Skip to main content

Enterprise Linux

1150 CVEs product

Monthly

CVE-2022-1227 Go HIGH POC PATCH This Week

A privilege escalation flaw was found in Podman. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Privilege Escalation Information Disclosure Podman Psgo +14
NVD GitHub
CVSS 3.1
8.8
EPSS
4.2%
CVE-2022-1048 HIGH PATCH This Week

A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. Rated high severity (CVSS 7.0). This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Denial Of Service Memory Corruption Use After Free Linux Linux Kernel +10
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2022-1304 HIGH This Week

An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Information Disclosure E2Fsprogs Enterprise Linux +1
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2022-1280 MEDIUM This Month

A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux kernel due to a race problem. Rated medium severity (CVSS 6.3). No vendor patch available.

Denial Of Service Memory Corruption Use After Free Linux Linux Kernel +1
NVD
CVSS 3.1
6.3
EPSS
0.3%
CVE-2022-28796 HIGH PATCH This Week

jbd2_journal_wait_updates in fs/jbd2/transaction.c in the Linux kernel before 5.17.1 has a use-after-free caused by a transaction_t race condition. Rated high severity (CVSS 7.0).

Race Condition Linux Information Disclosure Linux Kernel Enterprise Linux +13
NVD GitHub
CVSS 3.1
7.0
EPSS
0.3%
CVE-2022-27651 Go MEDIUM PATCH This Month

A flaw was found in buildah where containers were incorrectly started with non-empty default permissions. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Incorrect Default Permissions vulnerability could allow attackers to access resources due to overly permissive default settings.

Privilege Escalation Docker Buildah Fedora Enterprise Linux
NVD GitHub
CVSS 3.1
6.8
EPSS
1.2%
CVE-2022-27650 HIGH PATCH This Week

A flaw was found in crun where containers were incorrectly started with non-empty default permissions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. This Incorrect Default Permissions vulnerability could allow attackers to access resources due to overly permissive default settings.

Privilege Escalation Docker Crun Fedora Openshift Container Platform +1
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%
CVE-2022-27649 Go HIGH PATCH This Week

A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. This Incorrect Default Permissions vulnerability could allow attackers to access resources due to overly permissive default settings.

Privilege Escalation Docker Podman Developer Tools Openshift Container Platform +11
NVD GitHub
CVSS 3.1
7.5
EPSS
1.4%
CVE-2022-1055 HIGH POC PATCH This Week

A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. Rated high severity (CVSS 8.6). Public exploit code available.

Privilege Escalation Memory Corruption Use After Free Linux Linux Kernel +11
NVD
CVSS 4.0
8.6
EPSS
0.5%
CVE-2022-0435 HIGH POC PATCH THREAT This Week

A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Memory Corruption Linux Buffer Overflow Linux Kernel Codeready Linux Builder +28
NVD
CVSS 3.1
8.8
EPSS
68.0%
CVE-2022-0330 HIGH This Week

A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Linux Linux Kernel Codeready Linux Builder Codeready Linux Builder Eus +35
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-0996 MEDIUM POC This Month

A vulnerability was found in the 389 Directory Server that allows expired passwords to access the database to cause improper authentication. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass 389 Directory Server Fedora Enterprise Linux
NVD GitHub
CVSS 3.1
6.5
EPSS
1.5%
CVE-2022-27666 HIGH PATCH This Week

A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Privilege Escalation Memory Corruption Buffer Overflow Linux Kernel Fedora +11
NVD GitHub
CVSS 3.1
7.8
EPSS
5.5%
CVE-2022-1011 HIGH This Week

A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Memory Corruption Authentication Bypass Linux Use After Free +30
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2022-0918 HIGH PATCH This Week

A vulnerability was discovered in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service 389 Ds Base Enterprise Linux
NVD GitHub
CVSS 3.1
7.5
EPSS
5.9%
CVE-2022-0516 HIGH PATCH This Week

A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Linux Information Disclosure Linux Kernel Fedora Debian Linux +20
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-0711 HIGH PATCH This Week

A flaw was found in the way HAProxy processed HTTP responses containing the "Set-Cookie2" header. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Haproxy Openshift Container Platform Software Collections Enterprise Linux +1
NVD GitHub
CVSS 3.1
7.5
EPSS
16.6%
CVE-2022-23645 MEDIUM PATCH This Month

swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Swtpm Enterprise Linux Fedora
NVD GitHub
CVSS 3.1
5.5
EPSS
0.4%
CVE-2021-4166 HIGH POC PATCH This Week

vim is vulnerable to Out-of-bounds Read. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Information Disclosure Vim Enterprise Linux Factory +5
NVD GitHub
CVSS 3.1
7.1
EPSS
1.6%
CVE-2021-3622 MEDIUM POC PATCH This Month

A flaw was found in the hivex library. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Microsoft Denial Of Service Hivex Enterprise Linux Enterprise Linux Workstation +1
NVD GitHub
CVSS 3.1
4.3
EPSS
4.8%
CVE-2021-3621 HIGH PATCH This Week

A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Command Injection Sssd Virtualization Virtualization Host Enterprise Linux +4
NVD
CVSS 3.1
8.8
EPSS
2.5%
CVE-2021-4024 Go MEDIUM PATCH This Month

A flaw was found in podman. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Podman Fedora Enterprise Linux
NVD GitHub
CVSS 3.1
6.5
EPSS
1.1%
CVE-2021-45463 HIGH PATCH This Week

load_cache in GEGL before 0.4.34 allows shell expansion when a pathname in a constructed command line is not escaped or filtered. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Gegl Gimp Enterprise Linux Fedora
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2021-44733 HIGH POC This Week

A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. Rated high severity (CVSS 7.0). Public exploit code available and no vendor patch available.

Linux Information Disclosure Race Condition Linux Kernel Enterprise Linux +10
NVD GitHub
CVSS 3.1
7.0
EPSS
0.7%
CVE-2021-45078 HIGH POC This Week

stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Memory Corruption Binutils Fedora +3
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2021-4104 Maven HIGH Act Now

JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Epss exploitation probability 72.2% and no vendor patch available.

RCE Deserialization Apache Log4J Fedora +44
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
72.2%
CVE-2021-4048 CRITICAL PATCH Act Now

An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version 0.3.18. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Lapack Openblas Julia +5
NVD GitHub
CVSS 3.1
9.1
EPSS
2.6%
CVE-2021-3802 MEDIUM POC PATCH This Month

A vulnerability found in udisks2. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Udisks Fedora Enterprise Linux
NVD
CVSS 3.1
4.2
EPSS
0.8%
CVE-2021-3672 MEDIUM POC PATCH This Month

A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to. Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

XSS C Ares Fedora Enterprise Linux Enterprise Linux Computer Node +13
NVD
CVSS 3.1
5.6
EPSS
2.6%
CVE-2021-3935 HIGH This Week

When PgBouncer is configured to use "cert" authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of TLS certificate. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

SQLi Pgbouncer Enterprise Linux Fedora Debian Linux
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2021-43389 MEDIUM POC PATCH This Month

An issue was discovered in the Linux kernel before 5.14.15. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Linux Information Disclosure Linux Kernel Enterprise Linux +4
NVD
CVSS 3.1
5.5
EPSS
0.7%
CVE-2021-3746 MEDIUM PATCH This Month

A flaw was found in the libtpms code that may cause access beyond the boundary of internal buffers. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Libtpms Fedora Enterprise Linux
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2021-32672 MEDIUM PATCH This Month

Redis is an open source, in-memory database that persists on disk. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Redis Information Disclosure Software Collections Enterprise Linux +5
NVD GitHub
CVSS 3.1
4.3
EPSS
1.7%
CVE-2021-3653 HIGH POC PATCH This Week

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available.

Linux Amd Information Disclosure Authentication Bypass Linux Kernel +2
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2021-40438 CRITICAL POC KEV PATCH THREAT Act Now

A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user.4.48 and earlier. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

Apache SSRF Rocky Linux Enterprise Linux Enterprise Linux Eus +35
NVD
CVSS 3.1
9.0
EPSS
100.0%
CVE-2021-39251 HIGH This Week

A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G < 2021.8.22. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Ntfs 3G Debian Linux Enterprise Linux +1
NVD GitHub
CVSS 3.1
7.8
EPSS
0.4%
CVE-2021-33285 HIGH This Week

In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Memory Corruption Ntfs 3G Enterprise Linux +2
NVD GitHub
CVSS 3.1
7.8
EPSS
0.4%
CVE-2021-3634 MEDIUM PATCH This Month

A flaw has been found in libssh in versions prior to 0.9.6. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft Memory Corruption Libssh Virtualization +5
NVD
CVSS 3.1
6.5
EPSS
4.7%
CVE-2021-40153 HIGH POC PATCH This Week

squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal Squashfs Tools Fedora Debian Linux Enterprise Linux
NVD GitHub
CVSS 3.1
8.1
EPSS
2.5%
CVE-2021-3605 MEDIUM PATCH This Month

There's a flaw in OpenEXR's rleUncompress functionality in versions prior to 3.0.5. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Openexr Enterprise Linux Debian Linux
NVD
CVSS 3.1
5.5
EPSS
1.0%
CVE-2021-3635 MEDIUM This Month

A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Linux Linux Kernel Enterprise Linux Fedora
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2021-3573 MEDIUM POC PATCH This Month

A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call. Rated medium severity (CVSS 6.4). Public exploit code available.

