Vulnerability Summary for the Week of February 22, 2021


abb — ac500_v2_products
  The vulnerabilities can be exploited to cause the web visualization component of the PLC to stop and not respond, leading to genuine users losing remote visibility of the PLC state. If a user attempts to login to the PLC while this vulnerability is exploited, the PLC will show an error state and refuse connections to Automation Builder. The execution of the PLC application is not affected by this vulnerability. This issue affects ABB AC500 V2 products with onboard Ethernet. 2021-02-26 not yet calculated CVE-2020-24686
CONFIRM advantech — bb-eswgp506-2sfp-t
  BB-ESWGP506-2SFP-T versions 1.01.09 and prior is vulnerable due to the use of hard-coded credentials, which may allow an attacker to gain unauthorized access and permit the execution of arbitrary code on the BB-ESWGP506-2SFP-T (versions 1.01.01 and prior). 2021-02-24 not yet calculated

MISC

  CVE-2021-22667

aiohttp — aiohttp
  aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In aiohttp before version 3.7.4 there is an open redirect vulnerability. A maliciously crafted link to an aiohttp-based web-server could redirect the browser to a different website. It is caused by a bug in the `aiohttp.web_middlewares.normalize_path_middleware` middleware. This security problem has been fixed in 3.7.4. Upgrade your dependency using pip as follows “pip install aiohttp >= 3.7.4”. If upgrading is not an option for you, a workaround can be to avoid using `aiohttp.web_middlewares.normalize_path_middleware` in your applications. 2021-02-26 not yet calculated CVE-2021-21330
MISC
MISC
CONFIRM
MISC
DEBIAN amazon — pay_plugin
  best it Amazon Pay Plugin before 9.4.2 for Shopware exposes Sensitive Information to an Unauthorized Actor. 2021-02-26 not yet calculated CVE-2020-28199
MISC
MISC aoache — batik
  Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. 2021-02-24 not yet calculated CVE-2020-11987
MISC apache — xmlgraphics_comms
  Apache XmlGraphics Commons 2.4 is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. 2021-02-24 not yet calculated CVE-2020-11988
MISC appspace — appspace
  Appspace 6.2.4 allows SSRF via the api/v1/core/proxy/jsonprequest url parameter. 2021-02-25 not yet calculated CVE-2021-27670
MISC aruba — clearpass_policy_manager
  A remote unauthenticated stored cross-site scripting (XSS) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the web-based management interface of ClearPass could allow an unauthenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim’s browser in the context of the affected interface. 2021-02-23 not yet calculated CVE-2021-26678
MISC aruba — clearpass_policy_mananager
  A remote authenticated command Injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the ClearPass CLI could allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. 2021-02-23 not yet calculated CVE-2021-26681
MISC atlassian — gadgets
  The MessageBundleWhiteList class of atlassian-gadgets before version 4.2.37, from version 4.3.0 before 4.3.14, from version 4.3.2.0 before 4.3.2.4, from version 4.4.0 before 4.4.12, and from version 5.0.0 before 5.0.1 allowed unexpected DNS lookups and requests to arbitrary services as it incorrectly obtained application base url information from the executing http request which could be attacker controlled. 2021-02-22 not yet calculated CVE-2020-36232
MISC atlassian — jira
  The CachingResourceDownloadRewriteRule class in Jira Server and Jira Data Center before version 8.5.11, from 8.6.0 before 8.13.3, and from 8.14.0 before 8.15.0 allowed unauthenticated remote attackers to read arbitrary files within WEB-INF and META-INF directories via an incorrect path access check. 2021-02-22 not yet calculated CVE-2020-29453
MISC bosch — video_recording_manager
  Improper Access Control in the RCP+ server of the Bosch Video Recording Manager (VRM) component allows arbitrary and unauthenticated access to a limited subset of certificates, stored in the underlying Microsoft Windows operating system. The fixed versions implement modified authentication checks. Prior releases of VRM software version 3.70 are considered unaffected. This vulnerability affects VRM v3.70.x, v3.71 < v3.71.0034 and v3.81 < 3.81.0050; DIVAR IP 5000 3.80 < 3.80.0039; BVMS all versions using VRM. 2021-02-26 not yet calculated CVE-2019-11684
CONFIRM brave — brave
  Brave is an open source web browser with a focus on privacy and security. In Brave versions 1.17.73-1.20.103, the CNAME adblocking feature added in Brave 1.17.73 accidentally initiated DNS requests that bypassed the Brave Tor proxy. Users with adblocking enabled would leak DNS requests from Tor windows to their DNS provider. (DNS requests that were not initiated by CNAME adblocking would go through Tor as expected.) This is fixed in Brave version 1.20.108 2021-02-23 not yet calculated CVE-2021-21323
MISC
CONFIRM
MISC
MISC
MISC cisco — aci_multi-site_orchestrator
  A vulnerability in an API endpoint of Cisco ACI Multi-Site Orchestrator (MSO) installed on the Application Services Engine could allow an unauthenticated, remote attacker to bypass authentication on an affected device. The vulnerability is due to improper token validation on a specific API endpoint. An attacker could exploit this vulnerability by sending a crafted request to the affected API. A successful exploit could allow the attacker to receive a token with administrator-level privileges that could be used to authenticate to the API on affected MSO and managed Cisco Application Policy Infrastructure Controller (APIC) devices. 2021-02-24 not yet calculated CVE-2021-1388
CISCO cisco — anyconnect_secure_mobility_client
  A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials on the device. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending one or more crafted IPC messages to the AnyConnect process on an affected device. A successful exploit could allow the attacker to stop the AnyConnect process, causing a DoS condition on the device. Note: The process under attack will automatically restart so no action is needed by the user or admin. 2021-02-24 not yet calculated CVE-2021-1450
CISCO cisco — application_services_engine
  Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated, remote attacker to gain privileged access to host-level operations or to learn device-specific information, create diagnostic files, and make limited configuration changes. For more information about these vulnerabilities, see the Details section of this advisory. 2021-02-24 not yet calculated CVE-2021-1393
CISCO cisco — application_services_engine
  Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated, remote attacker to gain privileged access to host-level operations or to learn device-specific information, create diagnostic files, and make limited configuration changes. For more information about these vulnerabilities, see the Details section of this advisory. 2021-02-24 not yet calculated CVE-2021-1396
CISCO cisco — fxos_and_nx-os
  A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted Cisco UDLD protocol packets to a directly connected, affected device. A successful exploit could allow the attacker to execute arbitrary code with administrative privileges or cause the Cisco UDLD process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. The attacker needs full control of a directly connected device. That device must be connected over a port channel that has UDLD enabled. To trigger arbitrary code execution, both the UDLD-enabled port channel and specific system conditions must exist. In the absence of either the UDLD-enabled port channel or the system conditions, attempts to exploit this vulnerability will result in a DoS condition. It is possible, but highly unlikely, that an attacker could control the necessary conditions for exploitation. The CVSS score reflects this possibility. However, given the complexity of exploitation, Cisco has assigned a Medium Security Impact Rating (SIR) to this vulnerability. 2021-02-24 not yet calculated CVE-2021-1368
CISCO cisco — nexus_9000_series_fabric_switches A vulnerability in the Link Layer Discovery Protocol (LLDP) for Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, adjacent attacker to disable switching on a small form-factor pluggable (SFP) interface. This vulnerability is due to incomplete validation of the source of a received LLDP packet. An attacker could exploit this vulnerability by sending a crafted LLDP packet on an SFP interface to an affected device. A successful exploit could allow the attacker to disable switching on the SFP interface, which could disrupt network traffic. 2021-02-24 not yet calculated CVE-2021-1231
