CVE-2021-0086
- EPSS 0.37%
- Veröffentlicht 09.06.2021 20:15:08
- Zuletzt bearbeitet 21.11.2024 05:41:49
Observable response discrepancy in floating-point operations for some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
CVE-2021-0089
- EPSS 0.37%
- Veröffentlicht 09.06.2021 20:15:08
- Zuletzt bearbeitet 21.11.2024 05:41:49
Observable response discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
CVE-2021-32677
- EPSS 0.77%
- Veröffentlicht 09.06.2021 18:15:08
- Zuletzt bearbeitet 21.11.2024 06:07:30
FastAPI is a web framework for building APIs with Python 3.6+ based on standard Python type hints. FastAPI versions lower than 0.65.2 that used cookies for authentication in path operations that received JSON payloads sent by browsers were vulnerable...
CVE-2021-26314
- EPSS 0.61%
- Veröffentlicht 09.06.2021 12:15:07
- Zuletzt bearbeitet 21.11.2024 05:56:04
Potential floating point value injection in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution with incorrect floating point results, may cause the use of incorrect data from FPVI and may result...
CVE-2021-33829
- EPSS 3.19%
- Veröffentlicht 09.06.2021 12:15:07
- Zuletzt bearbeitet 21.11.2024 06:09:38
A cross-site scripting (XSS) vulnerability in the HTML Data Processor in CKEditor 4 4.14.0 through 4.16.x before 4.16.1 allows remote attackers to inject executable JavaScript code through a crafted comment because --!> is mishandled.
- EPSS 5.14%
- Veröffentlicht 08.06.2021 23:15:08
- Zuletzt bearbeitet 21.11.2024 06:06:35
ASP.NET Core Denial of Service Vulnerability
CVE-2021-31807
- EPSS 15.97%
- Veröffentlicht 08.06.2021 20:15:09
- Zuletzt bearbeitet 21.11.2024 06:06:15
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. An integer overflow problem allows a remote server to achieve Denial of Service when delivering responses to HTTP Range requests. The issue trigger is a header that can be expected to...
CVE-2021-33203
- EPSS 2.74%
- Veröffentlicht 08.06.2021 18:15:08
- Zuletzt bearbeitet 21.11.2024 06:08:30
Django before 2.2.24, 3.x before 3.1.12, and 3.2.x before 3.2.4 has a potential directory traversal via django.contrib.admindocs. Staff members could use the TemplateDetailView view to check the existence of arbitrary files. Additionally, if (and onl...
CVE-2021-33571
- EPSS 3.06%
- Veröffentlicht 08.06.2021 18:15:08
- Zuletzt bearbeitet 21.11.2024 06:09:06
In Django 2.2 before 2.2.24, 3.x before 3.1.12, and 3.2 before 3.2.4, URLValidator, validate_ipv4_address, and validate_ipv46_address do not prohibit leading zero characters in octal literals. This may allow a bypass of access control that is based o...
CVE-2021-22212
- EPSS 0.52%
- Veröffentlicht 08.06.2021 13:15:07
- Zuletzt bearbeitet 21.11.2024 05:49:43
ntpkeygen can generate keys that ntpd fails to parse. NTPsec 1.2.0 allows ntpkeygen to generate keys with '#' characters. ntpd then either pads, shortens the key, or fails to load these keys entirely, depending on the key type and the placement of th...