Lucene search
K

5094 matches found

Prion
Prion
added 2021/04/30 12:15 p.m.29 views

Out-of-bounds

A flaw was found in RPM's hdrblobInit in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat from this vulnerability is to system availability...

4CVSS6.2AI score0.01706EPSS
Exploits0References4Affected Software2
UbuntuCve
UbuntuCve
added 2021/04/30 12:15 p.m.35 views

CVE-2021-20266

A flaw was found in RPM's hdrblobInit in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat from this vulnerability is to system availability...

4.9CVSS6.7AI score0.01706EPSS
Exploits0References3
Cvelist
Cvelist
added 2021/04/30 11:22 a.m.21 views

CVE-2021-20266

A flaw was found in RPM's hdrblobInit in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat from this vulnerability is to system availability...

6AI score0.01706EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2021/04/30 11:22 a.m.34 views

CVE-2021-20266

A flaw was found in RPM's hdrblobInit in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat from this vulnerability is to system availability...

4.9CVSS6AI score0.01706EPSS
Exploits0
Debian CVE
Debian CVE
added 2021/04/30 11:22 a.m.27 views

CVE-2021-20266

A flaw was found in RPM's hdrblobInit in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat from this vulnerability is to system availability...

4.9CVSS6.2AI score0.01706EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2021/04/30 12:0 a.m.49 views

CVE-2021-31916

An out-of-bounds OOB memory write flaw was found in listdevices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux kernel before 5.12. A bound check failure allows an attacker with special user CAPSYSADMIN privilege to gain access to out-of-bounds memory leading to a system...

6.7CVSS6.7AI score0.0072EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2021/04/30 12:0 a.m.52 views

EulerOS 2.0 SP3 : cairo (EulerOS-SA-2021-1769)

According to the version of the cairo packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to...

7.8CVSS6.8AI score0.01112EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/04/30 12:0 a.m.32 views

EulerOS 2.0 SP3 : postgresql (EulerOS-SA-2021-1833)

According to the version of the postgresql packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. An attacker havi...

8.8CVSS7AI score0.4644EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/04/30 12:0 a.m.27 views

EulerOS 2.0 SP3 : xorg-x11-server (EulerOS-SA-2021-1863)

According to the version of the xorg-x11-server packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found in xorg-x11-server in versions before 1.20.11. An integer underflow can occur in xserver which can lead to a local...

7.8CVSS7.3AI score0.0105EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2021/04/29 3:48 a.m.66 views

CVE-2021-25216

A flaw was found in bind. The SPNEGO implementation used by BIND, which is a negotiation mechanism used by GSSAPI to support the secure exchange of keys used to verify the authenticity of communications between parties on a network, is subject to a buffer overflow attack. The highest threat from...

9.8CVSS9.1AI score0.83406EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2021/04/29 3:48 a.m.57 views

CVE-2021-25215

A flaw was found in bind. The way DNAME records are processed may trigger the same RRset to the ANSWER section to be added more than once which causes an assertion check to fail. The highest threat from this flaw is to system availability. Mitigation Red Hat has investigated whether a possible...

7.5CVSS7.6AI score0.11296EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/04/29 12:0 a.m.30 views

Oracle Linux 7 : nss (ELSA-2021-1384)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-1384 advisory. 3.53.1-7 - Fix HSM load failure because of CKOProfile - Allow builds with strict-proto 3.53.1-6 - Update to CVE 2020-256423 TLS flood DOS attack patch. 3.53.1-5...

7.5CVSS8AI score0.03854EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2021/04/28 7:48 p.m.23 views

CVE-2019-25031

A flaw was found in unbound. The createunboundadservers.sh bash script does not properly sanitize input data, which is retrieved using an unencrypted, unauthenticated HTTP request, before writing the configuration file allowing a man-in-the-middle attack. The highest threat from this vulnerabilit...

5.9CVSS7.4AI score0.01339EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2021/04/28 7:36 p.m.24 views

CVE-2021-3522

A flaw was found in gstreamer-plugins-base where an out-of-bounds read when handling certain ID3v2 tags is possible. The highest threat from this vulnerability is to system availability...

5.5CVSS0.8AI score0.05372EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2021/04/27 7:37 p.m.36 views

CVE-2021-3501

A flaw was found in the Linux kernel. The value of internal.ndata, in the KVM API, is mapped to an array index, which can be updated by a user process at anytime which could lead to an out-of-bounds write. The highest threat from this vulnerability is to data integrity and system availability...

7.8CVSS1.9AI score0.00374EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2021/04/27 6:24 p.m.29 views

CVE-2020-36325

A flaw was found in jansson. An out-of-bounds read-access bug is possible due to a parsing error in jsonloads. The highest threat from this vulnerability is do system availability...

7.5CVSS2.1AI score0.01718EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2021/04/27 8:47 a.m.4 views

bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible

A flaw was found in bouncycastle. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password allowing incorrect passwords to indicate they were matching with previously hashed ones that were different. The highest threat from this vulnerability is to data...

8.1CVSS6.8AI score0.0714EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2021/04/27 8:47 a.m.4 views

kernel: heap buffer overflow in the iSCSI subsystem

A flaw was found in the Linux kernel. A heap buffer overflow in the iSCSI subsystem is triggered by setting an iSCSI string attribute to a value larger than one page and then trying to read it. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...

7.8CVSS6.9AI score0.02079EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2021/04/27 8:43 a.m.4 views

kernel: heap buffer overflow in the iSCSI subsystem

A flaw was found in the Linux kernel. A heap buffer overflow in the iSCSI subsystem is triggered by setting an iSCSI string attribute to a value larger than one page and then trying to read it. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...

7.8CVSS6.9AI score0.02079EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2021/04/27 7:25 a.m.4 views

kernel: Use after free via PI futex state

A flaw was found in the Linux kernel. A use-after-free memory flaw in the Fast Userspace Mutexes functionality allowing a local user to crash the system or escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as syste...

7.8CVSS7.1AI score0.01377EPSS
Exploits1References4
Rows per page
Query Builder