CISCO cisco — nexus_9000_series_fabric_switches A vulnerability in the implementation of an internal file management service for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode that are running Cisco NX-OS Software could allow an unauthenticated, remote attacker to create, delete, or overwrite arbitrary files with root privileges on the device. This vulnerability exists because TCP port 9075 is incorrectly configured to listen and respond to external connection requests. An attacker could exploit this vulnerability by sending crafted TCP packets to an IP address that is configured on a local interface on TCP port 9075. A successful exploit could allow the attacker to create, delete, or overwrite arbitrary files, including sensitive files that are related to the device configuration. For example, the attacker could add a user account without the device administrator knowing. 2021-02-24 not yet calculated CVE-2021-1361
CISCO cisco — nexus_9000_series_fabric_switches
  A vulnerability in the fabric infrastructure VLAN connection establishment of Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, adjacent attacker to bypass security validations and connect an unauthorized server to the infrastructure VLAN. This vulnerability is due to insufficient security requirements during the Link Layer Discovery Protocol (LLDP) setup phase of the infrastructure VLAN. An attacker could exploit this vulnerability by sending a crafted LLDP packet on the adjacent subnet to an affected device. A successful exploit could allow the attacker to connect an unauthorized server to the infrastructure VLAN, which is highly privileged. With a connection to the infrastructure VLAN, the attacker can make unauthorized connections to Cisco Application Policy Infrastructure Controller (APIC) services or join other host endpoints. 2021-02-24 not yet calculated CVE-2021-1228
CISCO cisco — nexus_9000_series_fabric_switches
  A vulnerability with the Border Gateway Protocol (BGP) for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to cause a routing process to crash, which could lead to a denial of service (DoS) condition. This vulnerability is due to an issue with the installation of routes upon receipt of a BGP update. An attacker could exploit this vulnerability by sending a crafted BGP update to an affected device. A successful exploit could allow the attacker to cause the routing process to crash, which could cause the device to reload. This vulnerability applies to both Internal BGP (IBGP) and External BGP (EBGP). Note: The Cisco implementation of BGP accepts incoming BGP traffic from explicitly configured peers only. To exploit this vulnerability, an attacker would need to send a specific BGP update message over an established TCP connection that appears to come from a trusted BGP peer. 2021-02-24 not yet calculated CVE-2021-1230
CISCO cisco — nx-os A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because the software improperly releases resources when it processes certain IPv6 packets that are destined to an affected device. An attacker could exploit this vulnerability by sending multiple crafted IPv6 packets to an affected device. A successful exploit could cause the network stack to run out of available buffers, impairing operations of control plane and management plane protocols and resulting in a DoS condition. Manual intervention would be required to restore normal operations on the affected device. For more information about the impact of this vulnerability, see the Details section of this advisory. 2021-02-24 not yet calculated CVE-2021-1387
CISCO cisco — nx-os
  A vulnerability in ICMP Version 6 (ICMPv6) processing in Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a slow system memory leak, which over time could lead to a denial of service (DoS) condition. This vulnerability is due to improper error handling when an IPv6-configured interface receives a specific type of ICMPv6 packet. An attacker could exploit this vulnerability by sending a sustained rate of crafted ICMPv6 packets to a local IPv6 address on a targeted device. A successful exploit could allow the attacker to cause a system memory leak in the ICMPv6 process on the device. As a result, the ICMPv6 process could run out of system memory and stop processing traffic. The device could then drop all ICMPv6 packets, causing traffic instability on the device. Restoring device functionality would require a device reboot. 2021-02-24 not yet calculated CVE-2021-1229
CISCO cisco — nx-os
  A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. This vulnerability is due to insufficient CSRF protections for the NX-API on an affected device. An attacker could exploit this vulnerability by persuading a user of the NX-API to follow a malicious link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the affected user. The attacker could view and modify the device configuration. Note: The NX-API feature is disabled by default. 2021-02-24 not yet calculated CVE-2021-1227
CISCO cisco — nx-os
  A vulnerability in the Protocol Independent Multicast (PIM) feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted PIM packet to an affected device. A successful exploit could allow the attacker to cause a traffic loop, resulting in a DoS condition. 2021-02-24 not yet calculated CVE-2021-1367
CISCO comrak_crate — comrak_crate
  An issue was discovered in the comrak crate before 0.9.1 for Rust. XSS can occur because the protection mechanism for data: and javascript: URIs is case-sensitive, allowing (for example) Data: to be used in an attack. 2021-02-25 not yet calculated CVE-2021-27671
MISC contec — solarview_compact Improper access control vulnerability in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an authenticated attacker to obtain and/or alter the setting information without the access privilege via unspecified vectors. 2021-02-24 not yet calculated CVE-2021-20657
MISC
MISC
MISC contec — solarview_compact SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an attacker to execute arbitrary OS commands with the web server privilege via unspecified vectors. 2021-02-24 not yet calculated CVE-2021-20658
MISC
MISC
MISC contec — solarview_compact Directory traversal vulnerability in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows authenticated attackers to delete arbitrary files and/or directories on the server via unspecified vectors. 2021-02-24 not yet calculated CVE-2021-20661
MISC
MISC
MISC contec — solarview_compact Missing authentication for critical function in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an attacker to alter the setting information without the access privileges via unspecified vectors. 2021-02-24 not yet calculated CVE-2021-20662
MISC
MISC
MISC contec — solarview_compact
  Exposure of information through directory listing in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an authenticated attacker to obtain the information inside the system, such as directories and/or file configurations via unspecified vectors. 2021-02-24 not yet calculated CVE-2021-20656
MISC
MISC
MISC contec — solarview_compact
  SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an authenticated attacker to upload arbitrary files via unspecified vectors. If the file is PHP script, an attacker may execute arbitrary code. 2021-02-24 not yet calculated CVE-2021-20659
MISC
MISC
MISC contec — solarview_compact
  Cross-site scripting vulnerability in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an attacker to inject an arbitrary script via unspecified vectors. 2021-02-24 not yet calculated CVE-2021-20660
MISC
MISC
MISC directus — directus ** UNSUPPORTED WHEN ASSIGNED ** In Directus 8.x through 8.8.1, an attacker can switch to the administrator role (via the PATCH method) without any control by the back end. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. 2021-02-23 not yet calculated CVE-2021-26594
MISC directus — directus
  ** UNSUPPORTED WHEN ASSIGNED ** In Directus 8.x through 8.8.1, an attacker can learn sensitive information such as the version of the CMS, the PHP version used by the site, and the name of the DBMS, simply by view the result of the api-aa, called automatically upon a connection. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. 2021-02-23 not yet calculated CVE-2021-26595
MISC directus — directus
