Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-18 | CVE-2019-14852 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Redhat 3Scale API Management 2.0 A flaw was found in 3scale’s APIcast gateway that enabled the TLS 1.0 protocol. | 5.0 |
| 2021-03-18 | CVE-2019-14851 | Reachable Assertion vulnerability in Nbdkit Project Nbdkit A denial of service vulnerability was discovered in nbdkit. | 3.5 |
| 2021-03-18 | CVE-2021-28160 | Cross-site Scripting vulnerability in Acexy Wireless-N Wifi Repeater Project Acexy Wireless-N Wifi Repeater Firmware 28.08.06.1 Wireless-N WiFi Repeater REV 1.0 (28.08.06.1) suffers from a reflected XSS vulnerability due to unsanitized SSID value when the latter is displayed in the /repeater.html page ("Repeater Wizard" homepage section). | 4.3 |
| 2021-03-18 | CVE-2021-1287 | Stack-based Buffer Overflow vulnerability in Cisco Rv132W Firmware and Rv134W Firmware A vulnerability in the web-based management interface of Cisco RV132W ADSL2+ Wireless-N VPN Routers and Cisco RV134W VDSL2 Wireless-AC VPN Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly. | 7.2 |
| 2021-03-18 | CVE-2020-35492 | Out-of-bounds Write vulnerability in Cairographics Cairo A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. | 7.8 |
| 2021-03-18 | CVE-2019-3867 | Insufficient Session Expiration vulnerability in Redhat Quay 2.0.0/3.0.0 A vulnerability was found in the Quay web application. | 4.4 |
| 2021-03-18 | CVE-2019-14850 | Insufficient Control of Network Message Volume (Network Amplification) vulnerability in multiple products A denial of service vulnerability was discovered in nbdkit 1.12.7, 1.14.1 and 1.15.1. | 2.6 |
| 2021-03-18 | CVE-2021-27656 | Missing Authorization vulnerability in Johnsoncontrols Exacqvision web Service A vulnerability in exacqVision Web Service 20.12.2.0 and prior could allow an unauthenticated attacker to view system-level information about the exacqVision Web Service and the operating system. | 5.0 |
| 2021-03-18 | CVE-2021-22665 | Uncontrolled Search Path Element vulnerability in Rockwellautomation Drivetools Add-On Profiles and Drivetools SP Rockwell Automation DriveTools SP v5.13 and below and Drives AOP v4.12 and below both contain a vulnerability that a local attacker with limited privileges may be able to exploit resulting in privilege escalation and complete control of the system. | 7.2 |
| 2021-03-18 | CVE-2020-14516 | Use of Password Hash With Insufficient Computational Effort vulnerability in Rockwellautomation Factorytalk Services Platform 6.10.00/6.11.00 In Rockwell Automation FactoryTalk Services Platform Versions 6.10.00 and 6.11.00, there is an issue with the implementation of the SHA-256 hashing algorithm with FactoryTalk Services Platform that prevents the user password from being hashed properly. | 7.5 |