| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-25016 | Hig | 0.00 | 8.8 | 0.03 | Jan 28, 2021 | In OpenDoas from 6.6 to 6.8 the users PATH variable was incorrectly inherited by authenticated executions if the authenticating rule allowed the user to execute any command. Rules that only allowed to authenticated user to execute specific commands were not affected by this… | ||
| CVE-2021-20187 | — | Hig | 0.47 | 7.2 | 0.02 | Jan 28, 2021 | It was found in Moodle before version 3.10.1, 3.9.4, 3.8.7 and 3.5.16 that it was possible for site administrators to execute arbitrary PHP scripts via a PHP include used during Shibboleth authentication. | |
| CVE-2020-4888 | Hig | 0.62 | 8.8 | 0.62 | Jan 28, 2021 | IBM QRadar SIEM 7.4.0 to 7.4.2 Patch 1 and 7.3.0 to 7.3.3 Patch 7 could allow a remote attacker to execute arbitrary commands on the system, caused by insecure deserialization of user-supplied content by the Java deserialization function. By sending a malicious serialized Java… | ||
| CVE-2020-13569 | Hig | 0.57 | 8.8 | 0.03 | Jan 28, 2021 | A cross-site request forgery vulnerability exists in the GACL functionality of OpenEMR 5.0.2 and development version 6.0.0 (commit babec93f600ff1394f91ccd512bcad85832eb6ce). A specially crafted HTTP request can lead to the execution of arbitrary requests in the context of the… | ||
| CVE-2021-20621 | Hig | 0.57 | 8.8 | 0.01 | Jan 28, 2021 | Cross-site request forgery (CSRF) vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | ||
| CVE-2020-5626 | Hig | 0.57 | 8.8 | 0.02 | Jan 28, 2021 | Logstorage version 8.0.0 and earlier, and ELC Analytics version 3.0.0 and earlier allow remote attackers to execute arbitrary OS commands via a specially crafted log file. | ||
| CVE-2021-3326 | Hig | 0.49 | 7.5 | 0.03 | Jan 27, 2021 | The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service. | ||
| CVE-2021-22655 | Hig | 0.51 | 7.8 | 0.01 | Jan 27, 2021 | Multiple out-of-bounds read issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0). | ||
| CVE-2021-22653 | Hig | 0.51 | 7.8 | 0.01 | Jan 27, 2021 | Multiple out-of-bounds write issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0). | ||
| CVE-2021-22641 | Hig | 0.51 | 7.8 | 0.02 | Jan 27, 2021 | A heap-based buffer overflow issue has been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0). | ||
| CVE-2021-22639 | Hig | 0.51 | 7.8 | 0.02 | Jan 27, 2021 | An uninitialized pointer issue has been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0). | ||
| CVE-2021-22637 | Hig | 0.51 | 7.8 | 0.02 | Jan 27, 2021 | Multiple stack-based buffer overflow issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to… | ||
| CVE-2021-26118 | — | Hig | 0.42 | 7.5 | 0.04 | Jan 27, 2021 | While investigating ARTEMIS-2964 it was found that the creation of advisory messages in the OpenWire protocol head of Apache ActiveMQ Artemis 2.15.0 bypassed policy based access control for the entire session. Production of advisory messages was not subject to access control in… | |
| CVE-2021-26117 | Hig | 0.43 | 7.5 | 0.11 | Jan 27, 2021 | The optional ActiveMQ LDAP login module can be configured to use anonymous access to the LDAP server. In this case, for Apache ActiveMQ Artemis prior to version 2.16.0 and Apache ActiveMQ prior to versions 5.16.1 and 5.15.14, the anonymous context is used to verify a valid users… | ||
