Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-03-18 | CVE-2019-14850 | Insufficient Control of Network Message Volume (Network Amplification) vulnerability in multiple products A denial of service vulnerability was discovered in nbdkit 1.12.7, 1.14.1 and 1.15.1. | 2.6 |
2021-03-18 | CVE-2021-27656 | Missing Authorization vulnerability in Johnsoncontrols Exacqvision web Service A vulnerability in exacqVision Web Service 20.12.2.0 and prior could allow an unauthenticated attacker to view system-level information about the exacqVision Web Service and the operating system. | 5.0 |
2021-03-18 | CVE-2021-22665 | Uncontrolled Search Path Element vulnerability in Rockwellautomation Drivetools Add-On Profiles and Drivetools SP Rockwell Automation DriveTools SP v5.13 and below and Drives AOP v4.12 and below both contain a vulnerability that a local attacker with limited privileges may be able to exploit resulting in privilege escalation and complete control of the system. | 7.2 |
2021-03-18 | CVE-2020-14516 | Use of Password Hash With Insufficient Computational Effort vulnerability in Rockwellautomation Factorytalk Services Platform 6.10.00/6.11.00 In Rockwell Automation FactoryTalk Services Platform Versions 6.10.00 and 6.11.00, there is an issue with the implementation of the SHA-256 hashing algorithm with FactoryTalk Services Platform that prevents the user password from being hashed properly. | 7.5 |
2021-03-18 | CVE-2021-21383 | Cross-site Scripting vulnerability in Requarks Wiki.Js Wiki.js an open-source wiki app built on Node.js. | 3.5 |
2021-03-18 | CVE-2020-27827 | Resource Exhaustion vulnerability in multiple products A flaw was found in multiple versions of OpenvSwitch. | 7.5 |
2021-03-18 | CVE-2020-26155 | Incorrect Permission Assignment for Critical Resource vulnerability in Utimaco products Multiple files and folders in Utimaco SecurityServer 4.20.0.4 and 4.31.1.0. | 4.4 |
2021-03-18 | CVE-2021-28796 | Cross-site Scripting vulnerability in Increments Qiita::Markdown Increments Qiita::Markdown before 0.33.0 allows XSS in transformers. | 4.3 |
2021-03-18 | CVE-2021-28794 | Unspecified vulnerability in Shellcheck Project Shellcheck The unofficial ShellCheck extension before 0.13.4 for Visual Studio Code mishandles shellcheck.executablePath. | 7.5 |
2021-03-18 | CVE-2021-28792 | Unspecified vulnerability in Swift Development Environment Project Swift Development Environment The unofficial Swift Development Environment extension before 2.12.1 for Visual Studio Code allows remote attackers to execute arbitrary code by constructing a malicious workspace with a crafted sourcekit-lsp.serverPath, swift.languageServerPath, swift.path.sourcekite, swift.path.sourcekiteDockerMode, swift.path.swift_driver_bin, or swift.path.shell configuration value that triggers execution upon opening the workspace. | 6.8 |