The vulnerability of the grub_udf_read_block function in the Grub2 operating system allows a attacker to influence the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the grubudfreadblock function in the Grub operating system is related to buffer overflow in dynamic memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

Vulnerability of the usbassign_descriptors() function in the drivers/usb/gadget/config.c module – The Linux kernel’s USB device support driver allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

Vulnerability of the usbassigndescriptors function in the drivers/usb/gadget/config.c module – The Linux kernel’s USB device driver support is related to the assignment of a NULL pointer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

The vulnerability of the web_tacplus_serverEdit_post() function in the microprogramming software for PLANET Technology allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the webtacplusserverEditpost function in the microprogramming software for PLANET Technology relates to the issue of the operation exceeding the buffer boundaries in memory when processing the tacIp parameter. Exploiting this vulnerability could allow an attacker to compromis...

The vulnerability of the ravb_rx_gbeth() function in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the ravbrxgbeth function in the drivers/net/ethernet/renesas/ravbmain.c file of the Linux kernel is related to the repeated use of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of...

The vulnerability of the br_multicast_del_port() function in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the br MulticastDelPort function in the net/bridge/br Multicast.c module of the Linux operating system is related to the reutilization of previously freed memory due to concurrent access to resources race condition. Exploiting this vulnerability could allow an attacker to...

The vulnerability of the nf_reject_ip6_tcphdr_put() function in the netfilter component of the Linux operating system allows a attacker to compromise the confidentiality and accessibility of the protected information.

The vulnerability of the nfrejectip6tcphdrput function in the net/ipv6/netfilter/nfrejectipv6.c file of the netfilter component in the Linux kernel is related to the use of uninitialized memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and...

openstack-neutron: arbitrary dnsmasq reconfiguration via extra_dhcp_opts

An input-validation flaw was found in openstack-neutron, where an authenticated attacker could change the dnsmasq configuration. By crafting extradhcpopts values, the attacker could crash the dnsmasq, change parameters for tenants sharing the same interface, or otherwise alter that daemon’s...

bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible

A flaw was found in bouncycastle. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password allowing incorrect passwords to indicate they were matching with previously hashed ones that were different. The highest threat from this vulnerability is to data...

CVE-2021-20220

A flaw was found in Undertow. A regression in the fix for CVE-2020-10687 was found. HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS...

CVE-2020-35490

A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Mitigation The following conditions are needed for an exploit, w...