Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-17 | CVE-2019-18233 | Cross-site Scripting vulnerability in Advantech Spectre RT Ert351 Firmware In Advantech Spectre RT Industrial Routers ERT351 5.1.3 and prior, the affected product does not neutralize special characters in the error response, allowing attackers to use a reflected XSS attack. | 4.3 |
| 2021-03-17 | CVE-2019-18231 | Cleartext Transmission of Sensitive Information vulnerability in Advantech Spectre RT Ert351 Firmware Advantech Spectre RT ERT351 Versions 5.1.3 and prior logins and passwords are transmitted in clear text form, which may allow an attacker to intercept the request. | 5.0 |
| 2021-03-17 | CVE-2020-17457 | Cross-site Scripting vulnerability in Fujitsu Serverview Remote Management Fujitsu ServerView Suite iRMC before 9.62F allows XSS. | 3.5 |
| 2021-03-17 | CVE-2021-28660 | Out-of-bounds Write vulnerability in multiple products rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the ->ssid[] array. | 8.8 |
| 2021-03-17 | CVE-2020-35456 | Cleartext Transmission of Sensitive Information vulnerability in Taidii Diibear 2.4.0 The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to view private chat messages and media files via logcat because of excessive logging. | 4.3 |
| 2021-03-17 | CVE-2020-35455 | Cleartext Storage of Sensitive Information vulnerability in Taidii Diibear 2.4.0 The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to obtain user credentials from Shared Preferences and the SQLite database because of insecure data storage. | 2.1 |
| 2021-03-17 | CVE-2020-35454 | Cleartext Storage of Sensitive Information vulnerability in Taidii Diibear 2.4.0 The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to obtain user credentials from an Android backup because of insecure application configuration. | 2.1 |
| 2021-03-17 | CVE-2021-27292 | Unspecified vulnerability in Ua-Parser-Js Project Ua-Parser-Js ua-parser-js >= 0.7.14, fixed in 0.7.24, uses a regular expression which is vulnerable to denial of service. | 5.0 |
| 2021-03-17 | CVE-2021-27291 | In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. | 7.5 |
| 2021-03-17 | CVE-2020-28873 | Use of Password Hash With Insufficient Computational Effort vulnerability in Fluxbb 1.5.11 Fluxbb 1.5.11 is affected by a denial of service (DoS) vulnerability by sending an extremely long password via the user login form. | 7.5 |