CVE-2018-25012

A flaw was found in libwebp. An out-of-bounds read was found in function WebPMuxCreateInternal. The highest threat from this vulnerability is to data confidentiality and to the service availability...

CVE-2021-20095

A flaw was found in python-babel. A path traversal vulnerability was found in how locale data files are checked and loaded within python-babel, allowing a local attacker to trick an application that uses python-babel to load a file outside of the intended locale directory. The highest threat from...

CVE-2019-25040

A flaw was found in unbound. An infinite loop in dnamepktcopy function could be triggered by a remote attacker. The highest threat from this vulnerability is to service availability...

CVE-2019-25037

A flaw was found in unbound. A reachable assertion in the dnamepktcopy function can be triggered by sending invalid packets to the server. The highest threat from this vulnerability is to service availability...

CVE-2019-25042

A flaw was found in unbound. An out-of-bounds write in the rdatacopy function may be abused by a remote attacker. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability...

CVE-2019-25039

A flaw was found in unbound. An integer overflow in ubpackedrrsetkey function may lead to a buffer overflow of the allocated buffer if the size can be controlled by an attacker. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability...

CVE-2019-25036

A flaw was found in unbound. A reachable assertion in the synthcname function can be triggered by sending invalid packets to the server. If asserts are disabled during compilation, this issue might lead to an out-of-bounds write in dnamepktcopy function. The highest threat from this vulnerability...

CVE-2019-25038

A flaw was found in unbound. An integer overflow in dnscloadlocaldata function may lead to a buffer overflow of the allocated buffer if the size can be controlled by an attacker. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability...

CVE-2019-25041

A flaw was found in unbound. A reachable assertion in the dnamepktcopy function can be triggered through compressed names. The highest threat from this vulnerability is to service availability...

CVE-2019-25035

A flaw was found in unbound. An out-of-bounds write in the sldnsbgettokenpar function may be abused by a remote attacker. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability...

CVE-2019-25034

A flaw was found in unbound. An integer overflow in the sldnsstr2wirednamebuforigin function may lead to a buffer overflow. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability...

CVE-2019-25033

A flaw was found in unbound. An integer overflow in the regional allocator via the ALIGNUP macro may lead to a buffer overflow if the size can be controlled by an attacker. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability...

CVE-2019-25032

A flaw was found in unbound. An integer overflow in regionalalloc function may lead to a buffer overflow of the allocated buffer if the size can be controlled by an attacker and can be big enough. The highest threat from this vulnerability is to data confidentiality and integrity as well as servi...

CVE-2021-3502

A flaw was found in avahi. A reachable assertion is present in avahishostnameresolverstart function allowing a local attacker to crash the avahi service by requesting hostname resolutions through the avahi socket or dbus methods for invalid hostnames. The highest threat from this vulnerability is...

CVE-2021-28165

When using SSL/TLS with Jetty, either with HTTP/1.1, HTTP/2, or WebSocket, the server may receive an invalid large greater than 17408 TLS frame that is incorrectly handled, causing high CPU resources utilization. The highest threat from this vulnerability is to service availability...

CVE-2021-3468

A flaw was found in avahi. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the clientwork function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the availability of th...

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2021-04807)

Oracle MySQL is an open source relational database management system.MySQL Server mysqld is the MySQL server, the main program that performs most of the work in a MySQL installation. An unspecified vulnerability exists in the InnoDB component of Oracle MySQL Server 8.0.22 and earlier. An attacker...

CVE-2021-21446

SAP NetWeaver AS ABAP, versions 740, 750, 751, 752, 753, 754, 755, allows an unauthenticated attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service, this has a high impact on the availability of the service...

CVE-2020-36330

A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkVerifyAndAssign. The highest threat from this vulnerability is to data confidentiality and to the service availability...

CVE-2020-36332

A flaw was found in libwebp in versions before 1.0.1. When reading a file libwebp allocates an excessive amount of memory. The highest threat from this vulnerability is to the service availability...