Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-03-22 | CVE-2020-28501 | Unspecified vulnerability in Crawlerdetect Project Crawlerdetect This affects the package es6-crawler-detect before 3.1.3. | 5.0 |
2021-03-22 | CVE-2021-28964 | Race Condition vulnerability in multiple products A race condition was discovered in get_old_root in fs/btrfs/ctree.c in the Linux kernel through 5.11.8. | 4.7 |
2021-03-22 | CVE-2021-21438 | Incorrect Default Permissions vulnerability in Otrs FAQ and Otrs Agents are able to see linked FAQ articles without permissions (defined in FAQ Category). | 4.0 |
2021-03-22 | CVE-2021-21437 | Missing Authorization vulnerability in Otrs products Agents are able to see linked Config Items without permissions, which are defined in General Catalog. | 4.3 |
2021-03-22 | CVE-2021-28963 | Injection vulnerability in multiple products Shibboleth Service Provider before 3.2.1 allows content injection because template generation uses attacker-controlled parameters. | 5.3 |
2021-03-22 | CVE-2021-28956 | Unspecified vulnerability in Sass Lint Project Sass Lint The unofficial vscode-sass-lint (aka Sass Lint) extension through 1.0.7 for Visual Studio Code allows attackers to execute arbitrary binaries if the user opens a crafted workspace. | 8.8 |
2021-03-22 | CVE-2021-28955 | Uncontrolled Search Path Element vulnerability in Git-Bug Project Git-Bug git-bug before 0.7.2 has an Uncontrolled Search Path Element. | 7.5 |
2021-03-22 | CVE-2021-26070 | Improper Authentication vulnerability in Atlassian Data Center and Jira Affected versions of Atlassian Jira Server and Data Center allow remote attackers to evade behind-the-firewall protection of app-linked resources via a Broken Authentication vulnerability in the `makeRequest` gadget resource. | 6.4 |
2021-03-22 | CVE-2021-26069 | Injection vulnerability in Atlassian products Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to download temporary files and enumerate project keys via an Information Disclosure vulnerability in the /rest/api/1.0/issues/{id}/ActionsAndOperations API endpoint. | 5.0 |
2021-03-21 | CVE-2020-13963 | Use of Hard-coded Credentials vulnerability in Soplanning 1.45/1.46.01 SOPlanning before 1.47 has Incorrect Access Control because certain secret key information, and the related authentication algorithm, is public. | 9.8 |