The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date | Fixed Release |
---|---|---|---|---|
CVE-2022-22826 | nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | MEDIUM | Jan 9, 2022 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2022-22825 | lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | MEDIUM | Jan 9, 2022 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2021-46143 | In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize. | MEDIUM | Jan 6, 2022 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2021-45452 | Storage.save in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1 allows directory traversal if crafted filenames are directly passed to it. | MEDIUM | Jan 5, 2022 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2021-45116 | An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. Due to leveraging the Django Template Language\'s variable resolution logic, the dictsort template filter was potentially vulnerable to information disclosure, or an unintended method call, if passed a suitably crafted key. | MEDIUM | Jan 5, 2022 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2021-45115 | An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. UserAttributeSimilarityValidator incurred significant overhead in evaluating a submitted password that was artificially large in relation to the comparison values. In a situation where access to user registration was unrestricted, this provided a potential vector for a denial-of-service attack. | MEDIUM | Jan 5, 2022 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2021-41043 | Use after free in tcpslice triggers AddressSanitizer, no other confirmed impact. | MEDIUM | Jan 5, 2022 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2021-45960 | In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory). | MEDIUM | Jan 3, 2022 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2021-4193 | vim is vulnerable to Out-of-bounds Read | MEDIUM | Jan 1, 2022 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2021-4192 | vim is vulnerable to Use After Free | MEDIUM | Jan 1, 2022 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2021-45485 | In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn\'t properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses. | MEDIUM | Dec 25, 2021 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2021-44224 | A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). | MEDIUM | Dec 24, 2021 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2021-41819 | CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby. | MEDIUM | Dec 21, 2021 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2021-41817 | Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1. | MEDIUM | Dec 21, 2021 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2021-4156 | An out-of-bounds read flaw was found in libsndfile\'s FLAC codec functionality. An attacker who is able to submit a specially crafted file (via tricking a user to open or otherwise) to an application linked with libsndfile and using the FLAC codec, could trigger an out-of-bounds read that would most likely cause a crash but could potentially leak memory information that could be used in further exploitation of other flaws. | MEDIUM | Dec 23, 2021 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2021-41496 | Buffer overflow in the array_from_pyobj function of fortranobject.c in NumPy < 1.19, which allows attackers to conduct a Denial of Service attacks by carefully constructing an array with negative values. NOTE: The vendor does not agree this is a vulnerability; the negative dimensions can only be created by an already privileged user (or internally) | MEDIUM | Dec 18, 2021 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2021-41495 | Null Pointer Dereference vulnerability exists in numpy.sort in NumPy < and 1.19 in the PyArray_DescrNew function due to missing return-value validation, which allows attackers to conduct DoS attacks by repetitively creating sort arrays. NOTE: While correct that validation is missing, an error can only occur due to an exhaustion of memory. If the user can exhaust memory, they are already privileged. Further, it should be practically impossible to construct an attack which can target the memory exhaustion to occur at exactly this place | MEDIUM | Dec 18, 2021 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2021-33430 | A Buffer Overflow vulnerability exists in NumPy 1.9.x in the PyArray_NewFromDescr_int function of ctors.c when specifying arrays of large dimensions (over 32) from Python code, which could let a malicious user cause a Denial of Service. NOTE: The vendor does not agree this is a vulneraility; In (very limited) circumstances a user may be able provoke the buffer overflow, the user is most likely already privileged to at least provoke denial of service by exhausting memory. Triggering this further requires the use of uncommon API (complicated structured dtypes), which is very unlikely to be available to an unprivileged user | MEDIUM | Dec 17, 2021 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2021-45088 | XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 via an error page. | MEDIUM | Dec 16, 2021 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2021-45078 | stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. NOTE: this issue exists because of an incorrect fix for CVE-2018-12699. | MEDIUM | Dec 15, 2021 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2021-44733 | A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object. | MEDIUM | Dec 17, 2021 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2021-43818 | lxml is a library for processing XML and HTML in the Python language. Prior to version 4.6.5, the HTML Cleaner in lxml.html lets certain crafted script content pass through, as well as script content in SVG files embedded using data URIs. Users that employ the HTML cleaner in a security relevant context should upgrade to lxml 4.6.5 to receive a patch. There are no known workarounds available. | MEDIUM | Dec 16, 2021 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2021-4083 | A read-after-free memory flaw was found in the Linux kernel\'s garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on the system. This flaw affects Linux kernel versions prior to 5.16-rc4. | MEDIUM | Dec 