Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-03-18 | CVE-2020-26155 | Incorrect Permission Assignment for Critical Resource vulnerability in Utimaco products Multiple files and folders in Utimaco SecurityServer 4.20.0.4 and 4.31.1.0. | 4.4 |
2021-03-18 | CVE-2021-28796 | Cross-site Scripting vulnerability in Increments Qiita::Markdown Increments Qiita::Markdown before 0.33.0 allows XSS in transformers. | 4.3 |
2021-03-18 | CVE-2021-28794 | Unspecified vulnerability in Shellcheck Project Shellcheck The unofficial ShellCheck extension before 0.13.4 for Visual Studio Code mishandles shellcheck.executablePath. | 7.5 |
2021-03-18 | CVE-2021-28792 | Unspecified vulnerability in Swift Development Environment Project Swift Development Environment The unofficial Swift Development Environment extension before 2.12.1 for Visual Studio Code allows remote attackers to execute arbitrary code by constructing a malicious workspace with a crafted sourcekit-lsp.serverPath, swift.languageServerPath, swift.path.sourcekite, swift.path.sourcekiteDockerMode, swift.path.swift_driver_bin, or swift.path.shell configuration value that triggers execution upon opening the workspace. | 6.8 |
2021-03-18 | CVE-2021-28791 | Unspecified vulnerability in Swiftformat Project Swiftformat The unofficial SwiftFormat extension before 1.3.7 for Visual Studio Code allows remote attackers to execute arbitrary code by constructing a malicious workspace with a crafted swiftformat.path configuration value that triggers execution upon opening the workspace. network swiftformat-project | 6.8 |
2021-03-18 | CVE-2021-28790 | Unspecified vulnerability in Swiftlint Project Swiftlint The unofficial SwiftLint extension before 1.4.5 for Visual Studio Code allows remote attackers to execute arbitrary code by constructing a malicious workspace with a crafted swiftlint.path configuration value that triggers execution upon opening the workspace. network swiftlint-project | 6.8 |
2021-03-18 | CVE-2021-28789 | Unspecified vulnerability in Apple-Swift-Format Project Apple-Swift-Format The unofficial apple/swift-format extension before 1.1.2 for Visual Studio Code allows remote attackers to execute arbitrary code by constructing a malicious workspace with a crafted apple-swift-format.path configuration value that triggers execution upon opening the workspace. network apple-swift-format-project | 6.8 |
2021-03-18 | CVE-2021-28145 | Cross-site Scripting vulnerability in Concretecms Concrete CMS Concrete CMS (formerly concrete5) before 8.5.5 allows remote authenticated users to conduct XSS attacks via a crafted survey block. | 3.5 |
2021-03-18 | CVE-2021-26216 | Cross-Site Request Forgery (CSRF) vulnerability in Seeddms SeedDMS 5.1.x is affected by cross-site request forgery (CSRF) in out.EditFolder.php. | 4.3 |
2021-03-18 | CVE-2021-26215 | Cross-Site Request Forgery (CSRF) vulnerability in Seeddms SeedDMS 5.1.x is affected by cross-site request forgery (CSRF) in out.EditDocument.php. | 4.3 |