- EPSS 4.47%
- Veröffentlicht 03.06.2022 06:15:07
- Zuletzt bearbeitet 21.11.2024 07:06:03
StarWind SAN and NAS v0.2 build 1914 allow remote code execution. A flaw was found in REST API in StarWind Stack. REST command, which allows changing the hostname, doesn’t check a new hostname parameter. It goes directly to bash as part of a script. ...
CVE-2021-43527
- EPSS 5.24%
- Veröffentlicht 08.12.2021 22:15:09
- Zuletzt bearbeitet 21.11.2024 06:29:21
NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \#7, or PKCS \...
CVE-2021-42739
- EPSS 0.03%
- Veröffentlicht 20.10.2021 07:15:09
- Zuletzt bearbeitet 21.11.2024 06:28:04
The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking.
CVE-2020-36385
- EPSS 0.06%
- Veröffentlicht 07.06.2021 12:15:08
- Zuletzt bearbeitet 21.11.2024 05:29:22
An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c.
CVE-2020-25704
- EPSS 0.05%
- Veröffentlicht 02.12.2020 01:15:12
- Zuletzt bearbeitet 21.11.2024 05:18:31
A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERF_EVENT_IOC_SET_FILTER. A local user could use this flaw to starve the resources causing denial of service.