16, 2021 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2021-4011 | A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SwapCreateRegister function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | MEDIUM | Dec 15, 2021 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2021-4010 | A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcScreenSaverSuspend function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | MEDIUM | Dec 15, 2021 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2021-4009 | A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcXFixesCreatePointerBarrier function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | MEDIUM | Dec 15, 2021 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2021-4008 | A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcRenderCompositeGlyphs function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | MEDIUM | Dec 15, 2021 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2021-44716 | net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests. | MEDIUM | Dec 10, 2021 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2021-4069 | vim is vulnerable to Use After Free | MEDIUM | Dec 9, 2021 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2018-25020 | The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter.c. | MEDIUM | Dec 8, 2021 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2021-4019 | vim is vulnerable to Heap-based Buffer Overflow | MEDIUM | Dec 4, 2021 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2021-3984 | vim is vulnerable to Heap-based Buffer Overflow | MEDIUM | Dec 3, 2021 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2019-8922 | A heap-based buffer overflow was discovered in bluetoothd in BlueZ through 5.48. There isn\'t any check on whether there is enough space in the destination buffer. The function simply appends all data passed to it. The values of all attributes that are requested are appended to the output buffer. There are no size checks whatsoever, resulting in a simple heap overflow if one can craft a request where the response is large enough to overflow the preallocated buffer. This issue exists in service_attr_req gets called by process_request (in sdpd-request.c), which also allocates the response buffer. | MEDIUM | Dec 3, 2021 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2021-43975 | In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value. | MEDIUM | Nov 19, 2021 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2021-43618 | GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms. | MEDIUM | Nov 16, 2021 | 10.17.41.25 (Wind River Linux LTS 17) |
CVE-2021-33098 | Improper input validation in the Intel(R) Ethernet ixgbe driver for Linux before version 3.17.3 may allow an authenticated user to potentially enable denial of service via local access. | MEDIUM | Nov 17, 2021 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2021-21707 | In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing functions, like simplexml_load_file(), URL-decode the filename passed to them. If that filename contains URL-encoded NUL character, this may cause the function to interpret this as the end of the filename, thus interpreting the filename differently from what the user intended, which may lead it to reading a different file than intended. | MEDIUM | Nov 19, 2021 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2021-3974 | vim is vulnerable to Use After Free | MEDIUM | Nov 19, 2021 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2021-23222 | A man-in-the-middle attacker can inject false responses to the client\'s first few queries, despite the use of SSL certificate verification and encryption. | MEDIUM | Nov 9, 2021 | 10.17.41.25 (Wind River Linux LTS 17) |
CVE-2021-23214 | When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption. | MEDIUM | Nov 9, 2021 | 10.17.41.25 (Wind River Linux LTS 17) |
CVE-2020-25722 | Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data. An attacker could use this flaw to cause total domain compromise. | MEDIUM | Nov 11, 2021 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2020-23903 | A Divide by Zero vulnerability in the function static int read_samples of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file. | MEDIUM | Nov 11, 2021 | 10.17.41.25 (Wind River Linux LTS 17) |
CVE-2021-43400 | An issue was discovered in gatt-database.c in BlueZ 5.61. A use-after-free can occur when a client disconnects during D-Bus processing of a WriteValue call. | MEDIUM | Nov 5, 2021 | 10.17.41.25 (Wind River Linux LTS 17) |
CVE-2021-43396 | In iconvdata/iso-2022-jp-3.c in the GNU C Library (aka glibc) 2.34, remote attackers can force iconv() to emit a spurious \'\\0\' character via crafted ISO-2022-JP-3 data that is accompanied by an internal state reset. This may affect data integrity in certain iconv() use cases. NOTE: the vendor states the bug cannot be invoked through user input and requires iconv to be invoked with a NULL inbuf, which ought to require a separate application bug to do so unintentionally. Hence there\'s no security impact to the bug. | MEDIUM | Nov 4, 2021 | 10.17.41.25 (Wind River Linux LTS 17) |
CVE-2021-3928 | vim is vulnerable to Use of Uninitialized Variable | MEDIUM | Nov 5, 2021 | 10.17.41.25 (Wind River Linux LTS 17) |
CVE-2021-3927 | vim is vulnerable to Heap-based Buffer Overflow | MEDIUM | Nov 5, 2021 | 10.17.41.25 (Wind River Linux LTS 17) |
CVE-2021-0920 | In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196926917References: Upstream kernel | MEDIUM | Nov 5, 2021 | 10.17.41.25 (Wind River Linux LTS 17) |
CVE-2021-41771 | ImportedSymbols in debug/macho (for Open or OpenFat) in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation. | MEDIUM | Oct 29, 2021 | 10.17.41.25 (Wind River Linux LTS 17) |
CVE-2021-25219 | In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a flaw in response processing can cause degradation in BIND resolver performance. The way the lame cache is currently designed makes it possible for its internal data structures to grow almost infinitely, which may cause significant delays in client query processing. | MEDIUM | Oct 29, 2021 | 10.17.41.25 (Wind River Linux LTS 17) |
CVE-2021-3903 | vim is vulnerable to Heap-based Buffer Overflow | MEDIUM | Oct 28, 2021 | 10.17.41.25 (Wind River Linux LTS 17) |