CVE-2020-13949
Summary: In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large...
Mailing List
CVE-2020-13949
Summary: In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large...
CVE-2020-13949
Summary: In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large...
CVE-2020-13949
Summary: In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large...
CVE-2020-13949
Summary: In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large...
CVE-2020-13949
Summary: In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large...
CVE-2021-27364
Summary: An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an...
CVE-2021-27364
Summary: An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an...
CVE-2021-27365
Summary: An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length...
CVE-2021-27365
Summary: An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length...
CVE-2021-28375
Summary: An issue was discovered in the Linux kernel through 5.11.6. fastrpc_internal_invoke in drivers/misc/fastrpc.c does not prevent user applications from...
CVE-2019-12425
Summary: Apache OFBiz 17.12.01 is vulnerable to Host header injection by accepting arbitrary host Reference Links(if available): https://s.apache.org/7sr1x https://lists.apache.org/thread.html/r5181b36218225447d3ce70891eeccfb6d6885309dffd7e0e59091817@%3Cuser.ofbiz.apache.org%3E https://lists.apache.org/thread.html/r907ce90745b52d2d5b6a815de03fd1d5f3831ab579a81d70cfda6f3d@%3Cuser.ofbiz.apache.org%3E...
CVE-2021-28375
Summary: An issue was discovered in the Linux kernel through 5.11.6. fastrpc_internal_invoke in drivers/misc/fastrpc.c does not prevent user applications from...
CVE-2020-13936
Summary: An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands...
CVE-2021-27918
Summary: encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder)...
CVE-2020-13936
Summary: An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands...
CVE-2019-16276
Summary: Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling. Reference Links(if available): https://groups.google.com/forum/#!msg/golang-announce/cszieYyuL9Q/g4Z7pKaqAgAJ https://github.com/golang/go/issues/34540 https://lists.fedoraproject.org/archives/list/[email protected]/message/LULL72EUUKIY4NWDZVJVN2LIB4MXHS5P/ https://lists.fedoraproject.org/archives/list/[email protected]/message/Q5MD2F7ATWSTB45ZJIPJHBAAHVRGRAKG/ https://lists.fedoraproject.org/archives/list/[email protected]/message/O7GMJ3VXF5RXK2C7CL66KJ6XOOTOL5BJ/...
CVE-2020-9484
Summary: When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if...
CVE-2020-13949
Summary: In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large...
CVE-2021-26117
Summary: The optional ActiveMQ LDAP login module can be configured to use anonymous access to the LDAP server. In this...
CVE-2020-7919
Summary: Go before 1.12.16 and 1.13.x before 1.13.7 (and the crypto/cryptobyte package before 0.0.0-20200124225646-8b5121be2f68 for Go) allows attacks on clients...
CVE-2020-1967
Summary: Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due...
CVE-2020-17516
Summary: Apache Cassandra versions 2.1.0 to 2.1.22, 2.2.0 to 2.2.19, 3.0.0 to 3.0.23, and 3.11.0 to 3.11.9, when using 'dc'...
CVE-2021-3345
Summary: _gcry_md_block_write in cipher/hash-common.c in Libgcrypt version 1.9.0 has a heap-based buffer overflow when the digest final function sets a...
