# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2021-44832 |
20 |
|
Exec Code |
2021-12-28 |
2022-08-09 |
8.5 |
None |
Remote |
Medium |
??? |
Complete |
Complete |
Complete |
Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2. |
2 |
CVE-2021-28660 |
787 |
|
|
2021-03-17 |
2023-01-19 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the ->ssid[] array. NOTE: from the perspective of kernel.org releases, CVE IDs are not normally used for drivers/staging/* (unfinished work); however, system integrators may have situations in which a drivers/staging issue is relevant to their own customer base. |
3 |
CVE-2021-20240 |
787 |
|
Exec Code |
2021-05-28 |
2021-06-02 |
8.3 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Complete |
A flaw was found in gdk-pixbuf in versions before 2.42.0. An integer wraparound leading to an out of bounds write can occur when a crafted GIF image is loaded. An attacker may cause applications to crash or could potentially execute code on the victim system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
4 |
CVE-2021-3968 |
122 |
|
Overflow |
2021-11-19 |
2022-08-26 |
8.5 |
None |
Remote |
Medium |
??? |
Complete |
Complete |
Complete |
vim is vulnerable to Heap-based Buffer Overflow |
5 |
CVE-2021-3570 |
787 |
|
Exec Code +Info |
2021-07-09 |
2022-10-07 |
8.0 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Complete |
A flaw was found in the ptp4l program of the linuxptp package. A missing length check when forwarding a PTP message between ports allows a remote attacker to cause an information leak, crash, or potentially remote code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. This flaw affects linuxptp versions before 3.1.1, before 2.0.1, before 1.9.3, before 1.8.1, before 1.7.1, before 1.6.1 and before 1.5.1. |
6 |
CVE-2020-25717 |
20 |
|
|
2022-02-18 |
2022-02-25 |
8.5 |
None |
Remote |
Low |
??? |
Complete |
Complete |
None |
A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation. |
7 |
CVE-2020-25682 |
122 |
|
Exec Code Overflow |
2021-01-20 |
2021-03-26 |
8.3 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Complete |
A flaw was found in dnsmasq before 2.83. A buffer overflow vulnerability was discovered in the way dnsmasq extract names from DNS packets before validating them with DNSSEC data. An attacker on the network, who can create valid DNS replies, could use this flaw to cause an overflow with arbitrary data in a heap-allocated memory, possibly executing code on the machine. The flaw is in the rfc1035.c:extract_name() function, which writes data to the memory pointed by name assuming MAXDNAME*2 bytes are available in the buffer. However, in some code execution paths, it is possible extract_name() gets passed an offset from the base buffer, thus reducing, in practice, the number of available bytes that can be written in the buffer. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
8 |
CVE-2020-25681 |
122 |
|
Overflow |
2021-01-20 |
2021-03-26 |
8.3 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Complete |
A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating with DNSSEC data. An attacker on the network, who can forge DNS replies such as that they are accepted as valid, could use this flaw to cause a buffer overflow with arbitrary data in a heap memory segment, possibly executing code on the machine. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
9 |
CVE-2020-14352 |
22 |
|
Dir. Trav. |
2020-08-30 |
2020-11-09 |
8.5 |
None |
Remote |
Medium |
??? |
Complete |
Complete |
Complete |
A flaw was found in librepo in versions before 1.12.1. A directory traversal vulnerability was found where it failed to sanitize paths in remote repository metadata. An attacker controlling a remote repository may be able to copy files outside of the destination directory on the targeted system via path traversal. This flaw could potentially result in system compromise via the overwriting of critical system files. The highest threat from this flaw is to users that make use of untrusted third-party repositories. |
10 |
CVE-2019-18422 |
732 |
|
DoS +Priv |
2019-10-31 |
2023-02-03 |
8.5 |
None |
Remote |
Medium |
??? |
Complete |
Complete |
Complete |
An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of service or gain privileges by leveraging the erroneous enabling of interrupts. Interrupts are unconditionally unmasked in exception handlers. When an exception occurs on an ARM system which is handled without changing processor level, some interrupts are unconditionally enabled during exception entry. So exceptions which occur when interrupts are masked will effectively unmask the interrupts. A malicious guest might contrive to arrange for critical Xen code to run with interrupts erroneously enabled. This could lead to data corruption, denial of service, or possibly even privilege escalation. However a precise attack technique has not been identified. |
11 |
CVE-2019-3846 |
787 |
|
DoS Exec Code Overflow |
2019-06-03 |
2023-02-02 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
A flaw was found in the Linux kernel's Marvell wifi chip driver. A heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c allows remote attackers to cause a denial of service(system crash) or execute arbitrary code. |
12 |
CVE-2015-20107 |
77 |
|
|
2022-04-13 |
2022-11-28 |
8.0 |
None |
Remote |
Low |
??? |
Partial |
Complete |
Partial |
In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). The fix is also back-ported to 3.7, 3.8, 3.9 |
13 |
CVE-2010-3705 |
400 |
|
Mem. Corr. |
2010-11-26 |
2023-02-02 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
CVE-2010-3705 kernel: sctp memory corruption in HMAC handling |
14 |
CVE-2007-4364 |
287 |
|
Bypass |
2007-08-15 |
2017-07-29 |
8.5 |
None |
Remote |
Medium |
??? |
Complete |
Complete |
Complete |
Fedora Commons before 2.2.1 does not properly handle certain authentication requests involving Java Naming and Directory Interface (JNDI), related to (1) a nonexistent account name in combination with an empty password, which allows remote attackers to trigger a certain "unexpected / strange response" from an LDAP server, and (2) a reauthentication attempt that throws an exception, which allows remote attackers to trigger use of a cached authentication decision. NOTE: authentication can be bypassed by using vector 1 followed by vector 2, and possibly can be bypassed by using a single vector. |