CVSS: 5.9EPSS: 2%CPEs: 38EXPL: 2CVE-2021-23841 – Null pointer deref in X509_issuer_and_serial_hash()
https://notcve.org/view.php?id=CVE-2021-23841
16 Feb 2021 — Issues addressed include buffer over-read, heap overflow, integer overflow, and null pointer vulnerabilities. • https://github.com/Trinadh465/external_boringssl_openssl_1.1.0g_CVE-2021-23841 • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 0%CPEs: 9EXPL: 1CVE-2021-27219 – glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits
https://notcve.org/view.php?id=CVE-2021-27219
15 Feb 2021 — The function g_bytes_new has an integer overflow on 64-bit platforms due to an implicit cast from 64 bits to 32 bits. ...  El desbordamiento podría conllevar a una corrupción de la memoria An integer wraparound was discovered in glib due to passing a 64 bit sized value to function g_memdup() which accepts a 32 bits number as argument. ... Issues addressed include integer overflow and privilege escalation vulnerabilities. • https://gitlab.gnome.org/GNOME/glib/-/issues/2319 • CWE-681: Incorrect Conversion between Numeric Types CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2021-27218 – glib: integer overflow in g_byte_array_new_take function when called with a buffer of 4GB or more on a 64-bit platform
https://notcve.org/view.php?id=CVE-2021-27218
15 Feb 2021 — An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If g_byte_array_new_take() was called with a buffer of 4GB or more on a 64-bit platform, the length would be truncated modulo 2**32, causing unintended length truncation. Se detectó un problema en GNOME GLib versiones anteriores a 2.66.7 y versiones 2.67.x anteriores a 2.67.4. Si se llamó a la función g_byte_array_new_take() con un búfer de 4 GB o más sobre una plataforma de 64 bits, la longitud debería ser truncada módulo 2*... • https://gitlab.gnome.org/GNOME/glib/-/merge_requests/1942 • CWE-190: Integer Overflow or Wraparound CWE-681: Incorrect Conversion between Numeric Types •
CVSS: 5.9EPSS: 0%CPEs: 19EXPL: 1CVE-2021-23336 – Web Cache Poisoning
https://notcve.org/view.php?id=CVE-2021-23336
15 Feb 2021 — Issues addressed include denial of service and integer overflow vulnerabilities. • http://www.openwall.com/lists/oss-security/2021/02/19/4 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 7.2EPSS: 0%CPEs: 48EXPL: 6CVE-2021-23337 – Command Injection
https://notcve.org/view.php?id=CVE-2021-23337
15 Feb 2021 — Issues addressed include code execution, cross site scripting, denial of service, integer overflow, and null pointer vulnerabilities. • https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.3EPSS: 0%CPEs: 42EXPL: 6CVE-2020-28500 – Regular Expression Denial of Service (ReDoS)
https://notcve.org/view.php?id=CVE-2020-28500
15 Feb 2021 — Issues addressed include code execution, cross site scripting, denial of service, integer overflow, and null pointer vulnerabilities. • https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.3EPSS: 0%CPEs: 20EXPL: 0CVE-2021-1805 – Apple macOS process_token_BindQueryBufferMultiple Out-Of-Bounds Write Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-1805
12 Feb 2021 — Security Update 2021-003 Mojave addresses buffer overflow, code execution, denial of service, double free, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • http://seclists.org/fulldisclosure/2021/Apr/54 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2021-1806 – Apple macOS process_token_BlitLibSetup2D Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-1806
12 Feb 2021 — Security Update 2021-003 Mojave addresses buffer overflow, code execution, denial of service, double free, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • http://seclists.org/fulldisclosure/2021/Apr/54 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-19005 – autotrace: bitmap double free in main.c allows attackers to cause an unspecified impact
https://notcve.org/view.php?id=CVE-2019-19005
11 Feb 2021 — Issues addressed include double free and integer overflow vulnerabilities. • https://github.com/autotrace/autotrace/commits/master • CWE-415: Double Free •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-19004 – autotrace: integer overflow in input-bmp.c
https://notcve.org/view.php?id=CVE-2019-19004
11 Feb 2021 — A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image. ... Issues addressed include double free and integer overflow vulnerabilities. • https://github.com/autotrace/autotrace/commits/master • CWE-190: Integer Overflow or Wraparound •