Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-15 | CVE-2021-28363 | Improper Certificate Validation vulnerability in multiple products The urllib3 library 1.26.x before 1.26.4 for Python omits SSL certificate validation in some cases involving HTTPS to HTTPS proxies. | 6.5 |
| 2021-03-15 | CVE-2021-27949 | Cross-site Scripting vulnerability in Mybb Cross-site Scripting vulnerability in MyBB before 1.8.26 via Custom moderator tools. | 4.3 |
| 2021-03-15 | CVE-2021-27948 | SQL Injection vulnerability in Mybb SQL Injection vulnerability in MyBB before 1.8.26 via User Groups. | 6.5 |
| 2021-03-15 | CVE-2021-27947 | SQL Injection vulnerability in Mybb SQL Injection vulnerability in MyBB before 1.8.26 via the Copy Forum feature in Forum Management. | 6.5 |
| 2021-03-15 | CVE-2021-27946 | SQL Injection vulnerability in Mybb SQL Injection vulnerability in MyBB before 1.8.26 via poll vote count. | 6.5 |
| 2021-03-15 | CVE-2021-27890 | SQL Injection vulnerability in Mybb SQL Injection vulnerablity in MyBB before 1.8.26 via theme properties included in theme XML files. | 6.8 |
| 2021-03-15 | CVE-2021-22191 | Injection vulnerability in multiple products Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution via via packet injection or crafted capture file. | 6.8 |
| 2021-03-15 | CVE-2021-20286 | Reachable Assertion vulnerability in Redhat Libnbd A flaw was found in libnbd 1.7.3. | 4.0 |
| 2021-03-15 | CVE-2020-29556 | Path Traversal vulnerability in Getgrav Grav CMS The Backup functionality in Grav CMS through 1.7.0-rc.17 allows an authenticated attacker to read arbitrary local files on the underlying server by exploiting a path-traversal technique. | 2.1 |
| 2021-03-15 | CVE-2020-29555 | Path Traversal vulnerability in Getgrav Grav CMS The BackupDelete functionality in Grav CMS through 1.7.0-rc.17 allows an authenticated attacker to delete arbitrary files on the underlying server by exploiting a path-traversal technique. | 5.5 |