Количество 18 824
Количество 18 824
CVE-2021-40452
HEVC Video Extensions Remote Code Execution Vulnerability
CVE-2021-40450
Win32k Elevation of Privilege Vulnerability
CVE-2021-40449
Win32k Elevation of Privilege Vulnerability
CVE-2021-40448
Microsoft Accessibility Insights for Android Information Disclosure Vulnerability
CVE-2021-40447
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2021-40444
Microsoft MSHTML Remote Code Execution Vulnerability
CVE-2021-40443
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2021-40442
Microsoft Excel Remote Code Execution Vulnerability
CVE-2021-40441
Windows Media Center Elevation of Privilege Vulnerability
CVE-2021-40440
Microsoft Dynamics Business Central Cross-site Scripting Vulnerability
CVE-2021-40438
mod_proxy SSRF
CVE-2021-4037
A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of this group. This can lead to excessive permissions granted in case when they should not. This vulnerability is similar to the previous CVE-2018-13405 and adds the missed fix for the XFS.
CVE-2021-4034
CVE-2021-40330
CVE-2021-4032
CVE-2021-4023
A flaw was found in the io-workqueue implementation in the Linux kernel versions prior to 5.15-rc1. The kernel can panic when an improper cancellation operation triggers the submission of new io-uring operations during a shortage of free space. This flaw allows a local user with permissions to execute io-uring requests to possibly crash the system.
CVE-2021-4019
Heap-based Buffer Overflow in vim/vim
CVE-2021-40153
CVE-2021-40145
gdImageGd2Ptr in gd_gd2.c in the GD Graphics Library (aka LibGD) through 2.3.2 has a double free. NOTE: the vendor's position is "The GD2 image format is a proprietary image format of libgd. It has to be regarded as being obsolete and should only be used for development and testing purposes.
CVE-2021-4002
A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. A local user could use this flaw to get unauthorized access to some data.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-40452 HEVC Video Extensions Remote Code Execution Vulnerability | 3% Низкий | около 4 лет назад | |
| CVE-2021-40450 Win32k Elevation of Privilege Vulnerability | CVSS3: 7.8 | 8% Низкий | больше 4 лет назад |
| CVE-2021-40449 Win32k Elevation of Privilege Vulnerability | CVSS3: 7.8 | 92% Критический | больше 4 лет назад |
| CVE-2021-40448 Microsoft Accessibility Insights for Android Information Disclosure Vulnerability | CVSS3: 6.3 | 1% Низкий | больше 4 лет назад |
| CVE-2021-40447 Windows Print Spooler Elevation of Privilege Vulnerability | CVSS3: 7.8 | 0% Низкий | больше 4 лет назад |
| CVE-2021-40444 Microsoft MSHTML Remote Code Execution Vulnerability | CVSS3: 8.8 | 94% Критический | больше 4 лет назад |
| CVE-2021-40443 Windows Common Log File System Driver Elevation of Privilege Vulnerability | CVSS3: 7.8 | 0% Низкий | больше 4 лет назад |
| CVE-2021-40442 Microsoft Excel Remote Code Execution Vulnerability | CVSS3: 7.8 | 5% Низкий | около 4 лет назад |
| CVE-2021-40441 Windows Media Center Elevation of Privilege Vulnerability | CVSS3: 7.8 | 0% Низкий | около 4 лет назад |
| CVE-2021-40440 Microsoft Dynamics Business Central Cross-site Scripting Vulnerability | CVSS3: 5.4 | 1% Низкий | больше 4 лет назад |
| CVE-2021-40438 mod_proxy SSRF | CVSS3: 9 | 94% Критический | больше 4 лет назад |
| CVE-2021-4037 A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of this group. This can lead to excessive permissions granted in case when they should not. This vulnerability is similar to the previous CVE-2018-13405 and adds the missed fix for the XFS. | CVSS3: 7.8 | 0% Низкий | больше 3 лет назад |
| CVSS3: 7.8 | 87% Высокий | около 4 лет назад | |
| CVSS3: 7.5 | 0% Низкий | больше 4 лет назад | |
| CVSS3: 4.4 | 0% Низкий | около 4 лет назад | |
| CVE-2021-4023 A flaw was found in the io-workqueue implementation in the Linux kernel versions prior to 5.15-rc1. The kernel can panic when an improper cancellation operation triggers the submission of new io-uring operations during a shortage of free space. This flaw allows a local user with permissions to execute io-uring requests to possibly crash the system. | CVSS3: 5.5 | 0% Низкий | почти 4 года назад |
| CVE-2021-4019 Heap-based Buffer Overflow in vim/vim | CVSS3: 7.8 | 0% Низкий | около 4 лет назад |
| CVSS3: 8.1 | 1% Низкий | около 4 лет назад | |
| CVE-2021-40145 gdImageGd2Ptr in gd_gd2.c in the GD Graphics Library (aka LibGD) through 2.3.2 has a double free. NOTE: the vendor's position is "The GD2 image format is a proprietary image format of libgd. It has to be regarded as being obsolete and should only be used for development and testing purposes. | CVSS3: 7.5 | 1% Низкий | около 4 лет назад |
| CVE-2021-4002 A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. A local user could use this flaw to get unauthorized access to some data. | CVSS3: 4.4 | 0% Низкий | почти 4 года назад |
Уязвимостей на страницу