CVE-2021-27919
- EPSS 1.52%
- Veröffentlicht 11.03.2021 00:15:12
- Zuletzt bearbeitet 21.11.2024 05:58:48
archive/zip in Go 1.16.x before 1.16.1 allows attackers to cause a denial of service (panic) upon attempted use of the Reader.Open API for a ZIP archive in which ../ occurs at the beginning of any filename.
CVE-2021-21334
- EPSS 2.04%
- Veröffentlicht 10.03.2021 22:15:12
- Zuletzt bearbeitet 21.11.2024 05:48:02
In containerd (an industry-standard container runtime) before versions 1.3.10 and 1.4.4, containers launched through containerd's CRI implementation (through Kubernetes, crictl, or any other pod/container client that uses the containerd CRI service) ...
CVE-2021-20205
- EPSS 1.19%
- Veröffentlicht 10.03.2021 17:15:15
- Zuletzt bearbeitet 21.11.2024 05:46:07
Libjpeg-turbo versions 2.0.91 and 2.0.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted GIF image.
CVE-2021-21772
- EPSS 4.34%
- Veröffentlicht 10.03.2021 17:15:15
- Zuletzt bearbeitet 21.11.2024 05:48:56
A use-after-free vulnerability exists in the NMR::COpcPackageReader::releaseZIP() functionality of 3MF Consortium lib3mf 2.0.0. A specially crafted 3MF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerab...
CVE-2021-28116
- EPSS 13.01%
- Veröffentlicht 09.03.2021 22:15:12
- Zuletzt bearbeitet 21.11.2024 05:59:06
Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data. This can be leveraged as part of a chain for remote code execution as nobody.
CVE-2020-35524
- EPSS 1.85%
- Veröffentlicht 09.03.2021 20:15:13
- Zuletzt bearbeitet 21.11.2024 05:27:29
A heap-based buffer overflow flaw was found in libtiff in the handling of TIFF images in libtiff's TIFF2PDF tool. A specially crafted TIFF file can lead to arbitrary code execution. The highest threat from this vulnerability is to confidentiality, in...
CVE-2021-21300
- EPSS 88.64%
- Veröffentlicht 09.03.2021 20:15:13
- Zuletzt bearbeitet 21.11.2024 05:47:58
Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as well as files using a clean/smudge filter such as Git LFS, may cause just-checked out script to be e...
CVE-2020-35521
- EPSS 1.23%
- Veröffentlicht 09.03.2021 20:15:12
- Zuletzt bearbeitet 21.11.2024 05:27:29
A flaw was found in libtiff. Due to a memory allocation failure in tif_read.c, a crafted TIFF file can lead to an abort, resulting in denial of service.
CVE-2020-35522
- EPSS 1.57%
- Veröffentlicht 09.03.2021 20:15:12
- Zuletzt bearbeitet 21.11.2024 05:27:29
In LibTIFF, there is a memory malloc failure in tif_pixarlog.c. A crafted TIFF document can lead to an abort, resulting in a remote denial of service attack.
CVE-2021-20244
- EPSS 1.2%
- Veröffentlicht 09.03.2021 19:15:12
- Zuletzt bearbeitet 21.11.2024 05:46:12
A flaw was found in ImageMagick in MagickCore/visual-effects.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability ...