Security Bulletin 15 Sep 2021

Published on 15 Sep 2021

Updated on 15 Sep 2021

SingCERT's Security Bulletin summarises the list of vulnerabilities collated from the National Institute of Standards and Technology (NIST)'s National Vulnerability Database (NVD) in the past week.

The vulnerabilities are tabled based on severity, in accordance to their CVSSv3 base scores:


Criticalvulnerabilities with a base score of 9.0 to 10.0
Highvulnerabilities with a base score of 7.0 to 8.9
Mediumvulnerabilities with a base score of 4.0 to 6.9
Lowvulnerabilities with a base score of 0.1 to 3.9
Nonevulnerabilities with a base score of 0.0

For those vulnerabilities without assigned CVSS scores, please visit NVD for the updated CVSS vulnerability entries.

CRITICAL VULNERABILITIES
CVE NumberDescriptionBase ScoreReference
CVE-2016-0898MySQL for PCF tiles 1.7.x before 1.7.10 were discovered to log the AWS access key in plaintext. These credentials were logged to the Service Backup component logs, and not the system log, thus were not exposed outside the Service Backup VM.10https://nvd.nist.gov/vuln/detail/CVE-2016-0898
CVE-2020-1889A security feature bypass issue in WhatsApp Desktop versions prior to v0.3.4932 could have allowed for sandbox escape in Electron and escalation of privilege if combined with a remote code execution vulnerability inside the sandboxed renderer process.10https://nvd.nist.gov/vuln/detail/CVE-2020-1889
CVE-2021-32724check-spelling is a github action which provides CI spell checking. In affected versions and for a repository with the [check-spelling action](https://github.com/marketplace/actions/check-spelling) enabled that triggers on `pull_request_target` (or `schedule`), an attacker can send a crafted Pull Request that causes a `GITHUB_TOKEN` to be exposed. With the `GITHUB_TOKEN`, it's possible to push commits to the repository bypassing standard approval processes. Commits to the repository could then steal any/all secrets available to the repository. As a workaround users may can either: [Disable the workflow](https://docs.github.com/en/actions/managing-workflow-runs/disabling-and-enabling-a-workflow) until you've fixed all branches or Set repository to [Allow specific actions](https://docs.github.com/en/github/administering-a-repository/managing-repository-settings/disabling-or-limiting-github-actions-for-a-repository#allowing-specific-actions-to-run). check-spelling isn't a verified creator and it certainly won't be anytime soon. You could then explicitly add other actions that your repository uses. Set repository [Workflow permissions](https://docs.github.com/en/github/administering-a-repository/managing-repository-settings/disabling-or-limiting-github-actions-for-a-repository#setting-the-permissions-of-the-github_token-for-your-repository) to `Read repository contents permission`. Workflows using `check-spelling/check-spelling@main` will get the fix automatically. Workflows using a pinned sha or tagged version will need to change the affected workflows for all repository branches to the latest version. Users can verify who and which Pull Requests have been running the action by looking up the spelling.yml action in the Actions tab of their repositories, e.g., https://github.com/check-spelling/check-spelling/actions/workflows/spelling.yml - you can filter PRs by adding ?query=event%3Apull_request_target, e.g., https://github.com/check-spelling/check-spelling/actions/workflows/spelling.yml?query=event%3Apull_request_target.9.9https://nvd.nist.gov/vuln/detail/CVE-2021-32724
CVE-2016-3987The HTTP server in Trend Micro Password Manager allows remote web servers to execute arbitrary commands via the url parameter to (1) api/openUrlInDefaultBrowser or (2) api/showSB.9.8https://nvd.nist.gov/vuln/detail/CVE-2016-3987
CVE-2016-4351SQL injection vulnerability in the authentication functionality in Trend Micro Email Encryption Gateway (TMEEG) 5.5 before build 1107 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.9.8https://nvd.nist.gov/vuln/detail/CVE-2016-4351
CVE-2016-2785Puppet Server before 2.3.2 and Ruby puppetmaster in Puppet 4.x before 4.4.2 and in Puppet Agent before 1.4.2 might allow remote attackers to bypass intended auth.conf access restrictions by leveraging incorrect URL decoding.9.8https://nvd.nist.gov/vuln/detail/CVE-2016-2785
CVE-2016-4503Moxa Device Server Web Console 5232-N allows remote attackers to bypass authentication, and consequently modify settings and data, via vectors related to reading a cookie parameter containing a UserId value.9.8https://nvd.nist.gov/vuln/detail/CVE-2016-4503
CVE-2017-5005Stack-based buffer overflow in Quick Heal Internet Security 10.1.0.316 and earlier, Total Security 10.1.0.316 and earlier, and AntiVirus Pro 10.1.0.316 and earlier on OS X allows remote attackers to execute arbitrary code via a crafted LC_UNIXTHREAD.cmdsize field in a Mach-O file that is mishandled during a Security Scan (aka Custom Scan) operation.9.8https://nvd.nist.gov/vuln/detail/CVE-2017-5005
CVE-2017-3010Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the rendering engine. Successful exploitation could lead to arbitrary code execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2017-3010
CVE-2017-7576DragonWave Horizon 1.01.03 wireless radios have hardcoded login credentials (such as the username of energetic and password of wireless) meant to allow the vendor to access the devices. These credentials can be used in the web interface or by connecting to the device via TELNET. This is fixed in recent versions including 1.4.8.9.8https://nvd.nist.gov/vuln/detail/CVE-2017-7576
CVE-2015-2888Summer Baby Zoom Wifi Monitor & Internet Viewing System allows remote attackers to bypass authentication, related to the MySnapCam web service.9.8https://nvd.nist.gov/vuln/detail/CVE-2015-2888
CVE-2017-5158An Information Exposure issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior. Credentials may be exposed to external systems via specific URL parameters, as arbitrary destination addresses may be specified.9.8https://nvd.nist.gov/vuln/detail/CVE-2017-5158
CVE-2017-8773Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Out of Bounds Write on a Heap Buffer due to improper validation of dwCompressionSize of Microsoft WIM Header WIMHEADER_V1_PACKED. This vulnerability can be exploited to gain Remote Code Execution as well as Privilege Escalation.9.8https://nvd.nist.gov/vuln/detail/CVE-2017-8773
CVE-2017-8774Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Memory Corruption while parsing a malformed Mach-O file.9.8https://nvd.nist.gov/vuln/detail/CVE-2017-8774
CVE-2017-8775Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Memory Corruption while parsing a malformed Mach-O file.9.8https://nvd.nist.gov/vuln/detail/CVE-2017-8775
CVE-2017-6079The HTTP web-management application on Edgewater Networks Edgemarc appliances has a hidden page that allows for user-defined commands such as specific iptables routes, etc., to be set. You can use this page as a web shell essentially to execute commands, though you get no feedback client-side from the web application: if the command is valid, it executes. An example is the wget command. The page that allows this has been confirmed in firmware as old as 2006.9.8https://nvd.nist.gov/vuln/detail/CVE-2017-6079
CVE-2017-9034Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows attackers to write to arbitrary files and consequently execute arbitrary code with root privileges by leveraging failure to validate software updates.9.8https://nvd.nist.gov/vuln/detail/CVE-2017-9034
CVE-2017-4997EMC VASA Provider Virtual Appliance versions 8.3.x and prior has an unauthenticated remote code execution vulnerability that could potentially be exploited by malicious users to compromise the affected system.9.8https://nvd.nist.gov/vuln/detail/CVE-2017-4997
CVE-2017-8011EMC ViPR SRM, EMC Storage M&R, EMC VNX M&R, EMC M&R for SAS Solution Packs (EMC ViPR SRM prior to 4.1, EMC Storage M&R prior to 4.1, EMC VNX M&R all versions, EMC M&R (Watch4Net) for SAS Solution Packs all versions) contain undocumented accounts with default passwords for Webservice Gateway and RMI JMX components. A remote attacker with the knowledge of the default password may potentially use these accounts to run arbitrary web service and remote procedure calls on the affected system.9.8https://nvd.nist.gov/vuln/detail/CVE-2017-8011
CVE-2017-9521The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST); Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST); Cisco DPC3939B (firmware version dpc3939b-v303r204217-150321a-CMCST); Cisco DPC3941T (firmware version DPC3941_2.5s3_PROD_sey); and Arris TG1682G (eMTA&DOCSIS version 10.0.132.SIP.PC20.CT, software version TG1682_2.2p7s2_PROD_sey) devices allows remote attackers to execute arbitrary code via a specific (but unstated) exposed service. NOTE: the scope of this CVE does NOT include the concept of "Unnecessary Services" in general; the scope is only a single service that is unnecessarily exposed, leading to remote code execution. The details of that service might be disclosed at a later date.9.8https://nvd.nist.gov/vuln/detail/CVE-2017-9521
CVE-2017-13137The FormCraft Basic plugin 1.0.5 for WordPress has SQL injection in the id parameter to form.php.9.8https://nvd.nist.gov/vuln/detail/CVE-2017-13137
CVE-2017-7550A flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x before 2.4.1) passed certain parameters to the jenkins_plugin module. Remote attackers could use this flaw to expose sensitive information from a remote host's logs. This flaw was fixed by not allowing passwords to be specified in the "params" argument, and noting this in the module documentation.9.8https://nvd.nist.gov/vuln/detail/CVE-2017-7550
CVE-2017-11281Adobe Flash Player has an exploitable memory corruption vulnerability in the text handling function. Successful exploitation could lead to arbitrary code execution. This affects 26.0.0.151 and earlier.9.8https://nvd.nist.gov/vuln/detail/CVE-2017-11281
CVE-2017-11282Adobe Flash Player has an exploitable memory corruption vulnerability in the MP4 atom parser. Successful exploitation could lead to arbitrary code execution. This affects 26.0.0.151 and earlier.9.8https://nvd.nist.gov/vuln/detail/CVE-2017-11282
CVE-2017-11213An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer due to an integer overflow; the computation is part of the abstraction that creates an arbitrarily sized transparent or opaque bitmap image. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure.9.8https://nvd.nist.gov/vuln/detail/CVE-2017-11213
CVE-2017-11215An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the Primetime SDK. The mismatch between an old and a new object can provide an attacker with unintended memory access -- potentially leading to code corruption, control-flow hijack, or an information leak attack. Successful exploitation could lead to arbitrary code execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2017-11215
CVE-2017-11225An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the Primetime SDK metadata functionality. The mismatch between an old and a new object can provide an attacker with unintended memory access -- potentially leading to code corruption, control-flow hijack, or an information leak attack. Successful exploitation could lead to arbitrary code execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2017-11225
CVE-2017-3112An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is part of AdobePSDK metadata. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure.9.8https://nvd.nist.gov/vuln/detail/CVE-2017-3112
CVE-2017-3114An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is part of providing language- and region- or country- specific functionality. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure.9.8https://nvd.nist.gov/vuln/detail/CVE-2017-3114
CVE-2014-5071SQL injection vulnerability in the checkPassword function in Symmetricom s350i 2.70.15 allows remote attackers to execute arbitrary SQL commands via vectors involving a username.9.8https://nvd.nist.gov/vuln/detail/CVE-2014-5071
CVE-2018-4877A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player's quality of service functionality. A successful attack can lead to arbitrary code execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2018-4877
CVE-2018-4878A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player handling of listener objects. A successful attack can lead to arbitrary code execution. This was exploited in the wild in January and February 2018.9.8https://nvd.nist.gov/vuln/detail/CVE-2018-4878
CVE-2018-1000101Mingw-w64 version 5.0.3 and earlier, 5.0.4, 6.0.0 and 7.0.0 contains an Improper Null Termination (CWE-170) vulnerability in mingw-w64-crt (libc)->(v)snprintf that can result in The bug may be used to corrupt subsequent string functions. This attack appear to be exploitable via Depending on the usage, worst case: network.9.8https://nvd.nist.gov/vuln/detail/CVE-2018-1000101
CVE-2014-2073Stack-based buffer overflow in Dassault Systemes CATIA V5-6R2013 allows remote attackers to execute arbitrary code via a crafted packet, related to "CATV5_Backbone_Bus."9.8https://nvd.nist.gov/vuln/detail/CVE-2014-2073
CVE-2017-11240Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011.30066 and earlier, 2015.006.30355 and earlier, 11.0.22 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.9.8https://nvd.nist.gov/vuln/detail/CVE-2017-11240
CVE-2017-11250Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011.30066 and earlier, 2015.006.30355 and earlier, 11.0.22 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.9.8https://nvd.nist.gov/vuln/detail/CVE-2017-11250
CVE-2017-11253Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011.30066 and earlier, 2015.006.30355 and earlier, 11.0.22 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.9.8https://nvd.nist.gov/vuln/detail/CVE-2017-11253
CVE-2017-11306Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011.30066 and earlier, 2015.006.30355 and earlier, 11.0.22 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.9.8https://nvd.nist.gov/vuln/detail/CVE-2017-11306
CVE-2017-11307Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011.30066 and earlier, 2015.006.30355 and earlier, 11.0.22 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.9.8https://nvd.nist.gov/vuln/detail/CVE-2017-11307
CVE-2017-11308Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011.30066 and earlier, 2015.006.30355 and earlier, 11.0.22 and earlier have an exploitable heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.9.8https://nvd.nist.gov/vuln/detail/CVE-2017-11308
CVE-2018-4917Adobe Acrobat and Reader versions 2018.009.20050 and earlier, 2017.011.30070 and earlier, 2015.006.30394 and earlier have an exploitable heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.9.8https://nvd.nist.gov/vuln/detail/CVE-2018-4917
CVE-2018-4918Adobe Acrobat and Reader versions 2018.009.20050 and earlier, 2017.011.30070 and earlier, 2015.006.30394 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.9.8https://nvd.nist.gov/vuln/detail/CVE-2018-4918
CVE-2018-4944Adobe Flash Player versions 29.0.0.140 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.9.8https://nvd.nist.gov/vuln/detail/CVE-2018-4944
CVE-2018-1000533klaussilveira GitList version <= 0.6 contains a Passing incorrectly sanitized input to system function vulnerability in `searchTree` function that can result in Execute any code as PHP user. This attack appear to be exploitable via Send POST request using search form. This vulnerability appears to have been fixed in 0.7 after commit 87b8c26b023c3fc37f0796b14bb13710f397b322.9.8https://nvd.nist.gov/vuln/detail/CVE-2018-1000533
CVE-2018-8327A remote code execution vulnerability exists in PowerShell Editor Services, aka "PowerShell Editor Services Remote Code Execution Vulnerability." This affects PowerShell Editor, PowerShell Extension.9.8https://nvd.nist.gov/vuln/detail/CVE-2018-8327
CVE-2018-8273A buffer overflow vulnerability exists in the Microsoft SQL Server that could allow remote code execution on an affected system, aka "Microsoft SQL Server Remote Code Execution Vulnerability." This affects Microsoft SQL Server.9.8https://nvd.nist.gov/vuln/detail/CVE-2018-8273
CVE-2018-11653Information disclosure in Netwave IP camera at //etc/RT2870STA.dat (via HTTP on port 8000) allows an unauthenticated attacker to exfiltrate sensitive information about the network configuration like the network SSID and password.9.8https://nvd.nist.gov/vuln/detail/CVE-2018-11653
CVE-2018-12810Adobe Photoshop CC 2018 before 19.1.6 and Photoshop CC 2017 before 18.1.6 have a memory corruption vulnerability. Successful exploitation could lead to remote code execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2018-12810
CVE-2018-12811Adobe Photoshop CC 2018 before 19.1.6 and Photoshop CC 2017 before 18.1.6 have a memory corruption vulnerability. Successful exploitation could lead to remote code execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2018-12811
CVE-2018-20299An issue was discovered in several Bosch Smart Home cameras (360 degree indoor camera and Eyes outdoor camera) with firmware before 6.52.4. A malicious client could potentially succeed in the unauthorized execution of code on the device via the network interface, because there is a buffer overflow in the RCP+ parser of the web server.9.8https://nvd.nist.gov/vuln/detail/CVE-2018-20299
CVE-2018-20383ARRIS DG950A 7.10.145 and DG950S 7.10.145.EURO devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.9.8https://nvd.nist.gov/vuln/detail/CVE-2018-20383
CVE-2018-20386ARRIS SBG6580-2 D30GW-SEAEAGLE-1.5.2.5-GA-00-NOSH devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.9.8https://nvd.nist.gov/vuln/detail/CVE-2018-20386
CVE-2018-11741NEC Univerge Sv9100 WebPro 6.00.00 devices have Predictable Session IDs that result in Account Information Disclosure via Home.htm?sessionId=#####&GOTO(8) URIs.9.8https://nvd.nist.gov/vuln/detail/CVE-2018-11741
CVE-2018-11742NEC Univerge Sv9100 WebPro 6.00.00 devices have Cleartext Password Storage in the Web UI.9.8https://nvd.nist.gov/vuln/detail/CVE-2018-11742
CVE-2019-6139Forcepoint User ID (FUID) server versions up to 1.2 have a remote arbitrary file upload vulnerability on TCP port 5001. Successful exploitation of this vulnerability may lead to remote code execution. To fix this vulnerability, upgrade to FUID version 1.3 or higher. To prevent the vulnerability on FUID versions 1.2 and below, apply local firewall rules on the FUID server to disable all external access to port TCP/5001. FUID requires this port only for local connections through the loopback interface.9.8https://nvd.nist.gov/vuln/detail/CVE-2019-6139
CVE-2018-16529A password reset vulnerability has been discovered in Forcepoint Email Security 8.5.x. The password reset URL can be used after the intended expiration period or after the URL has already been used to reset a password.9.8https://nvd.nist.gov/vuln/detail/CVE-2018-16529