  ** UNSUPPORTED WHEN ASSIGNED ** In Directus 8.x through 8.8.1, an attacker can discover whether a user is present in the database through the password reset feature. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. 2021-02-23 not yet calculated CVE-2021-27583
MISC directus — directus
  ** UNSUPPORTED WHEN ASSIGNED ** In Directus 8.x through 8.8.1, an attacker can see all users in the CMS using the API /users/{id}. For each call, they get in response a lot of information about the user (such as email address, first name, and last name) but also the secret for 2FA if one exists. This secret can be regenerated. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. 2021-02-23 not yet calculated CVE-2021-26593
MISC dropbear — dropbear
  scp.c in Dropbear before 2020.79 mishandles the filename of . or an empty filename, a related issue to CVE-2018-20685. 2021-02-25 not yet calculated CVE-2020-36254
MISC eclipse — jetty
  In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “qualityâ€? (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values. 2021-02-26 not yet calculated CVE-2020-27223
CONFIRM
CONFIRM eclipse — theia
  In Eclipse Theia versions up to and including 1.2.0, the Markdown Preview (@theia/preview), can be exploited to execute arbitrary code. 2021-02-24 not yet calculated CVE-2020-27224
CONFIRM ewelink — ewelink
  Weak encryption in the Quick Pairing mode in the eWeLink mobile application (Android application V4.9.2 and earlier, iOS application V4.9.1 and earlier) allows physically proximate attackers to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring the Wi-Fi spectrum during the pairing process. 2021-02-24 not yet calculated CVE-2020-12702
MISC
MISC
MISC
MISC fontforge — fontforge
  An out-of-bounds write flaw was found in FontForge in versions before 20200314 while parsing SFD files containing certain LayerCount tokens. This flaw allows an attacker to manipulate the memory allocated on the heap, causing the application to crash or execute arbitrary code. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. 2021-02-23 not yet calculated CVE-2020-25690
MISC gnu — c_library
  The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228. 2021-02-26 not yet calculated CVE-2020-27618
MISC
MISC google — android In performance driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch ID: ALPS05466547. 2021-02-26 not yet calculated CVE-2021-0405
MISC google — android In vpu, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch ID: ALPS05371580; Issue ID: ALPS05379085. 2021-02-26 not yet calculated CVE-2021-0367
MISC google — android In cameraisp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch ID: ALPS05471418. 2021-02-26 not yet calculated CVE-2021-0406
MISC google — android In vow, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch ID: ALPS05418265. 2021-02-26 not yet calculated CVE-2021-0401
MISC google — android
  In netdiag, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05475124. 2021-02-26 not yet calculated CVE-2021-0403
MISC google — android
  In mobile_log_d, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05457039. 2021-02-26 not yet calculated CVE-2021-0404
MISC google — android
  In vpu, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch ID: ALPS05371580; Issue ID: ALPS05379093. 2021-02-26 not yet calculated CVE-2021-0366
MISC google — android
  In jpeg, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05433311. 2021-02-26 not yet calculated CVE-2021-0402
MISC gopeak — masterlab
  A server-side request forgery (SSRF) vulnerability in Upgrade.php of gopeak masterlab 2.1.5, via the ‘source’ parameter. 2021-02-25 not yet calculated CVE-2020-23534
MISC gotenberg — thecodingmachine
  All versions of package github.com/thecodingmachine/gotenberg are vulnerable to Server-side Request Forgery (SSRF) via the /convert/html endpoint when the src attribute of an HTML element refers to an internal system file, such as <iframe src=’file:///etc/passwd’>. 2021-02-26 not yet calculated CVE-2021-23345
MISC
MISC i-doit — i-doit
  i-doit before 1.16.0 is affected by Stored Cross-Site Scripting (XSS) issues that could allow remote authenticated attackers to inject arbitrary web script or HTML via C__MONITORING__CONFIG__TITLE, SM2__C__MONITORING__CONFIG__TITLE, C__MONITORING__CONFIG__PATH, SM2__C__MONITORING__CONFIG__PATH, C__MONITORING__CONFIG__ADDRESS, or SM2__C__MONITORING__CONFIG__ADDRESS. 2021-02-27 not yet calculated CVE-2021-3151
MISC
MISC ibm — multiple_products
  IBM MQ 9.1 LTS, 9.2 LTS, and 9.1 CD AMQP Channels could allow an authenticated user to cause a denial of service due to an issue processing messages. IBM X-Force ID: 191747. 2021-02-24 not yet calculated CVE-2020-4931
XF
CONFIRM kaspersky — rescue_disk
  A component of Kaspersky custom boot loader allowed loading of untrusted UEFI modules due to insufficient check of their authenticity. This component is incorporated in Kaspersky Rescue Disk (KRD) and was trusted by the Authentication Agent of Full Disk Encryption in Kaspersky Endpoint Security (KES). This issue allowed to bypass the UEFI Secure Boot security feature. An attacker would need physical access to the computer to exploit it. Otherwise, local administrator privileges would be required to modify the boot loader component. 2021-02-26 not yet calculated CVE-2020-26200
MISC keylime — keylime
  A flaw was found in keylime 5.8.1 and older. The issue in the Keylime agent and registrar code invalidates the cryptographic chain of trust from the Endorsement Key certificate to agent attestations. 2021-02-25 not yet calculated CVE-2021-3406
MISC
MISC libcaca — libcaca
  A flaw was found in libcaca v0.99.beta19. A buffer overflow issue in caca_resize function in libcaca/caca/canvas.c may lead to local execution of arbitrary code in the user context. 2021-02-23 not yet calculated CVE-2021-3410
MISC
MISC libebml — libebml
  A flaw was found in libebml before 1.4.2. A heap overflow bug exists in the implementation of EbmlString::ReadData and EbmlUnicodeString::ReadData in libebml. 2021-02-23 not yet calculated CVE-2021-3405
MISC lma — isida_retriever
  LMA ISIDA Retriever 5.2 allows SQL Injection. 2021-02-26 not yet calculated CVE-2021-26904
MISC
MISC lma — isida_retriever
  LMA ISIDA Retriever 5.2 is vulnerable to XSS via query[‘text’]. 2021-02-26 not yet calculated CVE-2021-26903
MISC
MISC magento — upward-php
  Magento UPWARD-php version 1.1.4 (and earlier) is affected by a Path traversal vulnerability in Magento UPWARD Connector version 1.1.2 (and earlier) due to the upload feature. An attacker could potentially exploit this vulnerability to upload a malicious YAML file that can contain instructions which allows reading arbitrary files from the remote server. Access to the admin console is required for successful exploitation. 2021-02-25 not yet calculated CVE-2021-21064
MISC
MISC micro_focus — solutions_business_manager Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to privilege escalation vulnerability. 2021-02-26 not yet calculated CVE-2019-18945
CONFIRM micro_focus — solutions_business_manager Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to information disclosure. 2021-02-26 not yet calculated CVE-2019-18947
CONFIRM micro_focus — solutions_business_manager
  Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to stored XSS. The application reflects previously stored user input without encoding. 2021-02-26 not yet calculated CVE-2019-18942
CONFIRM micro_focus — solutions_business_manager
  Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to XML External Entity Processing (XXE) on certain operations. 2021-02-26 not yet calculated CVE-2019-18943
MISC micro_focus — solutions_business_manager
  Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to reflected XSS. 2021-02-26 not yet calculated CVE-2019-18944
CONFIRM micro_focus — solutions_business_manager
  Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to session fixation. 2021-02-26 not yet calculated CVE-2019-18946
CONFIRM microsoft — azure
  Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability 2021-02-25 not yet calculated CVE-2021-24109
N/A microsoft — azure
  Azure IoT CLI extension Elevation of Privilege Vulnerability 2021-02-25 not yet calculated CVE-2021-24087
N/A microsoft — dynamics_365 Microsoft Dataverse Information Disclosure Vulnerability 2021-02-25 not yet calculated CVE-2021-24101
N/A microsoft — dynamics_business_central
  Microsoft Dynamics Business Central Cross-site Scripting Vulnerability 2021-02-25 not yet calculated CVE-2021-1724
