‼ CVE-2021-4193 ‼
📖 Read
via "National Vulnerability Database".
vim is vulnerable to Out-of-bounds Read📖 Read
via "National Vulnerability Database".
‼ CVE-2021-4192 ‼
📖 Read
via "National Vulnerability Database".
vim is vulnerable to Use After Free📖 Read
via "National Vulnerability Database".
‼ CVE-2021-45933 ‼
📖 Read
via "National Vulnerability Database".
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow (8 bytes) in MqttDecode_Publish (called from MqttClient_DecodePacket and MqttClient_HandlePacket).📖 Read
via "National Vulnerability Database".
‼ CVE-2021-45926 ‼
📖 Read
via "National Vulnerability Database".
MDB Tools (aka mdbtools) 0.9.2 has a stack-based buffer overflow (at 0x7ffd0c689be0) in mdb_numeric_to_string (called from mdb_xfer_bound_data and _mdb_attempt_bind).📖 Read
via "National Vulnerability Database".
‼ CVE-2021-45940 ‼
📖 Read
via "National Vulnerability Database".
libbpf 0.6.0 and 0.6.1 has a heap-based buffer overflow (4 bytes) in __bpf_object__open (called from bpf_object__open_mem and bpf-object-fuzzer.c).📖 Read
via "National Vulnerability Database".
‼ CVE-2021-45928 ‼
📖 Read
via "National Vulnerability Database".
libjxl before 0.6, as used in libvips 8.11 through 8.11.2 and other products, has an out-of-bounds write in jxl::ModularFrameDecoder::DecodeGroup (called from jxl::FrameDecoder::ProcessACGroup and jxl::ThreadPool::RunCallState<jxl::FrameDecoder::ProcessSections).📖 Read
via "National Vulnerability Database".
‼ CVE-2021-45934 ‼
📖 Read
via "National Vulnerability Database".
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_HandlePacket and MqttClient_WaitType).📖 Read
via "National Vulnerability Database".
‼ CVE-2021-45930 ‼
📖 Read
via "National Vulnerability Database".
Qt SVG in Qt 5.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate::QCommonArrayOps<QPainterPath::Element>::growAppend (called from QPainterPath::addPath and QPathClipper::intersect).📖 Read
via "National Vulnerability Database".
‼ CVE-2021-45943 ‼
📖 Read
via "National Vulnerability Database".
GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile (called from PCIDSK::CPCIDSKSegment::ReadFromFile and PCIDSK::CPCIDSKBinarySegment::CPCIDSKBinarySegment).📖 Read
via "National Vulnerability Database".
‼ CVE-2021-44716 ‼
📖 Read
via "National Vulnerability Database".
net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-45935 ‼
📖 Read
via "National Vulnerability Database".
Grok 9.5.0 has a heap-based buffer overflow in openhtj2k::T1OpenHTJ2K::decompress (called from std::__1::__packaged_task_func<std::__1::__bind<grk::T1DecompressScheduler::deco and std::__1::packaged_task<int).📖 Read
via "National Vulnerability Database".
‼ CVE-2021-45938 ‼
📖 Read
via "National Vulnerability Database".
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_WaitType and MqttClient_Unsubscribe).📖 Read
via "National Vulnerability Database".
‼ CVE-2021-45939 ‼
📖 Read
via "National Vulnerability Database".
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_WaitType and MqttClient_Subscribe).📖 Read
via "National Vulnerability Database".
‼ CVE-2021-45942 ‼
📖 Read
via "National Vulnerability Database".
OpenEXR 3.1.0 through 3.1.3 has a heap-based buffer overflow in Imf_3_1::LineCompositeTask::execute (called from IlmThread_3_1::NullThreadPoolProvider::addTask and IlmThread_3_1::ThreadPool::addGlobalTask).📖 Read
via "National Vulnerability Database".
‼ CVE-2021-45931 ‼
📖 Read
via "National Vulnerability Database".
HarfBuzz 2.9.0 has an out-of-bounds write in hb_bit_set_invertible_t::set (called from hb_sparseset_t<hb_bit_set_invertible_t>::set and hb_set_copy).📖 Read
via "National Vulnerability Database".
‼ CVE-2021-45941 ‼
📖 Read
via "National Vulnerability Database".
libbpf 0.6.0 and 0.6.1 has a heap-based buffer overflow (8 bytes) in __bpf_object__open (called from bpf_object__open_mem and bpf-object-fuzzer.c).📖 Read
via "National Vulnerability Database".
‼ CVE-2021-44717 ‼
📖 Read
via "National Vulnerability Database".
Go before 1.16.12 and 1.17.x before 1.17.5 on UNIX allows write operations to an unintended file or unintended network connection as a consequence of erroneous closing of file descriptor 0 after file-descriptor exhaustion.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-41817 ‼
📖 Read
via "National Vulnerability Database".
Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-45932 ‼
📖 Read
via "National Vulnerability Database".
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow (4 bytes) in MqttDecode_Publish (called from MqttClient_DecodePacket and MqttClient_HandlePacket).📖 Read
via "National Vulnerability Database".
‼ CVE-2021-45936 ‼
📖 Read
via "National Vulnerability Database".
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttDecode_Disconnect (called from MqttClient_DecodePacket and MqttClient_WaitType).📖 Read
via "National Vulnerability Database".
‼ CVE-2021-45927 ‼
📖 Read
via "National Vulnerability Database".
MDB Tools (aka mdbtools) 0.9.2 has a stack-based buffer overflow (at 0x7ffd6e029ee0) in mdb_numeric_to_string (called from mdb_xfer_bound_data and _mdb_attempt_bind).📖 Read
via "National Vulnerability Database".