Lucene search

K

1073 matches found

CVE
CVE
added 2021/04/20 4:15 p.m.380 views

CVE-2021-29155

An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory. Specifically, for sequences of...

5.5CVSS6.1AI score0.00218EPSS
CVE
CVE
added 2021/08/05 9:15 p.m.379 views

CVE-2021-22924

libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths case insensitively ,which could lead t...

4.3CVSS5.7AI score0.00835EPSS
CVE
CVE
added 2021/06/15 9:15 p.m.379 views

CVE-2021-3593

An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp6_input() function and could occur while processing a udp packet that is smaller than the size of the 'udphdr' structure. This issue may lead to out-of-bounds read access or i...

3.8CVSS5AI score0.00018EPSS
CVE
CVE
added 2021/10/11 8:15 p.m.378 views

CVE-2021-42260

TinyXML through 2.6.2 has an infinite loop in TiXmlParsingData::Stamp in tinyxmlparser.cpp via the TIXML_UTF_LEAD_0 case. It can be triggered by a crafted XML message and leads to a denial of service.

7.5CVSS7.1AI score0.00356EPSS
CVE
CVE
added 2021/04/14 6:15 a.m.377 views

CVE-2020-36322

An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness i...

5.5CVSS6.3AI score0.00023EPSS
CVE
CVE
added 2021/02/10 5:15 p.m.374 views

CVE-2021-0326

In p2p_copy_client_info of p2p.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi Direct search, with no additional execution privileges needed. User interaction is not needed for exploitation...

7.9CVSS7.8AI score0.10899EPSS
CVE
CVE
added 2021/07/30 2:15 p.m.372 views

CVE-2021-32610

In Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different vulnerability than CVE-2020-36193.

7.1CVSS7.4AI score0.81977EPSS
CVE
CVE
added 2021/08/23 5:15 a.m.371 views

CVE-2021-37750

The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field.

6.5CVSS6.6AI score0.00454EPSS
CVE
CVE
added 2021/06/09 2:15 a.m.370 views

CVE-2021-28169

For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, it is possible for requests to the ConcatServlet with a doubly encoded path to access protected resources within the WEB-INF directory. For example a request to /concat?/%2557EB-INF/web.xml can retrieve the web.xml file. This can ...

5.3CVSS5.2AI score0.92424EPSS
CVE
CVE
added 2021/09/29 8:15 p.m.367 views

CVE-2021-3653

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "int_ctl" field, this issue could allow a malicio...

8.8CVSS8.3AI score0.00013EPSS
CVE
CVE
added 2021/06/11 4:15 p.m.365 views

CVE-2021-22898

curl 7.7 through 7.76.1 suffers from an information disclosure when the -t command line option, known as CURLOPT_TELNETOPTIONS in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEW_ENV variables, libcurl could be made to pass on uni...

3.1CVSS5.3AI score0.00113EPSS
CVE
CVE
added 2021/09/29 8:15 p.m.365 views

CVE-2021-22946

A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (--ssl-reqd on the command line orCURLOPT_USE_SSL set to CURLUSESSL_CONTROL or CURLUSESSL_ALL withlibcurl). This requirement could be bypassed if the server would r...

7.5CVSS7.6AI score0.00059EPSS
CVE
CVE
added 2021/07/22 6:15 p.m.364 views

CVE-2021-35942

The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but ...

9.1CVSS9.4AI score0.01204EPSS
CVE
CVE
added 2021/07/21 3:15 p.m.362 views

CVE-2021-2369

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Library). Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Easily exploitable vulnerability allows unauthentica...

4.3CVSS4.3AI score0.00236EPSS
CVE
CVE
added 2021/03/18 8:15 p.m.362 views

CVE-2021-3416

A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU p...

6CVSS6.2AI score0.00002EPSS
CVE
CVE
added 2021/08/03 7:15 p.m.361 views

CVE-2021-30560

Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS9AI score0.00092EPSS
CVE
CVE
added 2021/02/10 4:15 p.m.360 views

CVE-2021-27135

xterm before Patch #366 allows remote attackers to execute arbitrary code or cause a denial of service (segmentation fault) via a crafted UTF-8 combining character sequence.

9.8CVSS9.6AI score0.00356EPSS
CVE
CVE
added 2021/02/15 5:15 p.m.360 views

CVE-2021-27218

An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If g_byte_array_new_take() was called with a buffer of 4GB or more on a 64-bit platform, the length would be truncated modulo 2**32, causing unintended length truncation.

7.5CVSS7.7AI score0.03262EPSS
CVE
CVE
added 2021/05/11 8:15 p.m.358 views

CVE-2020-24586

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted u...

3.5CVSS6.2AI score0.00746EPSS
CVE
CVE
added 2021/07/21 3:16 p.m.357 views

CVE-2021-37159

hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.

6.4CVSS6.7AI score0.00027EPSS
CVE
CVE
added 2021/03/23 12:15 a.m.354 views

CVE-2021-21344

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed...

9.8CVSS8AI score0.27692EPSS
CVE
CVE
added 2021/03/23 12:15 a.m.353 views

CVE-2021-21351

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the r...

9.1CVSS8.1AI score0.90494EPSS
CVE
CVE
added 2021/07/09 11:15 a.m.349 views

CVE-2021-3612

An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this...

7.8CVSS7.8AI score0.00059EPSS
CVE
CVE
added 2021/04/22 10:15 p.m.346 views

CVE-2021-2161

Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u291, 8u281, 11.0.10, 16; Java SE Embedded: 8u281; Oracle GraalVM Enterprise Edition: 19.3.5, 20.3.1.2 and 21.0.0.2....

5.9CVSS5.3AI score0.00325EPSS
CVE
CVE
added 2021/04/07 12:15 a.m.345 views

CVE-2020-36311

An issue was discovered in the Linux kernel before 5.9. arch/x86/kvm/svm/sev.c allows attackers to cause a denial of service (soft lockup) by triggering destruction of a large SEV VM (which requires unregistering many encrypted regions), aka CID-7be74942f184.

5.5CVSS6AI score0.00101EPSS
CVE
CVE
added 2021/08/05 9:15 p.m.345 views

CVE-2021-3655

A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory.

3.3CVSS5.4AI score0.00041EPSS
CVE
CVE
added 2021/01/06 9:15 p.m.344 views

CVE-2020-8287

Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP request (for example, two Transfer-Encoding header fields). In this case, Node.js identifies the first header field and ignores the second. This can lead to HTTP Request Smuggling.

6.5CVSS7.1AI score0.09038EPSS
CVE
CVE
added 2021/03/17 3:15 p.m.342 views

CVE-2021-28660

rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the ->ssid[] array. NOTE: from the perspective of kernel.org releases, CVE IDs are not normally used for drivers/staging/* (unfinished work); however, system inte...

8.8CVSS7.6AI score0.00093EPSS
CVE
CVE
added 2021/10/19 3:15 p.m.341 views

CVE-2021-37137

The Snappy frame decoder function doesn't restrict the chunk length which may lead to excessive memory usage. Beside this it also may buffer reserved skippable chunks until the whole chunk was received which may lead to excessive memory usage as well. This vulnerability can be triggered by supplyin...

7.5CVSS7.4AI score0.00715EPSS
CVE
CVE
added 2021/05/12 11:15 p.m.340 views

CVE-2021-23134

Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability.

7.8CVSS7.5AI score0.00018EPSS
CVE
CVE
added 2021/07/20 3:15 p.m.340 views

CVE-2021-3246

A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted WAV file.

8.8CVSS8.9AI score0.01201EPSS
CVE
CVE
added 2021/07/13 5:15 p.m.340 views

CVE-2021-34552

Pillow through 8.2.0 and PIL (aka Python Imaging Library) through 1.1.7 allow an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c.

9.8CVSS9.6AI score0.00392EPSS
CVE
CVE
added 2021/10/20 11:16 a.m.340 views

CVE-2021-35550

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows unauthenticated attac...

7.1CVSS5.8AI score0.00093EPSS
CVE
CVE
added 2021/10/12 6:15 p.m.338 views

CVE-2021-3671

A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request). An authenticated user could use this flaw to crash the samba server.

6.5CVSS7.1AI score0.01131EPSS
CVE
CVE
added 2021/01/05 5:15 a.m.337 views

CVE-2020-36158

mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel through 5.10.4 might allow remote attackers to execute arbitrary code via a long SSID value, aka CID-5c455c5ab332.

8.8CVSS7.7AI score0.00579EPSS
CVE
CVE
added 2021/03/19 4:15 a.m.337 views

CVE-2021-25290

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size.

7.5CVSS8.3AI score0.00155EPSS
CVE
CVE
added 2021/05/11 8:15 p.m.336 views

CVE-2020-26147

An issue was discovered in the Linux kernel 5.8.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends fragmented frames a...

5.4CVSS6.3AI score0.00478EPSS
CVE
CVE
added 2021/08/05 8:15 p.m.336 views

CVE-2021-3679

A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service...

5.5CVSS6.1AI score0.01289EPSS
CVE
CVE
added 2021/02/26 11:15 p.m.335 views

CVE-2020-27618

The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a deni...

5.5CVSS6.5AI score0.00644EPSS
CVE
CVE
added 2021/02/26 3:15 a.m.335 views

CVE-2021-23961

Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox < 85.

7.4CVSS6.8AI score0.00417EPSS
CVE
CVE
added 2021/03/11 10:15 p.m.334 views

CVE-2021-28153

An issue was discovered in GNOME GLib before 2.66.8. When g_file_replace() is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path that is a dangling symlink, it incorrectly also creates the target of the symlink as an empty file, which could conceivably have security relevance if the syml...

5.3CVSS5.6AI score0.00444EPSS
CVE
CVE
added 2021/07/22 6:15 p.m.334 views

CVE-2021-36222

ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash. This occurs because a return value is not properly managed in a certain situation.

7.5CVSS7.4AI score0.05576EPSS
CVE
CVE
added 2021/05/13 4:15 p.m.330 views

CVE-2021-20221

An out-of-bounds heap buffer access issue was found in the ARM Generic Interrupt Controller emulator of QEMU up to and including qemu 4.2.0on aarch64 platform. The issue occurs because while writing an interrupt ID to the controller memory area, it is not masked to be 4 bits wide. It may lead to th...

6CVSS6.4AI score0.00014EPSS
CVE
CVE
added 2021/06/01 2:15 p.m.330 views

CVE-2021-3516

There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability.

7.8CVSS7.9AI score0.00362EPSS
CVE
CVE
added 2021/03/23 12:15 a.m.329 views

CVE-2021-21346

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed...

9.8CVSS8.3AI score0.03899EPSS
CVE
CVE
added 2021/08/07 4:15 a.m.329 views

CVE-2021-38160

In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any existing use case;...

7.8CVSS7.8AI score0.00066EPSS
CVE
CVE
added 2021/03/23 12:15 a.m.328 views

CVE-2021-21345

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker who has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user is affected, who foll...

9.9CVSS7.8AI score0.85307EPSS
CVE
CVE
added 2021/10/20 11:16 a.m.328 views

CVE-2021-35588

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Java SE: 7u311, 8u301; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows unauthenticated attacker wi...

3.1CVSS4.2AI score0.00087EPSS
CVE
CVE
added 2021/08/05 9:15 p.m.327 views

CVE-2021-3580

A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.

7.5CVSS7.3AI score0.00038EPSS
CVE
CVE
added 2021/05/27 12:15 p.m.326 views

CVE-2021-28652

An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to incorrect parser validation, it allows a Denial of Service attack against the Cache Manager API. This allows a trusted client to trigger memory leaks that. over time, lead to a Denial of Service via an unspecified short query...

4.9CVSS5.9AI score0.00772EPSS
Total number of security vulnerabilities1073