206305 matches found
CVE-2021-44917
A flaw was found in gnuplot. A possible divide by zero flaw could allow an attacker to input a specially crafted file leading to a crash or code execution...
CVE-2021-4011
A flaw was found in xorg-x11-server where an out-of-bounds access can occur in the SwapCreateRegister function...
CVE-2021-43546
It was possible to recreate previous cursor spoofing attacks against users with a zoomed native cursor. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...
CVE-2021-43618
A flaw was found in gmp. An integer overflow vulnerability could allow an attacker to input an integer value leading to a crash. The highest threat from this vulnerability is to system availability...
CVE-2021-42376
A flaw was found in BusyBox, where it did not properly sanitize while processing a crafted shell command, leading to a denial of service. The highest threat from this vulnerability is to system availability...
CVE-2021-42374
A flaw was found in BusyBox. It did not properly sanitize while crafted LZMA compressed input was decompressing, leading to a denial of service. The highest threat from this vulnerability is to confidentiality and system availability...
CVE-2021-27023
An exposure flaw was found in Puppet Agent and Puppet Server where HTTP credentials were leaked. When the HTTP redirects occurred, the authentication and cookie header was added when following redirects to a different host. This flaw allows an unauthorized network attacker to access sensitive...
CVE-2021-23222
A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption...
CVE-2021-38509
Due to an unusual sequence of attacker-controlled events, a Javascript alert dialog with arbitrary although unstyled contents could be displayed over top an uncontrolled webpage of the attacker's choosing. This vulnerability affects Firefox 94, Thunderbird 91.3, and Firefox ESR 91.3...
CVE-2021-30849
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution...
CVE-2021-42780
A use after return issue was found in Opensc before version 0.22.0 in insertpin function that could potentially crash programs using the library...
CVE-2021-35645
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
CVE-2021-35646
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
CVE-2021-38502
Thunderbird ignored the configuration to require STARTTLS security for an SMTP connection. A MITM could perform a downgrade attack to intercept transmitted messages, or could take control of the authenticated session to execute SMTP commands chosen by the MITM. If an unprotected authentication...
CVE-2021-40690
All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacker to abuse an XPath Transform to extract any...
CVE-2021-32627
An integer overflow issue was found in redis. The vulnerability involves changing the default "proto-max-bulk-len" and "client-query-buffer-limit" configuration parameters to very large values and constructing specially crafted large stream elements. This flaw allows a remote attacker to corrupt...
CVE-2021-41099
An integer overflow issue was found in redis in the underlying string library. The vulnerability involves changing the default "proto-max-bulk-len" configuration parameter to a very large value and constructing specially crafted network payloads or commands. This flaw allows a remote attacker to...
CVE-2020-3702
A flaw was found in the Linux kernel's implementation of wireless drivers using the Atheros chipsets. An attacker within wireless range could send crafted traffic leading to information disclosure. Mitigation Mitigation for this issue is either not available or the currently available options doe...
CVE-2021-21238
A verification flaw was found in python-pysaml2, where it did not validate signed SAML documents against an XML schema. Because the flaw allowed invalid XML documents to be processed, a network attacker could exploit this flaw by tricking pysaml2 with a wrapped signature. Mitigation Mitigation fo...
CVE-2020-26301
A flaw was found in nodejs-ssh2. An OS command injection attack on Windows allows an attacker to perform remote code execution and potentially execute arbitrary code. The highest threat from this vulnerability is to confidentiality and integrity...
CVE-2021-40528
A flaw was found in libgcrypt's ElGamal implementation, where it allows plain text recovery. During the interaction between two cryptographic libraries, a certain combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's...
CVE-2017-5049
An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer...
CVE-2021-38493
Mozilla developers reported memory safety bugs present in Firefox 91 and Firefox ESR 78.13. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR 78.14,...
CVE-2021-33582
A flaw was found in cyrus-imapd. A bad string hashing algorithm used in internal hash tables allows user inputs to be stored in predictable buckets. A user may cause a CPU denial of service by maliciously directing many inputs to a single bucket. The highest threat from this vulnerability is to...
CVE-2021-39141
A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. The highest threat from this vulnerability is to confidentiality,...
CVE-2021-39360
In GNOME libzapojit through 0.0.3, zpj-skydrive.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011...
CVE-2021-35940
An out-of-bounds array read in the aprtimeexp functions was fixed in the Apache Portable Runtime 1.6.3 release CVE-2017-12613. The fix for this issue was not carried forward to the APR 1.7.x branch, and hence version 1.7.0 regressed compared to 1.6.3 and is vulnerable to the same issue...
CVE-2021-38373
In KDE KMail 19.12.3 aka 5.13.3, the SMTP STARTTLS option is not honored and cleartext messages are sent unless "Server requires authentication" is checked...
CVE-2021-2356
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQ...
CVE-2021-38200
A flaw was found in the Linux kernel on the powerpc architecture, where a local user can cause a denial of service and panic the system when issuing the 'perf record' command. The highest threat from this vulnerability is to system availability. Mitigation Mitigation for this issue is either not...
CVE-2021-2340
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Memcached. Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
CVE-2021-37618
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.4 and earlier. The out-of-bounds read is triggered when Exiv2 is used to print the metadata of a crafted image file. A...
CVE-2021-1820
A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may result in the disclosure of process memory...
CVE-2021-30720
A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious website may be able to access restricted ports on arbitrary servers...
CVE-2021-22925
A flaw was found in the way curl handled telnet protocol option for sending environment variables, which could lead to sending of uninitialized data from a stack-based buffer to the server. This issue leads to potentially revealing sensitive internal information to the server using a clear-text...
CVE-2021-3592
An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootpinput function and could occur while processing a udp packet that is smaller than the size of the 'bootpt' structure. A malicious guest could use this flaw to leak 10 byte...
CVE-2021-3580
A flaw was found in nettle in the way its RSA decryption functions handle specially crafted ciphertext. This flaw allows an attacker to provide a manipulated ciphertext, leading to an application crash and a denial of service. Mitigation As per upstream: For applications that want to support olde...
CVE-2021-32606
A flaw was found in the Linux kernel. A use-after-free flaw in isotpsetsockopt leads to arbitrary kernel execution by overwriting the skerrorreport pointer which can be misused in order to execute a user-controlled ROP chain to gain root privileges. The highest threat from this vulnerability is t...
CVE-2021-31204
A flaw was found in dotnet. A .NET Core single-file application running with elevated permissions could allow an attacker to gain elevated privileges. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability...
CVE-2021-25287
There is an out-of-bounds read in J2kDecode in j2kugrayala. For J2k images with multiple bands, it’s legal to have different widths for each band, e.g. 1 byte for L, 4 bytes for A. Mitigation To mitigate this feature on Red Hat Quay keep the invoice generation feature disabled as it is by default...
CVE-2021-25288
There is an out-of-bounds read in J2kDecode in j2kugrayi. For J2k images with multiple bands, it’s legal to have different widths for each band, e.g. 1 byte for L, 4 bytes for A. Mitigation To mitigate this feature on Red Hat Quay keep the invoice generation feature disabled, as it is by default...
CVE-2021-3491
A flaw was found in the Linux kernel. The iouring PROVIDEBUFFERS operation allowed the MAXRWCOUNT limit to be bypassed, which led to negative values being used in memrw when reading /proc//mem. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...
CVE-2021-29478
A flaw was found in redis. An integer overflow bug could be exploited to corrupt the heap and potentially result with remote code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Mitigation The flaw can be mitigated by...
CVE-2020-36331
A flaw was found in libwebp. An out-of-bounds read was found in function ChunkAssignData. The highest threat from this vulnerability is to data confidentiality and to the service availability...
CVE-2021-23343
A flaw was found in nodejs-path-parse. All versions of package path-parse are vulnerable to Regular Expression Denial of Service ReDoS via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity...
CVE-2021-2161
Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u291, 8u281, 11.0.10, 16; Java SE Embedded: 8u281; Oracle GraalVM Enterprise Edition: 19.3.5, 20.3.1.2 and 21.0.0.2...
CVE-2021-2144
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Parser. Supported versions that are affected are 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...
CVE-2021-25735
A vulnerability was found in Kubernetes' kube-apiserver that could allow Node updates to bypass a Validating Admission Webhook. An authenticated user could exploit this by modifying Node properties to values that should have been prevented by registered admission webhooks...
CVE-2021-23369
A flaw was found in nodejs-handlebars. A missing check when getting prototype properties in the template function allows an attacker, who can provide untrusted handlebars templates, to execute arbitrary code in the javascript system e.g. browser or server when the template is compiled with the...
CVE-2021-29421
There's a flaw in the pikepdf Python library's XMP metadata parsing functionality. An attacker who is able to submit a crafted PDF file to be processed by pikepdf could trigger an XML External Entity XXE injection. The highest threat of this flaw is to confidentiality of data...