CVE-2021-2416

all versions

Vulnerability in the Oracle Communications Session Border Controller product of Oracle Communications (component: Routing). Suppor

4.9MEDIUM

CVE-2021-2414

all versions

Vulnerability in the Oracle Communications Session Border Controller product of Oracle Communications (component: Routing). Suppor

6.8MEDIUM

CVE-2021-3712

all versions

ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string dat

7.4HIGH

CVE-2021-3711

all versions

In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an applic

9.8CRITICAL

CVE-2021-33909

all versions

fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to

7.8HIGH

CVE-2021-23017

all versions

A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS ser

7.7HIGH

CVE-2021-23337

all versions

Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.

7.2HIGH

CVE-2020-28500

all versions

Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd

5.3MEDIUM

CVE-2020-1971

all versions

The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPar

5.9MEDIUM

CVE-2020-8203

all versions

Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20.

7.4HIGH

CVE-2020-10723

>= 8.2 and <= 8.4

A memory corruption issue was found in DPDK versions 17.05 and above. This flaw is caused by an integer truncation on the index of

5.1MEDIUM

CVE-2020-10722

>= 8.2 and <= 8.4

A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow in vhost_user_set_log_base() c

5.1MEDIUM

CVE-2019-10219

all versions

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting

6.1MEDIUM

CVE-2019-5482

all versions

Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.

9.8CRITICAL

CVE-2019-5481

all versions

Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.

9.8CRITICAL

CVE-2019-1559

all versions

If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to

5.9MEDIUM

CVE-2018-16865

all versions

An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in syst

7.8HIGH

CVE-2018-16864

all versions

An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in syst

7.8HIGH

CVE-2018-11237

all versions

An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write d

7.8HIGH

CVE-2018-11236

all versions

stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to

9.8CRITICAL

CVE-2018-6485

all versions

An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.

9.8CRITICAL

CVE-2015-0235

< 7.2.0

Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows con