Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2018-20005

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-10 Dec, 2018 | 06:00
Updated At-05 Aug, 2024 | 11:51
Rejected At-
Credits

An issue has been found in Mini-XML (aka mxml) 2.12. It is a use-after-free in mxmlWalkNext in mxml-search.c, as demonstrated by mxmldoc.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:10 Dec, 2018 | 06:00
Updated At:05 Aug, 2024 | 11:51
Rejected At:
▼CVE Numbering Authority (CNA)

An issue has been found in Mini-XML (aka mxml) 2.12. It is a use-after-free in mxmlWalkNext in mxml-search.c, as demonstrated by mxmldoc.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/michaelrsweet/mxml/issues/234
x_refsource_MISC
https://github.com/fouzhe/security/tree/master/mxml#heap-use-after-free-in-function-mxmlwalknext
x_refsource_MISC
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N53IJHDYR5HVQLKH4J6B27OEQLGKSGY5/
vendor-advisory
x_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNWF6BAU7S42O4LE4B74KIMHFE2HDNMI/
vendor-advisory
x_refsource_FEDORA
Hyperlink: https://github.com/michaelrsweet/mxml/issues/234
Resource:
x_refsource_MISC
Hyperlink: https://github.com/fouzhe/security/tree/master/mxml#heap-use-after-free-in-function-mxmlwalknext
Resource:
x_refsource_MISC
Hyperlink: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N53IJHDYR5HVQLKH4J6B27OEQLGKSGY5/
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNWF6BAU7S42O4LE4B74KIMHFE2HDNMI/
Resource:
vendor-advisory
x_refsource_FEDORA
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/michaelrsweet/mxml/issues/234
x_refsource_MISC
x_transferred
https://github.com/fouzhe/security/tree/master/mxml#heap-use-after-free-in-function-mxmlwalknext
x_refsource_MISC
x_transferred
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N53IJHDYR5HVQLKH4J6B27OEQLGKSGY5/
vendor-advisory
x_refsource_FEDORA
x_transferred
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNWF6BAU7S42O4LE4B74KIMHFE2HDNMI/
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: https://github.com/michaelrsweet/mxml/issues/234
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/fouzhe/security/tree/master/mxml#heap-use-after-free-in-function-mxmlwalknext
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N53IJHDYR5HVQLKH4J6B27OEQLGKSGY5/
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNWF6BAU7S42O4LE4B74KIMHFE2HDNMI/
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:10 Dec, 2018 | 06:29
Updated At:07 Nov, 2023 | 02:56

An issue has been found in Mini-XML (aka mxml) 2.12. It is a use-after-free in mxmlWalkNext in mxml-search.c, as demonstrated by mxmldoc.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.05.5MEDIUM
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Primary2.04.3MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
Type: Primary
Version: 3.0
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 4.3
Base severity: MEDIUM
Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P
CPE Matches
msweet
msweet
>>mini-xml>>2.12
cpe:2.3:a:msweet:mini-xml:2.12:*:*:*:*:*:*:*
Fedora Project
fedoraproject
>>fedora>>28
cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
Fedora Project
fedoraproject
>>fedora>>29
cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-416Primarynvd@nist.gov
CWE ID: CWE-416
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/fouzhe/security/tree/master/mxml#heap-use-after-free-in-function-mxmlwalknextcve@mitre.org
Exploit
Third Party Advisory
https://github.com/michaelrsweet/mxml/issues/234cve@mitre.org
Issue Tracking
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N53IJHDYR5HVQLKH4J6B27OEQLGKSGY5/cve@mitre.org
N/A
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNWF6BAU7S42O4LE4B74KIMHFE2HDNMI/cve@mitre.org
N/A
Hyperlink: https://github.com/fouzhe/security/tree/master/mxml#heap-use-after-free-in-function-mxmlwalknext
Source: cve@mitre.org
Resource:
Exploit
Third Party Advisory
Hyperlink: https://github.com/michaelrsweet/mxml/issues/234
Source: cve@mitre.org
Resource:
Issue Tracking
Third Party Advisory
Hyperlink: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N53IJHDYR5HVQLKH4J6B27OEQLGKSGY5/
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNWF6BAU7S42O4LE4B74KIMHFE2HDNMI/
Source: cve@mitre.org
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

976Records found
CVE-2021-46141
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.09% / 25.67%
||
7 Day CHG~0.00%
Published-06 Jan, 2022 | 03:48
Updated-04 Aug, 2024 | 05:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriFreeUriMembers and uriMakeOwner.

Action-Not Available
Vendor-uriparser_projectn/aDebian GNU/LinuxopenSUSEFedora Project
Product-uriparserdebian_linuxfactoryextra_packages_for_enterprise_linuxfedorabackportsleapn/a
CWE ID-CWE-416
Use After Free
CVE-2021-46022
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.19% / 41.53%
||
7 Day CHG~0.00%
Published-14 Jan, 2022 | 00:00
Updated-04 Aug, 2024 | 04:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Use-After-Free vulnerability in rec_mset_elem_destroy() at rec-mset.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash.

Action-Not Available
Vendor-n/aGNUFedora Project
Product-fedorarecutilsn/a
CWE ID-CWE-416
Use After Free
CVE-2019-5805
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-6.5||MEDIUM
EPSS-2.03% / 83.05%
||
7 Day CHG~0.00%
Published-27 Jun, 2019 | 16:13
Updated-04 Aug, 2024 | 20:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

Action-Not Available
Vendor-Google LLCopenSUSEFedora ProjectDebian GNU/Linux
Product-debian_linuxchromefedorabackportsleapChrome
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-46021
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.13% / 33.09%
||
7 Day CHG~0.00%
Published-14 Jan, 2022 | 20:02
Updated-04 Aug, 2024 | 04:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Use-After-Free vulnerability in rec_record_destroy() at rec-record.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash.

Action-Not Available
Vendor-n/aGNUFedora Project
Product-fedorarecutilsn/a
CWE ID-CWE-416
Use After Free
CVE-2021-46142
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.09% / 25.67%
||
7 Day CHG~0.00%
Published-06 Jan, 2022 | 03:48
Updated-04 Aug, 2024 | 05:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax.

Action-Not Available
Vendor-uriparser_projectn/aDebian GNU/LinuxopenSUSEFedora Project
Product-uriparserdebian_linuxfactoryextra_packages_for_enterprise_linuxfedorabackportsleapn/a
CWE ID-CWE-416
Use After Free
CVE-2021-36976
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.11% / 29.34%
||
7 Day CHG~0.00%
Published-20 Jul, 2021 | 06:49
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block).

Action-Not Available
Vendor-n/aApple Inc.Splunk LLC (Cisco Systems, Inc.)Fedora Projectlibarchive
Product-iphone_oslibarchiveipadoswatchosfedoramacosuniversal_forwardern/a
CWE ID-CWE-416
Use After Free
CVE-2021-30469
Matching Score-10
Assigner-Fedora Project
ShareView Details
Matching Score-10
Assigner-Fedora Project
CVSS Score-5.5||MEDIUM
EPSS-0.17% / 38.41%
||
7 Day CHG~0.00%
Published-26 May, 2021 | 21:37
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in PoDoFo 0.9.7. An use-after-free in PoDoFo::PdfVecObjects::Clear() function can cause a denial of service via a crafted PDF file.

Action-Not Available
Vendor-podofo_projectn/aRed Hat, Inc.Fedora Project
Product-podofofedoraenterprise_linuxpodofo
CWE ID-CWE-416
Use After Free
CVE-2010-0302
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-5.29% / 89.63%
||
7 Day CHG~0.00%
Published-05 Mar, 2010 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS before 1.4.4, when kqueue or epoll is used, allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-3553.

Action-Not Available
Vendor-n/aCanonical Ltd.Fedora ProjectRed Hat, Inc.Apple Inc.
Product-ubuntu_linuxenterprise_linuxfedoraenterprise_linux_workstationenterprise_linux_serverenterprise_linux_desktopcupsenterprise_linux_eusmac_os_xmac_os_x_servern/a
CWE ID-CWE-416
Use After Free
CVE-2009-2416
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.30% / 52.48%
||
7 Day CHG~0.00%
Published-11 Aug, 2009 | 18:00
Updated-21 Jan, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, as demonstrated by the Codenomicon XML fuzzing framework.

Action-Not Available
Vendor-n/aGoogle LLCFedora ProjectCanonical Ltd.libxml2 (XMLSoft)Debian GNU/LinuxSUSEopenSUSERed Hat, Inc.Apple Inc.VMware (Broadcom Inc.)Sun Microsystems (Oracle Corporation)
Product-vcenter_serverdebian_linuxenterprise_linuxiphone_osfedorasafarivmaopenoffice.orglibxmllinux_enterpriseubuntu_linuxmac_os_xopensuselibxml2linux_enterprise_serveresxmac_os_x_serveresxichromen/a
CWE ID-CWE-416
Use After Free
CVE-2018-20592
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.36% / 57.11%
||
7 Day CHG~0.00%
Published-30 Dec, 2018 | 18:00
Updated-05 Aug, 2024 | 12:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Mini-XML (aka mxml) v2.12, there is a use-after-free in the mxmlAdd function of the mxml-node.c file. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted xml file, as demonstrated by mxmldoc.

Action-Not Available
Vendor-msweetn/aFedora Project
Product-mini-xmlfedoran/a
CWE ID-CWE-416
Use After Free
CVE-2015-5221
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.23% / 45.65%
||
7 Day CHG-0.05%
Published-25 Jul, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in the mif_process_cmpt function in libjasper/mif/mif_cod.c in the JasPer JPEG-2000 library before 1.900.2 allows remote attackers to cause a denial of service (crash) via a crafted JPEG 2000 image file.

Action-Not Available
Vendor-n/aopenSUSEJasPerFedora Project
Product-fedorajasperopensuseleapn/a
CWE ID-CWE-416
Use After Free
CVE-2022-23308
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 13.36%
||
7 Day CHG~0.00%
Published-26 Feb, 2022 | 00:00
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.

Action-Not Available
Vendor-n/aOracle CorporationNetApp, Inc.Fedora ProjectApple Inc.libxml2 (XMLSoft)Debian GNU/Linux
Product-h410sactive_iq_unified_managerdebian_linuxh500s_firmwarecommunications_cloud_native_core_binding_support_functionbootstrap_osh410c_firmwareh410ch700sh500smysql_workbenchh700e_firmwarezfs_storage_appliance_kitontap_select_deploy_administration_utilitycommunications_cloud_native_core_network_function_cloud_native_environmenth500e_firmwaresolidfire\,_enterprise_sds_\&_hci_storage_nodetvosclustered_data_ontap_antivirus_connectorclustered_data_ontaph300ecommunications_cloud_native_core_network_repository_functioncommunications_cloud_native_core_unified_data_repositoryh300e_firmwaremacoswatchossolidfire_\&_hci_management_nodeh700eipadosmac_os_xhci_compute_nodeh500eh700s_firmwaresmi-s_providerfedoracommunications_cloud_native_core_network_slice_selection_functionh410s_firmwaresnapmanagerlibxml2h300s_firmwaremanageability_software_development_kitsnapdriveiphone_osh300sn/a
CWE ID-CWE-416
Use After Free
CVE-2020-25725
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-0.18% / 40.01%
||
7 Day CHG~0.00%
Published-21 Nov, 2020 | 05:29
Updated-04 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Xpdf 4.02, SplashOutputDev::endType3Char(GfxState *state) SplashOutputDev.cc:3079 is trying to use the freed `t3GlyphStack->cache`, which causes an `heap-use-after-free` problem. The codes of a previous fix for nested Type 3 characters wasn't correctly handling the case where a Type 3 char referred to another char in the same Type 3 font.

Action-Not Available
Vendor-xpdfreaderGlyph & CogFedora Project
Product-xpdffedoraxpdf
CWE ID-CWE-416
Use After Free
CVE-2020-16592
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.31% / 53.33%
||
7 Day CHG~0.00%
Published-09 Dec, 2020 | 21:05
Updated-04 Aug, 2024 | 13:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use after free issue exists in the Binary File Descriptor (BFD) library (aka libbfd) in GNU Binutils 2.34 in bfd_hash_lookup, as demonstrated in nm-new, that can cause a denial of service via a crafted file.

Action-Not Available
Vendor-n/aNetApp, Inc.GNUFedora Project
Product-ontap_select_deploy_administration_utilityfedorabinutilsn/a
CWE ID-CWE-416
Use After Free
CVE-2020-15986
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-6.5||MEDIUM
EPSS-1.31% / 78.99%
||
7 Day CHG~0.00%
Published-03 Nov, 2020 | 02:21
Updated-04 Aug, 2024 | 13:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in media in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Google LLCopenSUSEFedora ProjectDebian GNU/Linux
Product-chromebackports_sledebian_linuxfedoraChrome
CWE ID-CWE-416
Use After Free
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-0156
Matching Score-10
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-10
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-6.8||MEDIUM
EPSS-0.12% / 32.15%
||
7 Day CHG~0.00%
Published-10 Jan, 2022 | 15:26
Updated-02 Aug, 2024 | 23:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in vim/vim

vim is vulnerable to Use After Free

Action-Not Available
Vendor-Fedora ProjectVimApple Inc.
Product-fedoramacosvimvim/vim
CWE ID-CWE-416
Use After Free
CVE-2021-32613
Matching Score-10
Assigner-Fedora Project
ShareView Details
Matching Score-10
Assigner-Fedora Project
CVSS Score-5.5||MEDIUM
EPSS-0.35% / 56.77%
||
7 Day CHG~0.00%
Published-14 May, 2021 | 12:11
Updated-03 Aug, 2024 | 23:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In radare2 through 5.3.0 there is a double free vulnerability in the pyc parse via a crafted file which can lead to DoS.

Action-Not Available
Vendor-n/aFedora ProjectRadare2 (r2)
Product-fedoraradare2radare2
CWE ID-CWE-416
Use After Free
CWE ID-CWE-415
Double Free
CVE-2020-4031
Matching Score-10
Assigner-GitHub, Inc.
ShareView Details
Matching Score-10
Assigner-GitHub, Inc.
CVSS Score-3.5||LOW
EPSS-0.42% / 61.25%
||
7 Day CHG~0.00%
Published-22 Jun, 2020 | 00:00
Updated-04 Aug, 2024 | 07:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use-After-Free in gdi_SelectObject in FreeRDP

In FreeRDP before version 2.1.2, there is a use-after-free in gdi_SelectObject. All FreeRDP clients using compatibility mode with /relax-order-checks are affected. This is fixed in version 2.1.2.

Action-Not Available
Vendor-Canonical Ltd.FreeRDPopenSUSEFedora ProjectDebian GNU/Linux
Product-ubuntu_linuxdebian_linuxfreerdpfedoraleapFreeRDP
CWE ID-CWE-416
Use After Free
CVE-2021-45942
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.15% / 36.78%
||
7 Day CHG~0.00%
Published-31 Dec, 2021 | 00:00
Updated-04 Aug, 2024 | 04:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in Imf_3_1::LineCompositeTask::execute (called from IlmThread_3_1::NullThreadPoolProvider::addTask and IlmThread_3_1::ThreadPool::addGlobalTask). NOTE: db217f2 may be inapplicable.

Action-Not Available
Vendor-openexrn/aDebian GNU/LinuxFedora Project
Product-openexrdebian_linuxfedoran/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-46019
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.20% / 42.27%
||
7 Day CHG~0.00%
Published-14 Jan, 2022 | 00:00
Updated-04 Aug, 2024 | 04:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An untrusted pointer dereference in rec_db_destroy() at rec-db.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash.

Action-Not Available
Vendor-n/aGNUFedora Project
Product-fedorarecutilsn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-45293
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.18% / 39.74%
||
7 Day CHG~0.00%
Published-21 Dec, 2021 | 17:54
Updated-04 Aug, 2024 | 04:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Denial of Service vulnerability exists in Binaryen 103 due to an Invalid memory address dereference in wasm::WasmBinaryBuilder::visitLet.

Action-Not Available
Vendor-webassemblyn/aFedora Project
Product-binaryenfedoran/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-45343
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.09% / 26.16%
||
7 Day CHG~0.00%
Published-25 Jan, 2022 | 00:00
Updated-04 Aug, 2024 | 04:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In LibreCAD 2.2.0, a NULL pointer dereference in the HATCH handling of libdxfrw allows an attacker to crash the application using a crafted DXF document.

Action-Not Available
Vendor-librecadn/aDebian GNU/LinuxFedora Project
Product-debian_linuxfedoralibrecadn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-45943
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.08% / 24.14%
||
7 Day CHG~0.00%
Published-31 Dec, 2021 | 00:00
Updated-04 Aug, 2024 | 04:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile (called from PCIDSK::CPCIDSKSegment::ReadFromFile and PCIDSK::CPCIDSKBinarySegment::CPCIDSKBinarySegment).

Action-Not Available
Vendor-osgeon/aOracle CorporationFedora ProjectDebian GNU/Linux
Product-gdaldebian_linuxfedoraspatial_and_graphn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-6312
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.11% / 29.84%
||
7 Day CHG~0.00%
Published-10 Mar, 2017 | 02:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (segmentation fault and application crash) via a crafted image entry offset in an ICO file, which triggers an out-of-bounds read, related to compiler optimizations.

Action-Not Available
Vendor-n/aDebian GNU/LinuxThe GNOME ProjectFedora Project
Product-gdk-pixbufdebian_linuxfedoran/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-45958
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.24% / 46.86%
||
7 Day CHG~0.00%
Published-31 Dec, 2021 | 23:52
Updated-04 Aug, 2024 | 04:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

UltraJSON (aka ujson) through 5.1.0 has a stack-based buffer overflow in Buffer_AppendIndentUnchecked (called from encode). Exploitation can, for example, use a large amount of indentation.

Action-Not Available
Vendor-ultrajson_projectn/aDebian GNU/LinuxFedora Project
Product-debian_linuxultrajsonfedoran/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-45930
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.08% / 24.41%
||
7 Day CHG~0.00%
Published-31 Dec, 2021 | 00:00
Updated-04 Aug, 2024 | 04:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Qt SVG in Qt 5.0.0 through 5.15.2 and 6.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate::QCommonArrayOps<QPainterPath::Element>::growAppend (called from QPainterPath::addPath and QPathClipper::intersect).

Action-Not Available
Vendor-qtn/aDebian GNU/LinuxFedora Project
Product-debian_linuxqtsvgfedoran/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-45931
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.16% / 37.16%
||
7 Day CHG~0.00%
Published-31 Dec, 2021 | 23:58
Updated-04 Aug, 2024 | 04:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HarfBuzz 2.9.0 has an out-of-bounds write in hb_bit_set_invertible_t::set (called from hb_sparseset_t<hb_bit_set_invertible_t>::set and hb_set_copy).

Action-Not Available
Vendor-harfbuzz_projectn/aFedora Project
Product-harfbuzzfedoran/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-43519
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.06% / 19.07%
||
7 Day CHG-0.00%
Published-09 Nov, 2021 | 12:26
Updated-04 Aug, 2024 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform a Denial of Service via a crafted script file.

Action-Not Available
Vendor-luan/aFedora Project
Product-luafedoran/a
CWE ID-CWE-674
Uncontrolled Recursion
CVE-2021-42715
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 23.02%
||
7 Day CHG~0.00%
Published-21 Oct, 2021 | 00:00
Updated-04 Aug, 2024 | 03:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in stb stb_image.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An attacker could potentially have caused denial of service in applications using stb_image by submitting crafted HDR files.

Action-Not Available
Vendor-nothingsn/aDebian GNU/LinuxFedora Project
Product-fedoradebian_linuxstb_image.hn/a
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2021-4183
Matching Score-8
Assigner-GitLab Inc.
ShareView Details
Matching Score-8
Assigner-GitLab Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 15.40%
||
7 Day CHG~0.00%
Published-30 Dec, 2021 | 00:00
Updated-03 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Crash in the pcapng file parser in Wireshark 3.6.0 allows denial of service via crafted capture file

Action-Not Available
Vendor-Wireshark FoundationOracle CorporationFedora Project
Product-wiresharkhttp_serverfedorazfs_storage_appliance_kitWireshark
CWE ID-CWE-125
Out-of-bounds Read
CVE-2013-4589
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.3||MEDIUM
EPSS-2.35% / 84.27%
||
7 Day CHG~0.00%
Published-23 Nov, 2013 | 11:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ExportAlphaQuantumType function in export.c in GraphicsMagick before 1.3.18 might allow remote attackers to cause a denial of service (crash) via vectors related to exporting the alpha of an 8-bit RGBA image.

Action-Not Available
Vendor-n/aFedora ProjectGraphicsMagickNovell
Product-suse_linux_enterprise_debuginfofedoragraphicsmagicksuse_studio_onsitesuse_linux_enterprise_software_development_kitn/a
CVE-2013-1812
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.53% / 66.30%
||
7 Day CHG~0.00%
Published-12 Dec, 2013 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ruby-openid gem before 2.2.2 for Ruby allows remote OpenID providers to cause a denial of service (CPU consumption) via (1) a large XRDS document or (2) an XML Entity Expansion (XEE) attack.

Action-Not Available
Vendor-janrainn/aFedora Project
Product-fedoraruby-openidn/a
CVE-2020-11863
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.49% / 64.47%
||
7 Day CHG~0.00%
Published-11 May, 2020 | 15:08
Updated-04 Aug, 2024 | 11:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows denial of service (issue 1 of 2).

Action-Not Available
Vendor-libemf_projectn/aopenSUSEFedora Project
Product-libemffedoraleapn/a
CVE-2020-11864
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.46% / 63.01%
||
7 Day CHG~0.00%
Published-11 May, 2020 | 15:09
Updated-04 Aug, 2024 | 11:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows denial of service (issue 2 of 2).

Action-Not Available
Vendor-libemf_projectn/aopenSUSEFedora Project
Product-libemffedoraleapn/a
CVE-2020-11765
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.35% / 56.74%
||
7 Day CHG~0.00%
Published-14 Apr, 2020 | 22:41
Updated-04 Aug, 2024 | 11:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in OpenEXR before 2.4.1. There is an off-by-one error in use of the ImfXdr.h read function by DwaCompressor::Classifier::Classifier, leading to an out-of-bounds read.

