| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-31251 | Cri | 0.70 | 9.8 | 0.36 | Jun 4, 2021 | An authentication bypass in telnet server in BF-430 and BF431 232/422 TCP/IP Converter, BF-450M and SEMAC from CHIYU Technology Inc allows obtaining a privileged connection with the target device by supplying a specially malformed request and an attacker may force the remote… | ||
| CVE-2021-30475 | Cri | 0.64 | 9.8 | 0.02 | Jun 4, 2021 | aom_dsp/noise_model.c in libaom in AOMedia before 2021-03-24 has a buffer overflow. | ||
| CVE-2021-25947 | — | Cri | 0.57 | 9.8 | 0.03 | Jun 3, 2021 | Prototype pollution vulnerability in 'nestie' versions 0.0.0 through 1.0.0 allows an attacker to cause a denial of service and may lead to remote code execution. | |
| CVE-2021-22333 | Cri | 0.64 | 9.8 | 0.01 | Jun 3, 2021 | There is an Improper Validation of Array Index vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause code to execute, thus obtaining system permissions. | ||
| CVE-2021-33806 | Cri | 0.00 | 9.8 | 0.03 | Jun 3, 2021 | The BDew BdLib library before 1.16.1.7 for Minecraft allows remote code execution because it deserializes untrusted data in ObjectInputStream.readObject as part of its use of Java serialization. | ||
| CVE-2020-35442 | Cri | 0.64 | 9.8 | 0.02 | Jun 2, 2021 | FDCMS (also known as Fangfa Content Management System) 4.0 allows remote attackers to get a webshell in the background via Front/lib/Action/FindexAction.class.php. | ||
| CVE-2020-35441 | Cri | 0.64 | 9.8 | 0.01 | Jun 2, 2021 | FDCMS (aka Fangfa Content Management System) 4.0 contains a front-end SQL injection via Admin/Lib/Action/FloginAction.class.php. | ||
| CVE-2021-30474 | Cri | 0.64 | 9.8 | 0.02 | Jun 2, 2021 | aom_dsp/grain_table.c in libaom in AOMedia before 2021-03-30 has a use-after-free. | ||
| CVE-2021-31921 | Cri | 0.64 | 9.8 | 0.01 | Jun 2, 2021 | Istio before 1.8.6 and 1.9.x before 1.9.5 contains a remotely exploitable vulnerability where an external client can access unexpected services in the cluster, bypassing authorization checks, when a gateway is configured with AUTO_PASSTHROUGH routing configuration. | ||
| CVE-2021-25288 | — | Cri | 0.52 | 9.1 | 0.02 | Jun 2, 2021 | An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2ku_gray_i. | |
| CVE-2021-25287 | — | Cri | 0.52 | 9.1 | 0.03 | Jun 2, 2021 | An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2ku_graya_la. | |
| CVE-2009-0948 | Cri | 0.64 | 9.8 | 0.01 | Jun 2, 2021 | Multiple buffer overflows in the (1) cdf_read_sat, (2) cdf_read_long_sector_chain, and (3) cdf_read_ssat function in file before 5.02. | ||
| CVE-2009-0947 | Cri | 0.64 | 9.8 | 0.01 | Jun 2, 2021 | Multiple integer overflows in the (1) cdf_read_property_info and (2) cdf_read_sat functions in file before 5.02. | ||
| CVE-2021-26707 | — | Cri | 0.57 | 9.8 | 0.02 | Jun 2, 2021 | The merge-deep library before 3.0.3 for Node.js can be tricked into overwriting properties of Object.prototype or adding new properties to it. These properties are then inherited by every object in the program, thus facilitating prototype-pollution attacks against applications… | |
| CVE-2021-3538 | — | Cri | 0.57 | 9.8 | 0.02 | Jun 2, 2021 | A flaw was found in github.com/satori/go.uuid in versions from commit 0ef6afb2f6cdd6cdaeee3885a95099c63f18fc8c to d91630c8510268e75203009fe7daf2b8e1d60c45. Due to insecure randomness in the g.rand.Read function the generated UUIDs are predictable for an attacker. | |
| CVE-2021-3520 | Cri | 0.64 | 9.8 | 0.03 | Jun 2, 2021 | There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this… | ||
| CVE-2021-23895 | Cri | 0.59 | 9.0 | 0.02 | Jun 2, 2021 | Deserialization of untrusted data vulnerability in McAfee Database Security (DBSec) prior to 4.8.2 allows a remote authenticated attacker to create a reverse shell with administrator privileges on the DBSec server via carefully constructed Java serialized object sent to the… | ||
| CVE-2021-23894 | Cri | 0.63 | 9.6 | 0.02 | Jun 2, 2021 | Deserialization of untrusted data vulnerability in McAfee Database Security (DBSec) prior to 4.8.2 allows a remote unauthenticated attacker to create a reverse shell with administrator privileges on the DBSec server via carefully constructed Java serialized object sent to the… | ||
| CVE-2021-29089 | Cri | 0.64 | 9.8 | 0.02 | Jun 2, 2021 | Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in thumbnail component in Synology Photo Station before 6.8.14-3500 allows remote attackers users to execute arbitrary SQL commands via unspecified vectors. | ||
| CVE-2021-30181 | — | Cri | 0.69 | 9.8 | 0.61 | Jun 1, 2021 | Apache Dubbo prior to 2.6.9 and 2.7.9 supports Script routing which will enable a customer to route the request to the right server. These rules are used by the customers when making a request in order to find the right endpoint. When parsing these rules, Dubbo customers use… | |
| CVE-2021-30180 | — | Cri | 0.69 | 9.8 | 0.60 | Jun 1, 2021 | Apache Dubbo prior to 2.7.9 support Tag routing which will enable a customer to route the request to the right server. These rules are used by the customers when making a request in order to find the right endpoint. When parsing these YAML rules, Dubbo customers may enable… | |
| CVE-2021-30179 | — | Cri | 0.64 | 9.8 | 0.04 | Jun 1, 2021 | Apache Dubbo prior to 2.6.9 and 2.7.9 by default supports generic calls to arbitrary methods exposed by provider interfaces. These invocations are handled by the GenericFilter which will find the service and method specified in the first arguments of the invocation and use the… | |
| CVE-2021-25641 | — | Cri | 0.65 | 9.8 | 0.18 | Jun 1, 2021 | Each Apache Dubbo server will set a serialization id to tell the clients which serialization protocol it is working on. But for Dubbo versions before 2.7.8 or 2.6.9, an attacker can choose which serialization id the Provider will use by tampering with the byte preamble flags,… | |
| CVE-2021-24321 | Cri | 0.69 | 9.8 | 0.67 | Jun 1, 2021 | The Bello - Directory & Listing WordPress theme before 1.6.0 did not sanitise the bt_bb_listing_field_price_range_to, bt_bb_listing_field_now_open, bt_bb_listing_field_my_lng, listing_list_view and bt_bb_listing_field_my_lat parameters before using them in a SQL statement,… | ||
| CVE-2020-4561 | Cri | 0.65 | 10.0 | 0.03 | Jun 1, 2021 | IBM Cognos Analytics 11.0 and 11.1 DQM API allows submitting of all control requests in unauthenticated sessions. This allows a remote attacker who can access a valid CA endpoint to read and write files to the Cognos Analytics system. IBM X-Force ID: 183903. | ||
| CVE-2021-27828 | — | Cri | 0.64 | 9.1 | 0.20 | Jun 1, 2021 | SQL injection in In4Suite ERP 3.2.74.1370 allows attackers to modify or delete data, causing persistent changes to the application's content or behavior by using malicious SQL queries. | |
| CVE-2020-10666 | Cri | 0.64 | 9.8 | 0.02 | May 31, 2021 | The restapps (aka Rest Phone apps) module for Sangoma FreePBX and PBXact 13, 14, and 15 through 15.0.19.2 allows remote code execution via a URL variable to an AMI command. | ||
| CVE-2021-33790 | Cri | 0.64 | 9.8 | 0.03 | May 31, 2021 | The RebornCore library before 4.7.3 allows remote code execution because it deserializes untrusted data in ObjectInputStream.readObject as part of reborncore.common.network.ExtendedPacketBuffer. An attacker can instantiate any class on the classpath with any data. A class usable… | ||
| CVE-2021-33564 | — | Cri | 0.62 | 9.8 | 0.72 | May 29, 2021 | An argument injection vulnerability in the Dragonfly gem before 1.4.0 for Ruby allows remote attackers to read and write to arbitrary files via a crafted URL when the verify_url option is disabled. This may lead to code execution. The problem occurs because the generate and… | |
| CVE-2021-31703 | Cri | 0.64 | 9.8 | 0.01 | May 29, 2021 | Frontier ichris through 5.18 allows users to upload malicious executable files that might later be downloaded and run by any client user. | ||
