| Project | Subject | Reported | Public | oss-security posting | Time of oss-security posting | CVE(s) | Days embargoed (scheduled) | Days embargoed (oss-security) |
|---|---|---|---|---|---|---|---|---|
| December | ||||||||
| Linux/Kernel: eBPF Improper Input Validation Privilege Escalation Vulnerability | 2021-12-28T04:19:16+00:00 | 2022-01-04T04:19:16+00:00 | https://marc.info/?i=CA%2BeGCHaJ8Vcgm%3D%2BKqmFwmLd8BP%2BVn8aos6RZzvbzHd544SdQZg%40mail.gmail.com | 2022-01-14T08:57:53+00:00 | CVE-2021-34866 CVE-2021-4204 CVE-2022-23222 | 7.00 | 17.17 | |
| Linux USB Gadget buffer overflows | 2021-12-11T20:53:39+00:00 | 2021-12-18T20:53:39+00:00 | https://marc.info/?i=942e362d-2a16-883f-5ff9-a466ee6202f8%40gmail.com | 2021-12-15T21:22:33+00:00 | CVE-2021-39685 | 7.00 | 4.00 | |
| Preview of X.Org Security Advisory for 2021-12-14 | 2021-12-08T08:55:42+00:00 | 2021-12-15T08:55:42+00:00 | https://marc.info/?i=06bd0517-a955-881f-553b-c49b7a7a4ed2%40radix.lt | 2021-12-14T13:14:06+00:00 | CVE-2021-4008 CVE-2021-4009 CVE-2021-4010 CVE-2021-4011 | 7.00 | 6.17 | |
| November | ||||||||
| multiple buffer overflows in isync/mbsync | 2021-11-29T13:41:39+00:00 | 2021-12-06T13:41:39+00:00 | https://marc.info/?i=YaoAAoib%2Bm56pU%2Fg%40ugly | 2021-12-03T11:31:14+00:00 | CVE-2021-3657 CVE-2021-44143 | 7.00 | 3.88 | |
| CVE-2021-43527: Heap overflow in NSS when verifying DSA/RSA-PSS DER-encoded signatures | 2021-11-29T10:00:07+00:00 | 2021-12-06T10:00:07+00:00 | https://marc.info/?i=CAON8YFPiCCj4q3Z52c4dh9ArmDF2ybS_KDN1RWYe-D52fDt2qw%40mail.gmail.com | 2021-12-01T16:43:46+00:00 | CVE-2021-43527 | 7.00 | 2.25 | |
| CVE Request: Linux 3.6 hugetlbfs leak/corruption | 2021-11-21T05:42:59+00:00 | 2021-11-28T05:42:59+00:00 | https://marc.info/?i=EF0C4A70-7268-4894-A006-1540CD68CB45%40vmware.com | 2021-11-25T19:15:19+00:00 | CVE-2021-4002 | 7.00 | 4.54 | |
| October | ||||||||
| Rust compiler patch for CVE-2021-42574 | 2021-10-27T08:51:59+00:00 | 2021-11-03T08:51:59+00:00 | https://marc.info/?i=c2d12374-0ed6-d6d4-60ea-799934b6f173%40cl.cam.ac.uk | 2021-11-01T17:27:53+00:00 | CVE-2021-42574 CVE-2021-42694 | 7.00 | 5.33 | |
| Fwd: [vs-plain] OverlayFS Security Issue Report | 2021-10-19T13:20:46+00:00 | 2021-10-26T13:20:46+00:00 | https://marc.info/?i=PAXP193MB1405A3EC41713BE9D524FBE48DB89%40PAXP193MB1405.EURP193.PROD.OUTLOOK.COM | 2021-10-19T15:23:27+00:00 | CVE-2021-3847 | 7.00 | 0.08 | |
| Re: … | 2021-10-18T15:31:05+00:00 | 2021-10-25T15:31:05+00:00 | https://marc.info/?i=c2d12374-0ed6-d6d4-60ea-799934b6f173%40cl.cam.ac.uk | 2021-11-01T17:27:53+00:00 | CVE-2021-42574 CVE-2021-42694 | 7.00 | 14.04 | |
| September | ||||||||
| OverlayFS Security Issue Report | 2021-09-29T13:15:00+00:00 | 2021-10-06T13:15:00+00:00 | https://marc.info/?i=PAXP193MB1405A3EC41713BE9D524FBE48DB89%40PAXP193MB1405.EURP193.PROD.OUTLOOK.COM | 2021-10-14T18:30:53+00:00 | CVE-2021-3493 CVE-2021-3847 | 7.00 | 15.21 | |
| Moby (Docker Engine) CVE-2021-41089 | 2021-09-28T00:45:03+00:00 | 2021-10-05T00:45:03+00:00 | https://marc.info/?i=f36fc3fefc0b5c429cb16adfe62bde6f4ab0bbd2.camel%40amazon.com | 2021-10-04T18:57:19+00:00 | CVE-2021-41089 | 7.00 | 6.75 | |
| Subject: curl: STARTTLS protocol injection via MITM | 2021-09-10T06:33:09+00:00 | 2021-09-17T06:33:09+00:00 | https://marc.info/?i=nycvar.QRO.7.76.2109142337370.9650%40fvyyl | 2021-09-15T06:20:53+00:00 | CVE-2021-22947 | 7.00 | 4.96 | |
| Re: Subject: curl: Protocol downgrade required TLS bypassed | 2021-09-09T10:38:50+00:00 | 2021-09-16T10:38:50+00:00 | https://marc.info/?i=nycvar.QRO.7.76.2109142337070.9650%40fvyyl | 2021-09-15T06:20:49+00:00 | CVE-2021-22946 | 7.00 | 5.79 | |
| Linux kernel: CVE-2021-3715 | 2021-09-06T09:36:39+00:00 | 2021-09-13T09:36:39+00:00 | https://marc.info/?i=CAKx%2B4-qZVEvOx%2BzD1R0r2UzNpT8eLUe%2BsTp78KJHjaEun7BVPA%40mail.gmail.com | 2021-09-07T08:39:52+00:00 | CVE-2021-3715 | 7.00 | 0.96 | |
| curl: UAF and double-free in MQTT sending | 2021-09-06T08:36:00+00:00 | 2021-09-13T08:36:00+00:00 | https://marc.info/?i=nycvar.QRO.7.76.2109142335500.9650%40fvyyl | 2021-09-15T06:20:45+00:00 | CVE-2021-22945 | 7.00 | 8.88 | |
| *UNCHECKED* Re: [vs-plain] Use-After-Free vulnerability of ndev→rf_conn_info object | 2021-09-01T06:54:59+00:00 | 2021-09-08T06:54:59+00:00 | https://marc.info/?i=CAJjojJsrNyz%2BML%2BQ81JB9iF2-DTKfAEkUP1cSTgyvCL6NebhzQ%40mail.gmail.com | 2021-10-26T06:37:20+00:00 | CVE-2021-3760 | 7.00 | 54.96 | |
| August | ||||||||
| I found a race out-of-bounds in vt for latest linux | 2021-08-31T03:25:07+00:00 | 2021-09-07T03:25:07+00:00 | https://marc.info/?i=CAH5WSp4XsLN42kbnDknq2c32mZs_5uvyEzgBSQ9ar_ypASbYRw%40mail.gmail.com | 2021-09-01T09:15:57+00:00 | CVE-2021-3753 | 7.00 | 1.21 | |
| RE: Linux kernel : a uaf bug in bluetooth | 2021-08-31T01:41:27+00:00 | 2021-09-07T01:41:27+00:00 | https://marc.info/?i=001201d7a9fe%2490f98d20%24b2eca760%24%40nsfocus.com | 2021-09-15T06:54:43+00:00 | CVE-2021-3752 | 7.00 | 15.21 | |
| Re: [PATCH RESEND] crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() | 2021-08-26T13:04:27+00:00 | 2021-09-02T13:04:27+00:00 | https://marc.info/?i=20210914152910.GG26560%40suse.de | 2021-09-14T15:29:11+00:00 | CVE-2021-3744 | 7.00 | 19.08 | |
| (CVE-2021-3773) Lack of port sanity checking in natd and Netfilter leads to exploit of OpenVPN clients on Linux and FreeBSD platforms | 2021-08-25T19:24:07+00:00 | 2021-09-01T19:24:07+00:00 | https://marc.info/?i=5b3fd8c2-bfc7-dd7d-59dc-26403c523613%40breakpointingbad.com | 2021-09-08T18:37:17+00:00 | CVE-2021-3773 | 7.00 | 13.96 | |
| [pre-OSSA] Vulnerability in OpenStack Neutron (CVE-2021-40085) | 2021-08-25T13:14:24+00:00 | 2021-09-01T13:14:24+00:00 | https://marc.info/?i=20210831150038.5aqn2pqqfrupkjqm%40yuggoth.org | 2021-08-31T15:00:38+00:00 | CVE-2021-40085 | 7.00 | 6.04 | |
| Report vulnerability | 2021-08-23T03:12:48+00:00 | 2021-08-30T03:12:48+00:00 | https://marc.info/?i=20210914152910.GG26560%40suse.de | 2021-09-14T15:29:11+00:00 | CVE-2019-18808 | 7.00 | 22.50 | |
| Re: … | 2021-08-18T15:13:39+00:00 | 2021-08-25T15:13:39+00:00 | https://marc.info/?i=CAOGQQ2-5630%3DHhmZbaxWr2bB3vHdzd%3DFE1hZ2jgCn71hxPZ2WA%40mail.gmail.com | 2021-08-26T14:58:35+00:00 | CVE-2021-3634 | 7.00 | 7.96 | |
| Re: Embargoed OpenSSL issues | 2021-08-17T13:59:44+00:00 | 2021-08-24T13:59:44+00:00 | https://marc.info/?i=CABU6YOa0q0%3DaWxSqcWN7AbNAZS1Yx6nuqBUkAfsfbzJKywwBhw%40mail.gmail.com | 2021-08-25T20:20:09+00:00 | CVE-2021-3711 CVE-2021-3712 | 7.00 | 8.25 | |
| August BIND maintenance releases contain a defect affecting servers using the map zone file format (was: A vulnerability in BIND (CVE-2021-25218) will be announced 18 August 2021) | 2021-08-16T08:38:46+00:00 | 2021-08-23T08:38:46+00:00 | https://marc.info/?i=b4fb39dc-ade3-3084-6a80-beefe9157088%40isc.org | 2021-08-20T21:24:07+00:00 | CVE-2021-25218 | 7.00 | 4.50 | |
| SVM nested virtualization issues in KVM | 2021-08-06T12:51:20+00:00 | 2021-08-13T12:51:20+00:00 | https://marc.info/?i=CAA8xKjVxPtO%2BVpLsn1Ta%2B2Tv9YB2Q_fg2BOcC7%3Dz6BzR7Qm8OQ%40mail.gmail.com | 2021-08-16T14:13:56+00:00 | CVE-2021-3653 CVE-2021-3656 | 7.00 | 10.04 | |
| *UNCHECKED* Re: [vs-plain] CVE-2021-20314: Remote stack buffer overflow in libspf2 | 2021-08-04T11:16:34+00:00 | 2021-08-11T11:16:34+00:00 | https://marc.info/?i=dde792a9-3531-9057-70a4-c4a9b60b90fd%40sit.fraunhofer.de | 2021-08-11T14:41:16+00:00 | CVE-2021-20314 | 7.00 | 7.12 | |
| July | ||||||||
| c-ares: Missing input validation on hostnames | 2021-07-29T07:35:25+00:00 | 2021-08-05T07:35:25+00:00 | https://marc.info/?i=nycvar.QRO.7.76.2108100817550.28722%40fvyyl | 2021-08-10T06:19:32+00:00 | CVE-2021-3672 | 7.00 | 11.92 | |
| Re: PowerDNS prenotification | 2021-07-19T07:17:25+00:00 | 2021-07-26T07:17:25+00:00 | https://marc.info/?i=9120e36f89c0b082a73fa2dfaf46036d09d6f22e.camel%40powerdns.com | 2021-07-26T12:47:04+00:00 | CVE-2021-36754 | 7.00 | 7.21 | |
| Re: CVE-2021-33909 fix temporary / prematurely disclosed by SUSE | 2021-07-15T12:21:46+00:00 | 2021-07-22T12:21:46+00:00 | https://marc.info/?i=20210920230413.GA50332%40bluezbox.com | 2021-09-20T23:04:13+00:00 | CVE-2021-33909 | 7.00 | 67.42 | |
| Re: CVE-2021-33909: patch | 2021-07-13T13:00:42+00:00 | 2021-07-20T13:00:42+00:00 | https://marc.info/?i=20210920230413.GA50332%40bluezbox.com | 2021-09-20T23:04:13+00:00 | CVE-2021-33909 CVE-2021-33910 | 7.00 | 69.42 | |
| containerd GHSA-c72p-9xmj-rx3w [vs] | 2021-07-12T22:57:53+00:00 | 2021-07-19T22:57:53+00:00 | https://marc.info/?i=b948d018a470d7bc6d016a9bbdb3c444aead770c.camel%40amazon.com | 2021-07-19T18:44:24+00:00 | CVE-2021-32760 | 7.00 | 6.79 | |
| Re: curl: TELNET stack contents disclosure again (4/4) | 2021-07-12T07:31:21+00:00 | 2021-07-19T07:31:21+00:00 | https://marc.info/?i=nycvar.QRO.7.76.2107210915010.25537%40fvyyl | 2021-07-21T07:15:24+00:00 | CVE-2021-22925 | 7.00 | 8.96 | |
| … | 2021-07-12T07:30:43+00:00 | 2021-07-19T07:30:43+00:00 | https://marc.info/?i=nycvar.QRO.7.76.2107210914210.25537%40fvyyl | 2021-07-21T07:14:51+00:00 | CVE-2021-22924 | 7.00 | 8.96 | |
| curl: Metalink download sends credentials (2/4) | 2021-07-12T07:29:57+00:00 | 2021-07-19T07:29:57+00:00 | https://marc.info/?i=nycvar.QRO.7.76.2107210913520.25537%40fvyyl | 2021-07-21T07:14:18+00:00 | CVE-2021-22923 | 7.00 | 8.96 | |
| Re: curl: Wrong content via metalink not discarded (1/4) | 2021-07-12T07:29:48+00:00 | 2021-07-19T07:29:48+00:00 | https://marc.info/?i=nycvar.QRO.7.76.2107210912470.25537%40fvyyl | 2021-07-21T07:13:38+00:00 | CVE-2021-22922 | 7.00 | 8.96 | |
| Use-After-Free vulnerability in function sco_sock_sendmsg() | 2021-07-08T12:59:41+00:00 | 2021-07-15T12:59:41+00:00 | https://marc.info/?i=CAJjojJudFortx0aAUB9gDs1EybfzSwx_w2NLWPPEYvGge%2BMZUA%40mail.gmail.com | 2021-07-22T06:28:05+00:00 | CVE-2021-3573 CVE-2021-3640 | 7.00 | 13.71 | |
| CVE-2021-33909 and CVE-2021-33910 | 2021-07-06T12:33:30+00:00 | 2021-07-13T12:33:30+00:00 | https://marc.info/?i=20210920230413.GA50332%40bluezbox.com | 2021-09-20T23:04:13+00:00 | CVE-2018-14634 CVE-2018-16864 CVE-2018-16865 CVE-2021-33909 CVE-2021-33910 | 7.00 | 76.42 | |
| June | ||||||||
| linuxptp: Fix for v1.8 and earlier | 2021-06-22T15:16:30+00:00 | 2021-06-29T15:16:30+00:00 | https://marc.info/?i=20210705223014.GA18898%40hoboy.vegasvil.org | 2021-07-05T22:30:14+00:00 | CVE-2021-3570 | 7.00 | 13.29 | |
| linuxptp: Fix for v1.9.2 | 2021-06-22T15:07:47+00:00 | 2021-06-29T15:07:47+00:00 | https://marc.info/?i=20210705223014.GA18898%40hoboy.vegasvil.org | 2021-07-05T22:30:14+00:00 | CVE-2021-3570 | 7.00 | 13.29 | |
| Re: linuxptp: Fixes for v2.0 and v3.1 | 2021-06-22T15:02:27+00:00 | 2021-06-29T15:02:27+00:00 | https://marc.info/?i=20210705223014.GA18898%40hoboy.vegasvil.org | 2021-07-05T22:30:14+00:00 | CVE-2021-3570 CVE-2021-3571 | 7.00 | 13.29 | |
| … | 2021-06-21T11:36:46+00:00 | 2021-06-28T11:36:46+00:00 | https://marc.info/?i=CAMz_NCr0y0cWsdSaUyGVm4%2B5HMi_-qhpevrr23QF5mMgH_R-5Q%40mail.gmail.com | 2021-07-06T07:53:55+00:00 | CVE-2021-34557 | 7.00 | 14.83 | |
| … | 2021-06-16T12:55:57+00:00 | 2021-06-23T12:55:57+00:00 | https://marc.info/?i=915539867.13379.1624863503635%40appsuite-dev.open-xchange.com | 2021-06-28T06:58:23+00:00 | CVE-2020-28200 CVE-2021-29157 CVE-2021-33515 | 7.00 | 11.75 | |
| Re: net/can: race condition in net/can/bcm.c leads to local privilege escalation | 2021-06-10T23:40:01+00:00 | 2021-06-17T23:40:01+00:00 | https://marc.info/?i=trinity-2ae31df0-82cc-4381-9124-4b24e0bdeb45-1624113653558%403c-app-gmx-bs01 | 2021-06-19T14:40:53+00:00 | CVE-2021-3609 | 7.00 | 8.62 | |
| *UNCHECKED* Re: [vs] connman stack buffer overflow in dnsproxy CVE-2021-33833 | 2021-06-05T15:41:29+00:00 | 2021-06-12T15:41:29+00:00 | https://marc.info/?i=Ye%2FB6IXAWkPoQOOC%40f195.suse.de | 2022-01-25T09:24:56+00:00 | CVE-2021-26675 CVE-2021-33833 | 7.00 | 233.71 | |
| … | 2021-06-02T16:10:07+00:00 | 2021-06-09T16:10:07+00:00 | https://marc.info/?i=YL4HIzhrA7I83MF0%40ugly | 2021-06-07T11:46:43+00:00 | CVE-2021-3578 | 7.00 | 4.79 | |
| May | ||||||||
| Use-After-Free vulnerability | 2021-05-30T12:55:17+00:00 | 2021-06-06T12:55:17+00:00 | https://marc.info/?i=CAJjojJudFortx0aAUB9gDs1EybfzSwx_w2NLWPPEYvGge%2BMZUA%40mail.gmail.com | 2021-07-22T06:28:05+00:00 | CVE-2021-3573 | 7.00 | 52.71 | |
| Re: CVE-2021-3560 polkit: local privilege escalation using polkit_system_bus_name_get_creds_sync() | 2021-05-26T11:36:02+00:00 | 2021-06-02T11:36:02+00:00 | https://marc.info/?i=YLjioqSgPqiOuhsk%40cbuissar-ltop.lan | 2021-06-03T14:09:38+00:00 | CVE-2021-3560 | 7.00 | 8.08 | |
