Windows Kernel Information Disclosure Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

Windows Desktop Bridge Elevation of Privilege Vulnerability

Windows Print Spooler Elevation of Privilege Vulnerability

Windows Print Spooler Information Disclosure Vulnerability

Windows Media Audio Decoder Remote Code Execution Vulnerability

Microsoft Windows Media Foundation Remote Code Execution Vulnerability

It was found that a specially crafted LUKS header could trick cryptsetup into disabling encryption during the recovery of the device. An attacker with physical access to the medium such as a flash disk could use this flaw to force a user into permanently disabling the encryption layer of that medium.

ReDoS vulnerability in parser_apache2

Insufficiently restricted permissions on plugin directories

Integer overflow issue with strings in Redis

loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer as demonstrated by using /proc/<pid>/maps for exploitation.

tftpd_file.c in atftp through 0.7.4 has a buffer overflow because buffer-size handling does not properly consider the combination of data OACK and other options.

Chromium: CVE-2021-4102 Use after free in V8

Chromium: CVE-2021-4101 Heap buffer overflow in Swiftshader

Chromium: CVE-2021-4100 Object lifecycle issue in ANGLE

Chromium: CVE-2021-4099 Use after free in Swiftshader

Chromium: CVE-2021-4098 Insufficient data validation in Mojo

A NULL pointer dereference was found in the Linux kernel's KVM when dirty ring logging is enabled without an active vCPU context. An unprivileged local attacker on the host may use this flaw to cause a kernel oops condition and thus a denial of service by issuing a KVM_XEN_HVM_SET_ATTR ioctl. This flaw affects Linux kernel versions prior to 5.17-rc1.