5093 matches found
UBUNTU-CVE-2021-20241
A flaw was found in ImageMagick in coders/jp2.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability...
UBUNTU-CVE-2021-20243
A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability...
CVE-2021-20262
A flaw was found in Keycloak 12.0.0 where re-authentication does not occur while updating the password. This flaw allows an attacker to take over an account if they can obtain temporary, physical access to a user’s browser. The highest threat from this vulnerability is to confidentiality,...
CVE-2021-20262
CVE-2021-20262 affects Keycloak 12.0.0 where re-authentication is not required when updating a password, potentially allowing account takeover if an attacker can obtain temporary, physical access to a user’s browser. The issue has implications for confidentiality, integrity, and availability as d...
CVE-2021-20268
An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls devmapinitmap or sockmapalloc. This flaw allows a local user to crash the system or possibly escalate their privileges. The highest threat from thi...
CVE-2021-20253
CVE-2021-20253 affects Red Hat Ansible Tower (ansible-tower); a Job Isolation escape flaw allows a low-privileged user to elevate to the awx user from outside the isolated environment, impacting confidentiality, integrity, and availability. Public references confirm a privilege-escalation vector ...
CVE-2021-20264
An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11 containers. This flaw allows an attacker with access to the container to modify /etc/passwd and escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity,...
kernel: Local buffer overflow in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c
A flaw was found in the Linux kernel. A local attacker, able to inject conntrack netlink configuration, could overflow a local buffer causing crashes or triggering the use of incorrect protocol numbers in ctnetlinkparsetuplefilter in net/netfilter/nfconntracknetlink.c. The highest threat from thi...
kernel: bad kfree in auditfilter.c may lead to escalation of privilege
A flaw was found in the Linux kernel. A logic error in auditdatatoentry can lead to a local escalation of privilege without user interaction needed. A local attacker with special user privilege could crash the system leading to information leak. The highest threat from this vulnerability is to da...
CVE-2021-20243
A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability...
ImageMagick Studio ImageMagick 数字错误漏洞
ImageMagick is a software for creating, editing, and composing images that can read, convert, and write images in many formats. A de-zero vulnerability exists in coders/webp.c in versions prior to ImageMagick 7.0.10-62. An attacker can exploit this vulnerability via specially crafted files to...
CVE-2021-20245
A flaw was found in ImageMagick in coders/webp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability...
CVE-2021-20246
A flaw was found in ImageMagick in MagickCore/resample.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability...
CVE-2021-20244
ImageMagick vulnerability CVE-2021-20244 affects MagickCore/visual-effects.c. A crafted file processed by ImageMagick can trigger undefined behavior via division by zero, with the highest stated impact on availability. The connected documents confirm the flaw location and nature but do not provid...
CVE-2021-20246
CVE-2021-20246 — A flaw in ImageMagick's MagickCore/resample.c allows processing of a crafted image to trigger undefined behavior (division by zero). The highest threat is to availability. Exploitation details are not provided in the sources; no CVSS is given here beyond the NVD entry. Connected ...
CVE-2021-20243
ImageMagick vulnerability CVE-2021-20243 affects MagickCore/resize.c: processing a crafted image file can trigger undefined behavior via a division-by-zero, with impact noted as availability. The connected advisories document that this type of flaw is present in ImageMagick and have led to multip...
CVE-2021-20241
CVE-2021-20241 affects ImageMagick, specifically the coders/jp2.c component. A crafted file processed by ImageMagick can trigger undefined behavior via a division-by-zero in jp2 processing. Impact is described as primarily to system availability. The CVE is corroborated by multiple connected reco...
CVE-2021-20243
A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability...
CVE-2021-20244
A flaw was found in ImageMagick in MagickCore/visual-effects.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability...
CVE-2021-20241
A flaw was found in ImageMagick in coders/jp2.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability...