CVE-2021-3999
- EPSS 0.72%
- Veröffentlicht 24.08.2022 16:15:09
- Zuletzt bearbeitet 02.12.2025 21:15:49
A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid progr...
CVE-2021-4037
- EPSS 0.28%
- Veröffentlicht 24.08.2022 16:15:09
- Zuletzt bearbeitet 21.11.2024 06:36:46
A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set...
CVE-2021-4159
- EPSS 0.24%
- Veröffentlicht 24.08.2022 16:15:09
- Zuletzt bearbeitet 21.11.2024 06:37:02
A vulnerability was found in the Linux kernel's EBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to le...
CVE-2021-4189
- EPSS 2.6%
- Veröffentlicht 24.08.2022 16:15:09
- Zuletzt bearbeitet 17.12.2025 22:15:57
A flaw was found in Python, specifically in the FTP (File Transfer Protocol) client library in PASV (passive) mode. The issue is how the FTP client trusts the host from the PASV response by default. This flaw allows an attacker to set up a malicious ...
CVE-2021-4204
- EPSS 1.1%
- Veröffentlicht 24.08.2022 16:15:09
- Zuletzt bearbeitet 21.11.2024 06:37:08
An out-of-bounds (OOB) memory access flaw was found in the Linux kernel's eBPF due to an Improper Input Validation. This flaw allows a local attacker with a special privilege to crash the system or leak internal information.
CVE-2021-4213
- EPSS 1.2%
- Veröffentlicht 24.08.2022 16:15:09
- Zuletzt bearbeitet 21.11.2024 06:37:09
A flaw was found in JSS, where it did not properly free up all memory. Over time, the wasted memory builds up in the server memory, saturating the server’s RAM. This flaw allows an attacker to force the invocation of an out-of-memory process, causing...
CVE-2020-35511
- EPSS 0.35%
- Veröffentlicht 23.08.2022 20:15:08
- Zuletzt bearbeitet 21.11.2024 05:27:27
A global buffer overflow was discovered in pngcheck function in pngcheck-2.4.0(5 patches applied) via a crafted png file.
CVE-2021-3975
- EPSS 1.22%
- Veröffentlicht 23.08.2022 20:15:08
- Zuletzt bearbeitet 21.11.2024 06:23:17
A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAl...
CVE-2022-31676
- EPSS 0.54%
- Veröffentlicht 23.08.2022 20:15:08
- Zuletzt bearbeitet 21.11.2024 07:05:06
VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine.
CVE-2022-2946
- EPSS 0.5%
- Veröffentlicht 23.08.2022 17:15:14
- Zuletzt bearbeitet 21.11.2024 07:01:58
Use After Free in GitHub repository vim/vim prior to 9.0.0246.