CVE Notify
19.1K subscribers
4 photos
183K links
Alert on the latest CVEs

Partner channel: @malwr
Download Telegram
🚨 CVE-2021-3027
app/views_mod/user/user.py in LibrIT PaSSHport through 2.5 is affected by LDAP Injection. There is an information leak through the crafting of special queries, escaping the provided search filter because user input gets no sanitization.

πŸŽ–@cveNotify
🚨 CVE-2021-45480
An issue was discovered in the Linux kernel before 5.15.11. There is a memory leak in the __rds_conn_create() function in net/rds/connection.c in a certain combination of circumstances.

πŸŽ–@cveNotify
🚨 CVE-2021-45481
In WebKitGTK before 2.32.4, there is incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create, leading to a segmentation violation and application crash, a different vulnerability than CVE-2021-30889.

πŸŽ–@cveNotify
🚨 CVE-2021-45489
In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic PRNG.

πŸŽ–@cveNotify
🚨 CVE-2021-45488
In NetBSD through 9.2, there is an information leak in the TCP ISN (ISS) generation algorithm.

πŸŽ–@cveNotify
🚨 CVE-2021-45487
In NetBSD through 9.2, the IPv4 ID generation algorithm does not use appropriate cryptographic measures.

πŸŽ–@cveNotify
🚨 CVE-2021-45486
In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak because the hash table is very small.

πŸŽ–@cveNotify
🚨 CVE-2021-45485
In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses.

πŸŽ–@cveNotify
🚨 CVE-2021-45484
In NetBSD through 9.2, the IPv6 fragment ID generation algorithm employs a weak cryptographic PRNG.

πŸŽ–@cveNotify
🚨 CVE-2021-45469
In __f2fs_setxattr in fs/f2fs/xattr.c in the Linux kernel through 5.15.11, there is an out-of-bounds memory access when an inode has an invalid last xattr entry.

πŸŽ–@cveNotify
βš οΈβ„ΉοΈβš οΈ Hi everybody! To continue providing posts and keeping this channel alive, we accept advertising on the channel.
For advertising plans contact @SirMalware βš οΈβ„ΉοΈβš οΈ
CVE Notify pinned Β«βš οΈβ„ΉοΈβš οΈ Hi everybody! To continue providing posts and keeping this channel alive, we accept advertising on the channel. For advertising plans contact @SirMalware βš οΈβ„ΉοΈβš οΈΒ»