VYPR

Serenity

by Serenity

CVEs (8)

  • CVE-2021-33186HigJun 18, 2021
    risk 0.49cvss 7.5epss 0.01

    SerenityOS in test-crypto.cpp contains a stack buffer overflow which could allow attackers to obtain sensitive information.

  • CVE-2021-33185HigJun 18, 2021
    risk 0.49cvss 7.5epss 0.01

    SerenityOS contains a buffer overflow in the set_range test in TestBitmap which could allow attackers to obtain sensitive information.

  • CVE-2021-4327MedMar 1, 2023
    risk 0.00cvss 5.5epss 0.01

    A vulnerability was found in SerenityOS. It has been rated as critical. Affected by this issue is the function initialize_typed_array_from_array_buffer in the library Userland/Libraries/LibJS/Runtime/TypedArray.cpp. The manipulation leads to integer overflow. The exploit has…

  • CVE-2021-31272CriJun 18, 2021
    risk 0.00cvss 9.8epss 0.03

    SerenityOS before commit 3844e8569689dd476064a0759d704bc64fb3ca2c contains a directory traversal vulnerability in tar/unzip that may lead to command execution or privilege escalation.

  • CVE-2021-30045CriApr 6, 2021
    risk 0.00cvss 9.1epss 0.02

    SerenityOS 2021-03-27 contains a buffer overflow vulnerability in the EndOfCentralDirectory::read() function.

  • CVE-2021-28874HigApr 6, 2021
    risk 0.00cvss 7.8epss 0.01

    SerenityOS fixed as of c9f25bca048443e317f1994ba9b106f2386688c3 contains a buffer overflow vulnerability in LibTextCode through opening a crafted file.

  • CVE-2021-27343HigApr 6, 2021
    risk 0.00cvss 7.5epss 0.02

    SerenityOS Unspecified is affected by: Buffer Overflow. The impact is: obtain sensitive information (context-dependent). The component is: /Userland/Libraries/LibCrypto/ASN1/DER.h Crypto::der_decode_sequence() function. The attack vector is: Parsing RSA Key ASN.1.

  • CVE-2019-20172HigDec 31, 2019
    risk 0.00cvss 7.8epss 0.00

    Kernel/VM/MemoryManager.cpp in SerenityOS before 2019-12-30 does not reject syscalls with pointers into the kernel-only virtual address space, which allows local users to gain privileges by overwriting a return address that was found on the kernel stack.