Log

AVG-1823 edited at 23 Aug 2021 10:49:52
Issues
CVE-2020-35979
CVE-2020-35980
CVE-2020-35981
CVE-2020-35982
+ CVE-2021-21834
+ CVE-2021-21835
+ CVE-2021-21836
+ CVE-2021-21837
+ CVE-2021-21838
+ CVE-2021-21839
+ CVE-2021-21840
+ CVE-2021-21841
+ CVE-2021-21842
+ CVE-2021-21843
+ CVE-2021-21844
+ CVE-2021-21845
+ CVE-2021-21846
+ CVE-2021-21847
+ CVE-2021-21848
+ CVE-2021-21849
+ CVE-2021-21850
+ CVE-2021-21851
+ CVE-2021-21852
+ CVE-2021-21853
+ CVE-2021-21854
+ CVE-2021-21855
+ CVE-2021-21856
+ CVE-2021-21857
+ CVE-2021-21858
+ CVE-2021-21859
+ CVE-2021-21860
+ CVE-2021-21861
+ CVE-2021-21862
CVE-2021-28300
CVE-2021-29279
CVE-2021-30014
CVE-2021-30015
CVE-2021-30019
CVE-2021-30020
CVE-2021-30022
CVE-2021-30199
CVE-2021-31254
CVE-2021-31255
CVE-2021-31256
CVE-2021-31257
CVE-2021-31258
CVE-2021-31259
CVE-2021-31260
CVE-2021-31261
CVE-2021-31262
CVE-2021-32437
CVE-2021-32438
CVE-2021-32439
CVE-2021-32440
CVE-2021-36584
CVE-2021-21834 created at 23 Aug 2021 10:49:52
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
Notes
AVG-1823 edited at 23 Aug 2021 10:49:52
Issues
CVE-2020-35979
CVE-2020-35980
CVE-2020-35981
CVE-2020-35982
+ CVE-2021-21834
+ CVE-2021-21835
+ CVE-2021-21836
+ CVE-2021-21837
+ CVE-2021-21838
+ CVE-2021-21839
+ CVE-2021-21840
+ CVE-2021-21841
+ CVE-2021-21842
+ CVE-2021-21843
+ CVE-2021-21844
+ CVE-2021-21845
+ CVE-2021-21846
+ CVE-2021-21847
+ CVE-2021-21848
+ CVE-2021-21849
+ CVE-2021-21850
+ CVE-2021-21851
+ CVE-2021-21852
+ CVE-2021-21853
+ CVE-2021-21854
+ CVE-2021-21855
+ CVE-2021-21856
+ CVE-2021-21857
+ CVE-2021-21858
+ CVE-2021-21859
+ CVE-2021-21860
+ CVE-2021-21861
+ CVE-2021-21862
CVE-2021-28300
CVE-2021-29279
CVE-2021-30014
CVE-2021-30015
CVE-2021-30019
CVE-2021-30020
CVE-2021-30022
CVE-2021-30199
CVE-2021-31254
CVE-2021-31255
CVE-2021-31256
CVE-2021-31257
CVE-2021-31258
CVE-2021-31259
CVE-2021-31260
CVE-2021-31261
CVE-2021-31262
CVE-2021-32437
CVE-2021-32438
CVE-2021-32439
CVE-2021-32440
CVE-2021-36584
CVE-2021-21849 created at 23 Aug 2021 10:49:52
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
Notes
AVG-1823 edited at 23 Aug 2021 10:49:52
Issues
CVE-2020-35979
CVE-2020-35980
CVE-2020-35981
CVE-2020-35982
+ CVE-2021-21834
+ CVE-2021-21835
+ CVE-2021-21836
+ CVE-2021-21837
+ CVE-2021-21838
+ CVE-2021-21839
+ CVE-2021-21840
+ CVE-2021-21841
+ CVE-2021-21842
+ CVE-2021-21843
+ CVE-2021-21844
+ CVE-2021-21845
+ CVE-2021-21846
+ CVE-2021-21847
+ CVE-2021-21848
+ CVE-2021-21849
+ CVE-2021-21850
+ CVE-2021-21851
+ CVE-2021-21852
+ CVE-2021-21853
+ CVE-2021-21854
+ CVE-2021-21855
+ CVE-2021-21856
+ CVE-2021-21857
+ CVE-2021-21858
+ CVE-2021-21859
+ CVE-2021-21860
+ CVE-2021-21861
+ CVE-2021-21862
CVE-2021-28300
CVE-2021-29279
CVE-2021-30014
CVE-2021-30015
CVE-2021-30019
CVE-2021-30020
CVE-2021-30022
CVE-2021-30199
CVE-2021-31254
CVE-2021-31255
CVE-2021-31256
CVE-2021-31257
CVE-2021-31258
CVE-2021-31259
CVE-2021-31260
CVE-2021-31261
CVE-2021-31262
CVE-2021-32437
CVE-2021-32438
CVE-2021-32439
CVE-2021-32440
CVE-2021-36584
CVE-2021-21836 created at 23 Aug 2021 10:49:52
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
Notes
AVG-1823 edited at 23 Aug 2021 10:49:52
Issues
CVE-2020-35979
CVE-2020-35980
CVE-2020-35981
CVE-2020-35982
+ CVE-2021-21834
+ CVE-2021-21835
+ CVE-2021-21836
+ CVE-2021-21837
+ CVE-2021-21838
+ CVE-2021-21839
+ CVE-2021-21840
+ CVE-2021-21841
+ CVE-2021-21842
+ CVE-2021-21843
+ CVE-2021-21844
+ CVE-2021-21845
+ CVE-2021-21846
+ CVE-2021-21847
+ CVE-2021-21848
+ CVE-2021-21849
+ CVE-2021-21850
+ CVE-2021-21851
+ CVE-2021-21852
+ CVE-2021-21853
+ CVE-2021-21854
+ CVE-2021-21855
+ CVE-2021-21856
+ CVE-2021-21857
+ CVE-2021-21858
+ CVE-2021-21859
+ CVE-2021-21860
+ CVE-2021-21861
+ CVE-2021-21862
CVE-2021-28300
CVE-2021-29279
CVE-2021-30014
CVE-2021-30015
CVE-2021-30019
CVE-2021-30020
CVE-2021-30022
CVE-2021-30199
CVE-2021-31254
CVE-2021-31255
CVE-2021-31256
CVE-2021-31257
CVE-2021-31258
CVE-2021-31259
CVE-2021-31260
CVE-2021-31261
CVE-2021-31262
CVE-2021-32437
CVE-2021-32438
CVE-2021-32439
CVE-2021-32440
CVE-2021-36584
CVE-2021-21841 created at 23 Aug 2021 10:49:52
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
Notes
AVG-1823 edited at 23 Aug 2021 10:49:52
Issues
CVE-2020-35979
CVE-2020-35980
CVE-2020-35981
CVE-2020-35982
+ CVE-2021-21834
+ CVE-2021-21835
+ CVE-2021-21836
+ CVE-2021-21837
+ CVE-2021-21838
+ CVE-2021-21839
+ CVE-2021-21840
+ CVE-2021-21841
+ CVE-2021-21842
+ CVE-2021-21843
+ CVE-2021-21844
+ CVE-2021-21845
+ CVE-2021-21846
+ CVE-2021-21847
+ CVE-2021-21848
+ CVE-2021-21849
+ CVE-2021-21850
+ CVE-2021-21851
+ CVE-2021-21852
+ CVE-2021-21853
+ CVE-2021-21854
+ CVE-2021-21855
+ CVE-2021-21856
+ CVE-2021-21857
+ CVE-2021-21858
+ CVE-2021-21859
+ CVE-2021-21860
+ CVE-2021-21861
+ CVE-2021-21862
CVE-2021-28300
CVE-2021-29279
CVE-2021-30014
CVE-2021-30015
CVE-2021-30019
CVE-2021-30020
CVE-2021-30022
CVE-2021-30199
CVE-2021-31254
CVE-2021-31255
CVE-2021-31256
CVE-2021-31257
CVE-2021-31258
CVE-2021-31259
CVE-2021-31260
CVE-2021-31261
CVE-2021-31262
CVE-2021-32437
CVE-2021-32438
CVE-2021-32439
CVE-2021-32440
CVE-2021-36584
CVE-2021-21840 created at 23 Aug 2021 10:49:52
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
Notes
CVE-2021-21861 created at 23 Aug 2021 10:48:42
Severity
+ Medium
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. When processing the 'hdlr' FOURCC code, a specially crafted MPEG-4 input can cause an improper memory allocation resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability.
References
+ https://talosintelligence.com/vulnerability_reports/TALOS-2021-1298
+ https://github.com/gpac/gpac/issues/1814
+ https://github.com/gpac/gpac/commit/8cd33e8977fd5f4215e4b67c309fd403762bfeb7
Notes
CVE-2021-21860 created at 23 Aug 2021 10:48:42
Severity
+ Medium
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an improper memory allocation resulting in a heap-based buffer overflow that causes memory corruption. The FOURCC code, 'trik', is parsed by the function within the library. An attacker can convince a user to open a video to trigger this vulnerability.
References
+ https://talosintelligence.com/vulnerability_reports/TALOS-2021-1298
+ https://github.com/gpac/gpac/issues/1814
+ https://github.com/gpac/gpac/commit/8cd33e8977fd5f4215e4b67c309fd403762bfeb7
Notes
CVE-2021-21859 created at 23 Aug 2021 10:48:41
Severity
+ Medium
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. The stri_box_read function is used when processing atoms using the 'stri' FOURCC code. An attacker can convince a user to open a video to trigger this vulnerability.
References
+ https://talosintelligence.com/vulnerability_reports/TALOS-2021-1298
+ https://github.com/gpac/gpac/issues/1814
+ https://github.com/gpac/gpac/commit/8cd33e8977fd5f4215e4b67c309fd403762bfeb7
Notes
CVE-2021-39242 created at 23 Aug 2021 10:48:41
Severity
+ Medium
Remote
+ Remote
Type
+ Insufficient validation
Description
+ An issue was discovered in HAProxy before 2.4.3. It can lead to a situation with an attacker-controlled HTTP Host header, because a mismatch between Host and authority is mishandled.
References
+ https://www.mail-archive.com/haproxy@formilux.org/msg41041.html
+ https://git.haproxy.org/?p=haproxy.git;a=commit;h=b5d2b9e154d78e4075db163826c5e0f6d31b2ab1
Notes
CVE-2021-39241 created at 23 Aug 2021 10:48:41
Severity
+ Medium
Remote
+ Remote
Type
+ Insufficient validation
Description
+ An issue was discovered in HAProxy before 2.4.3. An HTTP method name may contain a space followed by the name of a protected resource. It is possible that a server would interpret this as a request for that protected resource, such as in the "GET /admin? HTTP/1.1 /static/images HTTP/1.1" example.
References
+ https://www.mail-archive.com/haproxy@formilux.org/msg41041.html
+ https://git.haproxy.org/?p=haproxy.git;a=commit;h=89265224d314a056d77d974284802c1b8a0dc97f
Notes