| CVE-2021-30461 | Cri | 0.67 | 9.8 | 0.37 | May 29, 2021 | A remote code execution issue was discovered in the web UI of VoIPmonitor before 24.61. When the recheck option is used, the user-supplied SPOOLDIR value (which might contain PHP code) is injected into config/configuration.php. | ||
| CVE-2021-32619 | Cri | 0.64 | 9.8 | 0.01 | May 28, 2021 | Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. In Deno versions 1.5.0 to 1.10.1, modules that are dynamically imported through `import()` or `new Worker` might have been able to bypass network and file system permission checks when statically… | ||
| CVE-2021-22519 | Cri | 0.64 | 9.8 | 0.02 | May 28, 2021 | Execute arbitrary code vulnerability in Micro Focus SiteScope product, affecting versions 11.40,11.41 , 2018.05(11.50), 2018.08(11.51), 2018.11(11.60), 2019.02(11.70), 2019.05(11.80), 2019.08(11.90), 2019.11(11.91), 2020.05(11.92), 2020.10(11.93). The vulnerability could allow… | ||
| CVE-2021-32637 | Cri | 0.58 | 10.0 | 0.02 | May 28, 2021 | Authelia is a a single sign-on multi-factor portal for web apps. This affects uses who are using nginx ngx_http_auth_request_module with Authelia, it allows a malicious individual who crafts a malformed HTTP request to bypass the authentication mechanism. It additionally could… | ||
| CVE-2020-15782 | Cri | 0.64 | 9.8 | 0.05 | May 28, 2021 | A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9),… | ||
| CVE-2021-20236 | Cri | 0.57 | 9.8 | 0.02 | May 28, 2021 | A flaw was found in the ZeroMQ server in versions before 4.3.3. This flaw allows a malicious client to cause a stack buffer overflow on the server by sending crafted topic subscription requests and then unsubscribing. The highest threat from this vulnerability is to… | ||
| CVE-2021-20195 | Cri | 0.55 | 9.6 | 0.01 | May 28, 2021 | A flaw was found in keycloak in versions before 13.0.0. A Self Stored XSS attack vector escalating to a complete account takeover is possible due to user-supplied data fields not being properly encoded and Javascript code being used to process the data. The highest threat from… | ||
| CVE-2020-27847 | — | Cri | 0.64 | 9.8 | 0.02 | May 28, 2021 | A vulnerability exists in the SAML connector of the github.com/dexidp/dex library used to process SAML Signature Validation. This flaw allows an attacker to bypass SAML authentication. The highest threat from this vulnerability is to confidentiality, integrity, as well as system… | |
| CVE-2021-27852 | Cri | 0.78 | 9.8 | 0.32 | KEV | May 27, 2021 | Deserialization of Untrusted Data vulnerability in CheckboxWeb.dll of Checkbox Survey allows an unauthenticated remote attacker to execute arbitrary code. This issue affects: Checkbox Survey versions prior to 7. | |
| CVE-2020-15180 | Cri | 0.59 | 9.0 | 0.06 | May 27, 2021 | A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in `wsrep_sst_method` allows for command injection that can be exploited by a remote attacker to execute arbitrary commands on galera cluster nodes. This threatens the system's confidentiality,… | ||
| CVE-2020-12403 | Cri | 0.59 | 9.1 | 0.02 | May 27, 2021 | A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. When using multi-part Chacha20, it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 (which was not functioning correctly) and strictly… | ||
| CVE-2020-27832 | Cri | 0.59 | 9.0 | 0.01 | May 27, 2021 | A flaw was found in Red Hat Quay, where it has a persistent Cross-site Scripting (XSS) vulnerability when displaying a repository's notification. This flaw allows an attacker to trick a user into performing a malicious action to impersonate the target user. The highest threat… | ||
| CVE-2021-31535 | Cri | 0.01 | 9.8 | 0.11 | May 27, 2021 | LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11 XLookupColor request (intended for server-side color lookup) contains a flaw allowing a client to send color-name requests with a name longer than… | ||