N/A microsoft — edge
  Microsoft Edge for Android Information Disclosure Vulnerability 2021-02-25 not yet calculated CVE-2021-24100
N/A microsoft — edge
  Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability 2021-02-25 not yet calculated CVE-2021-24113
N/A microsoft — excel Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24067, CVE-2021-24068, CVE-2021-24070. 2021-02-25 not yet calculated CVE-2021-24069
N/A microsoft — excel
  Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24067, CVE-2021-24068, CVE-2021-24069. 2021-02-25 not yet calculated CVE-2021-24070
N/A microsoft — excel
  Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24068, CVE-2021-24069, CVE-2021-24070. 2021-02-25 not yet calculated CVE-2021-24067
N/A microsoft — excel
  Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24067, CVE-2021-24069, CVE-2021-24070. 2021-02-25 not yet calculated CVE-2021-24068
N/A microsoft — exchange_server Microsoft Exchange Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-1730. 2021-02-25 not yet calculated CVE-2021-24085
N/A microsoft — exchange_server
  Microsoft Exchange Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-24085. 2021-02-25 not yet calculated CVE-2021-1730
N/A microsoft — installer
  Windows Installer Elevation of Privilege Vulnerability 2021-02-25 not yet calculated CVE-2021-1727
N/A microsoft — package_managers_configurations
  Package Managers Configurations Remote Code Execution Vulnerability 2021-02-25 not yet calculated CVE-2021-24105
N/A microsoft — powershell
  Microsoft.PowerShell.Utility Module WDAC Security Feature Bypass Vulnerability 2021-02-25 not yet calculated CVE-2021-24082
N/A microsoft — sharepoint Microsoft SharePoint Server Remote Code Execution Vulnerability 2021-02-25 not yet calculated CVE-2021-24072
N/A microsoft — sharepoint
  Microsoft SharePoint Spoofing Vulnerability 2021-02-25 not yet calculated CVE-2021-1726
N/A microsoft — sharepoint
  Microsoft SharePoint Information Disclosure Vulnerability 2021-02-25 not yet calculated CVE-2021-24071
N/A microsoft — sharepoint
  Microsoft SharePoint Remote Code Execution Vulnerability 2021-02-25 not yet calculated CVE-2021-24066
N/A microsoft — skype
  Skype for Business and Lync Denial of Service Vulnerability 2021-02-25 not yet calculated CVE-2021-24099
N/A microsoft — skype
  Skype for Business and Lync Spoofing Vulnerability 2021-02-25 not yet calculated CVE-2021-24073
N/A microsoft — teams
  Microsoft Teams iOS Information Disclosure Vulnerability 2021-02-25 not yet calculated CVE-2021-24114
N/A microsoft — visual_studio_code Visual Studio Code npm-script Extension Remote Code Execution Vulnerability 2021-02-25 not yet calculated CVE-2021-26700
N/A microsoft — visual_studio_code
  Visual Studio Code Remote Code Execution Vulnerability 2021-02-25 not yet calculated CVE-2021-1639
N/A microsoft — windows Windows DirectX Information Disclosure Vulnerability 2021-02-25 not yet calculated CVE-2021-24106
N/A microsoft — windows Windows Local Spooler Remote Code Execution Vulnerability 2021-02-25 not yet calculated CVE-2021-24088
N/A microsoft — windows .NET Framework Denial of Service Vulnerability 2021-02-25 not yet calculated CVE-2021-24111
N/A microsoft — windows Microsoft Windows Codecs Library Remote Code Execution Vulnerability 2021-02-25 not yet calculated CVE-2021-24081
N/A microsoft — windows Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-24102. 2021-02-25 not yet calculated CVE-2021-24103
N/A microsoft — windows Windows Camera Codec Pack Remote Code Execution Vulnerability 2021-02-25 not yet calculated CVE-2021-24091
N/A microsoft — windows Windows Console Driver Denial of Service Vulnerability 2021-02-25 not yet calculated CVE-2021-24098
N/A microsoft — windows Windows Address Book Remote Code Execution Vulnerability 2021-02-25 not yet calculated CVE-2021-24083
N/A microsoft — windows Windows TCP/IP Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24074. 2021-02-25 not yet calculated CVE-2021-24094
N/A microsoft — windows
  Microsoft Defender Elevation of Privilege Vulnerability 2021-02-25 not yet calculated CVE-2021-24092
N/A microsoft — windows
  Windows Graphics Component Remote Code Execution Vulnerability 2021-02-25 not yet calculated CVE-2021-24093
MISC
N/A microsoft — windows
  Windows Kernel Elevation of Privilege Vulnerability 2021-02-25 not yet calculated CVE-2021-24096
N/A microsoft — windows
  Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-24103. 2021-02-25 not yet calculated CVE-2021-24102
N/A microsoft — windows
  Windows PKU2U Elevation of Privilege Vulnerability 2021-02-25 not yet calculated CVE-2021-25195
N/A microsoft — windows
  Sysinternals PsExec Elevation of Privilege Vulnerability 2021-02-25 not yet calculated CVE-2021-1733
N/A microsoft — windows
  PFX Encryption Security Feature Bypass Vulnerability 2021-02-25 not yet calculated CVE-2021-1731
N/A microsoft — windows
  System Center Operations Manager Elevation of Privilege Vulnerability 2021-02-25 not yet calculated CVE-2021-1728
N/A microsoft — windows
  Microsoft Windows Security Feature Bypass Vulnerability 2021-02-25 not yet calculated CVE-2020-17162
N/A microsoft — windows
  Windows Remote Procedure Call Information Disclosure Vulnerability 2021-02-25 not yet calculated CVE-2021-1734
N/A microsoft — windows
  Microsoft Windows VMSwitch Information Disclosure Vulnerability 2021-02-25 not yet calculated CVE-2021-24076
N/A microsoft — windows
  Windows Network File System Denial of Service Vulnerability 2021-02-25 not yet calculated CVE-2021-24075
N/A microsoft — windows
  Windows TCP/IP Denial of Service Vulnerability 2021-02-25 not yet calculated CVE-2021-24086
N/A microsoft — windows
  Windows TCP/IP Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24094. 2021-02-25 not yet calculated CVE-2021-24074
N/A microsoft — windows
  Windows Mobile Device Management Information Disclosure Vulnerability 2021-02-25 not yet calculated CVE-2021-24084
N/A microsoft — windows
  Windows Fax Service Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1722. 2021-02-25 not yet calculated CVE-2021-24077
N/A microsoft — windows
  Windows DNS Server Remote Code Execution Vulnerability 2021-02-25 not yet calculated CVE-2021-24078
N/A microsoft — windows
  Windows Backup Engine Information Disclosure Vulnerability 2021-02-25 not yet calculated CVE-2021-24079
N/A microsoft — windows
  Windows Trust Verification API Denial of Service Vulnerability 2021-02-25 not yet calculated CVE-2021-24080
N/A microsoft — windows_fax_service
  Windows Fax Service Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24077. 2021-02-25 not yet calculated CVE-2021-1722
N/A microsoft — windows_win32k
  Windows Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1732. 2021-02-25 not yet calculated CVE-2021-1698
N/A microsoft — windows_win32k
  Windows Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1698. 2021-02-25 not yet calculated CVE-2021-1732
N/A mongodb — mongodb A specific version of the Node.js mongodb-client-encryption module does not perform correct validation of the KMS server’s certificate. This vulnerability in combination with a privileged network position active MITM attack could result in interception of traffic between the Node.js driver and the KMS service rendering client-side field level encryption (CSFLE) ineffective. This issue was discovered during internal testing and affects mongodb-client-encryption module version 1.2.0, which was available from 2021-Jan-29 and deprecated in the NPM Registry on 2021-Feb-04. This vulnerability does not impact driver traffic payloads with CSFLE-supported key services from applications residing inside the AWS, GCP, and Azure nework fabrics due to compensating controls in these environments. This issue does not impact driver workloads that don’t use Field Level Encryption. 2021-02-25 not yet calculated CVE-2021-20327
MISC mongodb — mongodb
  Specific versions of the Java driver that support client-side field level encryption (CSFLE) fail to perform correct host name verification on the KMS server’s certificate. This vulnerability in combination with a privileged network position active MITM attack could result in interception of traffic between the Java driver and the KMS service rendering Field Level Encryption ineffective. This issue was discovered during internal testing and affects all versions of the Java driver that support CSFLE. The Java async, Scala, and reactive streams drivers are not impacted. This vulnerability does not impact driver traffic payloads with CSFLE-supported key services originating from applications residing inside the AWS, GCP, and Azure network fabrics due to compensating controls in these environments. This issue does not impact driver workloads that don’t use Field Level Encryption. 2021-02-25 not yet calculated CVE-2021-20328
MISC mozilla — firefox One phishing tactic on the web is to provide a link with HTTP Auth. For example ‘https://www.phishingtarget.com@evil.com’. To mitigate this type of attack, Firefox will display a warning dialog; however, this warning dialog would not have been displayed if evil.com used a redirect that was cached by the browser. This vulnerability affects Firefox < 86. 2021-02-26 not yet calculated CVE-2021-23972
MISC
MISC mozilla — firefox Mozilla developers reported memory safety bugs present in Firefox 85. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 86. 2021-02-26 not yet calculated CVE-2021-23979
MISC
MISC mozilla — firefox Firefox for Android suffered from a time-of-check-time-of-use vulnerability that allowed a malicious application to read sensitive data from application directories. Note: This issue is only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox < 86. 2021-02-26 not yet calculated CVE-2021-23977
MISC
MISC mozilla — firefox When accepting a malicious intent from other installed apps, Firefox for Android accepted manifests from arbitrary file paths and allowed declaring webapp manifests for other origins. This could be used to gain fullscreen access for UI spoofing and could also lead to cross-origin attacks on targeted websites. Note: This issue is a different issue from CVE-2020-26954 and only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox < 86. 2021-02-26 not yet calculated CVE-2021-23976
MISC
MISC mozilla — firefox The developer page about:memory has a Measure function for exploring what object types the browser has allocated and their sizes. When this function was invoked we incorrectly called the sizeof function, instead of using the API method that checks for invalid pointers. This vulnerability affects Firefox < 86. 2021-02-26 not yet calculated CVE-2021-23975
MISC
MISC mozilla — firefox The DOMParser API did not properly process ‘<noscript>’ elements for escaping. This could be used as an mXSS vector to bypass an HTML Sanitizer. This vulnerability affects Firefox < 86. 2021-02-26 not yet calculated CVE-2021-23974
MISC
MISC mozilla — firefox Mozilla developers reported memory safety bugs present in Firefox 84. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 85. 2021-02-26 not yet calculated CVE-2021-23965
MISC
MISC mozilla — firefox An XSS bug in internal error pages could have led to various spoofing attacks, including other error pages and the address bar. Note: This issue only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox < 85. 2021-02-26 not yet calculated CVE-2021-23959
MISC
MISC mozilla — firefox The browser could have been confused into transferring a screen sharing state into another tab, which would leak unintended information. This vulnerability affects Firefox < 85. 2021-02-26 not yet calculated CVE-2021-23958
MISC
MISC mozilla — firefox
  Incorrect use of the ‘<RowCountChanged>’ method could have led to a user-after-poison and a potentially exploitable crash. This vulnerability affects Firefox < 85. 2021-02-26 not yet calculated CVE-2021-23962
MISC
MISC mozilla — firefox
  Context-specific code was included in a shared jump table; resulting in assertions being triggered in multithreaded wasm code. This vulnerability affects Firefox < 86. 2021-02-26 not yet calculated CVE-2021-23970
MISC
MISC mozilla — firefox
  Navigations through the Android-specific `intent` URL scheme could have been misused to escape iframe sandbox. Note: This issue only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox < 85. 2021-02-26 not yet calculated CVE-2021-23957
MISC
MISC mozilla — firefox
  Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network’s hosts as well as services running on the user’s local machine. This vulnerability affects Firefox < 85. 2021-02-26 not yet calculated CVE-2021-23961
MISC
MISC mozilla — firefox
  When sharing geolocation during an active WebRTC share, Firefox could have reset the webRTC sharing state in the user interface, leading to loss of control over the currently granted permission. This vulnerability affects Firefox < 85. 2021-02-26 not yet calculated CVE-2021-23963
MISC
MISC mozilla — firefox
  When processing a redirect with a conflicting Referrer-Policy, Firefox would have adopted the redirect’s Referrer-Policy. This would have potentially resulted in more information than intended by the original origin being provided to the destination of the redirect. This vulnerability affects Firefox < 86. 2021-02-26 not yet calculated CVE-2021-23971
MISC
MISC mozilla — firefox
  An ambiguous file picker design could have confused users who intended to select and upload a single file into uploading a whole directory. This was addressed by adding a new prompt. This vulnerability affects Firefox < 85. 2021-02-26 not yet calculated CVE-2021-23956
MISC
MISC mozilla — firefox
  The browser could have been confused into transferring a pointer lock state into another tab, which could have lead to clickjacking attacks. This vulnerability affects Firefox < 85. 2021-02-26 not yet calculated CVE-2021-23955
MISC
MISC mozilla — multiple_products If a user clicked into a specifically crafted PDF, the PDF reader could be confused into leaking cross-origin information, when said information is served as chunked data. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firefox ESR < 78.7. 2021-02-26 not yet calculated CVE-2021-23953
MISC
MISC
MISC
MISC mozilla — multiple_products Mozilla developers reported memory safety bugs present in Firefox 85 and Firefox ESR 78.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8. 2021-02-26 not yet calculated CVE-2021-23978
MISC
MISC
MISC
MISC mozilla — multiple_products When trying to load a cross-origin resource in an audio/video context a decoding error may have resulted, and the content of that error may have revealed information about the resource. This vulnerability affects Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8. 2021-02-26 not yet calculated CVE-2021-23973
MISC
MISC
MISC
MISC mozilla — multiple_products
  Performing garbage collection on re-declared JavaScript variables resulted in a user-after-poison, and a potentially exploitable crash. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firefox ESR < 78.7. 2021-02-26 not yet calculated CVE-2021-23960
MISC
MISC
MISC
MISC mozilla — multiple_products
  Mozilla developers reported memory safety bugs present in Firefox 84 and Firefox ESR 78.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firefox ESR < 78.7. 2021-02-26 not yet calculated CVE-2021-23964
MISC
MISC
MISC
MISC mozilla — multiple_products
  Using the new logical assignment operators in a JavaScript switch statement could have caused a type confusion, leading to a memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firefox ESR < 78.7. 2021-02-26 not yet calculated CVE-2021-23954
MISC
MISC
MISC
MISC mozilla — multiple_products
  If Content Security Policy blocked frame navigation, the full destination of a redirect served in the frame was reported in the violation report; as opposed to the original frame URI. This could be used to leak sensitive information contained in such URIs. This vulnerability affects Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8. 2021-02-26 not yet calculated CVE-2021-23968
MISC
MISC
MISC
MISC mozilla — multiple_products
  As specified in the W3C Content Security Policy draft, when creating a violation report, “User agents need to ensure that the source file is the URL requested by the page, pre-redirects. If that’s not possible, user agents need to strip the URL down to an origin to avoid unintentional leakage.” Under certain types of redirects, Firefox incorrectly set the source file to be the destination of the redirects. This was fixed to be the redirect destination’s origin. This vulnerability affects Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8. 2021-02-26 not yet calculated CVE-2021-23969
MISC
MISC
MISC
MISC mupdf — mupdf
  A flaw was found in mupdf 1.18.0. Double free of object during linearization may lead to memory corruption and other potential consequences. 2021-02-23 not yet calculated CVE-2021-3407
