CVE Notify
19.1K subscribers
4 photos
184K links
Alert on the latest CVEs

Partner channel: @malwr
Download Telegram
๐Ÿšจ CVE-2021-30887
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policy.

๐ŸŽ–@cveNotify
โš ๏ธโ„น๏ธโš ๏ธ Hi everybody! To continue providing posts and keeping this channel alive, we accept advertising on the channel.
For advertising plans contact @SirMalware โš ๏ธโ„น๏ธโš ๏ธ
CVE Notify pinned ยซโš ๏ธโ„น๏ธโš ๏ธ Hi everybody! To continue providing posts and keeping this channel alive, we accept advertising on the channel. For advertising plans contact @SirMalware โš ๏ธโ„น๏ธโš ๏ธยป
๐Ÿšจ CVE-2021-3027
app/views_mod/user/user.py in LibrIT PaSSHport through 2.5 is affected by LDAP Injection. There is an information leak through the crafting of special queries, escaping the provided search filter because user input gets no sanitization.

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2021-45480
An issue was discovered in the Linux kernel before 5.15.11. There is a memory leak in the __rds_conn_create() function in net/rds/connection.c in a certain combination of circumstances.

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2021-45481
In WebKitGTK before 2.32.4, there is incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create, leading to a segmentation violation and application crash, a different vulnerability than CVE-2021-30889.

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2021-45489
In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic PRNG.

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2021-45488
In NetBSD through 9.2, there is an information leak in the TCP ISN (ISS) generation algorithm.

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2021-45487
In NetBSD through 9.2, the IPv4 ID generation algorithm does not use appropriate cryptographic measures.

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2021-45486
In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak because the hash table is very small.

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2021-45485
In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses.

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2021-45484
In NetBSD through 9.2, the IPv6 fragment ID generation algorithm employs a weak cryptographic PRNG.

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2021-45469
In __f2fs_setxattr in fs/f2fs/xattr.c in the Linux kernel through 5.15.11, there is an out-of-bounds memory access when an inode has an invalid last xattr entry.

๐ŸŽ–@cveNotify
โš ๏ธโ„น๏ธโš ๏ธ Hi everybody! To continue providing posts and keeping this channel alive, we accept advertising on the channel.
For advertising plans contact @SirMalware โš ๏ธโ„น๏ธโš ๏ธ
CVE Notify pinned ยซโš ๏ธโ„น๏ธโš ๏ธ Hi everybody! To continue providing posts and keeping this channel alive, we accept advertising on the channel. For advertising plans contact @SirMalware โš ๏ธโ„น๏ธโš ๏ธยป