CVE-2019-12288An issue was discovered in upgrade_htmls.cgi on VStarcam 100T (C7824WIP) KR75.8.53.20 and 200V (C38S) KR203.18.1.20 devices. The web service, network, and account files can be manipulated through a web UI firmware update without any authentication. The attacker can achieve access to the device through a manipulated web UI firmware update.9.8https://nvd.nist.gov/vuln/detail/CVE-2019-12288
CVE-2019-7029Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-7029
CVE-2019-7031Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-7031
CVE-2019-7037Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-7037
CVE-2019-7039Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-7039
CVE-2019-7040Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-7040
CVE-2019-7046Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-7046
CVE-2019-7050Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-7050
CVE-2019-7051Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-7051
CVE-2019-7052Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-7052
CVE-2019-7054Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-7054
CVE-2019-7060Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-7060
CVE-2019-7062Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-7062
CVE-2019-7066Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-7066
CVE-2019-7068Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-7068
CVE-2019-7094Adobe Photoshop CC 19.1.7 and earlier, and 20.0.2 and earlier have a heap corruption vulnerability. Successful exploitation could lead to arbitrary code execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2019-7094
CVE-2019-12900BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.9.8https://nvd.nist.gov/vuln/detail/CVE-2019-12900
CVE-2019-7965Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-7965
CVE-2019-8003Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8003
CVE-2019-8006Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8006
CVE-2019-8009Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8009
CVE-2019-8015Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8015
CVE-2019-8016Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8016
CVE-2019-8017Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8017
CVE-2019-8022Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8022
CVE-2019-8023Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8023
CVE-2019-8024Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8024
CVE-2019-8025Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8025
CVE-2019-8026Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8026
CVE-2019-8028Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8028
CVE-2019-8029Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8029
CVE-2019-8030Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8030
CVE-2019-8031Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8031
CVE-2019-8036Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8036
CVE-2019-8041Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8041
CVE-2019-8042Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8042
CVE-2019-8044Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a double free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8044
CVE-2019-8045Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8045
CVE-2019-8046Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8046
CVE-2019-8047Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8047
CVE-2019-8048Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a buffer error vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8048
CVE-2019-8049Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8049
CVE-2019-8050Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8050
CVE-2019-8055Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8055
CVE-2019-8060Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8060
CVE-2019-8061Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8061
CVE-2019-8098Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8098
CVE-2019-8100Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8100
CVE-2019-7968Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2019-7968
CVE-2019-7969Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2019-7969
CVE-2019-7970Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2019-7970
CVE-2019-7971Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2019-7971
CVE-2019-7972Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2019-7972
CVE-2019-7973Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2019-7973
CVE-2019-7974Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2019-7974
CVE-2019-7975Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2019-7975
CVE-2019-7990Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2019-7990
CVE-2019-7992Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2019-7992
CVE-2019-7993Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2019-7993
CVE-2019-7997Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2019-7997
CVE-2019-7998Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2019-7998
CVE-2019-8001Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8001
CVE-2019-8069Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Same Origin Method Execution vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user.9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8069
CVE-2019-8070Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Use after free vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user.9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8070
CVE-2019-8161Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8161
CVE-2019-8167Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8167
CVE-2019-8169Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8169
CVE-2019-8186Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8186
CVE-2019-8195Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8195
CVE-2019-8196Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8196
CVE-2019-8197Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8197
CVE-2019-8199Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8199
CVE-2019-8200Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8200
CVE-2019-8205Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8205
CVE-2019-8206Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8206
CVE-2019-8211Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8211
CVE-2019-8212Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8212
CVE-2019-8213Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8213
CVE-2019-8214Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8214
CVE-2019-8215Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8215
CVE-2019-8220Adobe Acrobat and Reader versions, 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8220
CVE-2019-8221Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8221
CVE-2019-18218cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write).9.8https://nvd.nist.gov/vuln/detail/CVE-2019-18218
CVE-2019-11933A heap buffer overflow bug in libpl_droidsonroids_gif before 1.2.19, as used in WhatsApp for Android before version 2.19.291 could allow remote attackers to execute arbitrary code or cause a denial of service.9.8https://nvd.nist.gov/vuln/detail/CVE-2019-11933
CVE-2019-8236Creative Cloud Desktop Application version 4.6.1 and earlier versions have Security Bypass vulnerability. Successful exploitation could lead to Privilege Escalation in the context of the current user.9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8236
CVE-2019-8237Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an insufficiently robust encryption vulnerability. Successful exploitation could lead to security feature bypass.9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8237
CVE-2019-5617Computing For Good's Basic Laboratory Information System (also known as C4G BLIS) version 3.4 and earlier suffers from an instance of CWE-284, "Improper Access Control." As a result, an unauthenticated user may change the password of any administrator-level user.9.8https://nvd.nist.gov/vuln/detail/CVE-2019-5617
CVE-2019-5644Computing For Good's Basic Laboratory Information System (also known as C4G BLIS) version 3.5 and earlier suffers from an instance of CWE-284, "Improper Access Control." As a result, an unauthenticated user may alter several facets of a user account, including promoting any user to an administrator.9.8https://nvd.nist.gov/vuln/detail/CVE-2019-5644
CVE-2019-18818strapi before 3.0.0-beta.17.5 mishandles password resets within packages/strapi-admin/controllers/Auth.js and packages/strapi-plugin-users-permissions/controllers/Auth.js.9.8https://nvd.nist.gov/vuln/detail/CVE-2019-18818
CVE-2019-8246Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8246
CVE-2019-8247Adobe Illustrator CC versions 23.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8247
CVE-2019-8248Adobe Illustrator CC versions 23.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8248
CVE-2019-11936Various APC functions accept keys containing null bytes as input, leading to premature truncation of input. This issue affects HHVM versions prior to 3.30.12, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 and 4.23.1, as well as 4.24.0, 4.25.0, 4.26.0, 4.27.0, 4.28.0, and 4.28.1.9.8https://nvd.nist.gov/vuln/detail/CVE-2019-11936
CVE-2019-16444Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have a binary planting (default folder privilege escalation) vulnerability. Successful exploitation could lead to privilege escalation.9.8https://nvd.nist.gov/vuln/detail/CVE-2019-16444
CVE-2019-16445Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-16445
CVE-2019-16446Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-16446
CVE-2019-16448Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-16448
CVE-2019-16450Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-16450
CVE-2019-16451Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-16451
CVE-2019-16452Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-16452
CVE-2019-16453Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have a security bypass vulnerability. Successful exploitation could lead to arbitrary code execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2019-16453
CVE-2019-16454Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-16454
CVE-2019-16455Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-16455
CVE-2019-16459Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-16459
CVE-2019-16460Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-16460
CVE-2019-16462Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have a buffer error vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-16462
CVE-2019-16463Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-16463
CVE-2019-16464Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-16464
CVE-2019-17571Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17.9.8https://nvd.nist.gov/vuln/detail/CVE-2019-17571
CVE-2014-4982LPAR2RRD ? 4.53 and ? 3.5 has arbitrary command injection on the application server.9.8https://nvd.nist.gov/vuln/detail/CVE-2014-4982
CVE-2019-7131Adobe Acrobat and Reader versions 2019.010.20064 and earlier, 2019.010.20064 and earlier, 2017.011.30110 and earlier version, and 2015.006.30461 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2019-7131
CVE-2019-8257Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2019-8257
CVE-2019-20451The HTTP API in Prismview System 9 11.10.17.00 and Prismview Player 11 13.09.1100 allows remote code execution by uploading RebootSystem.lnk and requesting /REBOOTSYSTEM or /RESTARTVNC. (Authentication is required but an XML file containing credentials can be downloaded.)9.8https://nvd.nist.gov/vuln/detail/CVE-2019-20451
CVE-2020-3742Adobe Acrobat and Reader versions, 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2020-3742
CVE-2020-3743Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2020-3743
CVE-2020-3745Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2020-3745
CVE-2020-3746Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2020-3746
CVE-2020-3749Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2020-3749
CVE-2020-3750Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2020-3750
CVE-2020-3751Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2020-3751
CVE-2020-3752Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a buffer error vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2020-3752
CVE-2020-3754Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a buffer error vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2020-3754
CVE-2020-3762Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a privilege escalation vulnerability. Successful exploitation could lead to arbitrary file system write.9.8https://nvd.nist.gov/vuln/detail/CVE-2020-3762
CVE-2020-3763Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a privilege escalation vulnerability. Successful exploitation could lead to arbitrary file system write.9.8https://nvd.nist.gov/vuln/detail/CVE-2020-3763
CVE-2020-3792Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have a use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2020-3792
CVE-2020-3793Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have a use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2020-3793
CVE-2020-3795Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2020-3795
CVE-2020-3797Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2020-3797
CVE-2020-3799Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have a stack-based buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2020-3799
CVE-2020-3801Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have a use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2020-3801
CVE-2020-3805Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have a use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2020-3805
CVE-2020-3807Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have a buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution .9.8https://nvd.nist.gov/vuln/detail/CVE-2020-3807
CVE-2020-3775Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have a buffer errors vulnerability. Successful exploitation could lead to arbitrary code execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2020-3775
CVE-2020-3783Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have a heap corruption vulnerability. Successful exploitation could lead to arbitrary code execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2020-3783
CVE-2020-3784Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2020-3784
CVE-2020-3785Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2020-3785
CVE-2020-3786Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2020-3786
CVE-2020-3787Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2020-3787
CVE-2020-3788Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2020-3788
CVE-2020-3789Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2020-3789
CVE-2019-7305Information Exposure vulnerability in eXtplorer makes the /usr/ and /etc/extplorer/ system directories world-accessible over HTTP. Introduced in the Makefile patch file debian/patches/debian-changes-2.1.0b6+dfsg-1 or debian/patches/adds-a-makefile.patch, this can lead to data leakage, information disclosure and potentially remote code execution on the web server. This issue affects all versions of eXtplorer in Ubuntu and Debian9.8https://nvd.nist.gov/vuln/detail/CVE-2019-7305
CVE-2020-1745A file inclusion vulnerability was found in the AJP connector enabled with a default AJP configuration port of 8009 in Undertow version 2.0.29.Final and before and was fixed in 2.0.30.Final. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instances where the vulnerable server allows file uploads, an attacker could upload malicious JavaServer Pages (JSP) code within a variety of file types and trigger this vulnerability to gain remote code execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2020-1745
CVE-2020-8481For ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody Composer 5.3, 6.1/6.2 and SPE for Melody 1.0SPx (Composer 6.3), Harmony OPC Server (HAOPC) Standalone 6.0, 6.1 and 7.0, ABB Ability™ System 800xA/ Advant® OCS Control Builder A 1.3 and 1.4, Advant® OCS AC100 OPC Server 5.1, 6.0 and 6.1, Composer CTK 6.1 and 6.2, AdvaBuild 3.7 SP1 and SP2, OPCServer for MOD 300 (non-800xA) 1.4, OPC Data Link 2.1 and 2.2, Knowledge Manager 8.0, 9.0 and 9.1, Manufacturing Operations Management 1812 and 1909, confidential data is written in an unprotected file. An attacker who successfully exploited this vulnerability could take full control of the computer.9.8https://nvd.nist.gov/vuln/detail/CVE-2020-8481
CVE-2019-5619AASync.com AASync version 2.2.1.0 suffers from an instance of CWE-121: Stack-based Buffer Overflow.9.8https://nvd.nist.gov/vuln/detail/CVE-2019-5619
CVE-2019-5623Accellion File Transfer Appliance version FTA_8_0_540 suffers from an instance of CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection').9.8https://nvd.nist.gov/vuln/detail/CVE-2019-5623
CVE-2020-10683dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.9.8https://nvd.nist.gov/vuln/detail/CVE-2020-10683
CVE-2020-12651SecureCRT before 8.7.2 allows remote attackers to execute arbitrary code via an Integer Overflow and a Buffer Overflow because a banner can trigger a line number to CSI functions that exceeds INT_MAX.9.8https://nvd.nist.gov/vuln/detail/CVE-2020-12651
CVE-2020-13417An Elevation of Privilege issue was discovered in Aviatrix VPN Client before 2.10.7, because of an incomplete fix for CVE-2020-7224. This affects Linux, macOS, and Windows installations for certain OpenSSL parameters.9.8https://nvd.nist.gov/vuln/detail/CVE-2020-13417
CVE-2020-9633Adobe Flash Player Desktop Runtime 32.0.0.371 and earlier, Adobe Flash Player for Google Chrome 32.0.0.371 and earlier, and Adobe Flash Player for Microsoft Edge and Internet Explorer 32.0.0.330 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2020-9633
CVE-2019-20856An issue was discovered in Mattermost Desktop App before 4.3.0 on macOS. It allows dylib injection.9.8https://nvd.nist.gov/vuln/detail/CVE-2019-20856
CVE-2020-35885An issue was discovered in the alpm-rs crate through 2020-08-20 for Rust. StrcCtx performs improper memory deallocation.9.8https://nvd.nist.gov/vuln/detail/CVE-2020-35885
CVE-2020-15800A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.0). The webserver of the affected devices contains a vulnerability that may lead to a heap overflow condition. An attacker could cause this condition on the webserver by sending specially crafted requests. This could stop the webserver temporarily.9.8https://nvd.nist.gov/vuln/detail/CVE-2020-15800