| CVE-2021-22911 | Cri | 0.74 | 9.8 | 0.95 | May 27, 2021 | A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 & 3.13 that could lead to unauthenticated NoSQL injection, resulting potentially in RCE. | ||
| CVE-2021-22891 | Cri | 0.64 | 9.8 | 0.01 | May 27, 2021 | A missing authorization vulnerability exists in Citrix ShareFile Storage Zones Controller before 5.7.3, 5.8.3, 5.9.3, 5.10.1 and 5.11.18 may allow unauthenticated remote compromise of the Storage Zones Controller. | ||
| CVE-2021-33590 | Cri | 0.64 | 9.8 | 0.01 | May 27, 2021 | GattLib 0.3-rc1 has a stack-based buffer over-read in get_device_path_from_mac in dbus/gattlib.c. | ||
| CVE-2021-22738 | Cri | 0.64 | 9.8 | 0.01 | May 26, 2021 | Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior that could cause unauthorized access when credentials are discovered after a brute force attack. | ||
| CVE-2021-22737 | Cri | 0.64 | 9.8 | 0.01 | May 26, 2021 | Insufficiently Protected Credentials vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior that could cause unauthorized access of when credentials are discovered after a brute force attack. | ||
| CVE-2021-22731 | Cri | 0.64 | 9.8 | 0.01 | May 26, 2021 | Weak Password Recovery Mechanism for Forgotten Password vulnerability exists on Modicon Managed Switch MCSESM* and MCSESP* V8.21 and prior which could cause an unauthorized password change through HTTP / HTTPS when basic user information is known by a remote attacker. | ||
| CVE-2019-25029 | Cri | 0.64 | 9.8 | 0.03 | May 26, 2021 | In Versa Director, the command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application. Command injection attacks are possible when an application passes unsafe user supplied data (forms, cookies, HTTP… |
- risk 0.70cvss 9.8epss 0.36
An authentication bypass in telnet server in BF-430 and BF431 232/422 TCP/IP Converter, BF-450M and SEMAC from CHIYU Technology Inc allows obtaining a privileged connection with the target device by supplying a specially malformed request and an attacker may force the remote…
- risk 0.64cvss 9.8epss 0.02
aom_dsp/noise_model.c in libaom in AOMedia before 2021-03-24 has a buffer overflow.
- risk 0.57cvss 9.8epss 0.03
Prototype pollution vulnerability in 'nestie' versions 0.0.0 through 1.0.0 allows an attacker to cause a denial of service and may lead to remote code execution.
- risk 0.64cvss 9.8epss 0.01
There is an Improper Validation of Array Index vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause code to execute, thus obtaining system permissions.
- risk 0.00cvss 9.8epss 0.03
The BDew BdLib library before 1.16.1.7 for Minecraft allows remote code execution because it deserializes untrusted data in ObjectInputStream.readObject as part of its use of Java serialization.
- risk 0.64cvss 9.8epss 0.02
FDCMS (also known as Fangfa Content Management System) 4.0 allows remote attackers to get a webshell in the background via Front/lib/Action/FindexAction.class.php.
- risk 0.64cvss 9.8epss 0.01
FDCMS (aka Fangfa Content Management System) 4.0 contains a front-end SQL injection via Admin/Lib/Action/FloginAction.class.php.
- risk 0.64cvss 9.8epss 0.02
aom_dsp/grain_table.c in libaom in AOMedia before 2021-03-30 has a use-after-free.
- risk 0.64cvss 9.8epss 0.01
Istio before 1.8.6 and 1.9.x before 1.9.5 contains a remotely exploitable vulnerability where an external client can access unexpected services in the cluster, bypassing authorization checks, when a gateway is configured with AUTO_PASSTHROUGH routing configuration.
- risk 0.52cvss 9.1epss 0.02
An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2ku_gray_i.
- risk 0.52cvss 9.1epss 0.03
An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2ku_graya_la.
- risk 0.64cvss 9.8epss 0.01
Multiple buffer overflows in the (1) cdf_read_sat, (2) cdf_read_long_sector_chain, and (3) cdf_read_ssat function in file before 5.02.
- risk 0.64cvss 9.8epss 0.01
Multiple integer overflows in the (1) cdf_read_property_info and (2) cdf_read_sat functions in file before 5.02.