Linux Denial Of Service Race Condition Linux Kernel Enterprise Linux +1
NVD
CVSS 3.1
6.4
EPSS
0.4%
CVE-2021-20314 CRITICAL PATCH Act Now

Stack buffer overflow in libspf2 versions below 1.2.11 when processing certain SPF macros can lead to Denial of service and potentially code execution via malicious crafted SPF explanation messages. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Denial Of Service RCE Memory Corruption Libspf2 +2
NVD
CVSS 3.1
9.8
EPSS
2.8%
CVE-2021-38160 HIGH PATCH This Week

In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Linux Linux Kernel Hci Bootstrap Os Hci Management Node +4
NVD GitHub
CVSS 3.1
7.8
EPSS
0.4%
CVE-2021-3655 LOW PATCH Monitor

A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Linux Information Disclosure Linux Kernel Enterprise Linux Debian Linux
NVD
CVSS 3.1
3.3
EPSS
0.3%
CVE-2021-3580 HIGH PATCH This Week

A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Nettle Enterprise Linux Debian Linux Ontap Select Deploy Administration Utility
NVD
CVSS 3.1
7.5
EPSS
2.7%
CVE-2021-3682 HIGH PATCH This Week

A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable.

RCE Qemu Enterprise Linux Debian Linux
NVD
CVSS 3.1
8.5
EPSS
2.9%
CVE-2021-3679 MEDIUM PATCH This Month

A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Linux Denial Of Service Linux Kernel Enterprise Linux Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.7%
CVE-2021-3612 HIGH PATCH This Week

An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Linux Denial Of Service Linux Kernel Enterprise Linux Fedora +14
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2021-3571 HIGH PATCH This Week

A flaw was found in the ptp4l program of the linuxptp package. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Linuxptp Enterprise Linux Fedora
NVD
CVSS 3.1
7.1
EPSS
1.9%
CVE-2021-3570 HIGH PATCH This Week

A flaw was found in the ptp4l program of the linuxptp package. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow RCE Linuxptp Enterprise Linux Enterprise Linux Aus +4
NVD
CVSS 3.1
8.8
EPSS
3.0%
CVE-2021-3598 MEDIUM POC This Month

There's a flaw in OpenEXR's ImfDeepScanLineInputFile functionality in versions prior to 3.0.5. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Openexr Enterprise Linux Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2021-3595 LOW PATCH Monitor

An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity.

Buffer Overflow Memory Corruption Libslirp Enterprise Linux Debian Linux +1
NVD
CVSS 3.1
3.8
EPSS
0.3%
CVE-2021-3594 LOW PATCH Monitor

An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity.

Buffer Overflow Memory Corruption Libslirp Enterprise Linux Debian Linux +1
NVD
CVSS 3.1
3.8
EPSS
0.3%
CVE-2021-3593 LOW PATCH Monitor

An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity.

Buffer Overflow Memory Corruption Libslirp Enterprise Linux Fedora +1
NVD
CVSS 3.1
3.8
EPSS
0.3%
CVE-2021-3592 LOW PATCH Monitor

An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity.

Memory Corruption Information Disclosure Libslirp Enterprise Linux Debian Linux +1
NVD
CVSS 3.1
3.8
EPSS
0.3%
CVE-2021-0129 MEDIUM This Month

Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Bluez Enterprise Linux Debian Linux
NVD
CVSS 3.1
5.7
EPSS
0.8%
CVE-2021-3565 MEDIUM PATCH This Month

A flaw was found in tpm2-tools in versions before 5.1.1 and before 4.3.2. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Tpm2 Tools Enterprise Linux Fedora
NVD
CVSS 3.1
5.9
EPSS
1.3%
CVE-2021-3569 MEDIUM PATCH This Month

A stack corruption bug was found in libtpms in versions before 0.7.2 and before 0.8.0 while decrypting data using RSA. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Libtpms Enterprise Linux
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-3543 MEDIUM This Month

A flaw null pointer dereference in the Nitro Enclaves kernel driver was found in the way that Enclaves VMs forces closures on the enclave file descriptor. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Denial Of Service Memory Corruption Nitro Enclaves Enterprise Linux +1
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2021-3516 HIGH POC PATCH This Week

There's a flaw in libxml2's xmllint in versions before 2.9.11. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Use After Free Memory Corruption Information Disclosure Xmllint Debian Linux +7
NVD
CVSS 3.1
7.8
EPSS
2.0%
CVE-2021-32027 HIGH PATCH This Week

A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow PostgreSQL Information Disclosure Jboss Enterprise Application Platform Software Collections +1
NVD
CVSS 3.1
8.8
EPSS
2.0%
CVE-2021-20292 MEDIUM PATCH This Month

There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm in Nouveau DRM subsystem. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Linux Privilege Escalation Memory Corruption Linux Kernel +3
NVD
CVSS 3.1
6.7
EPSS
0.9%
CVE-2021-20239 LOW Monitor

A flaw was found in the Linux kernel in versions before 5.4.92 in the BPF protocol. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Linux Information Disclosure Linux Kernel Enterprise Linux Fedora
NVD
CVSS 3.1
3.3
EPSS
0.3%
CVE-2021-20236 CRITICAL PATCH Act Now

A flaw was found in the ZeroMQ server in versions before 4.3.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Zeromq Ceph Storage Enterprise Linux Fedora
NVD GitHub
CVSS 3.1
9.8
EPSS
1.6%
CVE-2021-20201 MEDIUM POC This Month

A flaw was found in spice in versions before 0.14.92. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Spice Enterprise Linux
NVD
CVSS 3.1
5.3
EPSS
2.7%
CVE-2021-30501 MEDIUM POC PATCH This Month

An assertion abort was found in upx MemBuffer::alloc() in mem.cpp, in version UPX 4.0.0. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Upx Enterprise Linux Fedora
NVD GitHub
CVSS 3.1
5.5
EPSS
1.0%
CVE-2021-30500 HIGH POC PATCH This Week

Null pointer dereference was found in upx PackLinuxElf::canUnpack() in p_lx_elf.cpp,in version UPX 4.0.0. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Null Pointer Dereference RCE Denial Of Service Upx Enterprise Linux +1
NVD GitHub
CVSS 3.1
7.8
EPSS
1.2%
CVE-2021-3527 MEDIUM PATCH This Month

A flaw was found in the USB redirector device (usb-redir) of QEMU. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Qemu Enterprise Linux Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2021-30471 MEDIUM POC This Month

A flaw was found in PoDoFo 0.9.7. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Podofo Enterprise Linux Fedora
NVD
CVSS 3.1
5.5
EPSS
0.7%
CVE-2021-30470 MEDIUM POC This Month

A flaw was found in PoDoFo 0.9.7. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Podofo Enterprise Linux Fedora
NVD
CVSS 3.1
5.5
EPSS
0.7%
CVE-2021-30469 MEDIUM POC This Month

A flaw was found in PoDoFo 0.9.7. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Denial Of Service Memory Corruption Podofo Fedora +1
NVD
CVSS 3.1
5.5
EPSS
0.7%
CVE-2021-20297 MEDIUM PATCH This Month

A flaw was found in NetworkManager in versions before 1.30.0. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Networkmanager Openshift Container Platform Enterprise Linux Fedora
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-3426 MEDIUM PATCH This Month

There's a flaw in Python 3's pydoc. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Python Information Disclosure Fedora Debian Linux Software Collections +6
NVD
CVSS 3.1
5.7
EPSS
1.9%
CVE-2021-3517 Ruby HIGH PATCH This Week

There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Libxml2 Jboss Core Services Enterprise Linux +25
NVD
CVSS 3.1
8.6
EPSS
8.3%
CVE-2021-3445 HIGH This Week

A flaw was found in libdnf's signature verification functionality in versions before 0.60.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Jwt Attack Libdnf Fedora Enterprise Linux
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2021-3421 MEDIUM PATCH This Month

A flaw was found in the RPM package in the read functionality. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Jwt Attack Rpm Enterprise Linux Fedora
NVD
CVSS 3.1
5.5
EPSS
0.7%
CVE-2021-3518 Ruby HIGH PATCH This Week

There's a flaw in libxml2 in versions before 2.9.11. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Information Disclosure Libxml2 Debian Linux +16
NVD
CVSS 3.1
8.8
EPSS
3.7%
CVE-2021-3537 Ruby MEDIUM PATCH This Month

