| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-1933 | Cri | 0.64 | 9.8 | 0.01 | Sep 9, 2021 | UE assertion is possible due to improper validation of invite message with SDP body in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables | ||
| CVE-2021-32835 | Cri | 0.65 | 9.9 | 0.05 | Sep 9, 2021 | Eclipse Keti is a service that was designed to protect RESTfuls API using Attribute Based Access Control (ABAC). In Keti a sandbox escape vulnerability may lead to post-authentication Remote Code execution. This vulnerability is known to exist in the latest commit at the time of… | ||
| CVE-2021-40818 | Cri | 0.00 | 9.8 | 0.01 | Sep 8, 2021 | scheme/webauthn.c in Glewlwyd SSO server through 2.5.3 has a buffer overflow during FIDO2 signature validation in webauthn registration. | ||
| CVE-2021-40814 | Cri | 0.64 | 9.8 | 0.01 | Sep 8, 2021 | The Customer Photo Gallery addon before 2.9.4 for PrestaShop is vulnerable to SQL injection. | ||
| CVE-2021-36440 | — | Cri | 0.57 | 9.8 | 0.05 | Sep 8, 2021 | Unrestricted File Upload in ShowDoc v2.9.5 allows remote attackers to execute arbitrary code via the 'file_url' parameter in the component AdminUpdateController.class.php'. | |
| CVE-2020-26772 | Cri | 0.64 | 9.8 | 0.04 | Sep 8, 2021 | Command Injection in PPGo_Jobs v2.8.0 allows remote attackers to execute arbitrary code via the 'AjaxRun()' function. | ||
| CVE-2020-19138 | Cri | 0.64 | 9.8 | 0.06 | Sep 8, 2021 | Unrestricted Upload of File with Dangerous Type in DotCMS v5.2.3 and earlier allow remote attackers to execute arbitrary code via the component "/src/main/java/com/dotmarketing/filters/CMSFilter.java". | ||
| CVE-2020-24672 | Cri | 0.64 | 9.8 | 0.01 | Sep 8, 2021 | A vulnerability in Base Software for SoftControl allows an attacker to insert and run arbitrary code in a computer running the affected product. This issue affects: . | ||
| CVE-2021-30690 | Cri | 0.64 | 9.8 | 0.01 | Sep 8, 2021 | Multiple issues in apache were addressed by updating apache to version 2.4.46. This issue is fixed in Security Update 2021-004 Mojave. Multiple issues in apache. | ||
| CVE-2021-30678 | Cri | 0.64 | 9.8 | 0.03 | Sep 8, 2021 | A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. | ||
| CVE-2021-30655 | Cri | 0.64 | 9.8 | 0.02 | Sep 8, 2021 | An application may be able to execute arbitrary code with system privileges. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina. The issue was addressed with improved permissions logic. | ||
| CVE-2021-1882 | Cri | 0.64 | 9.8 | 0.02 | Sep 8, 2021 | A memory corruption issue was addressed with improved validation. This issue is fixed in Security Update 2021-002 Catalina, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. An application may be able to gain elevated privileges. | ||
| CVE-2021-1864 | Cri | 0.64 | 9.8 | 0.02 | Sep 8, 2021 | A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. An attacker with JavaScript execution may be able to execute arbitrary code. | ||
| CVE-2021-1834 | Cri | 0.64 | 9.8 | 0.03 | Sep 8, 2021 | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. A malicious application may be able to execute arbitrary code with kernel privileges. | ||
| CVE-2021-1829 | Cri | 0.64 | 9.8 | 0.02 | Sep 8, 2021 | A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.3. An application may be able to execute arbitrary code with kernel privileges. | ||
| CVE-2021-1770 | Cri | 0.64 | 9.8 | 0.03 | Sep 8, 2021 | A buffer overflow may result in arbitrary code execution. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. A logic issue was addressed with improved state management. | ||
| CVE-2021-30805 | Cri | 0.64 | 9.8 | 0.03 | Sep 8, 2021 | A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. An application may be able to execute arbitrary code with kernel privileges. | ||
| CVE-2021-30793 | Cri | 0.64 | 9.8 | 0.03 | Sep 8, 2021 | A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. An application may be able to execute arbitrary code with kernel privileges. | ||
| CVE-2021-1972 | Cri | 0.64 | 9.8 | 0.01 | Sep 8, 2021 | Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables,… | ||
