CVE-2021-41611
- EPSS 2.85%
- Veröffentlicht 18.10.2021 09:15:08
- Zuletzt bearbeitet 21.11.2024 06:26:31
An issue was discovered in Squid 5.0.6 through 5.1.x before 5.2. When validating an origin server or peer certificate, Squid may incorrectly classify certain certificates as trusted. This problem allows a remote server to obtain security trust well i...
CVE-2021-38297
- EPSS 10.3%
- Veröffentlicht 18.10.2021 06:15:06
- Zuletzt bearbeitet 21.11.2024 06:16:44
Go before 1.16.9 and 1.17.x before 1.17.2 has a Buffer Overflow via large arguments in a function invocation from a WASM module, when GOARCH=wasm GOOS=js is used.
CVE-2021-28021
- EPSS 1.33%
- Veröffentlicht 15.10.2021 16:15:07
- Zuletzt bearbeitet 21.11.2024 05:58:58
Buffer overflow vulnerability in function stbi__extend_receive in stb_image.h in stb 2.26 via a crafted JPEG file.
CVE-2021-3875
- EPSS 1.44%
- Veröffentlicht 15.10.2021 14:15:07
- Zuletzt bearbeitet 21.11.2024 06:22:42
vim is vulnerable to Heap-based Buffer Overflow
CVE-2021-41798
- EPSS 1.3%
- Veröffentlicht 11.10.2021 08:15:06
- Zuletzt bearbeitet 21.11.2024 06:26:46
MediaWiki before 1.36.2 allows XSS. Month related MediaWiki messages are not escaped before being used on the Special:Search results page.
CVE-2021-41799
- EPSS 1.65%
- Veröffentlicht 11.10.2021 08:15:06
- Zuletzt bearbeitet 21.11.2024 06:26:47
MediaWiki before 1.36.2 allows a denial of service (resource consumption because of lengthy query processing time). ApiQueryBacklinks (action=query&list=backlinks) can cause a full table scan.
CVE-2021-41800
- EPSS 1.74%
- Veröffentlicht 11.10.2021 08:15:06
- Zuletzt bearbeitet 21.11.2024 06:26:47
MediaWiki before 1.36.2 allows a denial of service (resource consumption because of lengthy query processing time). Visiting Special:Contributions can sometimes result in a long running SQL query because PoolCounter protection is mishandled.
CVE-2021-37967
- EPSS 0.74%
- Veröffentlicht 08.10.2021 22:15:08
- Zuletzt bearbeitet 21.11.2024 06:16:09
Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.
CVE-2021-37968
- EPSS 1.19%
- Veröffentlicht 08.10.2021 22:15:08
- Zuletzt bearbeitet 21.11.2024 06:16:09
Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2021-37969
- EPSS 0.92%
- Veröffentlicht 08.10.2021 22:15:08
- Zuletzt bearbeitet 21.11.2024 06:16:09
Inappropriate implementation in Google Updater in Google Chrome on Windows prior to 94.0.4606.54 allowed a remote attacker to perform local privilege escalation via a crafted file.