| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-32626 | Hig | 0.01 | 7.5 | 0.15 | Oct 4, 2021 | Redis is an open source, in-memory database that persists on disk. In affected versions specially crafted Lua scripts executing in Redis can cause the heap-based Lua stack to be overflowed, due to incomplete checks for this condition. This can result with heap corruption and… | ||
| CVE-2021-23858 | Hig | 0.56 | 8.6 | 0.01 | Oct 4, 2021 | Information disclosure: The main configuration, including users and their hashed passwords, is exposed by an unprotected web server resource and can be accessed without authentication. Additionally, device details are exposed which include the serial number and the firmware… | ||
| CVE-2021-23855 | Hig | 0.56 | 8.6 | 0.01 | Oct 4, 2021 | The user and password data base is exposed by an unprotected web server resource. Passwords are hashed with a weak hashing algorithm and therefore allow an attacker to determine the password by using rainbow tables. | ||
| CVE-2021-41593 | Hig | 0.56 | 8.6 | 0.02 | Oct 4, 2021 | Lightning Labs lnd before 0.13.3-beta allows loss of funds because of dust HTLC exposure. | ||
| CVE-2021-41530 | Hig | 0.49 | 7.5 | 0.01 | Oct 4, 2021 | Forcepoint NGFW Engine versions 6.5.11 and earlier, 6.8.6 and earlier, and 6.10.0 are vulnerable to TCP reflected amplification vulnerability, if HTTP User Response has been configured. | ||
| CVE-2021-41103 | Hig | 0.44 | 7.8 | 0.00 | Oct 4, 2021 | containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged Linux users to… | ||
| CVE-2021-40683 | Hig | 0.51 | 7.8 | 0.00 | Oct 4, 2021 | In Akamai EAA (Enterprise Application Access) Client before 2.3.1, 2.4.x before 2.4.1, and 2.5.x before 2.5.3, an unquoted path may allow an attacker to hijack the flow of execution. | ||
| CVE-2021-39885 | Hig | 0.57 | 8.7 | 0.01 | Oct 4, 2021 | A Stored XSS in merge request creation page in all versions of Gitlab EE starting from 13.7 before 14.1.7, all versions starting from 14.2 before 14.2.5, and all versions starting from 14.3 before 14.3.1 allows an attacker to execute arbitrary JavaScript code on the victim's… | ||
| CVE-2021-39877 | Hig | 0.50 | 7.7 | 0.01 | Oct 4, 2021 | A vulnerability was discovered in GitLab starting with version 12.2 that allows an attacker to cause uncontrolled resource consumption with a specially crafted file. | ||
| CVE-2021-37777 | Hig | 0.49 | 7.5 | 0.02 | Oct 4, 2021 | Gila CMS 2.2.0 is vulnerable to Insecure Direct Object Reference (IDOR). Thumbnails uploaded by one site owner are visible by another site owner just by knowing the other site name and fuzzing for picture names. This leads to sensitive information disclosure. | ||
| CVE-2021-36051 | Hig | 0.51 | 7.8 | 0.05 | Oct 4, 2021 | XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a specially-crafted .cpp file. | ||
| CVE-2021-24465 | Hig | 0.53 | 8.1 | 0.01 | Oct 4, 2021 | The Meow Gallery WordPress plugin before 4.1.9 does not sanitise, validate or escape the ids attribute of its gallery shortcode (available for users as low as Contributor) before using it in an SQL statement, leading to an authenticated SQL Injection issue. The injection also… | ||
| CVE-2021-41869 | Hig | 0.57 | 8.8 | 0.02 | Oct 4, 2021 | SuiteCRM 7.10.x before 7.10.33 and 7.11.x before 7.11.22 is vulnerable to privilege escalation. | ||
| CVE-2021-41322 | Hig | 0.57 | 8.8 | 0.02 | Oct 4, 2021 | Poly VVX 400/410 5.3.1 allows low-privileged users to change the Admin password by modifying a POST parameter to 120 during the password reset process. | ||
| CVE-2021-41285 | Hig | 0.51 | 7.8 | 0.01 | Oct 4, 2021 | Ballistix MOD Utility through 2.0.2.5 is vulnerable to privilege escalation in the MODAPI.sys driver component. The vulnerability is triggered by sending a specific IOCTL request that allows low-privileged users to directly interact with physical memory via the MmMapIoSpace… | ||
| CVE-2021-40325 | — | Hig | 0.42 | 7.5 | 0.01 | Oct 4, 2021 | Cobbler before 3.3.0 allows authorization bypass for modification of settings. | |
| CVE-2021-40324 | — | Hig | 0.47 | 7.5 | 0.69 | Oct 4, 2021 | Cobbler before 3.3.0 allows arbitrary file write operations via upload_log_data. | |
| CVE-2021-41864 | Hig | 0.00 | 7.8 | 0.00 | Oct 2, 2021 | prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. | ||
| CVE-2021-41847 | Hig | 0.57 | 8.8 | 0.02 | Oct 1, 2021 | An issue was discovered in 3xLogic Infinias Access Control through 6.7.10708.0, affecting physical security. Users with login credentials assigned to a specific zone can send modified HTTP GET and POST requests, allowing them to view user data such as personal information and… | ||
| CVE-2021-38110 | Hig | 0.51 | 7.8 | 0.02 | Oct 1, 2021 | Word97Import200.dll in Corel WordPerfect 2020 20.0.0.200 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user.… | ||
| CVE-2021-38101 | Hig | 0.51 | 7.8 | 0.02 | Oct 1, 2021 | CDRRip.dll in Corel PhotoPaint Standard 2020 22.0.0.474 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user.… | ||
| CVE-2021-38100 | Hig | 0.51 | 7.8 | 0.02 | Oct 1, 2021 | Corel PhotoPaint Standard 2020 22.0.0.474 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this… | ||
| CVE-2021-38098 | Hig | 0.51 | 7.8 | 0.02 | Oct 1, 2021 | Corel PDF Fusion 2.6.2.0 is affected by a Heap Corruption vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user… | ||
| CVE-2021-36309 | Hig | 0.46 | 7.1 | 0.01 | Oct 1, 2021 | Dell Enterprise SONiC OS, versions 3.3.0 and earlier, contains a sensitive information disclosure vulnerability. An authenticated malicious user with access to the system may use the TACACS\Radius credentials stored to read sensitive information and use it in further attacks. | ||
| CVE-2021-36298 | Hig | 0.53 | 8.1 | 0.01 | Oct 1, 2021 | Dell EMC InsightIQ, versions prior to 4.1.4, contain risky cryptographic algorithms in the SSH component. A remote unauthenticated attacker could potentially exploit this vulnerability leading to authentication bypass and remote takeover of the InsightIQ. This allows an attacker… | ||
| CVE-2021-38103 | Hig | 0.51 | 7.8 | 0.02 | Oct 1, 2021 | IBJPG2.FLT in Corel Presentations 2020 20.0.0.200 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation… | ||
| CVE-2021-38099 | Hig | 0.51 | 7.8 | 0.02 | Oct 1, 2021 | CDRRip.dll in Corel PhotoPaint Standard 2020 22.0.0.474 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user.… | ||
| CVE-2021-38096 | Hig | 0.51 | 7.8 | 0.03 | Oct 1, 2021 | Coreip.dll in Corel PDF Fusion 2.6.2.0 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this… | ||
| CVE-2020-21013 | Hig | 0.47 | 7.2 | 0.01 | Oct 1, 2021 | emlog v6.0.0 contains a SQL injection via /admin/comment.php. | ||
| CVE-2021-38097 | Hig | 0.51 | 7.8 | 0.03 | Oct 1, 2021 | Corel PDF Fusion 2.6.2.0 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires… | ||
| CVE-2021-29108 | Hig | 0.57 | 8.8 | 0.01 | Oct 1, 2021 | There is an privilege escalation vulnerability in organization-specific logins in Esri Portal for ArcGIS versions 10.9 and below that may allow a remote, authenticated attacker who is able to intercept and modify a SAML assertion to impersonate another account (XML Signature… | ||
