CVSS: 4.9EPSS: 0%CPEs: 7EXPL: 0CVE-2021-2342 – mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021)
https://notcve.org/view.php?id=CVE-2021-2342
20 Jul 2021 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OO2Q5PIFURXLLKCIJE6XF6VL4LLMNO5 •
CVSS: 5.3EPSS: 0%CPEs: 35EXPL: 1CVE-2021-22897
https://notcve.org/view.php?id=CVE-2021-22897
11 Jun 2021 — curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. The selected cipher set was stored in a single "static" variable in the library, which has the surprising side-effect that if an application sets up multiple concurrent transfers, the last one that sets the ciphers will accidentally control the set used by all transfers. In a worst-case scenario, this weakens transpo... • https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf • CWE-668: Exposure of Resource to Wrong Sphere CWE-840: Business Logic Errors •
CVSS: 3.1EPSS: 0%CPEs: 18EXPL: 2CVE-2021-22898 – curl: TELNET stack contents disclosure
https://notcve.org/view.php?id=CVE-2021-22898
26 May 2021 — curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEW_ENV variables, libcurl could be made to pass on uninitialized data from a stack based buffer to the server, resulting in potentially revealing sensitive internal information to the server using a clear-text network protocol. curl versiones 7.7 hasta 7.76.1 suf... • http://www.openwall.com/lists/oss-security/2021/07/21/4 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-908: Use of Uninitialized Resource CWE-909: Missing Initialization of Resource •
CVSS: 8.1EPSS: 8%CPEs: 40EXPL: 2CVE-2021-22901 – curl: Use-after-free in TLS session handling when using OpenSSL TLS backend
https://notcve.org/view.php?id=CVE-2021-22901
26 May 2021 — curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. A malicious server can use this in rare unfortunate circumstances to potentially reach remote code execution in the client. When libcurl at run-time sets up support for TLS 1.3 session tickets on a connection using OpenSSL, it stores pointers to the transfer in-memory object for later retrieval when a session ticket arrives. If the conne... • https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf • CWE-416: Use After Free •
CVSS: 5.9EPSS: 5%CPEs: 205EXPL: 1CVE-2021-3449 – NULL pointer deref in signature_algorithms processing
https://notcve.org/view.php?id=CVE-2021-3449
25 Mar 2021 — An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS c... • https://github.com/riptl/cve-2021-3449 • CWE-476: NULL Pointer Dereference •
CVSS: 7.4EPSS: 0%CPEs: 56EXPL: 0CVE-2021-3450 – CA certificate check bypass with X509_V_FLAG_X509_STRICT
https://notcve.org/view.php?id=CVE-2021-3450
25 Mar 2021 — The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an additional strict check. An error in the implementation of this check meant that the result of a previous check to confirm that certificates in the chain are valid CA certificates was overwritten. This effectivel... • http://www.openwall.com/lists/oss-security/2021/03/27/1 • CWE-295: Improper Certificate Validation •
CVSS: 7.8EPSS: 1%CPEs: 34EXPL: 0CVE-2021-21348 – XStream is vulnerable to an attack using Regular Expression for a Denial of Service (ReDos)
https://notcve.org/view.php?id=CVE-2021-21348
22 Mar 2021 — XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to occupy a thread that consumes maximum CPU time and will never return. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.16. XStream es un... • http://x-stream.github.io/changes.html#1.4.16 • CWE-400: Uncontrolled Resource Consumption CWE-502: Deserialization of Untrusted Data •
CVSS: 9.1EPSS: 87%CPEs: 34EXPL: 1CVE-2021-21351 – XStream is vulnerable to an Arbitrary Code Execution attack
https://notcve.org/view.php?id=CVE-2021-21351
22 Mar 2021 — XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least versi... • http://x-stream.github.io/changes.html#1.4.16 • CWE-434: Unrestricted Upload of File with Dangerous Type CWE-502: Deserialization of Untrusted Data •
CVSS: 9.8EPSS: 11%CPEs: 35EXPL: 1CVE-2021-21344 – XStream is vulnerable to an Arbitrary Code Execution attack
https://notcve.org/view.php?id=CVE-2021-21344
22 Mar 2021 — XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least... • http://x-stream.github.io/changes.html#1.4.16 • CWE-434: Unrestricted Upload of File with Dangerous Type CWE-502: Deserialization of Untrusted Data •
CVSS: 7.5EPSS: 0%CPEs: 67EXPL: 1CVE-2021-23840 – Integer overflow in CipherUpdate
https://notcve.org/view.php?id=CVE-2021-23840
16 Feb 2021 — Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrad... • https://github.com/Trinadh465/openssl-1.1.1g_CVE-2021-23840 • CWE-190: Integer Overflow or Wraparound •