Page 19 of 982 results (0.007 seconds)

CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0

CVE-2021-21195

https://notcve.org/view.php?id=CVE-2021-21195

Use after free in V8 in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en V8 en Google Chrome versiones anteriores a 89.0.4389.114, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada • https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop_30.html https://crbug.com/1182647 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EAJ42L4JFPBJATCZ7MOZQTUDGV4OEHHG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U3GZ42MYPGD35V652ZPVPYYS7A7LVXVY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUZBGKGVZADNA3I24NVG7HAYYUTOSN5A https://security.gentoo.org/glsa/202104-08 • CWE-416: Use After Free •

CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 1

CVE-2021-3448 – dnsmasq: fixed outgoing port used when --server is used with an interface name

https://notcve.org/view.php?id=CVE-2021-3448

A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ID to forge a reply and get it accepted by dnsmasq. This flaw makes a DNS Cache Poisoning attack much easier. The highest threat from this vulnerability is to data integrity. • https://bugzilla.redhat.com/show_bug.cgi?id=1939368 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CVTJUOFFFHINLKWAOC2ZSC5MOPD4SJ24 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHG7GWSQWKF7JXIMLOGJBKZWBB4VIAJ7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GHURNEHHUBSW45KMIZ4FNBCSUPWPGV5V https://security.gentoo.org/glsa/202105-20 https://www.oracle.com/security-alerts/cpujan2022.html https://access • CWE-358: Improperly Implemented Security Check for Standard •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 2

CVE-2021-30184

https://notcve.org/view.php?id=CVE-2021-30184

GNU Chess 6.2.7 allows attackers to execute arbitrary code via crafted PGN (Portable Game Notation) data. This is related to a buffer overflow in the use of a .tmp.epd temporary file in the cmd_pgnload and cmd_pgnreplay functions in frontend/cmd.cc. GNU Chess versión 6.2.7, permite a atacantes ejecutar código arbitrario por medio de datos PGN (Portable Game Notation) diseñados. Esto está relacionado con un desbordamiento de búfer en el uso de un archivo temporal .tmp.epd en las funciones cmd_pgnload y cmd_pgnreplay en el archivo frontend/cmd.cc • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QC74RWMDLSQGV6Z3ZABNTPABB33S4YNF https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SOGPLC77ZL2FACSOE5MWDS3YH3RBNQAQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XXOTMUSBVUZNA3JMPG6BU37DQW2YOJWS https://lists.gnu.org/archive/html/bug-gnu-chess/2021-04/msg00000.html https://lists.gnu.org/archive/html/bug-gnu-chess/2021-04/msg00001.html https://security • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0

CVE-2021-30178

https://notcve.org/view.php?id=CVE-2021-30178

An issue was discovered in the Linux kernel through 5.11.11. synic_get in arch/x86/kvm/hyperv.c has a NULL pointer dereference for certain accesses to the SynIC Hyper-V context, aka CID-919f4ebc5987. Se detectó un problema en el kernel de Linux versiones hasta 5.11.11. La función synic_get en el archivo arch/x86/kvm/hyperv.c presenta una desreferencia de puntero NULL para determinados accesos en el contexto SynIC Hyper-V, también se conoce como CID-919f4ebc5987 • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=919f4ebc598701670e80e31573a58f1f2d2bf918 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IJ5GEETMX3ERQ4DF3GSS2XPNSOOK44OB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGQDVYCDM3F5VXUZIADIV2ERL3AJXNJS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5YFGIIF24475A2LNW3UWHW2SNCS3G7M • CWE-476: NULL Pointer Dereference •

CVSS: 9.8EPSS: 1%CPEs: 7EXPL: 0

CVE-2021-20307

https://notcve.org/view.php?id=CVE-2021-20307

Format string vulnerability in panoFileOutputNamesCreate() in libpano13 2.9.20~rc2+dfsg-3 and earlier can lead to read and write arbitrary memory values. Una vulnerabilidad de cadena de formato en la función panoFileOutputNamesCreate() en libpano versiones 13 2.9.20~rc2+dfsg-3 y anteriores, puede conllevar a leer y escribir valores de memoria arbitrarios • https://bugzilla.redhat.com/show_bug.cgi?id=1946284 https://lists.debian.org/debian-lts-announce/2021/04/msg00010.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FVJRXUOBN56ZWP6QQ3NTA6DIFZMDZAEQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JE6YZSXNVD6WZ3AG3ENL2DIHQFF24LYX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VYDYBKHT2MNMQCUMAVJNZW4VH6MD5BOF https://security.gentoo.org/glsa/202107-47 ht • CWE-134: Use of Externally-Controlled Format String •