| CVE-2021-41648 | Hig | 0.50 | 7.5 | 0.10 | Oct 1, 2021 | An un-authenticated SQL Injection exists in PuneethReddyHC online-shopping-system-advanced through the /action.php prId parameter. Using a post request does not sanitize the user input. | ||
| CVE-2021-35297 | Hig | 0.51 | 7.8 | 0.01 | Oct 1, 2021 | Scalabium dBase Viewer version 2.6 (Build 5.751) is vulnerable to remote code execution via a crafted DBF file that triggers a buffer overflow. An attacker can use the Structured Exception Handler (SEH) records and redirect execution to attacker-controlled code. | ||
| CVE-2021-41459 | Hig | 0.49 | 7.5 | 0.01 | Oct 1, 2021 | There is a stack buffer overflow in MP4Box v1.0.1 at src/filters/dmx_nhml.c:1008 in the nhmldmx_send_sample() function szXmlFrom parameter which leads to a denial of service vulnerability. | ||
| CVE-2021-41457 | Hig | 0.49 | 7.5 | 0.01 | Oct 1, 2021 | There is a stack buffer overflow in MP4Box 1.1.0 at src/filters/dmx_nhml.c in nhmldmx_init_parsing which leads to a denial of service vulnerability. | ||
| CVE-2021-41456 | Hig | 0.49 | 7.5 | 0.01 | Oct 1, 2021 | There is a stack buffer overflow in MP4Box v1.0.1 at src/filters/dmx_nhml.c:1004 in the nhmldmx_send_sample() function szXmlTo parameter which leads to a denial of service vulnerability. | ||
| CVE-2021-23893 | Hig | 0.57 | 8.8 | 0.00 | Oct 1, 2021 | Privilege Escalation vulnerability in a Windows system driver of McAfee Drive Encryption (DE) prior to 7.3.0 could allow a local non-admin user to gain elevated system privileges via exploiting an unutilized memory buffer. | ||
| CVE-2021-3747 | Hig | 0.57 | 8.8 | 0.00 | Oct 1, 2021 | The MacOS version of Multipass, version 1.7.0, fixed in 1.7.2, accidentally installed the application directory with incorrect owner. | ||
| CVE-2021-3626 | Hig | 0.00 | 8.8 | 0.00 | Oct 1, 2021 | The Windows version of Multipass before 1.7.0 allowed any local process to connect to the localhost TCP control socket to perform mounts from the operating system to a guest, allowing for privilege escalation. | ||
| CVE-2021-34356 | Hig | 0.49 | 7.6 | 0.01 | Oct 1, 2021 | A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running Photo Station. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of Photo Station: Photo… | ||
| CVE-2021-34355 | Hig | 0.49 | 7.6 | 0.01 | Oct 1, 2021 | A cross-site scripting (XSS) vulnerability has been reported to affect QNAP NAS running Photo Station. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of Photo Station: Photo… | ||
| CVE-2021-34354 | Hig | 0.49 | 7.6 | 0.01 | Oct 1, 2021 | A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running Photo Station. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of Photo Station: Photo… | ||
| CVE-2021-34352 | Hig | 0.47 | 7.2 | 0.01 | Oct 1, 2021 | A command injection vulnerability has been reported to affect QNAP device running QVR. If exploited, this vulnerability could allow remote attackers to run arbitrary commands. We have already fixed this vulnerability in the following versions of QVR: QVR 5.1.5 build 20210902 and… | ||
| CVE-2021-33626 | Hig | 0.51 | 7.8 | 0.00 | Oct 1, 2021 | A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer(QWORD values for CommBuffer). This can be used by an attacker to corrupt data in SMRAM memory and even lead to… | ||
| CVE-2020-20746 | Hig | 0.47 | 7.2 | 0.03 | Sep 30, 2021 | A stack-based buffer overflow in the httpd server on Tenda AC9 V15.03.06.60_EN allows remote attackers to execute arbitrary code or cause a denial of service (DoS) via a crafted POST request to /goform/SetStaticRouteCfg. | ||