MISC nagios — xi
  Nagios XI below 5.7 is affected by code injection in the /nagiosxi/admin/graphtemplates.php component. To exploit this vulnerability, someone must have an admin user account in Nagios XI’s web system. 2021-02-25 not yet calculated CVE-2021-3273
MISC
MISC netplex — json-smart
  An issue was discovered in netplex json-smart-v1 through 2015-10-23 and json-smart-v2 through 2.4. An exception is thrown from a function, but it is not caught, as demonstrated by NumberFormatException. When it is not caught, it may cause programs using the library to crash or expose sensitive information. 2021-02-23 not yet calculated CVE-2021-27568
MISC
MISC nextcloud — deck
  Nextcloud Deck before 1.0.2 suffers from an insecure direct object reference (IDOR) vulnerability that permits users with a duplicate user identifier to access deck data of a previous deleted user. 2021-02-23 not yet calculated CVE-2020-8297
MISC
MISC
MISC node-red — node-red Node-Red is a low-code programming for event-driven applications built using nodejs. Node-RED 1.2.7 and earlier has a vulnerability which allows arbitrary path traversal via the Projects API. If the Projects feature is enabled, a user with `projects.read` permission is able to access any file via the Projects API. The issue has been patched in Node-RED 1.2.8. The vulnerability applies only to the Projects feature which is not enabled by default in Node-RED. The primary workaround is not give untrusted users read access to the Node-RED editor. 2021-02-26 not yet calculated CVE-2021-21298
MISC
MISC
CONFIRM
MISC node-red — node-red
  Node-Red is a low-code programming for event-driven applications built using nodejs. Node-RED 1.2.7 and earlier contains a Prototype Pollution vulnerability in the admin API. A badly formed request can modify the prototype of the default JavaScript Object with the potential to affect the default behaviour of the Node-RED runtime. The vulnerability is patched in the 1.2.8 release. A workaround is to ensure only authorized users are able to access the editor url. 2021-02-26 not yet calculated CVE-2021-21297
MISC
CONFIRM
MISC
MISC openid — connect_server
  org/mitre/oauth2/web/OAuthConfirmationController.java in the OpenID Connect server implementation for MITREid Connect through 1.3.3 contains a Mass Assignment (aka Autobinding) vulnerability. This arises due to unsafe usage of the @ModelAttribute annotation during the OAuth authorization flow, in which HTTP request parameters affect an authorizationRequest. 2021-02-23 not yet calculated CVE-2021-27582
MISC
MISC openscad — openscad
  A stack-based buffer overflow vulnerability exists in the import_stl.cc:import_stl() functionality of Openscad openscad-2020.12-RC2. A specially crafted STL file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. 2021-02-24 not yet calculated CVE-2020-28599
MISC opensuse — opesuse
  A Insecure Temporary File vulnerability in the packaging of cyrus-sasl of openSUSE Factory allows local attackers to escalate to root. This issue affects: openSUSE Factory cyrus-sasl version 2.1.27-4.2 and prior versions. 2021-02-25 not yet calculated CVE-2020-8032
CONFIRM opentext — content_server
  There are multiple persistent cross-site scripting (XSS) vulnerabilities in the web interface of OpenText Content Server Version 20.3. The application allows a remote attacker to introduce arbitrary JavaScript by crafting malicious form values that are later not sanitized. 2021-02-26 not yet calculated CVE-2021-3010
MISC
MISC owncloud — owncloud/client
  ownCloud owncloud/client before 2.7 allows DLL Injection. The desktop client loaded development plugins from certain directories when they were present. 2021-02-26 not yet calculated CVE-2020-28646
MISC
MISC p2p — p2p
  A vulnerability was discovered in how p2p/p2p_pd.c in wpa_supplicant before 2.10 processes P2P (Wi-Fi Direct) provision discovery requests. It could result in denial of service or other impact (potentially execution of arbitrary code), for an attacker within radio range. 2021-02-26 not yet calculated CVE-2021-27803
MLIST
MISC
MISC
MISC prestashop — prestashop PrestaShop is a fully scalable open source e-commerce solution. In PrestaShop before version 1.7.2 the soft logout system is not complete and an attacker is able to foreign request and executes customer commands. The problem is fixed in 1.7.7.2 2021-02-26 not yet calculated CVE-2021-21308
MISC
MISC
CONFIRM prestashop — prestashop
  PrestaShop is a fully scalable open source e-commerce solution. In PrestaShop before version 1.7.2 there is a CSV Injection vulnerability possible by using shop search keywords via the admin panel. The problem is fixed in 1.7.7.2 2021-02-26 not yet calculated CVE-2021-21302
MISC
MISC
CONFIRM prosoft_technology — icx35-hwc-a_and_icx35-hwc-e
  Changing the password on the module webpage does not require the user to type in the current password first. Thus, the password could be changed by a user or external process without knowledge of the current password on the ICX35-HWC-A and ICX35-HWC-E (Versions 1.9.62 and prior). 2021-02-26 not yet calculated CVE-2021-22661
MISC qemu — qemu
  An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5.2.0. It may occur if a guest was to supply invalid values for rx/tx queue size or other NIC parameters. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario. 2021-02-25 not yet calculated CVE-2021-20203
MISC
MISC qualcomm — multiple_snapdragon_products Arbitrary memory write issue in video driver while setting the internal buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile 2021-02-22 not yet calculated CVE-2020-11253
CONFIRM qualcomm — multiple_snapdragon_products Allowing RTT frames to be linked with non randomized MAC address by comparing the sequence numbers can lead to information disclosure. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking 2021-02-22 not yet calculated CVE-2020-11281
CONFIRM qualcomm — multiple_snapdragon_products Denial of service in WLAN module due to improper check of subtypes in logic where excessive frames are dropped in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music 2021-02-22 not yet calculated CVE-2020-11297
CONFIRM qualcomm — multiple_snapdragon_products Denial of service while processing fine timing measurement request (FTMR) frame with reserved bits set in the FTM parameter IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking 2021-02-22 not yet calculated CVE-2020-11280
CONFIRM qualcomm — multiple_snapdragon_products Possible out of bounds while accessing global control elements due to race condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking 2021-02-22 not yet calculated CVE-2020-11271
CONFIRM qualcomm — multiple_snapdragon_products Possible denial of service while handling host WMI command due to improper validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking 2021-02-22 not yet calculated CVE-2020-11278
CONFIRM qualcomm — multiple_snapdragon_products Possible denial of service due to RTT responder consistently rejects all FTMR by transmitting FTM1 with failure status in the FTM parameter IE in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking 2021-02-22 not yet calculated CVE-2020-11270
CONFIRM qualcomm — multiple_snapdragon_products
  Possible race condition during async fastrpc session after sending RPC message due to the fastrpc ctx gets free during async session in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile 2021-02-22 not yet calculated CVE-2020-11277
CONFIRM qualcomm — multiple_snapdragon_products
  Stack overflow may occur if GSM/WCDMA broadcast config size received from user is larger than variable length array in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables 2021-02-22 not yet calculated CVE-2020-11203
CONFIRM qualcomm — multiple_snapdragon_products
  Before enqueuing a frame to the PE queue for further processing, an entry in a hash table can be deleted and using a stale version later can lead to use after free condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables 2021-02-22 not yet calculated CVE-2020-11272
CONFIRM qualcomm — multiple_snapdragon_products
  Possible buffer over-read while parsing quiet IE in Rx beacon frame due to improper check of IE length in received beacon in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking 2021-02-22 not yet calculated CVE-2020-11275
CONFIRM qualcomm — multiple_snapdragon_products
