9 matches found
UBUNTU-CVE-2021-46912
In the Linux kernel, the following vulnerability has been resolved: net: Make tcpallowedcongestioncontrol readonly in non-init netns Currently, tcpallowedcongestioncontrol is global and writable; writing to it in any net namespace will leak into all other net namespaces...
UBUNTU-CVE-2021-43565
The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server...
UBUNTU-CVE-2021-46336
There is an Assertion 'opts & PARSERCLASSLITERALCTORPRESENT' failed at /parser/js/js-parser-expr.cparserparseclassbody in JerryScript 3.0.0...
UBUNTU-CVE-2021-44540
A vulnerability was found in Privoxy which was fixed in geturlspecparam by freeing memory of compiled pattern spec before bailing...
UBUNTU-CVE-2021-40524
In Pure-FTPd before 1.0.50, an incorrect maxfilesize quota mechanism in the server allows attackers to upload files of unbounded size, which may lead to denial of service or a server hang. This occurs because a certain greater-than-zero test does not anticipate an initial -1 value. Versions 1.0.2...
UBUNTU-CVE-2021-20249
REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...
UBUNTU-CVE-2021-24001
A compromised content process could have performed session history manipulations it should not have been able to due to testing infrastructure that was not restricted to testing-only configurations. This vulnerability affects Firefox 88...
UBUNTU-CVE-2021-21332
Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.27.0, the password reset endpoint served via Synapse was vulnerable to cross-site scripting XSS attacks. The...
UBUNTU-CVE-2021-22166
An attacker could cause a Prometheus denial of service in GitLab 13.7+ by sending an HTTP request with a malformed method...