Action-Not Available
Vendor-openexrn/aDebian GNU/LinuxCanonical Ltd.openSUSEFedora ProjectApple Inc.
Product-ubuntu_linuxitunesiphone_osdebian_linuxipadostvoswatchosfedoramac_os_xopenexricloudleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-193
Off-by-one Error
CVE-2021-3875
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.62%
||
7 Day CHG~0.00%
Published-15 Oct, 2021 | 13:40
Updated-03 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Heap-based Buffer Overflow in vim/vim

vim is vulnerable to Heap-based Buffer Overflow

Action-Not Available
Vendor-Fedora ProjectVim
Product-fedoravimvim/vim
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-37615
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-4.7||MEDIUM
EPSS-0.07% / 23.13%
||
7 Day CHG~0.00%
Published-09 Aug, 2021 | 00:00
Updated-04 Aug, 2024 | 01:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Null pointer dereference in Exiv2::Internal::resolveLens0x319

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A null pointer dereference was found in Exiv2 versions v0.27.4 and earlier. The null pointer dereference is triggered when Exiv2 is used to print the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when printing the interpreted (translated) data, which is a less frequently used Exiv2 operation that requires an extra command line option (`-p t` or `-P t`). The bug is fixed in version v0.27.5.

Action-Not Available
Vendor-Fedora ProjectExiv2
Product-exiv2fedoraexiv2
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-37220
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.11% / 30.89%
||
7 Day CHG~0.00%
Published-21 Jul, 2021 | 21:02
Updated-04 Aug, 2024 | 01:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MuPDF through 1.18.1 has an out-of-bounds write because the cached color converter does not properly consider the maximum key size of a hash table. This can, for example, be seen with crafted "mutool draw" input.

Action-Not Available
Vendor-n/aFedora ProjectArtifex Software Inc.
Product-fedoramupdfn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-37616
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 23.13%
||
7 Day CHG~0.00%
Published-09 Aug, 2021 | 00:00
Updated-04 Aug, 2024 | 01:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Null pointer dereference in Exiv2::Internal::resolveLens0x8ff

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A null pointer dereference was found in Exiv2 versions v0.27.4 and earlier. The null pointer dereference is triggered when Exiv2 is used to print the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when printing the interpreted (translated) data, which is a less frequently used Exiv2 operation that requires an extra command line option (`-p t` or `-P t`). The bug is fixed in version v0.27.5.

Action-Not Available
Vendor-Fedora ProjectExiv2
Product-exiv2fedoraexiv2
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-36979
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.21% / 42.74%
||
7 Day CHG~0.00%
Published-20 Jul, 2021 | 06:48
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unicorn Engine 1.0.2 has an out-of-bounds write in tb_flush_armeb (called from cpu_arm_exec_armeb and tcg_cpu_exec_armeb).

Action-Not Available
Vendor-unicorn-enginen/aFedora Project
Product-unicorn_enginefedoran/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-37620
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-4.7||MEDIUM
EPSS-0.08% / 25.57%
||
7 Day CHG~0.00%
Published-09 Aug, 2021 | 00:00
Updated-04 Aug, 2024 | 01:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds read in XmpTextValue::read()

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.4 and earlier. The out-of-bounds read is triggered when Exiv2 is used to read the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. The bug is fixed in version v0.27.5.

Action-Not Available
Vendor-Debian GNU/LinuxFedora ProjectExiv2
Product-exiv2debian_linuxfedoraexiv2
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-3622
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.58% / 67.99%
||
7 Day CHG~0.00%
Published-23 Dec, 2021 | 20:31
Updated-03 Aug, 2024 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry (hive) file, which would cause hivex to recursively call the _get_children() function, leading to a stack overflow. The highest threat from this vulnerability is to system availability.

Action-Not Available
Vendor-n/aRed Hat, Inc.Fedora Project
Product-hivexenterprise_linux_workstationenterprise_linuxfedorahivex
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-3630
Matching Score-8
Assigner-Fedora Project
ShareView Details
Matching Score-8
Assigner-Fedora Project
CVSS Score-5.5||MEDIUM
EPSS-0.11% / 30.48%
||
7 Day CHG~0.00%
Published-30 Jun, 2021 | 13:27
Updated-03 Aug, 2024 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds write vulnerability was found in DjVuLibre in DJVU::DjVuTXT::decode() in DjVuText.cpp via a crafted djvu file which may lead to crash and segmentation fault. This flaw affects DjVuLibre versions prior to 3.5.28.

Action-Not Available
Vendor-djvulibre_projectn/aDebian GNU/LinuxFedora Project
Product-djvulibredebian_linuxfedoradjvulibre
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-36221
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.17% / 38.25%
||
7 Day CHG~0.00%
Published-08 Aug, 2021 | 00:00
Updated-04 Aug, 2024 | 00:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an ErrAbortHandler abort.

Action-Not Available
Vendor-n/aOracle CorporationFedora ProjectSiemens AGDebian GNU/LinuxGo
Product-scalance_lpe9403_firmwaredebian_linuxscalance_lpe9403fedoragotimesten_in-memory_databasen/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2021-3449
Matching Score-8
Assigner-OpenSSL Software Foundation
ShareView Details
Matching Score-8
Assigner-OpenSSL Software Foundation
CVSS Score-5.9||MEDIUM
EPSS-10.69% / 93.02%
||
7 Day CHG~0.00%
Published-25 Mar, 2021 | 14:25
Updated-17 Sep, 2024 | 03:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NULL pointer deref in signature_algorithms processing

An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).

Action-Not Available
Vendor-SonicWall Inc.FreeBSD FoundationCheck Point Software Technologies Ltd.Fedora ProjectOracle CorporationTenable, Inc.Siemens AGDebian GNU/LinuxMcAfee, LLCNode.js (OpenJS Foundation)OpenSSLNetApp, Inc.
Product-simatic_net_cp1243-7_lte_ussinamics_connect_300_firmwaresimatic_pcs_neosonicosscalance_s602_firmwarescalance_sc-600_firmwarescalance_xp-200simatic_s7-1200_cpu_1212csnapcenterscalance_xf-200basimatic_mv500quantum_security_gatewayessbasescalance_s602simatic_s7-1200_cpu_1212fc_firmwarequantum_security_management_firmwarenessus_network_monitorsimatic_net_cp_1545-1_firmwaresimatic_cp_1242-7_gprs_v2scalance_s615_firmwaresimatic_s7-1200_cpu_1215_fcsimatic_rf166c_firmwarescalance_xr528-6m_firmwarescalance_m-800_firmwaree-series_performance_analyzerscalance_xc-200_firmwarescalance_xr-300wg_firmwaresimatic_hmi_ktp_mobile_panelsscalance_s612_firmwaresimatic_s7-1500_cpu_1518-4_pn\/dp_mfp_firmwaredebian_linuxsimatic_net_cp_1543-1_firmwaresimatic_mv500_firmwareruggedcom_rcm1224_firmwaresimatic_process_historian_opc_ua_server_firmwarescalance_sc-600simatic_net_cp_1243-1_firmwaresimatic_s7-1200_cpu_1214c_firmwarecommunications_communications_policy_managementsimatic_process_historian_opc_ua_serversecure_backupsimatic_net_cp_1542sp-1_irc_firmwaresimatic_s7-1200_cpu_1211c_firmwaresimatic_s7-1200_cpu_1214cscalance_xf-200ba_firmwarequantum_security_managementsimatic_rf186c_firmwarescalance_w700simatic_net_cp_1542sp-1_ircstoragegridsimatic_hmi_comfort_outdoor_panels_firmwaresimatic_rf185cnode.jssinec_infrastructure_network_servicesscalance_s615graalvmsimatic_s7-1200_cpu_1214_fctim_1531_irc_firmwaresma100_firmwaresimatic_net_cp_1243-8_ircsimatic_net_cp_1243-8_irc_firmwaresimatic_rf186ci_firmwarenessussimatic_rf188ci_firmwarecloud_volumes_ontap_mediatorsimatic_net_cp1243-7_lte_us_firmwarelog_correlation_engineoncommand_workflow_automationscalance_xm-400_firmwarescalance_xr524-8c_firmwaresinumerik_opc_ua_serverscalance_s623_firmwarescalance_w700_firmwaremulti-domain_management_firmwarescalance_s627-2m_firmwarescalance_w1700_firmwaresimatic_net_cp_1545-1simatic_cloud_connect_7_firmwarescalance_xb-200_firmwarescalance_xc-200scalance_m-800jd_edwards_enterpriseone_toolssimatic_s7-1200_cpu_1214_fc_firmwarepeoplesoft_enterprise_peopletoolsprimavera_unifieropensslruggedcom_rcm1224simatic_pcs_neo_firmwaresimatic_rf360rscalance_lpe9403simatic_cp_1242-7_gprs_v2_firmwaresimatic_hmi_basic_panels_2nd_generation_firmwaresimatic_s7-1500_cpu_1518-4_pn\/dp_mfpscalance_xr528-6msimatic_s7-1200_cpu_1215_fc_firmwarescalance_xr-300wgscalance_s612simatic_rf360r_firmwaresinec_nmstim_1531_ircontap_select_deploy_administration_utilitysimatic_net_cp_1243-1fedorazfs_storage_appliance_kitsimatic_net_cp1243-7_lte_eu_firmwaresimatic_rf188csimatic_s7-1200_cpu_1217csimatic_rf185c_firmwaresimatic_net_cp_1543sp-1simatic_s7-1200_cpu_1215c_firmwareweb_gatewaysimatic_net_cp_1543-1simatic_s7-1200_cpu_1212c_firmwaresimatic_s7-1200_cpu_1217c_firmwaresimatic_rf188cicapture_clientsimatic_hmi_ktp_mobile_panels_firmwaresma100scalance_xr524-8csimatic_s7-1200_cpu_1215csimatic_logonsimatic_pcs_7_telecontrol_firmwaresimatic_net_cp_1543sp-1_firmwaremysql_workbenchsimatic_wincc_runtime_advancedscalance_s623secure_global_desktopweb_gateway_cloud_servicescalance_w1700scalance_xm-400freebsdscalance_lpe9403_firmwaremysql_serversimatic_pcs_7_telecontrolquantum_security_gateway_firmwaresimatic_wincc_telecontrolmysql_connectorssimatic_rf188c_firmwaresinec_pnimulti-domain_managementsimatic_pdmscalance_s627-2msimatic_rf186cioncommand_insightjd_edwards_world_securityenterprise_manager_for_storage_managementscalance_xp-200_firmwaresimatic_rf166csimatic_hmi_basic_panels_2nd_generationtia_administratoractive_iq_unified_managerscalance_xb-200tenable.scsimatic_hmi_comfort_outdoor_panelssimatic_s7-1200_cpu_1211csinema_serversinamics_connect_300scalance_xr552-12simatic_cloud_connect_7simatic_rf186cscalance_xr526-8c_firmwaresimatic_s7-1200_cpu_1212fcscalance_xr552-12_firmwaresimatic_net_cp1243-7_lte_euscalance_xr526-8csimatic_pdm_firmwaresantricity_smi-s_providerOpenSSL
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-34334
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.11% / 30.46%
||
7 Day CHG~0.00%
Published-09 Aug, 2021 | 00:00
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Denial of service due to integer overflow in loop counter

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An infinite loop is triggered when Exiv2 is used to read the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. The bug is fixed in version v0.27.5.

Action-Not Available
Vendor-Debian GNU/LinuxFedora ProjectExiv2
Product-exiv2debian_linuxfedoraexiv2
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2021-3443
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 8.62%
||
7 Day CHG~0.00%
Published-25 Mar, 2021 | 18:45
Updated-03 Aug, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component references in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened.

Action-Not Available
Vendor-n/aFedora ProjectJasPerRed Hat, Inc.
Product-jasperenterprise_linuxfedorajasper
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-3405
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-1.25% / 78.52%
||
7 Day CHG~0.00%
Published-23 Feb, 2021 | 19:05
Updated-03 Aug, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in libebml before 1.4.2. A heap overflow bug exists in the implementation of EbmlString::ReadData and EbmlUnicodeString::ReadData in libebml.

Action-Not Available
Vendor-matroskan/aDebian GNU/LinuxFedora Project
Product-debian_linuxlibebmlfedoralibebml
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-34339
Matching Score-8
Assigner-Fedora Project
ShareView Details
Matching Score-8
Assigner-Fedora Project
CVSS Score-6.5||MEDIUM
EPSS-0.23% / 45.24%
||
7 Day CHG~0.00%
Published-07 Mar, 2022 | 22:26
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Ming 0.4.8 has an out-of-bounds buffer access issue in the function getString() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.

Action-Not Available
Vendor-libmingn/aFedora Project
Product-mingfedoraming
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-34338
Matching Score-8
Assigner-Fedora Project
ShareView Details
Matching Score-8
Assigner-Fedora Project
CVSS Score-6.5||MEDIUM
EPSS-0.23% / 45.24%
||
7 Day CHG~0.00%
Published-07 Mar, 2022 | 22:26
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Ming 0.4.8 has an out-of-bounds buffer overwrite issue in the function getName() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.

Action-Not Available
Vendor-libmingn/aFedora Project
Product-mingfedoraming
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 19
  • 20
  • Next
Details not found