Lucene search

K

1073 matches found

CVE
CVE
•added 2021/12/23 1:15 a.m.•106 views

CVE-2021-38006

Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS9AI score0.01208EPSS
CVE
CVE
•added 2021/12/23 1:15 a.m.•106 views

CVE-2021-38008

Use after free in media in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS9AI score0.01985EPSS
CVE
CVE
•added 2021/12/23 1:15 a.m.•106 views

CVE-2021-38014

Out of bounds write in Swiftshader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.7AI score0.01208EPSS
CVE
CVE
•added 2021/12/23 1:15 a.m.•105 views

CVE-2021-4063

Use after free in developer tools in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.8AI score0.00963EPSS
CVE
CVE
•added 2021/12/23 1:15 a.m.•104 views

CVE-2021-4065

Use after free in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.8AI score0.0111EPSS
CVE
CVE
•added 2021/09/16 9:15 p.m.•103 views

CVE-2020-21534

fig2dev 3.2.7b contains a global buffer overflow in the get_line function in read.c.

5.5CVSS5.7AI score0.00106EPSS
CVE
CVE
•added 2021/12/23 1:15 a.m.•103 views

CVE-2021-38013

Heap buffer overflow in fingerprint recognition in Google Chrome on ChromeOS prior to 96.0.4664.45 allowed a remote attacker who had compromised a WebUI renderer process to potentially perform a sandbox escape via a crafted HTML page.

9.6CVSS9.1AI score0.01328EPSS
CVE
CVE
•added 2021/09/03 2:15 a.m.•103 views

CVE-2021-40491

The ftp client in GNU Inetutils before 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they match the server address. This is similar to CVE-2020-8284 for curl.

6.5CVSS6AI score0.00302EPSS
CVE
CVE
•added 2021/01/19 8:15 p.m.•102 views

CVE-2020-14409

SDL (Simple DirectMedia Layer) through 2.0.12 has an Integer Overflow (and resultant SDL_memcpy heap corruption) in SDL_BlitCopy in video/SDL_blit_copy.c via a crafted .BMP file.

7.8CVSS7.4AI score0.00118EPSS
CVE
CVE
•added 2021/04/30 6:15 a.m.•102 views

CVE-2021-31871

An issue was discovered in klibc before 2.0.9. An integer overflow in the cpio command may result in a NULL pointer dereference on 64-bit systems.

7.5CVSS8.5AI score0.01449EPSS
CVE
CVE
•added 2021/05/13 4:15 p.m.•102 views

CVE-2021-32921

An issue was discovered in Prosody before 0.11.9. It does not use a constant-time algorithm for comparing certain secret strings when running under Lua 5.2 or later. This can potentially be used in a timing attack to reveal the contents of secret strings to an attacker.

5.9CVSS6.1AI score0.03222EPSS
CVE
CVE
•added 2021/11/22 4:15 p.m.•102 views

CVE-2021-3935

When PgBouncer is configured to use "cert" authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of TLS certificate verification and encryption. This flaw affects PgBouncer versions prior to 1.16.1.

8.1CVSS7.8AI score0.00269EPSS
CVE
CVE
•added 2021/12/23 1:15 a.m.•102 views

CVE-2021-4067

Use after free in window manager in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.8AI score0.00963EPSS
CVE
CVE
•added 2021/12/07 10:15 p.m.•102 views

CVE-2021-42717

ModSecurity 3.x through 3.0.5 mishandles excessively nested JSON objects. Crafted JSON objects with nesting tens-of-thousands deep could result in the web server being unable to service legitimate requests. Even a moderately large (e.g., 300KB) HTTP request can occupy one of the limited NGINX worke...

7.5CVSS7.3AI score0.02101EPSS
CVE
CVE
•added 2021/03/10 11:15 p.m.•101 views

CVE-2021-21375

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In PJSIP version 2.10 and earlier, after an initial INVITE has been sent, when two 183 responses are received, with the first one ...

6.5CVSS6.5AI score0.02312EPSS
CVE
CVE
•added 2021/09/20 4:15 p.m.•101 views

CVE-2021-32276

An issue was discovered in faad2 through 2.10.0. A NULL pointer dereference exists in the function get_sample() located in output.c. It allows an attacker to cause Denial of Service.

5.5CVSS5.9AI score0.00095EPSS
CVE
CVE
•added 2021/11/23 10:15 p.m.•101 views

CVE-2021-38004

Insufficient policy enforcement in Autofill in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

4.3CVSS4.9AI score0.00382EPSS
CVE
CVE
•added 2021/12/22 6:15 p.m.•101 views

CVE-2021-43804

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In affected versions if the incoming RTCP BYE message contains a reason's length, this declared length is not checked against the ...

7.5CVSS8.1AI score0.00299EPSS
CVE
CVE
•added 2021/02/23 11:15 p.m.•100 views

CVE-2021-3407

A flaw was found in mupdf 1.18.0. Double free of object during linearization may lead to memory corruption and other potential consequences.

7.8CVSS5.4AI score0.01483EPSS
CVE
CVE
•added 2021/12/23 1:15 a.m.•100 views

CVE-2021-4064

Use after free in screen capture in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.8AI score0.0111EPSS
CVE
CVE
•added 2021/09/16 10:15 p.m.•99 views

CVE-2020-21597

libde265 v1.0.4 contains a heap buffer overflow in the mc_chroma function, which can be exploited via a crafted a file.

6.5CVSS7.2AI score0.00174EPSS
CVE
CVE
•added 2021/05/26 9:15 p.m.•99 views

CVE-2020-22028

Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_vertically_8 at libavfilter/vf_avgblur.c, which could cause a remote Denial of Service.

6.5CVSS7.4AI score0.01531EPSS
CVE
CVE
•added 2021/02/10 7:15 a.m.•99 views

CVE-2020-36244

The daemon in GENIVI diagnostic log and trace (DLT), is vulnerable to a heap-based buffer overflow that could allow an attacker to remotely execute arbitrary code on the DLT-Daemon (versions prior to 2.18.6).

9.8CVSS9.7AI score0.01113EPSS
CVE
CVE
•added 2021/06/10 4:15 p.m.•99 views

CVE-2021-27347

Use after free in lzma_decompress_buf function in stream.c in Irzip 0.631 allows attackers to cause Denial of Service (DoS) via a crafted compressed file.

5.5CVSS5.7AI score0.00086EPSS
CVE
CVE
•added 2021/04/16 6:15 p.m.•99 views

CVE-2021-31348

An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_parse_str() performs incorrect memory handling while parsing crafted XML files (out-of-bounds read after a certain strcspn failure).

6.5CVSS6.7AI score0.00858EPSS
CVE
CVE
•added 2021/05/20 8:15 p.m.•99 views

CVE-2021-33477

rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7 allow (potentially remote) code execution because of improper handling of certain escape sequences (ESC G Q). A response is terminated by a newline.

8.8CVSS8.7AI score0.00224EPSS
CVE
CVE
•added 2021/07/02 1:15 p.m.•99 views

CVE-2021-35197

In MediaWiki before 1.31.15, 1.32.x through 1.35.x before 1.35.3, and 1.36.x before 1.36.1, bots have certain unintended API access. When a bot account has a "sitewide block" applied, it is able to still "purge" pages through the MediaWiki Action API (which a "sitewide block" should have prevented)...

7.5CVSS7.3AI score0.0073EPSS
CVE
CVE
•added 2021/11/29 8:15 a.m.•98 views

CVE-2019-8921

An issue was discovered in bluetoothd in BlueZ through 5.48. The vulnerability lies in the handling of a SVC_ATTR_REQ by the SDP implementation. By crafting a malicious CSTATE, it is possible to trick the server into returning more bytes than the buffer actually holds, resulting in leaking arbitrar...

6.5CVSS7.3AI score0.00032EPSS
CVE
CVE
•added 2021/09/16 9:15 p.m.•98 views

CVE-2020-21530

fig2dev 3.2.7b contains a segmentation fault in the read_objects function in read.c.

5.5CVSS5.4AI score0.00094EPSS
CVE
CVE
•added 2021/09/16 10:15 p.m.•98 views

CVE-2020-21596

libde265 v1.0.4 contains a global buffer overflow in the decode_CABAC_bit function, which can be exploited via a crafted a file.

6.5CVSS7.2AI score0.00174EPSS
CVE
CVE
•added 2021/01/11 7:15 p.m.•98 views

CVE-2020-26298

Redcarpet is a Ruby library for Markdown processing. In Redcarpet before version 3.5.1, there is an injection vulnerability which can enable a cross-site scripting attack. In affected versions no HTML escaping was being performed when processing quotes. This applies even when the :escape_html optio...

6.8CVSS5.2AI score0.00281EPSS
CVE
CVE
•added 2021/10/04 9:15 p.m.•98 views

CVE-2021-32765

Hiredis is a minimalistic C client library for the Redis database. In affected versions Hiredis is vulnurable to integer overflow if provided maliciously crafted or corrupted RESP mult-bulk protocol data. When parsing multi-bulk (array-like) replies, hiredis fails to check if count * sizeof(redisRe...

8.8CVSS8.8AI score0.00507EPSS
CVE
CVE
•added 2021/11/19 5:15 p.m.•98 views

CVE-2021-39923

Large loop in the PNRP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file

7.5CVSS7.4AI score0.01578EPSS
CVE
CVE
•added 2021/08/31 6:15 p.m.•98 views

CVE-2021-40085

An issue was discovered in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. Authenticated attackers can reconfigure dnsmasq via a crafted extra_dhcp_opts value.

