Vulnerability Summary for the Week of February 15, 2021

Original release date: February 22, 2021

High Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
accellion — fta	Accellion FTA 9_12_411 and earlier is affected by OS command execution via a local web service call. The fixed version is FTA_9_12_416 and later.	2021-02-16	7.2	CVE-2021-27102 MISC MISC
accellion — fta	Accellion FTA 9_12_370 and earlier is affected by OS command execution via a crafted POST request to various admin endpoints. The fixed version is FTA_9_12_380 and later.	2021-02-16	10	CVE-2021-27104 MISC MISC
accellion — fta	Accellion FTA 9_12_411 and earlier is affected by SSRF via a crafted POST request to wmProgressstat.html. The fixed version is FTA_9_12_416 and later.	2021-02-16	7.5	CVE-2021-27103 MISC MISC
accellion — fta	Accellion FTA 9_12_370 and earlier is affected by SQL injection via a crafted Host header in a request to document_root.html. The fixed version is FTA_9_12_380 and later.	2021-02-16	7.5	CVE-2021-27101 MISC MISC
advantech — webaccess/scada	An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In COM Server Application Privilege Escalation, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege.	2021-02-17	7.2	CVE-2020-13555 MISC
advantech — webaccess/scada	An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In webvrpcs Run Key Privilege Escalation in installation folder of WebAccess, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege.	2021-02-17	7.2	CVE-2020-13553 MISC
advantech — webaccess/scada	An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via multiple service executables in installation folder of WebAccess, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege.	2021-02-17	7.2	CVE-2020-13552 MISC
advantech — webaccess/scada	An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via PostgreSQL executable, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege.	2021-02-17	7.2	CVE-2020-13551 MISC
citsmart — citsmart	CITSmart before 9.1.2.23 allows LDAP Injection.	2021-02-15	7.5	CVE-2020-35775 MISC CONFIRM MISC MISC
dlink — dap-1860_firmware	This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1860 firmware version 1.04B03 WiFi extenders. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HNAP service, which listens on TCP port 80 by default. When parsing the Authorization request header, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-10880.	2021-02-12	8.3	CVE-2020-27864 MISC MISC
dlink — dap-1860_firmware	This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1860 firmware version 1.04B03 WiFi extenders. Authentication is not required to exploit this vulnerability. The specific flaw exists within the uhttpd service, which listens on TCP port 80 by default. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the device. Was ZDI-CAN-10894.	2021-02-12	8.3	CVE-2020-27865 MISC MISC
elecom — wrc-300febk-s_firmware	ELECOM WRC-300FEBK-S allows an attacker with administrator rights to execute arbitrary OS commands via unspecified vectors.	2021-02-12	7.7	CVE-2021-20648 MISC MISC
iptime — c200_firmware	The EFM ipTIME C200 IP Camera is affected by a Command Injection vulnerability in /login.cgi?logout=1 script. To exploit this vulnerability, an attacker can send a GET request that executes arbitrary OS commands via cookie value.	2021-02-17	7.7	CVE-2020-7848 MISC
limesurvey — limesurvey	LimeSurvey before 4.0.0-RC4 allows SQL injection via the participant model.	2021-02-14	7.5	CVE-2019-25019 MISC MISC
logitec — lan-w300n/pgrb_firmware	Buffer overflow vulnerability in LOGITEC LAN-W300N/PGRB allows an attacker with administrative privilege to execute an arbitrary OS command via unspecified vectors.	2021-02-12	7.7	CVE-2021-20640 MISC MISC
logitec — lan-w300n/pgrb_firmware	LOGITEC LAN-W300N/PGRB allows an attacker with administrative privilege to execute arbitrary OS commands via unspecified vectors.	2021-02-12	7.7	CVE-2021-20639 MISC MISC
logitec — lan-w300n/pgrb_firmware	LOGITEC LAN-W300N/PGRB allows an attacker with administrative privilege to execute arbitrary OS commands via unspecified vectors.	2021-02-12	7.7	CVE-2021-20638 MISC MISC
microfocus — operations_bridge_manager	Arbitrary code execution vulnerability on Micro Focus Operations Bridge Manager product, affecting versions 10.1x, 10.6x, 2018.05, 2018.11, 2019.05, 2019.11, 2020.05, 2020.10. The vulnerability could allow remote attackers to execute arbitrary code on an OBM server.	2021-02-12	10	CVE-2021-22504 MISC
nagios — nagios_xi	Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/cloud-vm/cloud-vm.inc.php due to improper sanitization of authenticated user-controlled input by a single HTTP request, which can lead to OS command injection on the Nagios XI server.	2021-02-15	9	CVE-2021-25298 MISC MISC MISC
nagios — nagios_xi	Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/switch/switch.inc.php due to improper sanitization of authenticated user-controlled input by a single HTTP request, which can lead to OS command injection on the Nagios XI server.	2021-02-15	9	CVE-2021-25297 MISC MISC MISC
nagios — nagios_xi	Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/windowswmi/windowswmi.inc.php due to improper sanitization of authenticated user-controlled input by a single HTTP request, which can lead to OS command injection on the Nagios XI server.	2021-02-15	9	CVE-2021-25296 MISC MISC MISC
netgear — ac2100_firmware	This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6020, R6080, R6120, R6220, R6260, R6700v2, R6800, R6900v2, R7450, JNR3210, WNR2020, Nighthawk AC2100, and Nighthawk AC2400 firmware version 1.2.0.62_1.0.1 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the mini_httpd service, which listens on TCP port 80 by default. When parsing the funjsq_access_token parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-11653.	2021-02-12	7.7	CVE-2020-27867 MISC MISC
netgear — ac2100_firmware	This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6020, R6080, R6120, R6220, R6260, R6700v2, R6800, R6900v2, R7450, JNR3210, WNR2020, Nighthawk AC2100, and Nighthawk AC2400 firmware version 1.2.0.62_1.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the mini_httpd service, which listens on TCP port 80 by default. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-11355.	2021-02-12	8.3	CVE-2020-27866 MISC MISC
netgear — cbk40_firmware	This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Orbi 2.5.1.16 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UA_Parser utility. A crafted Host Name option in a DHCP request can trigger execution of a system call composed from a user-supplied string. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-11076.	2021-02-12	8.3	CVE-2020-27861 MISC MISC
pelco — digital_sentry_server	DSUtility.dll in Pelco Digital Sentry Server before 7.19.67 has an arbitrary file write vulnerability. The AppendToTextFile method doesn’t check if it’s being called from the application or from a malicious user. The vulnerability is triggered when a remote attacker crafts an HTML page (e.g., with “OBJECT classid=” and “<SCRIPT language=’vbscript’>”) to overwrite arbitrary files.	2021-02-12	8.8	CVE-2021-27197 MISC MISC
pystemon_project — pystemon	config.py in pystemon before 2021-02-13 allows code execution via YAML deserialization because SafeLoader and safe_load are not used.	2021-02-14	7.5	CVE-2021-27213 MISC MISC
qognify — ocularis	This vulnerability allows remote attackers to execute arbitrary code on affected installations of Qognify Ocularis 5.9.0.395. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of serialized objects provided to the EventCoordinator endpoint. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-11257.	2021-02-12	10	CVE-2020-27868 MISC MISC
racom — m!dge_cellular_router_firmware	Racom’s MIDGE Firmware 4.4.40.105 contains an issue that allows for privilege escalation via configd.	2021-02-16	7.2	CVE-2021-20075 MISC
sdg — pnpscada	PNPSCADA 2.200816204020 allows SQL injection via parameter ‘interf’ in /browse.jsp. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.	2021-02-16	7.5	CVE-2020-24841 MISC MISC
solarwinds — network_performance_monitor	This vulnerability allows remote attackers to escalate privileges on affected installations of SolarWinds Network Performance Monitor 2020 HF1, NPM: 2020.2. Authentication is required to exploit this vulnerability. The specific flaw exists within the WriteToFile method. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to escalate privileges and reset the password for the Admin user. Was ZDI-CAN-11804.	2021-02-12	9	CVE-2020-27869 MISC
zscaler — client_connector	The Zscaler Client Connector prior to 3.1.0 did not sufficiently validate RPC clients, which allows a local adversary to execute code with system privileges or perform limited actions for which they did not have privileges.	2021-02-16	7.2	CVE-2020-11635 MISC

Medium Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
advantech — webaccess/scada	A local file inclusion vulnerability exists in the installation functionality of Advantech WebAccess/SCADA 9.0.1. A specially crafted application can lead to information disclosure. An attacker can send an authenticated HTTP request to trigger this vulnerability.	2021-02-17	4	CVE-2020-13550 MISC
apache — thrift	In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large memory allocation, potentially leading to denial of service.	2021-02-12	5	CVE-2020-13949 MLIST MLIST MLIST MLIST MLIST MISC MLIST MLIST MLIST MLIST MLIST
atlassian — data_center	Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to view custom field options via an Information Disclosure vulnerability in the /rest/api/2/customFieldOption/ endpoint. The affected versions are before version 8.15.0.	2021-02-15	5	CVE-2020-36237 MISC
atlassian — data_center	Affected versions of Atlassian Jira Server and Data Center allow remote attackers to enumerate Jira projects via an Information Disclosure vulnerability in the Jira Projects plugin report page. The affected versions are before version 8.5.11, from version 8.6.0 before 8.13.3, and from version 8.14.0 before 8.14.1.	2021-02-15	4	CVE-2020-29451 MISC
atlassian — jira	Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to view custom field and custom SLA names via an Information Disclosure vulnerability in the mobile site view. The affected versions are before version 8.13.2, and from version 8.14.0 before 8.14.1.	2021-02-15	5	CVE-2020-36235 MISC
atlassian — jira	Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the ViewWorkflowSchemes.jspa and ListWorkflows.jspa endpoints. The affected versions are before version 8.5.11, from version 8.6.0 before 8.13.3, and from version 8.14.0 before 8.15.0.	2021-02-15	4.3	CVE-2020-36236 MISC
changjia_property_management_system_project — changjia_property_management_system	The CGE property management system contains SQL Injection vulnerabilities. Remote attackers can inject SQL commands into the parameters in Cookie and obtain data in the database without privilege.	2021-02-17	5	CVE-2021-22856 CONFIRM MISC
changjia_property_management_system_project — changjia_property_management_system	The CGE page with download function contains a Directory Traversal vulnerability. Attackers can use this loophole to download system files arbitrarily.	2021-02-17	5	CVE-2021-22857 CONFIRM MISC
deepnetsecurity — dualshield	DualShield 5.9.8.0821 allows username enumeration on its login form. A valid username results in prompting for the password, whereas an invalid one will produce an “unknown username” error message.	2021-02-16	5	CVE-2020-28918 MISC MISC
dlink — dva-2800_firmware	This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DVA-2800 and DSL-2888A firmware version 2.3 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dhttpd service, which listens on TCP port 8008 by default. When parsing the path parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the web server. Was ZDI-CAN-10911.	2021-02-12	5.8	CVE-2020-27862 MISC MISC
elecom — file_manager	Directory traversal vulnerability in ELECOM File Manager all versions allows remote attackers to create an arbitrary file or overwrite an existing file in a directory which can be accessed with the application privileges via unspecified vectors.	2021-02-12	6.4	CVE-2021-20651 MISC MISC
elecom — ld-ps/u1_firmware	Improper access control vulnerability in ELECOM LD-PS/U1 allows remote attackers to change the administrative password of the affected device by processing a specially crafted request.	2021-02-12	5	CVE-2021-20643 MISC MISC
elecom — ncc-ewf100rmwh2_firmware	Cross-site request forgery (CSRF) vulnerability in ELECOM NCC-EWF100RMWH2 allows remote attackers to hijack the authentication of administrators and execute an arbitrary request via unspecified vector. As a result, the device settings may be altered and/or telnet daemon may be started.	2021-02-12	4.3	CVE-2021-20650 MISC MISC
elecom — wrc-1467ghbk-a_firmware	ELECOM WRC-1467GHBK-A allows arbitrary scripts to be executed on the user’s web browser by displaying a specially crafted SSID on the web setup page.	2021-02-12	4.3	CVE-2021-20644 MISC MISC
elecom — wrc-300febk-a_firmware	Cross-site scripting vulnerability in ELECOM WRC-300FEBK-A allows remote authenticated attackers to inject arbitrary script via unspecified vectors.	2021-02-12	4.3	CVE-2021-20645 MISC MISC
elecom — wrc-300febk-a_firmware	Cross-site request forgery (CSRF) vulnerability in ELECOM WRC-300FEBK-A allows remote attackers to hijack the authentication of administrators and execute an arbitrary request via unspecified vector. As a result, the device settings may be altered and/or telnet daemon may be started.	2021-02-12	4.3	CVE-2021-20646 MISC MISC
elecom — wrc-300febk-s_firmware	ELECOM WRC-300FEBK-S contains an improper certificate validation vulnerability. Via a man-in-the-middle attack, an attacker may alter the communication response. As a result, an arbitrary OS command may be executed on the affected device.	2021-02-12	5.8	CVE-2021-20649 MISC MISC
