CVE-2020-25717
- EPSS 1.61%
- Veröffentlicht 18.02.2022 18:15:08
- Zuletzt bearbeitet 21.11.2024 05:18:33
A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation.
- EPSS 1.67%
- Veröffentlicht 18.02.2022 18:15:08
- Zuletzt bearbeitet 21.11.2024 05:18:34
A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and a...
CVE-2021-20320
- EPSS 0.25%
- Veröffentlicht 18.02.2022 18:15:08
- Zuletzt bearbeitet 21.11.2024 05:46:22
A flaw was found in s390 eBPF JIT in bpf_jit_insn in arch/s390/net/bpf_jit_comp.c in the Linux kernel. In this flaw, a local attacker with special user privilege can circumvent the verifier and may lead to a confidentiality problem.
CVE-2021-20321
- EPSS 0.22%
- Veröffentlicht 18.02.2022 18:15:08
- Zuletzt bearbeitet 21.11.2024 05:46:22
A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system.
CVE-2021-3752
- EPSS 1.74%
- Veröffentlicht 16.02.2022 19:15:08
- Zuletzt bearbeitet 21.11.2024 06:22:20
A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The...
CVE-2021-3753
- EPSS 0.36%
- Veröffentlicht 16.02.2022 19:15:08
- Zuletzt bearbeitet 21.11.2024 06:22:20
A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulne...
CVE-2021-3773
- EPSS 5.28%
- Veröffentlicht 16.02.2022 19:15:08
- Zuletzt bearbeitet 28.03.2025 15:15:41
A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks.
CVE-2021-3551
- EPSS 0.19%
- Veröffentlicht 16.02.2022 17:15:11
- Zuletzt bearbeitet 21.11.2024 06:21:49
A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This flaw allows a local attacker to retrieve the file to obtain the admin password and gain admin privile...
CVE-2022-0561
- EPSS 1.25%
- Veröffentlicht 11.02.2022 18:15:11
- Zuletzt bearbeitet 21.11.2024 06:38:55
Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, t...
CVE-2022-0529
- EPSS 2.42%
- Veröffentlicht 09.02.2022 23:15:16
- Zuletzt bearbeitet 21.11.2024 06:38:51
A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code ex...