CVE-2021-3773
A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks. Devamını Oku
Devamını oku
CVE-2021-3781
A trivial sandbox (enabled with the `-dSAFER` option) escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript interpreter. The highest threat from this vulnerability is to confidentiality, integrity, as…
CVE-2021-3551
A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This flaw allows a local attacker to retrieve the file to obtain the admin password and gain admin privileges to the Dogtag CA manager. The highest threat from this vulnerability is…
CVE-2021-3557
A flaw was found in argocd. Any unprivileged user is able to deploy argocd in their namespace and with the created ServiceAccount argocd-argocd-server, the unprivileged user is able to read all resources of the cluster including all secrets which might enable privilege escalations. The highest threat from this vulnerability is to data confidentiality. Devamını Oku
CVE-2021-3648
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-3530. Reason: This candidate is a reservation duplicate of CVE-2021-3530. Notes: All CVE users should reference CVE-2021-3530 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. Devamını Oku
CVE-2020-6918
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software. Devamını Oku
CVE-2020-6919
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software. Devamını Oku
CVE-2020-6920
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software. Devamını Oku
CVE-2020-6921
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software. Devamını Oku
CVE-2020-6922
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software. Devamını Oku
CVE-2021-21958
A heap-based buffer overflow vulnerability exists in the Hword HwordApp.dll functionality of Hancom Office 2020 11.0.0.2353. A specially-crafted malformed file can lead to memory corruption and potential arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. Devamını Oku
CVE-2021-21966
An information disclosure vulnerability exists in the HTTP Server /ping.html functionality of Texas Instruments CC3200 SimpleLink Solution NWP 2.9.0.0. A specially-crafted HTTP request can lead to an uninitialized read. An attacker can send an HTTP request to trigger this vulnerability. Devamını Oku