A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Libxml2 Jboss Core Services Enterprise Linux +16
NVD
CVSS 3.1
5.9
EPSS
3.5%
CVE-2021-20221 MEDIUM PATCH This Month

An out-of-bounds heap buffer access issue was found in the ARM Generic Interrupt Controller emulator of QEMU up to and including qemu 4.2.0on aarch64 platform. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Qemu Enterprise Linux Debian Linux
NVD
CVSS 3.1
6.0
EPSS
0.3%
CVE-2021-3504 MEDIUM PATCH This Month

A flaw was found in the hivex library in versions before 1.3.20. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Microsoft Information Disclosure Hivex Enterprise Linux +2
NVD
CVSS 3.1
5.4
EPSS
1.9%
CVE-2021-31916 MEDIUM PATCH This Month

An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux kernel before 5.12. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Linux Memory Corruption Linux Kernel Enterprise Linux +1
NVD GitHub
CVSS 3.1
6.7
EPSS
0.7%
CVE-2021-3507 MEDIUM POC This Month

A heap buffer overflow was found in the floppy disk emulator of QEMU up to 6.0.0 (including). Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Qemu Debian Linux Enterprise Linux
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2021-3501 HIGH PATCH This Week

A flaw was found in the Linux kernel in versions before 5.12. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Linux Memory Corruption Linux Kernel Enterprise Linux +17
NVD
CVSS 3.1
7.1
EPSS
0.4%
CVE-2021-20254 MEDIUM This Month

A flaw was found in samba. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Microsoft Information Disclosure Samba Fedora +2
NVD
CVSS 3.1
6.8
EPSS
1.6%
CVE-2021-3472 HIGH PATCH This Week

A flaw was found in xorg-x11-server in versions before 1.20.11. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Privilege Escalation X Server Fedora Debian Linux +1
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2021-20208 MEDIUM PATCH This Month

A flaw was found in cifs-utils in versions before 6.13. Rated medium severity (CVSS 6.1).

Information Disclosure Cifs Utils Enterprise Linux Fedora
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2021-3505 MEDIUM POC PATCH This Month

A flaw was found in libtpms in versions before 0.8.0. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Libtpms Enterprise Linux Fedora
NVD GitHub
CVSS 3.1
5.5
EPSS
0.4%
CVE-2021-3498 HIGH PATCH This Week

A heap corruption vulnerability exists in GStreamer media framework versions before 1.18.4 when parsing malformed Matroska (MKV) video files. An attacker can craft a malicious Matroska file that, when processed by a vulnerable GStreamer installation, triggers heap memory corruption leading to potential code execution with the privileges of the application using GStreamer. While not known to be actively exploited in the wild (not in KEV), a public proof-of-concept exploit is available and the EPSS score of 0.24% indicates moderate exploitation likelihood.

Information Disclosure Debian Linux Enterprise Linux Gstreamer
NVD VulDB
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-3497 HIGH PATCH This Week

A use-after-free vulnerability exists in GStreamer's Matroska demuxer that can be triggered when processing malformed video files, potentially allowing attackers to execute arbitrary code or cause application crashes. The vulnerability affects GStreamer versions before 1.18.4 and requires local access with user interaction to exploit. With an EPSS score of only 0.18% and no KEV listing, this vulnerability has low real-world exploitation probability despite its high CVSS score of 7.8.

Use After Free Denial Of Service Gstreamer Enterprise Linux Debian Linux
NVD VulDB
CVSS 3.1
7.8
EPSS
0.2%
EPSS 4% CVSS 8.8
HIGH POC PATCH This Week

A privilege escalation flaw was found in Podman. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Privilege Escalation Information Disclosure +16
NVD GitHub
EPSS 0% CVSS 7.0
HIGH PATCH This Week

A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. Rated high severity (CVSS 7.0). This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Denial Of Service Memory Corruption Use After Free +12
NVD
EPSS 1% CVSS 7.8
HIGH This Week

An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Information Disclosure +3
NVD
EPSS 0% CVSS 6.3
MEDIUM This Month

A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux kernel due to a race problem. Rated medium severity (CVSS 6.3). No vendor patch available.

Denial Of Service Memory Corruption Use After Free +3
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

jbd2_journal_wait_updates in fs/jbd2/transaction.c in the Linux kernel before 5.17.1 has a use-after-free caused by a transaction_t race condition. Rated high severity (CVSS 7.0).

Race Condition Linux Information Disclosure +15
NVD GitHub
EPSS 1% CVSS 6.8
MEDIUM PATCH This Month

A flaw was found in buildah where containers were incorrectly started with non-empty default permissions. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Incorrect Default Permissions vulnerability could allow attackers to access resources due to overly permissive default settings.

Privilege Escalation Docker Buildah +2
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

A flaw was found in crun where containers were incorrectly started with non-empty default permissions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. This Incorrect Default Permissions vulnerability could allow attackers to access resources due to overly permissive default settings.

Privilege Escalation Docker Crun +3
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. This Incorrect Default Permissions vulnerability could allow attackers to access resources due to overly permissive default settings.

Privilege Escalation Docker Podman +13
NVD GitHub
EPSS 0% CVSS 8.6
HIGH POC PATCH This Week

A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. Rated high severity (CVSS 8.6). Public exploit code available.

Privilege Escalation Memory Corruption Use After Free +13
NVD
EPSS 68% CVSS 8.8
HIGH POC PATCH THREAT This Week

A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Memory Corruption Linux Buffer Overflow +30
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Linux Linux Kernel +37
NVD
EPSS 2% CVSS 6.5
MEDIUM POC This Month

A vulnerability was found in the 389 Directory Server that allows expired passwords to access the database to cause improper authentication. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass 389 Directory Server Fedora +1
NVD GitHub
EPSS 6% CVSS 7.8
HIGH PATCH This Week

A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Privilege Escalation Memory Corruption Buffer Overflow +13
NVD GitHub
EPSS 1% CVSS 7.8
HIGH This Week

A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Memory Corruption Authentication Bypass +32
NVD
EPSS 6% CVSS 7.5
HIGH PATCH This Week

A vulnerability was discovered in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service 389 Ds Base Enterprise Linux
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Linux Information Disclosure Linux Kernel +22
NVD
EPSS 17% CVSS 7.5
HIGH PATCH This Week

A flaw was found in the way HAProxy processed HTTP responses containing the "Set-Cookie2" header. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Haproxy Openshift Container Platform +3
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Swtpm +2
NVD GitHub
EPSS 2% CVSS 7.1
HIGH POC PATCH This Week

vim is vulnerable to Out-of-bounds Read. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Information Disclosure Vim +7
NVD GitHub
EPSS 5% CVSS 4.3
MEDIUM POC PATCH This Month

A flaw was found in the hivex library. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Microsoft Denial Of Service Hivex +3
NVD GitHub
EPSS 3% CVSS 8.8
HIGH PATCH This Week

A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Command Injection Sssd Virtualization +6
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

A flaw was found in podman. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Podman Fedora +1
NVD GitHub
EPSS 1% CVSS 7.8
HIGH PATCH This Week

load_cache in GEGL before 0.4.34 allows shell expansion when a pathname in a constructed command line is not escaped or filtered. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Gegl Gimp +2
NVD
EPSS 1% CVSS 7.0
HIGH POC This Week

A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. Rated high severity (CVSS 7.0). Public exploit code available and no vendor patch available.

Linux Information Disclosure Race Condition +12
NVD GitHub
EPSS 1% CVSS 7.8
HIGH POC This Week

stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Memory Corruption +5
NVD
EPSS 72% CVSS 7.5
HIGH Act Now

JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Epss exploitation probability 72.2% and no vendor patch available.

RCE Deserialization Apache +46
NVD GitHub VulDB
EPSS 3% CVSS 9.1
CRITICAL PATCH Act Now

An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version 0.3.18. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Lapack +7
NVD GitHub
EPSS 1% CVSS 4.2
MEDIUM POC PATCH This Month

A vulnerability found in udisks2. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Udisks Fedora +1
NVD
EPSS 3% CVSS 5.6
MEDIUM POC PATCH This Month

A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to. Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

XSS C Ares Fedora +15
NVD
EPSS 1% CVSS 8.1
HIGH This Week

When PgBouncer is configured to use "cert" authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of TLS certificate. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

SQLi Pgbouncer Enterprise Linux +2
NVD
EPSS 1% CVSS 5.5
MEDIUM POC PATCH This Month

An issue was discovered in the Linux kernel before 5.14.15. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Linux Information Disclosure +6
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

A flaw was found in the libtpms code that may cause access beyond the boundary of internal buffers. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Libtpms Fedora +1
NVD
EPSS 2% CVSS 4.3
MEDIUM PATCH This Month

Redis is an open source, in-memory database that persists on disk. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Redis Information Disclosure +7
NVD GitHub
EPSS 0% CVSS 8.8
HIGH POC PATCH This Week

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available.

