Lucene search
K

9 matches found

OSV
OSV
added 2023/03/06 10:15 p.m.3 views

UBUNTU-CVE-2021-36399

In Moodle, ID numbers displayed in the quiz override screens required additional sanitizing to prevent a stored XSS risk...

5.4CVSS5.8AI score0.00516EPSS
Exploits0References3
OSV
OSV
added 2022/06/20 2:15 p.m.4 views

UBUNTU-CVE-2021-41682

There is a heap-use-after-free at ecma-helpers-string.c:1940 in ecmacompareecmanondirectstrings in JerryScript 2.4.0...

7.8CVSS7.1AI score0.00727EPSS
Exploits1References3
OSV
OSV
added 2022/01/01 12:15 a.m.5 views

UBUNTU-CVE-2021-45949

Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampleddatafinish called from sampleddatacontinue and interp...

5.5CVSS7AI score0.01401EPSS
Exploits1References5
OSV
OSV
added 2021/11/03 12:0 a.m.9 views

UBUNTU-CVE-2021-38503

The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame. This vulnerability affects Firefox 94, Thunderbird 91.3, and Firefox ESR 91.3...

10CVSS7.3AI score0.0383EPSS
Exploits0References7
OSV
OSV
added 2021/08/07 4:15 a.m.5 views

UBUNTU-CVE-2021-38160

In drivers/char/virtioconsole.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf-len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; th...

7.8CVSS6.8AI score0.00395EPSS
Exploits0References15
OSV
OSV
added 2021/05/27 2:15 p.m.2 views

UBUNTU-CVE-2021-31808

An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to an input-validation bug, it is vulnerable to a Denial of Service attack against all clients using the proxy. A client sends an HTTP Range request to trigger this...

6.5CVSS6.9AI score0.05492EPSS
Exploits1References4
OSV
OSV
added 2021/05/25 12:0 a.m.3 views

UBUNTU-CVE-2021-23017

A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact...

7.7CVSS7.1AI score0.53461EPSS
Exploits10References5
OSV
OSV
added 2021/05/20 1:15 p.m.6 views

UBUNTU-CVE-2021-3426

There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to...

5.7CVSS6.7AI score0.01863EPSS
Exploits0References8
OSV
OSV
added 2021/03/03 4:15 p.m.3 views

UBUNTU-CVE-2021-26813

markdown2 =1.0.1.18, fixed in 2.4.0, is affected by a regular expression denial of service vulnerability. If an attacker provides a malicious string, it can make markdown2 processing difficult or delayed for an extended period of time...

7.5CVSS7.1AI score0.02384EPSS
Exploits1References3
Rows per page
Query Builder