Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-23 | CVE-2021-28819 | Incorrect Authorization vulnerability in Tibco FTL The Windows Installation component of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, and TIBCO FTL - Enterprise Edition contains a vulnerability that theoretically allows a low privileged attacker with local access on some versions of the Windows operating system to insert malicious software. | 7.8 |
| 2021-03-23 | CVE-2021-28818 | Unspecified vulnerability in Tibco Rendezvous The Rendezvous Routing Daemon (rvrd), Rendezvous Secure Routing Daemon (rvrsd), Rendezvous Secure Daemon (rvsd), Rendezvous Cache (rvcache), Rendezvous Secure C API, Rendezvous Java API, and Rendezvous .Net API components of TIBCO Software Inc.'s TIBCO Rendezvous and TIBCO Rendezvous Developer Edition contain a vulnerability that theoretically allows a low privileged attacker with local access on the Windows operating system to insert malicious software. | 7.8 |
| 2021-03-23 | CVE-2021-28817 | Unspecified vulnerability in Tibco Rendezvous The Windows Installation component of TIBCO Software Inc.'s TIBCO Rendezvous and TIBCO Rendezvous Developer Edition contains a vulnerability that theoretically allows a low privileged attacker with local access on some versions of the Windows operating system to insert malicious software. | 7.8 |
| 2021-03-23 | CVE-2021-28100 | Unspecified vulnerability in Netflix Priam Priam uses File.createTempFile, which gives the permissions on that file -rw-r--r--. | 2.1 |
| 2021-03-23 | CVE-2021-28099 | Use of Insufficiently Random Values vulnerability in Netflix Hollow In Netflix OSS Hollow, since the Files.exists(parent) is run before creating the directories, an attacker can pre-create these directories with wide permissions. | 4.4 |
| 2021-03-23 | CVE-2019-19343 | Improper Resource Shutdown or Release vulnerability in multiple products A flaw was found in Undertow when using Remoting as shipped in Red Hat Jboss EAP before version 7.2.4. | 5.0 |
| 2021-03-23 | CVE-2021-3392 | Use After Free vulnerability in multiple products A use-after-free flaw was found in the MegaRAID emulator of QEMU. | 3.2 |
| 2021-03-23 | CVE-2021-27908 | Injection vulnerability in Acquia Mautic In all versions prior to Mautic 3.3.2, secret parameters such as database credentials could be exposed publicly by an authorized admin user through leveraging Symfony parameter syntax in any of the free text fields in Mautic’s configuration that are used in publicly facing parts of the application. | 2.1 |
| 2021-03-23 | CVE-2021-21402 | Path Traversal vulnerability in Jellyfin Jellyfin is a Free Software Media System. | 4.0 |
| 2021-03-23 | CVE-2020-24994 | Unspecified vulnerability in Libass Project Libass 0.13.3/0.14.0 Stack overflow in the parse_tag function in libass/ass_parse.c in libass before 0.15.0 allows remote attackers to cause a denial of service or remote code execution via a crafted file. network libass-project | 6.8 |