CVE-2021-39218
- EPSS 0.3%
- Veröffentlicht 17.09.2021 21:15:07
- Zuletzt bearbeitet 21.11.2024 06:18:55
Wasmtime is an open source runtime for WebAssembly & WASI. In Wasmtime from version 0.26.0 and before version 0.30.0 is affected by a memory unsoundness vulnerability. There was an invalid free and out-of-bounds read and write bug when running Wasm t...
CVE-2021-39216
- EPSS 0.31%
- Veröffentlicht 17.09.2021 20:15:07
- Zuletzt bearbeitet 21.11.2024 06:18:55
Wasmtime is an open source runtime for WebAssembly & WASI. In Wasmtime from version 0.19.0 and before version 0.30.0 there was a use-after-free bug when passing `externref`s from the host to guest Wasm content. To trigger the bug, you have to explici...
CVE-2021-39219
- EPSS 0.36%
- Veröffentlicht 17.09.2021 20:15:07
- Zuletzt bearbeitet 21.11.2024 06:18:56
Wasmtime is an open source runtime for WebAssembly & WASI. Wasmtime before version 0.30.0 is affected by a type confusion vulnerability. As a Rust library the `wasmtime` crate clearly marks which functions are safe and which are `unsafe`, guaranteein...
CVE-2021-34798
- EPSS 64.51%
- Veröffentlicht 16.09.2021 15:15:07
- Zuletzt bearbeitet 21.11.2024 06:11:13
Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier.
CVE-2021-36160
- EPSS 62.89%
- Veröffentlicht 16.09.2021 15:15:07
- Zuletzt bearbeitet 01.05.2025 15:40:05
A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive).
CVE-2021-39275
- EPSS 36.34%
- Veröffentlicht 16.09.2021 15:15:07
- Zuletzt bearbeitet 01.05.2025 15:39:40
ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier.
- EPSS 100%
- Veröffentlicht 16.09.2021 15:15:07
- Zuletzt bearbeitet 27.10.2025 17:37:06
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.
CVE-2021-3796
- EPSS 1.75%
- Veröffentlicht 15.09.2021 13:15:08
- Zuletzt bearbeitet 21.11.2024 06:22:27
vim is vulnerable to Use After Free
CVE-2021-3778
- EPSS 1.74%
- Veröffentlicht 15.09.2021 08:15:06
- Zuletzt bearbeitet 21.11.2024 06:22:24
vim is vulnerable to Heap-based Buffer Overflow
CVE-2021-40839
- EPSS 5.57%
- Veröffentlicht 10.09.2021 02:15:07
- Zuletzt bearbeitet 21.11.2024 06:24:53
The rencode package through 1.0.6 for Python allows an infinite loop in typecode decoding (such as via ;\x2f\x7f), enabling a remote attack that consumes CPU and memory.