CVE-2021-4034

all versions

A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed

7.8HIGH

CVE-2021-43527

all versions

NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded D

9.8CRITICAL

CVE-2021-42574

all versions

An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering

8.3HIGH

CVE-2021-42739

all versions

The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c a

6.7MEDIUM

CVE-2021-41617

all versions

sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because

7.0HIGH

CVE-2021-37750

all versions

The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereferen

6.5MEDIUM

CVE-2020-36385

all versions

An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is re

7.8HIGH

CVE-2020-36322

all versions

An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_do_get

5.5MEDIUM

CVE-2021-20271

all versions

A flaw was found in RPM's signature check functionality when reading a package file. This flaw allows an attacker who can convince

7.0HIGH

CVE-2020-14409

all versions

SDL (Simple DirectMedia Layer) through 2.0.12 has an Integer Overflow (and resultant SDL_memcpy heap corruption) in SDL_BlitCopy i

7.8HIGH

CVE-2020-25704

all versions

A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERF_EVENT_IOC_SET_FILTER. A

5.5MEDIUM

CVE-2020-25656

all versions

A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and K

4.1MEDIUM

CVE-2020-25643

all versions

A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is c

7.2HIGH

CVE-2020-0427

all versions

In create_pinctrl of core.c, there is a possible out of bounds read due to a use after free. This could lead to local information

5.5MEDIUM

CVE-2020-14314

all versions

A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system, in the way it access

5.5MEDIUM

CVE-2020-24394

all versions

In the Linux kernel before 5.7.8, fs/nfsd/vfs.c (in the NFS server) can set incorrect permissions on new filesystem objects when t

7.1HIGH

CVE-2018-18585

all versions

chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character

4.3MEDIUM

CVE-2018-18584

all versions

In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the m

6.5MEDIUM

CVE-2018-16758

all versions

Missing message authentication in the meta-protocol in Tinc VPN version 1.0.34 and earlier allows a man-in-the-middle attack to di

5.9MEDIUM

CVE-2018-16738

all versions

tinc 1.0.30 through 1.0.34 has a broken authentication protocol, although there is a partial mitigation. This is fixed in 1.1.

3.7LOW

CVE-2018-16737

all versions

tinc before 1.0.30 has a broken authentication protocol, without even a partial mitigation.

5.3MEDIUM

CVE-2018-3839

all versions

An exploitable code execution vulnerability exists in the XCF image rendering functionality of Simple DirectMedia Layer SDL2_image

8.8HIGH

CVE-2018-3837

all versions

An exploitable information disclosure vulnerability exists in the PCX image rendering functionality of Simple DirectMedia Layer SD

5.5MEDIUM