mediatek — ged |
In ged, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05687510; Issue ID: ALPS05687510. |
2021-08-18 |
not yet calculated |
CVE-2021-0626
MISC |
abb — power_grids_retail_operations_and_counterpay_settlement_billing
|
Insufficiently Protected Credentials vulnerability in client environment of Hitachi ABB Power Grids Retail Operations and Counterparty Settlement Billing (CSB) allows an attacker or unauthorized user to access database credentials, shut down the product and access or alter. This issue affects: Hitachi ABB Power Grids Retail Operations version 5.7.2 and prior versions. Hitachi ABB Power Grids Counterparty Settlement Billing (CSB) version 5.7.2 and prior versions. |
2021-08-20 |
not yet calculated |
CVE-2021-35529
CONFIRM
CONFIRM |
adobe — acrobat_reader_dc |
Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-35988
MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Type Confusion vulnerability. An unauthenticated attacker could leverage this vulnerability to read arbitrary system information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-35986
MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-35985
MISC |
adobe — acrobat_reader_dc |
Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-35987
MISC |
adobe — acrobat_reader_dc
|
Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by a Null pointer dereference vulnerability. An authenticated attacker could leverage this vulnerability achieve an application denial-of-service in the context of the current user. Exploitation of this issue does not requires user interaction. |
2021-08-20 |
not yet calculated |
CVE-2021-35984
MISC |
adobe — acrobat_reader_dc
|
Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Use-after-free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-35983
MISC |
adobe — acrobat_reader_dc
|
Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Use-after-free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-35981
MISC |
adobe — bridge
|
Adobe Bridge version 11.0.2 (and earlier) is affected by an Out-of-bounds Write vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-35989
MISC |
adobe — bridge
|
Adobe Bridge version 11.0.2 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-35992
MISC |
adobe — bridge
|
Adobe Bridge version 11.0.2 (and earlier) are affected by a Heap-based Buffer overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-28624
MISC |
adobe — bridge
|
Adobe Bridge version 11.0.2 (and earlier) is affected by an Out-of-bounds Write vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-35990
MISC |
adobe — bridge
|
Adobe Bridge version 11.0.2 (and earlier) is affected by an uninitialized variable vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-35991
MISC |
adobe — character_animator
|
Adobe Character Animator version 4.2 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-36000
MISC |
adobe — character_animator
|
Adobe Character Animator version 4.2 (and earlier) is affected by an out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-36001
MISC |
adobe — dimension
|
Adobe Dimension version 3.4 (and earlier) is affected by an Uncontrolled Search Path Element element. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-28595
MISC |
adobe — illustrator |
Adobe Illustrator version 25.2.3 (and earlier) is affected by a Use After Free vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose potential sensitive information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-28593
MISC |
adobe — illustrator
|
Adobe Illustrator version 25.2.3 (and earlier) is affected by a potential Command injection vulnerability when chained with a development and debugging tool for JavaScript scripts. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-36011
MISC |
adobe — illustrator
|
Adobe Illustrator version 25.2.3 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-36010
MISC |
adobe — illustrator
|
Adobe Illustrator version 25.2.3 (and earlier) is affected by an memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-36009
MISC |
adobe — illustrator
|
Adobe Illustrator version 25.2.3 (and earlier) is affected by an Use-after-free vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to read arbitrary file system information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-36008
MISC |
adobe — illustrator
|
Adobe Illustrator version 25.2.3 (and earlier) is affected by an Out-of-bounds Write vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-28591
MISC |
adobe — illustrator
|
Adobe Illustrator version 25.2.3 (and earlier) is affected by an Out-of-bounds Write vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-28592
MISC |
adobe — media_encoder
|
Adobe Media Encoder version 15.2 (and earlier) is affected by an uninitialized pointer vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to read arbitrary file system information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-36014
MISC |
adobe — media_encoder
|
Adobe Media Encoder version 15.2 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to read arbitrary file system information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-36016
MISC |
adobe — media_encoder
|
Adobe Media Encoder version 15.2 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-36015
MISC |
adobe — media_encoer
|
Adobe Media Encoder version 15.2 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-28589
MISC |
adobe — media_encoer
|
Adobe Media Encoder version 15.2 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-28590
MISC |
adobe — photoshop |
Adobe Photoshop versions 21.2.9 (and earlier) and 22.4.2 (and earlier) are affected by an Improper input validation vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-36006
MISC |
adobe — photoshop
|
Adobe Photoshop versions 21.2.9 (and earlier) and 22.4.2 (and earlier) is affected by a stack overflow vulnerability due to insecure handling of a crafted PSD file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted PSD file in Photoshop. |
2021-08-20 |
not yet calculated |
CVE-2021-36005
MISC |
adobe — prelude
|
Adobe Prelude version 10.0 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-35999
MISC |
adobe — prelude
|
Adobe Prelude version 10.0 (and earlier) are affected by an uninitialized variable vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-36007
MISC |
adobe — premiere_pro
|
Adobe Premiere Pro version 15.2 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-35997
MISC |
adobe — reader_dc |
Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Out-of-bounds write vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-28642
MISC |
adobe — reader_dc |
Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Use-after-free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-28641
MISC |
adobe — reader_dc |
Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Uncontrolled Search Path Element vulnerability. An attacker with access to the victim’s C:/ folder could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-28636
MISC |
adobe — reader_dc
|
Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by a Type Confusion vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-28643