6.5CVSS6.3AI score0.0031EPSS
CVE
CVE
•added 2021/12/27 6:15 p.m.•98 views

CVE-2021-43845

PJSIP is a free and open source multimedia communication library. In version 2.11.1 and prior, if incoming RTCP XR message contain block, the data field is not checked against the received packet size, potentially resulting in an out-of-bound read access. This affects all users that use PJMEDIA and...

9.1CVSS8.8AI score0.00142EPSS
CVE
CVE
•added 2021/04/11 4:15 p.m.•97 views

CVE-2021-30485

An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_internal_dtd(), while parsing a crafted XML file, performs incorrect memory handling, leading to a NULL pointer dereference while running strcmp() on a NULL pointer.

6.5CVSS6.7AI score0.01459EPSS
CVE
CVE
•added 2021/12/23 1:15 a.m.•97 views

CVE-2021-38011

Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS9AI score0.00892EPSS
CVE
CVE
•added 2021/09/16 9:15 p.m.•96 views

CVE-2020-21533

fig2dev 3.2.7b contains a stack buffer overflow in the read_textobject function in read.c.

5.5CVSS5.7AI score0.00106EPSS
CVE
CVE
•added 2021/12/23 1:15 a.m.•96 views

CVE-2021-38020

Insufficient policy enforcement in contacts picker in Google Chrome on Android prior to 96.0.4664.45 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

4.3CVSS4.7AI score0.00526EPSS
CVE
CVE
•added 2021/12/23 1:15 a.m.•96 views

CVE-2021-4061

Type confusion in V8 in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.5AI score0.00695EPSS
CVE
CVE
•added 2021/12/16 3:15 a.m.•96 views

CVE-2021-45085

XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 via an about: page, as demonstrated by ephy-about:overview when a user visits an XSS payload page often enough to place that page on the Most Visited list.

6.1CVSS5.8AI score0.00316EPSS
CVE
CVE
•added 2021/09/16 10:15 p.m.•95 views

CVE-2020-21598

libde265 v1.0.4 contains a heap buffer overflow in the ff_hevc_put_unweighted_pred_8_sse function, which can be exploited via a crafted a file.

8.8CVSS8.5AI score0.00182EPSS
CVE
CVE
•added 2021/09/16 10:15 p.m.•94 views

CVE-2020-21599

libde265 v1.0.4 contains a heap buffer overflow in the de265_image::available_zscan function, which can be exploited via a crafted a file.

6.5CVSS7.2AI score0.00126EPSS
CVE
CVE
•added 2021/09/20 4:15 p.m.•94 views

CVE-2021-32274

An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function sbr_qmf_synthesis_64 located in sbr_qmf.c. It allows an attacker to cause code Execution.

7.8CVSS7.3AI score0.00148EPSS
CVE
CVE
•added 2021/04/06 7:15 a.m.•93 views

CVE-2021-30157

An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. On ChangesList special pages such as Special:RecentChanges and Special:Watchlist, some of the rcfilters-filter-* label messages are output in HTML unescaped, leading to XSS.

6.1CVSS6.1AI score0.01229EPSS
CVE
CVE
•added 2021/09/13 9:15 p.m.•93 views

CVE-2021-41054

tftpd_file.c in atftp through 0.7.4 has a buffer overflow because buffer-size handling does not properly consider the combination of data, OACK, and other options.

7.5CVSS7.7AI score0.00515EPSS
CVE
CVE
•added 2021/12/15 7:15 a.m.•93 views

CVE-2021-43113

iTextPDF in iText 7 and up to (excluding 4.4.13.3) 7.1.17 allows command injection via a CompareTool filename that is mishandled on the gs (aka Ghostscript) command line in GhostscriptHelper.java.

9.8CVSS9.3AI score0.02175EPSS
CVE
CVE
•added 2021/12/16 3:15 a.m.•93 views

CVE-2021-45086

XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 because a server's suggested_filename is used as the pdf_name value in PDF.js.

6.1CVSS5.9AI score0.00316EPSS
CVE
CVE
•added 2021/02/17 2:15 a.m.•92 views

CVE-2021-26933

An issue was discovered in Xen 4.9 through 4.14.x. On Arm, a guest is allowed to control whether memory accesses are bypassing the cache. This means that Xen needs to ensure that all writes (such as the ones during scrubbing) have reached the memory before handing over the page to a guest. Unfortun...

5.5CVSS5.9AI score0.00081EPSS
CVE
CVE
•added 2021/04/16 6:15 p.m.•91 views

CVE-2021-31347

An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_parse_str() performs incorrect memory handling while parsing crafted XML files (writing outside a memory region created by mmap).

6.5CVSS6.8AI score0.01168EPSS
Total number of security vulnerabilities1073