CVE-2020-27170
- EPSS 0.57%
- Veröffentlicht 20.03.2021 22:15:11
- Zuletzt bearbeitet 21.11.2024 05:20:48
An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information fr...
CVE-2021-28952
- EPSS 0.38%
- Veröffentlicht 20.03.2021 21:15:11
- Zuletzt bearbeitet 21.11.2024 06:00:25
An issue was discovered in the Linux kernel through 5.11.8. The sound/soc/qcom/sdm845.c soundwire device driver has a buffer overflow when an unexpected port ID number is encountered, aka CID-1c668e1c0a0f. (This has been fixed in 5.12-rc4.)
CVE-2021-28950
- EPSS 0.36%
- Veröffentlicht 20.03.2021 20:15:13
- Zuletzt bearbeitet 21.11.2024 06:00:25
An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A "stall on CPU" can occur because a retry loop continually finds the same bad inode, aka CID-775c5033a0d1.
CVE-2021-28951
- EPSS 0.28%
- Veröffentlicht 20.03.2021 20:15:13
- Zuletzt bearbeitet 21.11.2024 06:00:25
An issue was discovered in fs/io_uring.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (deadlock) because exit may be waiting to park a SQPOLL thread, but concurrently that SQPOLL thread is waiting for a signal ...
CVE-2019-10196
- EPSS 1.39%
- Veröffentlicht 19.03.2021 20:15:13
- Zuletzt bearbeitet 21.11.2024 04:18:37
A flaw was found in http-proxy-agent, prior to version 2.1.0. It was discovered http-proxy-agent passes an auth option to the Buffer constructor without proper sanitization. This could result in a Denial of Service through the usage of all available ...
CVE-2021-27807
- EPSS 2.98%
- Veröffentlicht 19.03.2021 16:15:13
- Zuletzt bearbeitet 21.11.2024 05:58:36
A carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions.
CVE-2021-27906
- EPSS 3.34%
- Veröffentlicht 19.03.2021 16:15:13
- Zuletzt bearbeitet 21.11.2024 05:58:45
A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions.
CVE-2021-28834
- EPSS 2.81%
- Veröffentlicht 19.03.2021 07:15:13
- Zuletzt bearbeitet 21.11.2024 06:00:17
Kramdown before 2.3.1 does not restrict Rouge formatters to the Rouge::Formatters namespace, and thus arbitrary classes can be instantiated.
CVE-2021-28831
- EPSS 2.72%
- Veröffentlicht 19.03.2021 05:15:13
- Zuletzt bearbeitet 17.12.2025 22:15:56
decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data.
CVE-2020-25097
- EPSS 8.16%
- Veröffentlicht 19.03.2021 05:15:12
- Zuletzt bearbeitet 21.11.2024 05:17:19
An issue was discovered in Squid through 4.13 and 5.x through 5.0.4. Due to improper input validation, it allows a trusted client to perform HTTP Request Smuggling and access services otherwise forbidden by the security controls. This occurs for cert...