MISC |
adobe — reader_dc
|
Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Improper Neutralization of Special Elements used in an OS Command. An authenticated attacker could leverage this vulnerability to achieve arbitrary code execution on the host machine in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-28634
MISC |
adobe — reader_dc
|
Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by a Heap-based Buffer overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-28638
MISC |
adobe — reader_dc
|
Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by a use-after-free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-28635
MISC |
adobe — reader_dc
|
Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an out-of-bounds read vulnerability. An unauthenticated attacker could leverage this vulnerability achieve arbitrary read / write system information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-28637
MISC |
adobe — reader_dc
|
Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Use-after-free vulnerability. An authenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-28640
MISC |
adobe — reader_dc
|
Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Use-after-free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2021-08-20 |
not yet calculated |
CVE-2021-28639
MISC |
aitecms — aitecms
|
SQL Injection in AiteCMS v1.0 allows remote attackers to execute arbitrary code via the component “aitecms/login/diy_list.php”. |
2021-08-18 |
not yet calculated |
CVE-2020-18746
MISC |
ansi-html — ansi-html
|
This affects all versions of package ansi-html. If an attacker provides a malicious string, it will get stuck processing the input for an extremely long time. |
2021-08-18 |
not yet calculated |
CVE-2021-23424
MISC
MISC
MISC |
apache — airflow
|
If remote logging is not used, the worker (in the case of CeleryExecutor) or the scheduler (in the case of LocalExecutor) runs a Flask logging server and is listening on a specific port and also binds on 0.0.0.0 by default. This logging server had no authentication and allows reading log files of DAG jobs. This issue affects Apache Airflow < 2.1.2. |
2021-08-16 |
not yet calculated |
CVE-2021-35936
MISC |
apache — http/2
|
A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48. |
2021-08-16 |
not yet calculated |
CVE-2021-33193
MISC
MISC |
apache — ofbiz
|
Unrestricted Upload of File with Dangerous Type vulnerability in Apache OFBiz allows an attacker to execute remote commands. This issue affects Apache OFBiz version 17.12.07 and prior versions. Upgrade to at least 17.12.08 or apply patches at https://issues.apache.org/jira/browse/OFBIZ-12297. |
2021-08-18 |
not yet calculated |
CVE-2021-37608
MISC |
appdynamics — appdynamics
|
A vulnerability in the AppDynamics .NET Agent for Windows could allow an attacker to leverage an authenticated, local user account to gain SYSTEM privileges. This vulnerability is due to the .NET Agent Coordinator Service executing code with SYSTEM privileges. An attacker with local access to a device that is running the vulnerable agent could create a custom process that would be launched with those SYSTEM privileges. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system. This vulnerability is fixed in AppDynamics .NET Agent Release 21.7. |
2021-08-18 |
not yet calculated |
CVE-2021-34745
CONFIRM |
at&t — labs |
A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7. In the default case of DecodeTreeBlock a label is created via CurPath::AddLabel in order to track the label for later reference. An attacker can provide a malicious file to trigger this vulnerability. |
2021-08-20 |
not yet calculated |
CVE-2021-21828
MISC |
at&t — labs
|
A memory corruption vulnerability exists in the XML-parsing ParseAttribs functionality of AT&T Labs’ Xmill 0.7. A specially crafted XML file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. |
2021-08-17 |
not yet calculated |
CVE-2021-21810
MISC |
at&t — labs
|
A heap-based buffer overflow vulnerability exists in the XML Decompression PlainTextUncompressor::UncompressItem functionality of AT&T Labs’ Xmill 0.7. A specially crafted XMI file can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability. |
2021-08-18 |
not yet calculated |
CVE-2021-21825
MISC |
at&t — labs
|
A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7. Within `DecodeTreeBlock` which is called during the decompression of an XMI file, a UINT32 is loaded from the file and used as trusted input as the length of a buffer. An attacker can provide a malicious file to trigger this vulnerability. |
2021-08-20 |
not yet calculated |
CVE-2021-21826
MISC |
at&t — labs
|
A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7. Within `DecodeTreeBlock` which is called during the decompression of an XMI file, a UINT32 is loaded from the file and used as trusted input as the length of a buffer. An attacker can provide a malicious file to trigger this vulnerability. |
2021-08-20 |
not yet calculated |
CVE-2021-21827
MISC |
atlassian — jira_server_and_data_center
|
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to read particular files via a path traversal vulnerability in the /WEB-INF/web.xml endpoint. The affected versions are before version 8.5.14, from version 8.6.0 before 8.13.6, and from version 8.14.0 before 8.16.1. |
2021-08-16 |
not yet calculated |
CVE-2021-26086
MISC |
atutor — atutor
|
A reflected cross site scripting (XSS) vulnerability in the /header.tmpl.php component of ATutor 2.2.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. |
2021-08-17 |
not yet calculated |
CVE-2020-23341
MISC |
baserow — baserow
|
SSRF in URL file upload in Baserow <1.1.0 allows remote authenticated users to retrieve files from the internal server network exposed over HTTP by inserting an internal address. |
2021-08-20 |
not yet calculated |
CVE-2021-22255
MISC
MISC
CONFIRM |
bblfshd — bblfshd
|
bblfshd is an open source self-hosted server for source code parsing. In bblfshd before commit 4265465b9b6fb5663c30ee43806126012066aad4 there is a “zipslip” vulnerability. The unsafe handling of symbolic links in an unpacking routine may enable attackers to read and/or write to arbitrary locations outside the designated target folder. This issue may lead to arbitrary file write (with same permissions as the program running the unpack operation) if the attacker can control the archive file. Additionally, if the attacker has read access to the unpacked files, he may be able to read arbitrary system files the parent process has permissions to read. For more details including a PoC see the referenced GHSL-2020-258. |
2021-08-16 |
not yet calculated |
CVE-2021-32825
MISC
CONFIRM
MISC |
bento4 — bento4 |
A heap-based buffer overflow exists in the AP4_StdcFileByteStream::ReadPartial component located in /StdC/Ap4StdCFileByteStream.cpp of Bento4 version 06c39d9. This issue can lead to a denial of service (DOS). |
2021-08-17 |
not yet calculated |
CVE-2020-23332
MISC |
bento4 — bento4
|
A heap-based buffer overflow exists in the AP4_CttsAtom::AP4_CttsAtom component located in /Core/Ap4Utils.h of Bento4 version 06c39d9. This can lead to a denial of service (DOS). |
