Lucene search
K

5093 matches found

Debian CVE
Debian CVE
added 2021/03/25 6:57 p.m.23 views

CVE-2021-20217

A flaw was found in Privoxy in versions before 3.0.31. An assertion failure triggered by a crafted CGI request may lead to denial of service. The highest threat from this vulnerability is to system availability...

7.8CVSS7.2AI score0.01371EPSS
Exploits0
Debian CVE
Debian CVE
added 2021/03/25 6:57 p.m.25 views

CVE-2021-20216

A flaw was found in Privoxy in versions before 3.0.31. A memory leak that occurs when decompression fails unexpectedly may lead to a denial of service. The highest threat from this vulnerability is to system availability...

7.8CVSS7.2AI score0.02276EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2021/03/25 6:57 p.m.24 views

CVE-2021-20216

A flaw was found in Privoxy in versions before 3.0.31. A memory leak that occurs when decompression fails unexpectedly may lead to a denial of service. The highest threat from this vulnerability is to system availability...

7.8CVSS7.3AI score0.02276EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2021/03/25 5:52 p.m.47 views

CVE-2020-1946

A flaw was found in spamassassin. Malicious rule configuration .cf files can be configured to run system commands without any output or errors allowing exploits to be injected in a number of scenarios. The highest threat from this vulnerability is to data confidentiality and integrity as well as...

10CVSS0.9AI score0.06132EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2021/03/25 2:58 p.m.56 views

CVE-2021-3449

A flaw was found in openssl. A server crash and denial of service attack could occur if a client sends a TLSv1.2 renegotiation ClientHello and omits the signaturealgorithms extension but includes a signaturealgorithmscert extension. The highest threat from this vulnerability is to system...

5.9CVSS2AI score0.62906EPSS
Exploits3References4
Cvelist
Cvelist
added 2021/03/25 12:0 a.m.35 views

CVE-2021-3466

A flaw was found in libmicrohttpd. A missing bounds check in the postprocessurlencoded function leads to a buffer overflow, allowing a remote attacker to write arbitrary data in an application that uses libmicrohttpd. The highest threat from this vulnerability is to data confidentiality and...

9.7AI score0.08739EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2021/03/25 12:0 a.m.36 views

CVE-2021-3466

A flaw was found in libmicrohttpd. A missing bounds check in the postprocessurlencoded function leads to a buffer overflow, allowing a remote attacker to write arbitrary data in an application that uses libmicrohttpd. The highest threat from this vulnerability is to data confidentiality and...

10CVSS9.5AI score0.08739EPSS
Exploits0
Amazon
Amazon
added 2021/03/25 12:0 a.m.76 views

Important: tomcat8

Issue Overview: A deserialization flaw was discovered in Apache Tomcat's use of a FileStore. Under specific circumstances, an attacker can use a specially crafted request to trigger Remote Code Execution through deserialization of the file under their control. The highest threat from the...

7.5CVSS7.7AI score0.56636EPSS
Exploits15
RedhatCVE
RedhatCVE
added 2021/03/24 7:0 p.m.36 views

CVE-2021-3467

A NULL pointer dereference flaw was found in Jasper in the way it handled component references in the CDEF box in the JP2 image format decoder. This flaw allows a specially crafted JP2 image file to cause an application using the Jasper library to crash when opened. The highest threat from this...

5.5CVSS2.1AI score0.00629EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2021/03/24 6:27 p.m.38 views

CVE-2021-3444

An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script uses mod32 destination register truncation when the source register was known to be 0. This flaw allows a local user to crash the system or possibly...

7.8CVSS1.3AI score0.0061EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2021/03/24 4:25 p.m.27 views

CVE-2021-21350

A flaw was found in xstream. A remote attacker may be able to execute arbitrary code only by manipulating the processed input stream. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

9.8CVSS4.1AI score0.15234EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2021/03/24 4:24 p.m.23 views

CVE-2021-21347

A flaw was found in xstream. A remote attacker may be able to load and execute arbitrary code from a remote host only by manipulating the processed input stream. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

9.8CVSS3.9AI score0.14301EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2021/03/24 2:59 p.m.21 views

CVE-2021-21346

A flaw was found in xstream. A remote attacker can load and execute arbitrary code from a remote host by manipulating the processed input stream. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

9.8CVSS4.1AI score0.76367EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2021/03/24 2:53 p.m.45 views

CVE-2021-21345

A flaw was found in xstream. A remote attacker, who has sufficient rights, can execute commands of the host by manipulating the processed input stream. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

9.9CVSS3AI score0.72324EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2021/03/24 2:53 p.m.34 views

CVE-2021-21344

A flaw was found in xstream. A remote attacker may be able to load and execute arbitrary code from a remote host only by manipulating the processed input stream. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

9.8CVSS3.9AI score0.7598EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2021/03/24 1:34 p.m.48 views

CVE-2021-20277

A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The highest threat from this vulnerability is to system availability...

7.5CVSS1AI score0.04328EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2021/03/24 1:24 p.m.30 views

CVE-2020-27840

A flaw was found in samba. Spaces used in a string around a domain name DN, while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability...

7.5CVSS0.7AI score0.03833EPSS
Exploits0References4
CNVD
CNVD
added 2021/03/24 12:0 a.m.10 views

Linux kernel denial of service vulnerability (CNVD-2021-23796)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A denial of service vulnerability exists in nttyreceivecharspecial in drivers/tty/ntty.c in Linux kernel versions pri...

5.5CVSS6.2AI score0.00401EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2021/03/24 12:0 a.m.30 views

EulerOS 2.0 SP5 : postgresql (EulerOS-SA-2021-1700)

According to the version of the postgresql packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. An attacker havi...

8.8CVSS7AI score0.4644EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/03/24 12:0 a.m.19 views

Huawei EulerOS: Security Advisory for postgresql (EulerOS-SA-2021-1700)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.9AI score0.4644EPSS
Exploits0References2
Rows per page
Query Builder