CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-33712
https://notcve.org/view.php?id=CVE-2021-33712
08 Jun 2021 — This could allow a remote authenticated attacker to escalate privileges. • https://cert-portal.siemens.com/productcert/pdf/ssa-522654.pdf • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0CVE-2020-36385 – kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free
https://notcve.org/view.php?id=CVE-2020-36385
07 Jun 2021 — This could allow a local attacker to crash the system, corrupt memory or escalate privileges. • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10 • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-32029 – postgresql: Memory disclosure in partitioned-table UPDATE ... RETURNING
https://notcve.org/view.php?id=CVE-2021-32029
28 May 2021 — An authenticated attacker could possibly use this issue to overwrite server memory and escalate privileges. • https://bugzilla.redhat.com/show_bug.cgi?id=1956883 • CWE-125: Out-of-bounds Read CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0CVE-2021-32027 – postgresql: Buffer overrun from integer overflow in array subscripting calculations
https://notcve.org/view.php?id=CVE-2021-32027
28 May 2021 — An authenticated attacker could possibly use this issue to overwrite server memory and escalate privileges. • https://bugzilla.redhat.com/show_bug.cgi?id=1956876 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-190: Integer Overflow or Wraparound •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-32028 – postgresql: Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE
https://notcve.org/view.php?id=CVE-2021-32028
28 May 2021 — An authenticated attacker could possibly use this issue to overwrite server memory and escalate privileges. • https://bugzilla.redhat.com/show_bug.cgi?id=1956877 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0CVE-2021-33200 – kernel: out-of-bounds reads and writes due to enforcing incorrect limits for pointer arithmetic operations by BPF verifier
https://notcve.org/view.php?id=CVE-2021-33200
27 May 2021 — This can be abused to perform out-of-bounds reads and writes in kernel memory, leading to local privilege escalation to root. ... An incorrect limit is enforced for pointer arithmetic operations which can be abused to perform out-of-bounds reads and writes in kernel memory, leading to local privilege escalation. • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3d0220f6861d713213b015b582e9f21e5b28d2e0 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-32457
https://notcve.org/view.php?id=CVE-2021-32457
26 May 2021 — Trend Micro Home Network Security version 6.6.604 and earlier is vulnerable to an iotcl stack-based buffer overflow vulnerability which could allow an attacker to issue a specially crafted iotcl to escalate privileges on affected devices. • https://helpcenter.trendmicro.com/en-us/article/TMKA-10337 • CWE-787: Out-of-bounds Write •
CVSS: 8.7EPSS: 0%CPEs: 22EXPL: 2CVE-2021-22543 – Improper memory handling in Linux KVM
https://notcve.org/view.php?id=CVE-2021-22543
26 May 2021 — This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation. ... This flaw allows users who can start and control a VM to read/write random pages of memory, resulting in local privilege escalation. • https://packetstorm.news/files/id/179984 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-863: Incorrect Authorization •
CVSS: 7.3EPSS: 0%CPEs: 5EXPL: 0CVE-2021-32555 – apport read_file() function could follow maliciously constructed symbolic links
https://notcve.org/view.php?id=CVE-2021-32555
26 May 2021 — A local attacker could use these issues to read and write arbitrary files as an administrator, and possibly escalate privileges. • https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-61: UNIX Symbolic Link (Symlink) Following •
CVSS: 9.3EPSS: 0%CPEs: 30EXPL: 0CVE-2021-30735 – Apple macOS process_token_VPHAL Out-Of-Bounds Write Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-30735
26 May 2021 — Se abordó un problema de escritura fuera de límites con una comprobación de límites mejorada This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. ... An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel. • https://support.apple.com/en-us/HT212529 • CWE-787: Out-of-bounds Write •