2021-08-17 |
not yet calculated |
CVE-2020-23333
MISC |
bento4 — bento4
|
A WRITE memory access in the AP4_NullTerminatedStringAtom::AP4_NullTerminatedStringAtom component of Bento4 version 06c39d9 can lead to a segmentation fault. |
2021-08-17 |
not yet calculated |
CVE-2020-23334
MISC |
bento4 — bento4
|
An issue was discovered in Bento4 version 06c39d9. A NULL pointer dereference exists in the AP4_Stz2Atom::GetSampleSize component located in /Core/Ap4Stz2Atom.cpp. It allows an attacker to cause a denial of service (DOS). |
2021-08-17 |
not yet calculated |
CVE-2020-23330
MISC |
bento4 — bento4
|
An issue was discovered in Bento4 version 06c39d9. A NULL pointer dereference exists in the AP4_DescriptorListWriter::Action component located in /Core/Ap4Descriptor.h. It allows an attacker to cause a denial of service (DOS). |
2021-08-17 |
not yet calculated |
CVE-2020-23331
MISC |
bikeshed — bikeshed
|
This affects the package bikeshed before 3.0.0. This can occur when an untrusted source file containing include, include-code or include-raw block is processed. The contents of arbitrary files could be disclosed in the HTML output. |
2021-08-16 |
not yet calculated |
CVE-2021-23423
MISC
MISC |
bikeshed — bikeshed
|
This affects the package bikeshed before 3.0.0. This can occur when an untrusted source file containing Inline Tag Command metadata is processed. When an arbitrary OS command is executed, the command output would be included in the HTML output. |
2021-08-16 |
not yet calculated |
CVE-2021-23422
CONFIRM
CONFIRM |
bind — supported_preview_edition |
In BIND 9.16.19, 9.17.16. Also, version 9.16.19-S1 of BIND Supported Preview Edition When a vulnerable version of named receives a query under the circumstances described above, the named process will terminate due to a failed assertion check. The vulnerability affects only BIND 9 releases 9.16.19, 9.17.16, and release 9.16.19-S1 of the BIND Supported Preview Edition. |
2021-08-18 |
not yet calculated |
CVE-2021-25218
CONFIRM
MLIST
MLIST
FEDORA |
blackberry — qnx_software_development_platform
|
An integer overflow vulnerability in the calloc() function of the C runtime library of affected versions of BlackBerry® QNX Software Development Platform (SDP) version(s) 6.5.0SP1 and earlier, QNX OS for Medical 1.1 and earlier, and QNX OS for Safety 1.0.1 and earlier that could allow an attacker to potentially perform a denial of service or execute arbitrary code. |
2021-08-17 |
not yet calculated |
CVE-2021-22156
MISC
CISCO |
bludit — bluedit
|
Unrestricted File Upload in Bludit v3.8.1 allows remote attackers to execute arbitrary code by uploading malicious files via the component ‘bl-kereln/ajax/upload-logo.php’. |
2021-08-20 |
not yet calculated |
CVE-2020-18879
MISC |
bssa — dft
|
Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged user to potentially enable an escalation of privilege via local access. |
2021-08-16 |
not yet calculated |
CVE-2021-0114
MISC |
centreon — centreon
|
/graphStatus/displayServiceStatus.php in Centreon 19.10.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the RRDdatabase_path parameter. |
2021-08-18 |
not yet calculated |
CVE-2020-22345
MISC
MISC |
cisco — expressway_series
|
A vulnerability in the image verification function of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to execute code with internal user privileges on the underlying operating system. The vulnerability is due to insufficient validation of the content of upgrade packages. An attacker could exploit this vulnerability by uploading a malicious archive to the Upgrade page of the administrative web interface. A successful exploit could allow the attacker to execute code with user-level privileges (the _nobody account) on the underlying operating system. |
2021-08-18 |
not yet calculated |
CVE-2021-34715
CISCO |
cisco — expressway_series
|
A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system as the root user. This vulnerability is due to incorrect handling of certain crafted software images that are uploaded to the affected device. An attacker could exploit this vulnerability by authenticating to the system as an administrative user and then uploading specific crafted software images to the affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user. |
2021-08-18 |
not yet calculated |
CVE-2021-34716
CISCO |
cisco — secure_email_and_web_manager
|
A vulnerability in the spam quarantine feature of Cisco Secure Email and Web Manager, formerly Cisco Security Management Appliance (SMA), could allow an authenticated, remote attacker to gain unauthorized access and modify the spam quarantine settings of another user. This vulnerability exists because access to the spam quarantine feature is not properly restricted. An attacker could exploit this vulnerability by sending malicious requests to an affected system. A successful exploit could allow the attacker to modify another user’s spam quarantine settings, possibly disabling security controls or viewing email messages stored on the spam quarantine interfaces. |
2021-08-18 |
not yet calculated |
CVE-2021-1561
CISCO |
cisco — video_surveillance_7000_series_ip_cameras
|
A vulnerability in the Link Layer Discovery Protocol (LLDP) implementation for the Cisco Video Surveillance 7000 Series IP Cameras firmware could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper management of memory resources, referred to as a double free. An attacker could exploit this vulnerability by sending crafted LLDP packets to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Note: LLDP is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). |
2021-08-18 |
not yet calculated |
CVE-2021-34734
CISCO |
cisco — web_security_appliance
|
A vulnerability in Server Name Identification (SNI) request filtering of Cisco Web Security Appliance (WSA), Cisco Firepower Threat Defense (FTD), and the Snort detection engine could allow an unauthenticated, remote attacker to bypass filtering technology on an affected device and exfiltrate data from a compromised host. This vulnerability is due to inadequate filtering of the SSL handshake. An attacker could exploit this vulnerability by using data from the SSL client hello packet to communicate with an external server. A successful exploit could allow the attacker to execute a command-and-control attack on a compromised host and perform additional data exfiltration attacks. |
2021-08-18 |
not yet calculated |
CVE-2021-34749
CISCO |
citrix — sharefile
|
An issue has been identified in the CTX269106 mitigation tool for Citrix ShareFile storage zones controller which causes the ShareFile file encryption option to become disabled if it had previously been enabled. Customers are only affected by this issue if they previously selected “Enable Encryption” in the ShareFile configuration page and did not re-select this setting after running the CTX269106 mitigation tool. ShareFile customers who have not run the CTX269106 mitigation tool or who re-selected “Enable Encryption” immediately after running the tool are unaffected by this issue. |
