Weekly Vulnerabilities Reports > January 25 to 31, 2021
Overview
301 new vulnerabilities reported during this period, including 47 critical vulnerabilities and 136 high severity vulnerabilities. This weekly summary report vulnerabilities in 363 products from 182 vendors including IBM, Debian, HPE, Apple, and Openldap. Vulnerabilities are notably categorized as "Cross-site Scripting", "Out-of-bounds Write", "Classic Buffer Overflow", "Path Traversal", and "OS Command Injection".
- 228 reported vulnerabilities are remotely exploitables.
- 18 reported vulnerabilities have public exploit available.
- 96 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 169 reported vulnerabilities are exploitable by an anonymous user.
- IBM has the most reported vulnerabilities, with 20 reported vulnerabilities.
- Accfly has the most reported critical vulnerabilities, with 4 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
47 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2021-01-26 | CVE-2020-6779 | Bosch | Use of Hard-coded Credentials vulnerability in Bosch Fsm-2500 Firmware and Fsm-5000 Firmware Use of Hard-coded Credentials in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows an unauthenticated remote attacker to log into the database with admin-privileges. | 10.0 |
2021-01-27 | CVE-2021-25311 | Wisc | Path Traversal vulnerability in Wisc Htcondor condor_credd in HTCondor before 8.9.11 allows Directory Traversal outside the SEC_CREDENTIAL_DIRECTORY_OAUTH directory, as demonstrated by creating a file under /etc that will later be executed by root. | 9.9 |
2021-01-30 | CVE-2020-15690 | NIM Lang | Injection vulnerability in Nim-Lang NIM In Nim before 1.2.6, the standard library asyncftpclient lacks a check for whether a message contains a newline character. | 9.8 |
2021-01-30 | CVE-2020-15568 | Terra Master | Improper Control of Dynamically-Managed Code Resources vulnerability in Terra-Master TOS TerraMaster TOS before 4.1.29 has Invalid Parameter Checking that leads to code injection as root. | 9.8 |
2021-01-29 | CVE-2020-29557 | Dlink | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Dlink Dir-825 R1 Firmware 3.0.1 An issue was discovered on D-Link DIR-825 R1 devices through 3.0.1 before 2020-11-20. | 9.8 |
2021-01-29 | CVE-2021-3346 | NIC | Unspecified vulnerability in NIC Foris Foris before 101.1.1, as used in Turris OS, lacks certain HTML escaping in the login template. | 9.8 |
2021-01-29 | CVE-2021-26305 | CDR Project | Use of Uninitialized Resource vulnerability in CDR Project CDR An issue was discovered in Deserializer::read_vec in the cdr crate before 0.2.4 for Rust. | 9.8 |
2021-01-28 | CVE-2021-3160 | ACA | Deserialization of Untrusted Data vulnerability in ACA Assuweb 359.3 Deserialization of untrusted data in the login page of ASSUWEB 359.3 build 1 subcomponent of ACA ASSUREX RENTES product allows a remote attacker to inject unsecure serialized Java object using a specially crafted HTTP request, resulting in an unauthenticated remote code execution on the server. | 9.8 |
2021-01-28 | CVE-2020-4682 | IBM | Deserialization of Untrusted Data vulnerability in IBM MQ, MQ Appliance and Websphere MQ IBM MQ 7.5, 8.0, 9.0, 9.1, 9.2 LTS, and 9.2 CD could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization of trusted data. | 9.8 |
2021-01-28 | CVE-2020-25785 | Accfly | Out-of-bounds Write vulnerability in Accfly 720P Firmware 3.10.73/4.15.77 An issue was discovered on Accfly Wireless Security IR Camera System 720P with software versions v3.10.73 through v4.15.77. | 9.8 |
2021-01-28 | CVE-2020-25784 | Accfly | Out-of-bounds Write vulnerability in Accfly 720P Firmware 3.10.73/4.15.77 An issue was discovered on Accfly Wireless Security IR Camera System 720P with software versions v3.10.73 through v4.15.77. | 9.8 |
2021-01-28 | CVE-2020-25783 | Accfly | Out-of-bounds Write vulnerability in Accfly 720P Firmware 3.10.73/4.15.77 An issue was discovered on Accfly Wireless Security IR Camera System 720P with software versions v3.10.73 through v4.15.77. | 9.8 |
2021-01-28 | CVE-2020-25782 | Accfly | Out-of-bounds Write vulnerability in Accfly 720P Firmware 3.10.73/4.15.77 An issue was discovered on Accfly Wireless Security IR Camera 720P System with software versions v3.10.73 through v4.15.77. | 9.8 |
2021-01-27 | CVE-2021-3331 | Winscp | Unspecified vulnerability in Winscp WinSCP before 5.17.10 allows remote attackers to execute arbitrary programs when the URL handler encounters a crafted URL that loads session settings. | 9.8 |
2021-01-27 | CVE-2021-3325 | Fibranet Fedoraproject | Monitorix 3.13.0 allows remote attackers to bypass Basic Authentication in a default installation (i.e., an installation without a hosts_deny option). | 9.8 |
2021-01-27 | CVE-2020-23361 | Phplist | Unspecified vulnerability in PHPlist 3.5.3 phpList 3.5.3 allows type juggling for login bypass because == is used instead of === for password hashes, which mishandles hashes that begin with 0e followed by exclusively numerical characters. | 9.8 |
2021-01-27 | CVE-2020-23360 | Oscommerce | Incorrect Comparison vulnerability in Oscommerce 2.3.4.1 oscommerce v2.3.4.1 has a functional problem in user registration and password rechecking, where a non-identical password can bypass the checks in /catalog/admin/administrators.php and /catalog/password_reset.php | 9.8 |
2021-01-27 | CVE-2020-23359 | Webidsupport | Incorrect Comparison vulnerability in Webidsupport Webid 1.2.2 WeBid 1.2.2 admin/newuser.php has an issue with password rechecking during registration because it uses a loose comparison to check the identicalness of two passwords. | 9.8 |
2021-01-26 | CVE-2013-2512 | Ftpd Project | OS Command Injection vulnerability in Ftpd Project Ftpd 0.2.1 The ftpd gem 0.2.1 for Ruby allows remote attackers to execute arbitrary OS commands via shell metacharacters in a LIST or NLST command argument within FTP protocol traffic. | 9.8 |
2021-01-26 | CVE-2021-21278 | Rsshub | Unspecified vulnerability in Rsshub RSSHub is an open source, easy to use, and extensible RSS feed generator. | 9.8 |
2021-01-26 | CVE-2020-27297 | Honeywell | Out-of-bounds Write vulnerability in Honeywell OPC UA Tunneller The affected product is vulnerable to a heap-based buffer overflow, which may allow an attacker to manipulate memory with controlled values and remotely execute code on the OPC UA Tunneller (versions prior to 6.3.0.8233). | 9.8 |
2021-01-26 | CVE-2021-3304 | Sagemcom | Classic Buffer Overflow vulnerability in Sagemcom F@St 3686 Firmware 3.495 Sagemcom F@ST 3686 v2 3.495 devices have a buffer overflow via a long sessionKey to the goform/login URI. | 9.8 |
2021-01-26 | CVE-2021-3286 | Spotweb Project | SQL Injection vulnerability in Spotweb Project Spotweb 1.4.9 SQL injection exists in Spotweb 1.4.9 because the notAllowedCommands protection mechanism is inadequate, e.g., a variation of the payload may be used. | 9.8 |
2021-01-26 | CVE-2021-3278 | Local Services Search Engine Management System Project | SQL Injection vulnerability in Local Services Search Engine Management System Project Local Services Search Engine Management System 1.0 Local Service Search Engine Management System 1.0 has a vulnerability through authentication bypass using SQL injection . | 9.8 |
2021-01-26 | CVE-2021-3199 | Onlyoffice | Path Traversal vulnerability in Onlyoffice Document Server Directory traversal with remote code execution can occur in /upload in ONLYOFFICE Document Server before 5.6.3, when JWT is used, via a /.. | 9.8 |
2021-01-26 | CVE-2021-3193 | Nagios | Unspecified vulnerability in Nagios XI Improper access and command validation in the Nagios Docker Config Wizard before 1.1.2, as used in Nagios XI through 5.7, allows an unauthenticated attacker to execute remote code as the apache user. | 9.8 |
2021-01-26 | CVE-2021-3190 | Async GIT Project | OS Command Injection vulnerability in Async-Git Project Async-Git The async-git package before 1.13.2 for Node.js allows OS Command Injection via shell metacharacters, as demonstrated by git.reset and git.tag. | 9.8 |
2021-01-26 | CVE-2021-3188 | Phplist | Improper Neutralization of Formula Elements in a CSV File vulnerability in PHPlist 3.6.0 phpList 3.6.0 allows CSV injection, related to the email parameter, and /lists/admin/ exports. | 9.8 |
2021-01-26 | CVE-2021-3185 | Freedesktop | Out-of-bounds Write vulnerability in Freedesktop Gst-Plugins-Bad A flaw was found in the gstreamer h264 component of gst-plugins-bad before v1.18.1 where when parsing a h264 header, an attacker could cause the stack to be smashed, memory corruption and possibly code execution. | 9.8 |
2021-01-26 | CVE-2021-25907 | Containers Project | Double Free vulnerability in Containers Project Containers An issue was discovered in the containers crate before 0.9.11 for Rust. | 9.8 |
2021-01-26 | CVE-2021-25900 | Servo | Out-of-bounds Write vulnerability in Servo Smallvec An issue was discovered in the smallvec crate before 0.6.14 and 1.x before 1.6.1 for Rust. | 9.8 |
2021-01-26 | CVE-2020-36199 | Kaspersky | OS Command Injection vulnerability in Kaspersky Tinycheck TinyCheck before commits 9fd360d and ea53de8 was vulnerable to command injection due to insufficient checks of input parameters in several places. | 9.8 |
2021-01-26 | CVE-2020-35263 | Egavilanmedia | SQL Injection vulnerability in Egavilanmedia User Registration and Login System With Admin Panel 1.0 EgavilanMedia User Registration & Login System 1.0 is affected by SQL injection to the admin panel, which may allow arbitrary code execution. | 9.8 |
2021-01-26 | CVE-2020-28998 | Mygeeni | Use of Hard-coded Credentials vulnerability in Mygeeni Gnc-Cw013 Firmware 1.8.1 An issue was discovered on Geeni GNC-CW013 doorbell 1.8.1 devices. | 9.8 |
2021-01-26 | CVE-2020-28221 | Schneider Electric | Unspecified vulnerability in Schneider-Electric products A CWE-20: Improper Input Validation vulnerability exists in EcoStruxure™ Operator Terminal Expert and Pro-face BLUE (version details in the notification) that could cause arbitrary code execution when the Ethernet Download feature is enable on the HMI. | 9.8 |
2021-01-26 | CVE-2020-27583 | IBM | Deserialization of Untrusted Data vulnerability in IBM Infosphere Information Server 8.5 IBM InfoSphere Information Server 8.5.0.0 is affected by deserialization of untrusted data which could allow remote unauthenticated attackers to execute arbitrary code. | 9.8 |
2021-01-26 | CVE-2020-27540 | Company | Improper Verification of Cryptographic Signature vulnerability in Company Cs-C2Shw Firmware 5.0.082.1 Bash injection vulnerability and bypass of signature verification in Rostelecom CS-C2SHW 5.0.082.1. | 9.8 |
2021-01-26 | CVE-2020-27539 | Company | Out-of-bounds Write vulnerability in Company Cs-C2Shw Firmware 5.0.082.1 Heap overflow with full parsing of HTTP respose in Rostelecom CS-C2SHW 5.0.082.1. | 9.8 |
2021-01-26 | CVE-2020-23448 | Newbee Mall Project | Use of Incorrectly-Resolved Name or Reference vulnerability in Newbee-Mall Project Newbee-Mall newbee-mall all versions are affected by incorrect access control to remotely gain privileges through AdminLoginInterceptor.java. | 9.8 |
2021-01-26 | CVE-2020-23262 | Mingsoft | SQL Injection vulnerability in Mingsoft Mcms 5.0.0 An issue was discovered in ming-soft MCMS v5.0, where a malicious user can exploit SQL injection without logging in through /mcms/view.do. | 9.8 |
2021-01-26 | CVE-2020-20269 | Caret | Unspecified vulnerability in Caret A specially crafted Markdown document could cause the execution of malicious JavaScript code in Caret Editor before 4.0.0-rc22. | 9.8 |
2021-01-28 | CVE-2020-35124 | Acquia | Cross-site Scripting vulnerability in Acquia Mautic A cross-site scripting (XSS) vulnerability in the assets component of Mautic before 3.2.4 allows remote attackers to inject executable JavaScript through the Referer header of asset downloads. | 9.6 |
2021-01-29 | CVE-2020-35547 | Mitel | Unspecified vulnerability in Mitel Micollab A library index page in NuPoint Messenger in Mitel MiCollab before 9.2 FP1 could allow an unauthenticated attacker to gain access (view and modify) to user data. | 9.1 |
2021-01-26 | CVE-2020-27299 | Honeywell | Out-of-bounds Read vulnerability in Honeywell OPC UA Tunneller The affected product is vulnerable to an out-of-bounds read, which may allow an attacker to obtain and disclose sensitive data information or cause the device to crash on the OPC UA Tunneller (versions prior to 6.3.0.8233). | 9.1 |
2021-01-26 | CVE-2021-25905 | BRA Project | Use of Uninitialized Resource vulnerability in BRA Project BRA 0.1.0 An issue was discovered in the bra crate before 0.1.1 for Rust. | 9.1 |
2021-01-26 | CVE-2020-35270 | Student Result Management System Project | SQL Injection vulnerability in Student Result Management System Project Student Result Management System 1.0 Student Result Management System In PHP With Source Code is affected by SQL injection. | 9.1 |
2021-01-25 | CVE-2021-23901 | Apache Netapp | XXE vulnerability in multiple products An XML external entity (XXE) injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions < 1.18. | 9.1 |
136 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2021-01-29 | CVE-2021-25646 | Apache | Unspecified vulnerability in Apache Druid Apache Druid includes the ability to execute user-provided JavaScript code embedded in various types of requests. | 8.8 |
2021-01-29 | CVE-2020-29004 | Mediawiki | Cross-Site Request Forgery (CSRF) vulnerability in Mediawiki The API in the Push extension for MediaWiki through 1.35 did not require an edit token in ApiPushBase.php and therefore facilitated a CSRF attack. | 8.8 |
2021-01-29 | CVE-2020-28405 | Iris | Unspecified vulnerability in Iris Star Practice Management 2019.2.0.6 An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an unauthorized user to change the privileges of any user of the application. | 8.8 |
2021-01-29 | CVE-2020-28403 | Iris | Cross-Site Request Forgery (CSRF) vulnerability in Iris Star 2019.2.0.6 A Cross-Site Request Forgery (CSRF) vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an attacker to change the privileges of any user of the application. | 8.8 |
2021-01-29 | CVE-2020-28402 | Iris | Unspecified vulnerability in Iris Star Practice Management 2019.2.0.6 An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an unauthorized user to access Launcher Configuration Panel. | 8.8 |
2021-01-28 | CVE-2019-25016 | Opendoas Project | Missing Initialization of Resource vulnerability in Opendoas Project Opendoas 6.6/6.6.1/6.8 In OpenDoas from 6.6 to 6.8 the users PATH variable was incorrectly inherited by authenticated executions if the authenticating rule allowed the user to execute any command. | 8.8 |
2021-01-28 | CVE-2020-4888 | IBM | Deserialization of Untrusted Data vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.4.0 to 7.4.2 Patch 1 and 7.3.0 to 7.3.3 Patch 7 could allow a remote attacker to execute arbitrary commands on the system, caused by insecure deserialization of user-supplied content by the Java deserialization function. | 8.8 |
2021-01-28 | CVE-2020-13569 | Open EMR | Cross-Site Request Forgery (CSRF) vulnerability in Open-Emr Openemr 5.0.2 A cross-site request forgery vulnerability exists in the GACL functionality of OpenEMR 5.0.2 and development version 6.0.0 (commit babec93f600ff1394f91ccd512bcad85832eb6ce). | 8.8 |
2021-01-28 | CVE-2021-20621 | Aterm | Cross-Site Request Forgery (CSRF) vulnerability in Aterm Wg2600Hp2 Firmware and Wg2600Hp Firmware Cross-site request forgery (CSRF) vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | 8.8 |
2021-01-28 | CVE-2020-5626 | Infoscience | OS Command Injection vulnerability in Infoscience ELC Analytics and Logstorage Logstorage version 8.0.0 and earlier, and ELC Analytics version 3.0.0 and earlier allow remote attackers to execute arbitrary OS commands via a specially crafted log file. | 8.8 |
2021-01-27 | CVE-2020-4952 | IBM | Unspecified vulnerability in IBM Security Guardium 11.2 IBM Security Guardium 11.2 could allow an authenticated user to gain root access due to improper access control. | 8.8 |
2021-01-27 | CVE-2021-25312 | Wisc | Missing Authentication for Critical Function vulnerability in Wisc Htcondor HTCondor before 8.9.11 allows a user to submit a job as another user on the system, because of a flaw in the IDTOKENS authentication method. | 8.8 |
2021-01-26 | CVE-2021-3317 | Klogserver | OS Command Injection vulnerability in Klogserver Klog Server 2.4.1 KLog Server through 2.4.1 allows authenticated command injection. | 8.8 |
2021-01-26 | CVE-2021-3165 | Missionlabs | Incorrect Permission Assignment for Critical Resource vulnerability in Missionlabs Smartagent 3.1.0 SmartAgent 3.1.0 allows a ViewOnly attacker to create a SuperUser account via the /#/CampaignManager/users URI. | 8.8 |
2021-01-26 | CVE-2021-3164 | Churchdesk | Unrestricted Upload of File with Dangerous Type vulnerability in Churchdesk Churchrota 2.6.4 ChurchRota 2.6.4 is vulnerable to authenticated remote code execution. | 8.8 |
2021-01-26 | CVE-2021-25863 | Open5Gs | Improper Authentication vulnerability in Open5Gs 2.1.3 Open5GS 2.1.3 listens on 0.0.0.0:3000 and has a default password of 1423 for the admin account. | 8.8 |
2021-01-26 | CVE-2020-9492 | Apache Oracle | Incorrect Authorization vulnerability in multiple products In Apache Hadoop 3.2.0 to 3.2.1, 3.0.0-alpha1 to 3.1.3, and 2.0.0-alpha to 2.10.0, WebHDFS client might send SPNEGO authorization header to remote URL without proper verification. | 8.8 |
2021-01-26 | CVE-2020-35576 | TP Link | OS Command Injection vulnerability in Tp-Link Tl-Wr841N Firmware A Command Injection issue in the traceroute feature on TP-Link TL-WR841N V13 (JP) with firmware versions prior to 201216 allows authenticated users to execute arbitrary code as root via shell metacharacters, a different vulnerability than CVE-2018-12577. | 8.8 |
2021-01-26 | CVE-2020-35239 | Cakefoundation | Cross-Site Request Forgery (CSRF) vulnerability in Cakefoundation Cakephp A vulnerability exists in CakePHP versions 4.0.x through 4.1.3. | 8.8 |
2021-01-26 | CVE-2020-24549 | Openmaint | Unrestricted Upload of File with Dangerous Type vulnerability in Openmaint openMAINT before 1.1-2.4.2 allows remote authenticated users to run arbitrary JSP code on the underlying web server. | 8.8 |
2021-01-26 | CVE-2020-23826 | Assaabloy | OS Command Injection vulnerability in Assaabloy Yale Wipc-303W Firmware 2.21/2.31 The Yale WIPC-303W 2.21 through 2.31 camera is vulnerable to remote command execution (RCE) through command injection via the HTTP API. | 8.8 |
2021-01-26 | CVE-2020-23160 | Pyres | Unspecified vulnerability in Pyres Termod4 Firmware Remote code execution in Pyrescom Termod4 time management devices before 10.04k allows authenticated remote attackers to arbitrary commands as root on the devices. | 8.8 |
2021-01-25 | CVE-2020-17532 | Apache | Deserialization of Untrusted Data vulnerability in Apache Java Chassis When handler-router component is enabled in servicecomb-java-chassis, authenticated user may inject some data and cause arbitrary code execution. | 8.8 |
2021-01-28 | CVE-2020-35517 | Qemu | Unspecified vulnerability in Qemu A flaw was found in qemu. | 8.2 |
2021-01-26 | CVE-2020-4949 | IBM | XXE vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. | 8.2 |
2021-01-29 | CVE-2021-3336 | Wolfssl | Improper Certificate Validation vulnerability in Wolfssl DoTls13CertificateVerify in tls13.c in wolfSSL before 4.7.0 does not cease processing for certain anomalous peer behavior (sending an ED22519, ED448, ECC, or RSA signature without the corresponding certificate). | 8.1 |
2021-01-26 | CVE-2021-3309 | Wekan Project | Improper Certificate Validation vulnerability in Wekan Project Wekan packages/wekan-ldap/server/ldap.js in Wekan before 4.87 can process connections even though they are not authorized by the Certification Authority trust store, | 8.1 |
2021-01-29 | CVE-2021-3176 | Mitel | Improper Input Validation vulnerability in Mitel Businesscti Enterprise The chat window of the Mitel BusinessCTI Enterprise (MBC-E) Client for Windows before 6.4.15 and 7.x before 7.1.2 could allow an attacker to gain access to user information by sending certain code, due to improper input validation of http links. | 8.0 |
2021-01-29 | CVE-2021-25138 | HPE | Classic Buffer Overflow vulnerability in HPE products The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice uploadsshkey function. | 7.8 |
2021-01-29 | CVE-2021-25137 | HPE | Classic Buffer Overflow vulnerability in HPE products The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice startflash_func function. | 7.8 |
2021-01-29 | CVE-2021-25136 | HPE | Classic Buffer Overflow vulnerability in HPE products The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setsolvideoremotestorage_func function. | 7.8 |
2021-01-29 | CVE-2021-25135 | HPE | Classic Buffer Overflow vulnerability in HPE products The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setsmtp_func function. | 7.8 |
2021-01-29 | CVE-2021-25134 | HPE | Classic Buffer Overflow vulnerability in HPE products The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setremoteimageinfo_func function. | 7.8 |
2021-01-29 | CVE-2021-25133 | HPE | Classic Buffer Overflow vulnerability in HPE products The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setradiusconfig_func function. | 7.8 |
2021-01-29 | CVE-2021-25132 | HPE | Classic Buffer Overflow vulnerability in HPE products The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setmediaconfig_func function. | 7.8 |
2021-01-29 | CVE-2021-25131 | HPE | Classic Buffer Overflow vulnerability in HPE products The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setfwimagelocation_func function. | 7.8 |
2021-01-29 | CVE-2021-25130 | HPE | Classic Buffer Overflow vulnerability in HPE products The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setactdir_func function. | 7.8 |
2021-01-29 | CVE-2021-25129 | HPE | Path Traversal vulnerability in HPE products The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice getvideodata_func function path traversal vulnerability. | 7.8 |
2021-01-29 | CVE-2021-25128 | HPE | Path Traversal vulnerability in HPE products The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice gethelpdata_func function path traversal vulnerability. | 7.8 |
2021-01-29 | CVE-2021-25127 | HPE | Classic Buffer Overflow vulnerability in HPE products The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice generatesslcertificate_func function. | 7.8 |
2021-01-29 | CVE-2021-25126 | HPE | Classic Buffer Overflow vulnerability in HPE products The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice downloadkvmjnlp_func function. | 7.8 |
2021-01-29 | CVE-2021-25125 | HPE | Path Traversal vulnerability in HPE products The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice delsolrecordedvideo_func function path traversal vulnerability. | 7.8 |
2021-01-29 | CVE-2021-25124 | HPE | Path Traversal vulnerability in HPE products The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice deletevideo_func function path traversal vulnerability. | 7.8 |
2021-01-29 | CVE-2021-3347 | Linux Debian Fedoraproject | Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel through 5.10.11. | 7.8 |
2021-01-29 | CVE-2021-3345 | Gnupg Oracle | Out-of-bounds Write vulnerability in multiple products _gcry_md_block_write in cipher/hash-common.c in Libgcrypt version 1.9.0 has a heap-based buffer overflow when the digest final function sets a large count value. | 7.8 |
2021-01-29 | CVE-2021-25123 | HPE | Classic Buffer Overflow vulnerability in HPE products The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice addlicense_func function. | 7.8 |
2021-01-29 | CVE-2020-35145 | Acronis | Uncontrolled Search Path Element vulnerability in Acronis True Image Acronis True Image for Windows prior to 2021 Update 3 allowed local privilege escalation due to a DLL hijacking vulnerability in multiple components, aka an Untrusted Search Path issue. | 7.8 |
2021-01-27 | CVE-2021-22655 | Fujielectric | Out-of-bounds Read vulnerability in Fujielectric V-Server and V-Simulator Multiple out-of-bounds read issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0). | 7.8 |
2021-01-27 | CVE-2021-22653 | Fujielectric | Out-of-bounds Write vulnerability in Fujielectric V-Server and V-Simulator Multiple out-of-bounds write issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0). | 7.8 |
2021-01-27 | CVE-2021-22641 | Fujielectric | Out-of-bounds Write vulnerability in Fujielectric V-Server and V-Simulator A heap-based buffer overflow issue has been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0). | 7.8 |
2021-01-27 | CVE-2021-22639 | Fujielectric | Access of Uninitialized Pointer vulnerability in Fujielectric V-Server and V-Simulator An uninitialized pointer issue has been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0). | 7.8 |
2021-01-27 | CVE-2021-22637 | Fujielectric | Out-of-bounds Write vulnerability in Fujielectric V-Server and V-Simulator Multiple stack-based buffer overflow issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0). | 7.8 |
2021-01-27 | CVE-2021-25247 | Trendmicro | Uncontrolled Search Path Element vulnerability in Trendmicro Housecall for Home Networks 5.3.0.1063 A DLL hijacking vulnerability Trend Micro HouseCall for Home Networks version 5.3.1063 and below could allow an attacker to use a malicious DLL to escalate privileges and perform arbitrary code execution. | 7.8 |
2021-01-26 | CVE-2021-3156 | Sudo Project Fedoraproject Debian Netapp Mcafee Synology Beyondtrust Oracle | Off-by-one Error vulnerability in multiple products Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character. | 7.8 |
2021-01-26 | CVE-2021-22159 | Proofpoint | Missing Authentication for Critical Function vulnerability in Proofpoint Insider Threat Management Insider Threat Management Windows Agent Local Privilege Escalation Vulnerability The Proofpoint Insider Threat Management (formerly ObserveIT) Agent for Windows before 7.4.3, 7.5.4, 7.6.5, 7.7.5, 7.8.4, 7.9.3, 7.10.2, and 7.11.0.25 as well as versions 7.3 and earlier is missing authentication for a critical function, which allows a local authenticated Windows user to run arbitrary commands with the privileges of the Windows SYSTEM user. | 7.8 |
2021-01-26 | CVE-2021-3297 | Zyxel | Improper Authentication vulnerability in Zyxel Nbg2105 Firmware V1.00(Aagu.2)C0 On Zyxel NBG2105 V1.00(AAGU.2)C0 devices, setting the login cookie to 1 provides administrator access. | 7.8 |
2021-01-26 | CVE-2021-26026 | Acdsee | Incorrect Authorization vulnerability in Acdsee Photo Studio 2021 14.0 PlugIns\IDE_ACDStd.apl in ACDSee Professional 2021 14.0 1721 has a User Mode Write Access Violation starting at IDE_ACDStd!JPEGTransW+0x000000000000c7f4 via a crafted BMP image. | 7.8 |
2021-01-26 | CVE-2021-26025 | Acdsee | Incorrect Authorization vulnerability in Acdsee Photo Studio 2021 14.0 PlugIns\IDE_ACDStd.apl in ACDSee Professional 2021 14.0 1721 has a User Mode Write Access Violation starting at IDE_ACDStd!zlibVersion+0x0000000000004e5e via a crafted BMP image. | 7.8 |
2021-01-26 | CVE-2021-22698 | Schneider Electric | Unspecified vulnerability in Schneider-Electric Ecostruxure Power Build - Rapsody 2.1.13 A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software (V2.1.13 and prior) that could allow a stack-based buffer overflow to occur which could result in remote code execution when a malicious SSD file is uploaded and improperly parsed. | 7.8 |
2021-01-26 | CVE-2021-22697 | Schneider Electric | Unspecified vulnerability in Schneider-Electric Ecostruxure Power Build - Rapsody 2.1.13 A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software (V2.1.13 and prior) that could allow a use-after-free condition which could result in remote code execution when a malicious SSD file is uploaded and improperly parsed. | 7.8 |
2021-01-26 | CVE-2020-36210 | Autorand Project | Use of Uninitialized Resource vulnerability in Autorand Project Autorand An issue was discovered in the autorand crate before 0.2.3 for Rust. | 7.8 |
2021-01-26 | CVE-2020-36208 | Conquer Once Project | Improper Synchronization vulnerability in Conquer-Once Project Conquer-Once 0.3.0/0.3.1 An issue was discovered in the conquer-once crate before 0.3.2 for Rust. | 7.8 |
2021-01-26 | CVE-2020-35845 | Faststone | Out-of-bounds Write vulnerability in Faststone Image Viewer 7.5 FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted image file) at FSViewer.exe+0x96cf. | 7.8 |
2021-01-26 | CVE-2020-35844 | Faststone | Out-of-bounds Write vulnerability in Faststone Image Viewer 7.5 FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted image file) at FSViewer.exe+0xbe9c4. | 7.8 |