CVE-2020-25226A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0). The web server of the affected devices contains a vulnerability that may lead to a buffer overflow condition. An attacker could cause this condition on the webserver by sending a specially crafted request. The webserver could stop and not recover anymore.9.8https://nvd.nist.gov/vuln/detail/CVE-2020-25226
CVE-2021-27198An issue was discovered in Visualware MyConnection Server before v11.1a. Unauthenticated Remote Code Execution can occur via Arbitrary File Upload in the web service when using a myspeed/sf?filename= URI. This application is written in Java and is thus cross-platform. The Windows installation runs as SYSTEM, which means that exploitation gives one Administrator privileges on the target system.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-27198
CVE-2021-21513Dell EMC OpenManage Server Administrator (OMSA) version 9.5 Microsoft Windows installations with Distributed Web Server (DWS) enabled configuration contains an authentication bypass vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to gain admin access on the affected system.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-21513
CVE-2021-26894Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26877, CVE-2021-26893, CVE-2021-26895, CVE-2021-26897.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-26894
CVE-2021-26897Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26877, CVE-2021-26893, CVE-2021-26894, CVE-2021-26895.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-26897
CVE-2021-28305An issue was discovered in the diesel crate before 1.4.6 for Rust. There is a use-after-free in the SQLite backend because the semantics of sqlite3_column_name are not followed.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-28305
CVE-2021-29012DMA Softlab Radius Manager 4.4.0 assigns the same session cookie to every admin session. The cookie is valid when the admin is logged in, but is invalid (temporarily) during times when the admin is logged out. In other words, the cookie is functionally equivalent to a static password, and thus provides permanent access if stolen.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-29012
CVE-2021-29003Genexis PLATINUM 4410 2.1 P4410-V2-1.28 devices allow remote attackers to execute arbitrary code via shell metacharacters to sys_config_valid.xgi, as demonstrated by the sys_config_valid.xgi?exeshell=%60telnetd%20%26%60 URI.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-29003
CVE-2021-27905The ReplicationHandler (normally registered at "/replication" under a Solr core) in Apache Solr has a "masterUrl" (also "leaderUrl" alias) parameter that is used to designate another ReplicationHandler on another Solr core to replicate index data into the local core. To prevent a SSRF vulnerability, Solr ought to check these parameters against a similar configuration it uses for the "shards" parameter. Prior to this bug getting fixed, it did not. This problem affects essentially all Solr versions prior to it getting fixed in 8.8.2.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-27905
CVE-2021-25668A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT PRO (All versions < 5.5.1), SCALANCE X202-2 IRT (All versions < 5.5.1), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All versions < 5.5.1), SCALANCE X202-2P IRT PRO (All versions < 5.5.1), SCALANCE X204 IRT (All versions < 5.5.1), SCALANCE X204 IRT PRO (All versions < 5.5.1), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS (All versions < V5.2.5), SCALANCE X206-1 (All versions < V5.2.5), SCALANCE X206-1LD (All versions < V5.2.5), SCALANCE X208 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208PRO (All versions < V5.2.5), SCALANCE X212-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X212-2LD (All versions < V5.2.5), SCALANCE X216 (All versions < V5.2.5), SCALANCE X224 (All versions < V5.2.5), SCALANCE XF201-3P IRT (All versions < 5.5.1), SCALANCE XF202-2P IRT (All versions < 5.5.1), SCALANCE XF204 (All versions < V5.2.5), SCALANCE XF204 IRT (All versions < 5.5.1), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE XF204-2BA IRT (All versions < 5.5.1), SCALANCE XF206-1 (All versions < V5.2.5), SCALANCE XF208 (All versions < V5.2.5). Incorrect processing of POST requests in the webserver may result in write out of bounds in heap. An attacker might leverage this to cause denial-of-service on the device and potentially remotely execute code.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-25668
CVE-2021-25669A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT PRO (All versions < 5.5.1), SCALANCE X202-2 IRT (All versions < 5.5.1), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All versions < 5.5.1), SCALANCE X202-2P IRT PRO (All versions < 5.5.1), SCALANCE X204 IRT (All versions < 5.5.1), SCALANCE X204 IRT PRO (All versions < 5.5.1), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS (All versions < V5.2.5), SCALANCE X206-1 (All versions < V5.2.5), SCALANCE X206-1LD (All versions < V5.2.5), SCALANCE X208 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208PRO (All versions < V5.2.5), SCALANCE X212-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X212-2LD (All versions < V5.2.5), SCALANCE X216 (All versions < V5.2.5), SCALANCE X224 (All versions < V5.2.5), SCALANCE XF201-3P IRT (All versions < 5.5.1), SCALANCE XF202-2P IRT (All versions < 5.5.1), SCALANCE XF204 (All versions < V5.2.5), SCALANCE XF204 IRT (All versions < 5.5.1), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE XF204-2BA IRT (All versions < 5.5.1), SCALANCE XF206-1 (All versions < V5.2.5), SCALANCE XF208 (All versions < V5.2.5). Incorrect processing of POST requests in the web server may write out of bounds in stack. An attacker might leverage this to denial-of-service of the device or remote code execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-25669
CVE-2021-27384A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\" & 15\\" (incl. SIPLUS variants) (All versions < V15 SP1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\" & 15\\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\" - 22\\" (incl. SIPLUS variants) (All versions < V15 SP1 Update 6), SIMATIC HMI Comfort Panels V16 4\\" - 22\\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15 SP1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15 SP1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has an out-of-bounds memory access vulnerability in the device layout handler, represented by a binary data stream on client side, which can potentially result in code execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-27384
CVE-2020-23790An Arbitrary File Upload vulnerability was discovered in the Golo Laravel theme v 1.1.5.9.8https://nvd.nist.gov/vuln/detail/CVE-2020-23790
CVE-2021-21985The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-21985
CVE-2020-15782A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.5.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.9.2), SIMATIC S7-1500 Software Controller (All versions < V21.9), SIMATIC S7-PLCSIM Advanced (All versions < V4.0), SINAMICS PERFECT HARMONY GH180 Drives (Drives manufactured before 2021-08-13), SINUMERIK MC (All versions < V6.15), SINUMERIK ONE (All versions < V6.15). Affected devices are vulnerable to a memory protection bypass through a specific operation. A remote unauthenticated attacker with network access to port 102/tcp could potentially write arbitrary data and code to protected memory areas or read sensitive data to launch further attacks.9.8https://nvd.nist.gov/vuln/detail/CVE-2020-15782
CVE-2021-26707The merge-deep library before 3.0.3 for Node.js can be tricked into overwriting properties of Object.prototype or adding new properties to it. These properties are then inherited by every object in the program, thus facilitating prototype-pollution attacks against applications using this library.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-26707
CVE-2020-18667SQL Injection vulnerability in WebPort <=1.19.1 via the new connection, parameter name in type-conn.9.8https://nvd.nist.gov/vuln/detail/CVE-2020-18667
CVE-2021-35048Vulnerability in Fidelis Network and Deception CommandPost enables unauthenticated SQL injection through the web interface. The vulnerability could lead to exposure of authentication tokens in some versions of Fidelis software. The vulnerability is present in Fidelis Network and Deception versions prior to 9.3.7 and in version 9.4. Patches and updates are available to address this vulnerability.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-35048
CVE-2021-34427In Eclipse BIRT versions 4.8.0 and earlier, an attacker can use query parameters to create a JSP file which is accessible from remote (current BIRT viewer dir) to inject JSP code into the running instance.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-34427
CVE-2021-25211Arbitrary file upload vulnerability in SourceCodester Ordering System v 1.0 allows attackers to execute arbitrary code, via the file upload to ordering\\admin\\products\\edit.php.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-25211
CVE-2021-25207Arbitrary file upload vulnerability in SourceCodester E-Commerce Website v 1.0 allows attackers to execute arbitrary code via the file upload to prodViewUpdate.php.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-25207
CVE-2021-25206Arbitrary file upload vulnerability in SourceCodester Responsive Ordering System v 1.0 allows attackers to execute arbitrary code via the file upload to Product_model.php.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-25206
CVE-2021-25208Arbitrary file upload vulnerability in SourceCodester Travel Management System v 1.0 allows attackers to execute arbitrary code via the file upload to updatepackage.php.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-25208
CVE-2021-38173Btrbk before 0.31.2 allows command execution because of the mishandling of remote hosts filtering SSH commands using ssh_filter_btrbk.sh in authorized_keys.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-38173
CVE-2021-26084In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-26084
CVE-2021-34646Versions up to, and including, 5.4.3, of the Booster for WooCommerce WordPress plugin are vulnerable to authentication bypass via the process_email_verification function due to a random token generation weakness in the reset_and_mail_activation_link function found in the ~/includes/class-wcj-emails-verification.php file. This allows attackers to impersonate users and trigger an email address verification for arbitrary accounts, including administrative accounts, and automatically be logged in as that user, including any site administrators. This requires the Email Verification module to be active in the plugin and the Login User After Successful Verification setting to be enabled, which it is by default.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-34646
CVE-2021-37421Zoho ManageEngine ADSelfService Plus 6103 and prior is vulnerable to admin portal access-restriction bypass.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-37421
CVE-2021-39177Geyser is a bridge between Minecraft: Bedrock Edition and Minecraft: Java Edition. Versions of Geyser prior to 1.4.2-SNAPSHOT allow anyone that can connect to the server to forge a LoginPacket with manipulated JWT token allowing impersonation as any user. Version 1.4.2-SNAPSHOT contains a patch for the issue. There are no known workarounds aside from upgrading.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-39177
CVE-2021-36356KRAMER VIAware through August 2021 allows remote attackers to execute arbitrary code because ajaxPages/writeBrowseFilePathAjax.php accepts arbitrary executable pathnames (even though browseSystemFiles.php is no longer reachable via the GUI). NOTE: this issue exists because of an incomplete fix for CVE-2019-17124.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-36356
CVE-2021-38145An issue was discovered in Form Tools through 3.0.20. SQL Injection can occur via the export_group_id field when a low-privileged user (client) tries to export a form with data, e.g., manipulation of modules/export_manager/export.php?export_group_id=1&export_group_1_results=all&export_type_id=1.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-38145
CVE-2021-34565In PEPPERL+FUCHS WirelessHART-Gateway 3.0.7 to 3.0.9 the SSH and telnet services are active with hard-coded credentials.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-34565
CVE-2021-21811A memory corruption vulnerability exists in the XML-parsing CreateLabelOrAttrib functionality of AT&T Labs’ Xmill 0.7. A specially crafted XML file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-21811
CVE-2021-22002VMware Workspace ONE Access and Identity Manager, allow the /cfg web app and diagnostic endpoints, on port 8443, to be accessed via port 443 using a custom host header. A malicious actor with network access to port 443 could tamper with host headers to facilitate access to the /cfg web app, in addition a malicious actor could access /cfg diagnostic endpoints without authentication.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-22002
CVE-2021-40353A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as the application database. An attacker can then issue the SQL command through the index.php USERNAME parameter. NOTE: this issue may exist because of an incomplete fix for CVE-2020-6637.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-40353
CVE-2021-37415Zoho ManageEngine ServiceDesk Plus before 11302 is vulnerable to authentication bypass that allows a few REST-API URLs without authentication.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-37415
CVE-2021-39377A SQL Injection vulnerability exists in openSIS 8.0 when MySQL (MariaDB) is being used as the application database. A malicious attacker can issue SQL commands to the MySQL (MariaDB) database through the index.php username parameter.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-39377
CVE-2021-39378A SQL Injection vulnerability exists in openSIS 8.0 when MySQL (MariaDB) is being used as the application database. A malicious attacker can issue SQL commands to the MySQL (MariaDB) database through the NamesList.php str parameter.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-39378
CVE-2021-39379A SQL Injection vulnerability exists in openSIS 8.0 when MySQL (MariaDB) is being used as the application database. A malicious attacker can issue SQL commands to the MySQL (MariaDB) database through the ResetUserInfo.php password_stn_id parameter.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-39379
CVE-2021-23427This affects all versions of package elFinder.NetCore. The ExtractAsync function within the FileSystem is vulnerable to arbitrary extraction due to insufficient validation.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-23427
CVE-2021-23428This affects all versions of package elFinder.NetCore. The Path.Combine(...) method is used to create an absolute file path. Due to missing sanitation of the user input and a missing check of the generated path its possible to escape the Files directory via path traversal9.8https://nvd.nist.gov/vuln/detail/CVE-2021-23428
CVE-2021-36020Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an XML Injection vulnerability in the 'City' field. An unauthenticated attacker can trigger a specially crafted script to achieve remote code execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-36020
CVE-2021-40350webctrl.cgi.elf on Christie Digital DWU850-GS V06.46 devices allows attackers to perform any desired action via a crafted query containing an unspecified Cookie header. Authentication bypass can be achieved by including an administrative cookie that the device does not validate.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-40350
CVE-2021-23436This affects the package immer before 9.0.6. A type confusion vulnerability can lead to a bypass of CVE-2020-28477 when the user-provided keys used in the path parameter are arrays. In particular, this bypass is possible because the condition (p === "__proto__" || p === "constructor") in applyPatches_ returns false if p is ['__proto__'] (or ['constructor']). The === operator (strict equality operator) returns false if the operands have different type.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-23436
CVE-2021-23438This affects the package mpath before 0.8.4. A type confusion vulnerability can lead to a bypass of CVE-2018-16490. In particular, the condition ignoreProperties.indexOf(parts[i]) !== -1 returns -1 if parts[i] is ['__proto__']. This is because the method that has been called if the input is an array is Array.prototype.indexOf() and not String.prototype.indexOf(). They behave differently depending on the type of the input.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-23438
CVE-2021-34746A vulnerability in the TACACS+ authentication, authorization and accounting (AAA) feature of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote attacker to bypass authentication and log in to an affected device as an administrator. This vulnerability is due to incomplete validation of user-supplied input that is passed to an authentication script. An attacker could exploit this vulnerability by injecting parameters into an authentication request. A successful exploit could allow the attacker to bypass authentication and log in as an administrator to the affected device.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-34746
CVE-2021-3757immer is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')9.8https://nvd.nist.gov/vuln/detail/CVE-2021-3757
CVE-2019-10095bash command injection vulnerability in Apache Zeppelin allows an attacker to inject system commands into Spark interpreter settings. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions.9.8https://nvd.nist.gov/vuln/detail/CVE-2019-10095
CVE-2020-18048An issue in craigms/main.php of CraigMS 1.0 allows attackers to execute arbitrary commands via a crafted input entered into the DB Name field.9.8https://nvd.nist.gov/vuln/detail/CVE-2020-18048
CVE-2021-34436In Eclipse Theia 0.1.1 to 0.2.0, it is possible to exploit the default build to obtain remote code execution (and XXE) via the theia-xml-extension. This extension uses lsp4xml (recently renamed to LemMinX) in order to provide language support for XML. This is installed by default.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-34436
CVE-2021-40494A Hardcoded JWT Secret Key in metadata.py in AdaptiveScale LXDUI through 2.1.3 allows attackers to gain admin access to the host system.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-40494
CVE-2021-3766objection.js is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')9.8https://nvd.nist.gov/vuln/detail/CVE-2021-3766
CVE-2021-40531Sketch before 75 mishandles external library feeds.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-40531
CVE-2021-40532Telegram Web K Alpha before 0.7.2 mishandles the characters in a document extension.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-40532
CVE-2021-40540ulfius_uri_logger in Ulfius HTTP Framework before 2.7.4 omits con_info initialization and a con_info->request NULL check for certain malformed HTTP requests.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-40540
CVE-2021-38840SQL Injection can occur in Simple Water Refilling Station Management System 1.0 via the water_refilling/classes/Login.php username parameter.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-38840
CVE-2021-36163In Apache Dubbo, users may choose to use the Hessian protocol. The Hessian protocol is implemented on top of HTTP and passes the body of a POST request directly to a HessianSkeleton: New HessianSkeleton are created without any configuration of the serialization factory and therefore without applying the dubbo properties for applying allowed or blocked type lists. In addition, the generic service is always exposed and therefore attackers do not need to figure out a valid service/method name pair. This is fixed in 2.7.13, 2.6.10.19.8https://nvd.nist.gov/vuln/detail/CVE-2021-36163
CVE-2021-37716A remote buffer overflow vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.2, 8.6.0.8, 8.5.0.12, 8.3.0.15. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address this security vulnerability.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-37716
CVE-2021-40539Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API authentication bypass with resultant remote code execution.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-40539
CVE-2021-35946A receiver of a federated share with access to the database with ownCloud version before 10.8 could update the permissions and therefore elevate their own permissions.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-35946
CVE-2021-39497eyoucms 1.5.4 lacks sanitization of input data, allowing an attacker to inject a url to trigger blind SSRF via the saveRemote() function.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-39497
CVE-2021-32802Nextcloud server is an open source, self hosted personal cloud. Nextcloud supports rendering image previews for user provided file content. For some image types, the Nextcloud server was invoking a third-party library that wasn't suited for untrusted user-supplied content. There are several security concerns with passing user-generated content to this library, such as Server-Side-Request-Forgery, file disclosure or potentially executing code on the system. The risk depends on your system configuration and the installed library version. It is recommended that the Nextcloud Server is upgraded to 20.0.12, 21.0.4 or 22.1.0. These versions do not use this library anymore. As a workaround users may disable previews by setting `enable_previews` to `false` in `config.php`.9.8https://nvd.nist.gov/vuln/detail/CVE-2021-32802
CVE-2020-19853BlueCMS v1.6 contains a SQL injection vulnerability via /ad_js.php.9.8https://nvd.nist.gov/vuln/detail/CVE-2020-19853
CVE-2020-11264Improper authentication of Non-EAPOL/WAPI plaintext frames during four-way handshake can lead to arbitrary network packet injection in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music9.8https://nvd.nist.gov/vuln/detail/CVE-2020-11264
CVE-2021-1916Possible buffer underflow due to lack of check for negative indices values when processing user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables9.8https://nvd.nist.gov/vuln/detail/CVE-2021-1916
CVE-2021-1919Integer underflow can occur when the RTCP length is lesser than than the actual blocks present in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables9.8https://nvd.nist.gov/vuln/detail/CVE-2021-1919
CVE-2021-1920Integer underflow can occur due to improper handling of incoming RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables9.8https://nvd.nist.gov/vuln/detail/CVE-2021-1920
CVE-2021-1972Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking9.8https://nvd.nist.gov/vuln/detail/CVE-2021-1972
CVE-2017-5053An out-of-bounds read in V8 in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page, related to Array.prototype.indexOf.9.6https://nvd.nist.gov/vuln/detail/CVE-2017-5053
CVE-2019-5759Incorrect lifetime handling in HTML select elements in Google Chrome on Android and Mac prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.9.6https://nvd.nist.gov/vuln/detail/CVE-2019-5759
CVE-2019-20374A mutation cross-site scripting (XSS) issue in Typora through 0.9.9.31.2 on macOS and through 0.9.81 on Linux leads to Remote Code Execution through Mermaid code blocks. To exploit this vulnerability, one must open a file in Typora. The XSS vulnerability is then triggered due to improper HTML sanitization. Given that the application is based on the Electron framework, the XSS leads to remote code execution in an unsandboxed environment.9.6https://nvd.nist.gov/vuln/detail/CVE-2019-20374
CVE-2021-21142Use after free in Payments in Google Chrome on Mac prior to 88.0.4324.146 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.9.6https://nvd.nist.gov/vuln/detail/CVE-2021-21142
CVE-2021-30571Insufficient policy enforcement in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page.9.6https://nvd.nist.gov/vuln/detail/CVE-2021-30571
CVE-2021-35222This vulnerability allows attackers to impersonate users and perform arbitrary actions leading to a Remote Code Execution (RCE) from the Alerts Settings page.9.6https://nvd.nist.gov/vuln/detail/CVE-2021-35222
CVE-2021-22943A vulnerability found in UniFi Protect application V1.18.1 and earlier permits a malicious actor who has already gained access to a network to subsequently control the Protect camera(s) assigned to said network. This vulnerability is fixed in UniFi Protect application V1.19.0 and later.9.6https://nvd.nist.gov/vuln/detail/CVE-2021-22943
CVE-2015-7921The FTP server in Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV before 4.05.000, PFXEXEDLS before 4.05.000, and PFXEXGRPLS before 4.05.000 has hardcoded credentials, which makes it easier for remote attackers to bypass authentication by leveraging knowledge of these credentials.9.1https://nvd.nist.gov/vuln/detail/CVE-2015-7921
CVE-2016-6269Multiple directory traversal vulnerabilities in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allow remote attackers to read and delete arbitrary files via the tmpfname parameter to (1) log_mgt_adhocquery_ajaxhandler.php, (2) log_mgt_ajaxhandler.php, (3) log_mgt_ajaxhandler.php or (4) tf parameter to wcs_bwlists_handler.php.9.1https://nvd.nist.gov/vuln/detail/CVE-2016-6269
CVE-2018-9109Studio 42 elFinder before 2.1.36 has a directory traversal vulnerability in elFinder.class.php with the zipdl() function that can allow a remote attacker to download files accessible by the web server process and delete files owned by the account running the web server process.9.1https://nvd.nist.gov/vuln/detail/CVE-2018-9109
CVE-2018-9110Studio 42 elFinder before 2.1.37 has a directory traversal vulnerability in elFinder.class.php with the zipdl() function that can allow a remote attacker to download files accessible by the web server process and delete files owned by the account running the web server process. NOTE: this issue exists because of an incomplete fix for CVE-2018-9109.9.1https://nvd.nist.gov/vuln/detail/CVE-2018-9110
CVE-2019-6143Forcepoint Next Generation Firewall (Forcepoint NGFW) 6.4.x before 6.4.7, 6.5.x before 6.5.4, and 6.6.x before 6.6.2 has a serious authentication vulnerability that potentially allows unauthorized users to bypass password authentication and access services protected by the NGFW Engine. The vulnerability affects the following NGFW features when the LDAP authentication method is used as the backend authentication: IPsec VPN, SSL VPN or Browser-based user authentication. The vulnerability does not apply when any other backend authentication is used. The RADIUS authentication method is not vulnerable, for example.9.1https://nvd.nist.gov/vuln/detail/CVE-2019-6143
CVE-2016-5202browser/extensions/api/dial/dial_registry.cc in Google Chrome before 54.0.2840.98 on macOS, before 54.0.2840.99 on Windows, and before 54.0.2840.100 on Linux neglects to copy a device ID before an erase() call, which causes the erase operation to access data that that erase operation will destroy.9.1https://nvd.nist.gov/vuln/detail/CVE-2016-5202
CVE-2019-20444HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or might be interpreted as an "invalid fold."9.1https://nvd.nist.gov/vuln/detail/CVE-2019-20444
CVE-2019-20445HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header.9.1https://nvd.nist.gov/vuln/detail/CVE-2019-20445
CVE-2020-11580An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, accepts an arbitrary SSL certificate.9.1https://nvd.nist.gov/vuln/detail/CVE-2020-11580
CVE-2019-19106Improper implementation of Access Control in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway allows an unauthorized user to access data marked as restricted, such as viewing or editing user profiles and application settings.9.1https://nvd.nist.gov/vuln/detail/CVE-2019-19106
CVE-2021-32925admin/user_import.php in Chamilo 1.11.x reads XML data without disabling the ability to load external entities.9.1https://nvd.nist.gov/vuln/detail/CVE-2021-32925
CVE-2021-38621The remove API in v1/controller/cloudStorage/alibabaCloud/remove/index.ts in netless Agora Flat Server before 2021-07-30 mishandles file ownership.9.1https://nvd.nist.gov/vuln/detail/CVE-2021-38621
CVE-2020-20495bludit v3.13.0 contains an arbitrary file deletion vulnerability in the backup plugin via the `deleteBackup' parameter.9.1https://nvd.nist.gov/vuln/detail/CVE-2020-20495
CVE-2020-19751An issue was discovered in gpac 0.8.0. The gf_odf_del_ipmp_tool function in odf_code.c has a heap-based buffer over-read.9.1https://nvd.nist.gov/vuln/detail/CVE-2020-19751

OTHER VULNERABILITIES
CVE NumberDescriptionBase ScoreReference
CVE-2016-2290Heap-based buffer overflow in Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV before 4.05.000, PFXEXEDLS before 4.05.000, and PFXEXGRPLS before 4.05.000 allows remote attackers to execute arbitrary code via unspecified vectors.8.8https://nvd.nist.gov/vuln/detail/CVE-2016-2290
CVE-2016-1391Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(2) and Prime Virtual Network Analysis Module (vNAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(2) allow remote authenticated users to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID CSCuy21889.8.8https://nvd.nist.gov/vuln/detail/CVE-2016-1391
CVE-2015-8157SQL injection vulnerability in the Management Server in Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x before 1.0 MP5, Embedded Security: Critical System Protection for Controllers and Devices (SES:CSP) 6.5.0 before MP1, Critical System Protection (SCSP) before 5.2.9 MP6, Data Center Security: Server Advanced Server (DCS:SA) 6.x before 6.5 MP1 and 6.6 before MP1, and Data Center Security: Server Advanced Server and Agents (DCS:SA) through 6.6 MP1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.8.8https://nvd.nist.gov/vuln/detail/CVE-2015-8157
CVE-2016-5851python-docx before 0.8.6 allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted document.8.8https://nvd.nist.gov/vuln/detail/CVE-2016-5851
CVE-2016-6266ccca_ajaxhandler.php in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) host or (2) apikey parameter in a register action, (3) enable parameter in a save_stting action, or (4) host or (5) apikey parameter in a test_connection action.8.8https://nvd.nist.gov/vuln/detail/CVE-2016-6266
CVE-2016-6267SnmpUtils in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) spare_Community, (2) spare_AllowGroupIP, or (3) spare_AllowGroupNetmask parameter to admin_notification.php.8.8https://nvd.nist.gov/vuln/detail/CVE-2016-6267
CVE-2016-6270The handle_certificate function in /vmi/manager/engine/management/commands/apns_worker.py in Trend Micro Virtual Mobile Infrastructure before 5.1 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the password to api/v1/cfg/oauth/save_identify_pfx/.8.8https://nvd.nist.gov/vuln/detail/CVE-2016-6270
CVE-2017-2290On Windows installations of the mcollective-puppet-agent plugin, version 1.12.0, a non-administrator user can create an executable that will be executed with administrator privileges on the next "mco puppet" run. Puppet Enterprise users are not affected. This is resolved in mcollective-puppet-agent 1.12.1.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-2290
CVE-2017-3854A vulnerability in the mesh code of Cisco Wireless LAN Controller (WLC) software could allow an unauthenticated, remote attacker to impersonate a WLC in a meshed topology. The vulnerability is due to insufficient authentication of the parent access point in a mesh configuration. An attacker could exploit this vulnerability by forcing the target system to disconnect from the correct parent access point and reconnect to a rogue access point owned by the attacker. An exploit could allow the attacker to control the traffic flowing through the impacted access point or take full control of the target system. This vulnerability affects the following products running a vulnerable version of Wireless LAN Controller software and configured for meshed mode: Cisco 8500 Series Wireless Controller, Cisco 5500 Series Wireless Controller, Cisco 2500 Series Wireless Controller, Cisco Flex 7500 Series Wireless Controller, Cisco Virtual Wireless Controller, Wireless Services Module 2 (WiSM2). Note that additional configuration is needed in addition to upgrading to a fixed release. Cisco Bug IDs: CSCuc98992 CSCuu14804.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-3854
CVE-2016-10273Multiple stack buffer overflow vulnerabilities in Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. 3), Air:Link 5000AC (AL5000AC) version 1.13, and Air:Link 59300 (AL59300) version 1.04 (Rev. 4) devices allow remote attackers to execute arbitrary code or crash the web service via the (1) ateFunc, (2) ateGain, (3) ateTxCount, (4) ateChan, (5) ateRate, (6) ateMacID, (7) e2pTxPower1, (8) e2pTxPower2, (9) e2pTxPower3, (10) e2pTxPower4, (11) e2pTxPower5, (12) e2pTxPower6, (13) e2pTxPower7, (14) e2pTx2Power1, (15) e2pTx2Power2, (16) e2pTx2Power3, (17) e2pTx2Power4, (18) e2pTx2Power5, (19) e2pTx2Power6, (20) e2pTx2Power7, (21) ateTxFreqOffset, (22) ateMode, (23) ateBW, (24) ateAntenna, (25) e2pTxFreqOffset, (26) e2pTxPwDeltaB, (27) e2pTxPwDeltaG, (28) e2pTxPwDeltaMix, (29) e2pTxPwDeltaN, and (30) readE2P parameters of the /goform/formWlanMP endpoint.8.8https://nvd.nist.gov/vuln/detail/CVE-2016-10273
CVE-2015-2889Summer Baby Zoom Wifi Monitor & Internet Viewing System allows remote attackers to gain privileges via manual entry of a Settings URL.8.8https://nvd.nist.gov/vuln/detail/CVE-2015-2889
CVE-2015-6028Castle Rock Computing SNMPc before 2015-12-17 has SQL injection via the sc parameter.8.8https://nvd.nist.gov/vuln/detail/CVE-2015-6028
CVE-2017-5156A Cross-Site Request Forgery issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior. The client request may be forged from a different site. This will allow an external site to access internal RDP systems on behalf of the currently logged in user.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-5156
CVE-2017-5029The xsltAddTextString function in transform.c in libxslt 1.1.29, as used in Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android, lacked a check for integer overflow during a size calculation, which allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-5029
CVE-2017-5030Incorrect handling of complex species in V8 in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac and 57.0.2987.108 for Android allowed a remote attacker to execute arbitrary code via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-5030
CVE-2017-5036A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to have an unspecified impact via a crafted PDF file.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-5036
CVE-2017-5037An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-5037
CVE-2017-5039A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-5039
CVE-2017-5043Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac had a use after free bug in GuestView, which allowed a remote attacker to perform an out of bounds memory read via a crafted Chrome extension.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-5043
CVE-2017-5047An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-5047
CVE-2017-5048An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-5048
CVE-2017-5049An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-5049
CVE-2017-5050An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-5050
CVE-2017-5051An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-5051
CVE-2017-9033Cross-site request forgery (CSRF) vulnerability in Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows remote attackers to hijack the authentication of users for requests to start an update from an arbitrary source via a crafted request to SProtectLinux/scanoption_set.cgi, related to the lack of anti-CSRF tokens.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-9033
CVE-2017-5528Multiple JasperReports Server components contain vulnerabilities which may allow authorized users to perform cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks. The impact of this vulnerability includes the theoretical disclosure of sensitive information. Affects TIBCO JasperReports Server (versions 6.1.1 and below, 6.2.0, 6.2.1, and 6.3.0), TIBCO JasperReports Server Community Edition (versions 6.3.0 and below), TIBCO JasperReports Server for ActiveMatrix BPM (versions 6.2.0 and below), TIBCO Jaspersoft for AWS with Multi-Tenancy (versions 6.2.0 and below), and TIBCO Jaspersoft Reporting and Analytics for AWS (versions 6.2.0 and below).8.8https://nvd.nist.gov/vuln/detail/CVE-2017-5528
CVE-2017-2244Cross-site request forgery (CSRF) vulnerability in MFC-J960DWN firmware ver.D and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-2244
CVE-2017-9489The Comcast firmware on Cisco DPC3939B (firmware version dpc3939b-v303r204217-150321a-CMCST) devices allows configuration changes via CSRF.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-9489
CVE-2015-0853svn-workbench 1.6.2 and earlier on a system with xeyes installed allows local users to execute arbitrary commands by using the "Command Shell" menu item while in the directory trunk/$(xeyes).8.8https://nvd.nist.gov/vuln/detail/CVE-2015-0853
CVE-2016-0732The identity zones feature in Pivotal Cloud Foundry 208 through 229; UAA 2.0.0 through 2.7.3 and 3.0.0; UAA-Release 2 through 4, when configured with multiple identity zones; and Elastic Runtime 1.6.0 through 1.6.13 allows remote authenticated users with privileges in one zone to gain privileges and perform operations on a different zone via unspecified vectors.8.8https://nvd.nist.gov/vuln/detail/CVE-2016-0732
