for a mount in a deleted namespace. Fixed in 1.3.2...

7.5CVSS7.3AI score0.00286EPSS
Exploits0References3
CNVD
CNVDadded 2021/07/20 12:0 a.m.12 views

Froala WYSIWYG Editor Cross-Site Scripting Vulnerability

Froala WYSIWYG Editor is an application. Froala WYSIWYG Editor is a cross-site scripting vulnerability that stems from an obfuscation of namespace resolution in the product. An attacker could exploit this vulnerability to obtain an administrator cookie...

5.4CVSS1.9AI score0.0057EPSS
Exploits0References1
OSV
OSVadded 2021/07/19 9:21 p.m.44 views

GHSA-RR6V-H7M8-WC9F Cross-site Scripting in Froala WYSIWYG Editor

Froala WYSIWYG Editor 3.2.6-1 is affected by XSS due to a namespace confusion during parsing...

5.4CVSS5.2AI score0.0057EPSS
Exploits0References3
Github Security Blog
Github Security Blogadded 2021/07/19 9:21 p.m.72 views

Cross-site Scripting in Froala WYSIWYG Editor

Froala WYSIWYG Editor 3.2.6-1 is affected by XSS due to a namespace confusion during parsing...

5.4CVSS1.8AI score0.0057EPSS
Exploits0References4Affected Software1
NVD
NVDadded 2021/07/16 1:15 p.m.12 views

CVE-2021-28114

Froala WYSIWYG Editor 3.2.6-1 is affected by XSS due to a namespace confusion during parsing...

5.4CVSS0.0057EPSS
Exploits0References3
OSV
OSVadded 2021/07/16 1:15 p.m.17 views

CVE-2021-28114

Froala WYSIWYG Editor 3.2.6-1 is affected by XSS due to a namespace confusion during parsing...

5.4CVSS5.9AI score
Exploits0References3
Prion
Prionadded 2021/07/16 1:15 p.m.11 views

Type confusion

Froala WYSIWYG Editor 3.2.6-1 is affected by XSS due to a namespace confusion during parsing...

3.5CVSS5.2AI score0.0057EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2021/07/16 12:16 p.m.10 views

CVE-2021-28114

Froala WYSIWYG Editor 3.2.6-1 is affected by XSS due to a namespace confusion during parsing...

5.4AI score0.0057EPSS
Exploits0References3
Rows per page
Query Builder