• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-20

CVE-2021-25746

February 23, 2023 by

A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use .metadata.annotations in an Ingress object (in the networking.k8s.io or extensions API group) to obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster.

CVE-2021-25683

February 23, 2023 by

It was discovered that the get_starttime() function in data/apport did not properly parse the /proc/pid/stat file from the kernel.

CVE-2021-25684

February 23, 2023 by

It was discovered that apport in data/apport did not properly open a report file to prevent hanging reads on a FIFO.

CVE-2021-25503

February 23, 2023 by

Improper input validation vulnerability in HDCP prior to SMR Nov-2021 Release 1 allows attackers to arbitrary code execution.

CVE-2021-25509

February 23, 2023 by

A missing input validation in Samsung Flow Windows application prior to Version 4.8.5.0 allows attackers to overwrite abtraty file in the Windows known folders.

CVE-2021-25510

February 23, 2023 by

An improper validation vulnerability in FilterProvider prior to SMR Dec-2021 Release 1 allows local arbitrary code execution.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 552
  • Go to page 553
  • Go to page 554
  • Go to page 555
  • Go to page 556
  • Interim pages omitted …
  • Go to page 681
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE