CVE-2021-20305
- EPSS 0.35%
- Published 05.04.2021 22:15:12
- Last modified 21.11.2024 05:46:19
A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possi...
CVE-2021-20284
- EPSS 0.09%
- Published 26.03.2021 17:15:13
- Last modified 21.11.2024 05:46:16
A flaw was found in GNU Binutils 2.35.1, where there is a heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c due to the number of symbols not calculated correctly. The highest threat from this vulnerability is to system ava...
CVE-2021-20197
- EPSS 0.14%
- Published 26.03.2021 17:15:12
- Last modified 21.11.2024 05:46:06
There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user (presumably as part of a script updating binaries acros...
CVE-2021-3449
- EPSS 13.18%
- Published 25.03.2021 15:15:13
- Last modified 21.11.2024 06:21:33
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but incl...
CVE-2021-3450
- EPSS 0.69%
- Published 25.03.2021 15:15:13
- Last modified 21.11.2024 06:21:33
The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly ...
CVE-2020-35524
- EPSS 0.49%
- Published 09.03.2021 20:15:13
- Last modified 21.11.2024 05:27:29
A heap-based buffer overflow flaw was found in libtiff in the handling of TIFF images in libtiff's TIFF2PDF tool. A specially crafted TIFF file can lead to arbitrary code execution. The highest threat from this vulnerability is to confidentiality, in...
CVE-2020-35521
- EPSS 0.1%
- Published 09.03.2021 20:15:12
- Last modified 21.11.2024 05:27:29
A flaw was found in libtiff. Due to a memory allocation failure in tif_read.c, a crafted TIFF file can lead to an abort, resulting in denial of service.
CVE-2020-35522
- EPSS 0.06%
- Published 09.03.2021 20:15:12
- Last modified 21.11.2024 05:27:29
In LibTIFF, there is a memory malloc failure in tif_pixarlog.c. A crafted TIFF document can lead to an abort, resulting in a remote denial of service attack.
CVE-2020-35523
- EPSS 0.26%
- Published 09.03.2021 20:15:12
- Last modified 21.11.2024 05:27:29
An integer overflow flaw was found in libtiff that exists in the tif_getimage.c file. This flaw allows an attacker to inject and execute arbitrary code when a user opens a crafted TIFF file. The highest threat from this vulnerability is to confidenti...
CVE-2021-20233
- EPSS 0.14%
- Published 03.03.2021 17:15:12
- Last modified 21.11.2024 05:46:10
A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() in the menu rendering code performs a length calculation on the assumption that expressing a quoted single quote will require 3 characters, while it actually requires 4 characters...