| CVE-2021-25247 | Hig | 0.51 | 7.8 | 0.01 | Jan 27, 2021 | A DLL hijacking vulnerability Trend Micro HouseCall for Home Networks version 5.3.1063 and below could allow an attacker to use a malicious DLL to escalate privileges and perform arbitrary code execution. An attacker must already have user privileges on the machine to exploit… | ||
| CVE-2020-5427 | Hig | 0.47 | 7.2 | 0.01 | Jan 27, 2021 | In Spring Cloud Data Flow, versions 2.6.x prior to 2.6.5, versions 2.5.x prior 2.5.4, an application is vulnerable to SQL injection when requesting task execution. | ||
| CVE-2020-4952 | Hig | 0.57 | 8.8 | 0.02 | Jan 27, 2021 | IBM Security Guardium 11.2 could allow an authenticated user to gain root access due to improper access control. IBM X-Force ID: 192028. | ||
| CVE-2021-25312 | Hig | 0.57 | 8.8 | 0.01 | Jan 27, 2021 | HTCondor before 8.9.11 allows a user to submit a job as another user on the system, because of a flaw in the IDTOKENS authentication method. | ||
| CVE-2020-23356 | Hig | 0.49 | 7.5 | 0.01 | Jan 27, 2021 | dmin/kernel/api/login.class.phpin in nibbleblog v3.7.1c allows type juggling for login bypass because == is used instead of === for password hashes, which mishandles hashes that begin with 0e followed by exclusively numerical characters. | ||
| CVE-2020-23355 | — | Hig | 0.49 | 7.5 | 0.01 | Jan 27, 2021 | ** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Codiad 2.8.4 /componetns/user/class.user.php:Authenticate() is vulnerable in magic hash authentication bypass. If encrypted or hash value for the passwords form certain formats of magic hash, e.g, 0e123, another hash value 0e234… | |
| CVE-2020-23352 | Hig | 0.00 | 7.5 | 0.01 | Jan 27, 2021 | Z-BlogPHP 1.6.0 Valyria is affected by incorrect access control. PHP loose comparison and a magic hash can be used to bypass authentication. zb_user/plugin/passwordvisit/include.php:passwordvisit_input_password() uses loose comparison to authenticate, which can be bypassed via… | ||
| CVE-2021-3317 | Hig | 0.64 | 8.8 | 0.41 | Jan 26, 2021 | KLog Server through 2.4.1 allows authenticated command injection. async.php calls shell_exec() on the original value of the source parameter. | ||
| CVE-2021-3165 | Hig | 0.57 | 8.8 | 0.02 | Jan 26, 2021 | SmartAgent 3.1.0 allows a ViewOnly attacker to create a SuperUser account via the /#/CampaignManager/users URI. | ||
| CVE-2021-1070 | Hig | 0.46 | 7.1 | 0.00 | Jan 26, 2021 | NVIDIA Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano and Nano 2GB, L4T versions prior to 32.5, contains a vulnerability in the apply_binaries.sh script used to install NVIDIA components into the root file system image, in which improper access control is applied,… | ||
| CVE-2020-23776 | Hig | 0.49 | 7.5 | 0.01 | Jan 26, 2021 | A SSRF vulnerability exists in Winmail 6.5 in app.php in the key parameter when HTTPS is on. An attacker can use this vulnerability to cause the server to send a request to a specific URL. An attacker can modify the request header 'HOST' value to cause the server to send the… | ||
| CVE-2021-3309 | Hig | 0.00 | 8.1 | 0.02 | Jan 26, 2021 | packages/wekan-ldap/server/ldap.js in Wekan before 4.87 can process connections even though they are not authorized by the Certification Authority trust store, | ||
| CVE-2021-3156 | Hig | 0.67 | 7.8 | 0.99 | KEV | Jan 26, 2021 | Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character. | |
| CVE-2021-21278 | Hig | 0.49 | 8.6 | 0.02 | Jan 26, 2021 | RSSHub is an open source, easy to use, and extensible RSS feed generator. In RSSHub before version 7f1c430 (non-semantic versioning) there is a risk of code injection. Some routes use `eval` or `Function constructor`, which may be injected by the target site with unsafe code,… | ||
| CVE-2021-22159 | Hig | 0.51 | 7.8 | 0.00 | Jan 26, 2021 | Insider Threat Management Windows Agent Local Privilege Escalation Vulnerability The Proofpoint Insider Threat Management (formerly ObserveIT) Agent for Windows before 7.4.3, 7.5.4, 7.6.5, 7.7.5, 7.8.4, 7.9.3, 7.10.2, and 7.11.0.25 as well as versions 7.3 and earlier is missing… | ||
| CVE-2020-27295 | Hig | 0.49 | 7.5 | 0.01 | Jan 26, 2021 | The affected product has uncontrolled resource consumption issues, which may allow an attacker to cause a denial-of-service condition on the OPC UA Tunneller (versions prior to 6.3.0.8233). | ||
| CVE-2020-27274 | Hig | 0.49 | 7.5 | 0.01 | Jan 26, 2021 | Some parsing functions in the affected product do not check the return value of malloc and the thread handling the message is forced to close, which may lead to a denial-of-service condition on the OPC UA Tunneller (versions prior to 6.3.0.8233). | ||
| CVE-2020-13582 | Hig | 0.49 | 7.5 | 0.03 | Jan 26, 2021 | A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability. | ||
| CVE-2021-3297 | Hig | 0.52 | 7.8 | 0.21 | Jan 26, 2021 | On Zyxel NBG2105 V1.00(AAGU.2)C0 devices, setting the login cookie to 1 provides administrator access. | ||
| CVE-2021-3291 | — | Hig | 0.44 | 7.2 | 0.17 | Jan 26, 2021 | Zen Cart 1.5.7b allows admins to execute arbitrary OS commands by inspecting an HTML radio input element (within the modules edit page) and inserting a command. | |
| CVE-2021-3223 | — | Hig | 0.43 | 7.5 | 0.18 | Jan 26, 2021 | Node-RED-Dashboard before 2.26.2 allows ui_base/js/..%2f directory traversal to read files. | |
| CVE-2021-3195 | Hig | 0.49 | 7.5 | 0.01 | Jan 26, 2021 | bitcoind in Bitcoin Core through 0.21.0 can create a new file in an arbitrary directory (e.g., outside the ~/.bitcoin directory) via a dumpwallet RPC call. NOTE: this reportedly does not violate the security model of Bitcoin Core, but can violate the security model of a fork… | ||
| CVE-2021-3164 | Hig | 0.58 | 8.8 | 0.04 | Jan 26, 2021 | ChurchRota 2.6.4 is vulnerable to authenticated remote code execution. The user does not need to have file upload permission in order to upload and execute an arbitrary file via a POST request to resources.php. | ||
| CVE-2021-3115 | — | Hig | 0.49 | 7.5 | 0.07 | Jan 26, 2021 | Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the "go get" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download). | |
| CVE-2021-26267 | Hig | 0.49 | 7.5 | 0.01 | Jan 26, 2021 | cPanel before 92.0.9 allows a MySQL user (who has an old-style password hash) to bypass suspension (SEC-579). | ||
| CVE-2021-26266 | Hig | 0.49 | 7.5 | 0.01 | Jan 26, 2021 | cPanel before 92.0.9 allows a Reseller to bypass the suspension lock (SEC-578). | ||
| CVE-2021-26026 | Hig | 0.51 | 7.8 | 0.01 | Jan 26, 2021 | PlugIns\IDE_ACDStd.apl in ACDSee Professional 2021 14.0 1721 has a User Mode Write Access Violation starting at IDE_ACDStd!JPEGTransW+0x000000000000c7f4 via a crafted BMP image. | ||
| CVE-2021-26025 | Hig | 0.51 | 7.8 | 0.01 | Jan 26, 2021 | PlugIns\IDE_ACDStd.apl in ACDSee Professional 2021 14.0 1721 has a User Mode Write Access Violation starting at IDE_ACDStd!zlibVersion+0x0000000000004e5e via a crafted BMP image. | ||
| CVE-2021-25908 | — | Hig | 0.49 | 7.5 | 0.01 | Jan 26, 2021 | An issue was discovered in the fil-ocl crate through 2021-01-04 for Rust. From can lead to a double free. | |
