CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 1CVE-2021-21703 – PHP-FPM memory access in root process leading to privilege escalation
https://notcve.org/view.php?id=CVE-2021-21703
25 Oct 2021 — In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main FPM daemon process running as root and child worker processes running as lower-privileged users, it is possible for the child processes to access memory shared with the main process and write to it, modifying it in a way that would cause the root process to conduct invalid memory reads and writes, which can be used to escalate privileges from local unprivileged user to the root us... • http://www.openwall.com/lists/oss-security/2021/10/26/7 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-284: Improper Access Control CWE-787: Out-of-bounds Write •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 2CVE-2021-42716 – Gentoo Linux Security Advisory 202409-15
https://notcve.org/view.php?id=CVE-2021-42716
21 Oct 2021 — An issue was discovered in stb stb_image.h 2.27. The PNM loader incorrectly interpreted 16-bit PGM files as 8-bit when converting to RGBA, leading to a buffer overflow when later reinterpreting the result as a 16-bit buffer. An attacker could potentially have crashed a service using stb_image, or read up to 1024 bytes of non-consecutive heap data without control over the read location. Se ha detectado un problema en stb stb_image.h versión 2.27. El cargador de PNM interpretaba incorrectamente los archivos P... • https://github.com/nothings/stb/issues/1166 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-42715 – Gentoo Linux Security Advisory 202409-15
https://notcve.org/view.php?id=CVE-2021-42715
21 Oct 2021 — An issue was discovered in stb stb_image.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An attacker could potentially have caused denial of service in applications using stb_image by submitting crafted HDR files. Se ha detectado un problema en stb stb_image.h versiones 1.33 hasta 2.27. El cargador HDR analizaba líneas de exploración RLE truncadas al final del archivo como una secuencia infinita de ejecuciones de longitud cero. • https://github.com/nothings/stb/issues/1224 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 1CVE-2021-41160 – Improper region checks in FreeRDP allow out of bound write to memory
https://notcve.org/view.php?id=CVE-2021-41160
21 Oct 2021 — FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a malicious server might trigger out of bound writes in a connected client. Connections using GDI or SurfaceCommands to send graphics updates to the client might send `0` width/height or out of bound rectangles to trigger out of bound writes. With `0` width or heigth the memory allocation will be `0` but the missing bounds checks allow writing to the pointer at this (not allocated) ... • https://github.com/Jajangjaman/CVE-2021-41160 • CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 0%CPEs: 7EXPL: 1CVE-2021-42762 – Debian Security Advisory 4995-1
https://notcve.org/view.php?id=CVE-2021-42762
20 Oct 2021 — BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not confined by the sandbox, by abusing VFS syscalls that manipulate its filesystem namespace. The impact is limited to host services that create UNIX sockets that WebKit mounts inside its sandbox, and the sandboxed process remains otherwise confined. NOTE: this is similar to CVE-2021-41133. El archivo BubblewrapLaunch... • http://www.openwall.com/lists/oss-security/2021/10/26/9 •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2021-35610 – mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2021)
https://notcve.org/view.php?id=CVE-2021-35610
20 Oct 2021 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL S... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MLAXYFLUDC636S46X34USCLDZAOFBM2 •
CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 0CVE-2021-35608 – mysql: Server: Group Replication Plugin unspecified vulnerability (CPU Oct 2021)
https://notcve.org/view.php?id=CVE-2021-35608
20 Oct 2021 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 8.0.26 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 5.3 (Availability impacts). • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MLAXYFLUDC636S46X34USCLDZAOFBM2 •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-35607 – mysql: Server: DML unspecified vulnerability (CPU Oct 2021)
https://notcve.org/view.php?id=CVE-2021-35607
20 Oct 2021 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MLAXYFLUDC636S46X34USCLDZAOFBM2 •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0CVE-2021-35604 – mysql: InnoDB unspecified vulnerability (CPU Oct 2021)
https://notcve.org/view.php?id=CVE-2021-35604
20 Oct 2021 — Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.35 and prior and 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2UTW5KMPPDKIMGB4ULE2HS22HYLVKYIH •
CVSS: 5.0EPSS: 0%CPEs: 6EXPL: 0CVE-2021-35602 – mysql: Server: Options unspecified vulnerability (CPU Oct 2021)
https://notcve.org/view.php?id=CVE-2021-35602
20 Oct 2021 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported versions that are affected are 8.0.26 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL ... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MLAXYFLUDC636S46X34USCLDZAOFBM2 •