2021-01-26 | CVE-2020-27814 | Uclouvain Debian | A heap-buffer overflow was found in the way openjpeg2 handled certain PNG format files. | 7.8 |
2021-01-26 | CVE-2020-27288 | Deltaww | Out-of-bounds Write vulnerability in Deltaww Tpeditor An untrusted pointer dereference has been identified in the way TPEditor(v1.98 and prior) processes project files, allowing an attacker to craft a special project file that may permit arbitrary code execution. | 7.8 |
2021-01-26 | CVE-2020-27284 | Deltaww | Out-of-bounds Write vulnerability in Deltaww Tpeditor TPEditor (v1.98 and prior) is vulnerable to two out-of-bounds write instances in the way it processes project files, allowing an attacker to craft a special project file that may permit arbitrary code execution. | 7.8 |
2021-01-26 | CVE-2020-27280 | Deltaww | Use After Free vulnerability in Deltaww Ispsoft A use after free issue has been identified in the way ISPSoft(v3.12 and prior) processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution. | 7.8 |
2021-01-26 | CVE-2020-25737 | Hackolade | Unspecified vulnerability in Hackolade An elevation of privilege vulnerability exists in Hackolade versions prior 4.2.0 on Windows has an issue in specific deployment scenarios that could allow local users to gain elevated privileges during an uninstall of the application. | 7.8 |
2021-01-26 | CVE-2020-25173 | Reolink | Use of Hard-coded Credentials vulnerability in Reolink products An attacker with local network access can obtain a fixed cryptography key which may allow for further compromise of Reolink P2P cameras outside of local network access | 7.8 |
2021-01-26 | CVE-2020-16236 | Panasonic | Out-of-bounds Read vulnerability in Panasonic Fpwin PRO FPWIN Pro is vulnerable to an out-of-bounds read vulnerability when a user opens a maliciously crafted project file, which may allow an attacker to remotely execute arbitrary code. | 7.8 |
2021-01-25 | CVE-2021-21272 | Deislabs | Link Following vulnerability in Deislabs Oras ORAS is open source software which enables a way to push OCI Artifacts to OCI Conformant registries. | 7.7 |
2021-01-29 | CVE-2021-20586 | Mitsubishielectric | Unspecified vulnerability in Mitsubishielectric products Resource management errors vulnerability in a robot controller of MELFA FR Series(controller "CR800-*V*D" of RV-*FR***-D-* all versions, controller "CR800-*HD" of RH-*FRH***-D-* all versions, controller "CR800-*HRD" of RH-*FRHR***-D-* all versions, controller "CR800-*V*R with R16RTCPU" of RV-*FR***-R-* all versions, controller "CR800-*HR with R16RTCPU" of RH-*FRH***-R-* all versions, controller "CR800-*HRR with R16RTCPU" of RH-*FRHR***-R-* all versions, controller "CR800-*V*Q with Q172DSRCPU" of RV-*FR***-Q-* all versions, controller "CR800-*HQ with Q172DSRCPU" of RH-*FRH***-Q-* all versions, controller "CR800-*HRQ with Q172DSRCPU" of RH-*FRHR***-Q-* all versions) and a robot controller of MELFA CR Series(controller "CR800-CVD" of RV-8CRL-D-* all versions, controller "CR800-CHD" of RH-*CRH**-D-* all versions) as well as a cooperative robot ASSISTA(controller "CR800-05VD" of RV-5AS-D-* all versions) allows a remote unauthenticated attacker to cause a DoS of the execution of the robot program and the Ethernet communication by sending a large amount of packets in burst over a short period of time. | 7.5 |
2021-01-29 | CVE-2021-25909 | Zivautomation | Resource Exhaustion vulnerability in Zivautomation 4Cct-Ea6-334126Bf Firmware 3.23.80.27.36371 ZIV Automation 4CCT-EA6-334126BF firmware version 3.23.80.27.36371, allows an unauthenticated, remote attacker to cause a denial of service condition on the device. | 7.5 |
2021-01-29 | CVE-2020-29005 | Mediawiki | Insufficiently Protected Credentials vulnerability in Mediawiki The API in the Push extension for MediaWiki through 1.35 used cleartext for ApiPush credentials, allowing for potential information disclosure. | 7.5 |
2021-01-29 | CVE-2021-26308 | Marc Project | Unspecified vulnerability in Marc Project Marc 1.3.0 An issue was discovered in the marc crate before 2.0.0 for Rust. | 7.5 |
2021-01-29 | CVE-2021-26306 | RAW Cpuid Project | Unspecified vulnerability in Raw-Cpuid Project Raw-Cpuid An issue was discovered in the raw-cpuid crate before 9.0.0 for Rust. | 7.5 |
2021-01-29 | CVE-2021-3341 | Dh2I | Path Traversal vulnerability in Dh2I Dxenterprise and Dxodyssey A path traversal vulnerability in the DxWebEngine component of DH2i DxEnterprise and DxOdyssey for Windows, version 19.5 through 20.x before 20.0.219.0, allows an attacker to read any file on the host file system via an HTTP request. | 7.5 |
2021-01-28 | CVE-2021-3337 | Hide Thread Content Project | Incorrect Authorization vulnerability in Hide Thread Content Project Hide Thread Content 1.0 The Hide-Thread-Content plugin through 2021-01-27 for MyBB allows remote attackers to bypass intended content-reading restrictions by clicking on reply or quote in the postbit. | 7.5 |
2021-01-27 | CVE-2021-3326 | GNU Netapp Oracle Fujitsu Debian | Reachable Assertion vulnerability in multiple products The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service. | 7.5 |
2021-01-27 | CVE-2021-26118 | Apache Netapp | While investigating ARTEMIS-2964 it was found that the creation of advisory messages in the OpenWire protocol head of Apache ActiveMQ Artemis 2.15.0 bypassed policy based access control for the entire session. | 7.5 |
2021-01-27 | CVE-2021-26117 | Apache Netapp Debian Oracle | Improper Authentication vulnerability in multiple products The optional ActiveMQ LDAP login module can be configured to use anonymous access to the LDAP server. | 7.5 |
2021-01-27 | CVE-2020-23356 | Nibbleblog | Unspecified vulnerability in Nibbleblog 3.7.1C dmin/kernel/api/login.class.phpin in nibbleblog v3.7.1c allows type juggling for login bypass because == is used instead of === for password hashes, which mishandles hashes that begin with 0e followed by exclusively numerical characters. | 7.5 |
2021-01-27 | CVE-2020-23355 | Codiad | Unspecified vulnerability in Codiad 2.8.4 ** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Codiad 2.8.4 /componetns/user/class.user.php:Authenticate() is vulnerable in magic hash authentication bypass. | 7.5 |
2021-01-27 | CVE-2020-23352 | Zblogcn | Unspecified vulnerability in Zblogcn Z-Blogphp 1.6.0 Z-BlogPHP 1.6.0 Valyria is affected by incorrect access control. | 7.5 |
2021-01-26 | CVE-2020-23776 | Winmail Project | Server-Side Request Forgery (SSRF) vulnerability in Winmail Project Winmail 6.5 A SSRF vulnerability exists in Winmail 6.5 in app.php in the key parameter when HTTPS is on. | 7.5 |
2021-01-26 | CVE-2020-27295 | Honeywell | Resource Exhaustion vulnerability in Honeywell OPC UA Tunneller The affected product has uncontrolled resource consumption issues, which may allow an attacker to cause a denial-of-service condition on the OPC UA Tunneller (versions prior to 6.3.0.8233). | 7.5 |
2021-01-26 | CVE-2020-27274 | Honeywell | Improper Check for Unusual or Exceptional Conditions vulnerability in Honeywell OPC UA Tunneller Some parsing functions in the affected product do not check the return value of malloc and the thread handling the message is forced to close, which may lead to a denial-of-service condition on the OPC UA Tunneller (versions prior to 6.3.0.8233). | 7.5 |
2021-01-26 | CVE-2020-13582 | Silabs | NULL Pointer Dereference vulnerability in Silabs Micrium Uc-Http 3.01.00 A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. | 7.5 |
2021-01-26 | CVE-2021-3223 | Nodered | Path Traversal vulnerability in Nodered Node-Red-Dashboard Node-RED-Dashboard before 2.26.2 allows ui_base/js/..%2f directory traversal to read files. | 7.5 |
2021-01-26 | CVE-2021-3195 | Bitcoin | Improper Input Validation vulnerability in Bitcoin Core bitcoind in Bitcoin Core through 0.21.0 can create a new file in an arbitrary directory (e.g., outside the ~/.bitcoin directory) via a dumpwallet RPC call. | 7.5 |
2021-01-26 | CVE-2021-3115 | Golang Fedoraproject Netapp | Uncontrolled Search Path Element vulnerability in multiple products Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the "go get" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download). | 7.5 |
2021-01-26 | CVE-2021-26267 | Cpanel | Unspecified vulnerability in Cpanel cPanel before 92.0.9 allows a MySQL user (who has an old-style password hash) to bypass suspension (SEC-579). | 7.5 |
2021-01-26 | CVE-2021-26266 | Cpanel | Unspecified vulnerability in Cpanel cPanel before 92.0.9 allows a Reseller to bypass the suspension lock (SEC-578). | 7.5 |
2021-01-26 | CVE-2021-25908 | FIL OCL Project | Double Free vulnerability in Fil-Ocl Project Fil-Ocl An issue was discovered in the fil-ocl crate through 2021-01-04 for Rust. | 7.5 |
2021-01-26 | CVE-2021-25906 | Basic DSP Matrix Project | Unspecified vulnerability in Basic DSP Matrix Project Basic DSP Matrix An issue was discovered in the basic_dsp_matrix crate before 0.9.2 for Rust. | 7.5 |
2021-01-26 | CVE-2021-25904 | AV Data Project | NULL Pointer Dereference vulnerability in Av-Data Project Av-Data An issue was discovered in the av-data crate before 0.3.0 for Rust. | 7.5 |
2021-01-26 | CVE-2021-25903 | Cache Project | NULL Pointer Dereference vulnerability in Cache Project Cache An issue was discovered in the cache crate through 2021-01-01 for Rust. | 7.5 |
2021-01-26 | CVE-2021-25902 | Glsl Layout Project | Unspecified vulnerability in Glsl-Layout Project Glsl-Layout An issue was discovered in the glsl-layout crate before 0.4.0 for Rust. | 7.5 |
2021-01-26 | CVE-2021-25864 | Dgtl | Path Traversal vulnerability in Dgtl Huemagic 3.0.0 node-red-contrib-huemagic 3.0.0 is affected by hue/assets/..%2F Directory Traversal.in the res.sendFile API, used in file hue-magic.js, to fetch an arbitrary file. | 7.5 |
2021-01-26 | CVE-2021-21723 | ZTE | Memory Leak vulnerability in ZTE products Some ZTE products have a DoS vulnerability. | 7.5 |
2021-01-26 | CVE-2020-8295 | Nextcloud | Resource Exhaustion vulnerability in Nextcloud Server A wrong check in Nextcloud Server 19 and prior allowed to perform a denial of service attack when resetting the password for a user. | 7.5 |
2021-01-26 | CVE-2020-36230 | Openldap Debian Apple Apache | Reachable Assertion vulnerability in multiple products A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service. | 7.5 |
2021-01-26 | CVE-2020-36229 | Openldap Debian Apple | Type Confusion vulnerability in multiple products A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in ad_keystring, resulting in denial of service. | 7.5 |
2021-01-26 | CVE-2020-36228 | Openldap Debian Apple | Integer Underflow (Wrap or Wraparound) vulnerability in multiple products An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service. | 7.5 |
2021-01-26 | CVE-2020-36227 | Openldap Debian Apple | Infinite Loop vulnerability in multiple products A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service. | 7.5 |
2021-01-26 | CVE-2020-36226 | Openldap Debian Apple | A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch->bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service. | 7.5 |
2021-01-26 | CVE-2020-36225 | Openldap Debian Apple | Double Free vulnerability in multiple products A flaw was discovered in OpenLDAP before 2.4.57 leading to a double free and slapd crash in the saslAuthzTo processing, resulting in denial of service. | 7.5 |
2021-01-26 | CVE-2020-36224 | Openldap Debian Apple | Release of Invalid Pointer or Reference vulnerability in multiple products A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service. | 7.5 |
2021-01-26 | CVE-2020-36223 | Openldap Debian Apple | Double Free vulnerability in multiple products A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read). | 7.5 |
2021-01-26 | CVE-2020-36222 | Openldap Debian Apple | Reachable Assertion vulnerability in multiple products A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service. | 7.5 |
2021-01-26 | CVE-2020-36221 | Openldap Debian Apple | Integer Underflow (Wrap or Wraparound) vulnerability in multiple products An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck). | 7.5 |
2021-01-26 | CVE-2020-36215 | Hashconsing Project | Improper Synchronization vulnerability in Hashconsing Project Hashconsing An issue was discovered in the hashconsing crate before 1.1.0 for Rust. | 7.5 |
2021-01-26 | CVE-2020-36213 | ABI Stable Project | Unspecified vulnerability in ABI Stable Project ABI Stable An issue was discovered in the abi_stable crate before 0.9.1 for Rust. | 7.5 |
2021-01-26 | CVE-2020-36212 | ABI Stable Project | Unspecified vulnerability in ABI Stable Project ABI Stable An issue was discovered in the abi_stable crate before 0.9.1 for Rust. | 7.5 |
2021-01-26 | CVE-2020-36201 | Xerox | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Xerox products An issue was discovered in certain Xerox WorkCentre products. | 7.5 |
2021-01-26 | CVE-2020-28874 | Projectsend | Improper Resource Shutdown or Release vulnerability in Projectsend reset-password.php in ProjectSend before r1295 allows remote attackers to reset a password because of incorrect business logic. | 7.5 |
2021-01-26 | CVE-2020-27541 | Company | Out-of-bounds Write vulnerability in Company Cs-C2Shw Firmware 5.0.082.1 Denial of Service vulnerability in Rostelecom CS-C2SHW 5.0.082.1. | 7.5 |
2021-01-26 | CVE-2020-25169 | Reolink | Cleartext Transmission of Sensitive Information vulnerability in Reolink products The affected Reolink P2P products do not sufficiently protect data transferred between the local device and Reolink servers. | 7.5 |
2021-01-26 | CVE-2020-23449 | Newbee Mall Project | Authorization Bypass Through User-Controlled Key vulnerability in Newbee-Mall Project Newbee-Mall newbee-mall all versions are affected by incorrect access control to remotely gain privileges through NewBeeMallIndexConfigServiceImpl.java. | 7.5 |
2021-01-26 | CVE-2020-23162 | Pyres | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Pyres Termod4 Firmware Sensitive information disclosure and weak encryption in Pyrescom Termod4 time management devices before 10.04k allows remote attackers to read a session-file and obtain plain-text user credentials. | 7.5 |
2021-01-26 | CVE-2020-0236 | Out-of-bounds Read vulnerability in Google Android 10.0 In A2DP_GetCodecType of a2dp_codec_config, there is a possible out-of-bounds read due to improper input validation. | 7.5 | |
2021-01-28 | CVE-2020-35754 | Opensolution | Code Injection vulnerability in Opensolution Quick.Cart and Quick.Cms OpenSolution Quick.CMS < 6.7 and Quick.Cart < 6.7 allow an authenticated user to perform code injection (and consequently Remote Code Execution) via the input fields of the Language tab. | 7.2 |
2021-01-28 | CVE-2021-20187 | Moodle | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Moodle It was found in Moodle before version 3.10.1, 3.9.4, 3.8.7 and 3.5.16 that it was possible for site administrators to execute arbitrary PHP scripts via a PHP include used during Shibboleth authentication. | 7.2 |
2021-01-27 | CVE-2020-5427 | Vmware | SQL Injection vulnerability in VMWare Spring Cloud Data Flow In Spring Cloud Data Flow, versions 2.6.x prior to 2.6.5, versions 2.5.x prior 2.5.4, an application is vulnerable to SQL injection when requesting task execution. | 7.2 |
2021-01-26 | CVE-2021-3291 | ZEN Cart | OS Command Injection vulnerability in Zen-Cart ZEN Cart 1.5.7B Zen Cart 1.5.7b allows admins to execute arbitrary OS commands by inspecting an HTML radio input element (within the modules edit page) and inserting a command. | 7.2 |
2021-01-26 | CVE-2020-29001 | Merkuryinnovations | Cleartext Storage of Sensitive Information vulnerability in Merkuryinnovations products An issue was discovered on Geeni GNC-CW028 Camera 2.7.2, Geeni GNC-CW025 Doorbell 2.9.5, Merkury MI-CW024 Doorbell 2.9.6, and Merkury MI-CW017 Camera 2.9.6 devices. | 7.2 |
2021-01-26 | CVE-2020-29000 | Mygeeni | Unspecified vulnerability in Mygeeni Gnc-Cw013 Firmware 1.8.1 An issue was discovered on Geeni GNC-CW013 doorbell 1.8.1 devices. | 7.2 |
2021-01-26 | CVE-2020-28999 | Mygeeni | Use of Hard-coded Credentials vulnerability in Mygeeni Gnc-Cw013 Firmware 1.8.1 An issue was discovered in Apexis Streaming Video Web Application on Geeni GNC-CW013 doorbell 1.8.1 devices. | 7.2 |
2021-01-26 | CVE-2020-22643 | Feehi | Unrestricted Upload of File with Dangerous Type vulnerability in Feehi CMS 2.1.0 Feehi CMS 2.1.0 is affected by an arbitrary file upload vulnerability, potentially resulting in remote code execution. | 7.2 |
2021-01-26 | CVE-2021-1070 | Nvidia | Unspecified vulnerability in Nvidia Linux for Tegra R21.6/R24.2.2 NVIDIA Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano and Nano 2GB, L4T versions prior to 32.5, contains a vulnerability in the apply_binaries.sh script used to install NVIDIA components into the root file system image, in which improper access control is applied, which may lead to an unprivileged user being able to modify system device tree files, leading to denial of service. | 7.1 |
2021-01-30 | CVE-2020-14418 | Morphisec Madshi Cisco | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products A TOCTOU vulnerability exists in madCodeHook before 2020-07-16 that allows local attackers to elevate their privileges to SYSTEM. | 7.0 |
2021-01-26 | CVE-2020-36211 | Devolutions | Improper Synchronization vulnerability in Devolutions Gfwx 0.1.0/0.2.0 An issue was discovered in the gfwx crate before 0.3.0 for Rust. | 7.0 |
2021-01-26 | CVE-2020-36209 | Late Static Project | Unspecified vulnerability in Late-Static Project Late-Static 0.1.0/0.2.0/0.3.0 An issue was discovered in the late-static crate before 0.4.0 for Rust. | 7.0 |
2021-01-26 | CVE-2020-36207 | Aovec Project | Improper Synchronization vulnerability in Aovec Project Aovec 20201210 An issue was discovered in the aovec crate through 2020-12-10 for Rust. | 7.0 |
2021-01-26 | CVE-2020-36206 | Rusb Project | Improper Synchronization vulnerability in Rusb Project Rusb An issue was discovered in the rusb crate before 0.7.0 for Rust. | 7.0 |
115 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2021-01-26 | CVE-2020-27542 | Company | OS Command Injection vulnerability in Company Cs-C2Shw Firmware 5.0.082.1 Rostelecom CS-C2SHW 5.0.082.1 is affected by: Bash command injection. | 6.8 |
2021-01-29 | CVE-2021-21254 | Ckeditor | Unspecified vulnerability in Ckeditor Ckeditor5 CKEditor 5 is an open source rich text editor framework with a modular architecture. | 6.5 |
2021-01-29 | CVE-2020-24665 | Hitachi | XML Entity Expansion vulnerability in Hitachi Vantara Pentaho 7.0.0/8.0.0 The Dashboard Editor in Hitachi Vantara Pentaho through 7.x - 8.x contains an XML Entity Expansion injection vulnerability, which allows an authenticated remote users to trigger a denial of service (DoS) condition. | 6.5 |
2021-01-29 | CVE-2021-25910 | Zivautomation | Improper Authentication vulnerability in Zivautomation 4Cct-Ea6-334126Bf Firmware 3.23.77.8.33251 Improper Authentication vulnerability in the cookie parameter of ZIV AUTOMATION 4CCT-EA6-334126BF allows a local attacker to perform modifications in several parameters of the affected device as an authenticated user. | 6.5 |
2021-01-29 | CVE-2020-35652 | Digium | Unspecified vulnerability in Digium Asterisk An issue was discovered in res_pjsip_diversion.c in Sangoma Asterisk before 13.38.0, 14.x through 16.x before 16.15.0, 17.x before 17.9.0, and 18.x before 18.1.0. | 6.5 |
2021-01-29 | CVE-2020-29604 | Mantisbt | Missing Authorization vulnerability in Mantisbt An issue was discovered in MantisBT before 2.24.4. | 6.5 |
2021-01-29 | CVE-2020-28406 | Iris | Unspecified vulnerability in Iris Star Practice Management 2019.2.0.6 An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an unauthorized user to access details about jobs he should not have access to via the Audit Trail Feature. | 6.5 |
2021-01-29 | CVE-2020-28404 | Iris | Unspecified vulnerability in Iris Star Practice Management 2019.2.0.6 An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an unauthorized user to access the Billing page without the appropriate privileges. | 6.5 |
2021-01-29 | CVE-2020-28401 | Iris | Unspecified vulnerability in Iris Star Practice Management 2019.2.0.6 An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an unauthorized user to access WIP details about jobs he should not have access to. | 6.5 |
2021-01-29 | CVE-2019-25014 | Istio Redhat | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference was found in pkg/proxy/envoy/v2/debug.go getResourceVersion in Istio pilot before 1.5.0-alpha.0. | 6.5 |
2021-01-28 | CVE-2020-26272 | Electronjs | Unspecified vulnerability in Electronjs Electron The Electron framework lets you write cross-platform desktop applications using JavaScript, HTML and CSS. | 6.5 |
2021-01-27 | CVE-2020-4789 | IBM | Path Traversal vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.4.2 GA to 7.4.2 Patch 1, 7.4.0 to 7.4.1 Patch 1, and 7.3.0 to 7.3.3 Patch 5 could allow a remote attacker to traverse directories on the system. | 6.5 |
2021-01-26 | CVE-2021-26272 | Ckeditor Oracle | Inclusion of Functionality from Untrusted Control Sphere vulnerability in multiple products It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted URL-like text into the editor, and then press Enter or Space (in the Autolink plugin). | 6.5 |
2021-01-26 | CVE-2021-26271 | Ckeditor Oracle | Inclusion of Functionality from Untrusted Control Sphere vulnerability in multiple products It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted text into the Styles input of specific dialogs (in the Advanced Tab for Dialogs plugin). | 6.5 |
2021-01-26 | CVE-2021-21271 | Tendermint | Unspecified vulnerability in Tendermint 0.34.0/0.34.1/0.34.2 Tendermint Core is an open source Byzantine Fault Tolerant (BFT) middleware that takes a state transition machine - written in any programming language - and securely replicates it on many machines. | 6.5 |
2021-01-26 | CVE-2021-3114 | Golang Fedoraproject Debian Netapp | Incorrect Calculation vulnerability in multiple products In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field. | 6.5 |
2021-01-26 | CVE-2020-8293 | Nextcloud | Resource Exhaustion vulnerability in Nextcloud Server A missing input validation in Nextcloud Server before 20.0.2, 19.0.5, 18.0.11 allows users to store unlimited data in workflow rules causing load and potential DDoS on later interactions and usage with those rules. | 6.5 |
2021-01-26 | CVE-2020-36200 | Kaspersky | Server-Side Request Forgery (SSRF) vulnerability in Kaspersky Tinycheck TinyCheck before commits 9fd360d and ea53de8 allowed an authenticated attacker to send an HTTP GET request to the crafted URLs. | 6.5 |
2021-01-26 | CVE-2020-27298 | Philips | OS Command Injection vulnerability in Philips products Philips Interventional Workspot (Release 1.3.2, 1.4.0, 1.4.1, 1.4.3, 1.4.5), Coronary Tools/Dynamic Coronary Roadmap/Stentboost Live (Release 1.0), ViewForum (Release 6.3V1L10). | 6.5 |
2021-01-26 | CVE-2020-23161 | Pyres | Path Traversal vulnerability in Pyres Termod4 Firmware Local file inclusion in Pyrescom Termod4 time management devices before 10.04k allows authenticated remote attackers to traverse directories and read sensitive files via the Maintenance > Logs menu and manipulating the file-path in the URL. | 6.5 |
2021-01-30 | CVE-2020-17380 | Qemu Debian | Out-of-bounds Write vulnerability in multiple products A heap-based buffer overflow was found in QEMU through 5.0.0 in the SDHCI device emulation support. | 6.3 |
2021-01-29 | CVE-2021-26303 | Phpgurukul | Cross-site Scripting vulnerability in PHPgurukul Daily Expense Tracker System 1.0 PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS via the user-profile.php Full Name field. | 6.1 |
2021-01-28 | CVE-2020-1723 | Redhat Keycloak Gatekeeper Project | Open Redirect vulnerability in multiple products A flaw was found in Keycloak Gatekeeper (Louketo). | 6.1 |
2021-01-28 | CVE-2021-22875 | Revive Adserver | Cross-site Scripting vulnerability in Revive-Adserver Revive Adserver Revive Adserver before 5.1.1 is vulnerable to a reflected XSS vulnerability in stats.php via the `setPerPage` parameter. | 6.1 |
2021-01-28 | CVE-2021-22874 | Revive Adserver | Cross-site Scripting vulnerability in Revive-Adserver Revive Adserver Revive Adserver before 5.1.1 is vulnerable to a reflected XSS vulnerability in userlog-index.php via the `period_preset` parameter. | 6.1 |
2021-01-28 | CVE-2021-20622 | Aterm | Cross-site Scripting vulnerability in Aterm Wg2600Hp2 Firmware and Wg2600Hp Firmware Cross-site scripting vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors. | 6.1 |
2021-01-28 | CVE-2021-20620 | Aterm | Cross-site Scripting vulnerability in Aterm Wg2600Hp Firmware Cross-site scripting vulnerability in Aterm WF800HP firmware Ver1.0.9 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors. | 6.1 |
2021-01-27 | CVE-2021-3318 | Dzzoffice | Cross-site Scripting vulnerability in Dzzoffice attach/ajax.php in DzzOffice through 2.02.1 allows XSS via the editorid parameter. | 6.1 |
2021-01-27 | CVE-2020-4820 | IBM | Cross-site Scripting vulnerability in IBM Cloud PAK for Security 1.4.0.0 IBM Cloud Pak for Security (CP4S) 1.4.0.0 is vulnerable to cross-site scripting. | 6.1 |
2021-01-26 | CVE-2020-23774 | Winmail Project | Cross-site Scripting vulnerability in Winmail Project Winmail 6.5 A reflected XSS vulnerability exists in tohtml/convert.php of Winmail 6.5, which can cause JavaScript code to be executed. | 6.1 |
2021-01-26 | CVE-2021-3186 | Tenda | Cross-site Scripting vulnerability in Tenda Ac1200 Firmware 15.03.06.47Multi A Stored Cross-site scripting (XSS) vulnerability in /main.html Wifi Settings in Tenda AC5 AC1200 version V15.03.06.47_multi allows remote attackers to inject arbitrary web script or HTML via the Wifi Name parameter. | 6.1 |
2021-01-26 | CVE-2021-22873 | Revive Adserver | Open Redirect vulnerability in Revive-Adserver Revive Adserver Revive Adserver before 5.1.0 is vulnerable to open redirects via the `dest`, `oadest`, and/or `ct0` parameters of the lg.php and ck.php delivery scripts. | 6.1 |
2021-01-26 | CVE-2021-22872 | Revive Adserver | Cross-site Scripting vulnerability in Revive-Adserver Revive Adserver Revive Adserver before 5.1.0 is vulnerable to a reflected cross-site scripting (XSS) vulnerability via the publicly accessible afr.php delivery script. | 6.1 |
2021-01-26 | CVE-2020-36202 | Rust Lang | Cross-site Scripting vulnerability in Rust-Lang Async-H1 An issue was discovered in the async-h1 crate before 2.3.0 for Rust. | 6.1 |
2021-01-26 | CVE-2020-35753 | Persis | Cross-site Scripting vulnerability in Persis Human Resource Management Portal The job posting recommendation form in Persis Human Resource Management Portal (Versions 17.2.00 through 17.2.35 and 19.0.00 through 19.0.20), when the "Recommend job posting" function is enabled, allows XSS via the SENDER parameter. | 6.1 |
2021-01-26 | CVE-2020-27735 | Wftpserver | Cross-site Scripting vulnerability in Wftpserver Wing FTP Server 6.4.4 An XSS issue was discovered in Wing FTP 6.4.4. | 6.1 |
2021-01-26 | CVE-2020-24085 | Misp | Cross-site Scripting vulnerability in Misp 2.4.128 A cross-site scripting (XSS) vulnerability exists in MISP v2.4.128 in app/Controller/UserSettingsController.php at SetHomePage() function. | 6.1 |
2021-01-26 | CVE-2020-23447 | Newbee Mall Project | Cross-site Scripting vulnerability in Newbee-Mall Project Newbee-Mall 1.0 newbee-mall 1.0 is affected by cross-site scripting in shop-cart/settle. | 6.1 |
2021-01-26 | CVE-2020-21146 | Feehi | Cross-site Scripting vulnerability in Feehi CMS 2.0.8 Feehi CMS 2.0.8 is affected by a cross-site scripting (XSS) vulnerability. | 6.1 |
2021-01-27 | CVE-2020-5428 | Vmware | SQL Injection vulnerability in VMWare Spring Cloud Task In applications using Spring Cloud Task 2.2.4.RELEASE and below, may be vulnerable to SQL injection when exercising certain lookup queries in the TaskExplorer. | 6.0 |
2021-01-27 | CVE-2020-4816 | IBM | Missing Authorization vulnerability in IBM Cloud PAK for Security 1.4.0.0 IBM Cloud Pak for Security (CP4S) 1.4.0.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 5.9 |
2021-01-26 | CVE-2020-36220 | VA TS Project | Improper Locking vulnerability in Va-Ts Project Va-Ts 0.0.1/0.0.2/0.0.3 An issue was discovered in the va-ts crate before 0.0.4 for Rust. | 5.9 |
2021-01-26 | CVE-2020-36219 | Atomic Option Project | Unspecified vulnerability in Atomic-Option Project Atomic-Option An issue was discovered in the atomic-option crate through 2020-10-31 for Rust. | 5.9 |
2021-01-26 | CVE-2020-36218 | Nonpolynomial | Unspecified vulnerability in Nonpolynomial Buttplug An issue was discovered in the buttplug crate before 1.0.4 for Rust. | 5.9 |
2021-01-26 | CVE-2020-36217 | MAY Queue Project | Improper Synchronization vulnerability in MAY Queue Project MAY Queue An issue was discovered in the may_queue crate through 2020-11-10 for Rust. | 5.9 |
2021-01-26 | CVE-2020-36216 | Petabi | Improper Synchronization vulnerability in Petabi Eventio An issue was discovered in Input<R> in the eventio crate before 0.5.1 for Rust. | 5.9 |
2021-01-26 | CVE-2020-36214 | Multiqueue2 Project | Unspecified vulnerability in Multiqueue2 Project Multiqueue2 An issue was discovered in the multiqueue2 crate before 0.1.7 for Rust. | 5.9 |
2021-01-26 | CVE-2020-17522 | Apache | Incorrect Permission Assignment for Critical Resource vulnerability in Apache Traffic Control When ORT (now via atstccfg) generates ip_allow.config files in Apache Traffic Control 3.0.0 to 3.1.0 and 4.0.0 to 4.1.0, those files include permissions that allow bad actors to push arbitrary content into and remove arbitrary content from CDN cache servers. | 5.8 |
2021-01-29 | CVE-2021-26307 | RAW Cpuid Project | Unspecified vulnerability in Raw-Cpuid Project Raw-Cpuid An issue was discovered in the raw-cpuid crate before 9.0.0 for Rust. | 5.5 |
2021-01-28 | CVE-2020-8585 | Netapp | Link Following vulnerability in Netapp Oncommand Unified Manager OnCommand Unified Manager Core Package versions prior to 5.2.5 may disclose sensitive account information to unauthorized users via the use of PuTTY Link (plink). | 5.5 |
2021-01-27 | CVE-2021-25226 | Trendmicro | Resource Exhaustion vulnerability in Trendmicro Serverprotect 3.0 A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product. | 5.5 |
2021-01-27 | CVE-2021-25225 | Trendmicro | Resource Exhaustion vulnerability in Trendmicro Serverprotect 3.0 A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product. | 5.5 |
2021-01-27 | CVE-2021-25224 | Trendmicro | Resource Exhaustion vulnerability in Trendmicro Serverprotect 3.0 A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product. | 5.5 |
2021-01-27 | CVE-2021-3272 | Jasper Project Fedoraproject | Out-of-bounds Read vulnerability in multiple products jp2_decode in jp2/jp2_dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is an invalid relationship between the number of channels and the number of image components. | 5.5 |
2021-01-26 | CVE-2021-1071 | Nvidia | Unspecified vulnerability in Nvidia Linux for Tegra R21.6/R24.2.2 NVIDIA Tegra kernel in Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano and Nano 2GB, all L4T versions prior to r32.5, contains a vulnerability in the INA3221 driver in which improper access control may lead to unauthorized users gaining access to system power usage data, which may lead to information disclosure. | 5.5 |
2021-01-26 | CVE-2021-3308 | XEN Fedoraproject | An issue was discovered in Xen 4.12.3 through 4.12.4 and 4.13.1 through 4.14.x. | 5.5 |
2021-01-26 | CVE-2020-36205 | XCB Project | Use After Free vulnerability in XCB Project XCB 20201210 An issue was discovered in the xcb crate through 2020-12-10 for Rust. | 5.5 |
2021-01-26 | CVE-2020-35843 | Faststone | Out-of-bounds Write vulnerability in Faststone Image Viewer 7.5 FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted image file) at FSViewer.exe+0x956e. | 5.5 |
2021-01-26 | CVE-2020-27098 | Unspecified vulnerability in Google Android 11.0 In checkGrantUriPermission of UriGrantsManagerService.java, there is a possible way to access contacts due to a permissions bypass. | 5.5 | |
2021-01-26 | CVE-2020-27097 | Unspecified vulnerability in Google Android 11.0 In checkGrantUriPermission of UriGrantsManagerService.java, there is a possible permissions bypass. | 5.5 | |
2021-01-26 | CVE-2020-26941 | Eset | Incorrect Default Permissions vulnerability in Eset products A local (authenticated) low-privileged user can exploit a behavior in an ESET installer to achieve arbitrary file overwrite (deletion) of any file via a symlink, due to insecure permissions. | 5.5 |
2021-01-29 | CVE-2020-24670 | Hitachi | Cross-site Scripting vulnerability in Hitachi Vantara Pentaho 7.0.0/8.0.0 The Dashboard Editor in Hitachi Vantara Pentaho through 7.x - 8.x contains a reflected Cross-site scripting vulnerability, which allows an authenticated remote users to execute arbitrary JavaScript code. | 5.4 |
2021-01-29 | CVE-2020-24669 | Hitachi | Cross-site Scripting vulnerability in Hitachi Vantara Pentaho The New Analysis Report in Hitachi Vantara Pentaho through 7.x - 8.x contains a DOM-based Cross-site scripting vulnerability, which allows an authenticated remote users to execute arbitrary JavaScript code. | 5.4 |
2021-01-29 | CVE-2020-24666 | Hitachi | Cross-site Scripting vulnerability in Hitachi Vantara Pentaho The Analysis Report in Hitachi Vantara Pentaho through 7.x - 8.x contains a stored Cross-site scripting vulnerability, which allows an authenticated remote users to execute arbitrary JavaScript code. | 5.4 |
2021-01-29 | CVE-2020-24664 | Hitachi | Cross-site Scripting vulnerability in Hitachi Vantara Pentaho 7.0.0/8.0.0 The dashboard Editor in Hitachi Vantara Pentaho through 7.x - 8.x contains a reflected Cross-site scripting vulnerability, which allows an authenticated remote users to execute arbitrary JavaScript code. | 5.4 |
2021-01-29 | CVE-2020-29537 | RSA | Open Redirect vulnerability in RSA Archer Archer before 6.8 P2 (6.8.0.2) is affected by an open redirect vulnerability. | 5.4 |
2021-01-29 | CVE-2020-29535 | RSA | Cross-site Scripting vulnerability in RSA Archer Archer before 6.8 P4 (6.8.0.4) contains a stored XSS vulnerability. | 5.4 |
2021-01-29 | CVE-2021-3298 | O DYN | Cross-site Scripting vulnerability in O-Dyn Collabtive 3.1 Collabtive 3.1 allows XSS when an authenticated user enters an XSS payload into the address section of the profile edit page, aka the manageuser.php?action=edit address1 parameter. | 5.4 |
2021-01-29 | CVE-2021-26304 | Phpgurukul | Cross-site Scripting vulnerability in PHPgurukul Daily Expense Tracker System 1.0 PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS via the add-expense.php Item parameter. | 5.4 |
2021-01-28 | CVE-2020-36115 | Egavilanmedia | Cross-site Scripting vulnerability in Egavilanmedia PHPcrud 1.0 Stored Cross Site Scripting (XSS) vulnerability in EGavilan Media CRUD Operation with PHP, MySQL, Bootstrap, and Dompdf via First Name or Last Name parameter in the 'Add New Record Feature'. | 5.4 |
2021-01-28 | CVE-2020-1725 | Redhat | Incorrect Authorization vulnerability in Redhat Keycloak A flaw was found in keycloak before version 13.0.0. | 5.4 |
2021-01-28 | CVE-2021-25647 | Testes Codigo | Cross-site Scripting vulnerability in Testes-Codigo Testes DE Codigo Mobile application "Testes de Codigo" v11.3 and prior allows stored XSS by injecting a payload in the "feedback" message field causing it to be stored in the remote database and leading to its execution on client devices when loading the "feedback list", either by accessing the website directly or using the mobile application. | 5.4 |
2021-01-28 | CVE-2021-20186 | Moodle | Unspecified vulnerability in Moodle It was found in Moodle before version 3.10.1, 3.9.4, 3.8.7 and 3.5.16 that if the TeX notation filter was enabled, additional sanitizing of TeX content was required to prevent the risk of stored XSS. | 5.4 |
2021-01-28 | CVE-2021-20183 | Moodle | Unspecified vulnerability in Moodle It was found in Moodle before version 3.10.1 that some search inputs were vulnerable to reflected XSS due to insufficient escaping of search queries. | 5.4 |
2021-01-27 | CVE-2021-20357 | IBM | Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation products is vulnerable to cross-site scripting. | 5.4 |
2021-01-27 | CVE-2020-4865 | IBM | Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation products is vulnerable to cross-site scripting. | 5.4 |
2021-01-27 | CVE-2020-4855 | IBM | Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation products is vulnerable to cross-site scripting. | 5.4 |
2021-01-27 | CVE-2020-4547 | IBM | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM products IBM Jazz Foundation products could allow a remote attacker to hijack the clicking action of the victim. | 5.4 |
2021-01-27 | CVE-2020-4524 | IBM | Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation products is vulnerable to cross-site scripting. | 5.4 |
2021-01-26 | CVE-2021-21283 | Flarum | Unspecified vulnerability in Flarum Sticky 0.1.0 Flarum is an open source discussion platform for websites. | 5.4 |
2021-01-26 | CVE-2021-23272 | Tibco | Cross-site Scripting vulnerability in Tibco products The Application Development Clients component of TIBCO Software Inc.'s TIBCO BPM Enterprise and TIBCO BPM Enterprise Distribution for TIBCO Silver Fabric contains a vulnerability that theoretically allows a low privileged attacker with network access to execute a Cross Site Scripting (XSS) attack on the affected system. | 5.4 |
2021-01-26 | CVE-2020-8292 | Rocket Chat | Cross-site Scripting vulnerability in Rocket.Chat Rocket.Chat server before 3.9.0 is vulnerable to a self cross-site scripting (XSS) vulnerability via the drag & drop functionality in message boxes. | 5.4 |
2021-01-26 | CVE-2020-8288 | Rocket Chat | Cross-site Scripting vulnerability in Rocket.Chat The `specializedRendering` function in Rocket.Chat server before 3.9.2 allows a cross-site scripting (XSS) vulnerability by way of the `value` parameter. | 5.4 |
