Weekly Vulnerabilities Reports > May 3 to 9, 2021

Overview

329 new vulnerabilities reported during this period, including 19 critical vulnerabilities and 76 high severity vulnerabilities. This weekly summary report vulnerabilities in 1063 products from 123 vendors including Cisco, Foxitsoftware, Exim, Qualcomm, and IBM. Vulnerabilities are notably categorized as "Cross-site Scripting", "Out-of-bounds Read", "Use After Free", "Out-of-bounds Write", and "Improper Restriction of Operations within the Bounds of a Memory Buffer".

  • 266 reported vulnerabilities are remotely exploitables.
  • 1 reported vulnerabilities have public exploit available.
  • 102 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 241 reported vulnerabilities are exploitable by an anonymous user.
  • Cisco has the most reported vulnerabilities, with 34 reported vulnerabilities.
  • Tenda has the most reported critical vulnerabilities, with 4 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

19 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2021-05-07 CVE-2021-31755 Tenda Out-Of-Bounds Write vulnerability in Tenda Ac11 Firmware

An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN.

10.0
2021-05-07 CVE-2021-31756 Tenda Out-Of-Bounds Write vulnerability in Tenda Ac11 Firmware

An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN.

10.0
2021-05-07 CVE-2021-31757 Tenda Out-Of-Bounds Write vulnerability in Tenda Ac11 Firmware

An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN.

10.0
2021-05-07 CVE-2021-31758 Tenda Out-Of-Bounds Write vulnerability in Tenda Ac11 Firmware

An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN.

10.0
2021-05-07 CVE-2020-11279 Qualcomm Integer Overflow OR Wraparound vulnerability in Qualcomm products

Memory corruption while processing crafted SDES packets due to improper length check in sdes packets recieved in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

10.0
2021-05-07 CVE-2021-1910 Qualcomm Double Free vulnerability in Qualcomm products

Double free in video due to lack of input buffer length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

10.0
2021-05-07 CVE-2021-32090 Localstack Command Injection vulnerability in Localstack 0.12.6

The dashboard component of StackLift LocalStack 0.12.6 allows attackers to inject arbitrary shell commands via the functionName parameter.

10.0
2021-05-06 CVE-2021-29203 HP Improper Authentication vulnerability in HP Edgeline Infrastructure Manager 1.21

A security vulnerability has been identified in the HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software, prior to version 1.22.

10.0
2021-05-06 CVE-2021-1497 Cisco OS Command Injection vulnerability in Cisco Hyperflex HX Data Platform 4.0(2A)

Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device.

10.0
2021-05-06 CVE-2021-21505 Dell Insufficiently Protected Credentials vulnerability in Dell EMC Integrated System for Microsoft Azure Stack HUB Firmware

Dell EMC Integrated System for Microsoft Azure Stack Hub, versions 1906 – 2011, contain an undocumented default iDRAC account.

10.0
2021-05-07 CVE-2020-11285 Qualcomm Out-Of-Bounds Read vulnerability in Qualcomm products

Buffer over-read while unpacking the RTCP packet we may read extra byte if wrong length is provided in RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

9.4
2021-05-06 CVE-2020-28026 Exim Argument Injection OR Modification vulnerability in Exim

Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters, relevant in non-default configurations that enable Delivery Status Notification (DSN).

9.3
2021-05-05 CVE-2020-13664 Drupal Command Injection vulnerability in Drupal

Arbitrary PHP code execution vulnerability in Drupal Core under certain circumstances.

9.3
2021-05-03 CVE-2020-35757 Librewireless Improper Privilege Management vulnerability in Librewireless LS9 Firmware 7040

An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices.

9.3
2021-05-03 CVE-2021-25631 Libreoffice Unspecified vulnerability in Libreoffice 7.0.4/7.1.0/7.1.1

In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the 7-0 series in versions prior to 7.0.5, the denylist can be circumvented by manipulating the link so it doesn't match the denylist but results in ShellExecute attempting to launch an executable type.

9.3
2021-05-06 CVE-2021-28151 Hongdian OS Command Injection vulnerability in Hongdian H8922 Firmware 3.0.5

Hongdian H8922 3.0.5 devices allow OS command injection via shell metacharacters into the ip-address (aka Destination) field to the tools.cgi ping command, which is accessible with the username guest and password guest.

9.0
2021-05-06 CVE-2020-28021 Exim Unspecified vulnerability in Exim

Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters.

9.0
2021-05-06 CVE-2021-1401 Cisco Improper Privilege Management vulnerability in Cisco products

Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to obtain sensitive information from or inject arbitrary commands on an affected device.

9.0
2021-05-04 CVE-2020-21999 IWT OS Command Injection vulnerability in IWT Facesentry Access Control System Firmware 5.7.0/5.7.2/6.4.8

iWT Ltd FaceSentry Access Control System 6.4.8 suffers from an authenticated OS command injection vulnerability using default credentials.

9.0

76 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2021-05-06 CVE-2021-1509 Cisco Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco products

Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device.

8.5
2021-05-07 CVE-2020-11273 Qualcomm Reachable Assertion vulnerability in Qualcomm products

Histogram type KPI was teardown with the assumption of the existence of histogram binning info and will lead to null pointer access when histogram binning info is missing due to lack of null check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile

7.8
2021-05-07 CVE-2020-11274 Qualcomm Reachable Assertion vulnerability in Qualcomm products

Denial of service in MODEM due to assert to the invalid configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

7.8
2021-05-07 CVE-2021-1925 Qualcomm Reachable Assertion vulnerability in Qualcomm products

Possible denial of service scenario due to improper handling of group management action frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

7.8
2021-05-06 CVE-2021-1275 Cisco Resource Exhaustion vulnerability in Cisco Sd-Wan Vmanage

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated, local attacker to gain escalated privileges or gain unauthorized access to the application.

7.8
2021-05-06 CVE-2021-1513 Cisco Improper Input Validation vulnerability in Cisco products

A vulnerability in the vDaemon process of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to cause a device to reload, resulting in a denial of service (DoS) condition.

7.8
2021-05-05 CVE-2021-31518 Trendmicro Unspecified vulnerability in Trendmicro Home Network Security

Trend Micro Home Network Security 6.5.599 and earlier is vulnerable to a file-parsing vulnerability which could allow an attacker to exploit the vulnerability and cause a denial-of-service to the device.

7.8
2021-05-05 CVE-2021-31517 Trendmicro Unspecified vulnerability in Trendmicro Home Network Security

Trend Micro Home Network Security 6.5.599 and earlier is vulnerable to a file-parsing vulnerability which could allow an attacker to exploit the vulnerability and cause a denial-of-service to the device.

7.8
2021-05-07 CVE-2021-27573 Remotemouse Missing Authorization vulnerability in Remotemouse Emote Remote Mouse

An issue was discovered in Emote Remote Mouse through 4.0.0.0.

7.5
2021-05-07 CVE-2021-22671 TI Integer Overflow OR Wraparound vulnerability in TI products

Multiple integer overflow issues exist while processing long domain names, which may allow an attacker to remotely execute code on the SimpleLink Wi-Fi (MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK v4.30.00.06 and prior, CC13X0 SDK versions prior to v4.10.03, CC13X2 and CC26XX SDK versions prior to v4.40.00, CC3200 SDK v1.5.0 and prior, CC3100 SDK v1.3.0 and prior).

7.5
2021-05-07 CVE-2021-22679 TI Integer Overflow OR Wraparound vulnerability in TI products

The affected product is vulnerable to an integer overflow while processing HTTP headers, which may allow an attacker to remotely execute code on the SimpleLink Wi-Fi (MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK v4.30.00.06 and prior, CC13X0 SDK versions prior to v4.10.03, CC13X2 and CC26XX SDK versions prior to v4.40.00, CC3200 SDK v1.5.0 and prior, CC3100 SDK v1.3.0 and prior).

7.5
2021-05-07 CVE-2021-21984 Vmware Command Injection vulnerability in VMWare Vrealize Business for Cloud

VMware vRealize Business for Cloud 7.x prior to 7.6.0 contains a remote code execution vulnerability due to an unauthorised end point.

7.5
2021-05-07 CVE-2021-32098 Artica Deserialization of Untrusted Data vulnerability in Artica Pandora FMS 742

Artica Pandora FMS 742 allows unauthenticated attackers to perform Phar deserialization.

7.5
2021-05-07 CVE-2021-32099 Artica SQL Injection vulnerability in Artica Pandora FMS 742

A SQL injection vulnerability in the pandora_console component of Artica Pandora FMS 742 allows an unauthenticated attacker to upgrade his unprivileged session via the /include/chart_generator.php session_id parameter, leading to a login bypass.

7.5
2021-05-06 CVE-2021-31737 Emlog Unrestricted Upload of File With Dangerous Type vulnerability in Emlog 5.3.1/6.0.0

emlog v5.3.1 and emlog v6.0.0 have a Remote Code Execution vulnerability due to upload of database backup file in admin/data.php.

7.5
2021-05-06 CVE-2020-18890 Puppycms Improper Preservation of Permissions vulnerability in Puppycms 5.1

Rmote Code Execution (RCE) vulnerability in puppyCMS v5.1 due to insecure permissions, which could let a remote malicious user getshell via /admin/functions.php.

7.5
2021-05-06 CVE-2021-28152 Hongdian USE of Hard-Coded Credentials vulnerability in Hongdian H8922 Firmware 3.0.5

Hongdian H8922 3.0.5 devices have an undocumented feature that allows access to a shell as a superuser.

7.5
2021-05-06 CVE-2021-20204 Getdata Project
Debian
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

A heap memory corruption problem (use after free) can be triggered in libgetdata v0.10.0 when processing maliciously crafted dirfile databases.

7.5
2021-05-06 CVE-2021-30473 Aomedia
Fedoraproject
Release of Invalid Pointer OR Reference vulnerability in multiple products

aom_image.c in libaom in AOMedia before 2021-04-07 frees memory that is not located on the heap.

7.5
2021-05-06 CVE-2021-32030 Asus Improper Authentication vulnerability in Asus Gt-Ac2900 Firmware 3.0.0.4.386.41793

The administrator application on ASUS GT-AC2900 devices before 3.0.0.4.386.42643 allows authentication bypass when processing remote input from an unauthenticated user, leading to unauthorized access to the administrator interface.

7.5
2021-05-06 CVE-2020-19107 Projectworlds SQL Injection vulnerability in Projectworlds Online Book Store Project in PHP 1.0

SQL Injection vulnerability in Online Book Store v1.0 via the isbn parameter to edit_book.php, which could let a remote malicious user execute arbitrary code.

7.5
2021-05-06 CVE-2020-19108 Projectworlds SQL Injection vulnerability in Projectworlds Online Book Store Project in PHP 1.0

SQL Injection vulnerability in Online Book Store v1.0 via the pubid parameter to bookPerPub.php, which could let a remote malicious user execute arbitrary code.

7.5
2021-05-06 CVE-2020-19109 Projectworlds SQL Injection vulnerability in Projectworlds Online Book Store Project in PHP 1.0

SQL Injection vulnerability in Online Book Store v1.0 via the bookisbn parameter to admin_edit.php, which could let a remote malicious user execute arbitrary code.

7.5
2021-05-06 CVE-2020-19110 Projectworlds SQL Injection vulnerability in Projectworlds Online Book Store Project in PHP 1.0

SQL Injection vulnerability in Online Book Store v1.0 via the bookisbn parameter to book.php parameter, which could let a remote malicious user execute arbitrary code.

7.5
2021-05-06 CVE-2020-19111 Projectworlds Improper Privilege Management vulnerability in Projectworlds Online Book Store Project in PHP 1.0

Incorrect Access Control vulnerability in Online Book Store v1.0 via admin_verify.php, which could let a remote mailicious user bypass authentication and obtain sensitive information.

7.5
2021-05-06 CVE-2020-19112 Projectworlds SQL Injection vulnerability in Projectworlds Online Book Store Project in PHP 1.0

SQL Injection vulnerability in Online Book Store v1.0 via the bookisbn parameter to admin_delete.php, which could let a remote malicious user execute arbitrary code.

7.5
2021-05-06 CVE-2020-19113 Projectworlds Unrestricted Upload of File With Dangerous Type vulnerability in Projectworlds Online Book Store Project in PHP 1.0

Arbitrary File Upload vulnerability in Online Book Store v1.0 in admin_add.php, which may lead to remote code execution.

7.5
2021-05-06 CVE-2020-19114 Projectworlds SQL Injection vulnerability in Projectworlds Online Book Store Project in PHP 1.0

SQL Injection vulnerability in Online Book Store v1.0 via the publisher parameter to edit_book.php, which could let a remote malicious user execute arbitrary code.

7.5
2021-05-06 CVE-2020-28017 Exim Integer Overflow OR Wraparound vulnerability in Exim

Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow in receive_add_recipient via an e-mail message with fifty million recipients.

7.5
2021-05-06 CVE-2020-28018 Exim USE After Free vulnerability in Exim

Exim 4 before 4.94.2 allows Use After Free in smtp_reset in certain situations that may be common for builds with OpenSSL.

7.5
2021-05-06 CVE-2020-28020 Exim Integer Overflow OR Wraparound vulnerability in Exim

Exim 4 before 4.92 allows Integer Overflow to Buffer Overflow, in which an unauthenticated remote attacker can execute arbitrary code by leveraging the mishandling of continuation lines during header-length restriction.

7.5
2021-05-06 CVE-2020-28022 Exim Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Exim

Exim 4 before 4.94.2 has Improper Restriction of Write Operations within the Bounds of a Memory Buffer.

7.5
2021-05-06 CVE-2020-28024 Exim Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Exim

Exim 4 before 4.94.2 allows Buffer Underwrite that may result in unauthenticated remote attackers executing arbitrary commands, because smtp_ungetc was only intended to push back characters, but can actually push back non-character error codes such as EOF.

7.5
2021-05-06 CVE-2021-1468 Cisco Improper Authentication vulnerability in Cisco Sd-Wan Vmanage

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated, local attacker to gain escalated privileges or gain unauthorized access to the application.

7.5
2021-05-06 CVE-2021-1498 Cisco OS Command Injection vulnerability in Cisco Hyperflex HX Data Platform

Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device.

7.5
2021-05-06 CVE-2021-24236 Imagements Project Unrestricted Upload of File With Dangerous Type vulnerability in Imagements Project Imagements

The Imagements WordPress plugin through 1.2.5 allows images to be uploaded in comments, however only checks for the Content-Type in the request to forbid dangerous files.

7.5
2021-05-06 CVE-2021-29921 Python Improper Input Validation vulnerability in Python

In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string.

7.5
2021-05-05 CVE-2020-4979 IBM Command Injection vulnerability in IBM Qradar Security Information and Event Manager

IBM QRadar SIEM 7.3 and 7.4 is vulnerable to insecure inter-deployment communication.

7.5
2021-05-05 CVE-2020-13665 Drupal Incorrect Authorization vulnerability in Drupal

Access bypass vulnerability in Drupal Core allows JSON:API when JSON:API is in read/write mode.

7.5
2021-05-05 CVE-2016-20010 Ewww Unspecified vulnerability in Ewww Image Optimizer

EWWW Image Optimizer before 2.8.5 allows remote command execution because it relies on a protection mechanism involving boolval, which is unavailable before PHP 5.5.

7.5
2021-05-05 CVE-2021-31800 Secureauth
Fedoraproject
Path Traversal vulnerability in multiple products

Multiple path traversal vulnerabilities exist in smbserver.py in Impacket through 0.9.22.

7.5
2021-05-04 CVE-2021-23383 Handlebarsjs Unspecified vulnerability in Handlebarsjs Handlebars

The package handlebars before 4.7.7 are vulnerable to Prototype Pollution when selecting certain compiling options to compile templates coming from an untrusted source.

7.5
2021-05-03 CVE-2020-23083 Guojusoft Unrestricted Upload of File With Dangerous Type vulnerability in Guojusoft Jeecg

Unrestricted File Upload in JEECG v4.0 and earlier allows remote attackers to execute arbitrary code or gain privileges by uploading a crafted file to the component "jeecgFormDemoController.do?commonUpload".

7.5
2021-05-03 CVE-2021-32020 Amazon Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Amazon Freertos

The kernel in Amazon Web Services FreeRTOS before 10.4.3 has insufficient bounds checking during management of heap memory.

7.5
2021-05-03 CVE-2020-35758 Librewireless Improper Authentication vulnerability in Librewireless LS9 Firmware 7040

An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices.

7.5
2021-05-03 CVE-2021-29242 Codesys Improper Input Validation vulnerability in Codesys products

CODESYS Control Runtime system before 3.5.17.0 has improper input validation.

7.5
2021-05-03 CVE-2021-29369 Gnuplot Project Command Injection vulnerability in Gnuplot Project Gnuplot 0.0.1/0.0.2

The gnuplot package prior to version 0.1.0 for Node.js allows code execution via shell metacharacters in Gnuplot commands.

7.5
2021-05-07 CVE-2020-11284 Qualcomm Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Qualcomm products

Locked memory can be unlocked and modified by non secure boot loader through improper system call sequence making the memory region untrusted source of input for secure boot loader in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

7.2
2021-05-07 CVE-2020-11288 Qualcomm Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Qualcomm products

Out of bound write can occur in playready while processing command due to lack of input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

7.2
2021-05-07 CVE-2020-11289 Qualcomm Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Qualcomm products

Out of bound write can occur in TZ command handler due to lack of validation of command ID in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

7.2
2021-05-07 CVE-2021-1895 Qualcomm Integer Overflow OR Wraparound vulnerability in Qualcomm products

Possible integer overflow due to improper length check while flashing an image in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music

7.2
2021-05-07 CVE-2021-1905 Qualcomm USE After Free vulnerability in Qualcomm products

Possible use after free due to improper handling of memory mapping of multiple processes simultaneously.

7.2
2021-05-07 CVE-2021-1915 Qualcomm Classic Buffer Overflow vulnerability in Qualcomm products

Buffer overflow can occur due to improper validation of NDP application information length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

7.2
2021-05-07 CVE-2021-1927 Qualcomm USE After Free vulnerability in Qualcomm products

Possible use after free due to lack of null check while memory is being freed in FastRPC driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

7.2
2021-05-06 CVE-2020-28007 Exim Link Following vulnerability in Exim

Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges.

7.2
2021-05-06 CVE-2020-28008 Exim Improper Privilege Management vulnerability in Exim

Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges.

7.2
2021-05-06 CVE-2020-28009 Exim Integer Overflow OR Wraparound vulnerability in Exim

Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow because get_stdinput allows unbounded reads that are accompanied by unbounded increases in a certain size variable.

7.2
2021-05-06 CVE-2020-28010 Exim Out-Of-Bounds Write vulnerability in Exim

Exim 4 before 4.94.2 allows Out-of-bounds Write because the main function, while setuid root, copies the current working directory pathname into a buffer that is too small (on some common platforms).

7.2
2021-05-06 CVE-2020-28011 Exim Out-Of-Bounds Write vulnerability in Exim

Exim 4 before 4.94.2 allows Heap-based Buffer Overflow in queue_run via two sender options: -R and -S.

7.2
2021-05-06 CVE-2020-28012 Exim Exposure of Resource TO Wrong Sphere vulnerability in Exim

Exim 4 before 4.94.2 allows Exposure of File Descriptor to Unintended Control Sphere because rda_interpret uses a privileged pipe that lacks a close-on-exec flag.

7.2
2021-05-06 CVE-2020-28013 Exim Out-Of-Bounds Write vulnerability in Exim

Exim 4 before 4.94.2 allows Heap-based Buffer Overflow because it mishandles "-F '.('" on the command line, and thus may allow privilege escalation from any user to root.

7.2
2021-05-06 CVE-2020-28015 Exim Unspecified vulnerability in Exim

Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters.

7.2
2021-05-06 CVE-2020-28016 Exim Out-Of-Bounds Write vulnerability in Exim

Exim 4 before 4.94.2 allows an off-by-two Out-of-bounds Write because "-F ''" is mishandled by parse_fix_phrase.

7.2
2021-05-06 CVE-2021-1421 Cisco OS Command Injection vulnerability in Cisco Enterprise NFV Infrastructure Software

A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to perform a command injection attack on an affected device.

7.2
2021-05-06 CVE-2021-1426 Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or executable files that are used by the application.
7.2
2021-05-06 CVE-2021-1427 Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or executable files that are used by the application.
7.2
2021-05-06 CVE-2021-1428 Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or executable files that are used by the application.
7.2
2021-05-06 CVE-2021-1429 Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or executable files that are used by the application.
7.2
2021-05-06 CVE-2021-1430 Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or executable files that are used by the application.
7.2
2021-05-06 CVE-2021-1447 Cisco Improper Privilege Management vulnerability in Cisco Content Security Management Appliance

A vulnerability in the user account management system of Cisco AsyncOS for Cisco Content Security Management Appliance (SMA) could allow an authenticated, local attacker to elevate their privileges to root.

7.2
2021-05-06 CVE-2021-1496 Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or executable files that are used by the application.
7.2
2021-05-06 CVE-2021-1520 Cisco Write-What-Where Condition vulnerability in Cisco products

A vulnerability in the internal message processing of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, local attacker to run arbitrary commands with root privileges on the underlying operating system (OS).

7.2
2021-05-06 CVE-2021-21527 Dell OS Command Injection vulnerability in Dell EMC Powerscale Onefs 9.0.0.0/9.1.0.0

Dell PowerScale OneFS 8.1.0-9.1.0 contain an improper neutralization of special elements used in an OS command vulnerability.

7.2
2021-05-06 CVE-2021-21550 Dell OS Command Injection vulnerability in Dell EMC Powerscale Onefs

Dell EMC PowerScale OneFS 8.1.0-9.1.0 contain an improper neutralization of special elements used in an OS command vulnerability.

7.2
2021-05-05 CVE-2021-25319 Opensuse Incorrect Default Permissions vulnerability in Opensuse Factory

A Incorrect Default Permissions vulnerability in the packaging of virtualbox of openSUSE Factory allows local attackers in the vboxusers groupu to escalate to root.

7.2
2021-05-04 CVE-2020-27518 Windscribe Improper Privilege Management vulnerability in Windscribe

All versions of Windscribe VPN for Mac and Windows <= v2.02.10 contain a local privilege escalation vulnerability in the WindscribeService component.

7.2

187 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2021-05-07 CVE-2021-31441 Foxitsoftware USE After Free vulnerability in Foxitsoftware Foxit Reader

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576.

6.8
2021-05-07 CVE-2021-31442 Foxitsoftware Out-Of-Bounds Write vulnerability in Foxitsoftware Foxit Reader

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576.

6.8
2021-05-07 CVE-2021-31449 Foxitsoftware Double Free vulnerability in Foxitsoftware Foxit Reader

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576.

6.8
2021-05-07 CVE-2021-31450 Foxitsoftware USE After Free vulnerability in Foxitsoftware Foxit Reader

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576.

6.8
2021-05-07 CVE-2021-31451 Foxitsoftware USE After Free vulnerability in Foxitsoftware Foxit Reader

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576.

6.8
2021-05-07 CVE-2021-31452 Foxitsoftware Out-Of-Bounds Write vulnerability in Foxitsoftware Foxit Reader

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576.

6.8
2021-05-07 CVE-2021-31453 Foxitsoftware USE After Free vulnerability in Foxitsoftware Foxit Reader

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576.

6.8
2021-05-07 CVE-2021-31454 Foxitsoftware Heap-Based Buffer Overflow vulnerability in Foxitsoftware Foxit Reader

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576.

6.8
2021-05-07 CVE-2021-31455 Foxitsoftware USE After Free vulnerability in Foxitsoftware Foxit Reader

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576.

6.8
2021-05-07 CVE-2021-31456 Foxitsoftware USE After Free vulnerability in Foxitsoftware Phantompdf

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576.

6.8
2021-05-07 CVE-2021-31457 Foxitsoftware USE After Free vulnerability in Foxitsoftware Phantompdf

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576.

6.8
2021-05-07 CVE-2021-31458 Foxitsoftware USE After Free vulnerability in Foxitsoftware Phantompdf

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576.

6.8
2021-05-07 CVE-2021-31459 Foxitsoftware USE After Free vulnerability in Foxitsoftware Phantompdf

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576.

6.8
2021-05-07 CVE-2021-31460 Foxitsoftware USE After Free vulnerability in Foxitsoftware Phantompdf

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576.

6.8
2021-05-07 CVE-2021-31461 Foxitsoftware Type Confusion vulnerability in Foxitsoftware Phantompdf

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576.

6.8
2021-05-07 CVE-2021-31465 Foxitsoftware Out-Of-Bounds Write vulnerability in Foxitsoftware 3D

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.3.37598.

6.8
2021-05-07 CVE-2021-31466 Foxitsoftware Out-Of-Bounds Read vulnerability in Foxitsoftware 3D

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.3.37598.

6.8
2021-05-07 CVE-2021-31468 Foxitsoftware Out-Of-Bounds Read vulnerability in Foxitsoftware 3D

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.3.37598.

6.8
2021-05-07 CVE-2021-31470 Foxitsoftware USE After Free vulnerability in Foxitsoftware 3D

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576.

6.8
2021-05-07 CVE-2021-31472 Foxitsoftware Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Foxitsoftware 3D

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576.

6.8
2021-05-07 CVE-2021-27572 Remotemouse Authentication Bypass BY Capture-Replay vulnerability in Remotemouse Emote Remote Mouse

An issue was discovered in Emote Remote Mouse through 4.0.0.0.

6.8
2021-05-07 CVE-2021-27574 Remotemouse Download of Code Without Integrity Check vulnerability in Remotemouse Emote Remote Mouse

An issue was discovered in Emote Remote Mouse through 4.0.0.0.

6.8
2021-05-07 CVE-2020-14009 Proofpoint Improper Validation of Integrity Check Value vulnerability in Proofpoint Enterprise Protection 8.14.2

Proofpoint Enterprise Protection (PPS/PoD) before 8.16.4 contains a vulnerability that could allow an attacker to deliver an email message with a malicious attachment that bypasses scanning and file-blocking rules.

6.8
2021-05-07 CVE-2021-32096 NSA Cross-Site Request Forgery (CSRF) vulnerability in NSA Emissary 5.9.0

The ConsoleAction component of U.S.

6.8
2021-05-06 CVE-2020-23264 Fork CMS Cross-Site Request Forgery (CSRF) vulnerability in Fork-Cms Fork CMS

Cross-site request forgery (CSRF) in Fork-CMS before 5.8.2 allow remote attackers to hijack the authentication of logged administrators.

6.8
2021-05-06 CVE-2020-35519 Linux Out-Of-Bounds Read vulnerability in Linux Kernel 5.12

An out-of-bounds (OOB) memory access flaw was found in x25_bind in net/x25/af_x25.c in the Linux kernel version v5.12-rc5.

6.8
2021-05-06 CVE-2020-23127 Chamilo Cross-Site Request Forgery (CSRF) vulnerability in Chamilo LMS 1.11.10

Chamilo LMS 1.11.10 is affected by Cross Site Request Forgery (CSRF) via the edit_user function by targeting an admin user.

6.8
2021-05-06 CVE-2021-1478 Cisco Unspecified vulnerability in Cisco products

A vulnerability in the Java Management Extensions (JMX) component of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected system.

6.8
2021-05-06 CVE-2021-1511 Cisco Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco products

Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device.

6.8
2021-05-06 CVE-2021-24178 Strategy11 Cross-Site Request Forgery (CSRF) vulnerability in Strategy11 Business Directory Plugin - Easy Listing Directories

The Business Directory Plugin – Easy Listing Directories for WordPress WordPress plugin before 5.11.1 suffered from Cross-Site Request Forgery issues, allowing an attacker to make a logged in administrator add, edit or delete form fields, which could also lead to Stored Cross-Site Scripting issues.

6.8
2021-05-06 CVE-2021-24179 Strategy11 Cross-Site Request Forgery (CSRF) vulnerability in Strategy11 Business Directory Plugin - Easy Listing Directories

The Business Directory Plugin – Easy Listing Directories for WordPress WordPress plugin before 5.11 suffered from a Cross-Site Request Forgery issue, allowing an attacker to make a logged in administrator import files.

6.8
2021-05-06 CVE-2021-26543 Wayfair Injection vulnerability in Wayfair Git-Parse

The "gitDiff" function in Wayfair git-parse <=1.0.4 has a command injection vulnerability.

6.8
2021-05-06 CVE-2021-31616 Shapeshift Classic Buffer Overflow vulnerability in Shapeshift Keepkey Firmware

Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.1.0 allow a stack buffer overflow via crafted messages.

6.8
2021-05-05 CVE-2021-29100 Esri Path Traversal vulnerability in Esri Arcgis Earth

A path traversal vulnerability exists in Esri ArcGIS Earth versions 1.11.0 and below which allows arbitrary file creation on an affected system through crafted input.

6.8
2021-05-05 CVE-2020-36334 Themegrill Cross-Site Request Forgery (CSRF) vulnerability in Themegrill Demo Importer

themegrill-demo-importer before 1.6.3 allows CSRF, as demonstrated by wiping the database.

6.8
2021-05-04 CVE-2021-29240 Codesys Unspecified vulnerability in Codesys Development System

The Package Manager of CODESYS Development System 3 before 3.5.17.0 does not check the validity of packages before installation and may be used to install CODESYS packages with malicious content.

6.8
2021-05-03 CVE-2021-29238 Codesys Cross-Site Request Forgery (CSRF) vulnerability in Codesys Automation Server

CODESYS Automation Server before 1.16.0 allows cross-site request forgery (CSRF).

