|
197171
|
6.1 |
MEDIUM
Local
|
theforeman
|
openscap
|
An improper authorization handling flaw was found in Foreman. The OpenSCAP plugin for the smart-proxy allows foreman clients to execute actions that should be limited to the Foreman Server. This flaw…
|
CWE-863
Incorrect Authorization
|
CVE-2021-20290
|
2024-11-21 14:46 |
2022-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197172
|
7.5 |
HIGH
Network
|
openexr
debian
|
openexr
debian_linux
|
A flaw was found in OpenEXR's Multipart input file functionality. A crafted multi-part input file with no actual parts can trigger a NULL pointer dereference. The highest threat from this vulnerabili…
|
-
|
CVE-2021-20299
|
2024-11-21 14:46 |
2022-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197173
|
5.5 |
MEDIUM
Local
|
redhat
|
ansible
|
A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2021-20180
|
2024-11-21 14:46 |
2022-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197174
|
6.5 |
MEDIUM
Local
|
qemu
fedoraproject
redhat
debian
|
qemu
fedora
enterprise_linux
openstack_platform
enterprise_linux_for_power_little_endian
enterprise_linux_for_ibm_z_systems
codeready_linux_builder
debian_linux
|
An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits (tx) descriptors in process_tx_desc if various descriptor fields are initialized wi…
|
-
|
CVE-2021-20257
|
2024-11-21 14:46 |
2022-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197175
|
5.5 |
MEDIUM
Local
|
kexec-tools_project
|
kexec-tools
|
A flaw was found in the permissions of a log file created by kexec-tools. This flaw allows a local unprivileged user to read this file and leak kernel internal information from a previous panic. The …
|
-
|
CVE-2021-20269
|
2024-11-21 14:46 |
2022-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197176
|
7.8 |
HIGH
Local
|
redhat
|
coreos-installer
|
An improper signature verification vulnerability was found in coreos-installer. A specially crafted gzip installation image can bypass the image signature verification and as a consequence can lead t…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2021-20319
|
2024-11-21 14:46 |
2022-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197177
|
6.1 |
MEDIUM
Local
|
openexr
debian
|
openexr
debian_linux
|
A flaw found in function dataWindowForTile() of IlmImf/ImfTiledMisc.cpp. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger an integer overflow, leading to an o…
|
-
|
CVE-2021-20303
|
2024-11-21 14:46 |
2022-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197178
|
5.5 |
MEDIUM
Local
|
openexr
debian
|
openexr
debian_linux
|
A flaw was found in OpenEXR's TiledInputFile functionality. This flaw allows an attacker who can submit a crafted single-part non-image to be processed by OpenEXR, to trigger a floating-point excepti…
|
NVD-CWE-noinfo
|
CVE-2021-20302
|
2024-11-21 14:46 |
2022-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197179
|
5.5 |
MEDIUM
Local
|
openexr
debian
|
openexr
debian_linux
|
A flaw was found in OpenEXR's hufUncompress functionality in OpenEXR/IlmImf/ImfHuf.cpp. This flaw allows an attacker who can submit a crafted file that is processed by OpenEXR, to trigger an integer …
|
-
|
CVE-2021-20300
|
2024-11-21 14:46 |
2022-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197180
|
4.7 |
MEDIUM
Local
|
linux
redhat
debian
|
linux_kernel
enterprise_linux
debian_linux
|
A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the syste…
|
CWE-362
Race Condition
|
CVE-2021-20321
|
2024-11-21 14:46 |
2022-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
