CVE-2021-45417
- EPSS 0.49%
- Veröffentlicht 20.01.2022 18:15:07
- Zuletzt bearbeitet 21.11.2024 06:32:10
AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), because of a heap-based buffer overflow.
CVE-2022-20698
- EPSS 3.06%
- Veröffentlicht 14.01.2022 06:15:09
- Zuletzt bearbeitet 21.11.2024 06:43:21
A vulnerability in the OOXML parsing module in Clam AntiVirus (ClamAV) Software version 0.104.1 and LTS version 0.103.4 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. T...
CVE-2021-44420
- EPSS 2.3%
- Veröffentlicht 08.12.2021 00:15:07
- Zuletzt bearbeitet 21.11.2024 06:30:56
In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before 3.2.10, HTTP requests for URLs with trailing newlines could bypass upstream access control based on URL paths.
CVE-2021-3939
- EPSS 0.35%
- Veröffentlicht 17.11.2021 04:15:06
- Zuletzt bearbeitet 21.11.2024 06:22:49
Ubuntu-specific modifications to accountsservice (in patch file debian/patches/0010-set-language.patch) caused the fallback_locale variable, pointing to static storage, to be freed, in the user_change_language_authorized_cb function. This is reachabl...
CVE-2021-32552
- EPSS 0.29%
- Veröffentlicht 12.06.2021 04:15:12
- Zuletzt bearbeitet 21.11.2024 06:07:15
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-16 package apport hooks, it could expose private data to other local users.
CVE-2021-32553
- EPSS 0.32%
- Veröffentlicht 12.06.2021 04:15:12
- Zuletzt bearbeitet 21.11.2024 06:07:15
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-17 package apport hooks, it could expose private data to other local users.
CVE-2021-32554
- EPSS 0.29%
- Veröffentlicht 12.06.2021 04:15:12
- Zuletzt bearbeitet 21.11.2024 06:07:15
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg package apport hooks, it could expose private data to other local users.
CVE-2021-32555
- EPSS 0.29%
- Veröffentlicht 12.06.2021 04:15:12
- Zuletzt bearbeitet 21.11.2024 06:07:15
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg-hwe-18.04 package apport hooks, it could expose private data to other local users.
CVE-2021-32548
- EPSS 0.29%
- Veröffentlicht 12.06.2021 04:15:11
- Zuletzt bearbeitet 21.11.2024 06:07:14
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-8 package apport hooks, it could expose private data to other local users.
CVE-2021-32549
- EPSS 0.29%
- Veröffentlicht 12.06.2021 04:15:11
- Zuletzt bearbeitet 21.11.2024 06:07:14
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-13 package apport hooks, it could expose private data to other local users.