Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2021-03-23 CVE-2021-3444 Incorrect Conversion between Numeric Types vulnerability in multiple products
The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0.
local
low complexity
linux debian canonical CWE-681
4.6
4.6
2021-03-23 CVE-2021-21401 Release of Invalid Pointer or Reference vulnerability in Nanopb Project Nanopb
Nanopb is a small code-size Protocol Buffers implementation in ansi C.
network
low complexity
nanopb-project CWE-763
5.5
5.5
2021-03-23 CVE-2021-23362 The package hosted-git-info before 3.0.8 are vulnerable to Regular Expression Denial of Service (ReDoS) via regular expression shortcutMatch in the fromUrl function in index.js.
network
low complexity
npmjs siemens
5.3
5.3
2021-03-23 CVE-2021-23274 Improper Restriction of Rendered UI Layers or Frames vulnerability in Tibco products
The Config UI component of TIBCO Software Inc.'s TIBCO API Exchange Gateway and TIBCO API Exchange Gateway Distribution for TIBCO Silver Fabric contains a vulnerability that theoretically allows an unauthenticated attacker with network access to execute a clickjacking attack on the affected system.
network
low complexity
tibco CWE-1021
critical
 9.8
9.8
2021-03-23 CVE-2021-20270 Infinite Loop vulnerability in multiple products
An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword.
network
low complexity
pygments redhat fedoraproject debian CWE-835
5.0
5.0
2021-03-23 CVE-2021-20227 Use After Free vulnerability in multiple products
A flaw was found in SQLite's SELECT query functionality (src/select.c).
local
low complexity
sqlite oracle CWE-416
5.5
5.5
2021-03-23 CVE-2021-20222 Cross-site Scripting vulnerability in Redhat Keycloak
A flaw was found in keycloak.
network
high complexity
redhat CWE-79
7.5
7.5
2021-03-23 CVE-2021-20219 Incorrect Comparison vulnerability in Linux Kernel
A denial of service vulnerability was found in n_tty_receive_char_special in drivers/tty/n_tty.c of the Linux kernel.
local
low complexity
linux CWE-697
2.1
2.1
2021-03-23 CVE-2020-12483 Open Redirect vulnerability in Vivo Appstore
The appstore before 8.12.0.0 exposes some of its components, and the attacker can cause remote download and install apps through carefully constructed parameters.
network
vivo CWE-601
5.8
5.8
2021-03-23 CVE-2021-21377 Open Redirect vulnerability in Openmicroscopy Omero.Web 5.6.3
OMERO.web is open source Django-based software for managing microscopy imaging. 		4.9
4.9