CVE-2021-38003
- EPSS 36.24%
- Veröffentlicht 23.11.2021 22:15:07
- Zuletzt bearbeitet 24.10.2025 14:10:04
Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-38004
- EPSS 0.84%
- Veröffentlicht 23.11.2021 22:15:07
- Zuletzt bearbeitet 21.11.2024 06:16:14
Insufficient policy enforcement in Autofill in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2021-44143
- EPSS 3.66%
- Veröffentlicht 22.11.2021 20:15:18
- Zuletzt bearbeitet 21.11.2024 06:30:25
A flaw was found in mbsync in isync 1.4.0 through 1.4.3. Due to an unchecked condition, a malicious or compromised IMAP server could use a crafted mail message that lacks headers (i.e., one that starts with an empty line) to provoke a heap overflow, ...
CVE-2021-3935
- EPSS 1.03%
- Veröffentlicht 22.11.2021 16:15:07
- Zuletzt bearbeitet 03.11.2025 20:15:50
When PgBouncer is configured to use "cert" authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of TLS certificate verification and encryption. This flaw affects PgBounc...
CVE-2021-21898
- EPSS 2.52%
- Veröffentlicht 19.11.2021 20:15:17
- Zuletzt bearbeitet 21.11.2024 05:49:12
A code execution vulnerability exists in the dwgCompressor::decompress18() functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dwg file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigge...
CVE-2021-21899
- EPSS 2.69%
- Veröffentlicht 19.11.2021 19:15:08
- Zuletzt bearbeitet 21.11.2024 05:49:12
A code execution vulnerability exists in the dwgCompressor::copyCompBytes21 functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dwg file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigg...
CVE-2021-21900
- EPSS 2.47%
- Veröffentlicht 19.11.2021 19:15:08
- Zuletzt bearbeitet 21.11.2024 05:49:12
A code execution vulnerability exists in the dxfRW::processLType() functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dxf file can lead to a use-after-free vulnerability. An attacker can provide a malicious file to trigge...
CVE-2021-40391
- EPSS 2.89%
- Veröffentlicht 19.11.2021 19:15:08
- Zuletzt bearbeitet 21.11.2024 06:24:01
An out-of-bounds write vulnerability exists in the drill format T-code tool number functionality of Gerbv 2.7.0, dev (commit b5f1eacd), and the forked version of Gerbv (commit 71493260). A specially-crafted drill file can lead to code execution. An a...
CVE-2021-39921
- EPSS 3.24%
- Veröffentlicht 19.11.2021 17:15:08
- Zuletzt bearbeitet 21.11.2024 06:20:34
NULL pointer exception in the Modbus dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
CVE-2021-39922
- EPSS 5.18%
- Veröffentlicht 19.11.2021 17:15:08
- Zuletzt bearbeitet 21.11.2024 06:20:34
Buffer overflow in the C12.22 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file