| CVE-2021-29894 | Hig | 0.49 | 7.5 | 0.01 | Sep 30, 2021 | IBM Cloud Pak for Security (CP4S) 1.7.0.0, 1.7.1.0, 1.7.2.0, and 1.8.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 207320. | ||
| CVE-2020-20665 | Hig | 0.49 | 7.5 | 0.01 | Sep 30, 2021 | rudp v0.6 was discovered to contain a memory leak in the component main.c. | ||
| CVE-2021-41109 | Hig | 0.42 | 7.5 | 0.01 | Sep 30, 2021 | Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to version 4.10.4, for regular (non-LiveQuery) queries, the session token is removed from the response, but for LiveQuery payloads it is currently not. If a user has a… | ||
| CVE-2021-41302 | Hig | 0.47 | 7.3 | 0.00 | Sep 30, 2021 | ECOA BAS controller stores sensitive data (backup exports) in clear-text, thus the unauthenticated attacker can remotely query user password and obtain user’s privilege. | ||
| CVE-2021-41298 | Hig | 0.57 | 8.8 | 0.01 | Sep 30, 2021 | ECOA BAS controller is vulnerable to insecure direct object references that occur when the application provides direct access to objects based on user-supplied input. As a result of this vulnerability, attackers with general user's privilege can remotely bypass authorization and… |
- risk 0.01cvss 7.5epss 0.15
Redis is an open source, in-memory database that persists on disk. In affected versions specially crafted Lua scripts executing in Redis can cause the heap-based Lua stack to be overflowed, due to incomplete checks for this condition. This can result with heap corruption and…
- risk 0.56cvss 8.6epss 0.01
Information disclosure: The main configuration, including users and their hashed passwords, is exposed by an unprotected web server resource and can be accessed without authentication. Additionally, device details are exposed which include the serial number and the firmware…
- risk 0.56cvss 8.6epss 0.01
The user and password data base is exposed by an unprotected web server resource. Passwords are hashed with a weak hashing algorithm and therefore allow an attacker to determine the password by using rainbow tables.
- risk 0.56cvss 8.6epss 0.02
Lightning Labs lnd before 0.13.3-beta allows loss of funds because of dust HTLC exposure.
- risk 0.49cvss 7.5epss 0.01
Forcepoint NGFW Engine versions 6.5.11 and earlier, 6.8.6 and earlier, and 6.10.0 are vulnerable to TCP reflected amplification vulnerability, if HTTP User Response has been configured.
- risk 0.44cvss 7.8epss 0.00
containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged Linux users to…
- risk 0.51cvss 7.8epss 0.00
In Akamai EAA (Enterprise Application Access) Client before 2.3.1, 2.4.x before 2.4.1, and 2.5.x before 2.5.3, an unquoted path may allow an attacker to hijack the flow of execution.
- risk 0.57cvss 8.7epss 0.01
A Stored XSS in merge request creation page in all versions of Gitlab EE starting from 13.7 before 14.1.7, all versions starting from 14.2 before 14.2.5, and all versions starting from 14.3 before 14.3.1 allows an attacker to execute arbitrary JavaScript code on the victim's…
- risk 0.50cvss 7.7epss 0.01
A vulnerability was discovered in GitLab starting with version 12.2 that allows an attacker to cause uncontrolled resource consumption with a specially crafted file.
- risk 0.49cvss 7.5epss 0.02
Gila CMS 2.2.0 is vulnerable to Insecure Direct Object Reference (IDOR). Thumbnails uploaded by one site owner are visible by another site owner just by knowing the other site name and fuzzing for picture names. This leads to sensitive information disclosure.
- risk 0.51cvss 7.8epss 0.05
XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a specially-crafted .cpp file.
- risk 0.53cvss 8.1epss 0.01
The Meow Gallery WordPress plugin before 4.1.9 does not sanitise, validate or escape the ids attribute of its gallery shortcode (available for users as low as Contributor) before using it in an SQL statement, leading to an authenticated SQL Injection issue. The injection also…
- risk 0.57cvss 8.8epss 0.02
SuiteCRM 7.10.x before 7.10.33 and 7.11.x before 7.11.22 is vulnerable to privilege escalation.
- risk 0.57cvss 8.8epss 0.02
Poly VVX 400/410 5.3.1 allows low-privileged users to change the Admin password by modifying a POST parameter to 120 during the password reset process.
- risk 0.51cvss 7.8epss 0.01
Ballistix MOD Utility through 2.0.2.5 is vulnerable to privilege escalation in the MODAPI.sys driver component. The vulnerability is triggered by sending a specific IOCTL request that allows low-privileged users to directly interact with physical memory via the MmMapIoSpace…
- risk 0.42cvss 7.5epss 0.01
Cobbler before 3.3.0 allows authorization bypass for modification of settings.
- risk 0.47cvss 7.5epss 0.69
Cobbler before 3.3.0 allows arbitrary file write operations via upload_log_data.
- risk 0.00cvss 7.8epss 0.00
prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write.
- risk 0.57cvss 8.8epss 0.02
An issue was discovered in 3xLogic Infinias Access Control through 6.7.10708.0, affecting physical security. Users with login credentials assigned to a specific zone can send modified HTTP GET and POST requests, allowing them to view user data such as personal information and…
- risk 0.51cvss 7.8epss 0.02
Word97Import200.dll in Corel WordPerfect 2020 20.0.0.200 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user.…
- risk 0.51cvss 7.8epss 0.02
CDRRip.dll in Corel PhotoPaint Standard 2020 22.0.0.474 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user.…
- risk 0.51cvss 7.8epss 0.02
Corel PhotoPaint Standard 2020 22.0.0.474 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this…
- risk 0.51cvss 7.8epss 0.02
Corel PDF Fusion 2.6.2.0 is affected by a Heap Corruption vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user…
- risk 0.46cvss 7.1epss 0.01
Dell Enterprise SONiC OS, versions 3.3.0 and earlier, contains a sensitive information disclosure vulnerability. An authenticated malicious user with access to the system may use the TACACS\Radius credentials stored to read sensitive information and use it in further attacks.
- risk 0.53cvss 8.1epss 0.01
Dell EMC InsightIQ, versions prior to 4.1.4, contain risky cryptographic algorithms in the SSH component. A remote unauthenticated attacker could potentially exploit this vulnerability leading to authentication bypass and remote takeover of the InsightIQ. This allows an attacker…
- risk 0.51cvss 7.8epss 0.02
IBJPG2.FLT in Corel Presentations 2020 20.0.0.200 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation…
- risk 0.51cvss 7.8epss 0.02
CDRRip.dll in Corel PhotoPaint Standard 2020 22.0.0.474 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user.…
- risk 0.51cvss 7.8epss 0.03
Coreip.dll in Corel PDF Fusion 2.6.2.0 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this…
- risk 0.47cvss 7.2epss 0.01
emlog v6.0.0 contains a SQL injection via /admin/comment.php.
- risk 0.51cvss 7.8epss 0.03
Corel PDF Fusion 2.6.2.0 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires…
- risk 0.57cvss 8.8epss 0.01
There is an privilege escalation vulnerability in organization-specific logins in Esri Portal for ArcGIS versions 10.9 and below that may allow a remote, authenticated attacker who is able to intercept and modify a SAML assertion to impersonate another account (XML Signature…
- risk 0.50cvss 7.5epss 0.10
An un-authenticated SQL Injection exists in PuneethReddyHC online-shopping-system-advanced through the /action.php prId parameter. Using a post request does not sanitize the user input.
- risk 0.51cvss 7.8epss 0.01
Scalabium dBase Viewer version 2.6 (Build 5.751) is vulnerable to remote code execution via a crafted DBF file that triggers a buffer overflow. An attacker can use the Structured Exception Handler (SEH) records and redirect execution to attacker-controlled code.
- risk 0.49cvss 7.5epss 0.01
There is a stack buffer overflow in MP4Box v1.0.1 at src/filters/dmx_nhml.c:1008 in the nhmldmx_send_sample() function szXmlFrom parameter which leads to a denial of service vulnerability.
- risk 0.49cvss 7.5epss 0.01
There is a stack buffer overflow in MP4Box 1.1.0 at src/filters/dmx_nhml.c in nhmldmx_init_parsing which leads to a denial of service vulnerability.
- risk 0.49cvss 7.5epss 0.01
There is a stack buffer overflow in MP4Box v1.0.1 at src/filters/dmx_nhml.c:1004 in the nhmldmx_send_sample() function szXmlTo parameter which leads to a denial of service vulnerability.
- risk 0.57cvss 8.8epss 0.00
Privilege Escalation vulnerability in a Windows system driver of McAfee Drive Encryption (DE) prior to 7.3.0 could allow a local non-admin user to gain elevated system privileges via exploiting an unutilized memory buffer.
- risk 0.57cvss 8.8epss 0.00
The MacOS version of Multipass, version 1.7.0, fixed in 1.7.2, accidentally installed the application directory with incorrect owner.
- risk 0.00cvss 8.8epss 0.00
The Windows version of Multipass before 1.7.0 allowed any local process to connect to the localhost TCP control socket to perform mounts from the operating system to a guest, allowing for privilege escalation.
- risk 0.49cvss 7.6epss 0.01
A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running Photo Station. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of Photo Station: Photo…
- risk 0.49cvss 7.6epss 0.01
A cross-site scripting (XSS) vulnerability has been reported to affect QNAP NAS running Photo Station. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of Photo Station: Photo…
- risk 0.49cvss 7.6epss 0.01
A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running Photo Station. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of Photo Station: Photo…
- risk 0.47cvss 7.2epss 0.01
A command injection vulnerability has been reported to affect QNAP device running QVR. If exploited, this vulnerability could allow remote attackers to run arbitrary commands. We have already fixed this vulnerability in the following versions of QVR: QVR 5.1.5 build 20210902 and…
- risk 0.51cvss 7.8epss 0.00
A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer(QWORD values for CommBuffer). This can be used by an attacker to corrupt data in SMRAM memory and even lead to…
- risk 0.47cvss 7.2epss 0.03
A stack-based buffer overflow in the httpd server on Tenda AC9 V15.03.06.60_EN allows remote attackers to execute arbitrary code or cause a denial of service (DoS) via a crafted POST request to /goform/SetStaticRouteCfg.
- risk 0.49cvss 7.5epss 0.01
IBM Cloud Pak for Security (CP4S) 1.7.0.0, 1.7.1.0, 1.7.2.0, and 1.8.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 207320.
- risk 0.49cvss 7.5epss 0.01
rudp v0.6 was discovered to contain a memory leak in the component main.c.
- risk 0.42cvss 7.5epss 0.01
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to version 4.10.4, for regular (non-LiveQuery) queries, the session token is removed from the response, but for LiveQuery payloads it is currently not. If a user has a…
- risk 0.47cvss 7.3epss 0.00
ECOA BAS controller stores sensitive data (backup exports) in clear-text, thus the unauthenticated attacker can remotely query user password and obtain user’s privilege.
- risk 0.57cvss 8.8epss 0.01
ECOA BAS controller is vulnerable to insecure direct object references that occur when the application provides direct access to objects based on user-supplied input. As a result of this vulnerability, attackers with general user's privilege can remotely bypass authorization and…