| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-20837 | Cri | 0.74 | 9.8 | 0.88 | Oct 26, 2021 | Movable Type 7 r.5002 and earlier (Movable Type 7 Series), Movable Type 6.8.2 and earlier (Movable Type 6 Series), Movable Type Advanced 7 r.5002 and earlier (Movable Type Advanced 7 Series), Movable Type Advanced 6.8.2 and earlier (Movable Type Advanced 6 Series), Movable Type… | ||
| CVE-2021-41035 | Cri | 0.00 | 9.8 | 0.02 | Oct 25, 2021 | In Eclipse Openj9 before version 0.29.0, the JVM does not throw IllegalAccessError for MethodHandles that invoke inaccessible interface methods. | ||
| CVE-2021-24884 | Cri | 0.00 | 9.6 | 0.03 | Oct 25, 2021 | The Formidable Form Builder WordPress plugin before 4.09.05 allows to inject certain HTML Tags like ,,, and.This could allow an unauthenticated, remote attacker to exploit a HTML-injection byinjecting a malicous link. The HTML-injection may trick… | ||
| CVE-2021-40865 | Cri | 0.69 | 9.8 | 0.66 | Oct 25, 2021 | An Unsafe Deserialization vulnerability exists in the worker services of the Apache Storm supervisor server allowing pre-auth Remote Code Execution (RCE). Apache Storm 2.2.x users should upgrade to version 2.2.1 or 2.3.0. Apache Storm 2.1.x users should upgrade to version 2.1.1.… | ||
| CVE-2021-38294 | Cri | 0.73 | 9.8 | 0.84 | Oct 25, 2021 | A Command Injection vulnerability exists in the getTopologyHistory service of the Apache Storm 2.x prior to 2.2.1 and Apache Storm 1.x prior to 1.2.4. A specially crafted thrift request to the Nimbus server allows Remote Code Execution (RCE) prior to authentication. | ||
| CVE-2021-40371 | Cri | 0.64 | 9.8 | 0.07 | Oct 25, 2021 | Gridpro Request Management for Windows Azure Pack before 2.0.7912 allows Directory Traversal for remote code execution, as demonstrated by ..\\ in a scriptName JSON value to ServiceManagerTenant/GetVisibilityMap. | ||
| CVE-2021-42258 | Cri | 0.91 | 9.8 | 0.73 | KEV | Oct 22, 2021 | BQE BillQuick Web Suite 2018 through 2021 before 22.0.9.1 allows SQL injection for unauthenticated remote code execution, as exploited in the wild in October 2021 for ransomware installation. SQL injection can, for example, use the txtID (aka username) parameter. Successful… | |
| CVE-2020-28960 | Cri | 0.64 | 9.8 | 0.02 | Oct 22, 2021 | Chichen Tech CMS v1.0 was discovered to contain multiple SQL injection vulnerabilities in the file product_list.php via the id and cid parameters. | ||
| CVE-2020-23037 | Cri | 0.64 | 9.8 | 0.01 | Oct 22, 2021 | Portable Ltd Playable v9.18 contains a code injection vulnerability in the filename parameter, which allows attackers to execute arbitrary web scripts or HTML via a crafted POST request. | ||
| CVE-2021-42169 | Cri | 0.64 | 9.8 | 0.03 | Oct 22, 2021 | The Simple Payroll System with Dynamic Tax Bracket in PHP using SQLite Free Source Code (by: oretnom23 ) is vulnerable from remote SQL-Injection-Bypass-Authentication for the admin account. The parameter (username) from the login form is not protected correctly and there is no… | ||
| CVE-2021-41745 | — | Cri | 0.57 | 9.8 | 0.01 | Oct 22, 2021 | ShowDoc 2.8.3 ihas a file upload vulnerability, where attackers can use the vulnerability to obtain server permissions. | |
| CVE-2021-41744 | Cri | 0.64 | 9.8 | 0.02 | Oct 22, 2021 | All versions of yongyou PLM are affected by a command injection issue. UFIDA PLM (Product Life Cycle Management) is a strategic management method. It applies a series of enterprise application systems to support the entire process from conceptual design to the end of product… | ||
| CVE-2021-38477 | Cri | 0.64 | 9.8 | 0.01 | Oct 22, 2021 | There are multiple API function codes that permit reading and writing data to or from files and directories, which could lead to the manipulation and/or the deletion of files. | ||
| CVE-2021-38471 | Cri | 0.59 | 9.1 | 0.01 | Oct 22, 2021 | There are multiple API function codes that permit data writing to any file, which may allow an attacker to modify existing files or create new files. | ||
| CVE-2021-38469 | Cri | 0.59 | 9.1 | 0.01 | Oct 22, 2021 | Many of the services used by the affected product do not specify full paths for the DLLs they are loading. An attacker can exploit the uncontrolled search path by implanting their own DLL near the affected product’s binaries, thus hijacking the loaded DLL. | ||
| CVE-2021-38457 | Cri | 0.64 | 9.8 | 0.01 | Oct 22, 2021 | The server permits communication without any authentication procedure, allowing the attacker to initiate a session with the server without providing any form of authentication. | ||
| CVE-2021-38453 | Cri | 0.59 | 9.1 | 0.01 | Oct 22, 2021 | Some API functions allow interaction with the registry, which includes reading values as well as data modification. | ||
| CVE-2021-38449 | Cri | 0.64 | 9.8 | 0.01 | Oct 22, 2021 | Some API functions permit by-design writing or copying data into a given buffer. Since the client controls these parameters, an attacker could rewrite the memory in any location of the affected product. | ||
| CVE-2021-36357 | Cri | 0.00 | 9.8 | 0.01 | Oct 22, 2021 | An issue was discovered in OpenPOWER 2.6 firmware. unpack_timestamp() calls le32_to_cpu() for endian conversion of a uint16_t "year" value, resulting in a type mismatch that can truncate a higher integer value to a smaller one, and bypass a timestamp check. The fix is to use the… | ||
| CVE-2021-40719 | Cri | 0.64 | 9.8 | 0.03 | Oct 21, 2021 | Adobe Connect version 11.2.3 (and earlier) is affected by a Deserialization of Untrusted Data vulnerability to achieve arbitrary method invocation when AMF messages are deserialized on an Adobe Connect server. An attacker can leverage this to execute remote code execution on the… | ||
| CVE-2020-27304 | Cri | 0.64 | 9.8 | 0.03 | Oct 21, 2021 | The CivetWeb web library does not validate uploaded filepaths when running on an OS other than Windows, when using the built-in HTTP form-based file upload mechanism, via the mg_handle_form_request API. Web applications that use the file upload form handler, and use parts of the… | ||
| CVE-2021-42740 | — | Cri | 0.57 | 9.8 | 0.04 | Oct 21, 2021 | The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command… | |
| CVE-2021-41163 | Cri | 0.02 | 10.0 | 0.20 | Oct 20, 2021 | Discourse is an open source platform for community discussion. In affected versions maliciously crafted requests could lead to remote code execution. This resulted from a lack of validation in subscribe_url values. This issue is patched in the latest stable, beta and… | ||
| CVE-2021-42766 | Cri | 0.59 | 9.1 | 0.01 | Oct 20, 2021 | The Proof-of-Stake (PoS) Ethereum consensus protocol through 2021-10-19 allows an adversary to cause a denial of service (long-range consensus chain reorganizations), even when this adversary has little stake and cannot influence network message propagation. This can cause a… | ||
| CVE-2021-42764 | Cri | 0.59 | 9.1 | 0.01 | Oct 20, 2021 | The Proof-of-Stake (PoS) Ethereum consensus protocol through 2021-10-19 allows an adversary to cause a denial of service (delayed consensus decisions), and also increase the profits of individual validators, via short-range reorganizations of the underlying consensus chain. | ||
| CVE-2021-21749 | Cri | 0.64 | 9.8 | 0.02 | Oct 20, 2021 | ZTE MF971R product has two stack-based buffer overflow vulnerabilities. An attacker could exploit the vulnerabilities to execute arbitrary code. | ||
| CVE-2021-21748 | Cri | 0.64 | 9.8 | 0.02 | Oct 20, 2021 | ZTE MF971R product has two stack-based buffer overflow vulnerabilities. An attacker could exploit the vulnerabilities to execute arbitrary code. | ||
| CVE-2021-35652 | Cri | 0.65 | 10.0 | 0.02 | Oct 20, 2021 | Vulnerability in the Essbase Administration Services product of Oracle Essbase (component: EAS Console). The supported versions that are affected are Prior to 11.1.2.4.046 and Prior to 21.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via… | ||
| CVE-2021-35617 | Cri | 0.64 | 9.8 | 0.02 | Oct 20, 2021 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Coherence Container). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with… | ||
| CVE-2021-31349 | Cri | 0.64 | 9.8 | 0.02 | Oct 19, 2021 | The usage of an internal HTTP header created an authentication bypass vulnerability (CWE-287), allowing an attacker to view internal files, change settings, manipulate services and execute arbitrary code. This issue affects all Juniper Networks 128 Technology Session Smart… | ||
| CVE-2020-12141 | Cri | 0.00 | 9.1 | 0.02 | Oct 19, 2021 | An out-of-bounds read in the SNMP stack in Contiki-NG 4.4 and earlier allows an attacker to cause a denial of service and potentially disclose information via crafted SNMP packets to snmp_ber_decode_string_len_buffer in os/net/app-layer/snmp/snmp-ber.c. | ||
| CVE-2021-30820 | Cri | 0.64 | 9.8 | 0.02 | Oct 19, 2021 | A logic issue was addressed with improved state management. This issue is fixed in iOS 14.8 and iPadOS 14.8. A remote attacker may be able to cause arbitrary code execution. | ||
| CVE-2021-38484 | Cri | 0.59 | 9.1 | 0.03 | Oct 19, 2021 | InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 do not have a filter or signature check to detect or prevent an upload of malicious files to the server, which may allow an attacker, acting as an administrator, to upload malicious files. This could result in… | ||
| CVE-2021-38480 | Cri | 0.62 | 9.6 | 0.01 | Oct 19, 2021 | InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 are vulnerable to cross-site request forgery when unauthorized commands are submitted from a user the web application trusts. This may allow an attacker to remotely perform actions on the router’s management… | ||
| CVE-2021-38478 | Cri | 0.59 | 9.1 | 0.01 | Oct 19, 2021 | InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 are vulnerable to an attacker using a traceroute tool to inject commands into the device. This may allow the attacker to remotely run commands on behalf of the device. | ||
| CVE-2021-38470 | Cri | 0.59 | 9.1 | 0.01 | Oct 19, 2021 | InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 are vulnerable to an attacker using a ping tool to inject commands into the device. This may allow the attacker to remotely run commands on behalf of the device. | ||
| CVE-2021-38462 | Cri | 0.64 | 9.8 | 0.01 | Oct 19, 2021 | InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 does not enforce an efficient password policy. This may allow an attacker with obtained user credentials to enumerate passwords and impersonate other application users and perform operations on their behalf. | ||
| CVE-2021-23449 | Cri | 0.57 | 9.8 | 0.03 | Oct 18, 2021 | This affects the package vm2 before 3.9.4 via a Prototype Pollution attack vector, which can lead to execution of arbitrary code on the host machine. | ||
| CVE-2021-42576 | — | Cri | 0.57 | 9.8 | 0.02 | Oct 18, 2021 | The bluemonday sanitizer before 1.0.16 for Go, and before 0.0.8 for Python (in pybluemonday), does not properly enforce policies associated with the SELECT, STYLE, and OPTION elements. | |
| CVE-2021-42575 | — | Cri | 0.64 | 9.8 | 0.03 | Oct 18, 2021 | The OWASP Java HTML Sanitizer before 20211018.1 does not properly enforce policies associated with the SELECT, STYLE, and OPTION elements. | |
| CVE-2021-38389 | Cri | 0.65 | 9.8 | 0.10 | Oct 18, 2021 | Advantech WebAccess versions 9.02 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code. | ||
| CVE-2021-33023 | Cri | 0.64 | 9.8 | 0.02 | Oct 18, 2021 | Advantech WebAccess versions 9.02 and prior are vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execute code. | ||
| CVE-2021-22961 | Cri | 0.64 | 9.8 | 0.02 | Oct 18, 2021 | A code injection vulnerability exists within the firewall software of GlassWire v2.1.167 that could lead to arbitrary code execution from a file in the user path on first execution. | ||
| CVE-2021-38297 | — | Cri | 0.65 | 9.8 | 0.10 | Oct 18, 2021 | Go before 1.16.9 and 1.17.x before 1.17.2 has a Buffer Overflow via large arguments in a function invocation from a WASM module, when GOARCH=wasm GOOS=js is used. | |
| CVE-2021-27561 | Cri | 0.82 | 9.8 | 0.83 | KEV | Oct 15, 2021 | Yealink Device Management (DM) 3.6.0.20 allows command injection as root via the /sm/api/v1/firewall/zone/services URI, without authentication. | |
| CVE-2021-40997 | Cri | 0.64 | 9.8 | 0.02 | Oct 15, 2021 | A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has… | ||
| CVE-2021-40996 | Cri | 0.64 | 9.8 | 0.02 | Oct 15, 2021 | A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has… | ||
| CVE-2021-40720 | Cri | 0.64 | 9.8 | 0.09 | Oct 15, 2021 | Ops CLI version 2.0.4 (and earlier) is affected by a Deserialization of Untrusted Data vulnerability to achieve arbitrary code execution when the checkout_repo function is called on a maliciously crafted file. An attacker can leverage this to execute arbitrary code on the victim… | ||
| CVE-2021-38432 | Cri | 0.64 | 9.8 | 0.02 | Oct 15, 2021 | FATEK Automation Communication Server Versions 1.13 and prior lacks proper validation of user-supplied data, which could result in a stack-based buffer overflow condition and allow an attacker to remotely execute code. | ||
| CVE-2021-3881 | Cri | 0.00 | 9.8 | 0.01 | Oct 15, 2021 | libmobi is vulnerable to Out-of-bounds Read |
- risk 0.74cvss 9.8epss 0.88
Movable Type 7 r.5002 and earlier (Movable Type 7 Series), Movable Type 6.8.2 and earlier (Movable Type 6 Series), Movable Type Advanced 7 r.5002 and earlier (Movable Type Advanced 7 Series), Movable Type Advanced 6.8.2 and earlier (Movable Type Advanced 6 Series), Movable Type…
- risk 0.00cvss 9.8epss 0.02
In Eclipse Openj9 before version 0.29.0, the JVM does not throw IllegalAccessError for MethodHandles that invoke inaccessible interface methods.
- risk 0.00cvss 9.6epss 0.03
The Formidable Form Builder WordPress plugin before 4.09.05 allows to inject certain HTML Tags like ,,, and.This could allow an unauthenticated, remote attacker to exploit a HTML-injection byinjecting a malicous link. The HTML-injection may trick…
- risk 0.69cvss 9.8epss 0.66
An Unsafe Deserialization vulnerability exists in the worker services of the Apache Storm supervisor server allowing pre-auth Remote Code Execution (RCE). Apache Storm 2.2.x users should upgrade to version 2.2.1 or 2.3.0. Apache Storm 2.1.x users should upgrade to version 2.1.1.…
- risk 0.73cvss 9.8epss 0.84
A Command Injection vulnerability exists in the getTopologyHistory service of the Apache Storm 2.x prior to 2.2.1 and Apache Storm 1.x prior to 1.2.4. A specially crafted thrift request to the Nimbus server allows Remote Code Execution (RCE) prior to authentication.
- risk 0.64cvss 9.8epss 0.07
Gridpro Request Management for Windows Azure Pack before 2.0.7912 allows Directory Traversal for remote code execution, as demonstrated by ..\\ in a scriptName JSON value to ServiceManagerTenant/GetVisibilityMap.
- risk 0.91cvss 9.8epss 0.73
BQE BillQuick Web Suite 2018 through 2021 before 22.0.9.1 allows SQL injection for unauthenticated remote code execution, as exploited in the wild in October 2021 for ransomware installation. SQL injection can, for example, use the txtID (aka username) parameter. Successful…
- risk 0.64cvss 9.8epss 0.02
Chichen Tech CMS v1.0 was discovered to contain multiple SQL injection vulnerabilities in the file product_list.php via the id and cid parameters.
- risk 0.64cvss 9.8epss 0.01
Portable Ltd Playable v9.18 contains a code injection vulnerability in the filename parameter, which allows attackers to execute arbitrary web scripts or HTML via a crafted POST request.
- risk 0.64cvss 9.8epss 0.03
The Simple Payroll System with Dynamic Tax Bracket in PHP using SQLite Free Source Code (by: oretnom23 ) is vulnerable from remote SQL-Injection-Bypass-Authentication for the admin account. The parameter (username) from the login form is not protected correctly and there is no…
- risk 0.57cvss 9.8epss 0.01
ShowDoc 2.8.3 ihas a file upload vulnerability, where attackers can use the vulnerability to obtain server permissions.
- risk 0.64cvss 9.8epss 0.02
All versions of yongyou PLM are affected by a command injection issue. UFIDA PLM (Product Life Cycle Management) is a strategic management method. It applies a series of enterprise application systems to support the entire process from conceptual design to the end of product…
- risk 0.64cvss 9.8epss 0.01
There are multiple API function codes that permit reading and writing data to or from files and directories, which could lead to the manipulation and/or the deletion of files.
- risk 0.59cvss 9.1epss 0.01
There are multiple API function codes that permit data writing to any file, which may allow an attacker to modify existing files or create new files.
- risk 0.59cvss 9.1epss 0.01
Many of the services used by the affected product do not specify full paths for the DLLs they are loading. An attacker can exploit the uncontrolled search path by implanting their own DLL near the affected product’s binaries, thus hijacking the loaded DLL.
- risk 0.64cvss 9.8epss 0.01
The server permits communication without any authentication procedure, allowing the attacker to initiate a session with the server without providing any form of authentication.
- risk 0.59cvss 9.1epss 0.01
Some API functions allow interaction with the registry, which includes reading values as well as data modification.
- risk 0.64cvss 9.8epss 0.01
Some API functions permit by-design writing or copying data into a given buffer. Since the client controls these parameters, an attacker could rewrite the memory in any location of the affected product.
- risk 0.00cvss 9.8epss 0.01
An issue was discovered in OpenPOWER 2.6 firmware. unpack_timestamp() calls le32_to_cpu() for endian conversion of a uint16_t "year" value, resulting in a type mismatch that can truncate a higher integer value to a smaller one, and bypass a timestamp check. The fix is to use the…
- risk 0.64cvss 9.8epss 0.03
Adobe Connect version 11.2.3 (and earlier) is affected by a Deserialization of Untrusted Data vulnerability to achieve arbitrary method invocation when AMF messages are deserialized on an Adobe Connect server. An attacker can leverage this to execute remote code execution on the…
- risk 0.64cvss 9.8epss 0.03
The CivetWeb web library does not validate uploaded filepaths when running on an OS other than Windows, when using the built-in HTTP form-based file upload mechanism, via the mg_handle_form_request API. Web applications that use the file upload form handler, and use parts of the…
- risk 0.57cvss 9.8epss 0.04
The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command…
- risk 0.02cvss 10.0epss 0.20
Discourse is an open source platform for community discussion. In affected versions maliciously crafted requests could lead to remote code execution. This resulted from a lack of validation in subscribe_url values. This issue is patched in the latest stable, beta and…
- risk 0.59cvss 9.1epss 0.01
The Proof-of-Stake (PoS) Ethereum consensus protocol through 2021-10-19 allows an adversary to cause a denial of service (long-range consensus chain reorganizations), even when this adversary has little stake and cannot influence network message propagation. This can cause a…
- risk 0.59cvss 9.1epss 0.01
The Proof-of-Stake (PoS) Ethereum consensus protocol through 2021-10-19 allows an adversary to cause a denial of service (delayed consensus decisions), and also increase the profits of individual validators, via short-range reorganizations of the underlying consensus chain.
- risk 0.64cvss 9.8epss 0.02
ZTE MF971R product has two stack-based buffer overflow vulnerabilities. An attacker could exploit the vulnerabilities to execute arbitrary code.
- risk 0.64cvss 9.8epss 0.02
ZTE MF971R product has two stack-based buffer overflow vulnerabilities. An attacker could exploit the vulnerabilities to execute arbitrary code.
- risk 0.65cvss 10.0epss 0.02
Vulnerability in the Essbase Administration Services product of Oracle Essbase (component: EAS Console). The supported versions that are affected are Prior to 11.1.2.4.046 and Prior to 21.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via…
- risk 0.64cvss 9.8epss 0.02
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Coherence Container). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with…
- risk 0.64cvss 9.8epss 0.02
The usage of an internal HTTP header created an authentication bypass vulnerability (CWE-287), allowing an attacker to view internal files, change settings, manipulate services and execute arbitrary code. This issue affects all Juniper Networks 128 Technology Session Smart…
- risk 0.00cvss 9.1epss 0.02
An out-of-bounds read in the SNMP stack in Contiki-NG 4.4 and earlier allows an attacker to cause a denial of service and potentially disclose information via crafted SNMP packets to snmp_ber_decode_string_len_buffer in os/net/app-layer/snmp/snmp-ber.c.
- risk 0.64cvss 9.8epss 0.02
A logic issue was addressed with improved state management. This issue is fixed in iOS 14.8 and iPadOS 14.8. A remote attacker may be able to cause arbitrary code execution.
- risk 0.59cvss 9.1epss 0.03
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 do not have a filter or signature check to detect or prevent an upload of malicious files to the server, which may allow an attacker, acting as an administrator, to upload malicious files. This could result in…
- risk 0.62cvss 9.6epss 0.01
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 are vulnerable to cross-site request forgery when unauthorized commands are submitted from a user the web application trusts. This may allow an attacker to remotely perform actions on the router’s management…
- risk 0.59cvss 9.1epss 0.01
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 are vulnerable to an attacker using a traceroute tool to inject commands into the device. This may allow the attacker to remotely run commands on behalf of the device.
- risk 0.59cvss 9.1epss 0.01
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 are vulnerable to an attacker using a ping tool to inject commands into the device. This may allow the attacker to remotely run commands on behalf of the device.
- risk 0.64cvss 9.8epss 0.01
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 does not enforce an efficient password policy. This may allow an attacker with obtained user credentials to enumerate passwords and impersonate other application users and perform operations on their behalf.
- risk 0.57cvss 9.8epss 0.03
This affects the package vm2 before 3.9.4 via a Prototype Pollution attack vector, which can lead to execution of arbitrary code on the host machine.
- risk 0.57cvss 9.8epss 0.02
The bluemonday sanitizer before 1.0.16 for Go, and before 0.0.8 for Python (in pybluemonday), does not properly enforce policies associated with the SELECT, STYLE, and OPTION elements.
- risk 0.64cvss 9.8epss 0.03
The OWASP Java HTML Sanitizer before 20211018.1 does not properly enforce policies associated with the SELECT, STYLE, and OPTION elements.
- risk 0.65cvss 9.8epss 0.10
Advantech WebAccess versions 9.02 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code.
- risk 0.64cvss 9.8epss 0.02
Advantech WebAccess versions 9.02 and prior are vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execute code.
- risk 0.64cvss 9.8epss 0.02
A code injection vulnerability exists within the firewall software of GlassWire v2.1.167 that could lead to arbitrary code execution from a file in the user path on first execution.
- risk 0.65cvss 9.8epss 0.10
Go before 1.16.9 and 1.17.x before 1.17.2 has a Buffer Overflow via large arguments in a function invocation from a WASM module, when GOARCH=wasm GOOS=js is used.
- risk 0.82cvss 9.8epss 0.83
Yealink Device Management (DM) 3.6.0.20 allows command injection as root via the /sm/api/v1/firewall/zone/services URI, without authentication.
- risk 0.64cvss 9.8epss 0.02
A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has…
- risk 0.64cvss 9.8epss 0.02
A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has…
- risk 0.64cvss 9.8epss 0.09
Ops CLI version 2.0.4 (and earlier) is affected by a Deserialization of Untrusted Data vulnerability to achieve arbitrary code execution when the checkout_repo function is called on a maliciously crafted file. An attacker can leverage this to execute arbitrary code on the victim…
- risk 0.64cvss 9.8epss 0.02
FATEK Automation Communication Server Versions 1.13 and prior lacks proper validation of user-supplied data, which could result in a stack-based buffer overflow condition and allow an attacker to remotely execute code.
- risk 0.00cvss 9.8epss 0.01
libmobi is vulnerable to Out-of-bounds Read