2021-08-16 |
not yet calculated |
CVE-2021-22932
MISC |
clickhouse — clickhouse
|
Clickhouse prior to versions v20.8.18.32-lts, v21.1.9.41-stable, v21.2.9.41-stable, v21.3.6.55-lts, v21.4.3.21-stable allows user to read any file on the host system, that clickhouse user has access to. |
2021-08-17 |
not yet calculated |
CVE-2021-25263
MISC |
codesys — gmbh |
A unsafe deserialization vulnerability exists in the ObjectManager.plugin Project.get_MissingTypes() functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger this vulnerability. |
2021-08-18 |
not yet calculated |
CVE-2021-21868
MISC |
codesys — gmbh
|
A unsafe deserialization vulnerability exists in the ObjectManager.plugin ObjectStream.ProfileByteArray functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger this vulnerability. |
2021-08-18 |
not yet calculated |
CVE-2021-21867
MISC |
crocoblock — jetengine
|
Crocoblock JetEngine before 2.6.1 allows XSS by remote authenticated users via a custom form input. |
2021-08-16 |
not yet calculated |
CVE-2021-38607
CONFIRM
MISC |
cyberoam — netgenie
|
Cyberoam NetGenie C0101B1-20141120-NG11VO devices through 2021-08-14 allow tweb/ft.php?u=[XSS] attacks. |
2021-08-17 |
not yet calculated |
CVE-2021-38702
MISC
MISC
MISC
FULLDISC |
cybozu — garoon |
Cross-site scripting vulnerability in some functions of Group Mail of Cybozu Garoon 4.0.0 to 5.5.0 allows a remote attacker to inject an arbitrary script via unspecified vectors. |
2021-08-18 |
not yet calculated |
CVE-2021-20771
MISC
MISC |
cybozu — garoon |
Cross-site request forgery (CSRF) vulnerability in Message of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to hijack the authentication of administrators and perform an arbitrary operation via unspecified vectors. |
2021-08-18 |
not yet calculated |
CVE-2021-20758
MISC
MISC |
cybozu — garoon |
Cross-site scripting vulnerability in Message of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote attacker to inject an arbitrary script via unspecified vectors. |
2021-08-18 |
not yet calculated |
CVE-2021-20766
MISC
MISC |
cybozu — garoon |
Operational restrictions bypass vulnerability in Scheduler and MultiReport of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to delete the data of Scheduler and MultiReport without the appropriate privilege. |
2021-08-18 |
not yet calculated |
CVE-2021-20768
MISC
MISC |
cybozu — garoon |
Viewing restrictions bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to obtain the data of Portal without the viewing privilege. |
2021-08-18 |
not yet calculated |
CVE-2021-20755
MISC
MISC |
cybozu — garoon |
Viewing restrictions bypass vulnerability in Address of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to obtain the data of Address without the viewing privilege. |
2021-08-18 |
not yet calculated |
CVE-2021-20756
MISC
MISC |
cybozu — garoon
|
Operational restrictions bypass vulnerability in Bulletin of Cybozu Garoon 4.6.0 to 5.0.2 allows a remote authenticated attacker to alter the data of Portal without the appropriate privilege. |
2021-08-18 |
not yet calculated |
CVE-2021-20759
MISC
MISC |
cybozu — garoon
|
Cross-site scripting vulnerability in Scheduler of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors. |
2021-08-18 |
not yet calculated |
CVE-2021-20753
MISC
MISC |
cybozu — garoon
|
Improper input validation vulnerability in Workflow of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to alter the data of Workflow without the appropriate privilege. |
2021-08-18 |
not yet calculated |
CVE-2021-20754
MISC
MISC |
cybozu — garoon
|
Operational restrictions bypass vulnerability in E-mail of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to alter the data of Portal without the appropriate privilege. |
2021-08-18 |
not yet calculated |
CVE-2021-20757
MISC
MISC |
cybozu — garoon
|
Improper input validation vulnerability in User Profile of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to alter the data of User Profile without the appropriate privilege. |
2021-08-18 |
not yet calculated |
CVE-2021-20760
MISC
MISC |
cybozu — garoon
|
Improper input validation vulnerability in Bulletin of Cybozu Garoon 4.10.0 to 5.5.0 allows a remote authenticated attacker to obtain the data of Comment and Space without the viewing privilege. |
2021-08-18 |
not yet calculated |
CVE-2021-20775
MISC
MISC |
cybozu — garoon
|
Improper input validation vulnerability in E-mail of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated to alter the data of E-mail without the appropriate privilege. |
2021-08-18 |
not yet calculated |
CVE-2021-20762
MISC
MISC |
cybozu — garoon
|
Improper input validation vulnerability in E-mail of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote attacker with an administrative privilege to alter the data of E-mail without the appropriate privilege. |
2021-08-18 |
not yet calculated |
CVE-2021-20761
MISC
MISC |
cybozu — garoon
|
Cross-site scripting vulnerability in some functions of E-mail of Cybozu Garoon 4.0.0 to 5.5.0 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors. |
2021-08-18 |
not yet calculated |
CVE-2021-20774
MISC
MISC |
cybozu — garoon
|
Operational restrictions bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to obtain the data of Portal without the appropriate privilege. |
2021-08-18 |
not yet calculated |
CVE-2021-20763
MISC
MISC |
cybozu — garoon
|
Cross-site scripting vulnerability in Full Text Search of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors. |
2021-08-18 |
not yet calculated |
CVE-2021-20767
MISC
MISC |
cybozu — garoon
|
Cross-site scripting vulnerability in Message of Cybozu Garoon 4.6.0 to 5.0.2 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors. |
2021-08-18 |
not yet calculated |
CVE-2021-20770
MISC
MISC |
cybozu — garoon
|
Cross-site scripting vulnerability in Bulletin of Cybozu Garoon 4.6.0 to 5.0.2 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors. |
2021-08-18 |
not yet calculated |
CVE-2021-20769
MISC
MISC |
cybozu — garoon
|
Improper input validation vulnerability in Attaching Files of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote attacker to alter the data of Attaching Files. |
2021-08-18 |
not yet calculated |
CVE-2021-20764
MISC
MISC |
cybozu — garoon
|
Information disclosure vulnerability in Bulletin of Cybozu Garoon 4.10.0 to 5.5.0 allows a remote authenticated attacker to obtain the title of Bulletin without the viewing privilege. |
2021-08-18 |
not yet calculated |
CVE-2021-20772
MISC
MISC |
cybozu — garoon
|
There is a vulnerability in Workflow of Cybozu Garoon 4.0.0 to 5.5.0, which may allow a remote authenticated attacker to delete the route information Workflow without the appropriate privilege. |
2021-08-18 |
not yet calculated |
CVE-2021-20773
MISC
MISC |
cybozu — garoon
|
Cross-site scripting vulnerability in Bulletin of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote attacker to inject an arbitrary script via unspecified vectors. |
2021-08-18 |
not yet calculated |
CVE-2021-20765
MISC
MISC |
d-link — dsl-2750u_router
|
D-Link router DSL-2750U with firmware vME1.16 or prior versions is vulnerable to unauthorized configuration modification. An unauthenticated attacker on the local network may exploit this, with CVE-2021-3708, to execute any OS commands on the vulnerable device. |
2021-08-16 |
not yet calculated |
CVE-2021-3707
MISC
JVN
CONFIRM |
d-link — dsl-2750u_router
|
D-Link router DSL-2750U with firmware vME1.16 or prior versions is vulnerable to OS command injection. An unauthenticated attacker on the local network may exploit this, with CVE-2021-3707, to execute any OS commands on the vulnerable device. |
2021-08-16 |
not yet calculated |
CVE-2021-3708
MISC
JVN
CONFIRM |
dell — emc_powerscale_onefs |
Dell PowerScale OneFS versions 8.2.2 – 9.1.0.x contain a use of get request method with sensitive query strings vulnerability. It can lead to potential disclosure of sensitive data. Dell recommends upgrading at your earliest opportunity. |
2021-08-16 |
not yet calculated |
CVE-2021-21594
CONFIRM |
dell — emc_powerscale_onefs |
Dell EMC PowerScale OneFS versions 8.2.x – 9.2.x contain an incorrect permission assignment for critical resource vulnerability. This could allow a user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE to access privileged information about the cluster. |
2021-08-16 |
not yet calculated |
CVE-2021-36280
CONFIRM |
dell — emc_powerscale_onefs |
Dell EMC PowerScale OneFS versions 8.2.x – 9.2.x contain an incorrect permission assignment for critical resource vulnerability. This could allow a user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE to access privileged information about the cluster. |
2021-08-16 |
not yet calculated |
CVE-2021-36279
CONFIRM |
dell — emc_powerscale_onefs |
Dell EMC PowerScale OneFS versions 8.2.x – 9.2.x contain an incorrect permission assignment vulnerability. A low privileged authenticated user can potentially exploit this vulnerability to escalate privileges. |
2021-08-16 |
not yet calculated |
CVE-2021-36281
CONFIRM |
dell — emc_powerscale_onefs
|
Dell EMC PowerScale OneFS versions 8.2.x – 9.2.x improperly handle an exceptional condition. A remote low privileged user could potentially exploit this vulnerability, leading to unauthorized information disclosure. |
2021-08-16 |
not yet calculated |
CVE-2021-21592
CONFIRM |
dell — emc_powerscale_onefs
|
Dell EMC PowerScale OneFS versions 8.2.x – 9.2.1.x contain an OS command injection vulnerability. This may allow a user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE to escalate privileges and escape the compliance guarantees. This only impacts Smartlock WORM compliance mode clusters as a critical vulnerability and Dell recommends to update/upgrade at the earliest opportunity. |
2021-08-16 |
not yet calculated |
CVE-2021-21599
CONFIRM |
dell — emc_powerscale_onefs
|
Dell EMC PowerScale OneFS versions 8.2.x – 9.2.x contain an insufficient logging vulnerability. An authenticated user with ISI_PRIV_LOGIN_PAPI could make un-audited and un-trackable configuration changes to settings that their roles have privileges to change. |
2021-08-16 |
not yet calculated |
CVE-2021-21568
CONFIRM |
dell — emc_powerscale_onefs
|
Dell EMC PowerScale OneFS versions 8.2.x – 9.1.0.x contain a use of uninitialized resource vulnerability. This can potentially allow an authenticated user with ISI_PRIV_LOGIN_CONSOLE or ISI_PRIV_LOGIN_SSH privileges to gain access up to 24 bytes of data within the /ifs kernel stack under certain conditions. |
2021-08-16 |
not yet calculated |
CVE-2021-36282
CONFIRM |
dell — emc_powerscale_onefs
|
Dell EMC PowerScale OneFS versions 8.2.x and 9.1.0.x contain an insertion of sensitive information into log files vulnerability. This means a malicious actor with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE privileges can access privileged information. |
2021-08-16 |
not yet calculated |
CVE-2021-36278
CONFIRM |
dell — emc_powerscale_onefs
|
Dell EMC PowerScale OneFS versions 8.2.x – 9.1.1.x contain an improper neutralization of special elements used in an OS command. This vulnerability could allow the compadmin user to elevate privileges. This only impacts Smartlock WORM compliance mode clusters as a critical vulnerability and Dell recommends to update/upgrade at the earliest opportunity. |
2021-08-16 |
not yet calculated |
CVE-2021-21595
CONFIRM |
diez — diez
|
The @diez/generation npm package is a client for Diez. The locateFont method of @diez/generation has a command injection vulnerability. Clients of the @diez/generation library are unlikely to be aware of this, so they might unwittingly write code that contains a vulnerability. This issue may lead to remote code execution if a client of the library calls the vulnerable method with untrusted input. All versions of this package are vulnerable as of the writing of this CVE. |
2021-08-17 |
not yet calculated |
CVE-2021-32830
CONFIRM
MISC
MISC |
disc_soft_ltd — deamon_tools_pro
|
A memory corruption vulnerability exists in the ISO Parsing functionality of Disc Soft Ltd Deamon Tools Pro 8.3.0.0767. A specially crafted malformed file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability. |
2021-08-17 |
not yet calculated |
CVE-2021-21832
MISC |
django-widgy — django-widgy
|
Unrestricted Upload of File with Dangerous Type in Django-Widgy v0.8.4 allows remote attackers to execute arbitrary code via the ‘image’ widget in the component ‘Change Widgy Page’. |
2021-08-16 |
not yet calculated |
CVE-2020-18704
MISC |
dolibarr — dolibarr
|
In “Dolibarr” application, v3.3.beta1_20121221 to v13.0.2 have “Modify” access for admin level users to change other user’s details but fails to validate already existing “Login” name, while renaming the user “Login”. This leads to complete account takeover of the victim user. This happens since the password gets overwritten for the victim user having a similar login name. |
2021-08-17 |
not yet calculated |
CVE-2021-25956
MISC
MISC |
dolibarr — dolibarr
|
In “Dolibarr” application, v2.8.1 to v13.0.2 are vulnerable to account takeover via password reset functionality. A low privileged attacker can reset the password of any user in the application using the password reset link the user received through email when requested for a forgotten password. |
2021-08-17 |
not yet calculated |
CVE-2021-25957
MISC
MISC |
dolibarr — dolibarr
|
In “Dolibarr ERP CRM”, WYSIWYG Editor module, v2.8.1 to v13.0.2 are affected by a stored XSS vulnerability that allows low privileged application users to store malicious scripts in the “Private Note” field at “/adherents/note.php?id=1” endpoint. These scripts are executed in a victim’s browser when they open the page containing the vulnerable field. In the worst case, the victim who inadvertently triggers the attack is a highly privileged administrator. The injected scripts can extract the Session ID, which can lead to full Account takeover of the admin and due to other vulnerability (Improper Access Control on Private notes) a low privileged user can update the private notes which could lead to privilege escalation. |
2021-08-15 |
not yet calculated |
CVE-2021-25955
MISC
MISC |
dotcms — dotcms
|
