- EPSS 0.48%
- Veröffentlicht 22.04.2021 18:15:08
- Zuletzt bearbeitet 21.11.2024 05:51:16
A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr...
CVE-2021-26987
- EPSS 2.44%
- Veröffentlicht 15.03.2021 22:15:13
- Zuletzt bearbeitet 21.11.2024 05:57:08
Element Plug-in for vCenter Server incorporates SpringBoot Framework. SpringBoot Framework versions prior to 1.3.2 are susceptible to a vulnerability which when successfully exploited could lead to Remote Code Execution. All versions of Element Plug-...
CVE-2021-26932
- EPSS 0.35%
- Veröffentlicht 17.02.2021 02:15:13
- Zuletzt bearbeitet 21.11.2024 05:57:04
An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen. Grant mapping operations often occur in batch hypercalls, where a number of operations are done in a single hypercall, the success or failure of each one is reported to ...
- EPSS 1.6%
- Veröffentlicht 05.02.2021 14:15:18
- Zuletzt bearbeitet 21.11.2024 05:56:42
A local privilege escalation was discovered in the Linux kernel before 5.10.13. Multiple race conditions in the AF_VSOCK implementation are caused by wrong locking in net/vmw_vsock/af_vsock.c. The race conditions were implicitly introduced in the com...
CVE-2020-35507
- EPSS 1.23%
- Veröffentlicht 04.01.2021 15:15:15
- Zuletzt bearbeitet 21.11.2024 05:27:27
There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in versions prior to 2.34 which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat o...
CVE-2020-35496
- EPSS 1.14%
- Veröffentlicht 04.01.2021 15:15:14
- Zuletzt bearbeitet 21.11.2024 05:27:25
There's a flaw in bfd_pef_scan_start_address() of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to applicat...
CVE-2020-35495
- EPSS 1.16%
- Veröffentlicht 04.01.2021 15:15:13
- Zuletzt bearbeitet 21.11.2024 05:27:25
There's a flaw in binutils /bfd/pef.c. An attacker who is able to submit a crafted input file to be processed by the objdump program could cause a null pointer dereference. The greatest threat from this flaw is to application availability. This flaw ...
CVE-2020-35494
- EPSS 1.07%
- Veröffentlicht 04.01.2021 15:15:13
- Zuletzt bearbeitet 21.11.2024 05:27:25
There's a flaw in binutils /opcodes/tic4x-dis.c. An attacker who is able to submit a crafted input file to be processed by binutils could cause usage of uninitialized memory. The highest threat is to application availability with a lower threat to da...
CVE-2020-35493
- EPSS 1.13%
- Veröffentlicht 04.01.2021 15:15:12
- Zuletzt bearbeitet 21.11.2024 05:27:24
A flaw exists in binutils in bfd/pef.c. An attacker who is able to submit a crafted PEF file to be parsed by objdump could cause a heap buffer overflow -> out-of-bounds read that could lead to an impact to application availability. This flaw affects ...
CVE-2020-29569
- EPSS 0.39%
- Veröffentlicht 15.12.2020 17:15:14
- Zuletzt bearbeitet 21.11.2024 05:24:13
An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The Linux kernel PV block backend expects the kernel thread handler to reset ring->xenblkd to NULL when stopped. However, the handler may not have time to ru...