Lucene search
K

5094 matches found

RedHat Linux
RedHat Linux
added 2021/04/06 12:44 p.m.4 views

kernel: heap buffer overflow in the iSCSI subsystem

A flaw was found in the Linux kernel. A heap buffer overflow in the iSCSI subsystem is triggered by setting an iSCSI string attribute to a value larger than one page and then trying to read it. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...

7.8CVSS6.9AI score0.02079EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2021/04/06 12:44 p.m.4 views

kernel: out-of-bounds read in libiscsi module

A flaw was found in the Linux kernel. An out-of-bounds read was discovered in the libiscsi module that could lead to reading kernel memory or a crash. The highest threat from this vulnerability is to data confidentiality as well as system availability...

7.1CVSS6.7AI score0.00957EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2021/04/06 12:39 p.m.7 views

kernel: out-of-bounds read in libiscsi module

A flaw was found in the Linux kernel. An out-of-bounds read was discovered in the libiscsi module that could lead to reading kernel memory or a crash. The highest threat from this vulnerability is to data confidentiality as well as system availability...

7.1CVSS6.7AI score0.00957EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2021/04/06 12:39 p.m.7 views

kernel: heap buffer overflow in the iSCSI subsystem

A flaw was found in the Linux kernel. A heap buffer overflow in the iSCSI subsystem is triggered by setting an iSCSI string attribute to a value larger than one page and then trying to read it. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...

7.8CVSS6.9AI score0.02079EPSS
Exploits1References5
Kaspersky
Kaspersky
added 2021/04/06 12:0 a.m.36 views

KLA12216 DoS vulnerability in Apache Tomcat

A denial of service vulnerability was found in Apache Tomcat. Malicious users can exploit this vulnerability to cause denial of service. Original advisories Apache Tomcat 8.5.x vulnerabilities Apache Tomcat 9.x vulnerabilities Apache Tomcat 10.0.x vulnerabilities Related products Apache-Tomcat CV...

7.5CVSS6.7AI score0.06889EPSS
Exploits0References5
NVD
NVD
added 2021/04/05 10:15 p.m.16 views

CVE-2021-20305

A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions GOST DSA, EDDSA & ECDSA result in the Elliptic Curve Cryptography point ECC multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allow...

8.1CVSS0.01607EPSS
Exploits0References6
OSV
OSV
added 2021/04/05 10:15 p.m.30 views

CVE-2021-20305

A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions GOST DSA, EDDSA & ECDSA result in the Elliptic Curve Cryptography point ECC multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allow...

8.1CVSS6.5AI score
Exploits0References6
Prion
Prion
added 2021/04/05 10:15 p.m.30 views

Design/Logic Flaw

A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions GOST DSA, EDDSA & ECDSA result in the Elliptic Curve Cryptography point ECC multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allow...

6.8CVSS7.7AI score0.01607EPSS
Exploits0References6Affected Software4
CVE
CVE
added 2021/04/05 9:31 p.m.652 views

CVE-2021-20305

CVE-2021-20305 affects Nettle prior to 3.7.2 where signature verification (GOST DSA, EDDSA, ECDSA) calls ECC multiply with out-of-range scalars, potentially producing incorrect results and allowing an attacker to force an invalid signature (leading to assertion failure or validation issues). Docu...

8.1CVSS6.7AI score0.01607EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2021/04/05 9:31 p.m.30 views

CVE-2021-20305

A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions GOST DSA, EDDSA & ECDSA result in the Elliptic Curve Cryptography point ECC multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allow...

8.2AI score0.01607EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2021/04/05 9:31 p.m.22 views

CVE-2021-20305

A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions GOST DSA, EDDSA & ECDSA result in the Elliptic Curve Cryptography point ECC multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allow...

8.1CVSS6.7AI score0.01607EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2021/04/05 8:3 p.m.26 views

CVE-2021-3482

A flaw was found in Exiv2. Improper input validation of the rawData.size property in the Jp2Image::readMetadata function in jp2image.cpp can lead to a heap-based buffer overflow via a crafted JPG image containing malicious EXIF data. The highest threat from this vulnerability is to confidentialit...

6.5CVSS3.2AI score0.02295EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2021/04/05 4:56 p.m.36 views

CVE-2021-30002

A flaw memory leak in the Linux kernel webcam device functionality was found in the way user calls ioctl that triggers videousercopy function. The highest threat from this vulnerability is to system availability. Mitigation To mitigate this issue, prevent the module v4l2-common from being loaded...

6.2CVSS6.7AI score0.00372EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2021/04/02 12:0 a.m.29 views

CVE-2021-20297

A flaw was found in NetworkManager in versions before 1.30.0. Setting match.path and activating a profile crashes NetworkManager. The highest threat from this vulnerability is to system availability...

5.5CVSS6.6AI score0.00254EPSS
Exploits0References2
NVD
NVD
added 2021/04/01 2:15 p.m.19 views

CVE-2021-20234

An uncontrolled resource consumption memory leak flaw was found in the ZeroMQ client in versions before 4.3.3 in src/pipe.cpp. This issue causes a client that connects to multiple malicious or compromised servers to crash. The highest threat from this vulnerability is to system availability...

6.5CVSS0.01073EPSS
Exploits1References2
OSV
OSV
added 2021/04/01 2:15 p.m.27 views

CVE-2021-20234

An uncontrolled resource consumption memory leak flaw was found in the ZeroMQ client in versions before 4.3.3 in src/pipe.cpp. This issue causes a client that connects to multiple malicious or compromised servers to crash. The highest threat from this vulnerability is to system availability...

6.5CVSS6.4AI score
Exploits0References2
OSV
OSV
added 2021/04/01 2:15 p.m.1 views

DEBIAN-CVE-2021-20234

An uncontrolled resource consumption memory leak flaw was found in the ZeroMQ client in versions before 4.3.3 in src/pipe.cpp. This issue causes a client that connects to multiple malicious or compromised servers to crash. The highest threat from this vulnerability is to system availability...

6.5CVSS7.4AI score0.01073EPSS
Exploits1References1
OSV
OSV
added 2021/04/01 2:15 p.m.0 views

DEBIAN-CVE-2021-20296

A flaw was found in OpenEXR in versions before 3.0.0-beta. A crafted input file supplied by an attacker, that is processed by the Dwa decompression functionality of OpenEXR's IlmImf library, could cause a NULL pointer dereference. The highest threat from this vulnerability is to system availabili...

5.3CVSS6.5AI score0.01747EPSS
Exploits0References1
OSV
OSV
added 2021/04/01 2:15 p.m.21 views

CVE-2021-20296

A flaw was found in OpenEXR in versions before 3.0.0-beta. A crafted input file supplied by an attacker, that is processed by the Dwa decompression functionality of OpenEXR's IlmImf library, could cause a NULL pointer dereference. The highest threat from this vulnerability is to system availabili...

5.3CVSS6.3AI score
Exploits0References5
Prion
Prion
added 2021/04/01 2:15 p.m.25 views

Null pointer dereference

A flaw was found in OpenEXR in versions before 3.0.0-beta. A crafted input file supplied by an attacker, that is processed by the Dwa decompression functionality of OpenEXR's IlmImf library, could cause a NULL pointer dereference. The highest threat from this vulnerability is to system availabili...

5CVSS5.2AI score0.01747EPSS
Exploits0References5Affected Software2
Rows per page
Query Builder