Skip to main content
CVE-2021-0532 HIGH This Week

In memory management driver, there is a possible memory corruption due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Google Buffer Overflow Privilege Escalation Race Condition Android
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2021-0520 HIGH PATCH This Week

In several functions of MemoryFileSystem.cpp and related files, there is a possible use after free due to a race condition. Rated high severity (CVSS 7.0).

Google Denial Of Service Privilege Escalation Race Condition Android
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2021-0509 HIGH This Week

In various functions of CryptoPlugin.cpp, there is a possible use after free due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Google Denial Of Service Privilege Escalation Race Condition Android
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2021-0508 HIGH PATCH This Week

In various functions of DrmPlugin.cpp, there is a possible use after free due to a race condition. Rated high severity (CVSS 7.0).

Google Denial Of Service Privilege Escalation Race Condition Android
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2021-34387 MEDIUM This Month

The ARM TrustZone Technology on which Trusty is based on contains a vulnerability in access permission settings where the portion of the DRAM reserved for TrustZone is identity-mapped by TLK with. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Jetson Linux
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2021-34386 MEDIUM This Month

Trusty TLK contains a vulnerability in the NVIDIA TLK kernel where an integer overflow in the calloc size calculation can cause the multiplication of count and size can overflow, which might lead to. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Integer Overflow Nvidia Jetson Linux
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2021-0504 MEDIUM PATCH This Month

In avrc_pars_browse_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Google Information Disclosure Android
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2021-33572 MEDIUM This Month

A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Linux Security whereby the FSAVD component used in certain F-Secure products can crash while scanning larger packages/fuzzed files. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Cloud Protection For Salesforce Elements For Microsoft 365 Endpoint Protection +1
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2021-28833 MEDIUM PATCH This Month

Increments Qiita::Markdown before 0.34.0 allows XSS via a crafted gist link, a different vulnerability than CVE-2021-28796. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Qiita
NVD GitHub
CVSS 3.1
6.1
EPSS
0.7%
CVE-2021-0521 MEDIUM PATCH This Month

In getAllPackages of PackageManagerService, there is a possible information disclosure due to a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Google Information Disclosure Authentication Bypass Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2021-32697 MEDIUM PATCH This Month

neos/forms is an open source framework to build web forms. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Form
NVD GitHub
CVSS 3.1
5.3
EPSS
1.1%
CVE-2021-34389 MEDIUM This Month

Trusty contains a vulnerability in NVIDIA OTE protocol message parsing code, which is present in all the TAs. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Information Disclosure Jetson Linux
NVD
CVSS 3.1
5.0
EPSS
0.3%
CVE-2021-32698 MEDIUM PATCH This Month

eLabFTW is an open source electronic lab notebook for research labs. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

SSRF Elabftw
NVD GitHub
CVSS 3.1
4.9
EPSS
0.9%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy