CVE-2021-21108
- EPSS 1.32%
- Veröffentlicht 08.01.2021 19:15:14
- Zuletzt bearbeitet 21.11.2024 05:47:35
Use after free in media in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-26664
- EPSS 1.46%
- Veröffentlicht 08.01.2021 18:15:13
- Zuletzt bearbeitet 09.07.2026 01:16:39
A vulnerability in EbmlTypeDispatcher::send in VideoLAN VLC media player 3.0.11 allows attackers to trigger a heap-based buffer overflow via a crafted .mkv file.
CVE-2021-1056
- EPSS 1.78%
- Veröffentlicht 08.01.2021 01:15:14
- Zuletzt bearbeitet 21.11.2024 05:43:28
NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to d...
CVE-2020-26976
- EPSS 1.56%
- Veröffentlicht 07.01.2021 14:15:12
- Zuletzt bearbeitet 21.11.2024 05:20:36
When a HTTPS pages was embedded in a HTTP page, and there was a service worker registered for the former, the service worker could have intercepted the request for the secure page despite the iframe not being a secure context due to the (insecure) fr...
CVE-2020-36183
- EPSS 4.89%
- Veröffentlicht 07.01.2021 00:15:15
- Zuletzt bearbeitet 29.04.2026 20:22:05
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool.
CVE-2020-36179
- EPSS 20.93%
- Veröffentlicht 07.01.2021 00:15:14
- Zuletzt bearbeitet 21.11.2024 05:28:54
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS.
CVE-2020-36180
- EPSS 5.04%
- Veröffentlicht 07.01.2021 00:15:14
- Zuletzt bearbeitet 21.11.2024 05:28:54
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS.
CVE-2020-36182
- EPSS 5.02%
- Veröffentlicht 07.01.2021 00:15:14
- Zuletzt bearbeitet 21.11.2024 05:28:55
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS.
CVE-2020-36184
- EPSS 10.38%
- Veröffentlicht 06.01.2021 23:15:13
- Zuletzt bearbeitet 21.11.2024 05:28:56
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource.
CVE-2020-36185
- EPSS 5.22%
- Veröffentlicht 06.01.2021 23:15:13
- Zuletzt bearbeitet 21.11.2024 05:28:56
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource.