CVE Notify
19.1K subscribers
4 photos
184K links
Alert on the latest CVEs

Partner channel: @malwr
Download Telegram
⚠️ℹ️⚠️ Hi everybody! To continue providing posts and keeping this channel alive, we accept advertising on the channel.
For advertising plans contact @SirMalware ⚠️ℹ️⚠️
CVE Notify pinned «⚠️ℹ️⚠️ Hi everybody! To continue providing posts and keeping this channel alive, we accept advertising on the channel. For advertising plans contact @SirMalware ⚠️ℹ️⚠️»
🚨 CVE-2021-3027
app/views_mod/user/user.py in LibrIT PaSSHport through 2.5 is affected by LDAP Injection. There is an information leak through the crafting of special queries, escaping the provided search filter because user input gets no sanitization.

🎖@cveNotify
🚨 CVE-2021-45480
An issue was discovered in the Linux kernel before 5.15.11. There is a memory leak in the __rds_conn_create() function in net/rds/connection.c in a certain combination of circumstances.

🎖@cveNotify
🚨 CVE-2021-45481
In WebKitGTK before 2.32.4, there is incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create, leading to a segmentation violation and application crash, a different vulnerability than CVE-2021-30889.

🎖@cveNotify
🚨 CVE-2021-45489
In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic PRNG.

🎖@cveNotify
🚨 CVE-2021-45488
In NetBSD through 9.2, there is an information leak in the TCP ISN (ISS) generation algorithm.

🎖@cveNotify
🚨 CVE-2021-45487
In NetBSD through 9.2, the IPv4 ID generation algorithm does not use appropriate cryptographic measures.

🎖@cveNotify
🚨 CVE-2021-45486
In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak because the hash table is very small.

🎖@cveNotify
🚨 CVE-2021-45485
In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses.

🎖@cveNotify
🚨 CVE-2021-45484
In NetBSD through 9.2, the IPv6 fragment ID generation algorithm employs a weak cryptographic PRNG.

🎖@cveNotify
🚨 CVE-2021-45469
In __f2fs_setxattr in fs/f2fs/xattr.c in the Linux kernel through 5.15.11, there is an out-of-bounds memory access when an inode has an invalid last xattr entry.

🎖@cveNotify
⚠️ℹ️⚠️ Hi everybody! To continue providing posts and keeping this channel alive, we accept advertising on the channel.
For advertising plans contact @SirMalware ⚠️ℹ️⚠️
CVE Notify pinned «⚠️ℹ️⚠️ Hi everybody! To continue providing posts and keeping this channel alive, we accept advertising on the channel. For advertising plans contact @SirMalware ⚠️ℹ️⚠️»