| … | 2021-05-21T19:28:29+00:00 | 2021-05-28T19:28:29+00:00 | https://marc.info/?i=69a91eea-3377-2ad1-cf21-8a1c929e2152%40isc.org | 2021-05-26T22:15:38+00:00 | CVE-2021-25217 | 7.00 | 5.08 | |
| Implementation bug in the Linux Bluetooth subsystem | 2021-05-17T13:56:12+00:00 | 2021-05-24T13:56:12+00:00 | https://marc.info/?i=CAMMGaruFZnpyZd958Lckk%3DeVPgMQHf%2B-Bhth_p2xTW%3D2bJcgig%40mail.gmail.com | 2021-05-25T07:18:22+00:00 | CVE-2021-3564 | 7.00 | 7.71 | |
| Re: [vs] nginx Off-by-One Heap Write Vulnerability | 2021-05-17T10:27:54+00:00 | 2021-05-24T10:27:54+00:00 | https://marc.info/?i=723099d8-1178-aa23-9f8f-df83dabddc4e%40x41-dsec.de | 2021-05-25T16:26:23+00:00 | CVE-2021-23017 | 7.00 | 8.21 | |
| curl: TLS session caching disaster (2/2) | 2021-05-17T07:41:44+00:00 | 2021-05-24T07:41:44+00:00 | https://marc.info/?i=nycvar.QRO.7.76.2105260043520.26381%40fvyyl | 2021-05-26T06:44:22+00:00 | CVE-2021-22901 | 7.00 | 8.96 | |
| curl: TELNET stack contents disclosure (1/2) | 2021-05-17T07:41:34+00:00 | 2021-05-24T07:41:34+00:00 | https://marc.info/?i=nycvar.QRO.7.76.2107210915010.25537%40fvyyl | 2021-07-21T07:15:24+00:00 | CVE-2021-22898 | 7.00 | 64.96 | |
| Re: CVE-2021-30465: runc⇐1.0.0-rc94 vulnerable to symlink-exchange attack | 2021-05-10T15:10:40+00:00 | 2021-05-17T15:10:40+00:00 | https://marc.info/?i=20210519100013.7qu6n5xtqwezmq4e%40yavin | 2021-05-19T10:00:33+00:00 | CVE-2021-30465 | 7.00 | 8.75 | |
| various 802.11 security issues - embargo until 2021-05-11 18:00 UTC | 2021-05-05T16:02:12+00:00 | 2021-05-12T16:02:12+00:00 | https://marc.info/?i=ae9de74624a11f32da8edd8c195b753c7d177d3b.camel%40sipsolutions.net | 2021-05-11T18:11:03+00:00 | CVE-2020-24586 CVE-2020-24587 CVE-2020-24588 CVE-2020-26139 CVE-2020-26140 CVE-2020-26141 CVE-2020-26142 CVE-2020-26143 CVE-2020-26144 CVE-2020-26145 CVE-2020-26146 CVE-2020-26147 | 7.00 | 6.08 | |
| Re: CVE-2021-3491 - Linux kernel io_uring PROVIDE_BUFFERS MAX_RW_COUNT bypass | 2021-05-04T19:22:36+00:00 | 2021-05-11T19:22:36+00:00 | https://marc.info/?i=20210511181346.GM12149%40mussarela | 2021-05-11T18:13:46+00:00 | CVE-2021-3491 | 7.00 | 6.92 | |
| CVE-2021-3490 - Linux kernel eBPF bitwise ops ALU32 bounds tracking | 2021-05-04T17:04:08+00:00 | 2021-05-11T17:04:08+00:00 | https://marc.info/?i=20210511175647.GL12149%40mussarela | 2021-05-11T17:56:47+00:00 | CVE-2021-3490 | 7.00 | 7.00 | |