CVE-2017-8007In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) for SAS Solution Packs, the Webservice Gateway is affected by a directory traversal vulnerability. Attackers with knowledge of Webservice Gateway credentials could potentially exploit this vulnerability to access unauthorized information, and modify or delete data, by supplying specially crafted strings in input parameters of the web service call.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-8007
CVE-2017-5052An incorrect assumption about block structure in Blink in Google Chrome prior to 57.0.2987.133 for Mac, Windows, and Linux, and 57.0.2987.132 for Android, allowed a remote attacker to potentially exploit memory corruption via a crafted HTML page that triggers improper casting.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-5052
CVE-2017-5054An out-of-bounds read in V8 in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote attacker to obtain heap memory contents via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-5054
CVE-2017-5056A use after free in Blink in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-5056
CVE-2017-5057Type confusion in PDFium in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-5057
CVE-2017-5059Type confusion in Blink in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to potentially obtain code execution via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-5059
CVE-2017-5062A use after free in Chrome Apps in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to potentially perform out of bounds memory access via a crafted Chrome extension.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-5062
CVE-2017-5070Type confusion in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-5070
CVE-2017-5073Use after free in print preview in Blink in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-5073
CVE-2017-5077Insufficient validation of untrusted input in Skia in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-5077
CVE-2017-5078Insufficient validation of untrusted input in Blink's mailto: handling in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac allowed a remote attacker to perform command injection via a crafted HTML page, a similar issue to CVE-2004-0121. For example, characters such as * have an incorrect interaction with xdg-email in xdg-utils, and a space character can be used in front of a command-line argument.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-5078
CVE-2017-5087A use after free in Blink in Google Chrome prior to 59.0.3071.104 for Mac, Windows, and Linux, and 59.0.3071.117 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page, aka an IndexedDB sandbox escape.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-5087
CVE-2017-5088Insufficient validation of untrusted input in V8 in Google Chrome prior to 59.0.3071.104 for Mac, Windows, and Linux, and 59.0.3071.117 for Android, allowed a remote attacker to perform out of bounds memory access via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-5088
CVE-2017-5091A use after free in IndexedDB in Google Chrome prior to 60.0.3112.78 for Linux, Android, Windows, and Mac allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-5091
CVE-2017-5095Stack overflow in PDFium in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to potentially exploit stack corruption via a crafted PDF file.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-5095
CVE-2017-5098A use after free in V8 in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-5098
CVE-2017-5100A use after free in Apps in Google Chrome prior to 60.0.3112.78 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-5100
CVE-2017-5108Type confusion in PDFium in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to potentially maliciously modify objects via a crafted PDF file.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-5108
CVE-2017-5111A use after free in PDFium in Google Chrome prior to 61.0.3163.79 for Linux, Windows, and Mac allowed a remote attacker to potentially exploit memory corruption via a crafted PDF file.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-5111
CVE-2017-5113Math overflow in Skia in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-5113
CVE-2017-5114Inappropriate use of partition alloc in PDFium in Google Chrome prior to 61.0.3163.79 for Linux, Windows, and Mac, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit memory corruption via a crafted PDF file.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-5114
CVE-2017-5116Type confusion in V8 in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-5116
CVE-2017-5121Inappropriate use of JIT optimisation in V8 in Google Chrome prior to 61.0.3163.100 for Linux, Windows, and Mac allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page, related to the escape analysis phase.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-5121
CVE-2014-5070Symmetricom s350i 2.70.15 allows remote authenticated users to gain privileges via vectors related to pushing unauthenticated users to the login page.8.8https://nvd.nist.gov/vuln/detail/CVE-2014-5070
CVE-2018-7720A cross-site request forgery (CSRF) vulnerability exists in Western Bridge Cobub Razor 0.7.2 via /index.php?/user/createNewUser/, resulting in account creation.8.8https://nvd.nist.gov/vuln/detail/CVE-2018-7720
CVE-2018-7746An issue was discovered in Western Bridge Cobub Razor 0.7.2. Authentication is not required for /index.php?/manage/channel/modifychannel. For example, with a crafted channel name, stored XSS is triggered during a later /index.php?/manage/channel request by an admin.8.8https://nvd.nist.gov/vuln/detail/CVE-2018-7746
CVE-2018-0986A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption, aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability." This affects Windows Defender, Windows Intune Endpoint Protection, Microsoft Security Essentials, Microsoft System Center Endpoint Protection, Microsoft Exchange Server, Microsoft System Center, Microsoft Forefront Endpoint Protection.8.8https://nvd.nist.gov/vuln/detail/CVE-2018-0986
CVE-2018-4946Adobe Photoshop CC versions 19.1.3 and earlier, 18.1.3 and earlier, and 18.1.2 and earlier have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.8.8https://nvd.nist.gov/vuln/detail/CVE-2018-4946
CVE-2018-0387A vulnerability in Cisco Webex Teams (for Windows and macOS) could allow an unauthenticated, remote attacker to execute arbitrary code on the user's device, possibly with elevated privileges. The vulnerability occurs because Cisco Webex Teams does not properly sanitize input. An attacker could exploit the vulnerability by sending a user a malicious link and persuading the user to follow the link. A successful exploit could allow the attacker to execute arbitrary code on the user's system. Cisco Bug IDs: CSCvh66250.8.8https://nvd.nist.gov/vuln/detail/CVE-2018-0387
CVE-2017-2630A stack buffer overflow flaw was found in the Quick Emulator (QEMU) before 2.9 built with the Network Block Device (NBD) client support. The flaw could occur while processing server's response to a 'NBD_OPT_LIST' request. A malicious NBD server could use this issue to crash a remote NBD client resulting in DoS or potentially execute arbitrary code on client host with privileges of the QEMU process.8.8https://nvd.nist.gov/vuln/detail/CVE-2017-2630
CVE-2018-15139Unrestricted file upload in interface/super/manage_site_files.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary PHP code by uploading a file with a PHP extension via the images upload form and accessing it in the images directory.8.8https://nvd.nist.gov/vuln/detail/CVE-2018-15139
CVE-2018-0701BlueStacks App Player (BlueStacks App Player for Windows 3.0.0 to 4.31.55, BlueStacks App Player for macOS 2.0.0 and later) allows an attacker on the same network segment to bypass access restriction to gain unauthorized access.8.8https://nvd.nist.gov/vuln/detail/CVE-2018-0701
CVE-2018-2484SAP Enterprise Financial Services (fixed in SAPSCORE 1.13, 1.14, 1.15; S4CORE 1.01, 1.02, 1.03; EA-FINSERV 1.10, 2.0, 5.0, 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0; Bank/CFM 4.63_20) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.8.8https://nvd.nist.gov/vuln/detail/CVE-2018-2484
CVE-2018-6151Bad cast in DevTools in Google Chrome on Win, Linux, Mac, Chrome OS prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted Chrome Extension.8.8https://nvd.nist.gov/vuln/detail/CVE-2018-6151
CVE-2018-6162Improper deserialization in WebGL in Google Chrome on Mac prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2018-6162
CVE-2019-3495An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. network/mesh/edit-nds.php is vulnerable to arbitrary file upload, allowing an attacker to upload .php files and execute code on the server with root user privileges. Authentication for accessing this component can be bypassed by using Hard coded credentials.8.8https://nvd.nist.gov/vuln/detail/CVE-2019-3495
CVE-2019-3496An issue was discovered on Wifi-soft UniBox controller 3.x devices. The tools/controller/diagnostic_tools_controller Diagnostic Tools Controller is vulnerable to Remote Command Execution, allowing an attacker to execute arbitrary system commands on the server with root user privileges. Authentication for accessing this component can be bypassed by using Hard coded credentials.8.8https://nvd.nist.gov/vuln/detail/CVE-2019-3496
CVE-2019-3497An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. The tools/ping Ping feature of the Diagnostic Tools component is vulnerable to Remote Command Execution, allowing an attacker to execute arbitrary system commands on the server with root user privileges. Authentication for accessing this component can be bypassed by using Hard coded credentials.8.8https://nvd.nist.gov/vuln/detail/CVE-2019-3497
CVE-2019-6140A configuration issue has been discovered in Forcepoint Email Security 8.4.x and 8.5.x: the product is left in a vulnerable state if the hybrid registration process is not completed.8.8https://nvd.nist.gov/vuln/detail/CVE-2019-6140
CVE-2019-1724A vulnerability in the session management functionality of the web-based interface for Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to hijack a valid user session on an affected system. An attacker could use this impersonated session to create a new user account or otherwise control the device with the privileges of the hijacked session. The vulnerability is due to a lack of proper session management controls. An attacker could exploit this vulnerability by sending a crafted HTTP request to a targeted device. A successful exploit could allow the attacker to take control of an existing user session on the device. Exploitation of the vulnerability requires that an authorized user session is active and that the attacker can craft an HTTP request to impersonate that session.8.8https://nvd.nist.gov/vuln/detail/CVE-2019-1724
CVE-2019-7842Adobe Media Encoder version 13.0.2 has a use-after-free vulnerability. Successful exploitation could lead to remote code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2019-7842
CVE-2019-7041Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a security bypass vulnerability. Successful exploitation could lead to privilege escalation.8.8https://nvd.nist.gov/vuln/detail/CVE-2019-7041
CVE-2019-7042Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .8.8https://nvd.nist.gov/vuln/detail/CVE-2019-7042
CVE-2019-7043Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .8.8https://nvd.nist.gov/vuln/detail/CVE-2019-7043
CVE-2019-7044Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .8.8https://nvd.nist.gov/vuln/detail/CVE-2019-7044
CVE-2019-7048Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .8.8https://nvd.nist.gov/vuln/detail/CVE-2019-7048
CVE-2019-7845Adobe Flash Player versions 32.0.0.192 and earlier, 32.0.0.192 and earlier, and 32.0.0.192 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2019-7845
CVE-2019-8008Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .8.8https://nvd.nist.gov/vuln/detail/CVE-2019-8008
CVE-2019-8013Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .8.8https://nvd.nist.gov/vuln/detail/CVE-2019-8013
CVE-2019-8014Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution .8.8https://nvd.nist.gov/vuln/detail/CVE-2019-8014
CVE-2019-8019Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution .8.8https://nvd.nist.gov/vuln/detail/CVE-2019-8019
CVE-2019-8033Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .8.8https://nvd.nist.gov/vuln/detail/CVE-2019-8033
CVE-2019-8034Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .8.8https://nvd.nist.gov/vuln/detail/CVE-2019-8034
CVE-2019-8038Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .8.8https://nvd.nist.gov/vuln/detail/CVE-2019-8038
CVE-2019-8039Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .8.8https://nvd.nist.gov/vuln/detail/CVE-2019-8039
CVE-2019-8057Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .8.8https://nvd.nist.gov/vuln/detail/CVE-2019-8057
CVE-2019-7976Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2019-7976
CVE-2019-7978Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2019-7978
CVE-2019-7979Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2019-7979
CVE-2019-7980Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2019-7980
CVE-2019-7982Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2019-7982
CVE-2019-7983Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2019-7983
CVE-2019-7984Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2019-7984
CVE-2019-7985Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2019-7985
CVE-2019-7986Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2019-7986
CVE-2019-7988Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2019-7988
CVE-2019-7989Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2019-7989
CVE-2019-7991Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak.8.8https://nvd.nist.gov/vuln/detail/CVE-2019-7991
CVE-2019-7994Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2019-7994
CVE-2019-7995Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak.8.8https://nvd.nist.gov/vuln/detail/CVE-2019-7995
CVE-2019-7996Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak.8.8https://nvd.nist.gov/vuln/detail/CVE-2019-7996
CVE-2019-6839A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could allow a user with low privileges to upload a rogue file.8.8https://nvd.nist.gov/vuln/detail/CVE-2019-6839
CVE-2019-8165Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .8.8https://nvd.nist.gov/vuln/detail/CVE-2019-8165
CVE-2019-8166Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have a buffer overrun vulnerability. Successful exploitation could lead to arbitrary code execution .8.8https://nvd.nist.gov/vuln/detail/CVE-2019-8166
CVE-2019-8170Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution .8.8https://nvd.nist.gov/vuln/detail/CVE-2019-8170
CVE-2019-8171Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .8.8https://nvd.nist.gov/vuln/detail/CVE-2019-8171
CVE-2019-8174Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .8.8https://nvd.nist.gov/vuln/detail/CVE-2019-8174
CVE-2019-8175Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .8.8https://nvd.nist.gov/vuln/detail/CVE-2019-8175
CVE-2019-8176Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .8.8https://nvd.nist.gov/vuln/detail/CVE-2019-8176
CVE-2019-8177Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .8.8https://nvd.nist.gov/vuln/detail/CVE-2019-8177
CVE-2019-8178Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .8.8https://nvd.nist.gov/vuln/detail/CVE-2019-8178
CVE-2019-8179Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .8.8https://nvd.nist.gov/vuln/detail/CVE-2019-8179
CVE-2019-8180Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .8.8https://nvd.nist.gov/vuln/detail/CVE-2019-8180
CVE-2019-8181Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .8.8https://nvd.nist.gov/vuln/detail/CVE-2019-8181
CVE-2019-8183Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution .8.8https://nvd.nist.gov/vuln/detail/CVE-2019-8183
CVE-2019-8191Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .8.8https://nvd.nist.gov/vuln/detail/CVE-2019-8191
CVE-2019-8192Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .8.8https://nvd.nist.gov/vuln/detail/CVE-2019-8192
CVE-2019-8203Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .8.8https://nvd.nist.gov/vuln/detail/CVE-2019-8203
CVE-2019-8204Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .8.8https://nvd.nist.gov/vuln/detail/CVE-2019-8204
CVE-2019-8208Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .8.8https://nvd.nist.gov/vuln/detail/CVE-2019-8208
CVE-2019-8209Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .8.8https://nvd.nist.gov/vuln/detail/CVE-2019-8209
CVE-2019-8210Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .8.8https://nvd.nist.gov/vuln/detail/CVE-2019-8210
CVE-2019-8217Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .8.8https://nvd.nist.gov/vuln/detail/CVE-2019-8217
CVE-2019-8219Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .8.8https://nvd.nist.gov/vuln/detail/CVE-2019-8219
CVE-2019-8223Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .8.8https://nvd.nist.gov/vuln/detail/CVE-2019-8223
CVE-2019-8224Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .8.8https://nvd.nist.gov/vuln/detail/CVE-2019-8224
CVE-2019-8225Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .8.8https://nvd.nist.gov/vuln/detail/CVE-2019-8225
CVE-2019-5858Incorrect security UI in MacOS services integration in Google Chrome on OS X prior to 76.0.3809.87 allowed a local attacker to execute arbitrary code via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2019-5858
CVE-2014-5086A Command Execution vulnerability exists in Sphider Pro, and Sphider Plus 3.2 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5086 pertains to instances of fwrite in Sphider Pro and Sphider Plus only, but don’t exist in Sphider.8.8https://nvd.nist.gov/vuln/detail/CVE-2014-5086
CVE-2020-6402Insufficient policy enforcement in downloads in Google Chrome on OS X prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension.8.8https://nvd.nist.gov/vuln/detail/CVE-2020-6402
CVE-2020-3757Adobe Flash Player versions 32.0.0.321 and earlier, 32.0.0.314 and earlier, 32.0.0.321 and earlier, and 32.0.0.255 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2020-3757
CVE-2020-9273In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel. This triggers a use-after-free in alloc_pool in pool.c, and possible remote code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2020-9273
CVE-2020-3802Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have a use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution .8.8https://nvd.nist.gov/vuln/detail/CVE-2020-3802
CVE-2020-3770Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have a buffer errors vulnerability. Successful exploitation could lead to arbitrary code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2020-3770
CVE-2020-3772Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have a buffer errors vulnerability. Successful exploitation could lead to arbitrary code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2020-3772
CVE-2020-3773Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2020-3773
CVE-2020-3774Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have a buffer errors vulnerability. Successful exploitation could lead to arbitrary code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2020-3774
CVE-2020-3776Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have a buffer errors vulnerability. Successful exploitation could lead to arbitrary code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2020-3776
CVE-2020-3779Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2020-3779
CVE-2020-3780Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have a buffer errors vulnerability. Successful exploitation could lead to arbitrary code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2020-3780
CVE-2020-3790Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2020-3790
CVE-2020-10264CB3 SW Version 3.3 and upwards, e-series SW Version 5.0 and upwards allow authenticated access to the RTDE (Real-Time Data Exchange) interface on port 30004 which allows setting registers, the speed slider fraction as well as digital and analog Outputs. Additionally unautheticated reading of robot data is also possible8.8https://nvd.nist.gov/vuln/detail/CVE-2020-10264
CVE-2020-11582An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, launches a TCP server that accepts local connections on a random port. This can be reached by local HTTP clients, because up to 25 invalid lines are ignored, and because DNS rebinding can occur. (This server accepts, for example, a setcookie command that might be relevant to CVE-2020-11581 exploitation.)8.8https://nvd.nist.gov/vuln/detail/CVE-2020-11582
CVE-2020-12427The Western Digital WD Discovery application before 3.8.229 for MyCloud Home on Windows and macOS is vulnerable to CSRF, with impacts such as stealing data, modifying disk contents, or exhausting disk space.8.8https://nvd.nist.gov/vuln/detail/CVE-2020-12427
CVE-2020-6496Use after free in payments in Google Chrome on MacOS prior to 83.0.4103.97 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2020-6496
CVE-2020-9746Adobe Flash Player version 32.0.0.433 (and earlier) are affected by an exploitable NULL pointer dereference vulnerability that could result in a crash and arbitrary code execution. Exploitation of this issue requires an attacker to insert malicious strings in an HTTP response that is by default delivered over TLS/SSL.8.8https://nvd.nist.gov/vuln/detail/CVE-2020-9746
CVE-2020-24678An authenticated user might execute malicious code under the user context and take control of the system. S+ Operations or S+ Historian database is affected by multiple vulnerabilities such as the possibility to allow remote authenticated users to gain high privileges.8.8https://nvd.nist.gov/vuln/detail/CVE-2020-24678
CVE-2020-16022Insufficient policy enforcement in networking in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially bypass firewall controls via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2020-16022
CVE-2021-21017Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a heap-based buffer overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-21017
CVE-2021-21021Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-21021
CVE-2021-21028Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-21028
CVE-2021-21033Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-21033
CVE-2021-21035Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-21035
CVE-2021-3518There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-3518
CVE-2021-32027A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-32027
CVE-2021-3491The io_uring subsystem in the Linux kernel allowed the MAX_RW_COUNT limit to be bypassed in the PROVIDE_BUFFERS operation, which led to negative values being usedin mem_rw when reading /proc/<PID>/mem. This could be used to create a heap overflow leading to arbitrary code execution in the kernel. It was addressed via commit d1f82808877b ("io_uring: truncate lengths larger than MAX_RW_COUNT on provide buffers") (v5.13-rc1) and backported to the stable kernels in v5.12.4, v5.11.21, and v5.10.37. It was introduced in ddf0322db79c ("io_uring: add IORING_OP_PROVIDE_BUFFERS") (v5.7-rc1).8.8https://nvd.nist.gov/vuln/detail/CVE-2021-3491
CVE-2021-26420Microsoft SharePoint Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31963, CVE-2021-31966.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-26420
CVE-2021-30547Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30547
CVE-2021-35047Vulnerability in the CommandPost, Collector, and Sensor components of Fidelis Network and Deception enables an attacker with user level access to the CLI to inject root level commands into the component and neighboring Fidelis components. The vulnerability is present in Fidelis Network and Deception versions prior to 9.3.7 and in version 9.4. Patches and updates are available to address this vulnerability.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-35047
CVE-2021-35049Vulnerability in Fidelis Network and Deception CommandPost enables authenticated command injection through the web interface. The vulnerability could allow a specially crafted HTTP request to execute system commands on the CommandPost and return results in an HTTP response in an authenticated session. The vulnerability is present in Fidelis Network and Deception versions prior to 9.3.7 and in version 9.4. Patches and updates are available to address this vulnerability.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-35049
CVE-2021-28562Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a Use After Free vulnerability when executing search queries through Javascript. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-28562
CVE-2021-1574Multiple vulnerabilities in the web-based management interface of Cisco Business Process Automation (BPA) could allow an authenticated, remote attacker to elevate privileges to Administrator. These vulnerabilities are due to improper authorization enforcement for specific features and for access to log files that contain confidential information. An attacker could exploit these vulnerabilities either by submitting crafted HTTP messages to an affected system and performing unauthorized actions with the privileges of an administrator, or by retrieving sensitive data from the logs and using it to impersonate a legitimate privileged user. A successful exploit could allow the attacker to elevate privileges to Administrator.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-1574
CVE-2021-3570A flaw was found in the ptp4l program of the linuxptp package. A missing length check when forwarding a PTP message between ports allows a remote attacker to cause an information leak, crash, or potentially remote code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. This flaw affects linuxptp versions before 3.1.1, before 2.0.1, before 1.9.3, before 1.8.1, before 1.7.1, before 1.6.1 and before 1.5.1.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-3570
CVE-2021-31894A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.X (All versions), SIMATIC PDM (All versions), SIMATIC STEP 7 V5.X (All versions < V5.7), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 SP2 HF1). A directory containing metafiles relevant to devices' configurations has write permissions. An attacker could leverage this vulnerability by changing the content of certain metafiles and subsequently manipulate parameters or behavior of devices that would be later configured by the affected software.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-31894
CVE-2021-31590PwnDoc all versions until 0.4.0 (2021-08-23) has incorrect JSON Webtoken handling, leading to incorrect access control. With a valid JSON Webtoken that is used for authentication and authorization, a user can keep his admin privileges even if he is downgraded to the "user" privilege. Even after a user's account is deleted, the user can still access the administration panel (and add or delete users) and has complete access to the system.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-31590
CVE-2021-30565Out of bounds write in Tab Groups in Google Chrome on Linux and ChromeOS prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory write via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30565
CVE-2021-30566Stack buffer overflow in Printing in Google Chrome prior to 92.0.4515.107 allowed a remote attacker who had compromised the renderer process to potentially exploit stack corruption via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30566
CVE-2021-30567Use after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to open DevTools to potentially exploit heap corruption via specific user gesture.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30567
CVE-2021-30568Heap buffer overflow in WebGL in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30568
CVE-2021-30569Use after free in sqlite in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30569
CVE-2021-30572Use after free in Autofill in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30572
CVE-2021-30573Use after free in GPU in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30573
CVE-2021-30574Use after free in protocol handling in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30574
CVE-2021-30575Out of bounds write in Autofill in Google Chrome prior to 92.0.4515.107 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30575
CVE-2021-30576Use after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30576
CVE-2021-30578Uninitialized use in Media in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30578
CVE-2021-30579Use after free in UI framework in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30579
CVE-2021-30581Use after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30581
CVE-2021-30585Use after free in sensor handling in Google Chrome on Windows prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30585
CVE-2021-30586Use after free in dialog box handling in Windows in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30586
CVE-2021-30588Type confusion in V8 in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30588
CVE-2021-34480Scripting Engine Memory Corruption Vulnerability8.8https://nvd.nist.gov/vuln/detail/CVE-2021-34480
CVE-2020-22403The express-cart package through 1.1.10 for Node.js allows CSRF.8.8https://nvd.nist.gov/vuln/detail/CVE-2020-22403
CVE-2021-39375Philips Healthcare Tasy Electronic Medical Record (EMR) 3.06 allows SQL injection via the WAdvancedFilter/getDimensionItemsByCode FilterValue parameter.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-39375
CVE-2021-30590Heap buffer overflow in Bookmarks in Google Chrome prior to 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30590
CVE-2021-30591Use after free in File System API in Google Chrome prior to 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30591
CVE-2021-30592Out of bounds write in Tab Groups in Google Chrome prior to 92.0.4515.131 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory write via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30592
CVE-2021-30598Type confusion in V8 in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30598
CVE-2021-30599Type confusion in V8 in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30599
CVE-2021-30600Use after free in Printing in Google Chrome prior to 92.0.4515.159 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30600
CVE-2021-30601Use after free in Extensions API in Google Chrome prior to 92.0.4515.159 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30601
CVE-2021-30602Use after free in WebRTC in Google Chrome prior to 92.0.4515.159 allowed an attacker who convinced a user to visit a malicious website to potentially exploit heap corruption via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30602
CVE-2021-30604Use after free in ANGLE in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30604
CVE-2021-39172Cachet is an open source status page system. Prior to version 2.5.1, authenticated users, regardless of their privileges (User or Admin), can exploit a new line injection in the configuration edition feature (e.g. mail settings) and gain arbitrary code execution on the server. This issue was addressed in version 2.5.1 by improving `UpdateConfigCommandHandler` and preventing the use of new lines characters in new configuration values. As a workaround, only allow trusted source IP addresses to access to the administration dashboard.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-39172
CVE-2021-39173Cachet is an open source status page system. Prior to version 2.5.1 authenticated users, regardless of their privileges (User or Admin), can trick Cachet and install the instance again, leading to arbitrary code execution on the server. This issue was addressed in version 2.5.1 by improving the middleware `ReadyForUse`, which now performs a stricter validation of the instance name. As a workaround, only allow trusted source IP addresses to access to the administration dashboard.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-39173
CVE-2021-39174Cachet is an open source status page system. Prior to version 2.5.1, authenticated users, regardless of their privileges (User or Admin), can leak the value of any configuration entry of the dotenv file, e.g. the application secret (`APP_KEY`) and various passwords (email, database, etc). This issue was addressed in version 2.5.1 by improving `UpdateConfigCommandHandler` and preventing the use of nested variables in the resulting dotenv configuration file. As a workaround, only allow trusted source IP addresses to access to the administration dashboard.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-39174
CVE-2021-37911The management interface of BenQ smart wireless conference projector does not properly control user's privilege. Attackers can access any system directory of this device through the interface and execute arbitrary commands if he enters the local subnetwork.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-37911
CVE-2021-39132Rundeck is an open source automation service with a web console, command line tools and a WebAPI. Prior to version 3.3.14 and version 3.4.3, an authorized user can upload a zip-format plugin with a crafted plugin.yaml, or a crafted aclpolicy yaml file, or upload an untrusted project archive with a crafted aclpolicy yaml file, that can cause the server to run untrusted code on Rundeck Community or Enterprise Edition. An authenticated user can make a POST request, that can cause the server to run untrusted code on Rundeck Enterprise Edition. The zip-format plugin issues requires authentication and authorization to these access levels, and affects all Rundeck editions:`admin` level access to the `system` resource type. The ACL Policy yaml file upload issues requires authentication and authorization to these access levels, and affects all Rundeck editions: `create` `update` or `admin` level access to a `project_acl` resource, and/or`create` `update` or `admin` level access to the `system_acl` resource. The unauthorized POST request requires authentication, but no specific authorization, and affects Rundeck Enterprise only. Patches are available in versions 3.4.3, 3.3.148.8https://nvd.nist.gov/vuln/detail/CVE-2021-39132
CVE-2021-34561In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.8 serious issue exists, if the application is not externally accessible or uses IP-based access restrictions. Attackers can use DNS Rebinding to bypass any IP or firewall based access restrictions that may be in place, by proxying through their target's browser.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-34561
CVE-2020-19047Cross Site Request Forgey (CSRF) in iWebShop v5.3 allows remote atatckers to execute arbitrary code via malicious POST request to the component '/index.php?controller=system&action=admin_edit_act'.8.8https://nvd.nist.gov/vuln/detail/CVE-2020-19047
CVE-2021-21677Jenkins Code Coverage API Plugin 1.4.0 and earlier does not apply Jenkins JEP-200 deserialization protection to Java objects it deserializes from disk, resulting in a remote code execution vulnerability.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-21677
CVE-2021-21678Jenkins SAML Plugin 2.0.7 and earlier allows attackers to craft URLs that would bypass the CSRF protection of any target URL in Jenkins.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-21678
CVE-2021-21679Jenkins Azure AD Plugin 179.vf6841393099e and earlier allows attackers to craft URLs that would bypass the CSRF protection of any target URL in Jenkins.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-21679
CVE-2021-35213An Improper Access Control Privilege Escalation Vulnerability was discovered in the User Setting of Orion Platform version 2020.2.5. It allows a guest user to elevate privileges to the Administrator using this vulnerability. Authentication is required to exploit the vulnerability.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-35213
CVE-2021-35223The Serv-U File Server allows for events such as user login failures to be audited by executing a command. This command can be supplied with parameters that can take the form of user string variables, allowing remote code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-35223
CVE-2021-35212An SQL injection Privilege Escalation Vulnerability was discovered in the Orion Platform reported by the ZDI Team. A blind Boolean SQL injection which could lead to full read/write over the Orion database content including the Orion certificate for any authenticated user.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-35212
CVE-2021-36231Deserialization of untrusted data in multiple functions in MIK.starlight 7.9.5.24363 allows authenticated remote attackers to execute operating system commands by crafting serialized objects.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-36231
CVE-2021-36232Improper Authorization in multiple functions in MIK.starlight 7.9.5.24363 allows an authenticated attacker to escalate privileges.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-36232
