Lucene search
K

5094 matches found

RedhatCVE
RedhatCVE
added 2021/03/31 10:46 a.m.16 views

CVE-2021-25315

A flaw was found in Salt. This issue is caused by an incorrect implementation of the authentication algorithm, where openSUSE Tumbleweed allows local attackers to execute arbitrary code via Salt without the need to specify valid credentials in Salt versions before 3002.2-3. The highest threat fro...

9.8CVSS5.5AI score0.02333EPSS
Exploits0References4
CVE
CVE
added 2021/03/31 12:0 a.m.150 views

CVE-2021-3478

CVE-2021-3478 affects OpenEXR’s scanline input file handling. A crafted file processed by OpenEXR can cause excessive memory usage, with the greatest impact on availability. Multiple connected sources corroborate a memory-denial threat vector in OpenEXR before 3.0.0-beta. Debian LTS advisories sh...

5.5CVSS5.4AI score0.0096EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2021/03/31 12:0 a.m.241 views

CVE-2021-3479

CVE-2021-3479 is a vulnerability in OpenEXR’s Scanline API. The flaw affects OpenEXR versions prior to 3.0.0-beta where processing a crafted EXR file can trigger excessive memory consumption, resulting in a denial of service (system availability impact). Connected advisories confirm real-world re...

5.5CVSS5.4AI score0.01EPSS
Exploits0References5Affected Software1
AlpineLinux
AlpineLinux
added 2021/03/31 12:0 a.m.49 views

CVE-2021-3479

There's a flaw in OpenEXR's Scanline API functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger excessive consumption of memory, resulting in an impact to system availability...

5.5CVSS5.7AI score0.01EPSS
Exploits0
Cvelist
Cvelist
added 2021/03/31 12:0 a.m.20 views

CVE-2021-3479

There's a flaw in OpenEXR's Scanline API functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger excessive consumption of memory, resulting in an impact to system availability...

5.9AI score0.01EPSS
Exploits0References5
Cvelist
Cvelist
added 2021/03/31 12:0 a.m.26 views

CVE-2021-3478

There's a flaw in OpenEXR's scanline input file functionality in versions before 3.0.0-beta. An attacker able to submit a crafted file to be processed by OpenEXR could consume excessive system memory. The greatest impact of this flaw is to system availability...

5.8AI score0.0096EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2021/03/31 12:0 a.m.27 views

CVE-2021-3478

There's a flaw in OpenEXR's scanline input file functionality in versions before 3.0.0-beta. An attacker able to submit a crafted file to be processed by OpenEXR could consume excessive system memory. The greatest impact of this flaw is to system availability...

5.5CVSS5.6AI score0.0096EPSS
Exploits0
Debian CVE
Debian CVE
added 2021/03/31 12:0 a.m.35 views

CVE-2021-3479

There's a flaw in OpenEXR's Scanline API functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger excessive consumption of memory, resulting in an impact to system availability...

5.5CVSS5.7AI score0.01EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2021/03/30 8:28 p.m.49 views

CVE-2021-1871

A logic issue was found in WebKitGTK and WPE WebKit in versions prior to 2.32.0. A remote attacker may be able to cause arbitrary code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

9.8CVSS6.1AI score0.0712EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2021/03/30 8:27 p.m.38 views

CVE-2021-1788

A use-after-free issue was found in WebKitGTK and WPE WebKit in versions prior to 2.32.0. Processing maliciously crafted web content may lead to arbitrary code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8.8CVSS5.2AI score0.01604EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2021/03/30 8:27 p.m.28 views

CVE-2021-1844

A memory corruption issue was found in WebKitGTK and WPE WebKit in versions prior to 2.32.0. Processing maliciously crafted web content may lead to arbitrary code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8.8CVSS5.2AI score0.02368EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2021/03/30 7:2 p.m.29 views

CVE-2021-3479

There's a flaw in OpenEXR's Scanline API functionality. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger excessive consumption of memory, resulting in an impact to system availability...

6.2CVSS2.7AI score0.01EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2021/03/30 3:27 p.m.18 views

CVE-2021-20297

A flaw was found in NetworkManager. Setting match.path and activating a profile crashes NetworkManager. The highest threat from this vulnerability is to system availability...

5.5CVSS5.8AI score0.00254EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2021/03/30 2:27 p.m.42 views

CVE-2021-29266

A flaw was found in the Linux kernel. An invalid value upon reopening a character device can cause a use-after-free memory corruption. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

7.8CVSS2.5AI score0.00318EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2021/03/30 2:11 p.m.43 views

CVE-2021-29264

A flaw was found in the Linux kernel. The Freescale Gianfar Ethernet driver allows attackers to cause a system crash due to a negative fragment size calculated in situations involving an RX queue overrun when jumbo packets are used and NAPI is enabled. The highest threat from this vulnerability i...

7.1CVSS4.3AI score0.00272EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2021/03/30 10:27 a.m.50 views

CVE-2021-20290

An improper authorization handling flaw was found in Foreman. The OpenSCAP plugin for the smart-proxy allows foreman clients to execute actions that should be limited to the Foreman Server. This flaw allows an authenticated local attacker to access and delete limited resources and also causes a...

6.1CVSS1.5AI score0.0022EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2021/03/30 10:27 a.m.25 views

CVE-2021-3457

An improper authorization handling flaw was found in Foreman. The Shellhooks plugin for the smart-proxy allows Foreman clients to execute actions that should be limited to the Foreman Server. This flaw allows an authenticated local attacker to access and delete limited resources and also causes a...

6.1CVSS2.1AI score0.00242EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2021/03/30 7:0 a.m.3 views

A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs potentially causing a denial of service. The highest threat from this vulnerability is to system availability.

...

7.5CVSS7AI score0.03235EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2021/03/29 7:15 p.m.50 views

CVE-2021-1870

A logic issue was found in WebKitGTK and WPE WebKit in versions prior to 2.30.6. A remote attacker may be able to cause arbitrary code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

9.8CVSS6.1AI score0.07921EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2021/03/29 6:55 p.m.44 views

CVE-2021-1789

A type confusion vulnerability was found in WebKitGTK and WPE WebKit in versions prior to 2.30.6. Processing maliciously crafted web content may lead to arbitrary code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8.8CVSS5.3AI score0.14542EPSS
Exploits0References5
Rows per page
Query Builder