Количество 18 824
Количество 18 824
CVE-2021-46878
CVE-2021-46848
GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.
CVE-2021-46828
In libtirpc before 1.3.3rc1 remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can in turn lead to an svc_run infinite loop without accepting new connections.
CVE-2021-46823
python-ldap before 3.4.0 is vulnerable to a denial of service when ldap.schema is used for untrusted schema definitions because of a regular expression denial of service (ReDoS) flaw in the LDAP schema parser. By sending crafted regex input a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2021-46822
The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer. This is related to a heap-based buffer overflow in the get_word_rgb_row function in rdppm.c.
CVE-2021-46790
CVE-2021-46669
MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the BIGINT data type is used.
CVE-2021-46668
MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements that improperly interact with storage-engine resource limitations for temporary data structures.
CVE-2021-46667
MariaDB before 10.6.5 has a sql_lex.cc integer overflow leading to an application crash.
CVE-2021-46666
MariaDB before 10.6.2 allows an application crash because of mishandling of a pushdown from a HAVING clause to a WHERE clause.
CVE-2021-46665
MariaDB through 10.5.9 allows a sql_parse.cc application crash because of incorrect used_tables expectations.
CVE-2021-46664
MariaDB through 10.5.9 allows an application crash in sub_select_postjoin_aggr for a NULL value of aggr.
CVE-2021-46663
MariaDB through 10.5.13 allows a ha_maria::extra application crash via certain SELECT statements.
CVE-2021-46662
MariaDB through 10.5.9 allows a set_var.cc application crash via certain uses of an UPDATE statement in conjunction with a nested subquery.
CVE-2021-46661
MariaDB through 10.5.9 allows an application crash in find_field_in_tables and find_order_in_list via an unused common table expression (CTE).
CVE-2021-46659
CVE-2021-46658
CVE-2021-46657
CVE-2021-46283
CVE-2021-46143
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVSS3: 7.8 | 0% Низкий | почти 3 года назад | |
| CVE-2021-46848 GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der. | CVSS3: 9.1 | 0% Низкий | больше 3 лет назад |
| CVE-2021-46828 In libtirpc before 1.3.3rc1 remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can in turn lead to an svc_run infinite loop without accepting new connections. | CVSS3: 7.5 | 1% Низкий | больше 3 лет назад |
| CVE-2021-46823 python-ldap before 3.4.0 is vulnerable to a denial of service when ldap.schema is used for untrusted schema definitions because of a regular expression denial of service (ReDoS) flaw in the LDAP schema parser. By sending crafted regex input a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition. | CVSS3: 6.5 | 1% Низкий | больше 3 лет назад |
| CVE-2021-46822 The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer. This is related to a heap-based buffer overflow in the get_word_rgb_row function in rdppm.c. | CVSS3: 5.5 | 0% Низкий | больше 3 лет назад |
| CVSS3: 7.8 | 0% Низкий | почти 4 года назад | |
| CVE-2021-46669 MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the BIGINT data type is used. | CVSS3: 7.5 | 1% Низкий | около 4 лет назад |
| CVE-2021-46668 MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements that improperly interact with storage-engine resource limitations for temporary data structures. | CVSS3: 5.5 | 0% Низкий | около 4 лет назад |
| CVE-2021-46667 MariaDB before 10.6.5 has a sql_lex.cc integer overflow leading to an application crash. | CVSS3: 5.5 | 0% Низкий | около 4 лет назад |
| CVE-2021-46666 MariaDB before 10.6.2 allows an application crash because of mishandling of a pushdown from a HAVING clause to a WHERE clause. | CVSS3: 5.5 | 0% Низкий | около 4 лет назад |
| CVE-2021-46665 MariaDB through 10.5.9 allows a sql_parse.cc application crash because of incorrect used_tables expectations. | CVSS3: 5.5 | 0% Низкий | около 4 лет назад |
| CVE-2021-46664 MariaDB through 10.5.9 allows an application crash in sub_select_postjoin_aggr for a NULL value of aggr. | CVSS3: 5.5 | 0% Низкий | около 4 лет назад |
| CVE-2021-46663 MariaDB through 10.5.13 allows a ha_maria::extra application crash via certain SELECT statements. | CVSS3: 5.5 | 0% Низкий | около 4 лет назад |
| CVE-2021-46662 MariaDB through 10.5.9 allows a set_var.cc application crash via certain uses of an UPDATE statement in conjunction with a nested subquery. | CVSS3: 5.5 | 0% Низкий | около 4 лет назад |
| CVE-2021-46661 MariaDB through 10.5.9 allows an application crash in find_field_in_tables and find_order_in_list via an unused common table expression (CTE). | CVSS3: 5.5 | 0% Низкий | около 4 лет назад |
| CVSS3: 5.5 | 0% Низкий | около 4 лет назад | |
| CVSS3: 5.5 | 0% Низкий | около 4 лет назад | |
| CVSS3: 5.5 | 0% Низкий | около 4 лет назад | |
| CVSS3: 5.5 | 0% Низкий | около 4 лет назад | |
| CVSS3: 7.8 | 4% Низкий | около 4 лет назад |
Уязвимостей на страницу