Weekly Vulnerabilities Reports > January 25 to 31, 2021

Overview

301 new vulnerabilities reported during this period, including 47 critical vulnerabilities and 136 high severity vulnerabilities. This weekly summary report vulnerabilities in 363 products from 182 vendors including IBM, Debian, HPE, Apple, and Openldap. Vulnerabilities are notably categorized as "Cross-site Scripting", "Out-of-bounds Write", "Classic Buffer Overflow", "Path Traversal", and "OS Command Injection".

  • 228 reported vulnerabilities are remotely exploitables.
  • 18 reported vulnerabilities have public exploit available.
  • 96 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 169 reported vulnerabilities are exploitable by an anonymous user.
  • IBM has the most reported vulnerabilities, with 20 reported vulnerabilities.
  • Accfly has the most reported critical vulnerabilities, with 4 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

47 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2021-01-26 CVE-2020-6779 Bosch Use of Hard-coded Credentials vulnerability in Bosch Fsm-2500 Firmware and Fsm-5000 Firmware

Use of Hard-coded Credentials in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows an unauthenticated remote attacker to log into the database with admin-privileges.

10.0
2021-01-27 CVE-2021-25311 Wisc Path Traversal vulnerability in Wisc Htcondor

condor_credd in HTCondor before 8.9.11 allows Directory Traversal outside the SEC_CREDENTIAL_DIRECTORY_OAUTH directory, as demonstrated by creating a file under /etc that will later be executed by root.

9.9
2021-01-30 CVE-2020-15690 NIM Lang Injection vulnerability in Nim-Lang NIM

In Nim before 1.2.6, the standard library asyncftpclient lacks a check for whether a message contains a newline character.

9.8
2021-01-30 CVE-2020-15568 Terra Master Improper Control of Dynamically-Managed Code Resources vulnerability in Terra-Master TOS

TerraMaster TOS before 4.1.29 has Invalid Parameter Checking that leads to code injection as root.

9.8
2021-01-29 CVE-2020-29557 Dlink Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Dlink Dir-825 R1 Firmware 3.0.1

An issue was discovered on D-Link DIR-825 R1 devices through 3.0.1 before 2020-11-20.

9.8
2021-01-29 CVE-2021-3346 NIC Unspecified vulnerability in NIC Foris

Foris before 101.1.1, as used in Turris OS, lacks certain HTML escaping in the login template.

9.8
2021-01-29 CVE-2021-26305 CDR Project Use of Uninitialized Resource vulnerability in CDR Project CDR

An issue was discovered in Deserializer::read_vec in the cdr crate before 0.2.4 for Rust.

9.8
2021-01-28 CVE-2021-3160 ACA Deserialization of Untrusted Data vulnerability in ACA Assuweb 359.3

Deserialization of untrusted data in the login page of ASSUWEB 359.3 build 1 subcomponent of ACA ASSUREX RENTES product allows a remote attacker to inject unsecure serialized Java object using a specially crafted HTTP request, resulting in an unauthenticated remote code execution on the server.

9.8
2021-01-28 CVE-2020-4682 IBM Deserialization of Untrusted Data vulnerability in IBM MQ, MQ Appliance and Websphere MQ

IBM MQ 7.5, 8.0, 9.0, 9.1, 9.2 LTS, and 9.2 CD could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization of trusted data.

9.8
2021-01-28 CVE-2020-25785 Accfly Out-of-bounds Write vulnerability in Accfly 720P Firmware 3.10.73/4.15.77

An issue was discovered on Accfly Wireless Security IR Camera System 720P with software versions v3.10.73 through v4.15.77.

9.8
2021-01-28 CVE-2020-25784 Accfly Out-of-bounds Write vulnerability in Accfly 720P Firmware 3.10.73/4.15.77

An issue was discovered on Accfly Wireless Security IR Camera System 720P with software versions v3.10.73 through v4.15.77.

9.8
2021-01-28 CVE-2020-25783 Accfly Out-of-bounds Write vulnerability in Accfly 720P Firmware 3.10.73/4.15.77

An issue was discovered on Accfly Wireless Security IR Camera System 720P with software versions v3.10.73 through v4.15.77.

9.8
2021-01-28 CVE-2020-25782 Accfly Out-of-bounds Write vulnerability in Accfly 720P Firmware 3.10.73/4.15.77

An issue was discovered on Accfly Wireless Security IR Camera 720P System with software versions v3.10.73 through v4.15.77.

9.8
2021-01-27 CVE-2021-3331 Winscp Unspecified vulnerability in Winscp

WinSCP before 5.17.10 allows remote attackers to execute arbitrary programs when the URL handler encounters a crafted URL that loads session settings.

9.8
2021-01-27 CVE-2021-3325 Fibranet
Fedoraproject
Monitorix 3.13.0 allows remote attackers to bypass Basic Authentication in a default installation (i.e., an installation without a hosts_deny option).
9.8
2021-01-27 CVE-2020-23361 Phplist Unspecified vulnerability in PHPlist 3.5.3

phpList 3.5.3 allows type juggling for login bypass because == is used instead of === for password hashes, which mishandles hashes that begin with 0e followed by exclusively numerical characters.

9.8
2021-01-27 CVE-2020-23360 Oscommerce Incorrect Comparison vulnerability in Oscommerce 2.3.4.1

oscommerce v2.3.4.1 has a functional problem in user registration and password rechecking, where a non-identical password can bypass the checks in /catalog/admin/administrators.php and /catalog/password_reset.php

9.8
2021-01-27 CVE-2020-23359 Webidsupport Incorrect Comparison vulnerability in Webidsupport Webid 1.2.2

WeBid 1.2.2 admin/newuser.php has an issue with password rechecking during registration because it uses a loose comparison to check the identicalness of two passwords.

9.8
2021-01-26 CVE-2013-2512 Ftpd Project OS Command Injection vulnerability in Ftpd Project Ftpd 0.2.1

The ftpd gem 0.2.1 for Ruby allows remote attackers to execute arbitrary OS commands via shell metacharacters in a LIST or NLST command argument within FTP protocol traffic.

9.8
2021-01-26 CVE-2021-21278 Rsshub Unspecified vulnerability in Rsshub

RSSHub is an open source, easy to use, and extensible RSS feed generator.

9.8
2021-01-26 CVE-2020-27297 Honeywell Out-of-bounds Write vulnerability in Honeywell OPC UA Tunneller

The affected product is vulnerable to a heap-based buffer overflow, which may allow an attacker to manipulate memory with controlled values and remotely execute code on the OPC UA Tunneller (versions prior to 6.3.0.8233).

9.8
2021-01-26 CVE-2021-3304 Sagemcom Classic Buffer Overflow vulnerability in Sagemcom F@St 3686 Firmware 3.495

Sagemcom F@ST 3686 v2 3.495 devices have a buffer overflow via a long sessionKey to the goform/login URI.

9.8
2021-01-26 CVE-2021-3286 Spotweb Project SQL Injection vulnerability in Spotweb Project Spotweb 1.4.9

SQL injection exists in Spotweb 1.4.9 because the notAllowedCommands protection mechanism is inadequate, e.g., a variation of the payload may be used.

9.8
2021-01-26 CVE-2021-3278 Local Services Search Engine Management System Project SQL Injection vulnerability in Local Services Search Engine Management System Project Local Services Search Engine Management System 1.0

Local Service Search Engine Management System 1.0 has a vulnerability through authentication bypass using SQL injection .

9.8
2021-01-26 CVE-2021-3199 Onlyoffice Path Traversal vulnerability in Onlyoffice Document Server

Directory traversal with remote code execution can occur in /upload in ONLYOFFICE Document Server before 5.6.3, when JWT is used, via a /..

9.8
2021-01-26 CVE-2021-3193 Nagios Unspecified vulnerability in Nagios XI

Improper access and command validation in the Nagios Docker Config Wizard before 1.1.2, as used in Nagios XI through 5.7, allows an unauthenticated attacker to execute remote code as the apache user.

9.8
2021-01-26 CVE-2021-3190 Async GIT Project OS Command Injection vulnerability in Async-Git Project Async-Git

The async-git package before 1.13.2 for Node.js allows OS Command Injection via shell metacharacters, as demonstrated by git.reset and git.tag.

9.8
2021-01-26 CVE-2021-3188 Phplist Improper Neutralization of Formula Elements in a CSV File vulnerability in PHPlist 3.6.0

phpList 3.6.0 allows CSV injection, related to the email parameter, and /lists/admin/ exports.

9.8
2021-01-26 CVE-2021-3185 Freedesktop Out-of-bounds Write vulnerability in Freedesktop Gst-Plugins-Bad

A flaw was found in the gstreamer h264 component of gst-plugins-bad before v1.18.1 where when parsing a h264 header, an attacker could cause the stack to be smashed, memory corruption and possibly code execution.

9.8
2021-01-26 CVE-2021-25907 Containers Project Double Free vulnerability in Containers Project Containers

An issue was discovered in the containers crate before 0.9.11 for Rust.

9.8
2021-01-26 CVE-2021-25900 Servo Out-of-bounds Write vulnerability in Servo Smallvec

An issue was discovered in the smallvec crate before 0.6.14 and 1.x before 1.6.1 for Rust.

9.8
2021-01-26 CVE-2020-36199 Kaspersky OS Command Injection vulnerability in Kaspersky Tinycheck

TinyCheck before commits 9fd360d and ea53de8 was vulnerable to command injection due to insufficient checks of input parameters in several places.

9.8
2021-01-26 CVE-2020-35263 Egavilanmedia SQL Injection vulnerability in Egavilanmedia User Registration and Login System With Admin Panel 1.0

EgavilanMedia User Registration & Login System 1.0 is affected by SQL injection to the admin panel, which may allow arbitrary code execution.

9.8
2021-01-26 CVE-2020-28998 Mygeeni Use of Hard-coded Credentials vulnerability in Mygeeni Gnc-Cw013 Firmware 1.8.1

An issue was discovered on Geeni GNC-CW013 doorbell 1.8.1 devices.

9.8
2021-01-26 CVE-2020-28221 Schneider Electric Unspecified vulnerability in Schneider-Electric products

A CWE-20: Improper Input Validation vulnerability exists in EcoStruxure™ Operator Terminal Expert and Pro-face BLUE (version details in the notification) that could cause arbitrary code execution when the Ethernet Download feature is enable on the HMI.

9.8
2021-01-26 CVE-2020-27583 IBM Deserialization of Untrusted Data vulnerability in IBM Infosphere Information Server 8.5

IBM InfoSphere Information Server 8.5.0.0 is affected by deserialization of untrusted data which could allow remote unauthenticated attackers to execute arbitrary code.

9.8
2021-01-26 CVE-2020-27540 Company Improper Verification of Cryptographic Signature vulnerability in Company Cs-C2Shw Firmware 5.0.082.1

Bash injection vulnerability and bypass of signature verification in Rostelecom CS-C2SHW 5.0.082.1.

9.8
2021-01-26 CVE-2020-27539 Company Out-of-bounds Write vulnerability in Company Cs-C2Shw Firmware 5.0.082.1

Heap overflow with full parsing of HTTP respose in Rostelecom CS-C2SHW 5.0.082.1.

9.8
2021-01-26 CVE-2020-23448 Newbee Mall Project Use of Incorrectly-Resolved Name or Reference vulnerability in Newbee-Mall Project Newbee-Mall

newbee-mall all versions are affected by incorrect access control to remotely gain privileges through AdminLoginInterceptor.java.

9.8
2021-01-26 CVE-2020-23262 Mingsoft SQL Injection vulnerability in Mingsoft Mcms 5.0.0

An issue was discovered in ming-soft MCMS v5.0, where a malicious user can exploit SQL injection without logging in through /mcms/view.do.

9.8
2021-01-26 CVE-2020-20269 Caret Unspecified vulnerability in Caret

A specially crafted Markdown document could cause the execution of malicious JavaScript code in Caret Editor before 4.0.0-rc22.

9.8
2021-01-28 CVE-2020-35124 Acquia Cross-site Scripting vulnerability in Acquia Mautic

A cross-site scripting (XSS) vulnerability in the assets component of Mautic before 3.2.4 allows remote attackers to inject executable JavaScript through the Referer header of asset downloads.

9.6
2021-01-29 CVE-2020-35547 Mitel Unspecified vulnerability in Mitel Micollab

A library index page in NuPoint Messenger in Mitel MiCollab before 9.2 FP1 could allow an unauthenticated attacker to gain access (view and modify) to user data.

9.1
2021-01-26 CVE-2020-27299 Honeywell Out-of-bounds Read vulnerability in Honeywell OPC UA Tunneller

The affected product is vulnerable to an out-of-bounds read, which may allow an attacker to obtain and disclose sensitive data information or cause the device to crash on the OPC UA Tunneller (versions prior to 6.3.0.8233).

9.1
2021-01-26 CVE-2021-25905 BRA Project Use of Uninitialized Resource vulnerability in BRA Project BRA 0.1.0

An issue was discovered in the bra crate before 0.1.1 for Rust.

9.1
2021-01-26 CVE-2020-35270 Student Result Management System Project SQL Injection vulnerability in Student Result Management System Project Student Result Management System 1.0

Student Result Management System In PHP With Source Code is affected by SQL injection.

9.1
2021-01-25 CVE-2021-23901 Apache
Netapp
XXE vulnerability in multiple products

An XML external entity (XXE) injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions < 1.18.

9.1

136 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2021-01-29 CVE-2021-25646 Apache Unspecified vulnerability in Apache Druid

Apache Druid includes the ability to execute user-provided JavaScript code embedded in various types of requests.

8.8
2021-01-29 CVE-2020-29004 Mediawiki Cross-Site Request Forgery (CSRF) vulnerability in Mediawiki

The API in the Push extension for MediaWiki through 1.35 did not require an edit token in ApiPushBase.php and therefore facilitated a CSRF attack.

8.8
2021-01-29 CVE-2020-28405 Iris Unspecified vulnerability in Iris Star Practice Management 2019.2.0.6

An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an unauthorized user to change the privileges of any user of the application.

8.8
2021-01-29 CVE-2020-28403 Iris Cross-Site Request Forgery (CSRF) vulnerability in Iris Star 2019.2.0.6

A Cross-Site Request Forgery (CSRF) vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an attacker to change the privileges of any user of the application.

8.8
2021-01-29 CVE-2020-28402 Iris Unspecified vulnerability in Iris Star Practice Management 2019.2.0.6

An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an unauthorized user to access Launcher Configuration Panel.

8.8
2021-01-28 CVE-2019-25016 Opendoas Project Missing Initialization of Resource vulnerability in Opendoas Project Opendoas 6.6/6.6.1/6.8

In OpenDoas from 6.6 to 6.8 the users PATH variable was incorrectly inherited by authenticated executions if the authenticating rule allowed the user to execute any command.

8.8
2021-01-28 CVE-2020-4888 IBM Deserialization of Untrusted Data vulnerability in IBM Qradar Security Information and Event Manager

IBM QRadar SIEM 7.4.0 to 7.4.2 Patch 1 and 7.3.0 to 7.3.3 Patch 7 could allow a remote attacker to execute arbitrary commands on the system, caused by insecure deserialization of user-supplied content by the Java deserialization function.

8.8
2021-01-28 CVE-2020-13569 Open EMR Cross-Site Request Forgery (CSRF) vulnerability in Open-Emr Openemr 5.0.2

A cross-site request forgery vulnerability exists in the GACL functionality of OpenEMR 5.0.2 and development version 6.0.0 (commit babec93f600ff1394f91ccd512bcad85832eb6ce).

8.8
2021-01-28 CVE-2021-20621 Aterm Cross-Site Request Forgery (CSRF) vulnerability in Aterm Wg2600Hp2 Firmware and Wg2600Hp Firmware

Cross-site request forgery (CSRF) vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.

8.8
2021-01-28 CVE-2020-5626 Infoscience OS Command Injection vulnerability in Infoscience ELC Analytics and Logstorage

Logstorage version 8.0.0 and earlier, and ELC Analytics version 3.0.0 and earlier allow remote attackers to execute arbitrary OS commands via a specially crafted log file.

8.8
2021-01-27 CVE-2020-4952 IBM Unspecified vulnerability in IBM Security Guardium 11.2

IBM Security Guardium 11.2 could allow an authenticated user to gain root access due to improper access control.

8.8
2021-01-27 CVE-2021-25312 Wisc Missing Authentication for Critical Function vulnerability in Wisc Htcondor

HTCondor before 8.9.11 allows a user to submit a job as another user on the system, because of a flaw in the IDTOKENS authentication method.

8.8
2021-01-26 CVE-2021-3317 Klogserver OS Command Injection vulnerability in Klogserver Klog Server 2.4.1

KLog Server through 2.4.1 allows authenticated command injection.

8.8
2021-01-26 CVE-2021-3165 Missionlabs Incorrect Permission Assignment for Critical Resource vulnerability in Missionlabs Smartagent 3.1.0

SmartAgent 3.1.0 allows a ViewOnly attacker to create a SuperUser account via the /#/CampaignManager/users URI.

8.8
2021-01-26 CVE-2021-3164 Churchdesk Unrestricted Upload of File with Dangerous Type vulnerability in Churchdesk Churchrota 2.6.4

ChurchRota 2.6.4 is vulnerable to authenticated remote code execution.

8.8
2021-01-26 CVE-2021-25863 Open5Gs Improper Authentication vulnerability in Open5Gs 2.1.3

Open5GS 2.1.3 listens on 0.0.0.0:3000 and has a default password of 1423 for the admin account.

8.8
2021-01-26 CVE-2020-9492 Apache
Oracle
Incorrect Authorization vulnerability in multiple products

In Apache Hadoop 3.2.0 to 3.2.1, 3.0.0-alpha1 to 3.1.3, and 2.0.0-alpha to 2.10.0, WebHDFS client might send SPNEGO authorization header to remote URL without proper verification.

8.8
2021-01-26 CVE-2020-35576 TP Link OS Command Injection vulnerability in Tp-Link Tl-Wr841N Firmware

A Command Injection issue in the traceroute feature on TP-Link TL-WR841N V13 (JP) with firmware versions prior to 201216 allows authenticated users to execute arbitrary code as root via shell metacharacters, a different vulnerability than CVE-2018-12577.

8.8
2021-01-26 CVE-2020-35239 Cakefoundation Cross-Site Request Forgery (CSRF) vulnerability in Cakefoundation Cakephp

A vulnerability exists in CakePHP versions 4.0.x through 4.1.3.

8.8
2021-01-26 CVE-2020-24549 Openmaint Unrestricted Upload of File with Dangerous Type vulnerability in Openmaint

openMAINT before 1.1-2.4.2 allows remote authenticated users to run arbitrary JSP code on the underlying web server.

8.8
2021-01-26 CVE-2020-23826 Assaabloy OS Command Injection vulnerability in Assaabloy Yale Wipc-303W Firmware 2.21/2.31

The Yale WIPC-303W 2.21 through 2.31 camera is vulnerable to remote command execution (RCE) through command injection via the HTTP API.

8.8
2021-01-26 CVE-2020-23160 Pyres Unspecified vulnerability in Pyres Termod4 Firmware

Remote code execution in Pyrescom Termod4 time management devices before 10.04k allows authenticated remote attackers to arbitrary commands as root on the devices.

8.8
2021-01-25 CVE-2020-17532 Apache Deserialization of Untrusted Data vulnerability in Apache Java Chassis

When handler-router component is enabled in servicecomb-java-chassis, authenticated user may inject some data and cause arbitrary code execution.

8.8
2021-01-28 CVE-2020-35517 Qemu Unspecified vulnerability in Qemu

A flaw was found in qemu.

8.2
2021-01-26 CVE-2020-4949 IBM XXE vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data.

8.2
2021-01-29 CVE-2021-3336 Wolfssl Improper Certificate Validation vulnerability in Wolfssl

DoTls13CertificateVerify in tls13.c in wolfSSL before 4.7.0 does not cease processing for certain anomalous peer behavior (sending an ED22519, ED448, ECC, or RSA signature without the corresponding certificate).

8.1
2021-01-26 CVE-2021-3309 Wekan Project Improper Certificate Validation vulnerability in Wekan Project Wekan

packages/wekan-ldap/server/ldap.js in Wekan before 4.87 can process connections even though they are not authorized by the Certification Authority trust store,

8.1
2021-01-29 CVE-2021-3176 Mitel Improper Input Validation vulnerability in Mitel Businesscti Enterprise

The chat window of the Mitel BusinessCTI Enterprise (MBC-E) Client for Windows before 6.4.15 and 7.x before 7.1.2 could allow an attacker to gain access to user information by sending certain code, due to improper input validation of http links.

8.0
2021-01-29 CVE-2021-25138 HPE Classic Buffer Overflow vulnerability in HPE products

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice uploadsshkey function.

7.8
2021-01-29 CVE-2021-25137 HPE Classic Buffer Overflow vulnerability in HPE products

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice startflash_func function.

7.8
2021-01-29 CVE-2021-25136 HPE Classic Buffer Overflow vulnerability in HPE products

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setsolvideoremotestorage_func function.

7.8
2021-01-29 CVE-2021-25135 HPE Classic Buffer Overflow vulnerability in HPE products

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setsmtp_func function.

7.8
2021-01-29 CVE-2021-25134 HPE Classic Buffer Overflow vulnerability in HPE products

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setremoteimageinfo_func function.

7.8
2021-01-29 CVE-2021-25133 HPE Classic Buffer Overflow vulnerability in HPE products

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setradiusconfig_func function.

7.8
2021-01-29 CVE-2021-25132 HPE Classic Buffer Overflow vulnerability in HPE products

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setmediaconfig_func function.

7.8
2021-01-29 CVE-2021-25131 HPE Classic Buffer Overflow vulnerability in HPE products

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setfwimagelocation_func function.

7.8
2021-01-29 CVE-2021-25130 HPE Classic Buffer Overflow vulnerability in HPE products

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setactdir_func function.

7.8
2021-01-29 CVE-2021-25129 HPE Path Traversal vulnerability in HPE products

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice getvideodata_func function path traversal vulnerability.

7.8
2021-01-29 CVE-2021-25128 HPE Path Traversal vulnerability in HPE products

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice gethelpdata_func function path traversal vulnerability.

7.8
2021-01-29 CVE-2021-25127 HPE Classic Buffer Overflow vulnerability in HPE products

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice generatesslcertificate_func function.

7.8
2021-01-29 CVE-2021-25126 HPE Classic Buffer Overflow vulnerability in HPE products

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice downloadkvmjnlp_func function.

7.8
2021-01-29 CVE-2021-25125 HPE Path Traversal vulnerability in HPE products

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice delsolrecordedvideo_func function path traversal vulnerability.

7.8
2021-01-29 CVE-2021-25124 HPE Path Traversal vulnerability in HPE products

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice deletevideo_func function path traversal vulnerability.

7.8
2021-01-29 CVE-2021-3347 Linux
Debian
Fedoraproject
Use After Free vulnerability in multiple products

An issue was discovered in the Linux kernel through 5.10.11.

7.8
2021-01-29 CVE-2021-3345 Gnupg
Oracle
Out-of-bounds Write vulnerability in multiple products

_gcry_md_block_write in cipher/hash-common.c in Libgcrypt version 1.9.0 has a heap-based buffer overflow when the digest final function sets a large count value.

7.8
2021-01-29 CVE-2021-25123 HPE Classic Buffer Overflow vulnerability in HPE products

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice addlicense_func function.

7.8
2021-01-29 CVE-2020-35145 Acronis Uncontrolled Search Path Element vulnerability in Acronis True Image

Acronis True Image for Windows prior to 2021 Update 3 allowed local privilege escalation due to a DLL hijacking vulnerability in multiple components, aka an Untrusted Search Path issue.

7.8
2021-01-27 CVE-2021-22655 Fujielectric Out-of-bounds Read vulnerability in Fujielectric V-Server and V-Simulator

Multiple out-of-bounds read issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0).

7.8
2021-01-27 CVE-2021-22653 Fujielectric Out-of-bounds Write vulnerability in Fujielectric V-Server and V-Simulator

Multiple out-of-bounds write issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0).

7.8
2021-01-27 CVE-2021-22641 Fujielectric Out-of-bounds Write vulnerability in Fujielectric V-Server and V-Simulator

A heap-based buffer overflow issue has been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0).

7.8
2021-01-27 CVE-2021-22639 Fujielectric Access of Uninitialized Pointer vulnerability in Fujielectric V-Server and V-Simulator

An uninitialized pointer issue has been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0).

7.8
2021-01-27 CVE-2021-22637 Fujielectric Out-of-bounds Write vulnerability in Fujielectric V-Server and V-Simulator

Multiple stack-based buffer overflow issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0).

7.8
2021-01-27 CVE-2021-25247 Trendmicro Uncontrolled Search Path Element vulnerability in Trendmicro Housecall for Home Networks 5.3.0.1063

A DLL hijacking vulnerability Trend Micro HouseCall for Home Networks version 5.3.1063 and below could allow an attacker to use a malicious DLL to escalate privileges and perform arbitrary code execution.

7.8
2021-01-26 CVE-2021-3156 Sudo Project
Fedoraproject
Debian
Netapp
Mcafee
Synology
Beyondtrust
Oracle
Off-by-one Error vulnerability in multiple products

Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.

7.8
2021-01-26 CVE-2021-22159 Proofpoint Missing Authentication for Critical Function vulnerability in Proofpoint Insider Threat Management

Insider Threat Management Windows Agent Local Privilege Escalation Vulnerability The Proofpoint Insider Threat Management (formerly ObserveIT) Agent for Windows before 7.4.3, 7.5.4, 7.6.5, 7.7.5, 7.8.4, 7.9.3, 7.10.2, and 7.11.0.25 as well as versions 7.3 and earlier is missing authentication for a critical function, which allows a local authenticated Windows user to run arbitrary commands with the privileges of the Windows SYSTEM user.

7.8
2021-01-26 CVE-2021-3297 Zyxel Improper Authentication vulnerability in Zyxel Nbg2105 Firmware V1.00(Aagu.2)C0

On Zyxel NBG2105 V1.00(AAGU.2)C0 devices, setting the login cookie to 1 provides administrator access.

7.8
2021-01-26 CVE-2021-26026 Acdsee Incorrect Authorization vulnerability in Acdsee Photo Studio 2021 14.0

PlugIns\IDE_ACDStd.apl in ACDSee Professional 2021 14.0 1721 has a User Mode Write Access Violation starting at IDE_ACDStd!JPEGTransW+0x000000000000c7f4 via a crafted BMP image.

7.8
2021-01-26 CVE-2021-26025 Acdsee Incorrect Authorization vulnerability in Acdsee Photo Studio 2021 14.0

PlugIns\IDE_ACDStd.apl in ACDSee Professional 2021 14.0 1721 has a User Mode Write Access Violation starting at IDE_ACDStd!zlibVersion+0x0000000000004e5e via a crafted BMP image.

7.8
2021-01-26 CVE-2021-22698 Schneider Electric Unspecified vulnerability in Schneider-Electric Ecostruxure Power Build - Rapsody 2.1.13

A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software (V2.1.13 and prior) that could allow a stack-based buffer overflow to occur which could result in remote code execution when a malicious SSD file is uploaded and improperly parsed.

7.8
2021-01-26 CVE-2021-22697 Schneider Electric Unspecified vulnerability in Schneider-Electric Ecostruxure Power Build - Rapsody 2.1.13

A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software (V2.1.13 and prior) that could allow a use-after-free condition which could result in remote code execution when a malicious SSD file is uploaded and improperly parsed.

7.8
2021-01-26 CVE-2020-36210 Autorand Project Use of Uninitialized Resource vulnerability in Autorand Project Autorand

An issue was discovered in the autorand crate before 0.2.3 for Rust.

7.8
2021-01-26 CVE-2020-36208 Conquer Once Project Improper Synchronization vulnerability in Conquer-Once Project Conquer-Once 0.3.0/0.3.1

An issue was discovered in the conquer-once crate before 0.3.2 for Rust.

7.8
2021-01-26 CVE-2020-35845 Faststone Out-of-bounds Write vulnerability in Faststone Image Viewer 7.5

FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted image file) at FSViewer.exe+0x96cf.

7.8
2021-01-26 CVE-2020-35844 Faststone Out-of-bounds Write vulnerability in Faststone Image Viewer 7.5

FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted image file) at FSViewer.exe+0xbe9c4.

7.8
2021-01-26 CVE-2020-27814 Uclouvain
Debian
A heap-buffer overflow was found in the way openjpeg2 handled certain PNG format files.
7.8
2021-01-26 CVE-2020-27288 Deltaww Out-of-bounds Write vulnerability in Deltaww Tpeditor

An untrusted pointer dereference has been identified in the way TPEditor(v1.98 and prior) processes project files, allowing an attacker to craft a special project file that may permit arbitrary code execution.

7.8
2021-01-26 CVE-2020-27284 Deltaww Out-of-bounds Write vulnerability in Deltaww Tpeditor

TPEditor (v1.98 and prior) is vulnerable to two out-of-bounds write instances in the way it processes project files, allowing an attacker to craft a special project file that may permit arbitrary code execution.

7.8
2021-01-26 CVE-2020-27280 Deltaww Use After Free vulnerability in Deltaww Ispsoft

A use after free issue has been identified in the way ISPSoft(v3.12 and prior) processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution.

7.8
2021-01-26 CVE-2020-25737 Hackolade Unspecified vulnerability in Hackolade

An elevation of privilege vulnerability exists in Hackolade versions prior 4.2.0 on Windows has an issue in specific deployment scenarios that could allow local users to gain elevated privileges during an uninstall of the application.

7.8
2021-01-26 CVE-2020-25173 Reolink Use of Hard-coded Credentials vulnerability in Reolink products

An attacker with local network access can obtain a fixed cryptography key which may allow for further compromise of Reolink P2P cameras outside of local network access

7.8
2021-01-26 CVE-2020-16236 Panasonic Out-of-bounds Read vulnerability in Panasonic Fpwin PRO

FPWIN Pro is vulnerable to an out-of-bounds read vulnerability when a user opens a maliciously crafted project file, which may allow an attacker to remotely execute arbitrary code.

7.8
2021-01-25 CVE-2021-21272 Deislabs Link Following vulnerability in Deislabs Oras

ORAS is open source software which enables a way to push OCI Artifacts to OCI Conformant registries.

7.7
2021-01-29 CVE-2021-20586 Mitsubishielectric Unspecified vulnerability in Mitsubishielectric products

Resource management errors vulnerability in a robot controller of MELFA FR Series(controller "CR800-*V*D" of RV-*FR***-D-* all versions, controller "CR800-*HD" of RH-*FRH***-D-* all versions, controller "CR800-*HRD" of RH-*FRHR***-D-* all versions, controller "CR800-*V*R with R16RTCPU" of RV-*FR***-R-* all versions, controller "CR800-*HR with R16RTCPU" of RH-*FRH***-R-* all versions, controller "CR800-*HRR with R16RTCPU" of RH-*FRHR***-R-* all versions, controller "CR800-*V*Q with Q172DSRCPU" of RV-*FR***-Q-* all versions, controller "CR800-*HQ with Q172DSRCPU" of RH-*FRH***-Q-* all versions, controller "CR800-*HRQ with Q172DSRCPU" of RH-*FRHR***-Q-* all versions) and a robot controller of MELFA CR Series(controller "CR800-CVD" of RV-8CRL-D-* all versions, controller "CR800-CHD" of RH-*CRH**-D-* all versions) as well as a cooperative robot ASSISTA(controller "CR800-05VD" of RV-5AS-D-* all versions) allows a remote unauthenticated attacker to cause a DoS of the execution of the robot program and the Ethernet communication by sending a large amount of packets in burst over a short period of time.

7.5
2021-01-29 CVE-2021-25909 Zivautomation Resource Exhaustion vulnerability in Zivautomation 4Cct-Ea6-334126Bf Firmware 3.23.80.27.36371

ZIV Automation 4CCT-EA6-334126BF firmware version 3.23.80.27.36371, allows an unauthenticated, remote attacker to cause a denial of service condition on the device.

7.5
2021-01-29 CVE-2020-29005 Mediawiki Insufficiently Protected Credentials vulnerability in Mediawiki

The API in the Push extension for MediaWiki through 1.35 used cleartext for ApiPush credentials, allowing for potential information disclosure.

7.5
2021-01-29 CVE-2021-26308 Marc Project Unspecified vulnerability in Marc Project Marc 1.3.0

An issue was discovered in the marc crate before 2.0.0 for Rust.

7.5
2021-01-29 CVE-2021-26306 RAW Cpuid Project Unspecified vulnerability in Raw-Cpuid Project Raw-Cpuid

An issue was discovered in the raw-cpuid crate before 9.0.0 for Rust.

7.5
2021-01-29 CVE-2021-3341 Dh2I Path Traversal vulnerability in Dh2I Dxenterprise and Dxodyssey

A path traversal vulnerability in the DxWebEngine component of DH2i DxEnterprise and DxOdyssey for Windows, version 19.5 through 20.x before 20.0.219.0, allows an attacker to read any file on the host file system via an HTTP request.

7.5
2021-01-28 CVE-2021-3337 Hide Thread Content Project Incorrect Authorization vulnerability in Hide Thread Content Project Hide Thread Content 1.0

The Hide-Thread-Content plugin through 2021-01-27 for MyBB allows remote attackers to bypass intended content-reading restrictions by clicking on reply or quote in the postbit.

7.5
2021-01-27 CVE-2021-3326 GNU
Netapp
Oracle
Fujitsu
Debian
Reachable Assertion vulnerability in multiple products

The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.

7.5
2021-01-27 CVE-2021-26118 Apache
Netapp
While investigating ARTEMIS-2964 it was found that the creation of advisory messages in the OpenWire protocol head of Apache ActiveMQ Artemis 2.15.0 bypassed policy based access control for the entire session.
7.5
2021-01-27 CVE-2021-26117 Apache
Netapp
Debian
Oracle
Improper Authentication vulnerability in multiple products

The optional ActiveMQ LDAP login module can be configured to use anonymous access to the LDAP server.

7.5
2021-01-27 CVE-2020-23356 Nibbleblog Unspecified vulnerability in Nibbleblog 3.7.1C

dmin/kernel/api/login.class.phpin in nibbleblog v3.7.1c allows type juggling for login bypass because == is used instead of === for password hashes, which mishandles hashes that begin with 0e followed by exclusively numerical characters.

7.5
2021-01-27 CVE-2020-23355 Codiad Unspecified vulnerability in Codiad 2.8.4

** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Codiad 2.8.4 /componetns/user/class.user.php:Authenticate() is vulnerable in magic hash authentication bypass.

7.5
2021-01-27 CVE-2020-23352 Zblogcn Unspecified vulnerability in Zblogcn Z-Blogphp 1.6.0

Z-BlogPHP 1.6.0 Valyria is affected by incorrect access control.

7.5
2021-01-26 CVE-2020-23776 Winmail Project Server-Side Request Forgery (SSRF) vulnerability in Winmail Project Winmail 6.5

A SSRF vulnerability exists in Winmail 6.5 in app.php in the key parameter when HTTPS is on.

7.5
2021-01-26 CVE-2020-27295 Honeywell Resource Exhaustion vulnerability in Honeywell OPC UA Tunneller

The affected product has uncontrolled resource consumption issues, which may allow an attacker to cause a denial-of-service condition on the OPC UA Tunneller (versions prior to 6.3.0.8233).

7.5
2021-01-26 CVE-2020-27274 Honeywell Improper Check for Unusual or Exceptional Conditions vulnerability in Honeywell OPC UA Tunneller

Some parsing functions in the affected product do not check the return value of malloc and the thread handling the message is forced to close, which may lead to a denial-of-service condition on the OPC UA Tunneller (versions prior to 6.3.0.8233).

7.5
2021-01-26 CVE-2020-13582 Silabs NULL Pointer Dereference vulnerability in Silabs Micrium Uc-Http 3.01.00

A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00.

7.5
2021-01-26 CVE-2021-3223 Nodered Path Traversal vulnerability in Nodered Node-Red-Dashboard

Node-RED-Dashboard before 2.26.2 allows ui_base/js/..%2f directory traversal to read files.

7.5
2021-01-26 CVE-2021-3195 Bitcoin Improper Input Validation vulnerability in Bitcoin Core

bitcoind in Bitcoin Core through 0.21.0 can create a new file in an arbitrary directory (e.g., outside the ~/.bitcoin directory) via a dumpwallet RPC call.

7.5
2021-01-26 CVE-2021-3115 Golang
Fedoraproject
Netapp
Uncontrolled Search Path Element vulnerability in multiple products

Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the "go get" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).

7.5
2021-01-26 CVE-2021-26267 Cpanel Unspecified vulnerability in Cpanel

cPanel before 92.0.9 allows a MySQL user (who has an old-style password hash) to bypass suspension (SEC-579).

7.5
2021-01-26 CVE-2021-26266 Cpanel Unspecified vulnerability in Cpanel

cPanel before 92.0.9 allows a Reseller to bypass the suspension lock (SEC-578).

7.5
2021-01-26 CVE-2021-25908 FIL OCL Project Double Free vulnerability in Fil-Ocl Project Fil-Ocl

An issue was discovered in the fil-ocl crate through 2021-01-04 for Rust.

7.5
2021-01-26 CVE-2021-25906 Basic DSP Matrix Project Unspecified vulnerability in Basic DSP Matrix Project Basic DSP Matrix

An issue was discovered in the basic_dsp_matrix crate before 0.9.2 for Rust.

7.5
2021-01-26 CVE-2021-25904 AV Data Project NULL Pointer Dereference vulnerability in Av-Data Project Av-Data

An issue was discovered in the av-data crate before 0.3.0 for Rust.

7.5
2021-01-26 CVE-2021-25903 Cache Project NULL Pointer Dereference vulnerability in Cache Project Cache

An issue was discovered in the cache crate through 2021-01-01 for Rust.

7.5
2021-01-26 CVE-2021-25902 Glsl Layout Project Unspecified vulnerability in Glsl-Layout Project Glsl-Layout

An issue was discovered in the glsl-layout crate before 0.4.0 for Rust.

7.5
2021-01-26 CVE-2021-25864 Dgtl Path Traversal vulnerability in Dgtl Huemagic 3.0.0

node-red-contrib-huemagic 3.0.0 is affected by hue/assets/..%2F Directory Traversal.in the res.sendFile API, used in file hue-magic.js, to fetch an arbitrary file.

7.5
2021-01-26 CVE-2021-21723 ZTE Memory Leak vulnerability in ZTE products

Some ZTE products have a DoS vulnerability.

7.5
2021-01-26 CVE-2020-8295 Nextcloud Resource Exhaustion vulnerability in Nextcloud Server

A wrong check in Nextcloud Server 19 and prior allowed to perform a denial of service attack when resetting the password for a user.

7.5
2021-01-26 CVE-2020-36230 Openldap
Debian
Apple
Apache
Reachable Assertion vulnerability in multiple products

A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service.

7.5
2021-01-26 CVE-2020-36229 Openldap
Debian
Apple
Type Confusion vulnerability in multiple products

A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in ad_keystring, resulting in denial of service.

7.5
2021-01-26 CVE-2020-36228 Openldap
Debian
Apple
Integer Underflow (Wrap or Wraparound) vulnerability in multiple products

An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service.

7.5
2021-01-26 CVE-2020-36227 Openldap
Debian
Apple
Infinite Loop vulnerability in multiple products

A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service.

7.5
2021-01-26 CVE-2020-36226 Openldap
Debian
Apple
A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch->bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service.
7.5
2021-01-26 CVE-2020-36225 Openldap
Debian
Apple
Double Free vulnerability in multiple products

A flaw was discovered in OpenLDAP before 2.4.57 leading to a double free and slapd crash in the saslAuthzTo processing, resulting in denial of service.

7.5
2021-01-26 CVE-2020-36224 Openldap
Debian
Apple
Release of Invalid Pointer or Reference vulnerability in multiple products

A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service.

7.5
2021-01-26 CVE-2020-36223 Openldap
Debian
Apple
Double Free vulnerability in multiple products

A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read).

7.5
2021-01-26 CVE-2020-36222 Openldap
Debian
Apple
Reachable Assertion vulnerability in multiple products

A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service.

7.5
2021-01-26 CVE-2020-36221 Openldap
Debian
Apple
Integer Underflow (Wrap or Wraparound) vulnerability in multiple products

An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck).

7.5
2021-01-26 CVE-2020-36215 Hashconsing Project Improper Synchronization vulnerability in Hashconsing Project Hashconsing

An issue was discovered in the hashconsing crate before 1.1.0 for Rust.

7.5
2021-01-26 CVE-2020-36213 ABI Stable Project Unspecified vulnerability in ABI Stable Project ABI Stable

An issue was discovered in the abi_stable crate before 0.9.1 for Rust.

7.5
2021-01-26 CVE-2020-36212 ABI Stable Project Unspecified vulnerability in ABI Stable Project ABI Stable

An issue was discovered in the abi_stable crate before 0.9.1 for Rust.

7.5
2021-01-26 CVE-2020-36201 Xerox Use of a Broken or Risky Cryptographic Algorithm vulnerability in Xerox products

An issue was discovered in certain Xerox WorkCentre products.

7.5
2021-01-26 CVE-2020-28874 Projectsend Improper Resource Shutdown or Release vulnerability in Projectsend

reset-password.php in ProjectSend before r1295 allows remote attackers to reset a password because of incorrect business logic.

7.5
2021-01-26 CVE-2020-27541 Company Out-of-bounds Write vulnerability in Company Cs-C2Shw Firmware 5.0.082.1

Denial of Service vulnerability in Rostelecom CS-C2SHW 5.0.082.1.

7.5
2021-01-26 CVE-2020-25169 Reolink Cleartext Transmission of Sensitive Information vulnerability in Reolink products

The affected Reolink P2P products do not sufficiently protect data transferred between the local device and Reolink servers.

7.5
2021-01-26 CVE-2020-23449 Newbee Mall Project Authorization Bypass Through User-Controlled Key vulnerability in Newbee-Mall Project Newbee-Mall

newbee-mall all versions are affected by incorrect access control to remotely gain privileges through NewBeeMallIndexConfigServiceImpl.java.

7.5
2021-01-26 CVE-2020-23162 Pyres Use of a Broken or Risky Cryptographic Algorithm vulnerability in Pyres Termod4 Firmware

Sensitive information disclosure and weak encryption in Pyrescom Termod4 time management devices before 10.04k allows remote attackers to read a session-file and obtain plain-text user credentials.

7.5
2021-01-26 CVE-2020-0236 Google Out-of-bounds Read vulnerability in Google Android 10.0

In A2DP_GetCodecType of a2dp_codec_config, there is a possible out-of-bounds read due to improper input validation.

7.5
2021-01-28 CVE-2020-35754 Opensolution Code Injection vulnerability in Opensolution Quick.Cart and Quick.Cms

OpenSolution Quick.CMS < 6.7 and Quick.Cart < 6.7 allow an authenticated user to perform code injection (and consequently Remote Code Execution) via the input fields of the Language tab.

7.2
2021-01-28 CVE-2021-20187 Moodle Inclusion of Functionality from Untrusted Control Sphere vulnerability in Moodle

It was found in Moodle before version 3.10.1, 3.9.4, 3.8.7 and 3.5.16 that it was possible for site administrators to execute arbitrary PHP scripts via a PHP include used during Shibboleth authentication.

7.2
2021-01-27 CVE-2020-5427 Vmware SQL Injection vulnerability in VMWare Spring Cloud Data Flow

In Spring Cloud Data Flow, versions 2.6.x prior to 2.6.5, versions 2.5.x prior 2.5.4, an application is vulnerable to SQL injection when requesting task execution.

7.2
2021-01-26 CVE-2021-3291 ZEN Cart OS Command Injection vulnerability in Zen-Cart ZEN Cart 1.5.7B

Zen Cart 1.5.7b allows admins to execute arbitrary OS commands by inspecting an HTML radio input element (within the modules edit page) and inserting a command.

7.2
2021-01-26 CVE-2020-29001 Merkuryinnovations Cleartext Storage of Sensitive Information vulnerability in Merkuryinnovations products

An issue was discovered on Geeni GNC-CW028 Camera 2.7.2, Geeni GNC-CW025 Doorbell 2.9.5, Merkury MI-CW024 Doorbell 2.9.6, and Merkury MI-CW017 Camera 2.9.6 devices.

7.2
2021-01-26 CVE-2020-29000 Mygeeni Unspecified vulnerability in Mygeeni Gnc-Cw013 Firmware 1.8.1

An issue was discovered on Geeni GNC-CW013 doorbell 1.8.1 devices.

7.2
2021-01-26 CVE-2020-28999 Mygeeni Use of Hard-coded Credentials vulnerability in Mygeeni Gnc-Cw013 Firmware 1.8.1

An issue was discovered in Apexis Streaming Video Web Application on Geeni GNC-CW013 doorbell 1.8.1 devices.

7.2
2021-01-26 CVE-2020-22643 Feehi Unrestricted Upload of File with Dangerous Type vulnerability in Feehi CMS 2.1.0

Feehi CMS 2.1.0 is affected by an arbitrary file upload vulnerability, potentially resulting in remote code execution.

7.2
2021-01-26 CVE-2021-1070 Nvidia Unspecified vulnerability in Nvidia Linux for Tegra R21.6/R24.2.2

NVIDIA Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano and Nano 2GB, L4T versions prior to 32.5, contains a vulnerability in the apply_binaries.sh script used to install NVIDIA components into the root file system image, in which improper access control is applied, which may lead to an unprivileged user being able to modify system device tree files, leading to denial of service.

7.1
2021-01-30 CVE-2020-14418 Morphisec
Madshi
Cisco
Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products

A TOCTOU vulnerability exists in madCodeHook before 2020-07-16 that allows local attackers to elevate their privileges to SYSTEM.

7.0
2021-01-26 CVE-2020-36211 Devolutions Improper Synchronization vulnerability in Devolutions Gfwx 0.1.0/0.2.0

An issue was discovered in the gfwx crate before 0.3.0 for Rust.

7.0
2021-01-26 CVE-2020-36209 Late Static Project Unspecified vulnerability in Late-Static Project Late-Static 0.1.0/0.2.0/0.3.0

An issue was discovered in the late-static crate before 0.4.0 for Rust.

7.0
2021-01-26 CVE-2020-36207 Aovec Project Improper Synchronization vulnerability in Aovec Project Aovec 20201210

An issue was discovered in the aovec crate through 2020-12-10 for Rust.

7.0
2021-01-26 CVE-2020-36206 Rusb Project Improper Synchronization vulnerability in Rusb Project Rusb

An issue was discovered in the rusb crate before 0.7.0 for Rust.

7.0

115 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2021-01-26 CVE-2020-27542 Company OS Command Injection vulnerability in Company Cs-C2Shw Firmware 5.0.082.1

Rostelecom CS-C2SHW 5.0.082.1 is affected by: Bash command injection.

6.8
2021-01-29 CVE-2021-21254 Ckeditor Unspecified vulnerability in Ckeditor Ckeditor5

CKEditor 5 is an open source rich text editor framework with a modular architecture.

6.5
2021-01-29 CVE-2020-24665 Hitachi XML Entity Expansion vulnerability in Hitachi Vantara Pentaho 7.0.0/8.0.0

The Dashboard Editor in Hitachi Vantara Pentaho through 7.x - 8.x contains an XML Entity Expansion injection vulnerability, which allows an authenticated remote users to trigger a denial of service (DoS) condition.

6.5
2021-01-29 CVE-2021-25910 Zivautomation Improper Authentication vulnerability in Zivautomation 4Cct-Ea6-334126Bf Firmware 3.23.77.8.33251

Improper Authentication vulnerability in the cookie parameter of ZIV AUTOMATION 4CCT-EA6-334126BF allows a local attacker to perform modifications in several parameters of the affected device as an authenticated user.

6.5
2021-01-29 CVE-2020-35652 Digium Unspecified vulnerability in Digium Asterisk

An issue was discovered in res_pjsip_diversion.c in Sangoma Asterisk before 13.38.0, 14.x through 16.x before 16.15.0, 17.x before 17.9.0, and 18.x before 18.1.0.

6.5
2021-01-29 CVE-2020-29604 Mantisbt Missing Authorization vulnerability in Mantisbt

An issue was discovered in MantisBT before 2.24.4.

