Skip to main content

Serenityos

7 CVEs product

Monthly

CVE-2021-33186 HIGH This Week

SerenityOS in test-crypto.cpp contains a stack buffer overflow which could allow attackers to obtain sensitive information. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Serenityos
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-33185 HIGH This Week

SerenityOS contains a buffer overflow in the set_range test in TestBitmap which could allow attackers to obtain sensitive information. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Serenityos
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-31272 CRITICAL PATCH Act Now

SerenityOS before commit 3844e8569689dd476064a0759d704bc64fb3ca2c contains a directory traversal vulnerability in tar/unzip that may lead to command execution or privilege escalation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Privilege Escalation Path Traversal Serenityos
NVD GitHub
CVSS 3.1
9.8
EPSS
3.2%
CVE-2021-30045 CRITICAL PATCH Act Now

SerenityOS 2021-03-27 contains a buffer overflow vulnerability in the EndOfCentralDirectory::read() function. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Serenityos
NVD GitHub
CVSS 3.1
9.1
EPSS
1.8%
CVE-2021-28874 HIGH This Week

SerenityOS fixed as of c9f25bca048443e317f1994ba9b106f2386688c3 contains a buffer overflow vulnerability in LibTextCode through opening a crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Serenityos
NVD GitHub
CVSS 3.1
7.8
EPSS
1.0%
CVE-2021-27343 HIGH PATCH This Week

SerenityOS Unspecified is affected by: Buffer Overflow. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Serenityos
NVD GitHub
CVSS 3.1
7.5
EPSS
1.7%
CVE-2019-20172 HIGH POC PATCH This Week

Kernel/VM/MemoryManager.cpp in SerenityOS before 2019-12-30 does not reject syscalls with pointers into the kernel-only virtual address space, which allows local users to gain privileges by. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Serenityos
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
EPSS 1% CVSS 7.5
HIGH This Week

SerenityOS in test-crypto.cpp contains a stack buffer overflow which could allow attackers to obtain sensitive information. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Serenityos
NVD GitHub
EPSS 1% CVSS 7.5
HIGH This Week

SerenityOS contains a buffer overflow in the set_range test in TestBitmap which could allow attackers to obtain sensitive information. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Serenityos
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

SerenityOS before commit 3844e8569689dd476064a0759d704bc64fb3ca2c contains a directory traversal vulnerability in tar/unzip that may lead to command execution or privilege escalation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Privilege Escalation Path Traversal Serenityos
NVD GitHub
EPSS 2% CVSS 9.1
CRITICAL PATCH Act Now

SerenityOS 2021-03-27 contains a buffer overflow vulnerability in the EndOfCentralDirectory::read() function. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Serenityos
NVD GitHub
EPSS 1% CVSS 7.8
HIGH This Week

SerenityOS fixed as of c9f25bca048443e317f1994ba9b106f2386688c3 contains a buffer overflow vulnerability in LibTextCode through opening a crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Serenityos
NVD GitHub
EPSS 2% CVSS 7.5
HIGH PATCH This Week

SerenityOS Unspecified is affected by: Buffer Overflow. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Serenityos
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC PATCH This Week

Kernel/VM/MemoryManager.cpp in SerenityOS before 2019-12-30 does not reject syscalls with pointers into the kernel-only virtual address space, which allows local users to gain privileges by. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Serenityos
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy