Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-26 | CVE-2021-1629 | Open Redirect vulnerability in Tableau Server Tableau Server fails to validate certain URLs that are embedded in emails sent to Tableau Server users. | 5.8 |
| 2021-03-26 | CVE-2021-1628 | XXE vulnerability in Salesforce Mule MuleSoft is aware of a XML External Entity (XXE) vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. | 7.5 |
| 2021-03-26 | CVE-2021-1627 | Server-Side Request Forgery (SSRF) vulnerability in Salesforce Mule MuleSoft is aware of a Server Side Request Forgery vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. | 7.5 |
| 2021-03-26 | CVE-2021-1626 | Unspecified vulnerability in Salesforce Mule MuleSoft is aware of a Remote Code Execution vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. | 7.5 |
| 2021-03-26 | CVE-2020-35518 | Information Exposure Through Discrepancy vulnerability in Redhat 389 Directory Server When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. | 5.0 |
| 2021-03-26 | CVE-2020-35508 | Improper Initialization vulnerability in multiple products A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. | 4.5 |
| 2021-03-26 | CVE-2020-27829 | Heap-based Buffer Overflow vulnerability in Imagemagick A heap based buffer overflow in coders/tiff.c may result in program crash and denial of service in ImageMagick before 7.0.10-45. | 4.3 |
| 2021-03-26 | CVE-2021-3109 | Unspecified vulnerability in Solarwinds Orion Platform The custom menu item options page in SolarWinds Orion Platform before 2020.2.5 allows Reverse Tabnabbing in the context of an administrator account. network solarwinds | 4.9 |
| 2021-03-26 | CVE-2020-35856 | Cross-site Scripting vulnerability in Solarwinds Orion Platform SolarWinds Orion Platform before 2020.2.5 allows stored XSS attacks by an administrator on the Customize View page. | 3.5 |
| 2021-03-26 | CVE-2020-19626 | Cross-site Scripting vulnerability in Craftcms Craft CMS 3.1.31 Cross Site Scripting (XSS) vulnerability in craftcms 3.1.31, allows remote attackers to inject arbitrary web script or HTML, via /admin/settings/sites/new. | 3.5 |