Количество 18 769
Количество 18 769
CVE-2021-3416
A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU process on the host resulting in DoS scenario.
CVE-2021-34141
CVE-2021-3411
A flaw was found in the Linux kernel in versions prior to 5.10. A violation of memory access was found while detecting a padding of int3 in the linking state. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2021-3409
The patch for CVE-2020-17380/CVE-2020-25085 was found to be ineffective thus making QEMU vulnerable to the out-of-bounds read/write access issues previously found in the SDHCI controller emulation code. This flaw allows a malicious privileged guest to crash the QEMU process on the host resulting in a denial of service or potential code execution. QEMU up to (including) 5.2.0 is affected by this.
CVE-2021-33938
Buffer overflow vulnerability in function prune_to_recommended in src/policy.c in libsolv before 0.7.17 allows attackers to cause a Denial of Service.
CVE-2021-33930
Buffer overflow vulnerability in function pool_installable_whatprovides in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service.
CVE-2021-3392
A use-after-free flaw was found in the MegaRAID emulator of QEMU. This issue occurs while processing SCSI I/O requests in the case of an error mptsas_free_request() that does not dequeue the request object 'req' from a pending requests queue. This flaw allows a privileged guest user to crash the QEMU process on the host resulting in a denial of service. Versions between 2.10.0 and 5.2.0 are potentially affected.
CVE-2021-33929
Buffer overflow vulnerability in function pool_disabled_solvable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service.
CVE-2021-33928
Buffer overflow vulnerability in function pool_installable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service.
CVE-2021-33910
basic/unit-name.c in systemd prior to 246.15 247.8 248.5 and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash.
CVE-2021-33909
fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations leading to an integer overflow an Out-of-bounds Write and escalation to root by an unprivileged user aka CID-8cae8cd89f05.
CVE-2021-33788
Windows LSA Denial of Service Vulnerability
CVE-2021-33786
Windows LSA Security Feature Bypass Vulnerability
CVE-2021-33785
Windows AF_UNIX Socket Provider Denial of Service Vulnerability
CVE-2021-33784
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2021-33783
Windows SMB Information Disclosure Vulnerability
CVE-2021-33782
Windows Authenticode Spoofing Vulnerability
CVE-2021-33781
Azure AD Security Feature Bypass Vulnerability
CVE-2021-33780
Windows DNS Server Remote Code Execution Vulnerability
CVE-2021-33779
Windows AD FS Security Feature Bypass Vulnerability
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-3416 A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU process on the host resulting in DoS scenario. | CVSS3: 6 | 0% Низкий | почти 5 лет назад |
| CVSS3: 5.3 | 0% Низкий | около 4 лет назад | |
| CVE-2021-3411 A flaw was found in the Linux kernel in versions prior to 5.10. A violation of memory access was found while detecting a padding of int3 in the linking state. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | CVSS3: 6.7 | 0% Низкий | почти 5 лет назад |
| CVE-2021-3409 The patch for CVE-2020-17380/CVE-2020-25085 was found to be ineffective thus making QEMU vulnerable to the out-of-bounds read/write access issues previously found in the SDHCI controller emulation code. This flaw allows a malicious privileged guest to crash the QEMU process on the host resulting in a denial of service or potential code execution. QEMU up to (including) 5.2.0 is affected by this. | CVSS3: 5.7 | 0% Низкий | почти 5 лет назад |
| CVE-2021-33938 Buffer overflow vulnerability in function prune_to_recommended in src/policy.c in libsolv before 0.7.17 allows attackers to cause a Denial of Service. | CVSS3: 7.5 | 0% Низкий | больше 4 лет назад |
| CVE-2021-33930 Buffer overflow vulnerability in function pool_installable_whatprovides in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. | CVSS3: 7.5 | 0% Низкий | больше 4 лет назад |
| CVE-2021-3392 A use-after-free flaw was found in the MegaRAID emulator of QEMU. This issue occurs while processing SCSI I/O requests in the case of an error mptsas_free_request() that does not dequeue the request object 'req' from a pending requests queue. This flaw allows a privileged guest user to crash the QEMU process on the host resulting in a denial of service. Versions between 2.10.0 and 5.2.0 are potentially affected. | CVSS3: 3.2 | 0% Низкий | почти 5 лет назад |
| CVE-2021-33929 Buffer overflow vulnerability in function pool_disabled_solvable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. | CVSS3: 7.5 | 0% Низкий | больше 4 лет назад |
| CVE-2021-33928 Buffer overflow vulnerability in function pool_installable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. | CVSS3: 7.5 | 0% Низкий | больше 4 лет назад |
| CVE-2021-33910 basic/unit-name.c in systemd prior to 246.15 247.8 248.5 and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash. | CVSS3: 5.5 | 0% Низкий | больше 4 лет назад |
| CVE-2021-33909 fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations leading to an integer overflow an Out-of-bounds Write and escalation to root by an unprivileged user aka CID-8cae8cd89f05. | CVSS3: 7.8 | 2% Низкий | больше 4 лет назад |
| CVE-2021-33788 Windows LSA Denial of Service Vulnerability | CVSS3: 7.5 | 8% Низкий | больше 4 лет назад |
| CVE-2021-33786 Windows LSA Security Feature Bypass Vulnerability | CVSS3: 8.1 | 2% Низкий | больше 4 лет назад |
| CVE-2021-33785 Windows AF_UNIX Socket Provider Denial of Service Vulnerability | CVSS3: 7.5 | 5% Низкий | больше 4 лет назад |
| CVE-2021-33784 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | CVSS3: 7.8 | 0% Низкий | больше 4 лет назад |
| CVE-2021-33783 Windows SMB Information Disclosure Vulnerability | CVSS3: 6.5 | 20% Средний | больше 4 лет назад |
| CVE-2021-33782 Windows Authenticode Spoofing Vulnerability | CVSS3: 5.5 | 3% Низкий | больше 4 лет назад |
| CVE-2021-33781 Azure AD Security Feature Bypass Vulnerability | CVSS3: 8.1 | 1% Низкий | больше 4 лет назад |
| CVE-2021-33780 Windows DNS Server Remote Code Execution Vulnerability | CVSS3: 8.8 | 2% Низкий | больше 4 лет назад |
| CVE-2021-33779 Windows AD FS Security Feature Bypass Vulnerability | CVSS3: 8.1 | 1% Низкий | больше 4 лет назад |
Уязвимостей на страницу