6.8
2021-05-07 CVE-2021-22675 TI Integer Overflow OR Wraparound vulnerability in TI products

The affected product is vulnerable to integer overflow while parsing malformed over-the-air firmware update files, which may allow an attacker to remotely execute code on SimpleLink Wi-Fi (MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK v4.30.00.06 and prior, CC13X0 SDK versions prior to v4.10.03, CC13X2 and CC26XX SDK versions prior to v4.40.00, CC3200 SDK v1.5.0 and prior, CC3100 SDK v1.3.0 and prior).

6.5
2021-05-07 CVE-2021-32094 NSA Unrestricted Upload of File With Dangerous Type vulnerability in NSA Emissary 5.9.0

U.S.

6.5
2021-05-07 CVE-2021-32102 Open EMR SQL Injection vulnerability in Open-Emr Openemr 5.0.2.1

A SQL injection vulnerability exists (with user privileges) in library/custom_template/ajax_code.php in OpenEMR 5.0.2.1.

6.5
2021-05-07 CVE-2021-32104 Open EMR SQL Injection vulnerability in Open-Emr Openemr 5.0.2.1

A SQL injection vulnerability exists (with user privileges) in interface/forms/eye_mag/save.php in OpenEMR 5.0.2.1.

6.5
2021-05-06 CVE-2021-29493 Kennnyshiwa Cogs Project Code Injection vulnerability in Kennnyshiwa-Cogs Project Kennnyshiwa-Cogs

Kennnyshiwa-cogs contains cogs for Red Discordbot.

6.5
2021-05-06 CVE-2021-1400 Cisco Improper Privilege Management vulnerability in Cisco products

Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to obtain sensitive information from or inject arbitrary commands on an affected device.

6.5
2021-05-06 CVE-2021-1505 Cisco Improper Privilege Management vulnerability in Cisco Sd-Wan Vmanage

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated, local attacker to gain escalated privileges or gain unauthorized access to the application.

6.5
2021-05-06 CVE-2021-1506 Cisco Missing Authorization vulnerability in Cisco Sd-Wan Vmanage

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated, local attacker to gain escalated privileges or gain unauthorized access to the application.

6.5
2021-05-06 CVE-2021-1508 Cisco Missing Authorization vulnerability in Cisco Sd-Wan Vmanage

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated, local attacker to gain escalated privileges or gain unauthorized access to the application.

6.5
2021-05-06 CVE-2021-24248 Strategy11 Unrestricted Upload of File With Dangerous Type vulnerability in Strategy11 Easy Listing Directories

The Business Directory Plugin – Easy Listing Directories for WordPress WordPress plugin before 5.11.1 did not properly check for imported files, forbidding certain extension via a blacklist approach, allowing administrator to import an archive with a .php4 inside for example, leading to RCE

6.5
2021-05-06 CVE-2021-24252 WP Eventmanager Unrestricted Upload of File With Dangerous Type vulnerability in Wp-Eventmanager Event Banner

The Event Banner WordPress plugin through 1.3 does not verify the uploaded image file, allowing admin accounts to upload arbitrary files, such as .exe, .php, or others executable, leading to RCE.

6.5
2021-05-06 CVE-2021-24253 Classyfrieds Project Unrestricted Upload of File With Dangerous Type vulnerability in Classyfrieds Project Classyfrieds

The Classyfrieds WordPress plugin through 3.8 does not properly check the uploaded file when an authenticated user adds a listing, only checking the content-type in the request.

6.5
2021-05-06 CVE-2021-24254 College Publisher Import Project Unrestricted Upload of File With Dangerous Type vulnerability in College Publisher Import Project College Publisher Import

The College publisher Import WordPress plugin through 0.1 does not check for the uploaded CSV file to import, allowing high privilege users to upload arbitrary files, such as PHP, leading to RCE.

6.5
2021-05-05 CVE-2021-29246 Btcpayserver Path Traversal vulnerability in Btcpayserver Btcpay Server

BTCPay Server through 1.0.7.0 suffers from directory traversal, which allows an attacker with admin privileges to achieve code execution.

6.5
2021-05-04 CVE-2021-29477 Redislabs
Fedoraproject
Integer Overflow OR Wraparound vulnerability in multiple products

Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker.

6.5
2021-05-07 CVE-2020-4901 IBM Unspecified vulnerability in IBM Robotic Process Automation With Automation Anywhere

IBM Robotic Process Automation with Automation Anywhere 11.0 could allow an attacker on the network to obtain sensitive information or cause a denial of service through username enumeration.

6.4
2021-05-07 CVE-2021-27437 Advantech USE of Hard-Coded Credentials vulnerability in Advantech Wise-Paas/Rmm 3.3.29

The affected product allows attackers to obtain sensitive information from the WISE-PaaS dashboard.

6.4
2021-05-07 CVE-2020-36128 Paxtechnology Authentication Bypass BY Spoofing vulnerability in Paxtechnology Paxstore

Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by a token spoofing vulnerability.

6.4
2021-05-07 CVE-2021-32101 Open EMR Incorrect Permission Assignment for Critical Resource vulnerability in Open-Emr Openemr 5.0.2.1

The Patient Portal of OpenEMR 5.0.2.1 is affected by a incorrect access control system in portal/patient/_machine_config.php.

6.4
2021-05-05 CVE-2020-36333 Themegrill Missing Authentication for Critical Function vulnerability in Themegrill Demo Importer

themegrill-demo-importer before 1.6.2 does not require authentication for wiping the database, because of a reset_wizard_actions hook.

6.4
2021-05-03 CVE-2021-28860 Adaltas Unspecified vulnerability in Adaltas Mixme

In Node.js mixme, prior to v0.5.1, an attacker can add or alter properties of an object via '__proto__' through the mutate() and merge() functions.

6.4
2021-05-06 CVE-2021-27216 Exim Improper Privilege Management vulnerability in Exim

Exim 4 before 4.94.2 has Execution with Unnecessary Privileges.

6.3
2021-05-06 CVE-2021-31916 Linux
Redhat
Out-Of-Bounds Write vulnerability in multiple products

An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux kernel before 5.12.

6.1
2021-05-06 CVE-2021-1521 Cisco Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco products

A vulnerability in the Cisco Discovery Protocol implementation for Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause an affected IP camera to reload.

6.1
2021-05-07 CVE-2021-22673 TI Out-Of-Bounds Write vulnerability in TI products

The affected product is vulnerable to stack-based buffer overflow while processing over-the-air firmware updates from the CDN server, which may allow an attacker to remotely execute code on the SimpleLink Wi-Fi (MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK v4.30.00.06 and prior, CC13X0 SDK versions prior to v4.10.03, CC13X2 and CC26XX SDK versions prior to v4.40.00, CC3200 SDK v1.5.0 and prior, CC3100 SDK v1.3.0 and prior).

6.0
2021-05-04 CVE-2021-29478 Redislabs
Fedoraproject
Integer Overflow OR Wraparound vulnerability in multiple products

Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker.

6.0
2021-05-06 CVE-2021-1284 Cisco Improper Access Control vulnerability in Cisco Sd-Wan Vmanage

A vulnerability in the web-based messaging service interface of Cisco SD-WAN vManage Software could allow an unauthenticated, adjacent attacker to bypass authentication and authorization and modify the configuration of an affected system.

5.8
2021-05-06 CVE-2021-1397 Cisco Open Redirect vulnerability in Cisco products

A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.

5.8
2021-05-05 CVE-2021-32055 Mutt
Neomutt
Out-Of-Bounds Read vulnerability in multiple products

Mutt 1.11.0 through 2.0.x before 2.0.7 (and NeoMutt 2019-10-25 through 2021-05-04) has a $imap_qresync issue in which imap/util.c has an out-of-bounds read in situations where an IMAP sequence set ends with a comma.

5.8
2021-05-05 CVE-2020-13662 Drupal Open Redirect vulnerability in Drupal

Open Redirect vulnerability in Drupal Core allows a user to be tricked into visiting a specially crafted link which would redirect them to an arbitrary external URL.

5.8
2021-05-03 CVE-2020-23015 Opnsense Open Redirect vulnerability in Opnsense

An open redirect issue was discovered in OPNsense through 20.1.5.

5.8
2021-05-06 CVE-2020-28014 Exim Unspecified vulnerability in Exim

Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges.

5.6
2021-05-07 CVE-2020-36125 Paxtechnology Improper Authentication vulnerability in Paxtechnology Paxstore

Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by incorrect access control where password revalidation in sensitive operations can be bypassed remotely by an authenticated attacker through requesting the endpoint directly.

5.5
2021-05-07 CVE-2020-36126 Paxtechnology Improper Privilege Management vulnerability in Paxtechnology Paxstore

Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by incorrect access control that can lead to remote privilege escalation.

5.5
2021-05-07 CVE-2021-32095 NSA Missing Authorization vulnerability in NSA Emissary 5.9.0

U.S.

5.5
2021-05-06 CVE-2021-31828 Amazon Server-Side Request Forgery (SSRF) vulnerability in Amazon Open Distro

An SSRF issue in Open Distro for Elasticsearch (ODFE) before 1.13.1.0 allows an existing privileged user to enumerate listening services or interact with configured resources via HTTP requests exceeding the Alerting plugin's intended scope.

5.5
2021-05-06 CVE-2021-28128 Strapi Weak Password Recovery Mechanism for Forgotten Password vulnerability in Strapi

In Strapi through 3.6.0, the admin panel allows the changing of one's own password without entering the current password.

5.5
2021-05-06 CVE-2021-1363 Cisco SQL Injection vulnerability in Cisco Unified Communications Manager IM and Presence Service

Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager IM &amp; Presence Service could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system.

5.5
2021-05-06 CVE-2021-1365 Cisco SQL Injection vulnerability in Cisco Unified Communications Manager IM and Presence Service

Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager IM &amp; Presence Service could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system.

5.5
2021-05-06 CVE-2021-1530 Cisco XXE vulnerability in Cisco Broadworks Messaging Server 22.0

A vulnerability in the web-based management interface of Cisco BroadWorks Messaging Server Software could allow an authenticated, remote attacker to access sensitive information or cause a partial denial of service (DoS) condition on an affected system.

5.5
2021-05-06 CVE-2021-29491 Mixme Project Improper Control of Dynamically-Managed Code Resources vulnerability in Mixme Project Mixme

Mixme is a library for recursive merging of Javascript objects.

5.5
2021-05-05 CVE-2020-5013 IBM XXE vulnerability in IBM Qradar Security Information and Event Manager

IBM QRadar SIEM 7.3 and 7.4 may vulnerable to a XML External Entity Injection (XXE) attack when processing XML data.

5.5
2021-05-07 CVE-2021-27569 Remotemouse Missing Authorization vulnerability in Remotemouse Emote Remote Mouse

An issue was discovered in Emote Remote Mouse through 4.0.0.0.

5.0
2021-05-07 CVE-2021-27570 Remotemouse Missing Authorization vulnerability in Remotemouse Emote Remote Mouse

An issue was discovered in Emote Remote Mouse through 3.015.

5.0
2021-05-07 CVE-2021-27571 Remotemouse Missing Authorization vulnerability in Remotemouse Emote Remote Mouse

An issue was discovered in Emote Remote Mouse through 4.0.0.0.

5.0
2021-05-07 CVE-2021-29495 NIM Lang Improper Certificate Validation vulnerability in Nim-Lang NIM

Nim is a statically typed compiled systems programming language.

5.0
2021-05-07 CVE-2021-21419 Eventlet
Fedoraproject
Resource Exhaustion vulnerability in multiple products

Eventlet is a concurrent networking library for Python.

5.0
2021-05-07 CVE-2021-29488 Sabnzbd Relative Path Traversal vulnerability in Sabnzbd

SABnzbd is an open source binary newsreader.

5.0
2021-05-07 CVE-2020-11268 Qualcomm Improper Input Validation vulnerability in Qualcomm products

Potential UE reset while decoding a crafted Sib1 or SIB1 that schedules unsupported SIBs and can lead to denial of service in Snapdragon Auto, Snapdragon Mobile

5.0
2021-05-07 CVE-2021-32074 Hashicorp Information Exposure Through LOG Files vulnerability in Hashicorp Vault-Action

HashiCorp vault-action (aka Vault GitHub Action) before 2.2.0 allows attackers to obtain sensitive information from log files because a multi-line secret was not correctly registered with GitHub Actions for log masking.

5.0
2021-05-06 CVE-2021-32077 Veritystream Information Exposure vulnerability in Veritystream Msow Solutions

Primary Source Verification in VerityStream MSOW Solutions before 3.1.1 allows an anonymous internet user to discover Social Security Number (SSN) values via a brute-force attack on a (sometimes hidden) search field, because the last four SSN digits are part of the supported combination of search selectors.

5.0
2021-05-06 CVE-2021-28665 Stormshield Resource Exhaustion vulnerability in Stormshield Network Security

Stormshield SNS with versions before 3.7.18, 3.11.6 and 4.1.6 has a memory-management defect in the SNMP plugin that can lead to excessive consumption of memory and CPU resources, and possibly a denial of service.

5.0
2021-05-06 CVE-2020-18888 Puppycms Missing Authorization vulnerability in Puppycms 5.1

Arbitrary File Deletion vulnerability in puppyCMS v5.1 allows remote malicious attackers to delete the file/folder via /admin/functions.php.

5.0
2021-05-06 CVE-2019-25043 Trustwave Improper Handling of Exceptional Conditions vulnerability in Trustwave Modsecurity

ModSecurity 3.x before 3.0.4 mishandles key-value pair parsing, as demonstrated by a "string index out of range" error and worker-process crash for a "Cookie: =abc" header.

5.0
2021-05-06 CVE-2021-31793 Nightowlsp Incorrect Authorization vulnerability in Nightowlsp Wdb-20 Firmware 20190314

An issue exists on NightOwl WDB-20-V2 WDB-20-V2_20190314 devices that allows an unauthenticated user to gain access to snapshots and video streams from the doorbell.

5.0
2021-05-06 CVE-2021-31918 Redhat Information Exposure vulnerability in Redhat Openstack 16.1

A flaw was found in tripleo-ansible version as shipped in Red Hat Openstack 16.1.

5.0
2021-05-06 CVE-2021-22209 Gitlab Incorrect Authorization vulnerability in Gitlab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.8.

5.0
2021-05-06 CVE-2021-22210 Gitlab Allocation of Resources Without Limits OR Throttling vulnerability in Gitlab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.2.

5.0
2021-05-06 CVE-2020-28019 Exim Improper Initialization vulnerability in Exim

Exim 4 before 4.94.2 has Improper Initialization that can lead to recursion-based stack consumption or other consequences.

5.0
2021-05-06 CVE-2020-28023 Exim Out-Of-Bounds Read vulnerability in Exim

Exim 4 before 4.94.2 allows Out-of-bounds Read.

5.0
2021-05-06 CVE-2020-28025 Exim Out-Of-Bounds Read vulnerability in Exim

Exim 4 before 4.94.2 allows Out-of-bounds Read because pdkim_finish_bodyhash does not validate the relationship between sig->bodyhash.len and b->bh.len; thus, a crafted DKIM-Signature header might lead to a leak of sensitive information from process memory.

5.0
2021-05-06 CVE-2021-1486 Cisco Information Exposure Through Discrepancy vulnerability in Cisco Sd-Wan Vmanage

A vulnerability in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to enumerate user accounts.

5.0
2021-05-06 CVE-2021-1499 Cisco Missing Authentication for Critical Function vulnerability in Cisco Hyperflex HX Data Platform

A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote attacker to upload files to an affected device.

5.0
2021-05-06 CVE-2021-1510 Cisco Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco products

Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device.

5.0
2021-05-06 CVE-2021-1535 Cisco Exposure of System Data TO AN Unauthorized Control Sphere vulnerability in Cisco Sd-Wan Vmanage

A vulnerability in the cluster management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system.

5.0
2021-05-06 CVE-2021-29490 Jellyfin Server-Side Request Forgery (SSRF) vulnerability in Jellyfin

Jellyfin is a free software media system that provides media from a dedicated server to end-user devices via multiple apps.

5.0
2021-05-06 CVE-2021-31409 Vaadin Resource Exhaustion vulnerability in Vaadin

Unsafe validation RegEx in EmailValidator component in com.vaadin:vaadin-compatibility-server versions 8.0.0 through 8.12.4 (Vaadin versions 8.0.0 through 8.12.4) allows attackers to cause uncontrolled resource consumption by submitting malicious email addresses.

5.0
2021-05-06 CVE-2021-32062 Osgeo Incorrect Authorization vulnerability in Osgeo Mapserver

MapServer before 7.0.8, 7.1.x and 7.2.x before 7.2.3, 7.3.x and 7.4.x before 7.4.5, and 7.5.x and 7.6.x before 7.6.3 does not properly enforce the MS_MAP_NO_PATH and MS_MAP_PATTERN restrictions that are intended to control the locations from which a mapfile may be loaded (with MapServer CGI).

5.0
2021-05-05 CVE-2021-29101 Arcgis Path Traversal vulnerability in Arcgis Geoevent Server 10.8.1

ArcGIS GeoEvent Server versions 10.8.1 and below has a read-only directory path traversal vulnerability that could allow an unauthenticated, remote attacker to perform directory traversal attacks and read arbitrary files on the system.

5.0
2021-05-05 CVE-2021-31542 Djangoproject
Debian
Fedoraproject
Unrestricted Upload of File With Dangerous Type vulnerability in multiple products

In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, UploadedFile, and FieldFile allowed directory traversal via uploaded files with suitably crafted file names.

5.0
2021-05-05 CVE-2021-29247 Btcpayserver Information Exposure vulnerability in Btcpayserver Btcpay Server

BTCPay Server through 1.0.7.0 could allow a remote attacker to obtain sensitive information, caused by failure to set the HTTPOnly flag for a cookie.

5.0
2021-05-05 CVE-2021-29245 Btcpayserver USE of Cryptographically Weak Pseudo-Random Number Generator (Prng) vulnerability in Btcpayserver Btcpay Server

BTCPay Server through 1.0.7.0 uses a weak method Next to produce pseudo-random values to generate a legacy API key.

5.0
2021-05-05 CVE-2021-29248 Btcpayserver Information Exposure vulnerability in Btcpayserver Btcpay Server

BTCPay Server through 1.0.7.0 could allow a remote attacker to obtain sensitive information, caused by failure to set the Secure flag for a cookie.

5.0
2021-05-04 CVE-2021-3154 Solarwinds Insufficiently Protected Credentials vulnerability in Solarwinds Serv-U 15.1.6/15.2.1

An issue was discovered in SolarWinds Serv-U before 15.2.2.

5.0
2021-05-04 CVE-2021-23343 Path Parse Project Unspecified vulnerability in Path-Parse Project Path-Parse

All versions of package path-parse are vulnerable to Regular Expression Denial of Service (ReDoS) via splitDeviceRe, splitTailRe, and splitPathRe regular expressions.

5.0
2021-05-04 CVE-2021-31164 Apache Injection vulnerability in Apache Unomi

Apache Unomi prior to version 1.5.5 allows CRLF log injection because of the lack of escaping in the log statements.

5.0
2021-05-03 CVE-2020-35755 Librewireless Command Injection vulnerability in Librewireless LS9 Firmware 7040

An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices.

5.0
2021-05-03 CVE-2020-35756 Librewireless Missing Authorization vulnerability in Librewireless LS9 Firmware 7040

An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices.

5.0
2021-05-03 CVE-2021-29241 Codesys Null Pointer Dereference vulnerability in Codesys products

CODESYS Gateway 3 before 3.5.17.0 has a NULL pointer dereference that may result in a denial of service (DoS).

5.0
2021-05-03 CVE-2021-31996 Algorithmica Project Double Free vulnerability in Algorithmica Project Algorithmica

An issue was discovered in the algorithmica crate through 2021-03-07 for Rust.

5.0
2021-05-05 CVE-2021-20254 Samba
Fedoraproject
Redhat
Debian
Out-Of-Bounds Read vulnerability in multiple products

A flaw was found in samba.

4.9
2021-05-07 CVE-2021-22677 TI Integer Overflow OR Wraparound vulnerability in TI products

An integer overflow exists in the APIs of the host MCU while trying to connect to a WIFI network may lead to issues such as a denial-of-service condition or code execution on the SimpleLink Wi-Fi (MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK v4.30.00.06 and prior, CC13X0 SDK versions prior to v4.10.03, CC13X2 and CC26XX SDK versions prior to v4.40.00, CC3200 SDK v1.5.0 and prior, CC3100 SDK v1.3.0 and prior).

4.6
2021-05-07 CVE-2020-11294 Qualcomm Improper Validation of Array Index vulnerability in Qualcomm products

Out of bound write in logger due to prefix size is not validated while prepended to logging string in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

4.6
2021-05-07 CVE-2020-11295 Qualcomm USE After Free vulnerability in Qualcomm products

Use after free in camera If the threadmanager is being cleaned up while the worker thread is processing objects in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

4.6
2021-05-07 CVE-2021-1891 Qualcomm USE After Free vulnerability in Qualcomm products

A possible use-after-free occurrence in audio driver can happen when pointers are not properly handled in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

4.6
2021-05-06 CVE-2021-1514 Cisco Command Injection vulnerability in Cisco products

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with Administrator privileges on the underlying operating system.

4.6
2021-05-06 CVE-2021-31532 NXP Improper Privilege Management vulnerability in NXP products

NXP LPC55S6x microcontrollers (0A and 1B), i.MX RT500 (silicon rev B1 and B2), i.MX RT600 (silicon rev A0, B0), LPC55S6x, LPC55S2x, LPC552x (silicon rev 0A, 1B), LPC55S1x, LPC551x (silicon rev 0A) and LPC55S0x, LPC550x (silicon rev 0A) include an undocumented ROM patch peripheral that allows unsigned, non-persistent modification of the internal ROM.

4.6
2021-05-05 CVE-2021-31411 Vaadin Unspecified vulnerability in Vaadin Flow

Insecure temporary directory usage in frontend build functionality of com.vaadin:flow-server versions 2.0.9 through 2.5.2 (Vaadin 14.0.3 through Vaadin 14.5.2), 3.0 prior to 6.0 (Vaadin 15 prior to 19), and 6.0.0 through 6.0.5 (Vaadin 19.0.0 through 19.0.4) allows local users to inject malicious code into frontend resources during application rebuilds.

4.6
2021-05-05 CVE-2021-20401 IBM USE of Hard-Coded Credentials vulnerability in IBM Qradar Security Information and Event Manager

IBM QRadar SIEM 7.3 and 7.4 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.

4.6
2021-05-05 CVE-2020-4932 IBM USE of Hard-Coded Credentials vulnerability in IBM Qradar Security Information and Event Manager

IBM QRadar SIEM 7.3 and 7.4 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.

4.6
2021-05-04 CVE-2021-21551 Dell Incorrect Authorization vulnerability in Dell Dbutil 2 3.Sys

Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure.

4.6
2021-05-04 CVE-2021-22547 In IoT Devices SDK, there is an implementation of calloc() that doesn't have a length check.
4.6
2021-05-03 CVE-2021-29239 CODESYS Development System 3 before 3.5.17.0 displays or executes malicious documents or files embedded in libraries without first checking their validity.
4.6
2021-05-06 CVE-2020-28198 IBM Out-Of-Bounds Write vulnerability in IBM Tivoli Storage Manager 5.2.0.1

** UNSUPPORTED WHEN ASSIGNED ** The 'id' parameter of IBM Tivoli Storage Manager Version 5 Release 2 (Command Line Administrative Interface, dsmadmc.exe) is vulnerable to an exploitable stack buffer overflow.

4.4
2021-05-03 CVE-2021-21264 Octobercms Missing Authorization vulnerability in Octobercms October

October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework.

4.4
2021-05-07 CVE-2021-31443 Foxitsoftware Out-Of-Bounds Read vulnerability in Foxitsoftware Foxit Reader

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.1.37576.

4.3
2021-05-07 CVE-2021-31444 Foxitsoftware Out-Of-Bounds Read vulnerability in Foxitsoftware Foxit Reader

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.1.37576.

4.3
2021-05-07 CVE-2021-31445 Foxitsoftware Out-Of-Bounds Read vulnerability in Foxitsoftware Foxit Reader

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.1.37576.

4.3
2021-05-07 CVE-2021-31446 Foxitsoftware Out-Of-Bounds Read vulnerability in Foxitsoftware Foxit Reader

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.1.37576.

4.3
2021-05-07 CVE-2021-31447 Foxitsoftware Out-Of-Bounds Read vulnerability in Foxitsoftware Foxit Reader

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.1.37576.

4.3
2021-05-07 CVE-2021-31448 Foxitsoftware Out-Of-Bounds Read vulnerability in Foxitsoftware Foxit Reader

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.1.37576.

4.3
2021-05-07 CVE-2021-31462 Foxitsoftware Out-Of-Bounds Read vulnerability in Foxitsoftware 3D

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.3.37598.

4.3
2021-05-07 CVE-2021-31463 Foxitsoftware Out-Of-Bounds Read vulnerability in Foxitsoftware 3D

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.3.37598.

4.3
2021-05-07 CVE-2021-31464 Foxitsoftware Out-Of-Bounds Read vulnerability in Foxitsoftware 3D

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.3.37598.

4.3
2021-05-07 CVE-2021-31467 Foxitsoftware Out-Of-Bounds Read vulnerability in Foxitsoftware 3D

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.3.37598.

4.3
2021-05-07 CVE-2021-31469 Foxitsoftware Out-Of-Bounds Read vulnerability in Foxitsoftware 3D

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.1.37576.

4.3
2021-05-07 CVE-2021-31471 Foxitsoftware Out-Of-Bounds Read vulnerability in Foxitsoftware 3D

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.1.37576.

4.3
2021-05-07 CVE-2021-32470 Craftcms Cross-Site Scripting vulnerability in Craftcms Craft CMS

Craft CMS before 3.6.13 has an XSS vulnerability.

4.3
2021-05-07 CVE-2021-26122 Livinglogic Cross-Site Scripting vulnerability in Livinglogic Xist4C

LivingLogic XIST4C before 0.107.8 allows XSS via feedback.htm or feedback.wihtm.

4.3
2021-05-07 CVE-2021-26123 Livinglogic Cross-Site Scripting vulnerability in Livinglogic Xist4C

LivingLogic XIST4C before 0.107.8 allows XSS via login.htm, login.wihtm, or login-form.htm.

4.3
2021-05-07 CVE-2021-32091 Localstack Cross-Site Scripting vulnerability in Localstack 0.12.6

A Cross-site scripting (XSS) vulnerability exists in StackLift LocalStack 0.12.6.

4.3
2021-05-07 CVE-2021-32092 NSA Cross-Site Scripting vulnerability in NSA Emissary 5.9.0

A Cross-site scripting (XSS) vulnerability in the DocumentAction component of U.S.

4.3
2021-05-06 CVE-2020-23263 Fork CMS Cross-Site Scripting vulnerability in Fork-Cms Fork CMS 5.8.2

Persistent Cross-site scripting vulnerability on Fork CMS version 5.8.2 allows remote attackers to inject arbitrary Javascript code via the "navigation_title" parameter and the "title" parameter in /private/en/pages/add.

4.3
2021-05-06 CVE-2020-18889 Puppycms Cross-Site Request Forgery (CSRF) vulnerability in Puppycms 5.1

Cross Site Request Forgery (CSRF) vulnerability in puppyCMS v5.1 that can change the admin's password via /admin/settings.php.

4.3
2021-05-06 CVE-2021-32052 Djangoproject
Fedoraproject
Cross-Site Scripting vulnerability in multiple products

In Django 2.2 before 2.2.22, 3.1 before 3.1.10, and 3.2 before 3.2.2 (with Python 3.9.5+), URLValidator does not prohibit newlines and tabs (unless the URLField form field is used).

4.3
2021-05-06 CVE-2021-1490 Cisco Cross-Site Scripting vulnerability in Cisco web Security Appliance

A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device.

4.3
2021-05-06 CVE-2021-24214 Daggerhartlab Cross-Site Scripting vulnerability in Daggerhartlab Openid Connect Generic Client 3.8.0/3.8.1

The OpenID Connect Generic Client WordPress plugin 3.8.0 and 3.8.1 did not sanitise the login error when output back in the login form, leading to a reflected Cross-Site Scripting issue.

4.3
2021-05-06 CVE-2021-24245 Trumani Cross-Site Scripting vulnerability in Trumani Stop Spammers

The Stop Spammers WordPress plugin before 2021.9 did not escape user input when blocking requests (such as matching a spam word), outputting it in an attribute after sanitising it to remove HTML tags, which is not sufficient and lead to a reflected Cross-Site Scripting issue.

4.3
2021-05-06 CVE-2021-24249 Strategy11 Cross-Site Request Forgery (CSRF) vulnerability in Strategy11 Business Directory Plugin - Easy Listing Directories

The Business Directory Plugin – Easy Listing Directories for WordPress WordPress plugin before 5.11.2 suffered from a Cross-Site Request Forgery issue, allowing an attacker to make a logged in administrator export files, which could then be downloaded by the attacker to get access to PII, such as email, home addresses etc

4.3
2021-05-06 CVE-2021-24251 Strategy11 Cross-Site Request Forgery (CSRF) vulnerability in Strategy11 Easy Listing Directories

The Business Directory Plugin – Easy Listing Directories for WordPress WordPress plugin before 5.11.2 suffered from a Cross-Site Request Forgery issue, allowing an attacker to make a logged in administrator update arbitrary payment history, such as change their status (from pending to completed to example)

4.3
2021-05-06 CVE-2021-31245 Openmptcprouter Improper Authentication vulnerability in Openmptcprouter

omr-admin.py in openmptcprouter-vps-admin 0.57.3 and earlier compares the user provided password with the original password in a length dependent manner, which allows remote attackers to guess the password via a timing attack.

4.3
2021-05-05 CVE-2021-24293 Imagely Cross-Site Scripting vulnerability in Imagely Nextgen Gallery

In the eCommerce module of the NextGEN Gallery Pro WordPress plugin before 3.1.11, there is an action to call get_cart_items via photocrati_ajax , after that the settings[shipping_address][name] is able to inject malicious javascript.

4.3
2021-05-05 CVE-2021-24272 Codeinitiator Cross-Site Request Forgery (CSRF) vulnerability in Codeinitiator Fitness Calculators

The fitness calculators WordPress plugin before 1.9.6 add calculators for Water intake, BMI calculator, protein Intake, and Body Fat and was lacking CSRF check, allowing attackers to make logged in users perform unwanted actions, such as change the calculator headers.

4.3
2021-05-05 CVE-2021-24276 Supsystic Cross-Site Scripting vulnerability in Supsystic Contact Form

The Contact Form by Supsystic WordPress plugin before 1.7.15 did not sanitise the tab parameter of its options page before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue

4.3
2021-05-05 CVE-2021-24275 Supsystic Cross-Site Scripting vulnerability in Supsystic Popup

The Popup by Supsystic WordPress plugin before 1.10.5 did not sanitise the tab parameter of its options page before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue

4.3
2021-05-05 CVE-2021-24274 Supsystic Cross-Site Scripting vulnerability in Supsystic Ultimate Maps

The Ultimate Maps by Supsystic WordPress plugin before 1.2.5 did not sanitise the tab parameter of its options page before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue

4.3
2021-05-05 CVE-2021-20397 IBM Cross-Site Scripting vulnerability in IBM Qradar Security Information and Event Manager

IBM QRadar SIEM 7.3 and 7.4 is vulnerable to cross-site scripting.

4.3
2021-05-05 CVE-2020-13666 Cross-site scripting vulnerability in Drupal Core.
4.3
2021-05-05 CVE-2021-25179 Solarwinds Cross-Site Scripting vulnerability in Solarwinds Serv-U File Server

SolarWinds Serv-U before 15.2 is affected by Cross Site Scripting (XSS) via the HTTP Host header.

4.3
2021-05-03 CVE-2020-28945 Open Xchange Cross-Site Scripting vulnerability in Open-Xchange Appsuite

OX App Suite 7.10.4 and earlier allows XSS via crafted content to reach an undocumented feature, such as ![](http://onerror=Function.constructor, in a Notes item.

4.3
2021-05-07 CVE-2021-29499 Sylabs USE of Insufficiently Random Values vulnerability in Sylabs Singularity Image Format

SIF is an open source implementation of the Singularity Container Image Format.

4.0
2021-05-07 CVE-2020-36124 Paxtechnology XXE vulnerability in Paxtechnology Paxstore

Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by XML External Entity (XXE) injection.

4.0
2021-05-07 CVE-2020-36127 Paxtechnology Improper Certificate Validation vulnerability in Paxtechnology Paxstore

Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by an information disclosure vulnerability.

4.0
2021-05-07 CVE-2021-30173 Junhetec Absolute Path Traversal vulnerability in Junhetec Omnidirectional Communication System 2007.2103

Local File Inclusion vulnerability of the omni-directional communication system allows remote authenticated attacker inject absolute path into Url parameter and access arbitrary file.

4.0
2021-05-07 CVE-2020-29445 Atlassian Server-Side Request Forgery (SSRF) vulnerability in Atlassian Confluence

Affected versions of Confluence Server before 7.4.8, and versions from 7.5.0 before 7.11.0 allow attackers to identify internal hosts and ports via a blind server-side request forgery vulnerability in Team Calendars parameters.

4.0
2021-05-07 CVE-2021-32093 NSA Missing Authorization vulnerability in NSA Emissary 5.9.0

The ConfigFileAction component of U.S.

4.0
2021-05-07 CVE-2021-32100 Artica Unspecified vulnerability in Artica Pandora FMS 742

A remote file inclusion vulnerability exists in Artica Pandora FMS 742, exploitable by the lowest privileged user.

4.0
2021-05-06 CVE-2021-28149 Hongdian Path Traversal vulnerability in Hongdian H8922 Firmware 3.0.5

Hongdian H8922 3.0.5 devices allow Directory Traversal.

4.0
2021-05-06 CVE-2021-22206 Gitlab Cleartext Storage of Sensitive Information vulnerability in Gitlab

An issue has been discovered in GitLab affecting all versions starting from 11.6.

4.0
2021-05-06 CVE-2021-22208 Gitlab Missing Authorization vulnerability in Gitlab

An issue has been discovered in GitLab affecting versions starting with 13.5 up to 13.9.7.

4.0
2021-05-06 CVE-2020-23128 Chamilo Improper Privilege Management vulnerability in Chamilo LMS 1.11.10

Chamilo LMS 1.11.10 does not properly manage privileges which could allow a user with Sessions administrator privilege to create a new user then use the edit user function to change this new user to administrator privilege.

4.0
2021-05-06 CVE-2021-1516 Cisco Information Exposure Through Source Code vulnerability in Cisco products

A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA), Cisco Email Security Appliance (ESA), and Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to access sensitive information on an affected device.

4.0
2021-05-06 CVE-2021-1532 Cisco Path Traversal vulnerability in Cisco Roomos and Telepresence Collaboration Endpoint

A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an authenticated, remote attacker to read arbitrary files from the underlying operating system.

4.0
2021-05-06 CVE-2021-24244 Wpbakery Page Builder Clipboard Project Incorrect Authorization vulnerability in Wpbakery Page Builder Clipboard Project Wpbakery Page Builder Clipboard

An AJAX action registered by the WPBakery Page Builder (Visual Composer) Clipboard WordPress plugin before 4.5.8 did not have capability checks, allowing low privilege users, such as subscribers, to update the license options (key, email).

4.0
2021-05-05 CVE-2021-24258 Wpmet Cross-Site Scripting vulnerability in Wpmet Elements KIT Elementor Addons

The Elements Kit Lite and Elements Kit Pro WordPress Plugins before 2.2.0 have a number of widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.

4.0
2021-05-05 CVE-2020-4993 IBM Path Traversal vulnerability in IBM Qradar Security Information and Event Manager

IBM QRadar SIEM 7.3 and 7.4 when decompressing or verifying signature of zip files processes data in a way that may be vulnerable to path traversal attacks.

4.0
2021-05-05 CVE-2020-4883 IBM Information Exposure vulnerability in IBM Qradar Security Information and Event Manager

IBM QRadar SIEM 7.3 and 7.4 could disclose sensitive information about other domains which could be used in further attacks against the system.

4.0
2021-05-04 CVE-2021-26804 Centreon Incorrect Default Permissions vulnerability in Centreon web 19.10.18/20.04.8/20.10.2

Insecure Permissions in Centreon Web versions 19.10.18, 20.04.8, and 20.10.2 allows remote attackers to bypass validation by changing any file extension to ".gif", then uploading it in the "Administration/ Parameters/ Images" section of the application.

4.0
2021-05-03 CVE-2020-20218 Mikrotik Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mikrotik Routeros 6.44.6

Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/traceroute process.

4.0
2021-05-03 CVE-2020-20247 Mikrotik Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mikrotik Routeros

Mikrotik RouterOs before 6.46.5 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/traceroute process.

4.0

47 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2021-05-07 CVE-2020-11293 Qualcomm Out-Of-Bounds Read vulnerability in Qualcomm products

Out of bound read can happen in Widevine TA while copying data to buffer from user data due to lack of check of buffer length received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

3.6
2021-05-06 CVE-2021-3507 Qemu
Redhat
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

A heap buffer overflow was found in the floppy disk emulator of QEMU up to 6.0.0 (including).

3.6
2021-05-06 CVE-2021-1512 Cisco Files OR Directories Accessible TO External Parties vulnerability in Cisco products

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system of an affected system.

3.6
2021-05-06 CVE-2021-3501 Linux
Redhat
Out-Of-Bounds Write vulnerability in multiple products

A flaw was found in the Linux kernel in versions before 5.12.

3.6
2021-05-07 CVE-2021-30170 Juhnetec Cross-Site Scripting vulnerability in Juhnetec Enterprise Resource Planning Point of Sale System 2013.10

Special characters of ERP POS customer profile page are not filtered in users’ input, which allow remote authenticated attackers can inject malicious JavaScript and carry out stored XSS (Stored Cross-site scripting) attacks, additionally access and manipulate customer’s information.

3.5
2021-05-07 CVE-2021-30171 Juhnetec Cross-Site Scripting vulnerability in Juhnetec Enterprise Resource Planning Point of Sale System 2013.10

Special characters of ERP POS news page are not filtered in users’ input, which allow remote authenticated attackers can inject malicious JavaScript and carry out stored XSS (Stored Cross-site scripting) attacks, additionally access and manipulate customer’s information.

3.5
2021-05-07 CVE-2021-30172 Junhetec Cross-Site Scripting vulnerability in Junhetec Omnidirectional Communication System 2007.1901

Special characters of picture preview page in the Quan-Fang-Wei-Tong-Xun system are not filtered in users’ input, which allow remote authenticated attackers can inject malicious JavaScript and carry out Reflected XSS (Cross-site scripting) attacks, additionally access and manipulate customer’s information.

3.5
2021-05-07 CVE-2020-29444 Atlassian Cross-Site Scripting vulnerability in Atlassian Confluence

Affected versions of Team Calendar in Confluence Server before 7.11.0 allow attackers to inject arbitrary HTML or Javascript via a Cross Site Scripting Vulnerability in admin global setting parameters.

3.5
2021-05-07 CVE-2021-32103 Open EMR Cross-Site Scripting vulnerability in Open-Emr Openemr

A Stored XSS vulnerability in interface/usergroup/usergroup_admin.php in OpenEMR before 5.0.2.1 allows a admin authenticated user to inject arbitrary web script or HTML via the lname parameter.

3.5
2021-05-06 CVE-2021-1507 Cisco Cross-Site Scripting vulnerability in Cisco Sd-Wan Vmanage

A vulnerability in an API of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against users of the application web-based interface.

3.5
2021-05-06 CVE-2021-22211 Gitlab Incorrect Authorization vulnerability in Gitlab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7.

3.5
2021-05-06 CVE-2021-24243 Wpbakery Page Builder Clipboard Project Cross-Site Scripting vulnerability in Wpbakery Page Builder Clipboard Project Wpbakery Page Builder Clipboard

An AJAX action registered by the WPBakery Page Builder (Visual Composer) Clipboard WordPress plugin before 4.5.6 did not have capability checks nor sanitization, allowing low privilege users (subscriber+) to call it and set XSS payloads, which will be triggered in all backend pages.

3.5
2021-05-06 CVE-2021-24246 Purethemes Cross-Site Scripting vulnerability in Purethemes Workscout and Workscout Core

The Workscout Core WordPress plugin before 1.3.4, used by the WorkScout Theme did not sanitise the chat messages sent via the workscout_send_message_chat AJAX action, leading to Stored Cross-Site Scripting and Cross-Frame Scripting issues

3.5
2021-05-06 CVE-2021-24247 Mooveagency Cross-Site Scripting vulnerability in Mooveagency Contact Form Check Tester

The Contact Form Check Tester WordPress plugin through 1.0.2 settings are visible to all registered users in the dashboard and are lacking any sanitisation.

3.5
2021-05-06 CVE-2021-24250 Strategy11 Cross-Site Scripting vulnerability in Strategy11 Business Directory Plugin - Easy Listing Directories

The Business Directory Plugin – Easy Listing Directories for WordPress WordPress plugin before 5.11.2 suffered from lack of sanitisation in the label of the Form Fields, leading to Authenticated Stored Cross-Site Scripting issues across various pages of the plugin.

3.5
2021-05-05 CVE-2021-24270 Dethemekit FOR Elementor Project Cross-Site Scripting vulnerability in Dethemekit for Elementor Project Dethemekit for Elementor

The “DeTheme Kit for Elementor” WordPress Plugin before 1.5.5.5 has a widget that is vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.

3.5
2021-05-05 CVE-2021-24263 Ideabox Cross-Site Scripting vulnerability in Ideabox Powerpack Addons for Elementor

The “Elementor Addons – PowerPack Addons for Elementor” WordPress Plugin before 2.3.2 for WordPress has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.

3.5
2021-05-05 CVE-2021-24261 Hasthemes Cross-Site Scripting vulnerability in Hasthemes HT Mega - Absolute Addons for Elementor Page Builder

The “HT Mega – Absolute Addons for Elementor Page Builder” WordPress Plugin before 1.5.7 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.

3.5
2021-05-05 CVE-2021-24271 Brainstormforce Cross-Site Scripting vulnerability in Brainstormforce Ultimate Addons for Elementor

The “Ultimate Addons for Elementor” WordPress Plugin before 1.30.0 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.

3.5
2021-05-05 CVE-2021-24269 Sinaextra Cross-Site Scripting vulnerability in Sinaextra Sina Extension for Elementor

The “Sina Extension for Elementor” WordPress Plugin before 3.3.12 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.

3.5
2021-05-05 CVE-2021-24264 Blocksera Cross-Site Scripting vulnerability in Blocksera Image Hover Effects

The “Image Hover Effects – Elementor Addon” WordPress Plugin before 1.3.4 has a widget that is vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.

3.5
2021-05-05 CVE-2021-24262 Hasthemes Cross-Site Scripting vulnerability in Hasthemes Woolentor - Woocommerce Elementor Addons + Builder

The “WooLentor – WooCommerce Elementor Addons + Builder” WordPress Plugin before 1.8.6 has a widget that is vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.

3.5
2021-05-05 CVE-2021-24255 Wpdeveloper Cross-Site Scripting vulnerability in Wpdeveloper Essential Addons for Elementor

The Essential Addons for Elementor Lite WordPress Plugin before 4.5.4 has two widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, both via a similar method.

3.5
2021-05-05 CVE-2021-24268 The “JetWidgets For Elementor” WordPress Plugin before 1.0.9 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.
3.5
2021-05-05 CVE-2021-24267 Themesgrove Cross-Site Scripting vulnerability in Themesgrove All-In-One Addons for Elementor

The “All-in-One Addons for Elementor – WidgetKit” WordPress Plugin before 2.3.10 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.

3.5
2021-05-05 CVE-2021-24266 Posimyth Cross-Site Scripting vulnerability in Posimyth the Plus Addons for Elementor Page Builder Lite

The “The Plus Addons for Elementor Page Builder Lite” WordPress Plugin before 2.0.6 has four widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.

3.5
2021-05-05 CVE-2021-24265 Apollo13Themes Cross-Site Scripting vulnerability in Apollo13Themes Rife Elementor Extensions & Templates

The “Rife Elementor Extensions & Templates” WordPress Plugin before 1.1.6 has a widget that is vulnerable to stored Cross-Site Scripting(XSS) by lower-privileged users such as contributors, all via a similar method.

3.5
2021-05-05 CVE-2021-24273 Clever Addons FOR Elementor Project Cross-Site Scripting vulnerability in Clever Addons for Elementor Project Clever Addons for Elementor

The “Clever Addons for Elementor” WordPress Plugin before 2.1.0 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.

3.5
2021-05-05 CVE-2021-24260 Livemeshelementor Cross-Site Scripting vulnerability in Livemeshelementor Addons for Elementor

The “Livemesh Addons for Elementor” WordPress Plugin before 6.8 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.

3.5
2021-05-05 CVE-2021-24259 Webtechstreet Cross-Site Scripting vulnerability in Webtechstreet Elementor Addon Elements

The “Elementor Addon Elements” WordPress Plugin before 1.11.2 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.

3.5
2021-05-05 CVE-2021-24257 Leap13 Cross-Site Scripting vulnerability in Leap13 Premium Addons for Elementor

The “Premium Addons for Elementor” WordPress Plugin before 4.2.8 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.

3.5
2021-05-05 CVE-2021-24256 Brainstormforce Cross-Site Scripting vulnerability in Brainstormforce Elementor - Header, Footer & Blocks Template

The “Elementor – Header, Footer & Blocks Template” WordPress Plugin before 1.5.8 has two widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.

3.5
2021-05-05 CVE-2021-29489 Highcharts Cross-Site Scripting vulnerability in Highcharts

Highcharts JS is a JavaScript charting library based on SVG.

3.5
2021-05-05 CVE-2020-4929 IBM Cross-Site Scripting vulnerability in IBM Qradar Security Information and Event Manager

IBM QRadar SIEM 7.3 and 7.4 is vulnerable to cross-site scripting.

3.5
2021-05-05 CVE-2021-29250 Btcpayserver Cross-Site Scripting vulnerability in Btcpayserver Btcpay Server

BTCPay Server through 1.0.7.0 suffers from a Stored Cross Site Scripting (XSS) vulnerability within the POS Add Products functionality.

3.5
2021-05-05 CVE-2020-22428 Solarwinds Cross-Site Scripting vulnerability in Solarwinds Serv-U FTP Server and Serv-U MFT Server

SolarWinds Serv-U before 15.1.6 Hotfix 3 is affected by Cross Site Scripting (XSS) via a directory name (entered by an admin) containing a JavaScript payload.

3.5
2021-05-04 CVE-2020-4987 IBM Cross-Site Scripting vulnerability in IBM Flashsystem 900 Firmware

The IBM FlashSystem 900 user management GUI is vulnerable to stored cross-site scripting in code versions 1.5.2.8 and prior and 1.6.1.2 and prior.

3.5
2021-05-06 CVE-2021-1515 Cisco Improper Access Control vulnerability in Cisco Sd-Wan Vmanage

A vulnerability in Cisco SD-WAN vManage Software could allow an unauthenticated, adjacent attacker to gain access to sensitive information.

3.3
2021-05-07 CVE-2021-3502 Avahi Reachable Assertion vulnerability in Avahi 0.85

A flaw was found in avahi 0.8-5.

2.1
2021-05-07 CVE-2020-11254 Qualcomm Null Pointer Dereference vulnerability in Qualcomm products

Memory corruption during buffer allocation due to dereferencing session ctx pointer without checking if pointer is valid in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile

2.1
2021-05-07 CVE-2021-1906 Qualcomm Improper Handling of Exceptional Conditions vulnerability in Qualcomm products

Improper handling of address deregistration on failure can lead to new GPU address allocation failure.

2.1
2021-05-06 CVE-2021-27941 Coolkit Incorrect Authorization vulnerability in Coolkit Ewelink

Unconstrained Web access to the device's private encryption key in the QR code pairing mode in the eWeLink mobile application (through 4.9.2 on Android and through 4.9.1 on iOS) allows a physically proximate attacker to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring the Wi-Fi spectrum during a device pairing process.

2.1
2021-05-06 CVE-2021-28150 Hongdian Improper Input Validation vulnerability in Hongdian H8922 Firmware 3.0.5

Hongdian H8922 3.0.5 devices allow the unprivileged guest user to read cli.conf (with the administrator password and other sensitive data) via /backup2.cgi.

2.1
2021-05-06 CVE-2021-31829 Linux
Fedoraproject
Incorrect Authorization vulnerability in multiple products

kernel/bpf/verifier.c in the Linux kernel through 5.12.1 performs undesirable speculative loads, leading to disclosure of stack content via side-channel attacks, aka CID-801c6058d14a.

2.1
2021-05-06 CVE-2021-1438 Cisco Exposure of Resource TO Wrong Sphere vulnerability in Cisco Wide Area Application Services

A vulnerability in Cisco Wide Area Application Services (WAAS) Software could allow an authenticated, local attacker to gain access to sensitive information on an affected device.

2.1
2021-05-06 CVE-2021-1519 A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client Software could allow an authenticated, local attacker to overwrite VPN profiles on an affected device.
2.1
2021-05-05 CVE-2021-25317 Suse
Fedoraproject
Incorrect Default Permissions vulnerability in multiple products

A Incorrect Default Permissions vulnerability in the packaging of cups of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Leap 15.2, Factory allows local attackers with control of the lp users to create files as root with 0644 permissions without the ability to set the content.

2.1