CVE-2021-39180OpenOLAT is a web-based learning management system (LMS). A path traversal vulnerability exists in versions prior to 15.3.18, 15.5.3, and 16.0.0. Using a specially prepared ZIP file, it is possible to overwrite any file that is writable by the application server user (e.g. the tomcat user). Depending on the configuration this can be limited to files of the OpenOlat user data directory, however, if not properly set up, the attack could also be used to overwrite application server config files, java code or even operating system files. The attack could be used to corrupt or modify any OpenOlat file such as course structures, config files or temporary test data. Those attack would require in-depth knowledge of the installation and thus more theoretical. If the app server configuration allows the execution of jsp files and the path to the context is known, it is also possible to execute java code. If the app server runs with the same user that is used to deploy the OpenOlat code or has write permissions on the OpenOlat code files and the path to the context is know, code injection is possible. The attack requires an OpenOlat user account to upload a ZIP file and trigger the unzip method. It can not be exploited by unregistered users. The problem is fixed in versions 15.3.18, 15.5.3 and 16.0.0. There are no known workarounds aside from upgrading.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-39180
CVE-2021-38703Wireless devices running certain Arcadyan-derived firmware (such as KPN Experia WiFi 1.00.15) do not properly sanitise user input to the syslog configuration form. An authenticated remote attacker could leverage this to alter the device configuration and achieve remote code execution. This can be exploited in conjunction with CVE-2021-20090.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-38703
CVE-2021-35508NMSAccess32.exe in TeraRecon AQNetClient 4.4.13 allows attackers to execute a malicious binary with SYSTEM privileges via a low-privileged user account. To exploit this, a low-privileged user must change the service configuration or overwrite the binary service.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-35508
CVE-2021-35215Insecure deserialization leading to Remote Code Execution was detected in the Orion Platform version 2020.2.5. Authentication is required to exploit this vulnerability.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-35215
CVE-2021-35216Insecure Deserialization of untrusted data remote code execution vulnerability was discovered in Patch Manager Orion Platform Integration module. An Authenticated Attacker with network access via HTTP can compromise this vulnerability can result in Remote Code Execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-35216
CVE-2021-35218Deserialization of Untrusted Data in the Web Console Chart Endpoint can lead to remote code execution. An unauthorized attacker who has network access to the Orion Patch Manager Web Console could potentially exploit this and compromise the server8.8https://nvd.nist.gov/vuln/detail/CVE-2021-35218
CVE-2021-36032Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An authenticated attacker can trigger an insecure direct object reference in the `V1/customers/me` endpoint to achieve information exposure and privilege escalation.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-36032
CVE-2021-34435In Eclipse Theia 0.3.9 to 1.8.1, the "mini-browser" extension allows a user to preview HTML files in an iframe inside the IDE. But with the way it is made it is possible for a previewed HTML file to trigger an RCE. This exploit only happens if a user previews a malicious file..8.8https://nvd.nist.gov/vuln/detail/CVE-2021-34435
CVE-2021-39181OpenOlat is a web-based learning management system (LMS). Prior to version 15.3.18, 15.5.3, and 16.0.0, using a prepared import XML file (e.g. a course) any class on the Java classpath can be instantiated, including spring AOP bean factories. This can be used to execute code arbitrary code by the attacker. The attack requires an OpenOlat user account with the authoring role. It can not be exploited by unregistered users. The problem is fixed in versions 15.3.18, 15.5.3, and 16.0.0. There are no known workarounds aside from upgrading.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-39181
CVE-2021-30606Use after free in Blink in Google Chrome prior to 93.0.4577.63 allowed an attacker who convinced a user to drag and drop a malicous folder to a page to potentially perform a sandbox escape via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30606
CVE-2021-30607Use after free in Permissions in Google Chrome prior to 93.0.4577.63 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30607
CVE-2021-30608Use after free in Web Share in Google Chrome prior to 93.0.4577.63 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30608
CVE-2021-30609Use after free in Sign-In in Google Chrome prior to 93.0.4577.63 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30609
CVE-2021-30610Use after free in Extensions API in Google Chrome prior to 93.0.4577.63 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30610
CVE-2021-30611Use after free in WebRTC in Google Chrome on Linux, ChromeOS prior to 93.0.4577.63 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30611
CVE-2021-30612Use after free in WebRTC in Google Chrome on Linux, ChromeOS prior to 93.0.4577.63 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30612
CVE-2021-30613Use after free in Base internals in Google Chrome prior to 93.0.4577.63 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30613
CVE-2021-30614Heap buffer overflow in TabStrip in Google Chrome prior to 93.0.4577.63 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30614
CVE-2021-30616Use after free in Media in Google Chrome prior to 93.0.4577.63 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30616
CVE-2021-30618Inappropriate implementation in DevTools in Google Chrome prior to 93.0.4577.63 allowed a remote attacker who had convinced the user to use Chrome headless with remote debugging to execute arbitrary code via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30618
CVE-2021-30620Insufficient policy enforcement in Blink in Google Chrome prior to 93.0.4577.63 allowed a remote attacker to bypass content security policy via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30620
CVE-2021-30622Use after free in WebApp Installs in Google Chrome prior to 93.0.4577.63 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30622
CVE-2021-30623Use after free in Bookmarks in Google Chrome prior to 93.0.4577.63 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30623
CVE-2021-30624Use after free in Autofill in Google Chrome prior to 93.0.4577.63 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30624
CVE-2021-24303The JiangQie Official Website Mini Program WordPress plugin before 1.1.1 does not escape or validate the id GET parameter before using it in SQL statements, leading to SQL injection issues8.8https://nvd.nist.gov/vuln/detail/CVE-2021-24303
CVE-2021-24391An editid GET parameter of the Cashtomer WordPress plugin through 1.0.0 is not properly sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-24391
CVE-2021-24006An improper access control vulnerability in FortiManager versions 6.4.0 to 6.4.3 may allow an authenticated attacker with a restricted user profile to access the SD-WAN Orchestrator panel via directly visiting its URL.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-24006
CVE-2021-38841Remote Code Execution can occur in Simple Water Refilling Station Management System 1.0 via the System Logo option on the system_info page in classes/SystemSettings.php with an update_settings action.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-38841
CVE-2021-39279Certain MOXA devices allow Authenticated Command Injection via /forms/web_importTFTP. This affects WAC-2004 1.7, WAC-1001 2.1, WAC-1001-T 2.1, OnCell G3470A-LTE-EU 1.7, OnCell G3470A-LTE-EU-T 1.7, TAP-323-EU-CT-T 1.3, TAP-323-US-CT-T 1.3, TAP-323-JP-CT-T 1.3, WDR-3124A-EU 2.3, WDR-3124A-EU-T 2.3, WDR-3124A-US 2.3, and WDR-3124A-US-T 2.3.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-39279
CVE-2021-28139The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly restrict the Feature Page upon reception of an LMP Feature Response Extended packet, allowing attackers in radio range to trigger arbitrary code execution in ESP32 via a crafted Extended Features bitfield payload.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-28139
CVE-2021-36162Apache Dubbo supports various rules to support configuration override or traffic routing (called routing in Dubbo). These rules are loaded into the configuration center (eg: Zookeeper, Nacos, ...) and retrieved by the customers when making a request in order to find the right endpoint. When parsing these YAML rules, Dubbo customers will use SnakeYAML library to load the rules which by default will enable calling arbitrary constructors. An attacker with access to the configuration center he will be able to poison the rule so when retrieved by the consumers, it will get RCE on all of them. This was fixed in Dubbo 2.7.13, 3.0.28.8https://nvd.nist.gov/vuln/detail/CVE-2021-36162
CVE-2021-37218HashiCorp Nomad and Nomad Enterprise Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed in 1.0.10 and 1.1.4.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-37218
CVE-2021-37219HashiCorp Consul and Consul Enterprise 1.10.1 Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed in 1.8.15, 1.9.9 and 1.10.2.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-37219
CVE-2021-38616In Eigen NLP 3.10.1, a lack of access control on the /auth/v1/user/{user-guid}/ user edition endpoint could permit any logged-in user to increase their own permissions via a user_permissions array in a PATCH request. A guest user could modify other users' profiles and much more.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-38616
CVE-2021-38617In Eigen NLP 3.10.1, a lack of access control on the /auth/v1/user/ user creation endpoint allows a standard user to create a super user account with a defined password. This directly leads to privilege escalation.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-38617
CVE-2021-38142Barco MirrorOp Windows Sender before 2.5.3.65 uses cleartext HTTP and thus allows rogue software upgrades. An attacker on the local network can achieve remote code execution on any computer that tries to update Windows Sender due to the fact that the upgrade mechanism is not secured (is not protected with TLS).8.8https://nvd.nist.gov/vuln/detail/CVE-2021-38142
CVE-2021-39197better_errors is an open source replacement for the standard Rails error page with more information rich error pages. It is also usable outside of Rails in any Rack app as Rack middleware. better_errors prior to 2.8.0 did not implement CSRF protection for its internal requests. It also did not enforce the correct "Content-Type" header for these requests, which allowed a cross-origin "simple request" to be made without CORS protection. These together left an application with better_errors enabled open to cross-origin attacks. As a developer tool, better_errors documentation strongly recommends addition only to the `development` bundle group, so this vulnerability should only affect development environments. Please ensure that your project limits better_errors to the `development` group (or the non-Rails equivalent). Starting with release 2.8.x, CSRF protection is enforced. It is recommended that you upgrade to the latest release, or minimally to "~> 2.8.3". There are no known workarounds to mitigate the risk of using older releases of better_errors.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-39197
CVE-2021-38705ClinicCases 7.3.3 is affected by Cross-Site Request Forgery (CSRF). A successful attack would consist of an authenticated user following a malicious link, resulting in arbitrary actions being carried out with the privilege level of the targeted user. This can be exploited to create a secondary administrator account for the attacker.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-38705
CVE-2021-38706messages_load.php in ClinicCases 7.3.3 suffers from a blind SQL injection vulnerability, which allows low-privileged attackers to execute arbitrary SQL commands through a vulnerable parameter.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-38706
CVE-2021-23404This affects all versions of package sqlite-web. The SQL dashboard area allows sensitive actions to be performed without validating that the request originated from the application. This could enable an attacker to trick a user into performing these actions unknowingly through a Cross Site Request Forgery (CSRF) attack.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-23404
CVE-2021-36179A stack-based buffer overflow in Fortinet FortiWeb version 6.3.14 and below, 6.2.4 and below allows attacker to execute unauthorized code or commands via crafted parameters in CLI command execution8.8https://nvd.nist.gov/vuln/detail/CVE-2021-36179
CVE-2021-36182A Improper neutralization of special elements used in a command ('Command Injection') in Fortinet FortiWeb version 6.3.13 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests8.8https://nvd.nist.gov/vuln/detail/CVE-2021-36182
CVE-2021-30734Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to arbitrary code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30734
CVE-2021-30737A memory corruption issue in the ASN.1 decoder was addressed by removing the vulnerable code. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, iOS 12.5.4, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted certificate may lead to arbitrary code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30737
CVE-2021-30758A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30758
CVE-2021-30761A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30761
CVE-2021-30762A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30762
CVE-2021-30797This issue was addressed with improved checks. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to code execution.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-30797
CVE-2021-21103Adobe Illustrator version 25.2 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-21103
CVE-2021-21104Adobe Illustrator version 25.2 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to remote code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-21104
CVE-2021-21105Adobe Illustrator version 25.2 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve remote code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-21105
CVE-2021-28571Adobe After Effects version 18.1 (and earlier) is affected by a potential Command injection vulnerability when chained with a development and debugging tool for JavaScript scripts. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.8.8https://nvd.nist.gov/vuln/detail/CVE-2021-28571
CVE-2016-8368An issue was discovered in Mitsubishi Electric Automation MELSEC-Q series Ethernet interface modules QJ71E71-100, all versions, QJ71E71-B5, all versions, and QJ71E71-B2, all versions. The affected Ethernet interface module is connected to a MELSEC-Q PLC, which may allow a remote attacker to connect to the PLC via Port 5002/TCP and cause a denial of service, requiring the PLC to be reset to resume operation. This is caused by an Unrestricted Externally Accessible Lock.8.6https://nvd.nist.gov/vuln/detail/CVE-2016-8368
CVE-2019-10942A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-200RNA (All versions). The device contains a vulnerability that could allow an attacker to trigger a denial-of-service condition by sending large message packages repeatedly to the telnet service. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device.8.6https://nvd.nist.gov/vuln/detail/CVE-2019-10942
CVE-2020-1603Specific IPv6 packets sent by clients processed by the Routing Engine (RE) are improperly handled. These IPv6 packets are designed to be blocked by the RE from egressing the RE. Instead, the RE allows these specific IPv6 packets to egress the RE, at which point a mbuf memory leak occurs within the Juniper Networks Junos OS device. This memory leak eventually leads to a kernel crash (vmcore), or the device hanging and requiring a power cycle to restore service, creating a Denial of Service (DoS) condition. During the time where mbufs are rising, yet not fully filled, some traffic from client devices may begin to be black holed. To be black holed, this traffic must match the condition where this traffic must be processed by the RE. Continued receipt and attempted egress of these specific IPv6 packets from the Routing Engine (RE) will create an extended Denial of Service (DoS) condition. Scenarios which have been observed are: 1. In a single chassis, single RE scenario, the device will hang without vmcore, or a vmcore may occur and then hang. In this scenario the device needs to be power cycled. 2. In a single chassis, dual RE scenario, the device master RE will fail over to the backup RE. In this scenario, the master and the backup REs need to be reset from time to time when they vmcore. There is no need to power cycle the device. 3. In a dual chassis, single RE scenario, the device will hang without vmcore, or a vmcore may occur and then hang. In this scenario, the two chassis' design relies upon some type of network level redundancy - VRRP, GRES, NSR, etc. - 3.a In a commanded switchover, where nonstop active routing (NSR) is enabled no session loss is observed. 4. In a dual chassis, dual chassis scenario, rely upon the RE to RE failover as stated in the second scenario. In the unlikely event that the device does not switch RE to RE gracefully, then the fallback position is to the network level services scenario in the third scenario. This issue affects: Juniper Networks Junos OS 16.1 versions prior to 16.1R7-S6; 16.1 version 16.1X70-D10 and later; 16.2 versions prior to 16.2R2-S11; 17.1 versions prior to 17.1R2-S11, 17.1R3-S1; 17.2 versions prior to 17.2R1-S9, 17.2R2-S8, 17.2R3-S3; 17.3 versions prior to 17.3R3-S6; 17.4 versions prior to 17.4R2-S9, 17.4R3; 18.1 versions prior to 18.1R3-S7; 18.2 versions prior to 18.2R3-S2; 18.2X75 versions prior to 18.2X75-D50, 18.2X75-D410; 18.3 versions prior to 18.3R1-S6, 18.3R2-S2, 18.3R3; 18.4 versions prior to 18.4R1-S6, 18.4R2-S2, 18.4R3; 19.1 versions prior to 19.1R1-S3, 19.1R2; 19.2 versions prior to 19.2R1-S2, 19.2R2. This issue does not affect releases prior to Junos OS 16.1R1.8.6https://nvd.nist.gov/vuln/detail/CVE-2020-1603
CVE-2021-3121An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the "skippy peanut butter" issue.8.6https://nvd.nist.gov/vuln/detail/CVE-2021-3121
CVE-2021-21006Adobe Photoshop version 22.1 (and earlier) is affected by a heap buffer overflow vulnerability when handling a specially crafted font file. Successful exploitation could lead to arbitrary code execution. Exploitation of this issue requires user interaction in that a victim must open a malicious file.8.6https://nvd.nist.gov/vuln/detail/CVE-2021-21006
CVE-2021-3517There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this flaw is to application availability, with some potential impact to confidentiality and integrity if an attacker is able to use memory information to further exploit the application.8.6https://nvd.nist.gov/vuln/detail/CVE-2021-3517
