CVE-2021-37712
Summary: The npm package "tar" (aka node-tar) before versions 4.4.18, 5.0.10, and 6.1.9 has an arbitrary file creation/overwrite and arbitrary...
Vulnerabilities
CVE-2021-41133
Summary: Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions prior to 1.10.4...
CVE-2021-41133
Summary: Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions prior to 1.10.4...
CVE-2021-41133
Summary: Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions prior to 1.10.4...
CVE-2021-42340
Summary: The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1.0-M5, 10.0.0-M1 to 10.0.11, 9.0.40 to 9.0.53 and...
CVE-2021-42340
Summary: The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1.0-M5, 10.0.0-M1 to 10.0.11, 9.0.40 to 9.0.53 and...
CVE-2021-40348
Summary: Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code injection. rhn-config-satellite.pl doesn't sanitize the configuration filename used to...
CVE-2021-4019
Summary: vim is vulnerable to Heap-based Buffer Overflow Reference Links(if available): https://github.com/vim/vim/commit/bd228fd097b41a798f90944b5d1245eddd484142 https://huntr.dev/bounties/d8798584-a6c9-4619-b18f-001b9a6fca92 https://lists.fedoraproject.org/archives/list/[email protected]/message/DRPAI5JVZLI7WHWSBR6NWAPBQAYUQREW/ CVSS Score (if available) v2: /...
CVE-2021-21899
Summary: A code execution vulnerability exists in the dwgCompressor::copyCompBytes21 functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dwg file can lead...
CVE-2021-21899
Summary: A code execution vulnerability exists in the dwgCompressor::copyCompBytes21 functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dwg file can lead...
CVE-2021-21900
Summary: A code execution vulnerability exists in the dxfRW::processLType() functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dxf file can lead...
CVE-2021-21900
Summary: A code execution vulnerability exists in the dxfRW::processLType() functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dxf file can lead...
CVE-2020-36133
Summary: AOM v2.0.1 was discovered to contain a global buffer overflow via the component av1/encoder/partition_search.h. Reference Links(if available): https://bugs.chromium.org/p/aomedia/issues/detail?id=2913&q=&can=1 CVSS...
CVE-2020-36131
Summary: AOM v2.0.1 was discovered to contain a stack buffer overflow via the component stats/rate_hist.c. Reference Links(if available): https://bugs.chromium.org/p/aomedia/issues/detail?id=2911&q=&can=1 CVSS...
CVE-2020-36129
Summary: AOM v2.0.1 was discovered to contain a stack buffer overflow via the component src/aom_image.c. Reference Links(if available): https://bugs.chromium.org/p/aomedia/issues/detail?id=2912&q=&can=1 CVSS...
CVE-2021-34424
Summary: A vulnerability was discovered in the Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version...
CVE-2021-34424
Summary: A vulnerability was discovered in the Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version...
CVE-2021-40829
Summary: Connections initialized by the AWS IoT Device SDK v2 for Java (versions prior to 1.4.2), Python (versions prior to...
CVE-2021-40831
Summary: The AWS IoT Device SDK v2 for Java, Python, C++ and Node.js appends a user supplied Certificate Authority (CA)...
CVE-2021-40830
Summary: The AWS IoT Device SDK v2 for Java, Python, C++ and Node.js appends a user supplied Certificate Authority (CA)...
CVE-2021-20859
Summary: ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B...
CVE-2021-40101
Summary: An issue was discovered in Concrete CMS before 8.5.7. The Dashboard allows a user's password to be changed without...
CVE-2021-43790
Summary: Lucet is a native WebAssembly compiler and runtime. There is a bug in the main branch of `lucet-runtime` affecting...
CVE-2021-3552
Summary: A Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateService component of Bitdefender Endpoint Security Tools allows an attacker to...
