Vulnerability Updates

National Cyber Awareness System's Weekly Bulletins For The Month

CERT Vulnerability Notes

National Vulnerability Database

  • CVE-2021-20203: An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5.2.0. It may occur if a guest was to supply invalid values for rx/tx queue size or other NIC …
  • CVE-2021-3406: A flaw was found in keylime 5.8.1 and older. The issue in the Keylime agent and registrar code invalidates the cryptographic chain of trust from the Endorsement Key certificate to agent attestations.
  • CVE-2021-20327: A specific version of the Node.js mongodb-client-encryption module does not perform correct validation of the KMS server’s certificate. This vulnerability in combination with a …
  • CVE-2021-20328: Specific versions of the Java driver that support client-side field level encryption (CSFLE) fail to perform correct host name verification on the KMS server’s certificate. This …
  • CVE-2020-27543: The restify-paginate package 0.0.5 for Node.js allows remote attackers to cause a Denial-of-Service by omitting the HTTP Host header. A Restify-based web service would crash with an uncaught …
Symantec Vulnerabilities List An error occurred while parsing your RSS feed. Check that it’s a valid XML file.

Packet Storm’s Apple Vulnerability List

Packet Storm’s Windows Vulnerability List