CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-0460 – Google Android fts_driver_test_write Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-0460
09 Mar 2021 — In the FingerTipS touch screen driver, there is a possible out of bounds read due to an integer overflow. • https://source.android.com/security/bulletin/pixel/2021-03-01 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2021-1844 – webkitgtk: Memory corruption issue leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2021-1844
09 Mar 2021 — Issues addressed include buffer overflow, code execution, cross site scripting, information leakage, integer overflow, traversal, and use-after-free vulnerabilities. • http://seclists.org/fulldisclosure/2021/Apr/55 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 2CVE-2021-27365 – kernel: heap buffer overflow in the iSCSI subsystem
https://notcve.org/view.php?id=CVE-2021-27365
07 Mar 2021 — Issues addressed include code execution, denial of service, integer overflow, and null pointer vulnerabilities. • https://github.com/Iweisc/Kernel-CVE-2021-27365-hotfix • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 1CVE-2021-27364 – kernel: out-of-bounds read in libiscsi module
https://notcve.org/view.php?id=CVE-2021-27364
07 Mar 2021 — Issues addressed include code execution, denial of service, integer overflow, and null pointer vulnerabilities. • http://packetstormsecurity.com/files/162117/Kernel-Live-Patch-Security-Notice-LSN-0075-1.html • CWE-125: Out-of-bounds Read •
CVSS: 4.4EPSS: 0%CPEs: 4EXPL: 1CVE-2021-27363 – kernel: iscsi: unrestricted access to sessions and handles
https://notcve.org/view.php?id=CVE-2021-27363
07 Mar 2021 — Issues addressed include code execution, denial of service, integer overflow, and null pointer vulnerabilities. • http://packetstormsecurity.com/files/162117/Kernel-Live-Patch-Security-Notice-LSN-0075-1.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-3420
https://notcve.org/view.php?id=CVE-2021-3420
05 Mar 2021 — Improper overflow validation in the memory allocation functions mEMALIGn, pvALLOc, nano_memalign, nano_valloc, nano_pvalloc could case an integer overflow, leading to an allocation of a small buffer and then to a heap-based buffer overflow. • https://bugzilla.redhat.com/show_bug.cgi?id=1934088 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-3377 – nodejs-ansi_up: XSS due to insufficient URL sanitization
https://notcve.org/view.php?id=CVE-2021-3377
05 Mar 2021 — Issues addressed include code execution, cross site scripting, denial of service, integer overflow, and null pointer vulnerabilities. • https://doyensec.com/resources/Doyensec_Advisory_ansi_up4_XSS.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-28027
https://notcve.org/view.php?id=CVE-2021-28027
05 Mar 2021 — There is an integer underflow and out-of-bounds write during the loading of a bgzip block. • https://rustsec.org/advisories/RUSTSEC-2021-0027.html • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 3CVE-2021-23346 – Regular Expression Denial of Service (ReDoS)
https://notcve.org/view.php?id=CVE-2021-23346
04 Mar 2021 — Issues addressed include code execution, cross site scripting, denial of service, integer overflow, and null pointer vulnerabilities. • https://github.com/HenrikJoreteg/html-parse-stringify/blob/master/lib/parse.js%23L2 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2021-21321 – Prefix escape
https://notcve.org/view.php?id=CVE-2021-21321
02 Mar 2021 — Issues addressed include code execution, cross site scripting, denial of service, integer overflow, and null pointer vulnerabilities. • https://github.com/fastify/fastify-reply-from/commit/dea227dda606900cc01870d08541b4dcc69d3889 • CWE-20: Improper Input Validation •