Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-18 | CVE-2021-27436 | Cross-site Scripting vulnerability in Advantech Webaccess/Scada WebAccess/SCADA Versions 9.0 and prior is vulnerable to cross-site scripting, which may allow an attacker to send malicious JavaScript code to an unsuspecting user, which could result in hijacking of the user’s cookie/session tokens, redirecting the user to a malicious webpage and performing unintended browser actions. | 4.3 |
| 2021-03-18 | CVE-2021-3416 | Infinite Loop vulnerability in multiple products A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. | 6.0 |
| 2021-03-18 | CVE-2021-27358 | The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of Service via a remote API call if a commonly used configuration is set. | 5.0 |
| 2021-03-18 | CVE-2021-25764 | Unspecified vulnerability in Jetbrains PHPstorm In JetBrains PhpStorm before 2020.3, source code could be added to debug logs. | 5.0 |
| 2021-03-18 | CVE-2020-9367 | Uncontrolled Search Path Element vulnerability in Zohocorp Manageengine Desktop Central 10.0.486 The MPS Agent in Zoho ManageEngine Desktop Central MSP build MSP build 10.0.486 is vulnerable to DLL Hijacking: dcinventory.exe and dcconfig.exe try to load CSUNSAPI.dll without supplying the complete path. | 6.9 |
| 2021-03-18 | CVE-2020-36144 | Injection vulnerability in Redash 8.0.0 Redash 8.0.0 is affected by LDAP Injection. | 4.3 |
| 2021-03-18 | CVE-2020-26886 | Improper Initialization vulnerability in Softaculous Softaculous before 5.5.7 is affected by a code execution vulnerability because of External Initialization of Trusted Variables or Data Stores. | 6.9 |
| 2021-03-18 | CVE-2020-26797 | Out-of-bounds Write vulnerability in multiple products Mediainfo before version 20.08 has a heap buffer overflow vulnerability via MediaInfoLib::File_Gxf::ChooseParser_ChannelGrouping. | 7.5 |
| 2021-03-18 | CVE-2019-14852 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Redhat 3Scale API Management 2.0 A flaw was found in 3scale’s APIcast gateway that enabled the TLS 1.0 protocol. | 5.0 |
| 2021-03-18 | CVE-2019-14851 | Reachable Assertion vulnerability in Nbdkit Project Nbdkit A denial of service vulnerability was discovered in nbdkit. | 3.5 |