| Re: CVE-2021-3489 - Linux kernel eBPF RINGBUF map oversized allocation | 2021-05-04T17:02:39+00:00 | 2021-05-11T17:02:39+00:00 | https://marc.info/?i=20210511175549.GK12149%40mussarela | 2021-05-11T17:55:49+00:00 | CVE-2021-3489 | 7.00 | 7.00 | |
| April | ||||||||
| Exim | 2021-04-28T11:31:43+00:00 | 2021-05-05T11:31:43+00:00 | https://marc.info/?i=20210802234451.GA24339%40localhost.localdomain | 2021-08-02T23:59:53+00:00 | CVE-2010-4344 CVE-2010-4345 CVE-2014-2957 CVE-2017-16943 CVE-2017-16944 CVE-2019-10149 CVE-2020-12783 CVE-2020-28007 CVE-2020-28008 CVE-2020-28009 CVE-2020-28010 CVE-2020-28011 CVE-2020-28012 CVE-2020-28013 CVE-2020-28014 CVE-2020-28015 CVE-2020-28016 CVE-2020-28017 CVE-2020-28018 CVE-2020-28019 CVE-2020-28020 CVE-2020-28021 CVE-2020-28022 CVE-2020-28023 CVE-2020-28024 CVE-2020-28025 CVE-2020-28026 CVE-2020-8794 CVE-2021-27216 | 7.00 | 96.50 | |
| Exim 4.94.1: Notice regarding backports to ⇐ 4.91 | 2021-04-27T13:35:48+00:00 | 2021-05-04T13:35:48+00:00 | https://marc.info/?i=20210802234451.GA24339%40localhost.localdomain | 2021-08-02T23:59:53+00:00 | CVE-2020-28007 CVE-2020-28008 CVE-2020-28009 CVE-2020-28010 CVE-2020-28011 CVE-2020-28012 CVE-2020-28013 CVE-2020-28014 CVE-2020-28015 CVE-2020-28016 CVE-2020-28017 CVE-2020-28018 CVE-2020-28019 CVE-2020-28020 CVE-2020-28021 CVE-2020-28022 CVE-2020-28023 CVE-2020-28024 CVE-2020-28025 CVE-2020-28026 CVE-2021-27216 | 7.00 | 97.42 | |
| Re: Three vulnerabilities in BIND (CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216) will be announced 28 April 2021 | 2021-04-26T17:11:58+00:00 | 2021-05-03T17:11:58+00:00 | https://marc.info/?i=bb03954a-2db8-8c4c-3937-a3c59072abb4%40isc.org | 2021-04-29T01:09:42+00:00 | CVE-2021-25214 CVE-2021-25215 CVE-2021-25216 | 7.00 | 2.29 | |
| hivex | 2021-04-20T09:47:19+00:00 | 2021-04-27T09:47:19+00:00 | https://marc.info/?i=0a7efdf7-1e3b-5738-e8ad-50fa9cb7ae16%40redhat.com | 2021-05-04T05:12:40+00:00 | CVE-2021-3504 | 7.00 | 13.79 | |
| Re: Re: Upcoming CVE-2021-29154 Linux kernel LPE due to incorrect BPF JIT branch displacement computation | 2021-04-06T13:12:09+00:00 | 2021-04-13T13:12:09+00:00 | https://marc.info/?i=CAFzhf4pqTAOivUgVSOLw74yCOoGOS1Fm-8-xWpy-JOADMkKrKA%40mail.gmail.com | 2021-04-08T15:24:26+00:00 | CVE-2021-29154 | 7.00 | 2.08 | |
| I found a bug related to the nosy driver of the latest linux kernel | 2021-04-04T14:34:09+00:00 | 2021-04-11T14:34:09+00:00 | https://marc.info/?i=CAMhUBj%3D2rfJDZyO01nDEof8c-bS5Y%2BtLL0NKJzDXJqTgTTariQ%40mail.gmail.com | 2021-04-07T11:16:07+00:00 | CVE-2021-3483 | 7.00 | 2.83 | |
| March | ||||||||
| … | 2021-03-29T12:55:49+00:00 | 2021-04-05T12:55:49+00:00 | https://marc.info/?i=20210406111140.ymqmw3sliu4tskck%40yavin | 2021-04-06T11:11:40+00:00 | CVE-2021-29136 | 7.00 | 7.92 | |
| curl: TLS 1.3 session ticket proxy host mixup (2/2) | 2021-03-22T07:03:04+00:00 | 2021-03-29T07:03:04+00:00 | https://marc.info/?i=nycvar.QRO.7.76.2103310012180.30524%40fvyyl | 2021-03-31T06:02:03+00:00 | CVE-2021-22890 | 7.00 | 8.92 | |
| curl: Automatic referer leaks credentials (1/2) | 2021-03-22T07:02:56+00:00 | 2021-03-29T07:02:56+00:00 | https://marc.info/?i=nycvar.QRO.7.76.2103310012180.30524%40fvyyl | 2021-03-31T06:02:03+00:00 | CVE-2021-22876 CVE-2021-22890 | 7.00 | 8.92 | |
| Linux Kernel information disclosure via speculative execution (two issues) | 2021-03-18T02:15:21+00:00 | 2021-03-25T02:15:21+00:00 | https://marc.info/?i=CAFzhf4qsDm74NJYA2toWYAVxUvvJyP7dD9sPC88EPkHpxf%2Bcag%40mail.gmail.com | 2021-03-18T23:47:24+00:00 | CVE-2020-27170 CVE-2020-27171 | 7.00 | 0.88 | |
| Re: Upcoming Git security fix release | 2021-03-04T08:52:21+00:00 | 2021-03-11T08:52:21+00:00 | https://marc.info/?i=nycvar.QRO.7.76.6.2103091555260.50%40tvgsbejvaqbjf.bet | 2021-03-09T15:03:37+00:00 | CVE-2021-21300 | 7.00 | 5.25 | |
| February | ||||||||
| Multiple GRUB vulnerabilities. | 2021-02-23T17:01:05+00:00 | 2021-03-02T17:01:05+00:00 | https://marc.info/?i=97D7257C-2D75-4DD8-AEE8-B06DEDADB7A6%40oracle.com | 2021-03-02T18:13:44+00:00 | CVE-2020-14372 CVE-2020-25632 CVE-2020-25647 CVE-2020-27749 CVE-2020-27779 CVE-2021-20225 CVE-2021-20233 | 7.00 | 7.04 | |
| Re: isync/mbsync vulnerability | 2021-02-15T19:16:24+00:00 | 2021-02-22T19:16:24+00:00 | https://marc.info/?i=YDPiwBU5Mk3lIoEQ%40ugly | 2021-02-22T16:58:40+00:00 | CVE-2021-20247 | 7.00 | 6.88 | |
| … | 2021-02-12T22:25:18+00:00 | 2021-02-19T22:25:18+00:00 | https://marc.info/?i=3a4ed73f-854b-539b-67df-422a808b0ce8%40isc.org | 2021-02-20T02:42:38+00:00 | CVE-2020-8625 | 7.00 | 7.17 | |
| remote code exec in connman | 2021-02-05T12:41:24+00:00 | 2021-02-12T12:41:24+00:00 | https://marc.info/?i=20210208091105.GF17977%40suse.de | 2021-02-08T09:11:05+00:00 | CVE-2021-26675 CVE-2021-26676 | 7.00 | 2.83 | |
| January | ||||||||
| Re: CVE-2021-3156 | 2021-01-19T01:02:28+00:00 | 2021-01-26T01:02:28+00:00 | https://marc.info/?i=0135587d-2aa8-63ac-f6cb-320c98697d33%40oracle.com | 2021-09-14T22:36:21+00:00 | CVE-2021-3156 | 7.00 | 238.88 | |