CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2021-3272 – jasper: Heap-based buffer over-read in jp2_decode() in jp2_dec.c
https://notcve.org/view.php?id=CVE-2021-3272
jp2_decode in jp2/jp2_dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is an invalid relationship between the number of channels and the number of image components. En la función jp2_decode en el archivo jp2/jp2_dec.c en libjasper en JasPer versión 2.0.24, presenta una lectura excesiva del búfer en la región heap de la memoria cuando existe una relación no válida entre el número de canales y el número de componentes de la imagen • https://github.com/jasper-software/jasper/issues/259 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4BZFU2F6UW4L2FJE65WJLWGUIELDWCL7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HD2Y2LT4N5ZWCMKYCUIKB3XODNJLOW3J https://access.redhat.com/security/cve/CVE-2021-3272 https://bugzilla.redhat.com/show_bug.cgi?id=1921325 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-3308
https://notcve.org/view.php?id=CVE-2021-3308
An issue was discovered in Xen 4.12.3 through 4.12.4 and 4.13.1 through 4.14.x. An x86 HVM guest with PCI pass through devices can force the allocation of all IDT vectors on the system by rebooting itself with MSI or MSI-X capabilities enabled and entries setup. Such reboots will leak any vectors used by the MSI(-X) entries that the guest might had enabled, and hence will lead to vector exhaustion on the system, not allowing further PCI pass through devices to work properly. HVM guests with PCI pass through devices can mount a Denial of Service (DoS) attack affecting the pass through of PCI devices to other guests or the hardware domain. In the latter case, this would affect the entire host. • http://www.openwall.com/lists/oss-security/2021/01/26/4 http://xenbits.xen.org/xsa/advisory-360.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S5C42TMQYB6SDVT2MPFEWY65A6RSUVBN https://security.gentoo.org/glsa/202107-30 •
CVSS: 7.8EPSS: 96%CPEs: 39EXPL: 56CVE-2021-3156 – Sudo Heap-Based Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2021-3156
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character. Sudo versiones anteriores a 1.9.5p2 contiene un error de desbordamiento que puede resultar en un desbordamiento de búfer basado en la pila, lo que permite la escalada de privilegios a root a través de "sudoedit -s" y un argumento de línea de comandos que termina con un solo carácter de barra invertida A flaw was found in sudo. A heap-based buffer overflow was found in the way sudo parses command line arguments. This flaw is exploitable by any local user who can execute the sudo command (by default, any local user can execute sudo) without authentication. Successful exploitation of this flaw could lead to privilege escalation. • https://www.exploit-db.com/exploits/49521 https://www.exploit-db.com/exploits/49522 https://github.com/blasty/CVE-2021-3156 https://github.com/worawit/CVE-2021-3156 https://github.com/stong/CVE-2021-3156 https://github.com/reverse-ex/CVE-2021-3156 https://github.com/CptGibbon/CVE-2021-3156 https://github.com/Rvn0xsy/CVE-2021-3156-plus https://github.com/mr-r3b00t/CVE-2021-3156 https://github.com/0xdevil/CVE-2021-3156 https://github.com/unauth401/CVE-20 • CWE-122: Heap-based Buffer Overflow CWE-193: Off-by-one Error •
CVSS: 4.0EPSS: 0%CPEs: 6EXPL: 0CVE-2021-2019 – mysql: Server: Security: Privileges unspecified vulnerability (CPU Jan 2021)
https://notcve.org/view.php?id=CVE-2021-2019
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 2.7 (Confidentiality impacts). • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CS5THZSGI7O2CZO44NWYE57AG2T7NK3K https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T7EAHJPWOOF4D6PEFLXW5IQWRRSZ3HRC https://security.gentoo.org/glsa/202105-27 https://security.netapp.com/advisory/ntap-20210219-0003 https://www.oracle.com/security-alerts/cpujan2021.html https://access.redhat.com/security/cve/CVE-2021-2019 https://bugzilla.redhat.com/show_bug.cgi?id=1922386 •
CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-2021 – mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021)
https://notcve.org/view.php?id=CVE-2021-2021
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CS5THZSGI7O2CZO44NWYE57AG2T7NK3K https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T7EAHJPWOOF4D6PEFLXW5IQWRRSZ3HRC https://security.gentoo.org/glsa/202105-27 https://security.netapp.com/advisory/ntap-20210219-0003 https://www.oracle.com/security-alerts/cpujan2021.html https://access.redhat.com/security/cve/CVE-2021-2021 https://bugzilla.redhat.com/show_bug.cgi?id=1922388 •