| CVE-2021-25906 | — | Hig | 0.49 | 7.5 | 0.01 | Jan 26, 2021 | An issue was discovered in the basic_dsp_matrix crate before 0.9.2 for Rust. When a TransformContent panic occurs, a double drop can be performed. | |
| CVE-2021-25904 | — | Hig | 0.49 | 7.5 | 0.01 | Jan 26, 2021 | An issue was discovered in the av-data crate before 0.3.0 for Rust. A raw pointer is dereferenced, leading to a read of an arbitrary memory address, sometimes causing a segfault. | |
| CVE-2021-25903 | — | Hig | 0.49 | 7.5 | 0.01 | Jan 26, 2021 | An issue was discovered in the cache crate through 2021-01-01 for Rust. A raw pointer is dereferenced. | |
| CVE-2021-25902 | — | Hig | 0.00 | 7.5 | 0.01 | Jan 26, 2021 | An issue was discovered in the glsl-layout crate before 0.4.0 for Rust. When a panic occurs, map_array can perform a double drop. | |
| CVE-2021-25864 | — | Hig | 0.49 | 7.5 | 0.09 | Jan 26, 2021 | node-red-contrib-huemagic 3.0.0 is affected by hue/assets/..%2F Directory Traversal.in the res.sendFile API, used in file hue-magic.js, to fetch an arbitrary file. | |
| CVE-2021-25863 | Hig | 0.57 | 8.8 | 0.01 | Jan 26, 2021 | Open5GS 2.1.3 listens on 0.0.0.0:3000 and has a default password of 1423 for the admin account. | ||
| CVE-2021-22698 | Hig | 0.51 | 7.8 | 0.04 | Jan 26, 2021 | A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software (V2.1.13 and prior) that could allow a stack-based buffer overflow to occur which could result in remote code execution when a malicious SSD file is… |
- risk 0.00cvss 8.8epss 0.03
In OpenDoas from 6.6 to 6.8 the users PATH variable was incorrectly inherited by authenticated executions if the authenticating rule allowed the user to execute any command. Rules that only allowed to authenticated user to execute specific commands were not affected by this…
- risk 0.47cvss 7.2epss 0.02
It was found in Moodle before version 3.10.1, 3.9.4, 3.8.7 and 3.5.16 that it was possible for site administrators to execute arbitrary PHP scripts via a PHP include used during Shibboleth authentication.
- risk 0.62cvss 8.8epss 0.62
IBM QRadar SIEM 7.4.0 to 7.4.2 Patch 1 and 7.3.0 to 7.3.3 Patch 7 could allow a remote attacker to execute arbitrary commands on the system, caused by insecure deserialization of user-supplied content by the Java deserialization function. By sending a malicious serialized Java…
- risk 0.57cvss 8.8epss 0.03
A cross-site request forgery vulnerability exists in the GACL functionality of OpenEMR 5.0.2 and development version 6.0.0 (commit babec93f600ff1394f91ccd512bcad85832eb6ce). A specially crafted HTTP request can lead to the execution of arbitrary requests in the context of the…
- risk 0.57cvss 8.8epss 0.01
Cross-site request forgery (CSRF) vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
- risk 0.57cvss 8.8epss 0.02
Logstorage version 8.0.0 and earlier, and ELC Analytics version 3.0.0 and earlier allow remote attackers to execute arbitrary OS commands via a specially crafted log file.
- risk 0.49cvss 7.5epss 0.03
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.
- risk 0.51cvss 7.8epss 0.01
Multiple out-of-bounds read issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0).
- risk 0.51cvss 7.8epss 0.01
Multiple out-of-bounds write issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0).
- risk 0.51cvss 7.8epss 0.02
A heap-based buffer overflow issue has been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0).
- risk 0.51cvss 7.8epss 0.02
An uninitialized pointer issue has been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0).
- risk 0.51cvss 7.8epss 0.02
Multiple stack-based buffer overflow issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to…
- risk 0.42cvss 7.5epss 0.04
While investigating ARTEMIS-2964 it was found that the creation of advisory messages in the OpenWire protocol head of Apache ActiveMQ Artemis 2.15.0 bypassed policy based access control for the entire session. Production of advisory messages was not subject to access control in…
- risk 0.43cvss 7.5epss 0.11
The optional ActiveMQ LDAP login module can be configured to use anonymous access to the LDAP server. In this case, for Apache ActiveMQ Artemis prior to version 2.16.0 and Apache ActiveMQ prior to versions 5.16.1 and 5.15.14, the anonymous context is used to verify a valid users…
- risk 0.51cvss 7.8epss 0.01
A DLL hijacking vulnerability Trend Micro HouseCall for Home Networks version 5.3.1063 and below could allow an attacker to use a malicious DLL to escalate privileges and perform arbitrary code execution. An attacker must already have user privileges on the machine to exploit…
- risk 0.47cvss 7.2epss 0.01
In Spring Cloud Data Flow, versions 2.6.x prior to 2.6.5, versions 2.5.x prior 2.5.4, an application is vulnerable to SQL injection when requesting task execution.
- risk 0.57cvss 8.8epss 0.02
IBM Security Guardium 11.2 could allow an authenticated user to gain root access due to improper access control. IBM X-Force ID: 192028.
- risk 0.57cvss 8.8epss 0.01
HTCondor before 8.9.11 allows a user to submit a job as another user on the system, because of a flaw in the IDTOKENS authentication method.
- risk 0.49cvss 7.5epss 0.01
dmin/kernel/api/login.class.phpin in nibbleblog v3.7.1c allows type juggling for login bypass because == is used instead of === for password hashes, which mishandles hashes that begin with 0e followed by exclusively numerical characters.
- risk 0.49cvss 7.5epss 0.01
** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Codiad 2.8.4 /componetns/user/class.user.php:Authenticate() is vulnerable in magic hash authentication bypass. If encrypted or hash value for the passwords form certain formats of magic hash, e.g, 0e123, another hash value 0e234…
- risk 0.00cvss 7.5epss 0.01
Z-BlogPHP 1.6.0 Valyria is affected by incorrect access control. PHP loose comparison and a magic hash can be used to bypass authentication. zb_user/plugin/passwordvisit/include.php:passwordvisit_input_password() uses loose comparison to authenticate, which can be bypassed via…
- risk 0.64cvss 8.8epss 0.41
KLog Server through 2.4.1 allows authenticated command injection. async.php calls shell_exec() on the original value of the source parameter.
- risk 0.57cvss 8.8epss 0.02
SmartAgent 3.1.0 allows a ViewOnly attacker to create a SuperUser account via the /#/CampaignManager/users URI.
- risk 0.46cvss 7.1epss 0.00
NVIDIA Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano and Nano 2GB, L4T versions prior to 32.5, contains a vulnerability in the apply_binaries.sh script used to install NVIDIA components into the root file system image, in which improper access control is applied,…
- risk 0.49cvss 7.5epss 0.01
A SSRF vulnerability exists in Winmail 6.5 in app.php in the key parameter when HTTPS is on. An attacker can use this vulnerability to cause the server to send a request to a specific URL. An attacker can modify the request header 'HOST' value to cause the server to send the…
- risk 0.00cvss 8.1epss 0.02
packages/wekan-ldap/server/ldap.js in Wekan before 4.87 can process connections even though they are not authorized by the Certification Authority trust store,
- risk 0.67cvss 7.8epss 0.99
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
- risk 0.49cvss 8.6epss 0.02
RSSHub is an open source, easy to use, and extensible RSS feed generator. In RSSHub before version 7f1c430 (non-semantic versioning) there is a risk of code injection. Some routes use `eval` or `Function constructor`, which may be injected by the target site with unsafe code,…
- risk 0.51cvss 7.8epss 0.00
Insider Threat Management Windows Agent Local Privilege Escalation Vulnerability The Proofpoint Insider Threat Management (formerly ObserveIT) Agent for Windows before 7.4.3, 7.5.4, 7.6.5, 7.7.5, 7.8.4, 7.9.3, 7.10.2, and 7.11.0.25 as well as versions 7.3 and earlier is missing…
- risk 0.49cvss 7.5epss 0.01
The affected product has uncontrolled resource consumption issues, which may allow an attacker to cause a denial-of-service condition on the OPC UA Tunneller (versions prior to 6.3.0.8233).
- risk 0.49cvss 7.5epss 0.01
Some parsing functions in the affected product do not check the return value of malloc and the thread handling the message is forced to close, which may lead to a denial-of-service condition on the OPC UA Tunneller (versions prior to 6.3.0.8233).
- risk 0.49cvss 7.5epss 0.03
A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.
- risk 0.52cvss 7.8epss 0.21
On Zyxel NBG2105 V1.00(AAGU.2)C0 devices, setting the login cookie to 1 provides administrator access.
- risk 0.44cvss 7.2epss 0.17
Zen Cart 1.5.7b allows admins to execute arbitrary OS commands by inspecting an HTML radio input element (within the modules edit page) and inserting a command.
- risk 0.43cvss 7.5epss 0.18
Node-RED-Dashboard before 2.26.2 allows ui_base/js/..%2f directory traversal to read files.
- risk 0.49cvss 7.5epss 0.01
bitcoind in Bitcoin Core through 0.21.0 can create a new file in an arbitrary directory (e.g., outside the ~/.bitcoin directory) via a dumpwallet RPC call. NOTE: this reportedly does not violate the security model of Bitcoin Core, but can violate the security model of a fork…
- risk 0.58cvss 8.8epss 0.04
ChurchRota 2.6.4 is vulnerable to authenticated remote code execution. The user does not need to have file upload permission in order to upload and execute an arbitrary file via a POST request to resources.php.
- risk 0.49cvss 7.5epss 0.07
Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the "go get" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).
- risk 0.49cvss 7.5epss 0.01
cPanel before 92.0.9 allows a MySQL user (who has an old-style password hash) to bypass suspension (SEC-579).
- risk 0.49cvss 7.5epss 0.01
cPanel before 92.0.9 allows a Reseller to bypass the suspension lock (SEC-578).
- risk 0.51cvss 7.8epss 0.01
PlugIns\IDE_ACDStd.apl in ACDSee Professional 2021 14.0 1721 has a User Mode Write Access Violation starting at IDE_ACDStd!JPEGTransW+0x000000000000c7f4 via a crafted BMP image.
- risk 0.51cvss 7.8epss 0.01
PlugIns\IDE_ACDStd.apl in ACDSee Professional 2021 14.0 1721 has a User Mode Write Access Violation starting at IDE_ACDStd!zlibVersion+0x0000000000004e5e via a crafted BMP image.
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in the fil-ocl crate through 2021-01-04 for Rust. From can lead to a double free.
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in the basic_dsp_matrix crate before 0.9.2 for Rust. When a TransformContent panic occurs, a double drop can be performed.
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in the av-data crate before 0.3.0 for Rust. A raw pointer is dereferenced, leading to a read of an arbitrary memory address, sometimes causing a segfault.
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in the cache crate through 2021-01-01 for Rust. A raw pointer is dereferenced.
- risk 0.00cvss 7.5epss 0.01
An issue was discovered in the glsl-layout crate before 0.4.0 for Rust. When a panic occurs, map_array can perform a double drop.
- risk 0.49cvss 7.5epss 0.09
node-red-contrib-huemagic 3.0.0 is affected by hue/assets/..%2F Directory Traversal.in the res.sendFile API, used in file hue-magic.js, to fetch an arbitrary file.
- risk 0.57cvss 8.8epss 0.01
Open5GS 2.1.3 listens on 0.0.0.0:3000 and has a default password of 1423 for the admin account.
- risk 0.51cvss 7.8epss 0.04
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software (V2.1.13 and prior) that could allow a stack-based buffer overflow to occur which could result in remote code execution when a malicious SSD file is…