6.5
2021-01-29 CVE-2020-28406 Iris Unspecified vulnerability in Iris Star Practice Management 2019.2.0.6

An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an unauthorized user to access details about jobs he should not have access to via the Audit Trail Feature.

6.5
2021-01-29 CVE-2020-28404 Iris Unspecified vulnerability in Iris Star Practice Management 2019.2.0.6

An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an unauthorized user to access the Billing page without the appropriate privileges.

6.5
2021-01-29 CVE-2020-28401 Iris Unspecified vulnerability in Iris Star Practice Management 2019.2.0.6

An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an unauthorized user to access WIP details about jobs he should not have access to.

6.5
2021-01-29 CVE-2019-25014 Istio
Redhat
NULL Pointer Dereference vulnerability in multiple products

A NULL pointer dereference was found in pkg/proxy/envoy/v2/debug.go getResourceVersion in Istio pilot before 1.5.0-alpha.0.

6.5
2021-01-28 CVE-2020-26272 Electronjs Unspecified vulnerability in Electronjs Electron

The Electron framework lets you write cross-platform desktop applications using JavaScript, HTML and CSS.

6.5
2021-01-27 CVE-2020-4789 IBM Path Traversal vulnerability in IBM Qradar Security Information and Event Manager

IBM QRadar SIEM 7.4.2 GA to 7.4.2 Patch 1, 7.4.0 to 7.4.1 Patch 1, and 7.3.0 to 7.3.3 Patch 5 could allow a remote attacker to traverse directories on the system.

6.5
2021-01-26 CVE-2021-26272 Ckeditor
Oracle
Inclusion of Functionality from Untrusted Control Sphere vulnerability in multiple products

It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted URL-like text into the editor, and then press Enter or Space (in the Autolink plugin).

6.5
2021-01-26 CVE-2021-26271 Ckeditor
Oracle
Inclusion of Functionality from Untrusted Control Sphere vulnerability in multiple products

It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted text into the Styles input of specific dialogs (in the Advanced Tab for Dialogs plugin).

6.5
2021-01-26 CVE-2021-21271 Tendermint Unspecified vulnerability in Tendermint 0.34.0/0.34.1/0.34.2

Tendermint Core is an open source Byzantine Fault Tolerant (BFT) middleware that takes a state transition machine - written in any programming language - and securely replicates it on many machines.

6.5
2021-01-26 CVE-2021-3114 Golang
Fedoraproject
Debian
Netapp
Incorrect Calculation vulnerability in multiple products

In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.

6.5
2021-01-26 CVE-2020-8293 Nextcloud Resource Exhaustion vulnerability in Nextcloud Server

A missing input validation in Nextcloud Server before 20.0.2, 19.0.5, 18.0.11 allows users to store unlimited data in workflow rules causing load and potential DDoS on later interactions and usage with those rules.

6.5
2021-01-26 CVE-2020-36200 Kaspersky Server-Side Request Forgery (SSRF) vulnerability in Kaspersky Tinycheck

TinyCheck before commits 9fd360d and ea53de8 allowed an authenticated attacker to send an HTTP GET request to the crafted URLs.

6.5
2021-01-26 CVE-2020-27298 Philips OS Command Injection vulnerability in Philips products

Philips Interventional Workspot (Release 1.3.2, 1.4.0, 1.4.1, 1.4.3, 1.4.5), Coronary Tools/Dynamic Coronary Roadmap/Stentboost Live (Release 1.0), ViewForum (Release 6.3V1L10).

6.5
2021-01-26 CVE-2020-23161 Pyres Path Traversal vulnerability in Pyres Termod4 Firmware

Local file inclusion in Pyrescom Termod4 time management devices before 10.04k allows authenticated remote attackers to traverse directories and read sensitive files via the Maintenance > Logs menu and manipulating the file-path in the URL.

6.5
2021-01-30 CVE-2020-17380 Qemu
Debian
Out-of-bounds Write vulnerability in multiple products

A heap-based buffer overflow was found in QEMU through 5.0.0 in the SDHCI device emulation support.

6.3
2021-01-29 CVE-2021-26303 Phpgurukul Cross-site Scripting vulnerability in PHPgurukul Daily Expense Tracker System 1.0

PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS via the user-profile.php Full Name field.

6.1
2021-01-28 CVE-2020-1723 Redhat
Keycloak Gatekeeper Project
Open Redirect vulnerability in multiple products

A flaw was found in Keycloak Gatekeeper (Louketo).

6.1
2021-01-28 CVE-2021-22875 Revive Adserver Cross-site Scripting vulnerability in Revive-Adserver Revive Adserver

Revive Adserver before 5.1.1 is vulnerable to a reflected XSS vulnerability in stats.php via the `setPerPage` parameter.

6.1
2021-01-28 CVE-2021-22874 Revive Adserver Cross-site Scripting vulnerability in Revive-Adserver Revive Adserver

Revive Adserver before 5.1.1 is vulnerable to a reflected XSS vulnerability in userlog-index.php via the `period_preset` parameter.

6.1
2021-01-28 CVE-2021-20622 Aterm Cross-site Scripting vulnerability in Aterm Wg2600Hp2 Firmware and Wg2600Hp Firmware

Cross-site scripting vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors.

6.1
2021-01-28 CVE-2021-20620 Aterm Cross-site Scripting vulnerability in Aterm Wg2600Hp Firmware

Cross-site scripting vulnerability in Aterm WF800HP firmware Ver1.0.9 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors.

6.1
2021-01-27 CVE-2021-3318 Dzzoffice Cross-site Scripting vulnerability in Dzzoffice

attach/ajax.php in DzzOffice through 2.02.1 allows XSS via the editorid parameter.

6.1
2021-01-27 CVE-2020-4820 IBM Cross-site Scripting vulnerability in IBM Cloud PAK for Security 1.4.0.0

IBM Cloud Pak for Security (CP4S) 1.4.0.0 is vulnerable to cross-site scripting.

6.1
2021-01-26 CVE-2020-23774 Winmail Project Cross-site Scripting vulnerability in Winmail Project Winmail 6.5

A reflected XSS vulnerability exists in tohtml/convert.php of Winmail 6.5, which can cause JavaScript code to be executed.

6.1
2021-01-26 CVE-2021-3186 Tenda Cross-site Scripting vulnerability in Tenda Ac1200 Firmware 15.03.06.47Multi

A Stored Cross-site scripting (XSS) vulnerability in /main.html Wifi Settings in Tenda AC5 AC1200 version V15.03.06.47_multi allows remote attackers to inject arbitrary web script or HTML via the Wifi Name parameter.

6.1
2021-01-26 CVE-2021-22873 Revive Adserver Open Redirect vulnerability in Revive-Adserver Revive Adserver

Revive Adserver before 5.1.0 is vulnerable to open redirects via the `dest`, `oadest`, and/or `ct0` parameters of the lg.php and ck.php delivery scripts.

6.1
2021-01-26 CVE-2021-22872 Revive Adserver Cross-site Scripting vulnerability in Revive-Adserver Revive Adserver

Revive Adserver before 5.1.0 is vulnerable to a reflected cross-site scripting (XSS) vulnerability via the publicly accessible afr.php delivery script.

6.1
2021-01-26 CVE-2020-36202 Rust Lang Cross-site Scripting vulnerability in Rust-Lang Async-H1

An issue was discovered in the async-h1 crate before 2.3.0 for Rust.

6.1
2021-01-26 CVE-2020-35753 Persis Cross-site Scripting vulnerability in Persis Human Resource Management Portal

The job posting recommendation form in Persis Human Resource Management Portal (Versions 17.2.00 through 17.2.35 and 19.0.00 through 19.0.20), when the "Recommend job posting" function is enabled, allows XSS via the SENDER parameter.

6.1
2021-01-26 CVE-2020-27735 Wftpserver Cross-site Scripting vulnerability in Wftpserver Wing FTP Server 6.4.4

An XSS issue was discovered in Wing FTP 6.4.4.

6.1
2021-01-26 CVE-2020-24085 Misp Cross-site Scripting vulnerability in Misp 2.4.128

A cross-site scripting (XSS) vulnerability exists in MISP v2.4.128 in app/Controller/UserSettingsController.php at SetHomePage() function.

6.1
2021-01-26 CVE-2020-23447 Newbee Mall Project Cross-site Scripting vulnerability in Newbee-Mall Project Newbee-Mall 1.0

newbee-mall 1.0 is affected by cross-site scripting in shop-cart/settle.

6.1
2021-01-26 CVE-2020-21146 Feehi Cross-site Scripting vulnerability in Feehi CMS 2.0.8

Feehi CMS 2.0.8 is affected by a cross-site scripting (XSS) vulnerability.

6.1
2021-01-27 CVE-2020-5428 Vmware SQL Injection vulnerability in VMWare Spring Cloud Task

In applications using Spring Cloud Task 2.2.4.RELEASE and below, may be vulnerable to SQL injection when exercising certain lookup queries in the TaskExplorer.

6.0
2021-01-27 CVE-2020-4816 IBM Missing Authorization vulnerability in IBM Cloud PAK for Security 1.4.0.0

IBM Cloud Pak for Security (CP4S) 1.4.0.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security.

5.9
2021-01-26 CVE-2020-36220 VA TS Project Improper Locking vulnerability in Va-Ts Project Va-Ts 0.0.1/0.0.2/0.0.3

An issue was discovered in the va-ts crate before 0.0.4 for Rust.

5.9
2021-01-26 CVE-2020-36219 Atomic Option Project Unspecified vulnerability in Atomic-Option Project Atomic-Option

An issue was discovered in the atomic-option crate through 2020-10-31 for Rust.

5.9
2021-01-26 CVE-2020-36218 Nonpolynomial Unspecified vulnerability in Nonpolynomial Buttplug

An issue was discovered in the buttplug crate before 1.0.4 for Rust.