2021-01-26 | CVE-2020-23014 | Apfell Project | Cross-site Scripting vulnerability in Apfell Project Apfell 1.4 APfell 1.4 is vulnerable to authenticated reflected cross-site scripting (XSS) in /apiui/command_ through the payloadtypes_callback function, which allows an attacker to steal remote admin/user session and/or adding new users to the administration panel. | 5.4 |
2021-01-26 | CVE-2019-25015 | Openwrt | Cross-site Scripting vulnerability in Openwrt LuCI in OpenWrt 18.06.0 through 18.06.4 allows stored XSS via a crafted SSID. | 5.4 |
2021-01-28 | CVE-2021-20185 | Moodle | Allocation of Resources Without Limits or Throttling vulnerability in Moodle It was found in Moodle before version 3.10.1, 3.9.4, 3.8.7 and 3.5.16 that messaging did not impose a character limit when sending messages, which could result in client-side (browser) denial of service for users receiving very large messages. | 5.3 |
2021-01-28 | CVE-2021-26067 | Atlassian | Information Exposure vulnerability in Atlassian Bamboo Affected versions of Atlassian Bamboo allow an unauthenticated remote attacker to view a stack trace that may reveal the path for the home directory in disk and if certain files exists on the tmp directory, via a Sensitive Data Exposure vulnerability in the /chart endpoint. | 5.3 |
2021-01-27 | CVE-2021-26276 | Godaddy | Improper Control of Dynamically-Managed Code Resources vulnerability in Godaddy Node-Config-Shield 0.2.2 scripts/cli.js in the GoDaddy node-config-shield (aka Config Shield) package before 0.2.2 for Node.js calls eval when processing a set command. | 5.3 |
2021-01-27 | CVE-2020-4815 | IBM | Information Exposure vulnerability in IBM Cloud PAK for Security 1.4.0.0 IBM Cloud Pak for Security (CP4S) 1.4.0.0 could allow a remote user to obtain sensitive information from HTTP response headers that could be used in further attacks against the system. | 5.3 |
2021-01-27 | CVE-2020-4628 | IBM | Information Exposure Through an Error Message vulnerability in IBM Cloud PAK for Security 1.3.0.1/1.4.0.0 IBM Cloud Pak for Security (CP4S) 1.3.0.1 and 1.4.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 5.3 |
2021-01-26 | CVE-2021-3285 | TI | Improper Certificate Validation vulnerability in TI Code Composer Studio Intgrated Development Environment jxbrowser in TI Code Composer Studio IDE 8.x through 10.x before 10.1.1 does not verify X.509 certificates for HTTPS. | 5.3 |
2021-01-26 | CVE-2021-3152 | Home Assistant | Path Traversal vulnerability in Home-Assistant Home Assistant before 2021.1.3 does not have a protection layer that can help to prevent directory-traversal attacks against custom integrations. | 5.3 |
2021-01-26 | CVE-2021-25901 | Lazy Init Project | Out-of-bounds Read vulnerability in Lazy-Init Project Lazy-Init An issue was discovered in the lazy-init crate through 2021-01-17 for Rust. | 5.3 |
2021-01-26 | CVE-2021-21615 | Jenkins | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Jenkins Jenkins 2.275 and LTS 2.263.2 allows reading arbitrary files using the file browser for workspaces and archived artifacts due to a time-of-check to time-of-use (TOCTOU) race condition. | 5.3 |
2021-01-29 | CVE-2020-29538 | RSA | Unspecified vulnerability in RSA Archer Archer before 6.9 P1 (6.9.0.1) contains an improper access control vulnerability in an API. | 4.9 |
2021-01-26 | CVE-2020-6780 | Bosch | Use of Password Hash With Insufficient Computational Effort vulnerability in Bosch Fsm-2500 Firmware and Fsm-5000 Firmware Use of Password Hash With Insufficient Computational Effort in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows a remote attacker with admin privileges to dump the credentials of other users and possibly recover their plain-text passwords by brute-forcing the MD5 hash. | 4.9 |
2021-01-26 | CVE-2020-35513 | Linux Redhat | A flaw incorrect umask during file or directory modification in the Linux kernel NFS (network file system) functionality was found in the way user create and delete object using NFSv4.2 or newer if both simultaneously accessing the NFS by the other process that is not using new NFSv4.2. | 4.9 |
2021-01-27 | CVE-2020-36012 | Bdtask | Cross-site Scripting vulnerability in Bdtask Multi-Store 1.0.0 Stored XSS vulnerability in BDTASK Multi-Store Inventory Management System 1.0 allows a local admin to inject arbitrary code via the Customer Name Field. | 4.8 |
2021-01-26 | CVE-2021-22871 | Revive Adserver | Cross-site Scripting vulnerability in Revive-Adserver Revive Adserver Revive Adserver before 5.1.0 permits any user with a manager account to store possibly malicious content in the URL website property, which is then displayed unsanitized in the affiliate-preview.php tag generation screen, leading to a persistent cross-site scripting (XSS) vulnerability. | 4.8 |
2021-01-26 | CVE-2020-36011 | Qdocs | Cross-site Scripting vulnerability in Qdocs Smart Hospital 3.1 A cross-site scripting (XSS) issue in Add Patient Form in QDOCS Smart Hospital Management System 3.1 allows a remote attacker to inject arbitrary code via the Name, Guardian Name, Email, Address, Remarks, or Any Known Allergies field. | 4.8 |
2021-01-26 | CVE-2020-35854 | Textpattern | Cross-site Scripting vulnerability in Textpattern 4.8.4 Textpattern 4.8.4 is affected by cross-site scripting (XSS) in the Body parameter. | 4.8 |
2021-01-26 | CVE-2020-35853 | 4Homepages | Cross-site Scripting vulnerability in 4Homepages 4Images 1.7.11 4images Image Gallery Management System 1.7.11 is affected by cross-site scripting (XSS) in the Image URL. | 4.8 |
2021-01-26 | CVE-2020-35309 | Bakeshop Online Ordering System Project | Cross-site Scripting vulnerability in Bakeshop Online Ordering System Project Bakeshop Online Ordering System 1.0 Bakeshop Online Ordering System in PHP/MySQLi 1.0 is affected by cross-site scripting (XSS) which allows remote attackers to inject an arbitrary web script or HTML in admin dashboard - "Categories". | 4.8 |
2021-01-26 | CVE-2020-29241 | Online News Portal Project | Cross-site Scripting vulnerability in Online News Portal Project Online News Portal 1.0 Online News Portal using PHP/MySQLi 1.0 is affected by cross-site scripting (XSS) which allows remote attackers to inject an arbitrary web script or HTML via the "Title" parameter. | 4.8 |
2021-01-26 | CVE-2020-21147 | Rockoa | Cross-site Scripting vulnerability in Rockoa 1.9.8 RockOA V1.9.8 is affected by a cross-site scripting (XSS) vulnerability which allows remote attackers to send malicious code to the administrator and execute JavaScript code, because webmain/flow/input/mode_emailmAction.php does not perform strict filtering. | 4.8 |
2021-01-26 | CVE-2020-36204 | IM Project | Unspecified vulnerability in IM Project IM 20201109 An issue was discovered in the im crate through 2020-11-09 for Rust. | 4.7 |
2021-01-26 | CVE-2020-36203 | Reffers Project | Out-of-bounds Write vulnerability in Reffers Project Reffers 20201201 An issue was discovered in the reffers crate through 2020-12-01 for Rust. | 4.7 |
2021-01-29 | CVE-2020-29605 | Mantisbt | Incorrect Authorization vulnerability in Mantisbt An issue was discovered in MantisBT before 2.24.4. | 4.3 |
2021-01-29 | CVE-2020-29603 | Mantisbt | Insecure Storage of Sensitive Information vulnerability in Mantisbt In manage_proj_edit_page.php in MantisBT before 2.24.4, any unprivileged logged-in user can retrieve Private Projects' names via the manage_proj_edit_page.php project_id parameter, without having access to them. | 4.3 |
2021-01-29 | CVE-2020-29536 | RSA | Use of a Broken or Risky Cryptographic Algorithm vulnerability in RSA Archer Archer before 6.8 P2 (6.8.0.2) is affected by a path exposure vulnerability. | 4.3 |
2021-01-28 | CVE-2021-20184 | Moodle | Unspecified vulnerability in Moodle It was found in Moodle before version 3.10.1, 3.9.4 and 3.8.7 that a insufficient capability checks in some grade related web services meant students were able to view other students grades. | 4.3 |
2021-01-27 | CVE-2020-4786 | IBM | Server-Side Request Forgery (SSRF) vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.4.2 GA to 7.4.2 Patch 1, 7.4.0 to 7.4.1 Patch 1, and 7.3.0 to 7.3.3 Patch 5 is vulnerable to server side request forgery (SSRF). | 4.3 |
2021-01-27 | CVE-2020-4189 | IBM | Cleartext Storage of Sensitive Information vulnerability in IBM Security Guardium 11.2 IBM Security Guardium 11.2 discloses sensitive information in the response headers that could be used in further attacks against the system. | 4.3 |
2021-01-27 | CVE-2020-4967 | IBM | Information Exposure vulnerability in IBM Cloud PAK for Security 1.3.0.1 IBM Cloud Pak for Security (CP4S) 1.3.0.1 could disclose sensitive information through HTTP headers which could be used in further attacks against the system. | 4.3 |
2021-01-25 | CVE-2021-21275 | Report Project Oracle | Cross-Site Request Forgery (CSRF) vulnerability in multiple products The MediaWiki "Report" extension has a Cross-Site Request Forgery (CSRF) vulnerability. | 4.3 |
3 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2021-01-26 | CVE-2020-29443 | Qemu Debian | Out-of-bounds Read vulnerability in multiple products ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated. | 3.9 |
2021-01-26 | CVE-2020-4889 | IBM | Unspecified vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.0.0 through 5.0.5.4 and 5.1.0 could allow a local user to poison log files which could impact support and development efforts. | 3.3 |
2021-01-27 | CVE-2020-4787 | IBM | Server-Side Request Forgery (SSRF) vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.4.2 GA to 7.4.2 Patch 1, 7.4.0 to 7.4.1 Patch 1, and 7.3.0 to 7.3.3 Patch 5 is vulnerable to server side request forgery (SSRF). | 2.3 |