CVE-2020-36332
- EPSS 1.2%
- Published 21.05.2021 17:15:08
- Last modified 21.11.2024 05:29:18
A flaw was found in libwebp in versions before 1.0.1. When reading a file libwebp allocates an excessive amount of memory. The highest threat from this vulnerability is to the service availability.
CVE-2021-31439
- EPSS 1.04%
- Published 21.05.2021 15:15:07
- Last modified 14.01.2025 19:29:55
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology DiskStation Manager. Authentication is not required to exploit this vulnerablity. The specific flaw exists within the processing of D...
CVE-2021-33477
- EPSS 0.27%
- Published 20.05.2021 20:15:07
- Last modified 21.11.2024 06:08:54
rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7 allow (potentially remote) code execution because of improper handling of certain escape sequences (ESC G Q). A response is terminated by a newline.
CVE-2021-3426
- EPSS 0.08%
- Published 20.05.2021 13:15:07
- Last modified 21.11.2024 06:21:28
There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other u...
CVE-2021-3517
- EPSS 0.09%
- Published 19.05.2021 14:15:07
- Last modified 21.11.2024 06:21:44
There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-o...
CVE-2021-3518
- EPSS 0.25%
- Published 18.05.2021 12:15:08
- Last modified 21.11.2024 06:21:44
There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, inte...
CVE-2020-25709
- EPSS 12.34%
- Published 18.05.2021 12:15:07
- Last modified 21.11.2024 05:18:32
A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP’s slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability.
CVE-2021-3524
- EPSS 0.58%
- Published 17.05.2021 17:15:08
- Last modified 21.11.2024 06:21:45
A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway) in versions before 14.2.21. The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the COR...
CVE-2021-3483
- EPSS 0.18%
- Published 17.05.2021 12:15:07
- Last modified 21.11.2024 06:21:39
A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to con...
CVE-2021-33034
- EPSS 0.18%
- Published 14.05.2021 23:15:09
- Last modified 21.11.2024 06:08:09
In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. This leads to writing an arbitrary value.