Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-26 | CVE-2021-22194 | Cleartext Storage of Sensitive Information vulnerability in Gitlab In all versions of GitLab, marshalled session keys were being stored in Redis. | 2.1 |
| 2021-03-26 | CVE-2021-22184 | Information Exposure Through Log Files vulnerability in Gitlab An information disclosure issue in GitLab starting from version 12.8 allowed a user with access to the server logs to see sensitive information that wasn't properly redacted. | 2.1 |
| 2021-03-26 | CVE-2021-22180 | Forced Browsing vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 13.4. | 4.0 |
| 2021-03-26 | CVE-2021-22172 | Information Exposure vulnerability in Gitlab Improper authorization in GitLab 12.8+ allows a guest user in a private project to view tag data that should be inaccessible on the releases page | 4.0 |
| 2021-03-26 | CVE-2021-21333 | Cross-site Scripting vulnerability in multiple products Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). | 6.1 |
| 2021-03-26 | CVE-2021-21332 | Cross-site Scripting vulnerability in multiple products Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). | 8.2 |
| 2021-03-26 | CVE-2021-25372 | Out-of-bounds Write vulnerability in Google Android 10.0/11.0 An improper boundary check in DSP driver prior to SMR Mar-2021 Release 1 allows out of bounds memory access. | 7.2 |
| 2021-03-26 | CVE-2021-25371 | Unspecified vulnerability in Google Android 10.0/11.0 A vulnerability in DSP driver prior to SMR Mar-2021 Release 1 allows attackers load arbitrary ELF libraries inside DSP. | 7.2 |
| 2021-03-26 | CVE-2021-25370 | Use After Free vulnerability in Google Android An incorrect implementation handling file descriptor in dpu driver prior to SMR Mar-2021 Release 1 results in memory corruption leading to kernel panic. | 4.4 |
| 2021-03-26 | CVE-2021-25369 | Unspecified vulnerability in Google Android An improper access control vulnerability in sec_log file prior to SMR MAR-2021 Release 1 exposes sensitive kernel information to userspace. | 2.1 |