- EPSS 100%
- Veröffentlicht 16.09.2021 15:15:07
- Zuletzt bearbeitet 27.10.2025 17:37:06
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.
CVE-2021-41079
- EPSS 7.18%
- Veröffentlicht 16.09.2021 15:15:07
- Zuletzt bearbeitet 21.11.2024 06:25:24
Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an in...
CVE-2021-3796
- EPSS 1.75%
- Veröffentlicht 15.09.2021 13:15:08
- Zuletzt bearbeitet 21.11.2024 06:22:27
vim is vulnerable to Use After Free
CVE-2021-3778
- EPSS 1.74%
- Veröffentlicht 15.09.2021 08:15:06
- Zuletzt bearbeitet 21.11.2024 06:22:24
vim is vulnerable to Heap-based Buffer Overflow
CVE-2021-41072
- EPSS 2.3%
- Veröffentlicht 14.09.2021 01:15:07
- Zuletzt bearbeitet 21.11.2024 06:25:22
squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. A squashfs filesystem that has been crafted to include a symbolic link and then contents under the same filename in a fi...
CVE-2021-41054
- EPSS 2.58%
- Veröffentlicht 13.09.2021 21:15:09
- Zuletzt bearbeitet 21.11.2024 06:25:21
tftpd_file.c in atftp through 0.7.4 has a buffer overflow because buffer-size handling does not properly consider the combination of data, OACK, and other options.
CVE-2021-39200
- EPSS 2.21%
- Veröffentlicht 09.09.2021 22:15:09
- Zuletzt bearbeitet 21.11.2024 06:18:52
WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions output data of the function wp_die() can be leaked under certain conditions, which can include data like no...
CVE-2021-39201
- EPSS 1.62%
- Veröffentlicht 09.09.2021 22:15:09
- Zuletzt bearbeitet 21.11.2024 06:18:53
WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. ### Impact The issue allows an authenticated but low-privileged user (like contributor/author) to execute XSS in the editor. Thi...
CVE-2020-19144
- EPSS 1.59%
- Veröffentlicht 09.09.2021 15:15:08
- Zuletzt bearbeitet 21.11.2024 05:08:58
Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the 'in _TIFFmemcpy' funtion in the component 'tif_unix.c'.
CVE-2020-19143
- EPSS 1.46%
- Veröffentlicht 09.09.2021 15:15:07
- Zuletzt bearbeitet 21.11.2024 05:08:58
Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the "TIFFVGetField" funtion in the component 'libtiff/tif_dir.c'.