Linux Amd Information Disclosure +4
NVD
EPSS 100% CVSS 9.0
CRITICAL POC KEV PATCH THREAT Act Now

A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user.4.48 and earlier. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

Apache SSRF Rocky Linux +37
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G < 2021.8.22. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Ntfs 3G +3
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Memory Corruption +4
NVD GitHub
EPSS 5% CVSS 6.5
MEDIUM PATCH This Month

A flaw has been found in libssh in versions prior to 0.9.6. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft Memory Corruption +7
NVD
EPSS 2% CVSS 8.1
HIGH POC PATCH This Week

squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal Squashfs Tools Fedora +2
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

There's a flaw in OpenEXR's rleUncompress functionality in versions prior to 3.0.5. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Openexr Enterprise Linux +1
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Linux Linux Kernel +2
NVD
EPSS 0% CVSS 6.4
MEDIUM POC PATCH This Month

A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call. Rated medium severity (CVSS 6.4). Public exploit code available.

Linux Denial Of Service Race Condition +3
NVD
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

Stack buffer overflow in libspf2 versions below 1.2.11 when processing certain SPF macros can lead to Denial of service and potentially code execution via malicious crafted SPF explanation messages. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Denial Of Service RCE +4
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Linux Linux Kernel +6
NVD GitHub
EPSS 0% CVSS 3.3
LOW PATCH Monitor

A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Linux Information Disclosure Linux Kernel +2
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Nettle Enterprise Linux +2
NVD
EPSS 3% CVSS 8.5
HIGH PATCH This Week

A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable.

RCE Qemu Enterprise Linux +1
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Linux Denial Of Service Linux Kernel +2
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Linux Denial Of Service Linux Kernel +16
NVD
EPSS 2% CVSS 7.1
HIGH PATCH This Week

A flaw was found in the ptp4l program of the linuxptp package. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Linuxptp Enterprise Linux +1
NVD
EPSS 3% CVSS 8.8
HIGH PATCH This Week

A flaw was found in the ptp4l program of the linuxptp package. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow RCE Linuxptp +6
NVD
EPSS 0% CVSS 5.5
MEDIUM POC This Month

There's a flaw in OpenEXR's ImfDeepScanLineInputFile functionality in versions prior to 3.0.5. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Openexr Enterprise Linux +1
NVD
EPSS 0% CVSS 3.8
LOW PATCH Monitor

An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity.

Buffer Overflow Memory Corruption Libslirp +3
NVD
EPSS 0% CVSS 3.8
LOW PATCH Monitor

An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity.

Buffer Overflow Memory Corruption Libslirp +3
NVD
EPSS 0% CVSS 3.8
LOW PATCH Monitor

An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity.

Buffer Overflow Memory Corruption Libslirp +3
NVD
EPSS 0% CVSS 3.8
LOW PATCH Monitor

An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity.

Memory Corruption Information Disclosure Libslirp +3
NVD
EPSS 1% CVSS 5.7
MEDIUM This Month

Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Bluez Enterprise Linux +1
NVD
EPSS 1% CVSS 5.9
MEDIUM PATCH This Month

A flaw was found in tpm2-tools in versions before 5.1.1 and before 4.3.2. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Tpm2 Tools Enterprise Linux +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

A stack corruption bug was found in libtpms in versions before 0.7.2 and before 0.8.0 while decrypting data using RSA. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Libtpms Enterprise Linux
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A flaw null pointer dereference in the Nitro Enclaves kernel driver was found in the way that Enclaves VMs forces closures on the enclave file descriptor. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Denial Of Service Memory Corruption +3
NVD
EPSS 2% CVSS 7.8
HIGH POC PATCH This Week

There's a flaw in libxml2's xmllint in versions before 2.9.11. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Use After Free Memory Corruption Information Disclosure +9
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow PostgreSQL Information Disclosure +3
NVD
EPSS 1% CVSS 6.7
MEDIUM PATCH This Month

There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm in Nouveau DRM subsystem. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Linux Privilege Escalation +5
NVD
EPSS 0% CVSS 3.3
LOW Monitor

A flaw was found in the Linux kernel in versions before 5.4.92 in the BPF protocol. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Linux Information Disclosure Linux Kernel +2
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

A flaw was found in the ZeroMQ server in versions before 4.3.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Zeromq Ceph Storage +2
NVD GitHub
EPSS 3% CVSS 5.3
MEDIUM POC This Month

A flaw was found in spice in versions before 0.14.92. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Spice Enterprise Linux
NVD
EPSS 1% CVSS 5.5
MEDIUM POC PATCH This Month

