CVE-2020-15225
- EPSS 1.8%
- Veröffentlicht 29.04.2021 21:15:08
- Zuletzt bearbeitet 21.11.2024 05:05:07
django-filter is a generic system for filtering Django QuerySets based on user selections. In django-filter before version 2.4.0, automatically generated `NumberFilter` instances, whose value was later converted to an integer, were subject to potenti...
CVE-2020-18032
- EPSS 2.62%
- Veröffentlicht 29.04.2021 18:15:08
- Zuletzt bearbeitet 21.11.2024 05:08:21
Buffer Overflow in Graphviz Graph Visualization Tools from commit ID f8b9e035 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by loading a crafted file into the "lib/common/shapes.c" comp...
CVE-2020-36327
- EPSS 6.31%
- Veröffentlicht 29.04.2021 03:15:08
- Zuletzt bearbeitet 21.11.2024 05:29:17
Bundler 1.16.0 through 2.2.9 and 2.2.11 through 2.2.16 sometimes chooses a dependency source based on the highest gem version number, which means that a rogue gem found at a public source may be chosen, even if the intended choice was a private gem t...
CVE-2021-25215
- EPSS 11.3%
- Veröffentlicht 29.04.2021 01:15:08
- Zuletzt bearbeitet 21.11.2024 05:54:33
In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable ...
CVE-2021-25214
- EPSS 5.94%
- Veröffentlicht 29.04.2021 01:15:07
- Zuletzt bearbeitet 21.11.2024 05:54:33
In BIND 9.8.5 -> 9.8.8, 9.9.3 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND 9 Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, ...
CVE-2021-29472
- EPSS 4.85%
- Veröffentlicht 27.04.2021 21:15:08
- Zuletzt bearbeitet 21.11.2024 06:01:11
Composer is a dependency manager for PHP. URLs for Mercurial repositories in the root composer.json and package source download URLs are not sanitized correctly. Specifically crafted URL values allow code to be executed in the HgDriver if hg/Mercuria...
CVE-2021-29473
- EPSS 1.68%
- Veröffentlicht 26.04.2021 19:15:08
- Zuletzt bearbeitet 21.11.2024 06:01:11
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. An out-of-bounds read was found in Exiv2 versions v0.27.3 and earlier. Exiv2 is a command-line utility and C++ library for rea...
CVE-2021-21201
- EPSS 1.69%
- Veröffentlicht 26.04.2021 17:15:08
- Zuletzt bearbeitet 21.11.2024 05:47:45
Use after free in permissions in Google Chrome prior to 90.0.4430.72 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2021-21202
- EPSS 1.02%
- Veröffentlicht 26.04.2021 17:15:08
- Zuletzt bearbeitet 21.11.2024 05:47:46
Use after free in extensions in Google Chrome prior to 90.0.4430.72 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
CVE-2021-21203
- EPSS 1.75%
- Veröffentlicht 26.04.2021 17:15:08
- Zuletzt bearbeitet 21.11.2024 05:47:46
Use after free in Blink in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.