CVE-2020-35498
- EPSS 8.03%
- Veröffentlicht 11.02.2021 18:15:15
- Zuletzt bearbeitet 23.04.2025 20:15:20
A vulnerability was found in openvswitch. A limitation in the implementation of userspace packet parsing can allow a malicious user to send a specially crafted packet causing the resulting megaflow in the kernel to be too wide, potentially causing a ...
CVE-2021-0326
- EPSS 4.71%
- Veröffentlicht 10.02.2021 17:15:19
- Zuletzt bearbeitet 21.11.2024 05:42:31
In p2p_copy_client_info of p2p.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi Direct search, with no additional execution privileges needed...
CVE-2021-27135
- EPSS 7.54%
- Veröffentlicht 10.02.2021 16:15:13
- Zuletzt bearbeitet 21.11.2024 05:57:23
xterm before Patch #366 allows remote attackers to execute arbitrary code or cause a denial of service (segmentation fault) via a crafted UTF-8 combining character sequence.
CVE-2020-36244
- EPSS 4.23%
- Veröffentlicht 10.02.2021 07:15:12
- Zuletzt bearbeitet 21.11.2024 05:29:08
The daemon in GENIVI diagnostic log and trace (DLT), is vulnerable to a heap-based buffer overflow that could allow an attacker to remotely execute arbitrary code on the DLT-Daemon (versions prior to 2.18.6).
CVE-2021-26937
- EPSS 9.15%
- Veröffentlicht 09.02.2021 20:15:14
- Zuletzt bearbeitet 09.05.2025 20:15:36
encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service (invalid write access and application crash) or possibly have unspecified other impact via a crafted UTF-8 character sequence.
CVE-2021-21148
- EPSS 19.82%
- Veröffentlicht 09.02.2021 16:15:12
- Zuletzt bearbeitet 24.10.2025 21:02:10
Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-26675
- EPSS 1.3%
- Veröffentlicht 09.02.2021 16:15:12
- Zuletzt bearbeitet 21.11.2024 05:56:39
A stack-based buffer overflow in dnsproxy in ConnMan before 1.39 could be used by network adjacent attackers to execute code.
CVE-2021-26676
- EPSS 1.21%
- Veröffentlicht 09.02.2021 16:15:12
- Zuletzt bearbeitet 21.11.2024 05:56:39
gdhcp in ConnMan before 1.39 could be used by network-adjacent attackers to leak sensitive stack information, allowing further exploitation of bugs in gdhcp.
- EPSS 0.44%
- Veröffentlicht 08.02.2021 20:15:13
- Zuletzt bearbeitet 21.11.2024 05:57:01
Firejail before 0.9.64.4 allows attackers to bypass intended access restrictions because there is a TOCTOU race condition between a stat operation and an OverlayFS mount operation.
CVE-2021-21290
- EPSS 1.78%
- Veröffentlicht 08.02.2021 20:15:12
- Zuletzt bearbeitet 21.11.2024 05:47:56
Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty before version 4.1.59.Final there is a vulnerability on Unix-like systems inv...