CVE-2021-36084
The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper).
Source: CVE-2021-36084
[월:] 2021년 07월
CVE-2021-36082
CVE-2021-36082
ntop nDPI 3.4 has a stack-based buffer overflow in processClientServerHello.
Source: CVE-2021-36082
CVE-2021-36080
CVE-2021-36080
GNU LibreDWG 0.12.3.4163 through 0.12.3.4191 has a double-free in bit_chain_free (called from dwg_encode_MTEXT and dwg_encode_add_object).
Source: CVE-2021-36080
CVE-2020-36406
CVE-2020-36406
uWebSockets 18.11.0 and 18.12.0 has a stack-based buffer overflow in uWS::TopicTree::trimTree (called from uWS::TopicTree::unsubscribeAll).
Source: CVE-2020-36406
CVE-2021-36087
CVE-2021-36087
The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). NOTE: bad0a746e9f4cf260dedba5828d9645d50176aac is cited in the OSV "fixed" field but does not have a code change.
Source: CVE-2021-36087
CVE-2020-36400
CVE-2020-36400
ZeroMQ libzmq 4.3.3 has a heap-based buffer overflow in zmq::tcp_read, a different vulnerability than CVE-2021-20235.
Source: CVE-2020-36400
CVE-2020-36401
CVE-2020-36401
mruby 2.1.2 has a double free in mrb_default_allocf (called from mrb_free and obj_free).
Source: CVE-2020-36401
CVE-2020-36403
CVE-2020-36403
HTSlib 1.10 through 1.10.2 allows out-of-bounds write access in vcf_parse_format (called from vcf_parse and vcf_read).
Source: CVE-2020-36403
CVE-2020-36402
CVE-2020-36402
Solidity 0.7.5 has a stack-use-after-return issue in smtutil::CHCSmtLib2Interface::querySolver. NOTE: c39a5e2b7a3fabbf687f53a2823fc087be6c1a7e is cited in the OSV "fixed" field but does not have a code change.
Source: CVE-2020-36402
CVE-2017-20006
CVE-2017-20006
UnRAR 5.6.1.2 and 5.6.1.3 has a heap-based buffer overflow in Unpack::CopyString (called from Unpack::Unpack5 and CmdExtract::ExtractCurrentFile).
Source: CVE-2017-20006