Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2021-03-21 CVE-2021-23360 Command Injection vulnerability in Killport Project Killport 1.0.0/1.0.1
This affects the package killport before 1.0.2.
network
low complexity
killport-project CWE-77
6.5
6.5
2021-03-21 CVE-2021-28961 OS Command Injection vulnerability in Openwrt 19.07.0
applications/luci-app-ddns/luasrc/model/cbi/ddns/detail.lua in the DDNS package for OpenWrt 19.07 allows remote authenticated users to inject arbitrary commands via POST requests.
network
low complexity
openwrt CWE-78
8.8
8.8
2021-03-21 CVE-2021-28957 Cross-site Scripting vulnerability in multiple products
An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3.
network
low complexity
lxml debian fedoraproject netapp oracle CWE-79
6.1
6.1
2021-03-21 CVE-2021-28954 Unspecified vulnerability in BIT Project BIT
In Chris Walz bit before 1.0.5 on Windows, attackers can run arbitrary code via a .exe file in a crafted repository.
network
bit-project
6.8
6.8
2021-03-21 CVE-2021-28953 Uncontrolled Search Path Element vulnerability in C/C++ Advanced Lint Project C/C++ Advanced Lint
The unofficial C/C++ Advanced Lint extension before 1.9.0 for Visual Studio Code allows attackers to execute arbitrary binaries if the user opens a crafted repository.
local
low complexity
c-c-advanced-lint-project CWE-427
7.8
7.8
2021-03-20 CVE-2020-27171 Off-by-one Error vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.11.8.
local
low complexity
linux fedoraproject debian canonical CWE-193
6.0
6.0
2021-03-20 CVE-2020-27170 Information Exposure Through Discrepancy vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.11.8.
local
high complexity
linux fedoraproject canonical debian CWE-203
4.7
4.7
2021-03-20 CVE-2021-28952 Classic Buffer Overflow vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.11.8.
local
low complexity
linux fedoraproject netapp CWE-120
7.8
7.8
2021-03-20 CVE-2021-28117 Unspecified vulnerability in KDE Discover
libdiscover/backends/KNSBackend/KNSResource.cpp in KDE Discover before 5.21.3 automatically creates links to potentially dangerous URLs (that are neither https:// nor http://) based on the content of the store.kde.org web site.
network
low complexity
kde
7.5
7.5
2021-03-20 CVE-2021-28951 Improper Locking vulnerability in multiple products
An issue was discovered in fs/io_uring.c in the Linux kernel through 5.11.8.
local
low complexity
linux fedoraproject netapp CWE-667
5.5
5.5