An assertion abort was found in upx MemBuffer::alloc() in mem.cpp, in version UPX 4.0.0. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Upx Enterprise Linux +1
NVD GitHub
EPSS 1% CVSS 7.8
HIGH POC PATCH This Week

Null pointer dereference was found in upx PackLinuxElf::canUnpack() in p_lx_elf.cpp,in version UPX 4.0.0. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Null Pointer Dereference RCE Denial Of Service +3
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

A flaw was found in the USB redirector device (usb-redir) of QEMU. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Qemu Enterprise Linux +1
NVD
EPSS 1% CVSS 5.5
MEDIUM POC This Month

A flaw was found in PoDoFo 0.9.7. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Podofo Enterprise Linux +1
NVD
EPSS 1% CVSS 5.5
MEDIUM POC This Month

A flaw was found in PoDoFo 0.9.7. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Podofo Enterprise Linux +1
NVD
EPSS 1% CVSS 5.5
MEDIUM POC This Month

A flaw was found in PoDoFo 0.9.7. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Denial Of Service Memory Corruption +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

A flaw was found in NetworkManager in versions before 1.30.0. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Networkmanager Openshift Container Platform +2
NVD
EPSS 2% CVSS 5.7
MEDIUM PATCH This Month

There's a flaw in Python 3's pydoc. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Python Information Disclosure Fedora +8
NVD
EPSS 8% CVSS 8.6
HIGH PATCH This Week

There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Libxml2 +27
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A flaw was found in libdnf's signature verification functionality in versions before 0.60.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Jwt Attack Libdnf +2
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

A flaw was found in the RPM package in the read functionality. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Jwt Attack Rpm +2
NVD
EPSS 4% CVSS 8.8
HIGH PATCH This Week

There's a flaw in libxml2 in versions before 2.9.11. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Information Disclosure +18
NVD
EPSS 4% CVSS 5.9
MEDIUM PATCH This Month

A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Libxml2 +18
NVD
EPSS 0% CVSS 6.0
MEDIUM PATCH This Month

An out-of-bounds heap buffer access issue was found in the ARM Generic Interrupt Controller emulator of QEMU up to and including qemu 4.2.0on aarch64 platform. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Qemu +2
NVD
EPSS 2% CVSS 5.4
MEDIUM PATCH This Month

A flaw was found in the hivex library in versions before 1.3.20. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Microsoft Information Disclosure +4
NVD
EPSS 1% CVSS 6.7
MEDIUM PATCH This Month

An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux kernel before 5.12. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Linux Memory Corruption +3
NVD GitHub
EPSS 0% CVSS 6.1
MEDIUM POC This Month

A heap buffer overflow was found in the floppy disk emulator of QEMU up to 6.0.0 (including). Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Qemu Debian Linux +1
NVD
EPSS 0% CVSS 7.1
HIGH PATCH This Week

A flaw was found in the Linux kernel in versions before 5.12. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Linux Memory Corruption +19
NVD
EPSS 2% CVSS 6.8
MEDIUM This Month

A flaw was found in samba. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Microsoft Information Disclosure +4
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

A flaw was found in xorg-x11-server in versions before 1.20.11. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Privilege Escalation X Server +3
NVD
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

A flaw was found in cifs-utils in versions before 6.13. Rated medium severity (CVSS 6.1).

Information Disclosure Cifs Utils Enterprise Linux +1
NVD
EPSS 0% CVSS 5.5
MEDIUM POC PATCH This Month

A flaw was found in libtpms in versions before 0.8.0. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Libtpms Enterprise Linux +1
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A heap corruption vulnerability exists in GStreamer media framework versions before 1.18.4 when parsing malformed Matroska (MKV) video files. An attacker can craft a malicious Matroska file that, when processed by a vulnerable GStreamer installation, triggers heap memory corruption leading to potential code execution with the privileges of the application using GStreamer. While not known to be actively exploited in the wild (not in KEV), a public proof-of-concept exploit is available and the EPSS score of 0.24% indicates moderate exploitation likelihood.

Information Disclosure Debian Linux Enterprise Linux +1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A use-after-free vulnerability exists in GStreamer's Matroska demuxer that can be triggered when processing malformed video files, potentially allowing attackers to execute arbitrary code or cause application crashes. The vulnerability affects GStreamer versions before 1.18.4 and requires local access with user interaction to exploit. With an EPSS score of only 0.18% and no KEV listing, this vulnerability has low real-world exploitation probability despite its high CVSS score of 7.8.

Use After Free Denial Of Service Gstreamer +2
NVD VulDB
Prev Page 5 of 13 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy