CVE-2021-38512
Summary: An issue was discovered in the actix-http crate before 3.0.0-beta.9 for Rust. HTTP/1 request smuggling (aka HRS) can occur,...
MISC
CVE-2021-38589
Summary: In cPanel before 96.0.13, scripts/fix-cpanel-perl does not properly restrict the overwriting of files (SEC-588). Reference Links(if available): https://docs.cpanel.net/changelogs/96-change-log/ CVSS...
CVE-2021-38587
Summary: In cPanel before 96.0.13, scripts/fix-cpanel-perl mishandles the creation of temporary files (SEC-586). Reference Links(if available): https://docs.cpanel.net/changelogs/96-change-log/ CVSS Score (if...
CVE-2021-38585
Summary: The WHM Locale Upload feature in cPanel before 98.0.1 allows unserialization attacks (SEC-585). Reference Links(if available): https://docs.cpanel.net/changelogs/98-change-log/ CVSS Score...
CVE-2021-38584
Summary: The WHM Locale Upload feature in cPanel before 98.0.1 allows XXE attacks (SEC-585). Reference Links(if available): https://docs.cpanel.net/changelogs/98-change-log/ CVSS Score...
CVE-2021-29376
Summary: ircII before 20210314 allows remote attackers to cause a denial of service (segmentation fault and client crash, disconnecting the...
CVE-2021-31292
Summary: An integer overflow in CrwMap::encode0x1810 of Exiv2 0.27.3 allows attackers to trigger a heap-based buffer overflow and cause a...
CVE-2021-1106
Summary: NVIDIA Linux kernel distributions contain a vulnerability in nvmap, where writes may be allowed to read-only buffers, which may...
CVE-2020-28052
Summary: An issue was discovered in Legion of the Bouncy Castle BC Java 1.65 and 1.66. The OpenBSDBCrypt.checkPassword utility method...
CVE-2021-38592
Summary: Wasm3 0.5.0 has a heap-based buffer overflow in op_Const64 (called from EvaluateExpression and m3_LoadModule). Reference Links(if available): https://github.com/google/oss-fuzz-vulns/blob/main/vulns/wasm3/OSV-2021-676.yaml https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33554...
CVE-2021-38380
Summary: Live555 through 1.08 mishandles huge requests for the same MP3 stream, leading to recursion and s stack-based buffer over-read....
CVE-2021-3649
Summary: chatwoot is vulnerable to Inefficient Regular Expression Complexity Reference Links(if available): https://github.com/chatwoot/chatwoot/commit/aa7db90cd2d23dbcf22a94f1e4c100dd909e2172 https://huntr.dev/bounties/1625088985607-chatwoot/chatwoot CVSS Score (if available) v2: /...
CVE-2021-37663
Summary: TensorFlow is an end-to-end open source platform for machine learning. In affected versions due to incomplete validation in `tf.raw_ops.QuantizeV2`,...
CVE-2021-37665
Summary: TensorFlow is an end-to-end open source platform for machine learning. In affected versions due to incomplete validation in MKL...
CVE-2021-33708
Summary: Due to insufficient input validation in Kyma, authenticated users can pass a Header of their choice and escalate privileges....
CVE-2021-38511
Summary: An issue was discovered in the tar crate before 0.4.36 for Rust. When symlinks are present in a TAR...
CVE-2021-33486
Summary: All versions of the CODESYS V3 Runtime Toolkit for VxWorks from version V3.5.8.0 and before version V3.5.17.10 have Improper...
CVE-2021-38111
Summary: The DEF CON 27 badge allows remote attackers to exploit a buffer overflow by sending an oversized packet via...
CVE-2020-22036
Summary: A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_intra at libavfilter/vf_bwdif.c, which might lead to memory corruption...
CVE-2021-3246
Summary: A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted...
CVE-2021-3246
Summary: A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted...
CVE-2021-3246
Summary: A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted...
CVE-2020-21684
Summary: A global buffer overflow in the put_font in genpict2e.c of fig2dev 3.2.7b allows attackers to cause a denial of...
CVE-2021-28216
Summary: BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting PcdFirmwarePerformanceDataTableS3Support to FALSE. Reference Links(if available): https://bugzilla.tianocore.org/show_bug.cgi?id=2957...