  Possible buffer over read while processing P2P IE and NOA attribute of beacon and probe response frames due to improper validation of P2P IE and NOA attribute lengths in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking 2021-02-22 not yet calculated CVE-2020-11276
CONFIRM qualcomm — multiple_snapdragon_products
  Key material used for TZ diag buffer encryption and other data related to log buffer is not wiped securely due to improper usage of memset in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking 2021-02-22 not yet calculated CVE-2020-11198
CONFIRM qualcomm — multiple_snapdragon_products
  Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking 2021-02-22 not yet calculated CVE-2020-11269
CONFIRM qualcomm — multiple_snapdragon_products
  Possible memory corruption and information leakage in sub-system due to lack of check for validity and boundary compliance for parameters that are read from shared MSG RAM in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking 2021-02-22 not yet calculated CVE-2020-11204
CONFIRM qualcomm — multiple_snapdragon_products
  Out of bound read access in hypervisor due to an invalid read access attempt by passing invalid addresses in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking 2021-02-22 not yet calculated CVE-2020-3664
CONFIRM redis — redis
  Redis is an open-source, in-memory database that persists on disk. In affected versions of Redis an integer overflow bug in 32-bit Redis version 4.0 or newer could be exploited to corrupt the heap and potentially result with remote code execution. Redis 4.0 or newer uses a configurable limit for the maximum supported bulk input size. By default, it is 512MB which is a safe value for all platforms. If the limit is significantly increased, receiving a large request from a client may trigger several integer overflow scenarios, which would result with buffer overflow and heap corruption. We believe this could in certain conditions be exploited for remote code execution. By default, authenticated Redis users have access to all configuration parameters and can therefore use the “CONFIG SET proto-max-bulk-len” to change the safe default, making the system vulnerable. **This problem only affects 32-bit Redis (on a 32-bit system, or as a 32-bit executable running on a 64-bit system).** The problem is fixed in version 6.2, and the fix is back ported to 6.0.11 and 5.0.11. Make sure you use one of these versions if you are running 32-bit Redis. An additional workaround to mitigate the problem without patching the redis-server executable is to prevent clients from directly executing `CONFIG SET`: Using Redis 6.0 or newer, ACL configuration can be used to block the command. Using older versions, the `rename-command` configuration directive can be used to rename the command to a random string unknown to users, rendering it inaccessible. Please note that this workaround may have an additional impact on users or operational systems that expect `CONFIG SET` to behave in certain ways. 2021-02-26 not yet calculated CVE-2021-21309
MISC
MISC
CONFIRM resitfy-paginate The restify-paginate package 0.0.5 for Node.js allows remote attackers to cause a Denial-of-Service by omitting the HTTP Host header. A Restify-based web service would crash with an uncaught exception. 2021-02-25 not yet calculated CVE-2020-27543
MISC
MISC
MISC saltstack — salt In SaltStack Salt before 3002.5, when authenticating to services using certain modules, the SSL certificate is not always validated. 2021-02-27 not yet calculated CVE-2020-35662
CONFIRM saltstack — salt
  An issue was discovered in SaltStack Salt before 3002.5. The minion’s restartcheck is vulnerable to command injection via a crafted process name. This allows for a local privilege escalation by any user able to create a files on the minion in a non-blacklisted directory. 2021-02-27 not yet calculated CVE-2020-28243
CONFIRM saltstack — salt
  An issue was discovered in SaltStack Salt before 3002.5. The salt-api’s ssh client is vulnerable to a shell injection by including ProxyCommand in an argument, or via ssh_options provided in an API request. 2021-02-27 not yet calculated CVE-2021-3197
MISC
CONFIRM saltstack — salt
  An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level. 2021-02-27 not yet calculated CVE-2021-25284
MISC
CONFIRM saltstack — salt
  In SaltStack Salt before 3002.5, authentication to VMware vcenter, vsphere, and esxi servers (in the vmware.py files) does not always validate the SSL/TLS certificate. 2021-02-27 not yet calculated CVE-2020-28972
CONFIRM saltstack — salt
  An issue was discovered in through SaltStack Salt before 3002.5. The jinja renderer does not protect against server side template injection attacks. 2021-02-27 not yet calculated CVE-2021-25283
MISC
CONFIRM saltstack — salt
  An issue was discovered in through SaltStack Salt before 3002.5. The salt.wheel.pillar_roots.write method is vulnerable to directory traversal. 2021-02-27 not yet calculated CVE-2021-25282
MISC
CONFIRM saltstack — salt
  An issue was discovered in through SaltStack Salt before 3002.5. salt-api does not honor eauth credentials for the wheel_async client. Thus, an attacker can remotely run any wheel modules on the master. 2021-02-27 not yet calculated CVE-2021-25281
MISC
CONFIRM
MISC saltstack — salt
  An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py. 2021-02-27 not yet calculated CVE-2021-3148
MISC
CONFIRM saltstack — salt
  In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.) 2021-02-27 not yet calculated CVE-2021-3144
MISC
CONFIRM scytl — svote
  An issue was discovered in Scytl sVote 2.1. Due to the implementation of the database manager, an attacker can access the OrientDB by providing admin as the admin password. A different password cannot be set because of the implementation in code. 2021-02-27 not yet calculated CVE-2019-25021
MISC scytl — svote
  An issue was discovered in Scytl sVote 2.1. Because the sdm-ws-rest API does not require authentication, an attacker can retrieve the administrative configuration by sending a POST request to the /sdm-ws-rest/preconfiguration URI. 2021-02-27 not yet calculated CVE-2019-25020
MISC scytl — svote
  An issue was discovered in Scytl sVote 2.1. An attacker can inject code that gets executed by creating an election-event and injecting a payload over an event alias, because the application calls Runtime.getRuntime().exec() without validation. 2021-02-27 not yet calculated CVE-2019-25022
MISC scytl — svote
  An issue was discovered in Scytl sVote 2.1. Because the IP address from an X-Forwarded-For header (which can be manipulated client-side) is used for the internal application logs, an attacker can inject wrong IP addresses into these logs. 2021-02-27 not yet calculated CVE-2019-25023
MISC sercomm — ag_combo_vd625_agsot_devices
  SerComm AG Combo VD625 AGSOT_2.1.0 devices allow CRLF injection (for HTTP header injection) in the download function via the Content-Disposition header. 2021-02-27 not yet calculated CVE-2021-27132
MISC
MISC swift — vapor
  Vapor is a web framework for Swift. In Vapor before version 4.40.1, there is a DoS attack against anyone who Bootstraps a metrics backend for their Vapor app. The following is the attack vector: 1. send unlimited requests against a vapor instance with different paths. this will create unlimited counters and timers, which will eventually drain the system. 2. downstream services might suffer from this attack as well by being spammed with error paths. This has been patched in 4.40.1. The `DefaultResponder` will rewrite any undefined route paths for to `vapor_route_undefined` to avoid unlimited counters. 2021-02-26 not yet calculated CVE-2021-21328
MISC
MISC
CONFIRM
MISC synapse — synapse
  Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.25.0, a malicious homeserver could redirect requests to their .well-known file to a large file. This can lead to a denial of service attack where homeservers will consume significantly more resources when requesting the .well-known file of a malicious homeserver. This affects any server which accepts federation requests from untrusted servers. Issue is resolved in version 1.25.0. As a workaround the `federation_domain_whitelist` setting can be used to restrict the homeservers communicated with over federation. 2021-02-26 not yet calculated CVE-2021-21274
MISC
MISC
MISC
CONFIRM synapse — synapse
  Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.25.0, requests to user provided domains were not restricted to external IP addresses when calculating the key validity for third-party invite events and sending push notifications. This could cause Synapse to make requests to internal infrastructure. The type of request was not controlled by the user, although limited modification of request bodies was possible. For the most thorough protection server administrators should remove the deprecated `federation_ip_range_blacklist` from their settings after upgrading to Synapse v1.25.0 which will result in Synapse using the improved default IP address restrictions. See the new `ip_range_blacklist` and `ip_range_whitelist` settings if more specific control is necessary. 2021-02-26 not yet calculated CVE-2021-21273
MISC
MISC
MISC
CONFIRM synology — diskstation_manager Stack-based buffer overflow vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to execute arbitrary code via syno_finder_site HTTP header. 2021-02-26 not yet calculated CVE-2021-26561
CONFIRM synology — diskstation_manager Out-of-bounds write vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to execute arbitrary code via syno_finder_site HTTP header. 2021-02-26 not yet calculated CVE-2021-26562
CONFIRM synology — diskstation_manager Cleartext transmission of sensitive information vulnerability in synorelayd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to obtain sensitive information via an HTTP session. 2021-02-26 not yet calculated CVE-2021-26565
CONFIRM synology — diskstation_manager Cleartext transmission of sensitive information vulnerability in synorelayd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to spoof servers via an HTTP session. 2021-02-26 not yet calculated CVE-2021-26564
CONFIRM synology — diskstation_manager Use of unmaintained third party components vulnerability in faad in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote authenticated users to execute arbitrary code via a crafted file path. 2021-02-26 not yet calculated CVE-2021-26567
CONFIRM synology — diskstation_manager Insertion of sensitive information into sent data vulnerability in synorelayd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to execute arbitrary commands via inbound QuickConnect traffic. 2021-02-26 not yet calculated CVE-2021-26566
CONFIRM synology — diskstation_manager
  Cleartext transmission of sensitive information vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to spoof servers via an HTTP session. 2021-02-26 not yet calculated CVE-2021-26560
CONFIRM synology — diskstation_manager
  Improper access control vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows local users to obtain sensitive information via a crafted kernel module. 2021-02-26 not yet calculated CVE-2021-26563
CONFIRM tpm2 — tpm2 Missing initialization of a variable in the TPM2 source may allow a privileged user to potentially enable an escalation of privilege via local access. This affects tpm2-tss before 3.0.1 and before 2.4.3. 2021-02-26 not yet calculated CVE-2020-24455
CONFIRM
CONFIRM
CONFIRM triconsole — datepicker_calendar
  Triconsole Datepicker Calendar <3.77 is affected by cross-site scripting (XSS) in calendar_form.php. Attackers can read authentication cookies that are still active, which can be used to perform further attacks such as reading browser history, directory listings, and file contents. 2021-02-25 not yet calculated CVE-2021-27330
MISC
MISC
MISC
MISC undertow — undertow
  A flaw was found in Undertow. A regression in the fix for CVE-2020-10687 was found. HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own. The highest threat from this vulnerability is to data confidentiality and integrity. 2021-02-23 not yet calculated CVE-2021-20220
MISC visualware — myconnection_server
  In Visualware MyConnection Server before 11.0b build 5382, each published report is not associated with its own access code. 2021-02-19 not yet calculated CVE-2021-27509
MISC visualware — myconnection_server
  An issue was discovered in Visualware MyConnection Server through 11.0b build 5382. Unauthenticated Remote Code Execution can occur via Arbitrary File Upload in the web service when using a myspeed/sf?filename= URI. This application is written in Java and is thus cross-platform. The Windows installation runs as SYSTEM, which means that exploitation gives one Administrator privileges on the target system. 2021-02-26 not yet calculated CVE-2021-27198
MISC
MISC
MISC
MISC vmware — multiple_products
  OpenSLP as used in ESXi (7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, 6.5 before ESXi650-202102101-SG) has a heap-overflow vulnerability. A malicious actor residing within the same network segment as ESXi who has access to port 427 may be able to trigger the heap-overflow issue in OpenSLP service resulting in remote code execution. 2021-02-24 not yet calculated CVE-2021-21974
CONFIRM
MISC vmware — spring
  Applications using the “Sensitive Headers” functionality in Spring Cloud Netflix Zuul 2.2.6.RELEASE and below may be vulnerable to bypassing the “Sensitive Headers” restriction when executing requests with specially constructed URLs. Applications that use Spring Security’s StrictHttpFirewall (enabled by default for all URLs) are not affected by the vulnerability, as they reject requests that allow bypassing. 2021-02-23 not yet calculated CVE-2021-22113
CONFIRM vmware — spring_security Spring Security 5.4.x prior to 5.4.4, 5.3.x prior to 5.3.8.RELEASE, 5.2.x prior to 5.2.9.RELEASE, and older unsupported versions can fail to save the SecurityContext if it is changed more than once in a single request.A malicious user cannot cause the bug to happen (it must be programmed in). However, if the application’s intent is to only allow the user to run with elevated privileges in a small portion of the application, the bug can be leveraged to extend those privileges to the rest of the application. 2021-02-23 not yet calculated CVE-2021-22112
MLIST
MISC vmware — vcenter_server_and_cloud_foundation
  The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2). 2021-02-24 not yet calculated CVE-2021-21972
CONFIRM vmware — vcenter_server_and_cloud_foundation
  The vSphere Client (HTML5) contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue by sending a POST request to vCenter Server plugin leading to information disclosure. This affects: VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2). 2021-02-24 not yet calculated CVE-2021-21973
CONFIRM voiceye — wsactivebridgees
  VOICEYE WSActiveBridgeES versions prior to 2.1.0.3 contains a stack-based buffer overflow vulnerability caused by improper bound checking parameter given by attack. It finally leads to a stack-based buffer overflow via access to crafted web page. 2021-02-24 not yet calculated CVE-2020-7836
CONFIRM weberp — weberp
  In webERP 4.15, the ManualContents.php file allows users to specify the “Language” parameter, which can lead to local file inclusion. 2021-02-22 not yet calculated CVE-2020-22474
MISC zenphoto — zenphoto
  Zenphoto through 1.5.7 is affected by authenticated arbitrary file upload, leading to remote code execution. The attacker must navigate to the uploader plugin, check the elFinder box, and then drag and drop files into the Files(elFinder) portion of the UI. This can, for example, place a .php file in the server’s uploaded/ directory. 2021-02-26 not yet calculated CVE-2020-36079
MISC zint — barcode_generator
  ean_leading_zeroes in backend/upcean.c in Zint Barcode Generator 2.9.1 has a stack-based buffer overflow that is reachable from the C API through an application that includes the Zint Barcode Generator library code. 2021-02-26 not yet calculated CVE-2021-27799
MISC
MISC
MISC
MISC
MISC zte — zxr10_8900e
  A ZTE product has a memory leak vulnerability. Due to the product’s improper handling of memory release in certain scenarios, a local attacker with device permissions repeatedly attenuated the optical signal to cause memory leak and abnormal service. This affects: ZXR10 8900E, all versions up to V3.03.20R2B30P1. 2021-02-26 not yet calculated CVE-2021-21724
MISC

Source

Leave a Reply

Your email address will not be published. Required fields are marked *

Next Post

Singapore eye more digital cameras, technology to improve law enforcement

Mon Mar 1 , 2021
Singapore can be planning to expand its utilization of cameras and technologies to better assistance law enforcers and very first responders. These include plans to tap detectors, video analytics, synthetic intelligence (AI), software, and drones to help relieve manpower disadvantages plus improve support efficiencies.   As it is, the authorities […]