- risk 0.57cvss 9.8epss 0.02
The merge-deep library before 3.0.3 for Node.js can be tricked into overwriting properties of Object.prototype or adding new properties to it. These properties are then inherited by every object in the program, thus facilitating prototype-pollution attacks against applications…
- risk 0.57cvss 9.8epss 0.02
A flaw was found in github.com/satori/go.uuid in versions from commit 0ef6afb2f6cdd6cdaeee3885a95099c63f18fc8c to d91630c8510268e75203009fe7daf2b8e1d60c45. Due to insecure randomness in the g.rand.Read function the generated UUIDs are predictable for an attacker.
- risk 0.64cvss 9.8epss 0.03
There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this…
- risk 0.59cvss 9.0epss 0.02
Deserialization of untrusted data vulnerability in McAfee Database Security (DBSec) prior to 4.8.2 allows a remote authenticated attacker to create a reverse shell with administrator privileges on the DBSec server via carefully constructed Java serialized object sent to the…
- risk 0.63cvss 9.6epss 0.02
Deserialization of untrusted data vulnerability in McAfee Database Security (DBSec) prior to 4.8.2 allows a remote unauthenticated attacker to create a reverse shell with administrator privileges on the DBSec server via carefully constructed Java serialized object sent to the…
- risk 0.64cvss 9.8epss 0.02
Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in thumbnail component in Synology Photo Station before 6.8.14-3500 allows remote attackers users to execute arbitrary SQL commands via unspecified vectors.
- risk 0.69cvss 9.8epss 0.61
Apache Dubbo prior to 2.6.9 and 2.7.9 supports Script routing which will enable a customer to route the request to the right server. These rules are used by the customers when making a request in order to find the right endpoint. When parsing these rules, Dubbo customers use…
- risk 0.69cvss 9.8epss 0.60
Apache Dubbo prior to 2.7.9 support Tag routing which will enable a customer to route the request to the right server. These rules are used by the customers when making a request in order to find the right endpoint. When parsing these YAML rules, Dubbo customers may enable…
- risk 0.64cvss 9.8epss 0.04
Apache Dubbo prior to 2.6.9 and 2.7.9 by default supports generic calls to arbitrary methods exposed by provider interfaces. These invocations are handled by the GenericFilter which will find the service and method specified in the first arguments of the invocation and use the…
- risk 0.65cvss 9.8epss 0.18
Each Apache Dubbo server will set a serialization id to tell the clients which serialization protocol it is working on. But for Dubbo versions before 2.7.8 or 2.6.9, an attacker can choose which serialization id the Provider will use by tampering with the byte preamble flags,…
- risk 0.69cvss 9.8epss 0.67
The Bello - Directory & Listing WordPress theme before 1.6.0 did not sanitise the bt_bb_listing_field_price_range_to, bt_bb_listing_field_now_open, bt_bb_listing_field_my_lng, listing_list_view and bt_bb_listing_field_my_lat parameters before using them in a SQL statement,…
- risk 0.65cvss 10.0epss 0.03
IBM Cognos Analytics 11.0 and 11.1 DQM API allows submitting of all control requests in unauthenticated sessions. This allows a remote attacker who can access a valid CA endpoint to read and write files to the Cognos Analytics system. IBM X-Force ID: 183903.
- risk 0.64cvss 9.1epss 0.20
SQL injection in In4Suite ERP 3.2.74.1370 allows attackers to modify or delete data, causing persistent changes to the application's content or behavior by using malicious SQL queries.
- risk 0.64cvss 9.8epss 0.02
The restapps (aka Rest Phone apps) module for Sangoma FreePBX and PBXact 13, 14, and 15 through 15.0.19.2 allows remote code execution via a URL variable to an AMI command.
- risk 0.64cvss 9.8epss 0.03
The RebornCore library before 4.7.3 allows remote code execution because it deserializes untrusted data in ObjectInputStream.readObject as part of reborncore.common.network.ExtendedPacketBuffer. An attacker can instantiate any class on the classpath with any data. A class usable…
- risk 0.62cvss 9.8epss 0.72
An argument injection vulnerability in the Dragonfly gem before 1.4.0 for Ruby allows remote attackers to read and write to arbitrary files via a crafted URL when the verify_url option is disabled. This may lead to code execution. The problem occurs because the generate and…
- risk 0.64cvss 9.8epss 0.01
Frontier ichris through 5.18 allows users to upload malicious executable files that might later be downloaded and run by any client user.
- risk 0.67cvss 9.8epss 0.37
A remote code execution issue was discovered in the web UI of VoIPmonitor before 24.61. When the recheck option is used, the user-supplied SPOOLDIR value (which might contain PHP code) is injected into config/configuration.php.