| CVE-2021-1920 | Cri | 0.64 | 9.8 | 0.01 | Sep 8, 2021 | Integer underflow can occur due to improper handling of incoming RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables | ||
| CVE-2021-1919 | Cri | 0.64 | 9.8 | 0.01 | Sep 8, 2021 | Integer underflow can occur when the RTCP length is lesser than than the actual blocks present in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables | ||
| CVE-2021-1916 | Cri | 0.64 | 9.8 | 0.01 | Sep 8, 2021 | Possible buffer underflow due to lack of check for negative indices values when processing user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music,… | ||
| CVE-2020-11301 | Cri | 0.60 | 9.1 | 0.11 | Sep 8, 2021 | Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial… | ||
| CVE-2020-11264 | Cri | 0.60 | 9.1 | 0.13 | Sep 8, 2021 | Improper authentication of Non-EAPOL/WAPI plaintext frames during four-way handshake can lead to arbitrary network packet injection in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon… | ||
| CVE-2020-19853 | Cri | 0.64 | 9.8 | 0.01 | Sep 8, 2021 | BlueCMS v1.6 contains a SQL injection vulnerability via /ad_js.php. | ||
| CVE-2021-32802 | Cri | 0.61 | 9.3 | 0.03 | Sep 7, 2021 | Nextcloud server is an open source, self hosted personal cloud. Nextcloud supports rendering image previews for user provided file content. For some image types, the Nextcloud server was invoking a third-party library that wasn't suited for untrusted user-supplied content. There… | ||
| CVE-2021-39497 | Cri | 0.64 | 9.8 | 0.02 | Sep 7, 2021 | eyoucms 1.5.4 lacks sanitization of input data, allowing an attacker to inject a url to trigger blind SSRF via the saveRemote() function. | ||
| CVE-2021-35946 | Cri | 0.64 | 9.8 | 0.01 | Sep 7, 2021 | A receiver of a federated share with access to the database with ownCloud version before 10.8 could update the permissions and therefore elevate their own permissions. | ||
| CVE-2020-19751 | Cri | 0.59 | 9.1 | 0.01 | Sep 7, 2021 | An issue was discovered in gpac 0.8.0. The gf_odf_del_ipmp_tool function in odf_code.c has a heap-based buffer over-read. | ||
| CVE-2021-39199 | Cri | 0.58 | 10.0 | 0.01 | Sep 7, 2021 | remark-html is an open source nodejs library which compiles Markdown to HTML. In affected versions the documentation of remark-html has mentioned that it was safe by default. In practice the default was never safe and had to be opted into. That is, user input was not sanitized.… | ||
| CVE-2021-40539 | Cri | 0.93 | 9.8 | 0.99 | KEV | Sep 7, 2021 | Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API authentication bypass with resultant remote code execution. | |
| CVE-2020-7819 | Cri | 0.61 | 9.3 | 0.01 | Sep 7, 2021 | A SQL-Injection vulnerability in the nTracker USB Enterprise(secure USB management solution) allows a remote unauthenticated attacker to perform SQL query to access username password and other session related information. | ||
| CVE-2021-37716 | Cri | 0.64 | 9.8 | 0.02 | Sep 7, 2021 | A remote buffer overflow vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.2, 8.6.0.8, 8.5.0.12, 8.3.0.15. Aruba has released patches for Aruba SD-WAN Software and Gateways and… | ||
| CVE-2021-36163 | — | Cri | 0.00 | 9.8 | 0.03 | Sep 7, 2021 | In Apache Dubbo, users may choose to use the Hessian protocol. The Hessian protocol is implemented on top of HTTP and passes the body of a POST request directly to a HessianSkeleton: New HessianSkeleton are created without any configuration of the serialization factory and… | |
| CVE-2021-38840 | — | Cri | 0.64 | 9.8 | 0.03 | Sep 7, 2021 | SQL Injection can occur in Simple Water Refilling Station Management System 1.0 via the water_refilling/classes/Login.php username parameter. | |
| CVE-2021-40540 | Cri | 0.00 | 9.8 | 0.03 | Sep 7, 2021 | ulfius_uri_logger in Ulfius HTTP Framework before 2.7.4 omits con_info initialization and a con_info->request NULL check for certain malformed HTTP requests. | ||
| CVE-2021-40532 | Cri | 0.00 | 9.8 | 0.01 | Sep 6, 2021 | Telegram Web K Alpha before 0.7.2 mishandles the characters in a document extension. | ||