Incorrect Access Control in DotCMS versions before 5.1 allows remote attackers to gain privileges by injecting client configurations via vtl (velocity) files. |
2021-08-18 |
not yet calculated |
CVE-2020-18875
MISC
MISC |
eclipse — californium
|
In Eclipse Californium version 2.0.0 to 2.6.4 and 3.0.0-M1 to 3.0.0-M3, the certificate based (x509 and RPK) DTLS handshakes accidentally succeeds without verifying the server side’s signature on the client side, if that signature is not included in the server’s ServerKeyExchange. |
2021-08-20 |
not yet calculated |
CVE-2021-34433
CONFIRM |
empirecms — empirecms
|
A remote code execution (RCE) in e/install/index.php of EmpireCMS 7.5 allows attackers to execute arbitrary PHP code via writing malicious code to the install file. |
2021-08-17 |
not yet calculated |
CVE-2020-22937
MISC |
evoucms — evoucms
|
Cross Site Request Forgery (CSRF) vulnerability exists in EyouCMS 1.3.6 that can add an htm page to execute the js code via login.php?m=admin&c=Filemanager&a=newfile&lang=cn. |
2021-08-19 |
not yet calculated |
CVE-2020-20642
MISC |
evoucms — evoucms
|
Cross Site Scripting (XSS) vulnerability exists in Eyoucms v1.4.7 and earlier via the addonfieldext parameter. |
2021-08-18 |
not yet calculated |
CVE-2020-28146
MISC
MISC
MISC |
evoucms — evoucms
|
Cross Site Request Forgery (CSRF) vulnerability exists in Eyoucms 1.3.6 that can add an admin account via /login.php?m=admin&c=Admin&a=admin_add&lang=cn. |
2021-08-18 |
not yet calculated |
CVE-2020-19669
MISC |
exiv2 — exiv2
|
An uncontrolled memory allocation in DataBufdata(subBox.length-sizeof(box)) function of Exiv2 0.27 allows attackers to cause a denial of service (DOS) via a crafted input. |
2021-08-19 |
not yet calculated |
CVE-2020-18899
MISC |
exiv2 — exiv2
|
A stack exhaustion issue in the printIFDStructure function of Exiv2 0.27 allows remote attackers to cause a denial of service (DOS) via a crafted file. |
2021-08-19 |
not yet calculated |
CVE-2020-18898
MISC |
exponentcms — exponentcms
|
A HTTP Host header attack exists in ExponentCMS 2.6 and below in /exponent_constants.php. A modified HTTP header can change links on the webpage to an arbitrary value, leading to a possible attack vector for MITM. |
2021-08-16 |
not yet calculated |
CVE-2021-38751
MISC |
eyoucms — eyoucms
|
Cross Site Scripting (XSS) vulnerability exists in EyouCMS1.3.6 in the basic_information area. |
2021-08-19 |
not yet calculated |
CVE-2020-20645
MISC |
ffmpeg — ffmpeg
|
adts_decode_extradata in libavformat/adtsenc.c in FFmpeg 4.4 does not check the init_get_bits return value, which is a necessary step because the second argument to init_get_bits can be crafted. |
2021-08-21 |
not yet calculated |
CVE-2021-38171
MISC
MISC |
fortinet — fortiportal
|
An improper neutralization of input during web page generation vulnerability (CWE-79) in FortiPortal GUI 6.0.4 and below, 5.3.6 and below, 5.2.6 and below, 5.1.2 and below, 5.0.3 and below, 4.2.2 and below, 4.1.2 and below, 4.0.4 and below may allow a remote and unauthenticated attacker to perform an XSS attack via sending a crafted request with an invalid lang parameter or with an invalid org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE value. |
2021-08-19 |
not yet calculated |
CVE-2021-32602
CONFIRM |
fortinet — fortiportal
|
A use of hard-coded credentials (CWE-798) vulnerability in FortiPortal versions 5.2.5 and below, 5.3.5 and below, 6.0.4 and below, versions 5.1.x and 5.0.x may allow a remote and unauthenticated attacker to execute unauthorized commands as root by uploading and deploying malicious web application archive files using the default hard-coded Tomcat Manager username and password. |
2021-08-18 |
not yet calculated |
CVE-2021-32588
CONFIRM |
gitit — gitit
|
In gitit before 0.15.0.0, the Export feature can be exploited to leak information from files. |
2021-08-16 |
not yet calculated |
CVE-2021-38711
MISC
MISC |
gitlab — ce/ee |
Under very specific conditions a user could be impersonated using Gitlab shell. This vulnerability affects GitLab CE/EE 13.1 and later through 14.1.2, 14.0.7 and 13.12.9. |
2021-08-20 |
not yet calculated |
CVE-2021-22254
MISC
MISC
CONFIRM |
gitlab — gitlab
|
An issue has been discovered in GitLab affecting all versions starting with 13.3. GitLab was vulnerable to a stored XSS by using the design feature in issues. |
2021-08-20 |
not yet calculated |
CVE-2021-22238
MISC
MISC
CONFIRM |
gitlab — webhook
|
A vulnerability was discovered in GitLab versions before 14.0.2, 13.12.6, 13.11.6. GitLab Webhook feature could be abused to perform denial of service attacks. |
2021-08-20 |
not yet calculated |
CVE-2021-22246
MISC
MISC
CONFIRM |
gmbh — komoot
|
An information disclosure vulnerability exists in the Friend finder functionality of GmbH Komoot version 10.26.9 up to 11.1.11. A specially crafted series of network requests can lead to the disclosure of sensitive information. |
2021-08-20 |
not yet calculated |
CVE-2021-21823
MISC |
google — android |
In wifi driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-187231636 |
2021-08-17 |
not yet calculated |
CVE-2021-0579
MISC |
google — android |
In verifyBufferObject of Parcel.cpp, there is a possible out of bounds read due to an improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-179289794 |
2021-08-17 |
not yet calculated |
CVE-2021-0584
MISC |
google — android |
In sqlite3_str_vappendf of sqlite3.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege if the user can also inject a printf into a privileged process’s SQL with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-153352319 |
2021-08-17 |
not yet calculated |
CVE-2021-0646
MISC |
google — android |
In shouldBlockFromTree of ExternalStorageProvider.java, there is a possible permissions bypass. This could lead to local escalation of privilege, allowing an app to read private app directories in external storage, which should be restricted in Android 11, with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-157320644 |
2021-08-17 |
not yet calculated |
CVE-2021-0645
MISC |
google — android |
In wifi driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-187161772 |
2021-08-17 |
not yet calculated |
CVE-2021-0578
MISC |
google — android |
In asf extractor, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-187234876 |
2021-08-17 |
not yet calculated |
CVE-2021-0574
MISC |
google — android
|
In flv extractor, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-187236084 |
2021-08-17 |
not yet calculated |
CVE-2021-0576
MISC |
google — android
|
In onResume of VoicemailSettingsFragment.java, there is a possible way to retrieve a trackable identifier without permissions due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-185126149 |
2021-08-17 |
not yet calculated |
CVE-2021-0642
MISC |
google — android
|
In getAvailableSubscriptionInfoList of SubscriptionController.java, there is a possible disclosure of unique identifiers due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-185235454 |
2021-08-17 |
not yet calculated |
CVE-2021-0641
MISC |
google — android
|
In noteAtomLogged of StatsdStats.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9Android ID: A-187957589 |
2021-08-17 |
not yet calculated |
CVE-2021-0640
MISC |
google — android
|
In multiple functions of libl3oemcrypto.cpp, there is a possible weakness in the existing obfuscation mechanism due to the way sensitive data is handled. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-190724551 |
2021-08-17 |
not yet calculated |
CVE-2021-0639
MISC |
google — android
|
In wifi driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-187231637 |
2021-08-17 |
not yet calculated |
CVE-2021-0580
MISC |
google — android
|
In wifi driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-187231638 |
2021-08-17 |
not yet calculated |
CVE-2021-0581
MISC |
google — android
|
In asf extractor, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-187231635 |
2021-08-17 |
not yet calculated |
CVE-2021-0573
MISC |
google — android
|
In BITSTREAM_FLUSH of ih264e_bitstream.h, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-176533109 |
2021-08-17 |
not yet calculated |
CVE-2021-0519
MISC |
google — android
|
In sendDevicePickedIntent of DevicePickerFragment.java, there is a possible way to invoke a privileged broadcast receiver due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-179386068 |
2021-08-17 |
not yet calculated |
CVE-2021-0593
MISC |
google — android
|
In sendReplyIntentToReceiver of BluetoothPermissionActivity.java, there is a possible way to invoke privileged broadcast receivers due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-179386960 |
2021-08-17 |
not yet calculated |
CVE-2021-0591
MISC |
google — android
|
In wifi driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-187149601 |
2021-08-17 |
not yet calculated |
CVE-2021-0582
MISC |
google — google
|
ced detects character encoding using Google’s compact_enc_det library. In ced v0.1.0, passing data types other than `Buffer` causes the Node.js process to crash. The problem has been patched in ced v1.0.0. As a workaround, before passing an argument to ced, verify it’s a `Buffer` using `Buffer.isBuffer(obj)`. |
2021-08-17 |
not yet calculated |
CVE-2021-39131
MISC
CONFIRM
MISC |
gpac_project — advanced_content_library |
Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked addition arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability. |
2021-08-18 |
not yet calculated |
CVE-2021-21856
MISC |
gpac_project — advanced_content_library |
Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input at “stss” decoder can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability. |
2021-08-18 |
not yet calculated |
CVE-2021-21852
MISC
MISC |
gpac_project — advanced_content_library |
Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked addition arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability. |
2021-08-18 |
not yet calculated |
CVE-2021-21855
MISC |
gpac_project — advanced_content_library |
Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input in “stsz” decoder can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability. |
2021-08-18 |
not yet calculated |
CVE-2021-21846
MISC
MISC |
gpac_project — advanced_content_library |
Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability. |
2021-08-18 |
not yet calculated |
CVE-2021-21837
MISC
MISC |
gpac_project — advanced_content_library |
An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. The stri_box_read function is used when processing atoms using the ‘stri’ FOURCC code. An attacker can convince a user to open a video to trigger this vulnerability. |
2021-08-16 |
not yet calculated |
CVE-2021-21859
MISC |
gpac_project — advanced_content_library |
Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input when encountering an atom using the “stco” FOURCC code, can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability. |
2021-08-18 |
not yet calculated |
CVE-2021-21844
MISC
MISC |
gpac_project — advanced_content_library |
An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. When processing the ‘hdlr’ FOURCC code, a specially crafted MPEG-4 input can cause an improper memory allocation resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability. |
2021-08-16 |
not yet calculated |
CVE-2021-21861
MISC |
gpac_project — advanced_content_library |
Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked addition arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability. |
2021-08-18 |
not yet calculated |
CVE-2021-21858
MISC |
gpac_project — advanced_content_library
|
Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked addition arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability. |
2021-08-18 |
not yet calculated |
CVE-2021-21854
MISC |
gpac_project — advanced_content_library
|
Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input in “stts” decoder can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability. |
2021-08-18 |
not yet calculated |
CVE-2021-21847
MISC
MISC |
gpac_project — advanced_content_library
|
An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an improper memory allocation resulting in a heap-based buffer overflow that causes memory corruption. The FOURCC code, ‘trik’, is parsed by the function within the library. An attacker can convince a user to open a video to trigger this vulnerability. |
2021-08-16 |
not yet calculated |
CVE-2021-21860
MISC |
gpac_project — advanced_content_library
|
Multiple exploitable integer truncation vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an improper memory allocation resulting in a heap-based buffer overflow that causes memory corruption The implementation of the parser used for the “Xtra” FOURCC code is handled. An attacker can convince a user to open a video to trigger this vulnerability. |
2021-08-18 |
not yet calculated |
CVE-2021-21862
MISC |
gpac_project — advanced_content_library
|
Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input at “csgp” decoder sample group description indices can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability. |
2021-08-18 |
not yet calculated |
CVE-2021-21851
MISC
MISC |
gpac_project — advanced_content_library
|
Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability. |
2021-08-18 |
not yet calculated |
CVE-2021-21838
MISC
MISC |
gpac_project — advanced_content_library
|
Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked addition arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability. |
2021-08-18 |
not yet calculated |
CVE-2021-21857
MISC |
gpac_project — advanced_content_library
|
Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. After validating the number of ranges, at [41] the library will multiply the count by the size of the GF_SubsegmentRangeInfo structure. On a 32-bit platform, this multiplication can result in an integer overflow causing the space of the array being allocated to be less than expected. An attacker can convince a user to open a video to trigger this vulnerability. |
2021-08-18 |
not yet calculated |
CVE-2021-21843
MISC
MISC |
gpac_project — advanced_content_library
|
Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked addition arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability. |
