cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*

CVE-2021-44026

Known Exploited Vulnerability
Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to a potential SQL injection via search or search_params.
Max CVSS
9.8
Published
2021-11-19
Updated
2021-12-16
EPSS
0.84%
KEV Added
2023-06-22
Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to XSS in handling an attachment's filename extension when displaying a MIME type warning message.
Max CVSS
6.1
Published
2021-11-19
Updated
2021-12-16
EPSS
0.13%
An issue was discovered in the Linux kernel for powerpc before 5.14.15. It allows a malicious KVM guest to crash the host, when the host is running on Power8, due to an arch/powerpc/kvm/book3s_hv_rmhandlers.S implementation bug in the handling of the SRR1 register values.
Max CVSS
5.5
Published
2021-10-28
Updated
2021-11-28
EPSS
0.05%
BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not confined by the sandbox, by abusing VFS syscalls that manipulate its filesystem namespace. The impact is limited to host services that create UNIX sockets that WebKit mounts inside its sandbox, and the sandboxed process remains otherwise confined. NOTE: this is similar to CVE-2021-41133.
Max CVSS
5.3
Published
2021-10-20
Updated
2021-11-26
EPSS
0.05%
A heap-based buffer overflow flaw was found in the Linux kernel FireDTV media card driver, where the user calls the CA_SEND_MSG ioctl. This flaw allows a local user of the host machine to crash the system or escalate privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Max CVSS
6.7
Published
2021-10-20
Updated
2022-11-07
EPSS
0.04%
An issue was discovered in stb stb_image.h 2.27. The PNM loader incorrectly interpreted 16-bit PGM files as 8-bit when converting to RGBA, leading to a buffer overflow when later reinterpreting the result as a 16-bit buffer. An attacker could potentially have crashed a service using stb_image, or read up to 1024 bytes of non-consecutive heap data without control over the read location.
Max CVSS
7.1
Published
2021-10-21
Updated
2022-05-13
EPSS
0.18%
An issue was discovered in stb stb_image.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An attacker could potentially have caused denial of service in applications using stb_image by submitting crafted HDR files.
Max CVSS
5.5
Published
2021-10-21
Updated
2023-02-22
EPSS
0.11%
** DISPUTED ** An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control sequences, which can be used to craft source code that renders different logic than the logical ordering of tokens ingested by compilers and interpreters. Adversaries can leverage this to encode source code for compilers accepting Unicode such that targeted vulnerabilities are introduced invisibly to human reviewers. NOTE: the Unicode Consortium offers the following alternative approach to presenting this concern. An issue is noted in the nature of international text that can affect applications that implement support for The Unicode Standard and the Unicode Bidirectional Algorithm (all versions). Due to text display behavior when text includes left-to-right and right-to-left characters, the visual order of tokens may be different from their logical order. Additionally, control characters needed to fully support the requirements of bidirectional text can further obfuscate the logical order of tokens. Unless mitigated, an adversary could craft source code such that the ordering of tokens perceived by human reviewers does not match what will be processed by a compiler/interpreter/etc. The Unicode Consortium has documented this class of vulnerability in its document, Unicode Technical Report #36, Unicode Security Considerations. The Unicode Consortium also provides guidance on mitigations for this class of issues in Unicode Technical Standard #39, Unicode Security Mechanisms, and in Unicode Standard Annex #31, Unicode Identifier and Pattern Syntax. Also, the BIDI specification allows applications to tailor the implementation in ways that can mitigate misleading visual reordering in program text; see HL4 in Unicode Standard Annex #9, Unicode Bidirectional Algorithm.
Max CVSS
8.3
Published
2021-11-01
Updated
2022-10-25
EPSS
0.25%
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc function
Max CVSS
7.2
Published
2021-11-15
Updated
2023-04-25
EPSS
0.24%
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function
Max CVSS
7.2
Published
2021-11-15
Updated
2023-04-25
EPSS
0.24%
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special function
Max CVSS
7.2
Published
2021-11-15
Updated
2023-04-25
EPSS
0.24%
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function
Max CVSS
7.2
Published
2021-11-15
Updated
2023-04-25
EPSS
0.24%
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s function
Max CVSS
7.2
Published
2021-11-15
Updated
2023-04-25
EPSS
0.24%
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init function
Max CVSS
7.2
Published
2021-11-15
Updated
2023-04-25
EPSS
0.24%
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function
Max CVSS
7.2
Published
2021-11-15
Updated
2023-04-25
EPSS
0.24%
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file function
Max CVSS
7.2
Published
2021-11-15
Updated
2023-04-25
EPSS
0.24%
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i function
Max CVSS
7.2
Published
2021-11-15
Updated
2023-04-25
EPSS
0.24%
An attacker-controlled pointer free in Busybox's hush applet leads to denial of service and possible code execution when processing a crafted shell command, due to the shell mishandling the &&& string. This may be used for remote code execution under rare conditions of filtered command input.
Max CVSS
9.8
Published
2021-11-15
Updated
2023-04-25
EPSS
1.33%
A NULL pointer dereference in Busybox's hush applet leads to denial of service when processing a crafted shell command, due to missing validation after a \x03 delimiter character. This may be used for DoS under very rare conditions of filtered command input.
Max CVSS
5.5
Published
2021-11-15
Updated
2023-04-25
EPSS
0.05%
An incorrect handling of a special element in Busybox's ash applet leads to denial of service when processing a crafted shell command, due to the shell mistaking specific characters for reserved characters. This may be used for DoS under rare conditions of filtered command input.
Max CVSS
5.5
Published
2021-11-15
Updated
2023-04-25
EPSS
0.05%
An out-of-bounds heap read in Busybox's unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed. This can be triggered by any applet/format that
Max CVSS
5.3
Published
2021-11-15
Updated
2023-04-25
EPSS
0.12%
A NULL pointer dereference in Busybox's man applet leads to denial of service when a section name is supplied but no page argument is given
Max CVSS
5.5
Published
2021-11-15
Updated
2023-04-25
EPSS
0.05%
The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests with different certificates to fill the cache and later trigger the replacement of cache entries. The code attempts to select a less-often-used cache entry by means of a random number generator, but this is not done correctly. Remote code execution might be a slight possibility.
Max CVSS
7.5
Published
2021-10-18
Updated
2022-04-12
EPSS
6.08%
The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For example, this can be triggered by an unrelated self-signed CA certificate sent by an initiator. Remote code execution cannot occur.
Max CVSS
7.5
Published
2021-10-18
Updated
2022-04-12
EPSS
2.95%
prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write.
Max CVSS
7.8
Published
2021-10-02
Updated
2022-03-25
EPSS
0.05%
817 vulnerabilities found
1 2 3 4 5 6 ...... 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!