| CVE-2021-40531 | Cri | 0.66 | 9.8 | 0.33 | Sep 6, 2021 | Sketch before 75 allows library feeds to be used to bypass file quarantine. Files are automatically downloaded and opened, without the com.apple.quarantine extended attribute. This results in remote code execution, as demonstrated by CommandString in a terminal profile to… | ||
| CVE-2021-3766 | Cri | 0.57 | 9.8 | 0.01 | Sep 6, 2021 | objection.js is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | ||
| CVE-2021-40494 | — | Cri | 0.57 | 9.8 | 0.02 | Sep 3, 2021 | A Hardcoded JWT Secret Key in metadata.py in AdaptiveScale LXDUI through 2.1.3 allows attackers to gain admin access to the host system. | |
| CVE-2021-34436 | Cri | 0.64 | 9.8 | 0.02 | Sep 2, 2021 | In Eclipse Theia 0.1.1 to 0.2.0, it is possible to exploit the default build to obtain remote code execution (and XXE) via the theia-xml-extension. This extension uses lsp4xml (recently renamed to LemMinX) in order to provide language support for XML. This is installed by… | ||
| CVE-2020-18048 | Cri | 0.64 | 9.8 | 0.02 | Sep 2, 2021 | An issue in craigms/main.php of CraigMS 1.0 allows attackers to execute arbitrary commands via a crafted input entered into the DB Name field. | ||
| CVE-2021-22704 | Cri | 0.59 | 9.1 | 0.01 | Sep 2, 2021 | A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists in Harmony/HMI Products Configured by Vijeo Designer (all versions prior to V6.2 SP11 ), Vijeo Designer Basic (all versions prior to V1.2), or EcoStruxure Machine Expert (all versions… | ||
| CVE-2019-10095 | Cri | 0.64 | 9.8 | 0.06 | Sep 2, 2021 | bash command injection vulnerability in Apache Zeppelin allows an attacker to inject system commands into Spark interpreter settings. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions. | ||
| CVE-2021-3757 | Cri | 0.57 | 9.8 | 0.02 | Sep 2, 2021 | immer is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | ||
| CVE-2021-34746 | Cri | 0.65 | 9.8 | 0.18 | Sep 2, 2021 | A vulnerability in the TACACS+ authentication, authorization and accounting (AAA) feature of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote attacker to bypass authentication and log in to an affected device as an administrator. This… | ||
| CVE-2021-39185 | — | Cri | 0.59 | 9.1 | 0.01 | Sep 1, 2021 | Http4s is a minimal, idiomatic Scala interface for HTTP services. In http4s versions 0.21.26 and prior, 0.22.0 through 0.22.2, 0.23.0, 0.23.1, and 1.0.0-M1 through 1.0.0-M24, the default CORS configuration is vulnerable to an origin reflection attack. The middleware is also… | |
| CVE-2021-40350 | Cri | 0.64 | 9.8 | 0.02 | Sep 1, 2021 | webctrl.cgi.elf on Christie Digital DWU850-GS V06.46 devices allows attackers to perform any desired action via a crafted query containing an unspecified Cookie header. Authentication bypass can be achieved by including an administrative cookie that the device does not validate. | ||
| CVE-2021-36042 | Cri | 0.59 | 9.1 | 0.02 | Sep 1, 2021 | Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability in the API File Option Upload Extension. An attacker with Admin privileges can achieve unrestricted file upload which can… | ||
| CVE-2021-36041 | Cri | 0.59 | 9.1 | 0.02 | Sep 1, 2021 | Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An attacker with admin privileges could upload a specially crafted file in the 'pub/media` directory could lead to remote… |
- risk 0.64cvss 9.8epss 0.01
UE assertion is possible due to improper validation of invite message with SDP body in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
- risk 0.65cvss 9.9epss 0.05
Eclipse Keti is a service that was designed to protect RESTfuls API using Attribute Based Access Control (ABAC). In Keti a sandbox escape vulnerability may lead to post-authentication Remote Code execution. This vulnerability is known to exist in the latest commit at the time of…
- risk 0.00cvss 9.8epss 0.01
scheme/webauthn.c in Glewlwyd SSO server through 2.5.3 has a buffer overflow during FIDO2 signature validation in webauthn registration.
- risk 0.64cvss 9.8epss 0.01
The Customer Photo Gallery addon before 2.9.4 for PrestaShop is vulnerable to SQL injection.
- risk 0.57cvss 9.8epss 0.05
Unrestricted File Upload in ShowDoc v2.9.5 allows remote attackers to execute arbitrary code via the 'file_url' parameter in the component AdminUpdateController.class.php'.
- risk 0.64cvss 9.8epss 0.04
Command Injection in PPGo_Jobs v2.8.0 allows remote attackers to execute arbitrary code via the 'AjaxRun()' function.
- risk 0.64cvss 9.8epss 0.06
Unrestricted Upload of File with Dangerous Type in DotCMS v5.2.3 and earlier allow remote attackers to execute arbitrary code via the component "/src/main/java/com/dotmarketing/filters/CMSFilter.java".
- risk 0.64cvss 9.8epss 0.01
A vulnerability in Base Software for SoftControl allows an attacker to insert and run arbitrary code in a computer running the affected product. This issue affects: .
- risk 0.64cvss 9.8epss 0.01
Multiple issues in apache were addressed by updating apache to version 2.4.46. This issue is fixed in Security Update 2021-004 Mojave. Multiple issues in apache.
- risk 0.64cvss 9.8epss 0.03
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.
- risk 0.64cvss 9.8epss 0.02
An application may be able to execute arbitrary code with system privileges. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina. The issue was addressed with improved permissions logic.
- risk 0.64cvss 9.8epss 0.02
A memory corruption issue was addressed with improved validation. This issue is fixed in Security Update 2021-002 Catalina, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. An application may be able to gain elevated privileges.
- risk 0.64cvss 9.8epss 0.02
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. An attacker with JavaScript execution may be able to execute arbitrary code.
- risk 0.64cvss 9.8epss 0.03
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. A malicious application may be able to execute arbitrary code with kernel privileges.
- risk 0.64cvss 9.8epss 0.02
A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.3. An application may be able to execute arbitrary code with kernel privileges.
- risk 0.64cvss 9.8epss 0.03
A buffer overflow may result in arbitrary code execution. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. A logic issue was addressed with improved state management.
- risk 0.64cvss 9.8epss 0.03
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. An application may be able to execute arbitrary code with kernel privileges.
- risk 0.64cvss 9.8epss 0.03
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. An application may be able to execute arbitrary code with kernel privileges.
- risk 0.64cvss 9.8epss 0.01
Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables,…
- risk 0.64cvss 9.8epss 0.01
Integer underflow can occur due to improper handling of incoming RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables
- risk 0.64cvss 9.8epss 0.01
Integer underflow can occur when the RTCP length is lesser than than the actual blocks present in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables
- risk 0.64cvss 9.8epss 0.01
Possible buffer underflow due to lack of check for negative indices values when processing user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music,…
- risk 0.60cvss 9.1epss 0.11
Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial…
- risk 0.60cvss 9.1epss 0.13
Improper authentication of Non-EAPOL/WAPI plaintext frames during four-way handshake can lead to arbitrary network packet injection in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon…
- risk 0.64cvss 9.8epss 0.01
BlueCMS v1.6 contains a SQL injection vulnerability via /ad_js.php.
- risk 0.61cvss 9.3epss 0.03
Nextcloud server is an open source, self hosted personal cloud. Nextcloud supports rendering image previews for user provided file content. For some image types, the Nextcloud server was invoking a third-party library that wasn't suited for untrusted user-supplied content. There…
- risk 0.64cvss 9.8epss 0.02
eyoucms 1.5.4 lacks sanitization of input data, allowing an attacker to inject a url to trigger blind SSRF via the saveRemote() function.
- risk 0.64cvss 9.8epss 0.01
A receiver of a federated share with access to the database with ownCloud version before 10.8 could update the permissions and therefore elevate their own permissions.
- risk 0.59cvss 9.1epss 0.01
An issue was discovered in gpac 0.8.0. The gf_odf_del_ipmp_tool function in odf_code.c has a heap-based buffer over-read.
- risk 0.58cvss 10.0epss 0.01
remark-html is an open source nodejs library which compiles Markdown to HTML. In affected versions the documentation of remark-html has mentioned that it was safe by default. In practice the default was never safe and had to be opted into. That is, user input was not sanitized.…
- risk 0.93cvss 9.8epss 0.99
Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API authentication bypass with resultant remote code execution.
- risk 0.61cvss 9.3epss 0.01
A SQL-Injection vulnerability in the nTracker USB Enterprise(secure USB management solution) allows a remote unauthenticated attacker to perform SQL query to access username password and other session related information.
- risk 0.64cvss 9.8epss 0.02
A remote buffer overflow vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.2, 8.6.0.8, 8.5.0.12, 8.3.0.15. Aruba has released patches for Aruba SD-WAN Software and Gateways and…
- risk 0.00cvss 9.8epss 0.03
In Apache Dubbo, users may choose to use the Hessian protocol. The Hessian protocol is implemented on top of HTTP and passes the body of a POST request directly to a HessianSkeleton: New HessianSkeleton are created without any configuration of the serialization factory and…
- risk 0.64cvss 9.8epss 0.03
SQL Injection can occur in Simple Water Refilling Station Management System 1.0 via the water_refilling/classes/Login.php username parameter.
- risk 0.00cvss 9.8epss 0.03
ulfius_uri_logger in Ulfius HTTP Framework before 2.7.4 omits con_info initialization and a con_info->request NULL check for certain malformed HTTP requests.
- risk 0.00cvss 9.8epss 0.01
Telegram Web K Alpha before 0.7.2 mishandles the characters in a document extension.
- risk 0.66cvss 9.8epss 0.33
Sketch before 75 allows library feeds to be used to bypass file quarantine. Files are automatically downloaded and opened, without the com.apple.quarantine extended attribute. This results in remote code execution, as demonstrated by CommandString in a terminal profile to…
- risk 0.57cvss 9.8epss 0.01
objection.js is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
- risk 0.57cvss 9.8epss 0.02
A Hardcoded JWT Secret Key in metadata.py in AdaptiveScale LXDUI through 2.1.3 allows attackers to gain admin access to the host system.
- risk 0.64cvss 9.8epss 0.02
In Eclipse Theia 0.1.1 to 0.2.0, it is possible to exploit the default build to obtain remote code execution (and XXE) via the theia-xml-extension. This extension uses lsp4xml (recently renamed to LemMinX) in order to provide language support for XML. This is installed by…
- risk 0.64cvss 9.8epss 0.02
An issue in craigms/main.php of CraigMS 1.0 allows attackers to execute arbitrary commands via a crafted input entered into the DB Name field.
- risk 0.59cvss 9.1epss 0.01
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists in Harmony/HMI Products Configured by Vijeo Designer (all versions prior to V6.2 SP11 ), Vijeo Designer Basic (all versions prior to V1.2), or EcoStruxure Machine Expert (all versions…
- risk 0.64cvss 9.8epss 0.06
bash command injection vulnerability in Apache Zeppelin allows an attacker to inject system commands into Spark interpreter settings. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions.
- risk 0.57cvss 9.8epss 0.02
immer is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
- risk 0.65cvss 9.8epss 0.18
A vulnerability in the TACACS+ authentication, authorization and accounting (AAA) feature of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote attacker to bypass authentication and log in to an affected device as an administrator. This…
- risk 0.59cvss 9.1epss 0.01
Http4s is a minimal, idiomatic Scala interface for HTTP services. In http4s versions 0.21.26 and prior, 0.22.0 through 0.22.2, 0.23.0, 0.23.1, and 1.0.0-M1 through 1.0.0-M24, the default CORS configuration is vulnerable to an origin reflection attack. The middleware is also…
- risk 0.64cvss 9.8epss 0.02
webctrl.cgi.elf on Christie Digital DWU850-GS V06.46 devices allows attackers to perform any desired action via a crafted query containing an unspecified Cookie header. Authentication bypass can be achieved by including an administrative cookie that the device does not validate.
- risk 0.59cvss 9.1epss 0.02
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability in the API File Option Upload Extension. An attacker with Admin privileges can achieve unrestricted file upload which can…
- risk 0.59cvss 9.1epss 0.02
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An attacker with admin privileges could upload a specially crafted file in the 'pub/media` directory could lead to remote…