Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-27827 | 5 Fedoraproject, Lldpd Project, Openvswitch and 2 more | 27 Fedora, Lldpd, Openvswitch and 24 more | 2025-12-03 | 7.1 HIGH | 7.5 HIGH |
|
A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability.
|
|||||
| CVE-2021-41991 | 4 Debian, Fedoraproject, Siemens and 1 more | 46 Debian Linux, Fedora, Cp 1543-1 and 43 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests with different certificates to fill the cache and later trigger the replacement of cache entries. The code attempts to select a less-often-used cache entry by means of a random number generator, but this is not done correctly. Remote code execution might be a slight possibility.
|
|||||
| CVE-2021-3449 | 12 Checkpoint, Debian, Fedoraproject and 9 more | 167 Multi-domain Management, Multi-domain Management Firmware, Quantum Security Gateway and 164 more | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
|
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). O ...
Show More |
|||||
| CVE-2020-9273 | 5 Debian, Fedoraproject, Opensuse and 2 more | 9 Debian Linux, Fedora, Backports Sle and 6 more | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
|
In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel. This triggers a use-after-free in alloc_pool in pool.c, and possible remote code execution.
|
|||||
| CVE-2020-9272 | 3 Opensuse, Proftpd, Siemens | 7 Backports Sle, Leap, Proftpd and 4 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
ProFTPD 1.3.7 has an out-of-bounds (OOB) read vulnerability in mod_cap via the cap_text.c cap_to_text function.
|
|||||