Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-26 | CVE-2020-35508 | Improper Initialization vulnerability in multiple products A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. | 4.5 |
| 2021-03-26 | CVE-2020-27829 | Heap-based Buffer Overflow vulnerability in Imagemagick A heap based buffer overflow in coders/tiff.c may result in program crash and denial of service in ImageMagick before 7.0.10-45. | 4.3 |
| 2021-03-26 | CVE-2021-3109 | Unspecified vulnerability in Solarwinds Orion Platform The custom menu item options page in SolarWinds Orion Platform before 2020.2.5 allows Reverse Tabnabbing in the context of an administrator account. network solarwinds | 4.9 |
| 2021-03-26 | CVE-2020-35856 | Cross-site Scripting vulnerability in Solarwinds Orion Platform SolarWinds Orion Platform before 2020.2.5 allows stored XSS attacks by an administrator on the Customize View page. | 3.5 |
| 2021-03-26 | CVE-2020-19626 | Cross-site Scripting vulnerability in Craftcms Craft CMS 3.1.31 Cross Site Scripting (XSS) vulnerability in craftcms 3.1.31, allows remote attackers to inject arbitrary web script or HTML, via /admin/settings/sites/new. | 3.5 |
| 2021-03-26 | CVE-2020-19625 | Unspecified vulnerability in Gridx Project Gridx 1.3 Remote Code Execution Vulnerability in tests/support/stores/test_grid_filter.php in oria gridx 1.3, allows remote attackers to execute arbitrary code, via crafted value to the $query parameter. | 7.5 |
| 2021-03-26 | CVE-2021-22506 | Unspecified vulnerability in Microfocus Access Manager Advance configuration exposing Information Leakage vulnerability in Micro Focus Access Manager product, affects all versions prior to version 5.0. | 7.5 |
| 2021-03-26 | CVE-2020-25840 | Cross-site Scripting vulnerability in Microfocus Access Manager Cross-Site scripting vulnerability in Micro Focus Access Manager product, affects all version prior to version 5.0. | 6.1 |
| 2021-03-26 | CVE-2021-3275 | Cross-site Scripting vulnerability in Tp-Link products Unauthenticated stored cross-site scripting (XSS) exists in multiple TP-Link products including WIFI Routers (Wireless AC routers), Access Points, ADSL + DSL Gateways and Routers, which affects TD-W9977v1, TL-WA801NDv5, TL-WA801Nv6, TL-WA802Nv5, and Archer C3150v2 devices through the improper validation of the hostname. | 4.3 |
| 2021-03-26 | CVE-2021-23890 | Information Exposure vulnerability in Mcafee Epolicy Orchestrator Information leak vulnerability in the Agent Handler of McAfee ePolicy Orchestrator (ePO) prior to 5.10 Update 10 allows an unauthenticated user to download McAfee product packages (specifically McAfee Agent) available in ePO repository and install them on their own machines to have it managed and then in turn get policy details from the ePO server. | 6.5 |