5.9
2021-01-26 CVE-2020-36217 MAY Queue Project Improper Synchronization vulnerability in MAY Queue Project MAY Queue

An issue was discovered in the may_queue crate through 2020-11-10 for Rust.

5.9
2021-01-26 CVE-2020-36216 Petabi Improper Synchronization vulnerability in Petabi Eventio

An issue was discovered in Input<R> in the eventio crate before 0.5.1 for Rust.

5.9
2021-01-26 CVE-2020-36214 Multiqueue2 Project Unspecified vulnerability in Multiqueue2 Project Multiqueue2

An issue was discovered in the multiqueue2 crate before 0.1.7 for Rust.

5.9
2021-01-26 CVE-2020-17522 Apache Incorrect Permission Assignment for Critical Resource vulnerability in Apache Traffic Control

When ORT (now via atstccfg) generates ip_allow.config files in Apache Traffic Control 3.0.0 to 3.1.0 and 4.0.0 to 4.1.0, those files include permissions that allow bad actors to push arbitrary content into and remove arbitrary content from CDN cache servers.

5.8
2021-01-29 CVE-2021-26307 RAW Cpuid Project Unspecified vulnerability in Raw-Cpuid Project Raw-Cpuid

An issue was discovered in the raw-cpuid crate before 9.0.0 for Rust.

5.5
2021-01-28 CVE-2020-8585 Netapp Link Following vulnerability in Netapp Oncommand Unified Manager

OnCommand Unified Manager Core Package versions prior to 5.2.5 may disclose sensitive account information to unauthorized users via the use of PuTTY Link (plink).

5.5
2021-01-27 CVE-2021-25226 Trendmicro Resource Exhaustion vulnerability in Trendmicro Serverprotect 3.0

A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product.

5.5
2021-01-27 CVE-2021-25225 Trendmicro Resource Exhaustion vulnerability in Trendmicro Serverprotect 3.0

A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product.

5.5
2021-01-27 CVE-2021-25224 Trendmicro Resource Exhaustion vulnerability in Trendmicro Serverprotect 3.0

A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product.

5.5
2021-01-27 CVE-2021-3272 Jasper Project
Fedoraproject
Out-of-bounds Read vulnerability in multiple products

jp2_decode in jp2/jp2_dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is an invalid relationship between the number of channels and the number of image components.

5.5
2021-01-26 CVE-2021-1071 Nvidia Unspecified vulnerability in Nvidia Linux for Tegra R21.6/R24.2.2

NVIDIA Tegra kernel in Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano and Nano 2GB, all L4T versions prior to r32.5, contains a vulnerability in the INA3221 driver in which improper access control may lead to unauthorized users gaining access to system power usage data, which may lead to information disclosure.

5.5
2021-01-26 CVE-2021-3308 XEN
Fedoraproject
An issue was discovered in Xen 4.12.3 through 4.12.4 and 4.13.1 through 4.14.x.
5.5
2021-01-26 CVE-2020-36205 XCB Project Use After Free vulnerability in XCB Project XCB 20201210

An issue was discovered in the xcb crate through 2020-12-10 for Rust.

5.5
2021-01-26 CVE-2020-35843 Faststone Out-of-bounds Write vulnerability in Faststone Image Viewer 7.5

FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted image file) at FSViewer.exe+0x956e.

5.5
2021-01-26 CVE-2020-27098 Google Unspecified vulnerability in Google Android 11.0

In checkGrantUriPermission of UriGrantsManagerService.java, there is a possible way to access contacts due to a permissions bypass.

5.5
2021-01-26 CVE-2020-27097 Google Unspecified vulnerability in Google Android 11.0

In checkGrantUriPermission of UriGrantsManagerService.java, there is a possible permissions bypass.

5.5
2021-01-26 CVE-2020-26941 Eset Incorrect Default Permissions vulnerability in Eset products

A local (authenticated) low-privileged user can exploit a behavior in an ESET installer to achieve arbitrary file overwrite (deletion) of any file via a symlink, due to insecure permissions.

5.5
2021-01-29 CVE-2020-24670 Hitachi Cross-site Scripting vulnerability in Hitachi Vantara Pentaho 7.0.0/8.0.0

The Dashboard Editor in Hitachi Vantara Pentaho through 7.x - 8.x contains a reflected Cross-site scripting vulnerability, which allows an authenticated remote users to execute arbitrary JavaScript code.

5.4
2021-01-29 CVE-2020-24669 Hitachi Cross-site Scripting vulnerability in Hitachi Vantara Pentaho

The New Analysis Report in Hitachi Vantara Pentaho through 7.x - 8.x contains a DOM-based Cross-site scripting vulnerability, which allows an authenticated remote users to execute arbitrary JavaScript code.

5.4
2021-01-29 CVE-2020-24666 Hitachi Cross-site Scripting vulnerability in Hitachi Vantara Pentaho

The Analysis Report in Hitachi Vantara Pentaho through 7.x - 8.x contains a stored Cross-site scripting vulnerability, which allows an authenticated remote users to execute arbitrary JavaScript code.

5.4
2021-01-29 CVE-2020-24664 Hitachi Cross-site Scripting vulnerability in Hitachi Vantara Pentaho 7.0.0/8.0.0

The dashboard Editor in Hitachi Vantara Pentaho through 7.x - 8.x contains a reflected Cross-site scripting vulnerability, which allows an authenticated remote users to execute arbitrary JavaScript code.

5.4
2021-01-29 CVE-2020-29537 RSA Open Redirect vulnerability in RSA Archer

Archer before 6.8 P2 (6.8.0.2) is affected by an open redirect vulnerability.

5.4
2021-01-29 CVE-2020-29535 RSA Cross-site Scripting vulnerability in RSA Archer

Archer before 6.8 P4 (6.8.0.4) contains a stored XSS vulnerability.

5.4
2021-01-29 CVE-2021-3298 O DYN Cross-site Scripting vulnerability in O-Dyn Collabtive 3.1

Collabtive 3.1 allows XSS when an authenticated user enters an XSS payload into the address section of the profile edit page, aka the manageuser.php?action=edit address1 parameter.

5.4
2021-01-29 CVE-2021-26304 Phpgurukul Cross-site Scripting vulnerability in PHPgurukul Daily Expense Tracker System 1.0

PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS via the add-expense.php Item parameter.

5.4
2021-01-28 CVE-2020-36115 Egavilanmedia Cross-site Scripting vulnerability in Egavilanmedia PHPcrud 1.0

Stored Cross Site Scripting (XSS) vulnerability in EGavilan Media CRUD Operation with PHP, MySQL, Bootstrap, and Dompdf via First Name or Last Name parameter in the 'Add New Record Feature'.

5.4
2021-01-28 CVE-2020-1725 Redhat Incorrect Authorization vulnerability in Redhat Keycloak

A flaw was found in keycloak before version 13.0.0.

5.4
2021-01-28 CVE-2021-25647 Testes Codigo Cross-site Scripting vulnerability in Testes-Codigo Testes DE Codigo

Mobile application "Testes de Codigo" v11.3 and prior allows stored XSS by injecting a payload in the "feedback" message field causing it to be stored in the remote database and leading to its execution on client devices when loading the "feedback list", either by accessing the website directly or using the mobile application.

5.4
2021-01-28 CVE-2021-20186 Moodle Unspecified vulnerability in Moodle

It was found in Moodle before version 3.10.1, 3.9.4, 3.8.7 and 3.5.16 that if the TeX notation filter was enabled, additional sanitizing of TeX content was required to prevent the risk of stored XSS.

5.4
2021-01-28 CVE-2021-20183 Moodle Unspecified vulnerability in Moodle

It was found in Moodle before version 3.10.1 that some search inputs were vulnerable to reflected XSS due to insufficient escaping of search queries.

5.4
2021-01-27 CVE-2021-20357 IBM Cross-site Scripting vulnerability in IBM products

IBM Jazz Foundation products is vulnerable to cross-site scripting.

5.4
2021-01-27 CVE-2020-4865 IBM Cross-site Scripting vulnerability in IBM products

IBM Jazz Foundation products is vulnerable to cross-site scripting.

5.4
2021-01-27 CVE-2020-4855 IBM Cross-site Scripting vulnerability in IBM products

IBM Jazz Foundation products is vulnerable to cross-site scripting.

5.4
2021-01-27 CVE-2020-4547 IBM Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM products

IBM Jazz Foundation products could allow a remote attacker to hijack the clicking action of the victim.

5.4
2021-01-27 CVE-2020-4524 IBM Cross-site Scripting vulnerability in IBM products

IBM Jazz Foundation products is vulnerable to cross-site scripting.

5.4
2021-01-26 CVE-2021-21283 Flarum Unspecified vulnerability in Flarum Sticky 0.1.0

Flarum is an open source discussion platform for websites.

5.4
2021-01-26 CVE-2021-23272 Tibco Cross-site Scripting vulnerability in Tibco products

The Application Development Clients component of TIBCO Software Inc.'s TIBCO BPM Enterprise and TIBCO BPM Enterprise Distribution for TIBCO Silver Fabric contains a vulnerability that theoretically allows a low privileged attacker with network access to execute a Cross Site Scripting (XSS) attack on the affected system.

5.4
2021-01-26 CVE-2020-8292 Rocket Chat Cross-site Scripting vulnerability in Rocket.Chat

Rocket.Chat server before 3.9.0 is vulnerable to a self cross-site scripting (XSS) vulnerability via the drag & drop functionality in message boxes.

5.4
2021-01-26 CVE-2020-8288 Rocket Chat Cross-site Scripting vulnerability in Rocket.Chat

The `specializedRendering` function in Rocket.Chat server before 3.9.2 allows a cross-site scripting (XSS) vulnerability by way of the `value` parameter.

5.4
2021-01-26 CVE-2020-23014 Apfell Project Cross-site Scripting vulnerability in Apfell Project Apfell 1.4

APfell 1.4 is vulnerable to authenticated reflected cross-site scripting (XSS) in /apiui/command_ through the payloadtypes_callback function, which allows an attacker to steal remote admin/user session and/or adding new users to the administration panel.

5.4
2021-01-26 CVE-2019-25015 Openwrt Cross-site Scripting vulnerability in Openwrt

LuCI in OpenWrt 18.06.0 through 18.06.4 allows stored XSS via a crafted SSID.

5.4
2021-01-28 CVE-2021-20185 Moodle Allocation of Resources Without Limits or Throttling vulnerability in Moodle

It was found in Moodle before version 3.10.1, 3.9.4, 3.8.7 and 3.5.16 that messaging did not impose a character limit when sending messages, which could result in client-side (browser) denial of service for users receiving very large messages.

5.3
2021-01-28 CVE-2021-26067 Atlassian Information Exposure vulnerability in Atlassian Bamboo

Affected versions of Atlassian Bamboo allow an unauthenticated remote attacker to view a stack trace that may reveal the path for the home directory in disk and if certain files exists on the tmp directory, via a Sensitive Data Exposure vulnerability in the /chart endpoint.

5.3
2021-01-27 CVE-2021-26276 Godaddy Improper Control of Dynamically-Managed Code Resources vulnerability in Godaddy Node-Config-Shield 0.2.2

scripts/cli.js in the GoDaddy node-config-shield (aka Config Shield) package before 0.2.2 for Node.js calls eval when processing a set command.

5.3
2021-01-27 CVE-2020-4815 IBM Information Exposure vulnerability in IBM Cloud PAK for Security 1.4.0.0

IBM Cloud Pak for Security (CP4S) 1.4.0.0 could allow a remote user to obtain sensitive information from HTTP response headers that could be used in further attacks against the system.

5.3
2021-01-27 CVE-2020-4628 IBM Information Exposure Through an Error Message vulnerability in IBM Cloud PAK for Security 1.3.0.1/1.4.0.0

IBM Cloud Pak for Security (CP4S) 1.3.0.1 and 1.4.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.

5.3
2021-01-26 CVE-2021-3285 TI Improper Certificate Validation vulnerability in TI Code Composer Studio Intgrated Development Environment

jxbrowser in TI Code Composer Studio IDE 8.x through 10.x before 10.1.1 does not verify X.509 certificates for HTTPS.

5.3
2021-01-26 CVE-2021-3152 Home Assistant Path Traversal vulnerability in Home-Assistant

Home Assistant before 2021.1.3 does not have a protection layer that can help to prevent directory-traversal attacks against custom integrations.

5.3
2021-01-26 CVE-2021-25901 Lazy Init Project Out-of-bounds Read vulnerability in Lazy-Init Project Lazy-Init

An issue was discovered in the lazy-init crate through 2021-01-17 for Rust.

5.3
2021-01-26 CVE-2021-21615 Jenkins Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Jenkins

Jenkins 2.275 and LTS 2.263.2 allows reading arbitrary files using the file browser for workspaces and archived artifacts due to a time-of-check to time-of-use (TOCTOU) race condition.

5.3
2021-01-29 CVE-2020-29538 RSA Unspecified vulnerability in RSA Archer

Archer before 6.9 P1 (6.9.0.1) contains an improper access control vulnerability in an API.

4.9
2021-01-26 CVE-2020-6780 Bosch Use of Password Hash With Insufficient Computational Effort vulnerability in Bosch Fsm-2500 Firmware and Fsm-5000 Firmware

Use of Password Hash With Insufficient Computational Effort in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows a remote attacker with admin privileges to dump the credentials of other users and possibly recover their plain-text passwords by brute-forcing the MD5 hash.

4.9
2021-01-26 CVE-2020-35513 Linux
Redhat
A flaw incorrect umask during file or directory modification in the Linux kernel NFS (network file system) functionality was found in the way user create and delete object using NFSv4.2 or newer if both simultaneously accessing the NFS by the other process that is not using new NFSv4.2.
4.9
2021-01-27 CVE-2020-36012 Bdtask Cross-site Scripting vulnerability in Bdtask Multi-Store 1.0.0

Stored XSS vulnerability in BDTASK Multi-Store Inventory Management System 1.0 allows a local admin to inject arbitrary code via the Customer Name Field.

4.8
2021-01-26 CVE-2021-22871 Revive Adserver Cross-site Scripting vulnerability in Revive-Adserver Revive Adserver

Revive Adserver before 5.1.0 permits any user with a manager account to store possibly malicious content in the URL website property, which is then displayed unsanitized in the affiliate-preview.php tag generation screen, leading to a persistent cross-site scripting (XSS) vulnerability.

4.8
2021-01-26 CVE-2020-36011 Qdocs Cross-site Scripting vulnerability in Qdocs Smart Hospital 3.1

A cross-site scripting (XSS) issue in Add Patient Form in QDOCS Smart Hospital Management System 3.1 allows a remote attacker to inject arbitrary code via the Name, Guardian Name, Email, Address, Remarks, or Any Known Allergies field.

4.8
2021-01-26 CVE-2020-35854 Textpattern Cross-site Scripting vulnerability in Textpattern 4.8.4

Textpattern 4.8.4 is affected by cross-site scripting (XSS) in the Body parameter.

4.8
2021-01-26 CVE-2020-35853 4Homepages Cross-site Scripting vulnerability in 4Homepages 4Images 1.7.11

4images Image Gallery Management System 1.7.11 is affected by cross-site scripting (XSS) in the Image URL.

4.8
2021-01-26 CVE-2020-35309 Bakeshop Online Ordering System Project Cross-site Scripting vulnerability in Bakeshop Online Ordering System Project Bakeshop Online Ordering System 1.0

Bakeshop Online Ordering System in PHP/MySQLi 1.0 is affected by cross-site scripting (XSS) which allows remote attackers to inject an arbitrary web script or HTML in admin dashboard - "Categories".

4.8
2021-01-26 CVE-2020-29241 Online News Portal Project Cross-site Scripting vulnerability in Online News Portal Project Online News Portal 1.0

Online News Portal using PHP/MySQLi 1.0 is affected by cross-site scripting (XSS) which allows remote attackers to inject an arbitrary web script or HTML via the "Title" parameter.

4.8
2021-01-26 CVE-2020-21147 Rockoa Cross-site Scripting vulnerability in Rockoa 1.9.8

RockOA V1.9.8 is affected by a cross-site scripting (XSS) vulnerability which allows remote attackers to send malicious code to the administrator and execute JavaScript code, because webmain/flow/input/mode_emailmAction.php does not perform strict filtering.

4.8
2021-01-26 CVE-2020-36204 IM Project Unspecified vulnerability in IM Project IM 20201109

An issue was discovered in the im crate through 2020-11-09 for Rust.

4.7
2021-01-26 CVE-2020-36203 Reffers Project Out-of-bounds Write vulnerability in Reffers Project Reffers 20201201

An issue was discovered in the reffers crate through 2020-12-01 for Rust.

4.7
2021-01-29 CVE-2020-29605 Mantisbt Incorrect Authorization vulnerability in Mantisbt

An issue was discovered in MantisBT before 2.24.4.

4.3
2021-01-29 CVE-2020-29603 Mantisbt Insecure Storage of Sensitive Information vulnerability in Mantisbt

In manage_proj_edit_page.php in MantisBT before 2.24.4, any unprivileged logged-in user can retrieve Private Projects' names via the manage_proj_edit_page.php project_id parameter, without having access to them.

4.3
2021-01-29 CVE-2020-29536 RSA Use of a Broken or Risky Cryptographic Algorithm vulnerability in RSA Archer

Archer before 6.8 P2 (6.8.0.2) is affected by a path exposure vulnerability.

4.3
2021-01-28 CVE-2021-20184 Moodle Unspecified vulnerability in Moodle

It was found in Moodle before version 3.10.1, 3.9.4 and 3.8.7 that a insufficient capability checks in some grade related web services meant students were able to view other students grades.

4.3
2021-01-27 CVE-2020-4786 IBM Server-Side Request Forgery (SSRF) vulnerability in IBM Qradar Security Information and Event Manager

IBM QRadar SIEM 7.4.2 GA to 7.4.2 Patch 1, 7.4.0 to 7.4.1 Patch 1, and 7.3.0 to 7.3.3 Patch 5 is vulnerable to server side request forgery (SSRF).

4.3
2021-01-27 CVE-2020-4189 IBM Cleartext Storage of Sensitive Information vulnerability in IBM Security Guardium 11.2

IBM Security Guardium 11.2 discloses sensitive information in the response headers that could be used in further attacks against the system.

4.3
2021-01-27 CVE-2020-4967 IBM Information Exposure vulnerability in IBM Cloud PAK for Security 1.3.0.1

IBM Cloud Pak for Security (CP4S) 1.3.0.1 could disclose sensitive information through HTTP headers which could be used in further attacks against the system.

4.3
2021-01-25 CVE-2021-21275 Report Project
Oracle
Cross-Site Request Forgery (CSRF) vulnerability in multiple products

The MediaWiki "Report" extension has a Cross-Site Request Forgery (CSRF) vulnerability.

4.3

3 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2021-01-26 CVE-2020-29443 Qemu
Debian
Out-of-bounds Read vulnerability in multiple products

ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated.

3.9
2021-01-26 CVE-2020-4889 IBM Unspecified vulnerability in IBM Spectrum Scale

IBM Spectrum Scale 5.0.0 through 5.0.5.4 and 5.1.0 could allow a local user to poison log files which could impact support and development efforts.

3.3
2021-01-27 CVE-2020-4787 IBM Server-Side Request Forgery (SSRF) vulnerability in IBM Qradar Security Information and Event Manager

IBM QRadar SIEM 7.4.2 GA to 7.4.2 Patch 1, 7.4.0 to 7.4.1 Patch 1, and 7.3.0 to 7.3.3 Patch 5 is vulnerable to server side request forgery (SSRF).

2.3