- risk 0.64cvss 9.8epss 0.01
Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. In Deno versions 1.5.0 to 1.10.1, modules that are dynamically imported through `import()` or `new Worker` might have been able to bypass network and file system permission checks when statically…
- risk 0.64cvss 9.8epss 0.02
Execute arbitrary code vulnerability in Micro Focus SiteScope product, affecting versions 11.40,11.41 , 2018.05(11.50), 2018.08(11.51), 2018.11(11.60), 2019.02(11.70), 2019.05(11.80), 2019.08(11.90), 2019.11(11.91), 2020.05(11.92), 2020.10(11.93). The vulnerability could allow…
- risk 0.58cvss 10.0epss 0.02
Authelia is a a single sign-on multi-factor portal for web apps. This affects uses who are using nginx ngx_http_auth_request_module with Authelia, it allows a malicious individual who crafts a malformed HTTP request to bypass the authentication mechanism. It additionally could…
- risk 0.64cvss 9.8epss 0.05
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9),…
- risk 0.57cvss 9.8epss 0.02
A flaw was found in the ZeroMQ server in versions before 4.3.3. This flaw allows a malicious client to cause a stack buffer overflow on the server by sending crafted topic subscription requests and then unsubscribing. The highest threat from this vulnerability is to…
- risk 0.55cvss 9.6epss 0.01
A flaw was found in keycloak in versions before 13.0.0. A Self Stored XSS attack vector escalating to a complete account takeover is possible due to user-supplied data fields not being properly encoded and Javascript code being used to process the data. The highest threat from…
- risk 0.64cvss 9.8epss 0.02
A vulnerability exists in the SAML connector of the github.com/dexidp/dex library used to process SAML Signature Validation. This flaw allows an attacker to bypass SAML authentication. The highest threat from this vulnerability is to confidentiality, integrity, as well as system…
- risk 0.78cvss 9.8epss 0.32
Deserialization of Untrusted Data vulnerability in CheckboxWeb.dll of Checkbox Survey allows an unauthenticated remote attacker to execute arbitrary code. This issue affects: Checkbox Survey versions prior to 7.
- risk 0.59cvss 9.0epss 0.06
A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in `wsrep_sst_method` allows for command injection that can be exploited by a remote attacker to execute arbitrary commands on galera cluster nodes. This threatens the system's confidentiality,…
- risk 0.59cvss 9.1epss 0.02
A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. When using multi-part Chacha20, it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 (which was not functioning correctly) and strictly…
- risk 0.59cvss 9.0epss 0.01
A flaw was found in Red Hat Quay, where it has a persistent Cross-site Scripting (XSS) vulnerability when displaying a repository's notification. This flaw allows an attacker to trick a user into performing a malicious action to impersonate the target user. The highest threat…
- risk 0.01cvss 9.8epss 0.11
LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11 XLookupColor request (intended for server-side color lookup) contains a flaw allowing a client to send color-name requests with a name longer than…
- risk 0.74cvss 9.8epss 0.95
A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 & 3.13 that could lead to unauthenticated NoSQL injection, resulting potentially in RCE.
- risk 0.64cvss 9.8epss 0.01
A missing authorization vulnerability exists in Citrix ShareFile Storage Zones Controller before 5.7.3, 5.8.3, 5.9.3, 5.10.1 and 5.11.18 may allow unauthenticated remote compromise of the Storage Zones Controller.
- risk 0.64cvss 9.8epss 0.01
GattLib 0.3-rc1 has a stack-based buffer over-read in get_device_path_from_mac in dbus/gattlib.c.
- risk 0.64cvss 9.8epss 0.01
Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior that could cause unauthorized access when credentials are discovered after a brute force attack.
- risk 0.64cvss 9.8epss 0.01
Insufficiently Protected Credentials vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior that could cause unauthorized access of when credentials are discovered after a brute force attack.
- risk 0.64cvss 9.8epss 0.01
Weak Password Recovery Mechanism for Forgotten Password vulnerability exists on Modicon Managed Switch MCSESM* and MCSESP* V8.21 and prior which could cause an unauthorized password change through HTTP / HTTPS when basic user information is known by a remote attacker.
- risk 0.64cvss 9.8epss 0.03
In Versa Director, the command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application. Command injection attacks are possible when an application passes unsafe user supplied data (forms, cookies, HTTP…