CVE-2021-4187
- EPSS 1.63%
- Veröffentlicht 29.12.2021 17:15:07
- Zuletzt bearbeitet 03.11.2025 21:15:48
vim is vulnerable to Use After Free
CVE-2021-44832
- EPSS 97.91%
- Veröffentlicht 28.12.2021 20:15:08
- Zuletzt bearbeitet 29.05.2026 20:16:21
Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has ...
CVE-2021-4173
- EPSS 1.62%
- Veröffentlicht 27.12.2021 13:15:07
- Zuletzt bearbeitet 03.11.2025 21:15:47
vim is vulnerable to Use After Free
CVE-2021-4166
- EPSS 1.59%
- Veröffentlicht 25.12.2021 19:15:07
- Zuletzt bearbeitet 21.11.2024 06:37:03
vim is vulnerable to Out-of-bounds Read
CVE-2021-45471
- EPSS 1.24%
- Veröffentlicht 24.12.2021 02:15:07
- Zuletzt bearbeitet 21.11.2024 06:32:16
In MediaWiki through 1.37, blocked IP addresses are allowed to edit EntitySchema items.
CVE-2021-45472
- EPSS 0.97%
- Veröffentlicht 24.12.2021 02:15:07
- Zuletzt bearbeitet 21.11.2024 06:32:16
In MediaWiki through 1.37, XSS can occur in Wikibase because an external identifier property can have a URL format that includes a $1 formatter substitution marker, and the javascript: URL scheme (among others) can be used.
CVE-2021-45473
- EPSS 1.25%
- Veröffentlicht 24.12.2021 02:15:07
- Zuletzt bearbeitet 21.11.2024 06:32:17
In MediaWiki through 1.37, Wikibase item descriptions allow XSS, which is triggered upon a visit to an action=info URL (aka a page-information sidebar).
CVE-2021-45474
- EPSS 0.97%
- Veröffentlicht 24.12.2021 02:15:07
- Zuletzt bearbeitet 21.11.2024 06:32:17
In MediaWiki through 1.37, the Special:ImportFile URI (aka FileImporter) allows XSS, as demonstrated by the clientUrl parameter.
CVE-2021-3621
- EPSS 2.52%
- Veröffentlicht 23.12.2021 21:15:08
- Zuletzt bearbeitet 03.11.2025 21:15:42
A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as...
CVE-2021-3622
- EPSS 4.79%
- Veröffentlicht 23.12.2021 21:15:08
- Zuletzt bearbeitet 21.11.2024 06:22:00
A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry (hive) file, which would cause hivex to recursively call the _get_children() function, leading to a stack overflow. The highest threat f...