CVE-2021-3114
In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.
Source: CVE-2021-3114
[월:] 2021년 01월
CVE-2021-26266
CVE-2021-26266
cPanel before 92.0.9 allows a Reseller to bypass the suspension lock (SEC-578).
Source: CVE-2021-26266
CVE-2021-26267
CVE-2021-26267
cPanel before 92.0.9 allows a MySQL user (who has an old-style password hash) to bypass suspension (SEC-579).
Source: CVE-2021-26267
CVE-2021-26026
CVE-2021-26026
PlugInsIDE_ACDStd.apl in ACDSee Professional 2021 14.0 1721 has a User Mode Write Access Violation starting at IDE_ACDStd!JPEGTransW+0x000000000000c7f4 via a crafted BMP image.
Source: CVE-2021-26026
CVE-2021-26025
CVE-2021-26025
PlugInsIDE_ACDStd.apl in ACDSee Professional 2021 14.0 1721 has a User Mode Write Access Violation starting at IDE_ACDStd!zlibVersion+0x0000000000004e5e via a crafted BMP image.
Source: CVE-2021-26025
CVE-2021-25900
CVE-2021-25900
An issue was discovered in the smallvec crate before 0.6.14 and 1.x before 1.6.1 for Rust. There is a heap-based buffer overflow in SmallVec::insert_many.
Source: CVE-2021-25900
CVE-2021-25901
CVE-2021-25901
An issue was discovered in the lazy-init crate through 2021-01-17 for Rust. Lazy lacks a Send bound, leading to a data race.
Source: CVE-2021-25901
CVE-2021-25902
CVE-2021-25902
An issue was discovered in the glsl-layout crate before 0.4.0 for Rust. When a panic occurs, map_array can perform a double drop.
Source: CVE-2021-25902
CVE-2021-25908
CVE-2021-25908
An issue was discovered in the fil-ocl crate through 2021-01-04 for Rust. From<EventList> can lead to a double free.
Source: CVE-2021-25908
CVE-2021-25907
CVE-2021-25907
An issue was discovered in the containers crate before 0.9.11 for Rust. When a panic occurs, a util::{mutate,mutate2} double drop can be performed.
Source: CVE-2021-25907