Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

A250 Firmware Security Vulnerabilities - 2021

cve
cve

CVE-2019-25013

The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.

5.9CVSS

6.8AI Score

0.02EPSS

2021-01-04 06:15 PM
511
14
cve
cve

CVE-2020-25668

A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op.

7CVSS

7.4AI Score

0.001EPSS

2021-05-26 12:15 PM
207
10
cve
cve

CVE-2020-27618

The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a deni...

5.5CVSS

6.5AI Score

0.01EPSS

2021-02-26 11:15 PM
295
8
cve
cve

CVE-2020-8625

BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setting valid values for the tkey-gss...

8.1CVSS

8.2AI Score

0.187EPSS

2021-02-17 11:15 PM
1230
21
cve
cve

CVE-2021-25215

In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query ...

7.5CVSS

6.4AI Score

0.067EPSS

2021-04-29 01:15 AM
705
26
cve
cve

CVE-2021-28951

An issue was discovered in fs/io_uring.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (deadlock) because exit may be waiting to park a SQPOLL thread, but concurrently that SQPOLL thread is waiting for a signal to start, aka CID-3ebba796fa25.

5.5CVSS

5.6AI Score

0.0004EPSS

2021-03-20 08:15 PM
132
7
cve
cve

CVE-2021-28952

An issue was discovered in the Linux kernel through 5.11.8. The sound/soc/qcom/sdm845.c soundwire device driver has a buffer overflow when an unexpected port ID number is encountered, aka CID-1c668e1c0a0f. (This has been fixed in 5.12-rc4.)

7.8CVSS

7.8AI Score

0.001EPSS

2021-03-20 09:15 PM
207
9
cve
cve

CVE-2021-31879

GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007.

6.1CVSS

7.8AI Score

0.006EPSS

2021-04-29 05:15 AM
129
12
cve
cve

CVE-2021-4044

Internally libssl in OpenSSL calls X509_verify_cert() on the client side to verify a certificate supplied by a server. That function may return a negative return value to indicate an internal error (for example out of memory). Such a negative return value is mishandled by OpenSSL and will cause an ...

7.5CVSS

7.1AI Score

0.002EPSS

2021-12-14 07:15 PM
195
3