CVE-2021-23214
- EPSS 1.9%
- Veröffentlicht 04.03.2022 16:15:08
- Zuletzt bearbeitet 21.11.2024 05:51:23
When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certif...
CVE-2021-3743
- EPSS 0.72%
- Veröffentlicht 04.03.2022 16:15:08
- Zuletzt bearbeitet 21.11.2024 06:22:18
An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. A missing sanity check allows a local attacker to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel i...
CVE-2021-3744
- EPSS 0.53%
- Veröffentlicht 04.03.2022 16:15:08
- Zuletzt bearbeitet 21.11.2024 06:22:19
A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18...
CVE-2021-3638
- EPSS 0.43%
- Veröffentlicht 03.03.2022 23:15:08
- Zuletzt bearbeitet 21.11.2024 06:22:02
An out-of-bounds memory access flaw was found in the ATI VGA device emulation of QEMU. This flaw occurs in the ati_2d_blt() routine while handling MMIO write operations when the guest provides invalid values for the destination display parameters. A ...
- EPSS 0.37%
- Veröffentlicht 03.03.2022 23:15:08
- Zuletzt bearbeitet 21.11.2024 06:22:03
A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with...
CVE-2022-0730
- EPSS 3.45%
- Veröffentlicht 03.03.2022 23:15:08
- Zuletzt bearbeitet 21.11.2024 06:39:16
Under certain ldap conditions, Cacti authentication can be bypassed with certain credential types.
CVE-2021-4002
- EPSS 0.52%
- Veröffentlicht 03.03.2022 22:15:08
- Zuletzt bearbeitet 21.11.2024 06:36:42
A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. A local user could use this ...
CVE-2022-21716
- EPSS 3.61%
- Veröffentlicht 03.03.2022 21:15:07
- Zuletzt bearbeitet 25.11.2024 18:12:24
Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0, Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH version identifier. This ends up with a bu...
CVE-2022-24724
- EPSS 4.19%
- Veröffentlicht 03.03.2022 20:15:07
- Zuletzt bearbeitet 21.11.2024 06:50:57
cmark-gfm is GitHub's extended version of the C reference implementation of CommonMark. Prior to versions 0.29.0.gfm.3 and 0.28.3.gfm.21, an integer overflow in cmark-gfm's table row parsing `table.c:row_from_string` may lead to heap memory corruptio...
CVE-2022-0492
- EPSS 5.53%
- Veröffentlicht 03.03.2022 19:15:08
- Zuletzt bearbeitet 03.06.2026 12:53:31
A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the...