CVE-2021-28089
- EPSS 1.67%
- Veröffentlicht 19.03.2021 05:15:12
- Zuletzt bearbeitet 21.11.2024 05:59:04
Tor before 0.4.5.7 allows a remote participant in the Tor directory protocol to exhaust CPU resources on a target, aka TROVE-2021-001.
CVE-2021-28090
- EPSS 2.1%
- Veröffentlicht 19.03.2021 05:15:12
- Zuletzt bearbeitet 21.11.2024 05:59:04
Tor before 0.4.5.7 allows a remote attacker to cause Tor directory authorities to exit with an assertion failure, aka TROVE-2021-002.
- EPSS 0.46%
- Veröffentlicht 18.03.2021 20:15:13
- Zuletzt bearbeitet 21.11.2024 06:21:27
A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use th...
CVE-2020-26797
- EPSS 4.24%
- Veröffentlicht 18.03.2021 20:15:12
- Zuletzt bearbeitet 21.11.2024 05:20:18
Mediainfo before version 20.08 has a heap buffer overflow vulnerability via MediaInfoLib::File_Gxf::ChooseParser_ChannelGrouping.
CVE-2020-27827
- EPSS 3.24%
- Veröffentlicht 18.03.2021 17:15:13
- Zuletzt bearbeitet 03.12.2025 19:15:51
A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerabilit...
CVE-2021-28660
- EPSS 1.32%
- Veröffentlicht 17.03.2021 15:15:13
- Zuletzt bearbeitet 21.11.2024 06:00:02
rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the ->ssid[] array. NOTE: from the perspective of kernel.org releases, CVE IDs are not normally used for drivers/sta...
CVE-2021-27291
- EPSS 3.83%
- Veröffentlicht 17.03.2021 13:15:15
- Zuletzt bearbeitet 21.11.2024 05:57:45
In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have exponential or cubic worst-case complexity and are vulnerable to ReDoS. By crafting malicious i...
CVE-2021-28650
- EPSS 0.53%
- Veröffentlicht 17.03.2021 06:15:14
- Zuletzt bearbeitet 21.11.2024 06:00:01
autoar-extractor.c in GNOME gnome-autoar before 0.3.1, as used by GNOME Shell, Nautilus, and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink in certain complex situations. ...
CVE-2021-21192
- EPSS 1.48%
- Veröffentlicht 16.03.2021 15:15:13
- Zuletzt bearbeitet 21.11.2024 05:47:44
Heap buffer overflow in tab groups in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21193
- EPSS 9.87%
- Veröffentlicht 16.03.2021 15:15:13
- Zuletzt bearbeitet 24.10.2025 21:00:22
Use after free in Blink in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.