elecom — wrc-300febk-s_firmware	Cross-site request forgery (CSRF) vulnerability in ELECOM WRC-300FEBK-S allows remote attackers to hijack the authentication of administrators and execute an arbitrary request via unspecified vector. As a result, the device settings may be altered and/or telnet daemon may be started.	2021-02-12	4.3	CVE-2021-20647 MISC MISC
f5 — access_policy_manager_clients	In Edge Client version 7.2.x before 7.2.1.1, 7.1.9.x before 7.1.9.8, and 7.1.x-7.1.8.x before 7.1.8.5, an untrusted search path vulnerability in the BIG-IP APM Client Troubleshooting Utility (CTU) for Windows could allow an attacker to load a malicious DLL library from its current directory. User interaction is required to exploit this vulnerability in that the victim must run this utility on the Windows system. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.	2021-02-12	6.9	CVE-2021-22980 MISC
f5 — big-ip_access_policy_manager	On BIG-IP version 16.0.x before 16.0.1, 15.1.x before 15.1.1, 14.1.x before 14.1.2.8, 13.1.x before 13.1.3.5, and all 12.1.x versions, a reflected Cross-Site Scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility when Fraud Protection Service is provisioned and allows an attacker to execute JavaScript in the context of the current logged-in user. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.	2021-02-12	4.3	CVE-2021-22979 MISC
f5 — big-ip_access_policy_manager	On BIG-IP version 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, and 14.1.x before 14.1.3.1, under some circumstances, Traffic Management Microkernel (TMM) may restart on the BIG-IP system while passing large bursts of traffic. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.	2021-02-12	4.3	CVE-2021-22975 MISC
f5 — big-ip_access_policy_manager	On BIG-IP version 16.0.x before 16.0.1.1, 15.1.x before 15.1.2, 14.1.x before 14.1.3.1, and 13.1.x before 13.1.3.6 and all versions of BIG-IQ 7.x and 6.x, an authenticated attacker with access to iControl REST over the control plane may be able to take advantage of a race condition to execute commands with an elevated privilege level. This vulnerability is due to an incomplete fix for CVE-2017-6167. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.	2021-02-12	6	CVE-2021-22974 MISC
f5 — big-ip_access_policy_manager	On all versions of BIG-IP 12.1.x and 11.6.x, the original TLS protocol includes a weakness in the master secret negotiation that is mitigated by the Extended Master Secret (EMS) extension defined in RFC 7627. TLS connections that do not use EMS are vulnerable to man-in-the-middle attacks during renegotiation. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.	2021-02-12	5.8	CVE-2021-22981 MISC
f5 — big-ip_access_policy_manager	On BIG-IP version 16.0.0-16.0.1 and 14.1.2.4-14.1.3, cooperation between malicious HTTP client code and a malicious server may cause TMM to restart and generate a core file. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.	2021-02-12	5	CVE-2021-22977 MISC
f5 — big-ip_access_policy_manager	On BIG-IP version 16.0.x before 16.0.1.1, 15.1.x before 15.1.2, 14.1.x before 14.1.3.1, 13.1.x before 13.1.3.5, and all 12.1.x versions, JSON parser function does not protect against out-of-bounds memory accesses or writes. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.	2021-02-12	5	CVE-2021-22973 MISC
f5 — big-ip_advanced_web_application_firewall	On BIG-IP Advanced WAF and ASM version 16.0.x before 16.0.1.1, 15.1.x before 15.1.2, 14.1.x before 14.1.3.1, 13.1.x before 13.1.3.6, and all 12.1.x versions, when the BIG-IP ASM system processes WebSocket requests with JSON payloads, an unusually large number of parameters can cause excessive CPU usage in the BIG-IP ASM bd process. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.	2021-02-12	5	CVE-2021-22976 MISC
f5 — big-ip_advanced_web_application_firewall	On BIG-IP Advanced WAF and ASM version 15.1.x before 15.1.0.2, 15.0.x before 15.0.1.4, 14.1.x before 14.1.2.5, 13.1.x before 13.1.3.4, 12.1.x before 12.1.5.2, and 11.6.x before 11.6.5.2, when receiving a unauthenticated client request with a maliciously crafted URI, a BIG-IP Advanced WAF or ASM virtual server configured with a DoS profile with Proactive Bot Defense (versions prior to 14.1.0), or a Bot Defense profile (versions 14.1.0 and later), may subject clients and web servers to Open Redirection attacks. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.	2021-02-12	5.8	CVE-2021-22984 MISC
f5 — big-ip_domain_name_system	On BIG-IP DNS and GTM version 13.1.x before 13.1.0.4, and all versions of 12.1.x and 11.6.x, big3d does not securely handle and parse certain payloads resulting in a buffer overflow. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.	2021-02-12	6.5	CVE-2021-22982 MISC
foxitsoftware — foxit_reader	This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.0.1.35811. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of XFA templates. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-11727.	2021-02-12	6.8	CVE-2020-27860 MISC MISC
horde — groupware	An XSS issue was discovered in Horde Groupware Webmail Edition through 5.2.22 (where the Horde_Text_Filter library before 2.3.7 is used). The attacker can send a plain text e-mail message, with JavaScript encoded as a link or email that is mishandled by preProcess in Text2html.php, because bespoke use of x00x00x00 and x01x01x01 interferes with XSS defenses.	2021-02-14	4.3	CVE-2021-26929 MISC MLIST CONFIRM MISC MISC
ibm — spectrum_protect_operations_center	IBM Spectrum Protect Operations Center 7.1 and 8.1could allow a remote attacker to execute arbitrary code on the system, caused by improper parameter validation. By creating an unspecified servlet request with specially crafted input parameters, an attacker could exploit this vulnerability to load a malicious .dll with elevated privileges. IBM X-Force ID: 192155.	2021-02-15	5.2	CVE-2020-4955 XF CONFIRM
ibm — spectrum_protect_operations_center	IBM Spectrum Protect Operations Center 7.1 and 8.1 could allow a remote attacker to bypass authentication restrictions, caused by improper session validation . By using the configuration panel to obtain a valid session using an attacker controlled IBM Spectrum Protect server, an attacker could exploit this vulnerability to bypass authentication and gain access to a limited number of debug functions, such as logging levels. IBM X-Force ID: 192153.	2021-02-15	4.8	CVE-2020-4954 XF CONFIRM
logitec — lan-w300n/pr5b_firmware	Cross-site request forgery (CSRF) vulnerability in LOGITEC LAN-W300N/PR5B allows remote attackers to hijack the authentication of administrators via a specially crafted URL. As a result, unintended operations to the device such as changes of the device settings may be conducted.	2021-02-12	4.3	CVE-2021-20636 MISC MISC
logitec — lan-w300n/pr5b_firmware	Improper check or handling of exceptional conditions in LOGITEC LAN-W300N/PR5B allows a remote attacker to cause a denial-of-service (DoS) condition by sending a specially crafted URL.	2021-02-12	4.3	CVE-2021-20637 MISC MISC
logitec — lan-w300n/rs_firmware	Cross-site request forgery (CSRF) vulnerability in LOGITEC LAN-W300N/RS allows remote attackers to hijack the authentication of administrators via a specially crafted URL. As a result, unintended operations to the device such as changes of the device settings may be conducted.	2021-02-12	4.3	CVE-2021-20641 MISC MISC
logitec — lan-w300n/rs_firmware	Improper check or handling of exceptional conditions in LOGITEC LAN-W300N/RS allows a remote attacker to cause a denial-of-service (DoS) condition by sending a specially crafted URL.	2021-02-12	4.3	CVE-2021-20642 MISC MISC
mbconnectline — mbconnect24	An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. An incomplete filter applied to a database response allows an authenticated attacker to gain non-public information about other users and devices in the account.	2021-02-16	4	CVE-2020-35568 MISC MISC
mbconnectline — mbconnect24	An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is an unauthenticated open redirect in the redirect.php.	2021-02-16	5.8	CVE-2020-35560 MISC MISC
mbconnectline — mbconnect24	An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. The login pages bruteforce detection is disabled by default.	2021-02-16	5	CVE-2020-35565 MISC MISC
mbconnectline — mbconnect24	An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is an outdated and unused component allowing for malicious user input of active code.	2021-02-16	5	CVE-2020-35564 MISC MISC
mbconnectline — mbconnect24	An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is an unused function that allows an authenticated attacker to use up all available IPs of an account and thus not allow creation of new devices and users.	2021-02-16	4	CVE-2020-35559 MISC MISC
mbconnectline — mbconnect24	An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is an SSRF in thein the MySQL access check, allowing an attacker to scan for open ports and gain some information about possible credentials.	2021-02-16	5	CVE-2020-35558 MISC MISC
mbconnectline — mbconnect24	An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. An unauthenticated attacker is able to access files (that should have been restricted) via forceful browsing.	2021-02-16	5	CVE-2020-35570 MISC MISC
mbconnectline — mbconnect24	An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is a self XSS issue with a crafted cookie in the login page.	2021-02-16	4.3	CVE-2020-35569 MISC MISC
mbconnectline — mbconnect24	An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is an SSRF in the HA module allowing an unauthenticated attacker to scan for open ports.	2021-02-16	5	CVE-2020-35561 MISC MISC
mbconnectline — mbconnect24	An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. The software uses a secure password for database access, but this password is shared across instances.	2021-02-16	4.6	CVE-2020-35567 MISC MISC
mbconnectline — mbconnect24	An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.6.2. Inproper use of access validation allows a logged in user to see devices in the account he should not have access to.	2021-02-16	4	CVE-2020-35557 MISC MISC
mbconnectline — mbconnect24	An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. An attacker can read arbitrary JSON files via Local File Inclusion.	2021-02-16	5	CVE-2020-35566 MISC MISC
nagios — nagios_xi	Nagios XI version xi-5.7.5 is affected by cross-site scripting (XSS). The vulnerability exists in the file /usr/local/nagiosxi/html/admin/sshterm.php due to improper sanitization of user-controlled input. A maliciously crafted URL, when clicked by an admin user, can be used to steal his/her session cookies or it can be chained with the previous bugs to get one-click remote command execution (RCE) on the Nagios XI server.	2021-02-15	4.3	CVE-2021-25299 MISC MISC MISC
online_book_store_project — online_book_store	The id parameter in detail.php of Online Book Store v1.0 is vulnerable to union-based blind SQL injection, which leads to the ability to retrieve all databases.	2021-02-17	5	CVE-2020-36003 MISC MISC MISC
open-emr — openemr	A SQL injection vulnerability in interface/usergroup/usergroup_admin.php in OpenEMR before 5.0.2.5 allows a remote authenticated attacker to execute arbitrary SQL commands via the schedule_facility parameter when restrict_user_facility=on is in global settings.	2021-02-15	6.5	CVE-2020-29142 MISC MISC MISC MISC MISC
openzfs — openzfs	An issue was discovered in OpenZFS through 2.0.3. When an NFS share is exported to IPv6 addresses via the sharenfs feature, there is a silent failure to parse the IPv6 address data, and access is allowed to everyone. IPv6 restrictions from the configuration are not applied.	2021-02-12	5	CVE-2013-20001 MISC MISC
php — php	In PHP versions 7.3.x below 7.3.27, 7.4.x below 7.4.15 and 8.0.x below 8.0.2, when using SOAP extension to connect to a SOAP server, a malicious SOAP server could return malformed XML data as a response that would cause PHP to access a null pointer and thus cause a crash.	2021-02-15	5	CVE-2021-21702 CONFIRM DEBIAN
php — php	In PHP versions 7.3.x below 7.3.26, 7.4.x below 7.4.14 and 8.0.0, when validating URL with functions like filter_var($url, FILTER_VALIDATE_URL), PHP will accept an URL with invalid password as valid URL. This may lead to functions that rely on URL being valid to mis-parse the URL and produce wrong data as components of the URL.	2021-02-15	5	CVE-2020-7071 CONFIRM DEBIAN
seat-reservation-system_project — seat-reservation-system	Seat-Reservation-System 1.0 has a SQL injection vulnerability in index.php in the id and file parameters where attackers can obtain sensitive database information.	2021-02-17	5	CVE-2020-36002 MISC MISC MISC
secomea — sitemanager_embedded	A vulnerability in SiteManager-Embedded (SM-E) Web server which may allow attacker to construct a URL that if visited by another application user, will cause JavaScript code supplied by the attacker to execute within the user’s browser in the context of that user’s session with the application. This issue affects all versions and variants of SM-E prior to version 9.3	2021-02-16	4.3	CVE-2020-29025 MISC
tp-link — archer_c5v_firmware	TP-Link Archer C5v 1.7_181221 devices allows remote attackers to retrieve cleartext credentials via [USER_CFG#0,0,0,0,0,0#0,0,0,0,0,0]0,0 to the /cgi?1&5 URI.	2021-02-13	4	CVE-2021-27210 MISC
xn--b1agzlht — fx_aggregator_terminal_client	The Sovremennye Delovye Tekhnologii FX Aggregator terminal client 1 allows attackers to cause a denial of service (access suspended for five hours) by making five invalid login attempts to a victim’s account.	2021-02-12	5	CVE-2021-27188 MISC MISC
xn--b1agzlht — fx_aggregator_terminal_client	The Sovremennye Delovye Tekhnologii FX Aggregator terminal client 1 stores authentication credentials in cleartext in login.sav when the Save Password box is checked.	2021-02-12	5	CVE-2021-27187 MISC MISC

Low Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
atlassian — data_center	Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the Screens Modal view. The affected versions are before version 8.5.11, from version 8.6.0 before 8.13.3, and from version 8.14.0 before 8.15.0.	2021-02-15	3.5	CVE-2020-36234 N/A
blackcat-cms — blackcat_cms	The admin panel in BlackCat CMS 1.3.6 allows stored XSS (by an admin) via the Display Name field to backend/preferences/ajax_save.php.	2021-02-16	3.5	CVE-2021-27237 MISC MISC MISC
dlink — dva-2800_firmware	This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DVA-2800 and DSL-2888A firmware version 2.3 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dhttpd service, which listens on TCP port 8008 by default. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-10912.	2021-02-12	3.3	CVE-2020-27863 MISC MISC
f5 — big-ip_access_policy_manager	On BIG-IP version 16.0.x before 16.0.1, 15.1.x before 15.1.1, 14.1.x before 14.1.3.1, 13.1.x before 13.1.3.5, and all 12.1.x and 11.6.x versions, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of BIG-IP if the victim user is granted the admin role. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.	2021-02-12	2.6	CVE-2021-22978 MISC
f5 — big-ip_advanced_firewall_manager	On BIG-IP AFM version 15.1.x before 15.1.1, 14.1.x before 14.1.3.1, and 13.1.x before 13.1.3.5, authenticated users accessing the Configuration utility for AFM are vulnerable to a cross-site scripting attack if they attempt to access a maliciously-crafted URL. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.	2021-02-12	3.5	CVE-2021-22983 MISC
ibm — maximo_for_civil_infrastructure	IBM Maximo for Civil Infrastructure 7.6.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 196622.	2021-02-18	3.5	CVE-2021-20446 XF CONFIRM
ibm — spectrum_protect_operations_center	IBM Spectrum Protect Operations Center 7.1 and 8.1 is vulnerable to a denial of service, caused by a RPC that allows certain cache values to be set and dumped to a file. By setting a grossly large cache value and dumping that cached value to a file multiple times, a remote attacker could exploit this vulnerability to cause the consumption of all memory resources. IBM X-Force ID: 192156.	2021-02-15	2.3	CVE-2020-4956 XF CONFIRM
logitec — lan-wh450n/gr_firmware	Improper restriction of excessive authentication attempts in LOGITEC LAN-WH450N/GR allows an attacker in the wireless range of the device to recover PIN and access the network.	2021-02-12	3.3	CVE-2021-20635 MISC MISC
mbconnectline — mbconnect24	An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is an incomplete XSS filter allowing an attacker to inject crafted malicious code into the page.	2021-02-16	3.5	CVE-2020-35563 MISC MISC
nfstream — nfstream	An issue was discovered in NFStream 5.2.0. Because some allocated modules are not correctly freed, if the nfstream object is directly destroyed without being used after it is created, it will cause a memory leak that may result in a local denial of service (DoS).	2021-02-16	2.1	CVE-2020-25340 MISC
peel — peel_shopping	A Stored Cross Site Scripting(XSS) Vulnerability was discovered in PEEL SHOPPING 9.3.0 which is publicly available. The user supplied input containing polyglot payload is echoed back in javascript code in HTML response. This allows an attacker to input malicious JavaScript which can steal cookie, redirect them to other malicious website, etc.	2021-02-12	3.5	CVE-2021-27190 MISC MISC MISC
racom — m!dge_cellular_router_firmware	Racom’s MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scriptings attacks via the sms.php dialogs.	2021-02-16	3.5	CVE-2021-20071 MISC
racom — m!dge_cellular_router_firmware	Racom’s MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scriptings attacks via the virtualization.php dialogs.	2021-02-16	3.5	CVE-2021-20070 MISC
racom — m!dge_cellular_router_firmware	Racom’s MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scripting attacks via the regionalSettings.php dialogs.	2021-02-16	3.5	CVE-2021-20069 MISC
racom — m!dge_cellular_router_firmware	Racom’s MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scripting attacks via the error handling functionality of web pages.	2021-02-16	3.5	CVE-2021-20068 MISC
secomea — sitemanager_1129_firmware	Cross-site Scripting (XSS) vulnerability in GUI of Secomea SiteManager could allow an attacker to cause an XSS Attack. This issue affects: Secomea SiteManager all versions prior to 9.3.	2021-02-16	3.5	CVE-2020-29027 MISC
tp-link — archer_c5v_firmware	In the management interface on TP-Link Archer C5v 1.7_181221 devices, credentials are sent in a base64 format over cleartext HTTP.	2021-02-13	3.6	CVE-2021-27209 MISC

Severity Not Yet Assigned

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
74cms — 74cms	In 74cms version 5.0.1, there is a remote code execution vulnerability in /Application/Admin/Controller/ConfigController.class.php and /ThinkPHP/Common/functions.php where attackers can obtain server permissions and control the server.	2021-02-17	not yet calculated	CVE-2020-35339 MISC MISC
activepresenter — activepresenter	ActivePresenter 6.1.6 is affected by a memory corruption vulnerability that may result in a denial of service (DoS) or arbitrary code execution.	2021-02-15	not yet calculated	CVE-2021-3375 MISC
agora — video_sdk	Cleartext transmission of sensitive information in Agora Video SDK prior to 3.1 allows a remote attacker to obtain access to audio and video of any ongoing Agora video call through observation of cleartext network traffic.	2021-02-17	not yet calculated	CVE-2020-25605 MISC MISC
alfresco_enterprise — content_management	An issue was discovered in Alfresco Enterprise Content Management (ECM) before 6.2.1. A user with privileges to edit a FreeMarker template (e.g., a webscript) may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running Alfresco.	2021-02-19	not yet calculated	CVE-2020-12873 MISC MISC
amaze — file_manager	Amaze File Manager before 3.5.1 allows attackers to obtain root privileges via shell metacharacters in a symbolic link.	2021-02-19	not yet calculated	CVE-2020-36246 MISC MISC
apache — airflow	The lineage endpoint of the deprecated Experimental API was not protected by authentication in Airflow 2.0.0. This allowed unauthenticated users to hit that endpoint. This is low-severity issue as the attacker needs to be aware of certain parameters to pass to that endpoint and even after can just get some metadata about a DAG and a Task. This issue affects Apache Airflow 2.0.0.	2021-02-17	not yet calculated	CVE-2021-26697 MLIST MLIST MISC MLIST MLIST
apache — airflow	Improper Access Control on Configurations Endpoint for the Stable API of Apache Airflow allows users with Viewer or User role to get Airflow Configurations including sensitive information even when `[webserver] expose_config` is set to `False` in `airflow.cfg`. This allowed a privilege escalation attack. This issue affects Apache Airflow 2.0.0.	2021-02-17	not yet calculated	CVE-2021-26559 MLIST MISC MLIST
apache — myfaces	In the default configuration, Apache MyFaces Core versions 2.2.0 to 2.2.13, 2.3.0 to 2.3.7, 2.3-next-M1 to 2.3-next-M4, and 3.0.0-RC1 use cryptographically weak implicit and explicit cross-site request forgery (CSRF) tokens. Due to that limitation, it is possible (although difficult) for an attacker to calculate a future CSRF token value and to use that value to trick a user into executing unwanted actions on an application.	2021-02-19	not yet calculated	CVE-2021-26296 FULLDISC MISC
askey — multiple_devices	Askey RTF8115VW BR_SV_g11.11_RTF_TEF001_V6.54_V014 devices allow cgi-bin/te_acceso_router.cgi curWebPage XSS.	2021-02-19	not yet calculated	CVE-2021-27403 MISC
askey — multiple_devices	Askey RTF8115VW BR_SV_g11.11_RTF_TEF001_V6.54_V014 devices allow injection of a Host HTTP header.	2021-02-19	not yet calculated	CVE-2021-27404 MISC
async-git — async-git	The package async-git before 1.13.2 are vulnerable to Command Injection via shell meta-characters (back-ticks). For example: git.reset(‘atouch HACKEDb’)	2021-02-18	not yet calculated	CVE-2020-28490 MISC MISC MISC
atlassian — bitbucket_server_and_data_center	The Microsoft Windows Installer for Atlassian Bitbucket Server and Data Center before version 6.10.9, 7.x before 7.6.4, and from version 7.7.0 before 7.10.1 allows local attackers to escalate privileges because of weak permissions on the installation directory.	2021-02-18	not yet calculated	CVE-2020-36233 MISC CERT-VN
baby_care_system — baby_care_system	Baby Care System v1.0 is vulnerable to SQL injection via the ‘id’ parameter on the contentsectionpage.php page.	2021-02-17	not yet calculated	CVE-2021-25779 MISC
baby_care_system — baby_care_system	An arbitrary file upload vulnerability has been identified in posts.php in Baby Care System 1.0. The vulnerability could be exploited by an remote attacker to upload content to the server, including PHP files, which could result in command execution and obtaining a shell.	2021-02-17	not yet calculated	CVE-2021-25780 MISC
batflat — batlfat	UNSUPPORTED WHEN ASSIGNED Sruu.pl in Batflat 1.3.6 allows an authenticated user to perform code injection (and consequently Remote Code Execution) via the input fields of the Users tab. To exploit this, one must login to the administration panel and edit an arbitrary user’s data (username, displayed name, etc.). NOTE: This vulnerability only affects products that are no longer supported by the maintainer.	2021-02-15	not yet calculated	CVE-2020-35734 MISC MISC MISC MISC
bind — multiple_products	BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND’s default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setting valid values for the tkey-gssapi-keytab or tkey-gssapi-credentialconfiguration options. Although the default configuration is not vulnerable, GSS-TSIG is frequently used in networks where BIND is integrated with Samba, as well as in mixed-server environments that combine BIND servers with Active Directory domain controllers. The most likely outcome of a successful exploitation of the vulnerability is a crash of the named process. However, remote code execution, while unproven, is theoretically possible. Affects: BIND 9.5.0 -> 9.11.27, 9.12.0 -> 9.16.11, and versions BIND 9.11.3-S1 -> 9.11.27-S1 and 9.16.8-S1 -> 9.16.11-S1 of BIND Supported Preview Edition. Also release versions 9.17.0 -> 9.17.1 of the BIND 9.17 development branch	2021-02-17	not yet calculated	CVE-2020-8625 MLIST MLIST CONFIRM MLIST DEBIAN
bloodhound — bloodhound	components/Modals/HelpTexts/GenericAll/GenericAll.jsx in Bloodhound <= 4.0.1 allows remote attackers to execute arbitrary system commands when the victim imports a malicious data file containing JavaScript in the objectId parameter.	2021-02-19	not yet calculated	CVE-2021-3210 MISC MISC MISC
bolt — bolt	Controller/Backend/FileEditController.php and Controller/Backend/FilemanagerController.php in Bolt before 4.1.13 allow Directory Traversal.	2021-02-17	not yet calculated	CVE-2021-27367 MISC MISC
canary_mail — canary_mail	core/imap/MCIMAPSession.cpp in Canary Mail before 3.22 has Missing SSL Certificate Validation for IMAP in STARTTLS mode.	2021-02-17	not yet calculated	CVE-2021-26911 MLIST MISC MISC MISC CONFIRM MISC
casap — automated_enrollment_system	The Login Panel of CASAP Automated Enrollment System 1.0 is vulnerable to SQL injection authentication bypass. An attacker can obtain access to the admin panel by injecting a SQL query in the username field of the login page.	2021-02-15	not yet calculated	CVE-2021-26201 MISC
centreon — 19.10-e17	Centreon 19.10-3.el7 is affected by a SQL injection vulnerability, where an authorized user is able to inject additional SQL queries to perform remote command execution.	2021-02-15	not yet calculated	CVE-2020-22425 MISC MISC
chamilo — chamilo	Chamilo 1.11.14 allows XSS via a main/calendar/agenda_list.php?type= URI.	2021-02-19	not yet calculated	CVE-2021-26746 CONFIRM MISC MISC
checkmk — checkmk	Checkmk before 1.6.0p17 allows local users to obtain SYSTEM privileges via a Trojan horse shell script in the %PROGRAMDATA%checkmkagentlocal directory.	2021-02-19	not yet calculated	CVE-2020-24908 MISC
cisco — anyconnect_secure_mobilty_client	A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device if the VPN Posture (HostScan) Module is installed on the AnyConnect client. This vulnerability is due to insufficient validation of resources that are loaded by the application at run time. An attacker could exploit this vulnerability by sending a crafted IPC message to the AnyConnect process. A successful exploit could allow the attacker to execute arbitrary code on the affected machine with SYSTEM privileges. To exploit this vulnerability, the attacker needs valid credentials on the Windows system.	2021-02-17	not yet calculated	CVE-2021-1366 CISCO
cisco — csdj	Calsos CSDJ (CSDJ-B 01.08.00 and earlier, CSDJ-H 01.08.00 and earlier, CSDJ-D 01.08.00 and earlier, and CSDJ-A 03.08.00 and earlier) allows remote attackers to bypass access restriction and to obtain unauthorized historical data without access privileges via unspecified vectors.	2021-02-17	not yet calculated	CVE-2021-20653 MISC MISC
cisco — identity_services_engine	Multiple vulnerabilities in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information. These vulnerabilities are due to improper enforcement of administrator privilege levels for sensitive data. An attacker with read-only administrator access to the Admin portal could exploit these vulnerabilities by browsing to one of the pages that contains sensitive data. A successful exploit could allow the attacker to collect sensitive information regarding the configuration of the system. For more information about these vulnerabilities, see the Details section of this advisory.	2021-02-17	not yet calculated	CVE-2021-1416 CISCO
cisco — identity_services_engine	Multiple vulnerabilities in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information. These vulnerabilities are due to improper enforcement of administrator privilege levels for sensitive data. An attacker with read-only administrator access to the Admin portal could exploit these vulnerabilities by browsing to one of the pages that contains sensitive data. A successful exploit could allow the attacker to collect sensitive information regarding the configuration of the system. For more information about these vulnerabilities, see the Details section of this advisory.	2021-02-17	not yet calculated	CVE-2021-1412 CISCO
cisco — staros	A vulnerability in the SSH service of the Cisco StarOS operating system could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may occur under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to prevent the targeted service from receiving any traffic, which would lead to a DoS condition on the affected device.	2021-02-17	not yet calculated	CVE-2021-1378 CISCO
cisco — webex_meetings	A vulnerability in the web-based interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of the affected service. The vulnerability is due to insufficient validation of user-supplied input by the web-based interface of the affected service. An attacker could exploit this vulnerability by persuading a user of the interface to click a maliciously crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.	2021-02-17	not yet calculated	CVE-2021-1351 CISCO
cisco — webex_meetings_desktop_app_and_webex_productivity_tools	A vulnerability in Cisco Webex Meetings Desktop App and Webex Productivity Tools for Windows could allow an authenticated, local attacker to gain access to sensitive information on an affected system. This vulnerability is due to the unsafe usage of shared memory by the affected software. An attacker with permissions to view system memory could exploit this vulnerability by running an application on the local system that is designed to read shared memory. A successful exploit could allow the attacker to retrieve sensitive information from the shared memory, including usernames, meeting information, or authentication tokens. Note: To exploit this vulnerability, an attacker must have valid credentials on a Microsoft Windows end-user system and must log in after another user has already authenticated with Webex on the same end-user system.	2021-02-17	not yet calculated	CVE-2021-1372 CISCO
com.typesafe.akka:akka-http-core — com.typesafe.akka:akka-http-core	This affects all versions of package com.typesafe.akka:akka-http-core. It allows multiple Transfer-Encoding headers.	2021-02-17	not yet calculated	CVE-2021-23339 MISC MISC
d-bus — d-bus	A use-after-free flaw was found in D-Bus 1.12.20 when a system has multiple usernames sharing the same UID. When a set of policy rules references these usernames, D-Bus may free some memory in the heap, which is still used by data structures necessary for the other usernames sharing the UID, possibly leading to a crash or other undefined behaviors	2021-02-15	not yet calculated	CVE-2020-35512 MISC
das — u-boot	The boot loader in Das U-Boot before 2021.04-rc2 mishandles use of unit addresses in a FIT.	2021-02-17	not yet calculated	CVE-2021-27138 MISC MISC MISC
das — u-boot	The boot loader in Das U-Boot before 2021.04-rc2 mishandles a modified FIT.	2021-02-17	not yet calculated	CVE-2021-27097 MISC MISC MISC
debian — avahi_package	avahi-daemon-check-dns.sh in the Debian avahi package through 0.8-4 is executed as root via /etc/network/if-up.d/avahi-daemon, and allows a local attacker to cause a denial of service or create arbitrary empty files via a symlink attack on files under /run/avahi-daemon. NOTE: this only affects the packaging for Debian GNU/Linux (used indirectly by SUSE), not the upstream Avahi product.	2021-02-17	not yet calculated	CVE-2021-26720 MISC MISC MISC MISC MISC MISC MISC MISC MISC
dekart — private_disk	In Dekart Private Disk 2.15, invalid use of the Type3 user buffer for IOCTL codes using METHOD_NEITHER results in arbitrary memory dereferencing.	2021-02-16	not yet calculated	CVE-2021-27203 MISC MISC
dell — emc_avamar_server	Dell EMC Avamar Server, versions 19.3 and 19.4 contain an Improper Authorization vulnerability in the web UI. A remote low privileged attacker could potentially exploit this vulnerability, to gain unauthorized read or modification access to other users’ backup data.	2021-02-15	not yet calculated	CVE-2021-21511 CONFIRM
dell — emc_powerprotect_cyber_recovery	Dell EMC PowerProtect Cyber Recovery, version 19.7.0.1, contains an Information Disclosure vulnerability. A locally authenticated high privileged Cyber Recovery user may potentially exploit this vulnerability leading to the takeover of the notification email account.	2021-02-19	not yet calculated	CVE-2021-21512 MISC
digi — connectport_x2e	Digi ConnectPort X2e before 3.2.30.6 allows an attacker to escalate privileges from the python user to root via a symlink attack that uses chown, related to /etc/init.d/S50dropbear.sh and the /WEB/python/.ssh directory.	2021-02-18	not yet calculated	CVE-2020-12878 MISC MISC MISC
digium — asterisk	An issue was discovered in res_pjsip_session.c in Digium Asterisk through 13.38.1; 14.x, 15.x, and 16.x through 16.16.0; 17.x through 17.9.1; and 18.x through 18.2.0, and Certified Asterisk through 16.8-cert5. An SDP negotiation vulnerability in PJSIP allows a remote server to potentially crash Asterisk by sending specific SIP responses that cause an SDP negotiation failure.	2021-02-18	not yet calculated	CVE-2021-26906 MISC FULLDISC MISC CONFIRM CONFIRM
dji — mavic_2_remote_controller	A command injection issue in dji_sys in DJI Mavic 2 Remote Controller before firmware version 01.00.0510 allows for code execution via a malicious firmware upgrade packet.	2021-02-18	not yet calculated	CVE-2020-29664 MISC MISC MISC MISC
docsify — docsify	This affects the package docsify before 4.12.0. It is possible to bypass the remediation done by CVE-2020-7680 and execute malicious JavaScript through the following methods 1) When parsing HTML from remote URLs, the HTML code on the main page is sanitized, but this sanitization is not taking place in the sidebar. 2) The isURL external check can be bypassed by inserting more “////” characters	2021-02-19	not yet calculated	CVE-2021-23342 FULLDISC MISC MISC MISC
doctor_appointment_system — doctor_apointment_system	SQL injection in the expertise parameter in search_result.php in Doctor Appointment System v1.0 allows an authenticated patient user to dump the database credentials via a SQL injection attack.	2021-02-18	not yet calculated	CVE-2021-27124 MISC MISC MISC
e-learning_system — e-learning_system	E-Learning System 1.0 suffers from an unauthenticated SQL injection vulnerability, which allows remote attackers to execute arbitrary code on the hosting web server and gain a reverse shell.	2021-02-15	not yet calculated	CVE-2021-3239 MISC MISC MISC
endalia — selection_portal	In Endalia Selection Portal before 4.205.0, an Insecure Direct Object Reference (IDOR) allows any authenticated user to download every file uploaded to the platform by changing the value of the file identifier (aka CommonDownload identification number).	2021-02-18	not yet calculated	CVE-2020-35577 MISC MISC
endian — firewall_community	Endian Firewall Community (aka EFW) 3.3.2 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in a backup comment.	2021-02-15	not yet calculated	CVE-2021-27201 MISC MISC MISC
fedora_project — fedora_33	The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter.	2021-02-15	not yet calculated	CVE-2021-23336 MLIST MISC MLIST FEDORA FEDORA MISC MISC
filezen — filezen	FileZen (V3.0.0 to V4.2.7 and V5.0.0 to V5.0.2) allows a remote attacker with administrator rights to execute arbitrary OS commands via unspecified vectors.	2021-02-17	not yet calculated	CVE-2021-20655 MISC MISC
finalwire — aida64_engineer	Buffer overflow in FinalWire Ltd AIDA64 Engineer 6.00.5100 allows attackers to execute arbitrary code by creating a crafted input that will overwrite the SEH handler.	2021-02-19	not yet calculated	CVE-2020-19513 EXPLOIT-DB
friendica — friendica	Friendica 2021.01 allows SSRF via parse_url?binurl= for DNS lookups or HTTP requests to arbitrary domain names.	2021-02-18	not yet calculated	CVE-2021-27329 MISC
fuji — electric_v-server_lite	The affected Fuji Electric V-Server Lite versions prior to 3.3.24.0 are vulnerable to an out-of-bounds write, which may allow an attacker to remotely execute arbitrary code.	2021-02-19	not yet calculated	CVE-2020-25171 MISC
ge-digital — hmi/scada_ifix	HMI/SCADA iFIX (Versions 6.1 and prior) allows a local authenticated user to modify system-wide iFIX configurations through section objects. This may allow privilege escalation.	2021-02-18	not yet calculated	CVE-2019-18255 MISC
ge-digital — hmi/scada_ifix	HMI/SCADA iFIX (Versions 6.1 and prior) allows a local authenticated user to modify system-wide iFIX configurations through the registry. This may allow privilege escalation.	2021-02-18	not yet calculated	CVE-2019-18243 MISC
gerrit — gerrit_servers	Any git operation is passed through Jetty and a session is created. No expiry is set for the session and Jetty does not automatically dispose of the session. Over multiple git actions, this can lead to a heap memory exhaustion for Gerrit servers. We recommend upgrading Gerrit to any of the versions listed above.	2021-02-17	not yet calculated	CVE-2021-22553 CONFIRM
gnome — glib	An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If g_byte_array_new_take() was called with a buffer of 4GB or more on a 64-bit platform, the length would be truncated modulo 2**32, causing unintended length truncation.	2021-02-15	not yet calculated	CVE-2021-27218 MISC MISC
gnome — glib	An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function g_bytes_new has an integer overflow on 64-bit platforms due to an implicit cast from 64 bits to 32 bits. The overflow could potentially lead to memory corruption.	2021-02-15	not yet calculated	CVE-2021-27219 MISC
google — android	The Terminate Session feature in the Telegram application through 7.2.1 for Android, and through 2.4.7 for Windows and UNIX, fails to invalidate a recently active session.	2021-02-19	not yet calculated	CVE-2021-27351 MISC
gramaddict — gramaddict	GramAddict through 1.2.3 allows remote attackers to execute arbitrary code because of use of UIAutomator2 and ATX-Agent. The attacker must be able to reach TCP port 7912, e.g., by being on the same Wi-Fi network.	2021-02-17	not yet calculated	CVE-2020-36245 MISC
hestia — control_panel	Hestia Control Panel through 1.3.3, in a shared-hosting environment, sometimes allows remote authenticated users to create a subdomain for a different customer’s domain name, leading to spoofing of services or email messages.	2021-02-16	not yet calculated	CVE-2021-27231 MISC MISC
hilscher — ethernet/ip_core_v2	A denial of service and memory corruption vulnerability was found in Hilscher EtherNet/IP Core V2 prior to V2.13.0.21that may lead to code injection through network or make devices crash without recovery.	2021-02-16	not yet calculated	CVE-2021-20987 CONFIRM CONFIRM
hilscher — profinet_io_device_v3	A Denial of Service vulnerability was found in Hilscher PROFINET IO Device V3 in versions prior to V3.14.0.7. This may lead to unexpected loss of cyclic communication or interruption of acyclic communication.	2021-02-16	not yet calculated	CVE-2021-20986 CONFIRM CONFIRM
ibm — jazz_reporting_service	IBM Jazz Reporting Service 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191751.	2021-02-18	not yet calculated	CVE-2020-4933 XF CONFIRM
ibm — maximo_for_civil_infrastructure	IBM Maximo for Civil Infrastructure 7.6.2 could allow a user to obtain sensitive information due to insecure storeage of authentication credentials. IBM X-Force ID: 196621.	2021-02-18	not yet calculated	CVE-2021-20445 XF CONFIRM
ibm — maximo_for_civil_infrastructure	IBM Maximo for Civil Infrastructure 7.6.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 196620.	2021-02-18	not yet calculated	CVE-2021-20444 XF CONFIRM
ibm — maximo_for_civil_infrastructure	IBM Maximo for Civil Infrastructure 7.6.2 includes executable functionality (such as a library) from a source that is outside of the intended control sphere. IBM X-Force ID: 196619.	2021-02-18	not yet calculated	CVE-2021-20443 XF CONFIRM
ibm — websphere_application_server	IBM WebSphere Application Server 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories. An attacker could send a specially-crafted URL request containing “dot dot” sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 194883.	2021-02-18	not yet calculated	CVE-2021-20354 XF CONFIRM
intel — 10th_generation_core_processors	Debug message containing addresses of memory transactions in some Intel(R) 10th Generation Core Processors supporting SGX may allow a privileged user to potentially enable information disclosure via local access.	2021-02-17	not yet calculated	CVE-2020-24491 MISC
intel — 700-series_ethernet_controllers	Insufficient access control in the firmware for the Intel(R) 700-series of Ethernet Controllers before version 7.3 may allow a privileged user to potentially enable denial of service via local access.	2021-02-17	not yet calculated	CVE-2020-24495 MISC
intel — 700-series_ethernet_controllers	Insufficient access control in the firmware for the Intel(R) 700-series of Ethernet Controllers before version 8.0 may allow a privileged user to potentially enable denial of service via local access.	2021-02-17	not yet calculated	CVE-2020-24493 MISC
intel — 700-series_ethernet_controllers	Insufficient input validation in the firmware for the Intel(R) 700-series of Ethernet Controllers before version 7.3 may allow a privileged user to potentially enable denial of service via local access.	2021-02-17	not yet calculated	CVE-2020-24505 MISC
intel — 722_ethernet_controllers	Insufficient input validation in the firmware for Intel(R) 722 Ethernet Controllers before version 1.4.3 may allow a privileged user to potentially enable denial of service via local access.	2021-02-17	not yet calculated	CVE-2020-24496 MISC
intel — 722_ethernet_controllers	Insufficient access control in the firmware for the Intel(R) 722 Ethernet Controllers before version 1.4.3 may allow a privileged user to potentially enable denial of service via local access.	2021-02-17	not yet calculated	CVE-2020-24494 MISC
intel — 722_ethernet_controllors	Insufficient access control in the firmware for the Intel(R) 722 Ethernet Controllers before version 1.5 may allow a privileged user to potentially enable a denial of service via local access.	2021-02-17	not yet calculated	CVE-2020-24492 MISC
intel — 7360_cell_modem	Improper buffer restrictions in firmware for Intel(R) 7360 Cell Modem before UDE version 9.4.370 may allow unauthenticated user to potentially enable denial of service via network access.	2021-02-17	not yet calculated	CVE-2020-24482 MISC
intel — collaboration_suite	Insufficient control flow management in the API for the Intel(R) Collaboration Suite for WebRTC before version 4.3.1 may allow an authenticated user to potentially enable escalation of privilege via network access.	2021-02-17	not yet calculated	CVE-2020-12339 MISC
intel — e810_ethernet_adaptor_driver	Improper input validation in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 and before version 1.4.29.0 for Windows*, may allow an authenticated user to potentially enable a denial of service via local access.	2021-02-17	not yet calculated	CVE-2020-24502 MISC
intel — e810_ethernet_adaptor_drivers	Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 may allow an authenticated user to potentially enable denial of service via local access.	2021-02-17	not yet calculated	CVE-2020-24504 MISC
intel — e810_ethernet_adaptor_drivers	Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 may allow an authenticated user to potentially enable information disclosure via local access.	2021-02-17	not yet calculated	CVE-2020-24503 MISC
intel — e810_ethernet_controllers	Insufficient Access Control in the firmware for Intel(R) E810 Ethernet Controllers before version 1.4.1.13 may allow a privileged user to potentially enable denial of service via local access.	2021-02-17	not yet calculated	CVE-2020-24497 MISC
intel — e810_ethernet_controllers	Buffer overflow in the firmware for Intel(R) E810 Ethernet Controllers before version 1.4.1.13 may allow a privileged user to potentially enable denial of service via local access.	2021-02-17	not yet calculated	CVE-2020-24498 MISC
intel — e810_ethernet_controllers	Buffer overflow in the firmware for Intel(R) E810 Ethernet Controllers before version 1.4.1.13 may allow a privileged user to potentially enable a denial of service via local access.	2021-02-17	not yet calculated	CVE-2020-24500 MISC
intel — e810_ethernet_controllers	Buffer overflow in the firmware for Intel(R) E810 Ethernet Controllers before version 1.4.1.13 may allow an unauthenticated user to potentially enable denial of service via adjacent access.	2021-02-17	not yet calculated	CVE-2020-24501 MISC
intel — epid_sdk	Improper input validation in the Intel(R) EPID SDK before version 8, may allow an authenticated user to potentially enable an escalation of privilege via local access.	2021-02-17	not yet calculated	CVE-2020-24453 MISC
intel — ethernet_i210_controller	Improper access control in the firmware for the Intel(R) Ethernet I210 Controller series of network adapters before version 3.30 may potentially allow a privileged user to enable a denial of service via local access.	2021-02-17	not yet calculated	CVE-2020-0523 MISC
intel — ethernet_i210_controller	Improper access control in firmware for the Intel(R) Ethernet I210 Controller series of network adapters before version 3.30 may allow a privileged user to potentially enable denial of service via local access.	2021-02-17	not yet calculated	CVE-2020-0525 MISC
intel — ethernet_i210_controller	Improper default permissions in the firmware for the Intel(R) Ethernet I210 Controller series of network adapters before version 3.30 may allow an authenticated user to potentially enable denial of service via local access.	2021-02-17	not yet calculated	CVE-2020-0524 MISC
intel — ethernet_i210_controller	Improper initialization in the firmware for the Intel(R) Ethernet I210 Controller series of network adapters before version 3.30 may allow a privileged user to potentially enable denial of service via local access.	2021-02-17	not yet calculated	CVE-2020-0522 MISC
intel — graphics_driver	Improper access control for Intel(R) Graphics Drivers before version 15.45.33.5164 and 27.20.100.8280 may allow an authenticated user to potentially enable an escalation of privilege via local access.	2021-02-17	not yet calculated	CVE-2020-8678 MISC
intel — graphics_drivers	Insufficient control flow management in the kernel mode driver for some Intel(R) Graphics Drivers before version 15.36.39.5145 may allow an authenticated user to potentially enable escalation of privilege via local access.	2021-02-17	not yet calculated	CVE-2020-0544 MISC
intel — graphics_drivers	Out-of-bounds write in some Intel(R) Graphics Drivers before version 15.36.39.5143 may allow an authenticated user to potentially enable denial of service via local access.	2021-02-17	not yet calculated	CVE-2020-12386 MISC
intel — graphics_drivers	Untrusted pointer dereference in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable a denial of service via local access.	2021-02-17	not yet calculated	CVE-2020-12370 MISC
intel — graphics_drivers	Integer overflow in some Intel(R) Graphics Drivers before version 26.20.100.8476 may allow a privileged user to potentially enable an escalation of privilege via local access.	2021-02-17	not yet calculated	CVE-2020-12367 MISC
intel — graphics_drivers	Untrusted pointer dereference in some Intel(R) Graphics Drivers before versions 15.33.51.5146, 15.45.32.5145, 15.36.39.5144 and 15.40.46.5143 may allow an authenticated user to potentially denial of service via local access.	2021-02-17	not yet calculated	CVE-2020-12365 MISC
intel — graphics_drivers	Insufficient input validation in some Intel(R) Graphics Drivers before version 27.20.100.8587 may allow a privileged user to potentially enable an escalation of privilege via local access.	2021-02-17	not yet calculated	CVE-2020-12366 MISC
intel — graphics_drivers	Expired pointer dereference in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable a denial of service via local access.	2021-02-17	not yet calculated	CVE-2020-12373 MISC
intel — graphics_drivers	Null pointer reference in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before version Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.	2021-02-17	not yet calculated	CVE-2020-12364 MISC
intel — graphics_drivers	Integer overflow in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable an escalation of privilege via local access.	2021-02-17	not yet calculated	CVE-2020-12368 MISC
intel — graphics_drivers	Out of bound write in some Intel(R) Graphics Drivers before version 26.20.100.8336 may allow a privileged user to potentially enable escalation of privilege via local access.	2021-02-17	not yet calculated	CVE-2020-12369 MISC
intel — graphics_drivers	Improper conditions check in some Intel(R) Graphics Drivers before versions 26.20.100.8141, 15.45.32.5145 and 15.40.46.5144 may allow an authenticated user to potentially enable escalation of privilege via local access.	2021-02-17	not yet calculated	CVE-2020-24450 MISC
intel — graphics_drivers	Divide by zero in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable a denial of service via local access.	2021-02-17	not yet calculated	CVE-2020-12371 MISC
intel — graphics_drivers	Unchecked return value in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable a denial of service via local access.	2021-02-17	not yet calculated	CVE-2020-12372 MISC
intel — graphics_drivers	Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable an escalation of privilege via local access.	2021-02-17	not yet calculated	CVE-2020-12362 MISC
intel — graphics_drivers	Use after free in some Intel(R) Graphics Drivers before version 15.33.51.5146 may allow an authenticated user to potentially enable denial of service via local access.	2021-02-17	not yet calculated	CVE-2020-12361 MISC
intel — graphics_drivers	Improper access control in some Intel(R) Graphics Drivers before version 26.20.100.8476 may allow an authenticated user to potentially enable an escalation of privilege via local access.	2021-02-17	not yet calculated	CVE-2020-12384 MISC
intel — graphics_drivers	Improper input validation in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable escalation of privilege via local access.	2021-02-17	not yet calculated	CVE-2020-12385 MISC
intel — graphics_drivers	Uncaught exception in some Intel(R) Graphics Drivers before version 15.33.51.5146 may allow an authenticated user to potentially enable denial of service via local access.	2021-02-17	not yet calculated	CVE-2020-24448 MISC
intel — graphics_drivers	Insufficient control flow management in some Intel(R) Graphics Drivers before version 15.45.32.5145 may allow an authenticated user to potentially enable escalation of privilege via local access.	2021-02-17	not yet calculated	CVE-2020-0521 MISC
intel — graphics_drivers	Improper input validation in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.	2021-02-17	not yet calculated	CVE-2020-12363 MISC
intel — grpahics_driver	Out of bounds write in the Intel(R) Graphics Driver before version 15.33.53.5161, 15.36.40.5162, 15.40.47.5166, 15.45.33.5164 and 27.20.100.8336 may allow an authenticated user to potentially enable an escalation of privilege via local access.	2021-02-17	not yet calculated	CVE-2020-24462 MISC
intel — hd_graphics_control_panel	Improper access control in the Intel(R) HD Graphics Control Panel before version 15.40.46.5144 and 15.36.39.5143 may allow an authenticated user to potentially enable escalation of privilege via local access.	2021-02-17	not yet calculated	CVE-2020-0518 MISC
intel — multiple_products	Out of bounds read in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow an authenticated user to potentially enable escalation of privilege via local access.	2021-02-17	not yet calculated	CVE-2020-12380 MISC
intel — multiple_products	Use of hard-coded key in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow authenticated user to potentially enable information disclosure via local access.	2021-02-17	not yet calculated	CVE-2020-12376 MISC
intel — multiple_products	Insufficient input validation in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow an authenticated user to potentially enable escalation of privilege via local access.	2021-02-17	not yet calculated	CVE-2020-12377 MISC
intel — multiple_products	Buffer overflow in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow a privileged user to potentially enable escalation of privilege via local access.	2021-02-19	not yet calculated	CVE-2020-12374 MISC
intel — multiple_products	Heap overflow in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow an authenticated user to potentially enable escalation of privilege via local access.	2021-02-17	not yet calculated	CVE-2020-12375 MISC
intel — optane_dc_persistent_memory	Uncontrolled search path in the Intel(R) Optane(TM) DC Persistent Memory installer for Windows* before version 1.00.00.3506 may allow an authenticated user to potentially enable escalation of privilege via local access.	2021-02-17	not yet calculated	CVE-2020-24451 MISC
intel — proset/wireless_wifi_and_killer_drivers	Incomplete cleanup in some Intel(R) PROSet/Wireless WiFi and Killer (TM) drivers before version 22.0 may allow a privileged user to potentially enable information disclosure and denial of service<b> </b>via adjacent access.	2021-02-17	not yet calculated	CVE-2020-24458 MISC
intel — quartus_prime_pro	Insecure inherited permissions for the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable escalation of privilege via local access.	2021-02-17	not yet calculated	CVE-2020-24481 MISC
intel — realsense_dcm	Incorrect default permissions in the installer for the Intel(R) RealSense(TM) DCM may allow a privileged user to potentially enable escalation of privilege via local access.	2021-02-17	not yet calculated	CVE-2020-8765 MISC
intel — sgx_platform_software	Improper input validation in the Intel(R) SGX Platform Software for Windows* may allow an authenticated user to potentially enable a denial of service via local access.	2021-02-17	not yet calculated	CVE-2020-24452 MISC
intel — soc_driver	Insecure inherited permissions for the Intel(R) SOC driver package for STK1A32SC before version 604 may allow an authenticated user to potentially enable escalation of privilege via local access.	2021-02-17	not yet calculated	CVE-2021-0109 MISC
intel — ssd_toolbox	Incorrect default permissions in installer for the Intel(R) SSD Toolbox versions before 2/9/2021 may allow a privileged user to potentially enable escalation of privilege via local access.	2021-02-17	not yet calculated	CVE-2020-8701 MISC
intel — trace_analyzer_and_collector	Uncontrolled search path in the Intel(R) Trace Analyzer and Collector before version 2020 update 3 may allow an authenticated user to potentially enable escalation of privilege via local access.	2021-02-17	not yet calculated	CVE-2020-24485 MISC
intel — xtu	Out-of-bounds write in the Intel(R) XTU before version 6.5.3.25 may allow a privileged user to potentially enable denial of service via local access.	2021-02-17	not yet calculated	CVE-2020-24480 MISC
irfanview — irfanview	The WPG plugin before 3.1.0.0 for IrfanView 4.57 has a Read Access Violation on Control Flow starting at WPG!ReadWPG_W+0x0000000000000133, which might allow remote attackers to execute arbitrary code.	2021-02-17	not yet calculated	CVE-2021-27362 MISC MISC
irfanview — irfanview	The WPG plugin before 3.1.0.0 for IrfanView 4.57 has a user-mode write access violation starting at WPG+0x0000000000012ec6, which might allow remote attackers to execute arbitrary code.	2021-02-17	not yet calculated	CVE-2021-27224 MISC MISC MISC
jackson-dataformat-cbor — jackson-dataformat-cbor	This affects the package com.fasterxml.jackson.dataformat:jackson-dataformat-cbor from 0 and before 2.11.4, from 2.12.0-rc1 and before 2.12.1. Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception.	2021-02-18	not yet calculated	CVE-2020-28491 CONFIRM CONFIRM CONFIRM
jinjava — jinjava	Jinjava before 2.5.4 allow access to arbitrary classes by calling Java methods on objects passed into a Jinjava context. This could allow for abuse of the application class loader, including Arbitrary File Disclosure.	2021-02-19	not yet calculated	CVE-2020-12668 MISC MISC MISC MISC MISC
jsdom — jsdom	JSDom improperly allows the loading of local resources, which allows for local files to be manipulated by a malicious web page when script execution is enabled.	2021-02-16	not yet calculated	CVE-2021-20066 MISC
kollectapps — kollectapps	KollectApps before 4.8.16c is affected by insecure Java deserialization, leading to Remote Code Execution via a ysoserial.payloads.CommonsCollections parameter.	2021-02-18	not yet calculated	CVE-2021-27335 MISC
less-openui5 — less-openui5	less-openui5 is an npm package which enables building OpenUI5 themes with Less.js. In less-openui5 before version 0.10., when processing theming resources (i.e. `*.less` files) with less-openui5 that originate from an untrusted source, those resources might contain JavaScript code which will be executed in the context of the build process. While this is a feature of the Less.js library it is an unexpected behavior in the context of OpenUI5 and SAPUI5 development. Especially in the context of UI5 Tooling which relies on less-openui5. An attacker might create a library or theme-library containing a custom control or theme, hiding malicious JavaScript code in one of the .less files. Refer to the referenced GHSA-3crj-w4f5-gwh4 for examples. Starting with Less.js version 3.0.0, the Inline JavaScript feature is disabled by default. less-openui5 however currently uses a fork of Less.js v1.6.3. Note that disabling the Inline JavaScript feature in Less.js versions 1.x, still evaluates code has additional double codes around it. We decided to remove the inline JavaScript evaluation feature completely from the code of our Less.js fork. This fix is available in less-openui5 version 0.10.0.	2021-02-16	not yet calculated	CVE-2021-21316 MISC MISC MISC CONFIRM MISC
library_system — library_system	The user area for Library System 1.0 is vulnerable to SQL injection where a user can bypass the authentication and login as the admin user.	2021-02-15	not yet calculated	CVE-2021-26200 MISC
linux — linux_kernel	An issue was discovered in Xen 4.9 through 4.14.x. On Arm, a guest is allowed to control whether memory accesses are bypassing the cache. This means that Xen needs to ensure that all writes (such as the ones during scrubbing) have reached the memory before handing over the page to a guest. Unfortunately, the operation to clean the cache is happening before checking if the page was scrubbed. Therefore there is no guarantee when all the writes will reach the memory.	2021-02-17	not yet calculated	CVE-2021-26933 MISC
linux — linux_kernel	An issue was discovered in the Linux kernel 4.18 through 5.10.16, as used by Xen. The backend allocation (aka be-alloc) mode of the drm_xen_front drivers was not meant to be a supported configuration, but this wasn’t stated accordingly in its support status entry.	2021-02-17	not yet calculated	CVE-2021-26934 MISC
linux — linux_kernel	A NULL pointer dereference flaw in Linux kernel versions prior to 5.11 may be seen if sco_sock_getsockopt function in net/bluetooth/sco.c do not have a sanity check for a socket connection, when using BT_SNDMTU/BT_RCVMTU for SCO sockets. This could allow a local attacker with a special user privilege to crash the system (DOS) or leak kernel internal information.	2021-02-19	not yet calculated	CVE-2020-35499 MISC
linux — linux_kernel	An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. To service requests to the PV backend, the driver maps grant references provided by the frontend. In this process, errors may be encountered. In one case, an error encountered earlier might be discarded by later processing, resulting in the caller assuming successful mapping, and hence subsequent operations trying to access space that wasn’t mapped. In another case, internal state would be insufficiently updated, preventing safe recovery from the error. This affects drivers/block/xen-blkback/blkback.c.	2021-02-17	not yet calculated	CVE-2021-26930 MISC
linux — linux_kernel	An issue was discovered in the Linux kernel 2.6.39 through 5.10.16, as used in Xen. Block, net, and SCSI backends consider certain errors a plain bug, deliberately causing a kernel crash. For errors potentially being at least under the influence of guests (such as out of memory conditions), it isn’t correct to assume a plain bug. Memory allocations potentially causing such crashes occur only when Linux is running in PV mode, though. This affects drivers/block/xen-blkback/blkback.c and drivers/xen/xen-scsiback.c.	2021-02-17	not yet calculated	CVE-2021-26931 MISC
linux — linux_kernel	An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen. Grant mapping operations often occur in batch hypercalls, where a number of operations are done in a single hypercall, the success or failure of each one is reported to the backend driver, and the backend driver then loops over the results, performing follow-up actions based on the success or failure of each operation. Unfortunately, when running in PV mode, the Linux backend drivers mishandle this: Some errors are ignored, effectively implying their success from the success of related batch elements. In other cases, errors resulting from one batch element lead to further batch elements not being inspected, and hence successful ones to not be possible to properly unmap upon error recovery. Only systems with Linux backends running in PV mode are vulnerable. Linux backends run in HVM / PVH modes are not vulnerable. This affects arch/*/xen/p2m.c and drivers/xen/gntdev.c.	2021-02-17	not yet calculated	CVE-2021-26932 MISC
livy — livy	Livy server version 0.7.0-incubating (only) is vulnerable to a cross site scripting issue in the session name. A malicious user could use this flaw to access logs and results of other users’ sessions and run jobs with their privileges. This issue is fixed in Livy 0.7.1-incubating.	2021-02-20	not yet calculated	CVE-2021-26544 MLIST CONFIRM CONFIRM
lodash — lodash	All versions of package lodash; all versions of package org.fujion.webjars:lodash are vulnerable to Command Injection via template.	2021-02-15	not yet calculated	CVE-2021-23337 MISC MISC MISC MISC MISC MISC MISC
lodash — lodash	All versions of package lodash; all versions of package org.fujion.webjars:lodash are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions. Steps to reproduce (provided by reporter Liyuan Chen): var lo = require(‘lodash’); function build_blank (n) { var ret = “1” for (var i = 0; i < n; i++) { ret += ” ” } return ret + “1”; } var s = build_blank(50000) var time0 = Date.now(); lo.trim(s) var time_cost0 = Date.now() – time0; console.log(“time_cost0: ” + time_cost0) var time1 = Date.now(); lo.toNumber(s) var time_cost1 = Date.now() – time1; console.log(“time_cost1: ” + time_cost1) var time2 = Date.now(); lo.trimEnd(s) var time_cost2 = Date.now() – time2; console.log(“time_cost2: ” + time_cost2)	2021-02-15	not yet calculated	CVE-2020-28500 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM
mailtrain — mailtrain	Mailtrain through 1.24.1 allows SQL Injection in statsClickedSubscribersByColumn in lib/models/campaigns.js via /campaigns/clicked/ajax because variable column names are not properly escaped.	2021-02-19	not yet calculated	CVE-2020-24617 MISC MISC
mcafee — web_gateway	Privilege escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.8 allows an authenticated user to gain elevated privileges through the User Interface and execute commands on the appliance via incorrect improper neutralization of user input in the troubleshooting page.	2021-02-17	not yet calculated	CVE-2021-23885 CONFIRM
metasys — reporting_engine_web_services	Path Traversal vulnerability exists in Metasys Reporting Engine (MRE) Web Services which could allow a remote unauthenticated attacker to access and download arbitrary files from the system.	2021-02-19	not yet calculated	CVE-2020-9050 CONFIRM CERT
microweber — microweber	A directory traversal issue in the Utils/Unzip module in Microweber through 1.1.20 allows an authenticated attacker to gain remote code execution via the backup restore feature. To exploit the vulnerability, an attacker must have the credentials of an administrative user, upload a maliciously constructed ZIP file with file paths including relative paths (i.e., ../../), move this file into the backup directory, and execute a restore on this file.	2021-02-15	not yet calculated	CVE-2020-28337 MISC MISC MISC
mitsubishi — electric_fa_engineering_software	Improper handling of length parameter inconsistency vulnerability in Mitsubishi Electric FA Engineering Software(C Controller module setting and monitoring tool all versions, CPU Module Logging Configuration Tool all versions, CW Configurator all versions, Data Transfer all versions, EZSocket all versions, FR Configurator all versions, FR Configurator SW3 all versions, FR Configurator2 all versions, GT Designer3 Version1(GOT1000) all versions, GT Designer3 Version1(GOT2000) all versions, GT SoftGOT1000 Version3 all versions, GT SoftGOT2000 Version1 all versions, GX Configurator-DP versions 7.14Q and prior, GX Configurator-QP all versions, GX Developer all versions, GX Explorer all versions, GX IEC Developer all versions, GX LogViewer all versions, GX RemoteService-I all versions, GX Works2 versions 1.597X and prior, GX Works3 versions 1.070Y and prior, M_CommDTM-HART all versions, M_CommDTM-IO-Link all versions, MELFA-Works all versions, MELSEC WinCPU Setting Utility all versions, MELSOFT EM Software Development Kit (EM Configurator) all versions, MELSOFT Navigator all versions, MH11 SettingTool Version2 all versions, MI Configurator all versions, MT Works2 all versions, MX Component all versions, Network Interface Board CC IE Control utility all versions, Network Interface Board CC IE Field Utility all versions, Network Interface Board CC-Link Ver.2 Utility all versions, Network Interface Board MNETH utility all versions, PX Developer all versions, RT ToolBox2 all versions, RT ToolBox3 all versions, Setting/monitoring tools for the C Controller module all versions, SLMP Data Collector all versions) allows a remote unauthenticated attacker to cause a DoS condition of the software products, and possibly to execute a malicious program on the personal computer running the software products although it has not been reproduced, by spoofing MELSEC, GOT or FREQROL and returning crafted reply packets.	2021-02-19	not yet calculated	CVE-2021-20588 MISC MISC
mitsubishi — electric_fa_engineering_software	Heap-based buffer overflow vulnerability in Mitsubishi Electric FA Engineering Software (C Controller module setting and monitoring tool all versions, CPU Module Logging Configuration Tool all versions, CW Configurator all versions, Data Transfer all versions, EZSocket all versions, FR Configurator all versions, FR Configurator SW3 all versions, FR Configurator2 all versions, GT Designer3 Version1(GOT1000) all versions, GT Designer3 Version1(GOT2000) all versions, GT SoftGOT1000 Version3 all versions, GT SoftGOT2000 Version1 all versions, GX Configurator-DP version 7.14Q and prior, GX Configurator-QP all versions, GX Developer all versions, GX Explorer all versions, GX IEC Developer all versions, GX LogViewer all versions, GX RemoteService-I all versions, GX Works2 version 1.597X and prior, GX Works3 version 1.070Y and prior, M_CommDTM-HART all versions, M_CommDTM-IO-Link all versions, MELFA-Works all versions, MELSEC WinCPU Setting Utility all versions, MELSOFT EM Software Development Kit (EM Configurator) all versions, MELSOFT Navigator all versions, MH11 SettingTool Version2 all versions, MI Configurator all versions, MT Works2 all versions, MX Component all versions, Network Interface Board CC IE Control utility all versions, Network Interface Board CC IE Field Utility all versions, Network Interface Board CC-Link Ver.2 Utility all versions, Network Interface Board MNETH utility all versions, PX Developer all versions, RT ToolBox2 all versions, RT ToolBox3 all versions, Setting/monitoring tools for the C Controller module all versions and SLMP Data Collector all versions) allows a remote unauthenticated attacker to cause a DoS condition of the software products, and possibly to execute a malicious program on the personal computer running the software products although it has not been reproduced, by spoofing MELSEC, GOT or FREQROL and returning crafted reply packets.	2021-02-19	not yet calculated	CVE-2021-20587 MISC MISC
modernflow — modernflow	ModernFlow before 1.3.00.208 does not constrain web-page access to members of a security group, as demonstrated by the Search Screen and the Profile Screen.	2021-02-19	not yet calculated	CVE-2021-3339 MISC MISC
mumble — mumble	Mumble before 1.3.4 allows remote code execution if a victim navigates to a crafted URL on a server list and clicks on the Open Webpage text.	2021-02-16	not yet calculated	CVE-2021-27229 MISC MISC MISC MLIST
mutare — voice	An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. On the admin portal of the web application, password information for external systems is visible in cleartext. The Settings.asp page is affected by this issue.	2021-02-16	not yet calculated	CVE-2021-27233 MISC
mutare — voice	An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. On the admin portal of the web application, there is a functionality at diagzip.asp that allows anyone to export tables of a database.	2021-02-16	not yet calculated	CVE-2021-27235 MISC
mutare — voice	An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. The web application suffers from SQL injection on Adminlog.asp, Archivemsgs.asp, Deletelog.asp, Eventlog.asp, and Evmlog.asp.	2021-02-16	not yet calculated	CVE-2021-27234 MISC
mutare — voice	An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. getfile.asp allows Unauthenticated Local File Inclusion, which can be leveraged to achieve Remote Code Execution.	2021-02-16	not yet calculated	CVE-2021-27236 MISC
nagios — xi_5.7.2	Nagios XI 5.7.2 is affected by a remote code execution (RCE) vulnerability. An authenticated user can inject additional commands into normal webapp query.	2021-02-15	not yet calculated	CVE-2020-24899 MISC
nagiosxi — 5.6.11	NagiosXI 5.6.11 is affected by a remote code execution (RCE) vulnerability. An authenticated user can inject additional commands into a request.	2021-02-15	not yet calculated	CVE-2020-22427 MISC
netis — multiple_devices	Netis WF2780 2.3.40404 and WF2411 1.1.29629 devices allow Shell Metacharacter Injection into the ping command, leading to remote code execution.	2021-02-18	not yet calculated	CVE-2021-26747 MISC MISC
node.js — node.js	A ReDoS (regular expression denial of service) flaw was found in the @progfay/scrapbox-parser package before 6.0.3 for Node.js.	2021-02-19	not yet calculated	CVE-2021-27405 MISC MISC MISC
node.js — node.js	The slashify package 1.0.0 for Node.js allows open-redirect attacks, as demonstrated by a localhost:3000///example.com/ substring.	2021-02-19	not yet calculated	CVE-2021-3189 MISC MISC
node.js — node.js	The System Information Library for Node.JS (npm package “systeminformation”) is an open source collection of functions to retrieve detailed hardware, system and OS information. In systeminformation before version 5.3.1 there is a command injection vulnerability. Problem was fixed in version 5.3.1. As a workaround instead of upgrading, be sure to check or sanitize service parameters that are passed to si.inetLatency(), si.inetChecksite(), si.services(), si.processLoad() … do only allow strings, reject any arrays. String sanitation works as expected.	2021-02-16	not yet calculated	CVE-2021-21315 MISC CONFIRM MISC
ondemand — ondemand	Open OnDemand before 1.5.7 and 1.6.x before 1.6.22 allows CSRF.	2021-02-19	not yet calculated	CVE-2020-36247 MISC
opc_ua.net — opc_ua.net	A Privilege Elevation vulnerability in OPC UA .NET Standard Stack 1.4.363.107 allows attackers to establish a connection using invalid certificates.	2021-02-16	not yet calculated	CVE-2020-29457 MISC CONFIRM MISC
opencast — opencast	Opencast is a free, open-source platform to support the management of educational audio and video content. In Opencast before version 9.2 there is a vulnerability in which publishing an episode with strict access rules will overwrite the currently set series access. This allows for an easy denial of access for all users without superuser privileges, effectively hiding the series. Access to series and series metadata on the search service (shown in media module and player) depends on the events published which are part of the series. Publishing an event will automatically publish a series and update access to it. Removing an event or republishing the event should do the same. Affected versions of Opencast may not update the series access or remove a published series if an event is being removed. On removal of an episode, this may lead to an access control list for series metadata with broader access rules than the merged access rules of all remaining events, or the series metadata still being available although all episodes of that series have been removed. This problem is fixed in Opencast 9.2.	2021-02-18	not yet calculated	CVE-2021-21318 MISC CONFIRM
openemr — openemr	A SQL injection vulnerability in interface/reports/immunization_report.php in OpenEMR before 5.0.2.5 allows a remote authenticated attacker to execute arbitrary SQL commands via the form_code parameter.	2021-02-15	not yet calculated	CVE-2020-29140 MISC MISC MISC MISC MISC
openemr — openemr	A SQL injection vulnerability in interface/reports/non_reported.php in OpenEMR before 5.0.2.5 allows a remote authenticated attacker to execute arbitrary SQL commands via the form_code parameter.	2021-02-15	not yet calculated	CVE-2020-29143 MISC MISC MISC MISC
openemr — openemr	A SQL injection vulnerability in interface/main/finder/patient_select.php from library/patient.inc in OpenEMR before 5.0.2.5 allows a remote authenticated attacker to execute arbitrary SQL commands via the searchFields parameter.	2021-02-15	not yet calculated	CVE-2020-29139 MISC MISC MISC MISC
openldap — openldap	In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime.	2021-02-14	not yet calculated	CVE-2021-27212 MISC MISC MISC MLIST
opennms — meridian	OpenNMS Meridian 2016, 2017, 2018 before 2018.1.25, 2019 before 2019.1.16, and 2020 before 2020.1.5, Horizon 1.2 through 27.0.4, and Newts <1.5.3 has Incorrect Access Control, which allows local and remote code execution using JEXL expressions.	2021-02-17	not yet calculated	CVE-2021-3396 MISC CONFIRM
openrepeater — openrepeater	OpenRepeater (ORP) before 2.2 allows unauthenticated command injection via shell metacharacters in the functions/ajax_system.php post_service parameter.	2021-02-19	not yet calculated	CVE-2019-25024 MISC MISC
openssl — opensll	The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).	2021-02-16	not yet calculated	CVE-2021-23841 CONFIRM CONFIRM CONFIRM DEBIAN CONFIRM
openssl — opensll	Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).	2021-02-16	not yet calculated	CVE-2021-23840 CONFIRM CONFIRM CONFIRM DEBIAN CONFIRM
openssl — openssl	OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is configured to support both SSLv2 and more recent SSL and TLS versions then a check is made for a version rollback attack when unpadding an RSA signature. Clients that support SSL or TLS versions greater than SSLv2 are supposed to use a special form of padding. A server that supports greater than SSLv2 is supposed to reject connection attempts from a client where this special form of padding is present, because this indicates that a version rollback has occurred (i.e. both client and server support greater than SSLv2, and yet this is the version that is being requested). The implementation of this padding check inverted the logic so that the connection attempt is accepted if the padding is present, and rejected if it is absent. This means that such as server will accept a connection if a version rollback attack has occurred. Further the server will erroneously reject a connection if a normal SSLv2 connection attempt is made. Only OpenSSL 1.0.2 servers from version 1.0.2s to 1.0.2x are affected by this issue. In order to be vulnerable a 1.0.2 server must: 1) have configured SSLv2 support at compile time (this is off by default), 2) have configured SSLv2 support at runtime (this is off by default), 3) have configured SSLv2 ciphersuites (these are not in the default ciphersuite list) OpenSSL 1.1.1 does not have SSLv2 support and therefore is not vulnerable to this issue. The underlying error is in the implementation of the RSA_padding_check_SSLv23() function. This also affects the RSA_SSLV23_PADDING padding mode used by various other functions. Although 1.1.1 does not support SSLv2 the RSA_padding_check_SSLv23() function still exists, as does the RSA_SSLV23_PADDING padding mode. Applications that directly call that function or use that padding mode will encounter this issue. However since there is no support for the SSLv2 protocol in 1.1.1 this is considered a bug and not a security issue in that version. OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.0.2y (Affected 1.0.2s-1.0.2x).	2021-02-16	not yet calculated	CVE-2021-23839 CONFIRM CONFIRM CONFIRM
owncloud — owncloud	In the ownCloud application before 2.15 for Android, the lock protection mechanism can be bypassed by moving the system date/time into the past.	2021-02-19	not yet calculated	CVE-2020-36250 MISC
owncloud — owncloud	ownCloud Server 10.x before 10.3.1 allows an attacker, who has one outgoing share from a victim, to access any version of any file by sending a request for a predictable ID number.	2021-02-19	not yet calculated	CVE-2020-36252 MISC
owncloud — owncloud	ownCloud Server before 10.3.0 allows an attacker, who has received non-administrative access to a group share, to remove everyone else’s access to that share.	2021-02-19	not yet calculated	CVE-2020-36251 MISC
owncloud — owncloud	The File Firewall before 2.8.0 for ownCloud Server does not properly enforce file-type restrictions for public shares.	2021-02-19	not yet calculated	CVE-2020-36249 MISC
owncloud — owncloud	The ownCloud application before 2.15 for Android allows attackers to use adb to include a PIN preferences value in a backup archive, and consequently bypass the PIN lock feature by restoring from this archive.	2021-02-19	not yet calculated	CVE-2020-36248 MISC
owncloud — owncloud	An issue was discovered in ownCloud before 10.4. An attacker can bypass authentication on a password-protected image by displaying its preview.	2021-02-19	not yet calculated	CVE-2020-10254 MISC CONFIRM MISC
owncloud — owncloud	An issue was discovered in ownCloud before 10.4. Because of an SSRF issue (via the apps/files_sharing/external remote parameter), an authenticated attacker can interact with local services blindly (aka Blind SSRF) or conduct a Denial Of Service attack.	2021-02-19	not yet calculated	CVE-2020-10252 MISC CONFIRM MISC
pelco — digital_sentry_server	The RTSPLive555.dll ActiveX control in Pelco Digital Sentry Server 7.18.72.11464 has a SetCameraConnectionParameter stack-based buffer overflow. This can be exploited by a remote attacker to potentially execute arbitrary attacker-supplied code. The victim would have to visit a malicious webpage using Internet Explorer where the exploit could be triggered.	2021-02-16	not yet calculated	CVE-2021-27232 MISC MISC
phpgurukul — car_rental_project	PHPGurukul Car Rental Project version 2.0 suffers from a remote shell upload vulnerability in changeimage1.php.	2021-02-17	not yet calculated	CVE-2021-26809 MISC MISC
pi-hole — pi-hole	Pi-hole 5.0, 5.1, and 5.1.1 allows XSS via the Options header to the admin/ URI. A remote user is able to inject arbitrary web script or HTML due to incorrect sanitization of user-supplied data and achieve a Reflected Cross-Site Scripting attack against other users and steal the session cookie.	2021-02-18	not yet calculated	CVE-2020-35592 MISC MISC
pi-hole — pi-hole	Pi-hole 5.0, 5.1, and 5.1.1 allows Session Fixation. The application does not generate a new session cookie after the user is logged in. A malicious user is able to create a new session cookie value and inject it to a victim. After the victim logs in, the injected cookie becomes valid, giving the attacker access to the user’s account through the active session.	2021-02-18	not yet calculated	CVE-2020-35591 MISC MISC
pimcore — pimcore	This affects the package pimcore/pimcore before 6.8.8. A Local FIle Inclusion vulnerability exists in the downloadCsvAction function of the CustomReportController class (bundles/AdminBundle/Controller/Reports/CustomReportController.php). An authenticated user can reach this function with a GET request at the following endpoint: /admin/reports/custom-report/download-csv?exportFile=&91;filename]. Since exportFile variable is not sanitized, an attacker can exploit a local file inclusion vulnerability.	2021-02-18	not yet calculated	CVE-2021-23340 MISC MISC MISC
pnglmg — pnglmg	An integer overflow in the PngImg::InitStorage_() function of png-img before 3.1.0 leads to an under-allocation of heap memory and subsequently an exploitable heap-based buffer overflow when loading a crafted PNG file.	2021-02-20	not yet calculated	CVE-2020-28248 MISC MISC MISC MISC
powerlogic — multiple_products	A CWE-352: Cross-Site Request Forgery vulnerability exists in PowerLogic ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 (see notification for affected versions), that could cause a user to perform an unintended action on the target device when using the HTTP web interface.	2021-02-19	not yet calculated	CVE-2021-22701 MISC
powerlogic — multiple_products	A CWE-319: Cleartext transmission of sensitive information vulnerability exists in PowerLogic ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 (see notification for affected versions), that could cause disclosure of user credentials when a malicious actor intercepts HTTP network traffic between a user and the device.	2021-02-19	not yet calculated	CVE-2021-22703 MISC
powerlogic — multiple_products	A CWE-319: Cleartext transmission of sensitive information vulnerability exists in PowerLogic ION7400, ION7650, ION7700/73xx, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 (see notification for affected versions), that could cause disclosure of user credentials when a malicious actor intercepts Telnet network traffic between a user and the device.	2021-02-19	not yet calculated	CVE-2021-22702 MISC
pressbooks — pressbooks	PressBooks 5.17.3 contains a cross-site scripting (XSS). Stored XSS can be submitted via the Book Info’s Long Description Body, and all actions to open or preview the books page will result in the triggering the stored XSS.	2021-02-18	not yet calculated	CVE-2021-3271 MISC MISC MISC
prism-asciidoc — prism-asciidoc	The package prismjs before 1.23.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the prism-asciidoc, prism-rest, prism-tap and prism-eiffel components.	2021-02-18	not yet calculated	CVE-2021-23341 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM
property_management_system — property_management_system	Attackers can access the CGE account management function without privilege for permission elevation and execute arbitrary commands or files after obtaining user permissions.	2021-02-17	not yet calculated	CVE-2021-22858 CONFIRM MISC
prototye_pollution — prototype_pollution	All versions of package merge are vulnerable to Prototype Pollution via _recursiveMerge .	2021-02-18	not yet calculated	CVE-2020-28499 CONFIRM CONFIRM CONFIRM
qlib — qlib	This affects all versions of package qlib. The workflow function in cli part of qlib was using an unsafe YAML load function.	2021-02-15	not yet calculated	CVE-2021-23338 MISC MISC
qnap — nas_devices	A stack-based buffer overflow vulnerability has been reported to affect QNAP NAS devices running Surveillance Station. If exploited, this vulnerability allows attackers to execute arbitrary code. QNAP have already fixed this vulnerability in the following versions: Surveillance Station 5.1.5.4.3 (and later) for ARM CPU NAS (64bit OS) and x86 CPU NAS (64bit OS) Surveillance Station 5.1.5.3.3 (and later) for ARM CPU NAS (32bit OS) and x86 CPU NAS (32bit OS)	2021-02-17	not yet calculated	CVE-2020-2501 MISC
qnap — photo_station	This cross-site scripting vulnerability in Photo Station allows remote attackers to inject malicious code. QANP We have already fixed this vulnerability in the following versions of Photo Station. Photo Station 6.0.11 and later	2021-02-17	not yet calculated	CVE-2020-2502 MISC
racom — midge_firmware	Racom’s MIDGE Firmware 4.4.40.105 contains an issue that allows users to escape the provided command line interface and execute arbitrary OS commands.	2021-02-16	not yet calculated	CVE-2021-20074 MISC
racom — midge_firmware	Racom’s MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to view sensitive syslog events without authentication.	2021-02-16	not yet calculated	CVE-2021-20067 MISC
racom — midge_firmware	Racom’s MIDGE Firmware 4.4.40.105 contains an issue that allows for cross-site request forgeries.	2021-02-16	not yet calculated	CVE-2021-20073 MISC
racom — midge_firmware	Racom’s MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to arbitrarily access and delete files via an authenticated directory traveral.	2021-02-16	not yet calculated	CVE-2021-20072 MISC
reportlab — reportlab	All versions of package reportlab are vulnerable to Server-side Request Forgery (SSRF) via img tags. In order to reduce risk, use trustedSchemes & trustedHosts (see in Reportlab’s documentation) Steps to reproduce by Karan Bamal: 1. Download and install the latest package of reportlab 2. Go to demos -> odyssey -> dodyssey 3. In the text file odyssey.txt that needs to be converted to pdf inject <img src=”http://127.0.0.1:5000″ valign=”top”/> 4. Create a nc listener nc -lp 5000 5. Run python3 dodyssey.py 6. You will get a hit on your nc showing we have successfully proceded to send a server side request 7. dodyssey.py will show error since there is no img file on the url, but we are able to do SSRF	2021-02-18	not yet calculated	CVE-2020-28463 CONFIRM CONFIRM
rust — rust	An issue was discovered in the yottadb crate before 1.2.0 for Rust. For some memory-allocation patterns, ydb_subscript_next_st and ydb_subscript_prev_st have a use-after-free.	2021-02-18	not yet calculated	CVE-2021-27377 MISC
rust — rust	An issue was discovered in the nb-connect crate before 1.0.3 for Rust. It may have invalid memory access for certain versions of the standard library because it relies on a direct cast of std::net::SocketAddrV4 and std::net::SocketAddrV6 data structures.	2021-02-18	not yet calculated	CVE-2021-27376 MISC
rust — rust	An issue was discovered in the rand_core crate before 0.6.2 for Rust. Because read_u32_into and read_u64_into mishandle certain buffer-length checks, a random number generator may be seeded with too little data.	2021-02-18	not yet calculated	CVE-2021-27378 MISC
sangoma — asterisk	An issue was discovered in Sangoma Asterisk 16.x before 16.16.1, 17.x before 17.9.2, and 18.x before 18.2.1 and Certified Asterisk before 16.8-cert6. When re-negotiating for T.38, if the initial remote response was delayed just enough, Asterisk would send both audio and T.38 in the SDP. If this happened, and the remote responded with a declined T.38 stream, then Asterisk would crash.	2021-02-18	not yet calculated	CVE-2021-26717 MISC FULLDISC MISC CONFIRM CONFIRM
sangoma — asterisk	A stack-based buffer overflow in res_rtp_asterisk.c in Sangoma Asterisk before 16.16.1, 17.x before 17.9.2, and 18.x before 18.2.1 and Certified Asterisk before 16.8-cert6 allows an authenticated WebRTC client to cause an Asterisk crash by sending multiple hold/unhold requests in quick succession. This is caused by a signedness comparison mismatch.	2021-02-19	not yet calculated	CVE-2021-26713 MISC MISC MISC
sangoma — asterisk	A buffer overflow in res_pjsip_diversion.c in Sangoma Asterisk versions 13.38.1, 16.15.1, 17.9.1, and 18.1.1 allows remote attacker to crash Asterisk by deliberately misusing SIP 181 responses.	2021-02-18	not yet calculated	CVE-2020-35776 MISC FULLDISC CONFIRM MISC CONFIRM
sangoma — asterisk	Incorrect access controls in res_srtp.c in Sangoma Asterisk 13.38.1, 16.16.0, 17.9.1, and 18.2.0 and Certified Asterisk 16.8-cert5 allow a remote unauthenticated attacker to prematurely terminate secure calls by replaying SRTP packets.	2021-02-18	not yet calculated	CVE-2021-26712 MISC FULLDISC MISC CONFIRM CONFIRM
secomea — gatemanager	An Insecure Direct Object Reference vulnerability exists in the web UI of the GateManager which allows an authenticated attacker to reset the password of any user in its domain or any sub-domain, via escalation of privileges. This issue affects all GateManager versions prior to 9.2c	2021-02-15	not yet calculated	CVE-2020-29031 MISC
secomea — gatemanager	A directory traversal vulnerability exists in the file upload function of the GateManager that allows an authenticated attacker with administrative permissions to read and write arbitrary files in the Linux file system. This issue affects: GateManager all versions prior to 9.2c.	2021-02-15	not yet calculated	CVE-2020-29026 MISC
secomea — gatemanager	Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute vulnerability in (GTA) GoToAppliance of Secomea GateManager could allow an attacker to gain access to sensitive cookies. This issue affects: Secomea GateManager all versions prior to 9.3.	2021-02-16	not yet calculated	CVE-2020-29024 MISC
secomea — gatemanager	Improper Encoding or Escaping of Output from CSV Report Generator of Secomea GateManager allows an authenticated administrator to generate a CSV file that may run arbitrary commands on a victim’s computer when opened in a spreadsheet program (like Excel). This issue affects: Secomea GateManager all versions prior to 9.3.	2021-02-16	not yet calculated	CVE-2020-29023 MISC CONFIRM
secomea — gatemanager	Failure to Sanitize host header value on output in the GateManager Web server could allow an attacker to conduct web cache poisoning attacks. This issue affects Secomea GateManager all versions prior to 9.3	2021-02-16	not yet calculated	CVE-2020-29022 MISC
smartstorenet — smartstorenet	An issue was discovered in SmartStoreNET before 4.1.0. Lack of Cross Site Request Forgery (CSRF) protection may lead to elevation of privileges (e.g., /admin/customer/create to create an admin account).	2021-02-19	not yet calculated	CVE-2020-27997 MISC MISC
soar — cloud_system	The specific function of HR Portal of Soar Cloud System accepts any type of object to be deserialized. Attackers can send malicious serialized objects to execute arbitrary commands.	2021-02-17	not yet calculated	CVE-2021-22855 CONFIRM MISC
soar — cloud_system	The HR Portal of Soar Cloud System fails to manage access control. While obtaining user ID, remote attackers can access sensitive data via a specific data packet, such as userâ€™s login information, further causing the login function not to work.	2021-02-17	not yet calculated	CVE-2021-22853 CONFIRM MISC
soar — cloud_system	The HR Portal of Soar Cloud System fails to filter specific parameters. Remote attackers can inject SQL syntax and obtain all data in the database without privilege.	2021-02-17	not yet calculated	CVE-2021-22854 CONFIRM MISC
steghide — steghide	steghide 0.5.1 relies on a certain 32-bit seed value, which makes it easier for attackers to detect hidden data.	2021-02-15	not yet calculated	CVE-2021-27211 MISC MISC MISC
sytech — xl_reporter	An exploitable local privilege elevation vulnerability exists in the file system permissions of Sytech XL Reporter v14.0.1 install directory. Depending on the vector chosen, an attacker can overwrite service executables and execute arbitrary code with privileges of user set to run the service or replace other files within the installation folder, which would allow for local privilege escalation.	2021-02-19	not yet calculated	CVE-2020-13549 MISC
teachers_record_management_system — teachers_record_management_system	Teachers Record Management System 1.0 is affected by a SQL injection vulnerability in ‘searchteacher’ POST parameter in search-teacher.php. This vulnerability can be exploited by a remote unauthenticated attacker to leak sensitive information and perform code execution attacks.	2021-02-15	not yet calculated	CVE-2021-26822 MISC MISC
telsa — solarcity_solar_monitoring_gateway	Tesla SolarCity Solar Monitoring Gateway through 5.46.43 has a “Use of Hard-coded Credentials” issue because Digi ConnectPort X2e uses a .pyc file to store the cleartext password for the python user account.	2021-02-18	not yet calculated	CVE-2020-9306 CONFIRM MISC MISC MISC
testes_de_codigo — testes_de_codigo	Mobile application “Testes de Codigo” 11.4 and prior allows an attacker to gain access to the administrative interface and premium features by tampering the boolean value of parameters “isAdmin” and “isPremium” located on device storage.	2021-02-16	not yet calculated	CVE-2021-25648 MISC
three — three	This affects the package three before 0.125.0. This can happen when handling rgb or hsl colors. PoC: var three = require(‘three’) function build_blank (n) { var ret = “rgb(” for (var i = 0; i < n; i++) { ret += ” ” } return ret + “”; } var Color = three.Color var time = Date.now(); new Color(build_blank(50000)) var time_cost = Date.now() – time; console.log(time_cost+” ms”)	2021-02-18	not yet calculated	CVE-2020-28496 MISC MISC MISC MISC
traefik — traefik	Traefik before 2.4.5 allows the loading of IFRAME elements from other domains.	2021-02-18	not yet calculated	CVE-2021-27375 MISC CONFIRM
uap-core — uap-core	uap-core in an open-source npm package which contains the core of BrowserScope’s original user agent string parser. In uap-core before version 0.11.0, some regexes are vulnerable to regular expression denial of service (REDoS) due to overlapping capture groups. This allows remote attackers to overload a server by setting the User-Agent header in an HTTP(S) request to maliciously crafted long strings. This is fixed in version 0.11.0. Downstream packages such as uap-python, uap-ruby etc which depend upon uap-core follow different version schemes.	2021-02-16	not yet calculated	CVE-2021-21317 MISC CONFIRM MISC
uprism — uprism	A vulnerability of uPrism.io CURIX(Video conferecing solution) could allow an unauthenticated attacker to execute arbitrary code. This vulnerability is due to insufficient input(server domain) validation. An attacker could exploit this vulnerability through crafted URL.	2021-02-17	not yet calculated	CVE-2020-7849 MISC
vertigis — weboffice	VertiGIS WebOffice 10.7 SP1 before patch20210202 and 10.8 SP1 before patch20210207 allows attackers to achieve “Zugriff auf Inhalte der WebOffice Applikation.”	2021-02-17	not yet calculated	CVE-2021-27374 MISC MISC
visualware — myconnection_server	In Visualware MyConnection Server before 11.0b build 5382, each published report is not associated with its own access code.	2021-02-19	not yet calculated	CVE-2021-27509 MISC
voloko– twitter-stream	In voloko twitter-stream 0.1.10, missing TLS hostname validation allows an attacker to perform a man-in-the-middle attack against users of the library (because eventmachine is misused).	2021-02-19	not yet calculated	CVE-2020-24392 MISC MISC
voloko– twitter-stream	TweetStream 2.6.1 uses the library eventmachine in an insecure way that does not have TLS hostname validation. This allows an attacker to perform a man-in-the-middle attack.	2021-02-19	not yet calculated	CVE-2020-24393 MISC MISC
webware — webdesktop	SSRF in the document conversion component of Webware Webdesktop 5.1.15 allows an attacker to read all files from the server.	2021-02-19	not yet calculated	CVE-2021-3204 MISC
wireshark — wireshark	Crash in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file	2021-02-17	not yet calculated	CVE-2021-22174 CONFIRM MISC MISC
wireshark — wireshark	Memory leak in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file	2021-02-17	not yet calculated	CVE-2021-22173 CONFIRM MISC MISC
xen — xen	An issue was discovered in Xen through 4.11.x, allowing x86 Intel HVM guest OS users to achieve unintended read/write DMA access, and possibly cause a denial of service (host OS crash) or gain privileges. This occurs because a backport missed a flush, and thus IOMMU updates were not always correct. NOTE: this issue exists because of an incomplete fix for CVE-2020-15565.	2021-02-18	not yet calculated	CVE-2021-27379 MISC
yeastar — neogate_devices	Yeastar NeoGate TG400 91.3.0.3 devices are affected by Directory Traversal. An authenticated user can decrypt firmware and can read sensitive information, such as a password or decryption key.	2021-02-19	not yet calculated	CVE-2021-27328 MISC MISC
zoho — manageengine_adselfservice_plus	A Server-side request forgery (SSRF) vulnerability in the ProductConfig servlet in Zoho ManageEngine ADSelfService Plus through 6013 allows a remote unauthenticated attacker to perform blind HTTP requests or perform a Cross-site scripting (XSS) attack against the administrative interface via an HTTP request, a different vulnerability than CVE-2019-3905.	2021-02-19	not yet calculated	CVE-2021-27214 MISC MISC

This product is provided subject to this Notification and this Privacy & Use policy.