2021-08-18 |
not yet calculated |
CVE-2021-21853
MISC |
gpac_project — advanced_content_library
|
Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability. |
2021-08-18 |
not yet calculated |
CVE-2021-21839
MISC
MISC |
gpac_project — advanced_content_library
|
Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input in “stsc” decoder can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability. |
2021-08-18 |
not yet calculated |
CVE-2021-21845
MISC
MISC |
handlebars — handlebars
|
The npm hbs package is an Express view engine wrapper for Handlebars. Depending on usage, users of hbs may be vulnerable to a file disclosure vulnerability. There is currently no patch for this vulnerability. hbs mixes pure template data with engine configuration options through the Express render API. By overwriting internal configuration options a file disclosure vulnerability may be triggered in downstream applications. For an example PoC see the referenced GHSL-2021-020. |
2021-08-16 |
not yet calculated |
CVE-2021-32822
CONFIRM |
haproxy — haproxy |
An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. It can lead to a situation with an attacker-controlled HTTP Host header, because a mismatch between Host and authority is mishandled. |
2021-08-17 |
not yet calculated |
CVE-2021-39242
MISC
MISC
DEBIAN |
haproxy — haproxy
|
An issue was discovered in HAProxy 2.0 before 2.0.24, 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. An HTTP method name may contain a space followed by the name of a protected resource. It is possible that a server would interpret this as a request for that protected resource, such as in the “GET /admin? HTTP/1.1 /static/images HTTP/1.1” example. |
2021-08-17 |
not yet calculated |
CVE-2021-39241
MISC
MISC
DEBIAN |
haproxy — haproxy
|
An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. It does not ensure that the scheme and path portions of a URI have the expected characters. For example, the authority field (as observed on a target HTTP/2 server) might differ from what the routing rules were intended to achieve. |
2021-08-17 |
not yet calculated |
CVE-2021-39240
MISC
MISC
MISC
DEBIAN |
hospital_management_system — hospital_management_system |
Persistent cross-site scripting (XSS) in Hospital Management System targeted towards web admin through contact.php. |
2021-08-16 |
not yet calculated |
CVE-2021-38757
MISC
MISC |
hospital_management_system — hospital_management_system
|
Unauthenticated doctor entry deletion in Hospital Management System in admin-panel1.php. |
2021-08-16 |
not yet calculated |
CVE-2021-38755
MISC |
hospital_management_system — hospital_management_system
|
SQL Injection vulnerability in Hospital Management System due to lack of input validation in messearch.php. |
2021-08-16 |
not yet calculated |
CVE-2021-38754
MISC |
hospital_management_system — hospital_management_system
|
Persistent cross-site scripting (XSS) in Hospital Management System targeted towards web admin through prescribe.php. |
2021-08-16 |
not yet calculated |
CVE-2021-38756
MISC |
ibm — api_connect
|
IBM API Connect 5.0.0.0 through 5.0.8.10 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. By sending a specially crafted HTTP request, a remote attacker could exploit this vulnerability to inject HTTP HOST header, which will allow the attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 187194. |
2021-08-17 |
not yet calculated |
CVE-2020-4706
CONFIRM
XF |
ibm — datapower_gateway
|
IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.16 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 192737. |
2021-08-17 |
not yet calculated |
CVE-2020-4992
XF
CONFIRM |
icinga — multiple_product
|
Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. In versions 2.5.0 through 2.13.0, ElasticsearchWriter, GelfWriter, InfluxdbWriter and Influxdb2Writer do not verify the server’s certificate despite a certificate authority being specified. Icinga 2 instances which connect to any of the mentioned time series databases (TSDBs) using TLS over a spoofable infrastructure should immediately upgrade to version 2.13.1, 2.12.6, or 2.11.11 to patch the issue. Such instances should also change the credentials (if any) used by the TSDB writer feature to authenticate against the TSDB. There are no workarounds aside from upgrading. |
2021-08-19 |
not yet calculated |
CVE-2021-37698
MISC
CONFIRM
MISC
MISC |
imcat — imcat
|
A remote code execution (RCE) vulnerability in /root/run/adm.php?admin-ediy&part=exdiy of imcat v5.1 allows authenticated attackers to execute arbitrary code. |
2021-08-18 |
not yet calculated |
CVE-2020-22120
MISC |
imgurl — imgurl
|
imgURL 2.31 allows XSS via an X-Forwarded-For HTTP header. |
2021-08-16 |
not yet calculated |
CVE-2021-38713
MISC |
interniche — nichestack |
The DNS feature in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Out-of-bounds Read. The impact is: a denial of service (remote). The component is: DNS response processing in function: dns_upcall(). The attack vector is: a specific DNS response packet. The code does not check whether the number of queries/responses specified in the DNS packet header corresponds to the query/response data available in the DNS packet. |
2021-08-18 |
not yet calculated |
CVE-2020-25927
CERT-VN
MISC
MISC |
interniche — nichestack
|
An issue was discovered in HCC Nichestack 3.0. The code that parses TCP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the length of the TCP payload within the TCP checksum computation function. When the IP payload size is set to be smaller than the size of the IP header, the TCP checksum computation function may read out of bounds (a low-impact write-out-of-bounds is also possible). |
2021-08-19 |
not yet calculated |
CVE-2020-35684
CONFIRM
MISC
CERT-VN
MISC |
interniche — nichestack
|
The DNS feature in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Buffer Overflow. The impact is: execute arbitrary code (remote). The component is: DNS response processing functions: dns_upcall(), getoffset(), dnc_set_answer(). The attack vector is: a specific DNS response packet. The code does not check the “response data length” field of individual DNS answers, which may cause out-of-bounds read/write operations, leading to Information leak, Denial-or-Service, or Remote Code Execution, depending on the context. |
2021-08-18 |
not yet calculated |
CVE-2020-25928
CERT-VN
MISC |
interniche — nichestack
|
An issue was discovered in HCC Nichestack 3.0. The code that generates Initial Sequence Numbers (ISNs) for TCP connections derives the ISN from an insufficiently random source. As a result, an attacker may be able to determine the ISN of current and future TCP connections and either hijack existing ones or spoof future ones. (Proper ISN generation should aim to follow at least the specifications outlined in RFC 6528.) |
2021-08-19 |
not yet calculated |
CVE-2020-35685
CONFIRM
MISC
CERT-VN
MISC |
interniche — nichestack
|
An issue was discovered in HCC Embedded InterNiche NicheStack through 4.3. The tfshnd():tftpsrv.c TFTP packet processing function doesn’t ensure that a filename is adequately ‘ |