CVE-2021-41771
- EPSS 4.37%
- Veröffentlicht 08.11.2021 06:15:08
- Zuletzt bearbeitet 21.11.2024 06:26:44
ImportedSymbols in debug/macho (for Open or OpenFat) in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation.
CVE-2021-41772
- EPSS 3.05%
- Veröffentlicht 08.11.2021 06:15:08
- Zuletzt bearbeitet 21.11.2024 06:26:44
Go before 1.16.10 and 1.17.x before 1.17.3 allows an archive/zip Reader.Open panic via a crafted ZIP archive containing an invalid name or an empty filename field.
CVE-2021-42072
- EPSS 1.6%
- Veröffentlicht 08.11.2021 04:15:08
- Zuletzt bearbeitet 21.11.2024 06:27:11
An issue was discovered in Barrier before 2.4.0. The barriers component (aka the server-side implementation of Barrier) does not sufficiently verify the identify of connecting clients. Clients can thus exploit weaknesses in the provided protocol to c...
CVE-2021-35368
- EPSS 2.54%
- Veröffentlicht 05.11.2021 18:15:09
- Zuletzt bearbeitet 21.11.2024 06:12:15
OWASP ModSecurity Core Rule Set 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.2 is affected by a Request Body Bypass via a trailing pathname.
CVE-2021-3927
- EPSS 1.59%
- Veröffentlicht 05.11.2021 15:15:08
- Zuletzt bearbeitet 21.11.2024 06:22:47
vim is vulnerable to Heap-based Buffer Overflow
CVE-2021-3928
- EPSS 0.59%
- Veröffentlicht 05.11.2021 15:15:08
- Zuletzt bearbeitet 21.11.2024 06:22:47
vim is vulnerable to Use of Uninitialized Variable
CVE-2021-27836
- EPSS 1.12%
- Veröffentlicht 03.11.2021 17:15:08
- Zuletzt bearbeitet 21.11.2024 05:58:37
An issue was discoverered in in function xls_getWorkSheet in xls.c in libxls 1.6.2, allows attackers to cause a denial of service, via a crafted XLS file.
CVE-2020-27820
- EPSS 0.47%
- Veröffentlicht 03.11.2021 00:15:07
- Zuletzt bearbeitet 21.11.2024 05:21:52
A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if "unbind" the driver).
CVE-2021-43267
- EPSS 57.58%
- Veröffentlicht 02.11.2021 23:15:07
- Zuletzt bearbeitet 21.11.2024 06:28:57
An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO mes...
CVE-2021-37977
- EPSS 0.86%
- Veröffentlicht 02.11.2021 21:15:07
- Zuletzt bearbeitet 21.11.2024 06:16:10
Use after free in Garbage Collection in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.