Skip to main content
CVE-2021-3912 MEDIUM PATCH This Month

OctoRPKI tries to load the entire contents of a repository in memory, and in the case of a GZIP bomb, unzip it in memory, making it possible to create a repository that makes OctoRPKI run out of. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Octorpki Debian Linux
NVD GitHub
CVSS 3.1
6.5
EPSS
0.8%
CVE-2021-3911 MEDIUM PATCH This Month

If the ROA that a repository returns contains too many bits for the IP address then OctoRPKI will crash. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Octorpki Debian Linux
NVD GitHub
CVSS 3.1
6.5
EPSS
0.9%
CVE-2021-34419 MEDIUM This Month

In the Zoom Client for Meetings for Ubuntu Linux before version 5.1.0, there is an HTML injection flaw when sending a remote control request to a user in the process of in-meeting screen sharing. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Ubuntu Code Injection Zoom Client For Meetings
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2021-34418 MEDIUM This Month

The login routine of the web console in the Zoom On-Premise Meeting Connector before version 4.6.239.20200613, Zoom On-Premise Meeting Connector MMR before version 4.6.239.20200613, Zoom On-Premise. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Zoom On Premise Meeting Connector Controller Zoom On Premise Meeting Connector Mmr Zoom On Premise Recording Connector +2
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2021-3910 MEDIUM PATCH This Month

OctoRPKI crashes when encountering a repository that returns an invalid ROA (just an encoded NUL (\0) character). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable.

Denial Of Service Octorpki Debian Linux Cloudflare
NVD GitHub VulDB
CVSS 3.1
4.4
EPSS
0.6%
CVE-2021-34421 MEDIUM This Month

The Keybase Client for Android before version 5.8.0 and the Keybase Client for iOS before version 5.8.0 fails to properly remove exploded messages initiated by a user if the receiving user places the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Apple Information Disclosure Keybase
NVD
CVSS 3.1
4.3
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy