CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 2CVE-2021-20308 – Gentoo Linux Security Advisory 202405-07
https://notcve.org/view.php?id=CVE-2021-20308
05 Apr 2021 — Integer overflow in the htmldoc 1.9.11 and before may allow attackers to execute arbitrary code and cause a denial of service that is similar to CVE-2017-9181. El desbordamiento de enteros en htmldoc versiones 1.9.11 y anteriores, puede permitir a atacantes ejecutar código arbitrario y causar una denegación de servicio similar a CVE-2017-9181 It was discovered that HTMLDOC incorrectly handled certain inputs, which could lead to an integer overflow. • https://bugzilla.redhat.com/show_bug.cgi?id=1946289 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.1EPSS: 0%CPEs: 8EXPL: 0CVE-2021-20305 – nettle: Out of bounds memory access in signature verification
https://notcve.org/view.php?id=CVE-2021-20305
05 Apr 2021 — Issues addressed include code execution, cross site scripting, denial of service, integer overflow, and null pointer vulnerabilities. • https://bugzilla.redhat.com/show_bug.cgi?id=1942533 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 54%CPEs: 24EXPL: 3CVE-2021-28165 – jetty: Resource exhaustion when receiving an invalid large TLS frame
https://notcve.org/view.php?id=CVE-2021-28165
01 Apr 2021 — Issues addressed include denial of service and integer overflow vulnerabilities. • https://github.com/uthrasri/CVE-2021-28165 • CWE-400: Uncontrolled Resource Consumption CWE-551: Incorrect Behavior Order: Authorization Before Parsing and Canonicalization CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 4.0EPSS: 0%CPEs: 33EXPL: 1CVE-2021-28163 – jetty: Symlink directory exposes webapp directory contents
https://notcve.org/view.php?id=CVE-2021-28163
01 Apr 2021 — Issues addressed include denial of service and integer overflow vulnerabilities. • https://github.com/eclipse/jetty.project/security/advisories/GHSA-j6qj-j888-vvgq • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.1EPSS: 37%CPEs: 1EXPL: 2CVE-2021-28918 – nodejs-netmask: improper input validation of octal input data
https://notcve.org/view.php?id=CVE-2021-28918
01 Apr 2021 — Issues addressed include code execution, cross site scripting, denial of service, integer overflow, and null pointer vulnerabilities. • https://github.com/advisories/GHSA-pch5-whg9-qr2r • CWE-704: Incorrect Type Conversion or Cast CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-3477 – Gentoo Linux Security Advisory 202107-27
https://notcve.org/view.php?id=CVE-2021-3477
31 Mar 2021 — An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger an integer overflow, subsequently leading to an out-of-bounds read. • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26956 • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-29418 – nodejs-netmask: incorrectly parses an IP address that has octal integer with invalid character
https://notcve.org/view.php?id=CVE-2021-29418
30 Mar 2021 — Issues addressed include code execution, cross site scripting, denial of service, integer overflow, and null pointer vulnerabilities. • https://github.com/rs/node-netmask/commit/3f19a056c4eb808ea4a29f234274c67bc5a848f4 • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-3474 – Ubuntu Security Notice USN-4900-1
https://notcve.org/view.php?id=CVE-2021-3474
30 Mar 2021 — There's a flaw in OpenEXR in versions before 3.0.0-beta. A crafted input file that is processed by OpenEXR could cause a shift overflow in the FastHufDecoder, potentially leading to problems with application availability. Se presenta un fallo en OpenEXR en versiones anteriores a 3.0.0-beta. Un archivo de entrada diseñado que es procesado por OpenEXR podría causar un desbordamiento de cambios en FastHufDecoder, lo que podría generar problemas con la disponibilidad de la aplicación. It was discovered tha... • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24831 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-3475 – Gentoo Linux Security Advisory 202107-27
https://notcve.org/view.php?id=CVE-2021-3475
30 Mar 2021 — An attacker who can submit a crafted file to be processed by OpenEXR could cause an integer overflow, potentially leading to problems with application availability. • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25297 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-3476 – Gentoo Linux Security Advisory 202107-27
https://notcve.org/view.php?id=CVE-2021-3476
30 Mar 2021 — A flaw was found in OpenEXR's B44 uncompression functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to OpenEXR could trigger shift overflows, potentially affecting application availability. Se encontró un fallo en la funcionalidad uncompression B44 de OpenEXR en versiones anteriores a 3.0.0-beta. Un atacante que pueda enviar un archivo diseñado a OpenEXR podría desencadenar desbordamientos de turno, lo que podría afectar la disponibilidad de la aplicación. Mult... • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24787 • CWE-190: Integer Overflow or Wraparound •