CVE-2021-37701The npm package "tar" (aka node-tar) before versions 4.4.16, 5.0.8, and 6.1.7 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. node-tar aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achieved by ensuring that extracted directories are not symlinks. Additionally, in order to prevent unnecessary stat calls to determine whether a given path is a directory, paths are cached when directories are created. This logic was insufficient when extracting tar files that contained both a directory and a symlink with the same name as the directory, where the symlink and directory names in the archive entry used backslashes as a path separator on posix systems. The cache checking logic used both `\\` and `/` characters as path separators, however `\\` is a valid filename character on posix systems. By first creating a directory, and then replacing that directory with a symlink, it was thus possible to bypass node-tar symlink checks on directories, essentially allowing an untrusted tar file to symlink into an arbitrary location and subsequently extracting arbitrary files into that location, thus allowing arbitrary file creation and overwrite. Additionally, a similar confusion could arise on case-insensitive filesystems. If a tar archive contained a directory at `FOO`, followed by a symbolic link named `foo`, then on case-insensitive file systems, the creation of the symbolic link would remove the directory from the filesystem, but _not_ from the internal directory cache, as it would not be treated as a cache hit. A subsequent file entry within the `FOO` directory would then be placed in the target of the symbolic link, thinking that the directory had already been created. These issues were addressed in releases 4.4.16, 5.0.8 and 6.1.7. The v3 branch of node-tar has been deprecated and did not receive patches for these issues. If you are still using a v3 release we recommend you update to a more recent version of node-tar. If this is not possible, a workaround is available in the referenced GHSA-9r2w-394v-53qc.8.6https://nvd.nist.gov/vuln/detail/CVE-2021-37701
CVE-2021-37712The npm package "tar" (aka node-tar) before versions 4.4.18, 5.0.10, and 6.1.9 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. node-tar aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achieved by ensuring that extracted directories are not symlinks. Additionally, in order to prevent unnecessary stat calls to determine whether a given path is a directory, paths are cached when directories are created. This logic was insufficient when extracting tar files that contained both a directory and a symlink with names containing unicode values that normalized to the same value. Additionally, on Windows systems, long path portions would resolve to the same file system entities as their 8.3 "short path" counterparts. A specially crafted tar archive could thus include a directory with one form of the path, followed by a symbolic link with a different string that resolves to the same file system entity, followed by a file using the first form. By first creating a directory, and then replacing that directory with a symlink that had a different apparent name that resolved to the same entry in the filesystem, it was thus possible to bypass node-tar symlink checks on directories, essentially allowing an untrusted tar file to symlink into an arbitrary location and subsequently extracting arbitrary files into that location, thus allowing arbitrary file creation and overwrite. These issues were addressed in releases 4.4.18, 5.0.10 and 6.1.9. The v3 branch of node-tar has been deprecated and did not receive patches for these issues. If you are still using a v3 release we recommend you update to a more recent version of node-tar. If this is not possible, a workaround is available in the referenced GHSA-qq89-hq3f-393p.8.6https://nvd.nist.gov/vuln/detail/CVE-2021-37712
CVE-2021-37713The npm package "tar" (aka node-tar) before versions 4.4.18, 5.0.10, and 6.1.9 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. node-tar aims to guarantee that any file whose location would be outside of the extraction target directory is not extracted. This is, in part, accomplished by sanitizing absolute paths of entries within the archive, skipping archive entries that contain `..` path portions, and resolving the sanitized paths against the extraction target directory. This logic was insufficient on Windows systems when extracting tar files that contained a path that was not an absolute path, but specified a drive letter different from the extraction target, such as `C:some\\path`. If the drive letter does not match the extraction target, for example `D:\\extraction\\dir`, then the result of `path.resolve(extractionDirectory, entryPath)` would resolve against the current working directory on the `C:` drive, rather than the extraction target directory. Additionally, a `..` portion of the path could occur immediately after the drive letter, such as `C:../foo`, and was not properly sanitized by the logic that checked for `..` within the normalized and split portions of the path. This only affects users of `node-tar` on Windows systems. These issues were addressed in releases 4.4.18, 5.0.10 and 6.1.9. The v3 branch of node-tar has been deprecated and did not receive patches for these issues. If you are still using a v3 release we recommend you update to a more recent version of node-tar. There is no reasonable way to work around this issue without performing the same path normalization procedures that node-tar now does. Users are encouraged to upgrade to the latest patched versions of node-tar, rather than attempt to sanitize paths themselves.8.6https://nvd.nist.gov/vuln/detail/CVE-2021-37713
CVE-2021-30354Amazon Kindle e-reader prior to and including version 5.13.4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function CJBig2Image::expand() and results in a memory corruption that leads to code execution when parsing a crafted PDF book.8.6https://nvd.nist.gov/vuln/detail/CVE-2021-30354
CVE-2021-30355Amazon Kindle e-reader prior to and including version 5.13.4 improperly manages privileges, allowing the framework user to elevate privileges to root.8.6https://nvd.nist.gov/vuln/detail/CVE-2021-30355
CVE-2021-32833Emby Server is a personal media server with apps on many devices. In Emby Server on Windows there is a set of arbitrary file read vulnerabilities. This vulnerability is known to exist in version 4.6.4.0 and may not be patched in later versions. Known vulnerable routes are /Videos/Id/hls/PlaylistId/SegmentId.SegmentContainer, /Images/Ratings/theme/name and /Images/MediaInfo/theme/name. For more details including proof of concept code, refer to the referenced GHSL-2021-051. This issue may lead to unauthorized access to the system especially when Emby Server is configured to be accessible from the Internet.8.6https://nvd.nist.gov/vuln/detail/CVE-2021-32833
CVE-2021-39162Pomerium is an open source identity-aware access proxy. Envoy, which Pomerium is based on, can abnormally terminate if an H/2 GOAWAY and SETTINGS frame are received in the same IO event. This can lead to a DoS in the presence of untrusted *upstream* servers. 0.15.1 contains an upgraded envoy binary with this vulnerability patched. If only trusted upstreams are configured, there is not substantial risk of this condition being triggered.8.6https://nvd.nist.gov/vuln/detail/CVE-2021-39162
CVE-2021-39206Pomerium is an open source identity-aware access proxy. Envoy, which Pomerium is based on, contains two authorization related vulnerabilities CVE-2021-32777 and CVE-2021-32779. This may lead to incorrect routing or authorization policy decisions. With specially crafted requests, incorrect authorization or routing decisions may be made by Pomerium. Pomerium v0.14.8 and v0.15.1 contain an upgraded envoy binary with these vulnerabilities patched. This issue can only be triggered when using path prefix based policy. Removing any such policies should provide mitigation.8.6https://nvd.nist.gov/vuln/detail/CVE-2021-39206
CVE-2021-39141XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.8.5https://nvd.nist.gov/vuln/detail/CVE-2021-39141
CVE-2021-39144XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.8.5https://nvd.nist.gov/vuln/detail/CVE-2021-39144
CVE-2016-2557The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU graphics driver R340 before 341.95 and R352 before 354.74 on Windows allows local users to obtain sensitive information from kernel memory, cause a denial of service (crash), or possibly gain privileges via unspecified vectors, which trigger uninitialized or out-of-bounds memory access.8.4https://nvd.nist.gov/vuln/detail/CVE-2016-2557
CVE-2016-2558The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU graphics driver R340 before 341.95 and R352 before 354.74 on Windows allows local users to obtain sensitive information, cause a denial of service (crash), or gain privileges via unspecified vectors related to an untrusted pointer, which trigger uninitialized or out-of-bounds memory access.8.4https://nvd.nist.gov/vuln/detail/CVE-2016-2558
CVE-2016-2207The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation) via a crafted RAR file that is mishandled during decompression.8.4https://nvd.nist.gov/vuln/detail/CVE-2016-2207
CVE-2021-39207parlai is a framework for training and evaluating AI models on a variety of openly available dialogue datasets. In affected versions the package is vulnerable to YAML deserialization attack caused by unsafe loading which leads to Arbitary code execution. This security bug is patched by avoiding unsafe loader users should update to version above v1.1.0. If upgrading is not possible then users can change the Loader used to SafeLoader as a workaround. See commit 507d066ef432ea27d3e201da08009872a2f37725 for details.8.4https://nvd.nist.gov/vuln/detail/CVE-2021-39207
CVE-2021-38360The wp-publications WordPress plugin is vulnerable to restrictive local file inclusion via the Q_FILE parameter found in the ~/bibtexbrowser.php file which allows attackers to include local zip files and achieve remote code execution, in versions up to and including 0.0.8.3https://nvd.nist.gov/vuln/detail/CVE-2021-38360
CVE-2020-10292Visual Components (owned by KUKA) is a robotic simulator that allows simulating factories and robots in order toimprove planning and decision-making processes. Visual Components software requires a special license which can beobtained from a network license server. The network license server binds to all interfaces (0.0.0.0) and listensfor packets over UDP port 5093. No authentication/authorization is required in order to communicate with theserver. The protocol being used is a property protocol by RMS Sentinel which provides the licensing infrastructurefor the network license server. RMS Sentinel license manager service exposes UDP port 5093 which provides sensitivesystem information that could be leveraged for further exploitation without any kind of authentication. Thisinformation includes detailed hardware and OS characteristics.After a decryption process, a textual protocol is found which contains a simple header with the requested command,application-identifier, and some arguments. The protocol is vulnerable to DoS through an arbitrary pointerderreference. This flaw allows an attacker to to pass a specially crafted package that, when processed by theservice, causes an arbitrary pointer from the stack to be dereferenced, causing an uncaught exception thatterminates the service. This can be further contructed in combination with RVDP#710 which exploits an informationdisclosure leak, or with RVDP#711 for an stack-overflow and potential code execution.Beyond denying simulations, Visual Components provides capabilities to interface with industrial machinery andautomate certain processes (e.g. testing, benchmarking, etc.) which depending on the DevOps setup might beintegrated into the industrial flow. Accordingly, a DoS in the simulation might have higher repercusions, dependingon the Industrial Control System (ICS) ICS infrastructure.8.2https://nvd.nist.gov/vuln/detail/CVE-2020-10292
CVE-2021-21045Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an improper access control vulnerability. An unauthenticated attacker could leverage this vulnerability to elevate privileges in the context of the current user.8.2https://nvd.nist.gov/vuln/detail/CVE-2021-21045
CVE-2021-40143Sonatype Nexus Repository 3.x through 3.33.1-01 is vulnerable to an HTTP header injection. By sending a crafted HTTP request, a remote attacker may disclose sensitive information or request external resources from a vulnerable instance.8.2https://nvd.nist.gov/vuln/detail/CVE-2021-40143
CVE-2021-32834Eclipse Keti is a service that was designed to protect RESTfuls API using Attribute Based Access Control (ABAC). In Keti a user able to create Policy Sets can run arbitrary code by sending malicious Groovy scripts which will escape the configured Groovy sandbox. This vulnerability is known to exist in the latest commit at the time of writing this CVE (commit a1c8dbe). For more details see the referenced GHSL-2021-063.8.2https://nvd.nist.gov/vuln/detail/CVE-2021-32834
CVE-2021-38324The SP Rental Manager WordPress plugin is vulnerable to SQL Injection via the orderby parameter found in the ~/user/shortcodes.php file which allows attackers to retrieve information contained in a site's database, in versions up to and including 1.5.3.8.2https://nvd.nist.gov/vuln/detail/CVE-2021-38324
CVE-2016-3675SQL injection vulnerability in Huawei Policy Center with software before V100R003C10SPC020 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors related to system databases.8.1https://nvd.nist.gov/vuln/detail/CVE-2016-3675
CVE-2017-5035Google Chrome prior to 57.0.2987.98 for Windows and Mac had a race condition, which could cause Chrome to display incorrect certificate information for a site.8.1https://nvd.nist.gov/vuln/detail/CVE-2017-5035
CVE-2017-10873OpenAM (Open Source Edition) allows an attacker to bypass authentication and access unauthorized contents via unspecified vectors. Note that this vulnerability affects OpenAM (Open Source Edition) implementations configured as SAML 2.0IdP, and switches authentication methods based on AuthnContext requests sent from the service provider.8.1https://nvd.nist.gov/vuln/detail/CVE-2017-10873
CVE-2018-1266Cloud Foundry Cloud Controller, versions prior to 1.52.0, contains information disclosure and path traversal vulnerabilities. An authenticated malicious user can predict the location of application blobs and leverage path traversal to create a malicious application that has the ability to overwrite arbitrary files on the Cloud Controller instance.8.1https://nvd.nist.gov/vuln/detail/CVE-2018-1266
CVE-2018-1267Cloud Foundry Silk CNI plugin, versions prior to 0.2.0, contains an improper access control vulnerability. If the platform is configured with an application security group (ASG) that overlaps with the Silk overlay network, any applications can reach any other application on the network regardless of the configured routing policies.8.1https://nvd.nist.gov/vuln/detail/CVE-2018-1267
CVE-2014-8422The web-based management (WBM) interface in Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 generates session cookies with insufficient entropy, which makes it easier for remote attackers to hijack sessions via a brute-force attack.8.1https://nvd.nist.gov/vuln/detail/CVE-2014-8422
CVE-2016-9587Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's handling of data sent from client systems. An attacker with control over a client system being managed by Ansible and the ability to send facts back to the Ansible server could use this flaw to execute arbitrary code on the Ansible server using the Ansible server privileges.8.1https://nvd.nist.gov/vuln/detail/CVE-2016-9587
CVE-2018-10897A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files. Version 1.1.31 and older are believed to be affected.8.1https://nvd.nist.gov/vuln/detail/CVE-2018-10897
CVE-2018-18865The Royal browser extensions TS before 4.3.60728 (Release Date 2018-07-28) and TSX before 3.3.1 (Release Date 2018-09-13) allow Credentials Disclosure.8.1https://nvd.nist.gov/vuln/detail/CVE-2018-18865
CVE-2019-9815If hyperthreading is not disabled, a timing attack vulnerability exists, similar to previous Spectre attacks. Apple has shipped macOS 10.14.5 with an option to disable hyperthreading in applications running untrusted code in a thread through a new sysctl. Firefox now makes use of it on the main thread and any worker threads. *Note: users need to update to macOS 10.14.5 in order to take advantage of this change.*. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.8.1https://nvd.nist.gov/vuln/detail/CVE-2019-9815
CVE-2019-15637Numerous Tableau products are vulnerable to XXE via a malicious workbook, extension, or data source, leading to information disclosure or a DoS. This affects Tableau Server, Tableau Desktop, Tableau Reader, and Tableau Public Desktop.8.1https://nvd.nist.gov/vuln/detail/CVE-2019-15637
CVE-2019-8162Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have a race condition vulnerability. Successful exploitation could lead to arbitrary code execution .8.1https://nvd.nist.gov/vuln/detail/CVE-2019-8162
CVE-2020-11581An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, allows a man-in-the-middle attacker to perform OS command injection attacks (against a client) via shell metacharacters to the doCustomRemediateInstructions method, because Runtime.getRuntime().exec() is used.8.1https://nvd.nist.gov/vuln/detail/CVE-2020-11581
CVE-2021-28545Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are missing support for an integrity check. An unauthenticated attacker would have the ability to completely manipulate data in a certified PDF without invalidating the original certification. Exploitation of this issue requires user interaction in that a victim must open the tampered file.8.1https://nvd.nist.gov/vuln/detail/CVE-2021-28545
CVE-2021-38084An issue was discovered in the POP3 component of Courier Mail Server before 1.1.5. Meddler-in-the-middle attackers can pipeline commands after the POP3 STLS command, injecting plaintext commands into an encrypted user session.8.1https://nvd.nist.gov/vuln/detail/CVE-2021-38084
CVE-2021-30593Out of bounds read in Tab Strip in Google Chrome prior to 92.0.4515.131 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted HTML page.8.1https://nvd.nist.gov/vuln/detail/CVE-2021-30593
CVE-2021-29630In FreeBSD 13.0-STABLE before n246938-0729ba2f49c9, 12.2-STABLE before r370383, 11.4-STABLE before r370381, 13.0-RELEASE before p4, 12.2-RELEASE before p10, and 11.4-RELEASE before p13, the ggatec daemon does not validate the size of a response before writing it to a fixed-sized buffer allowing a malicious attacker in a privileged network position to overwrite the stack of ggatec and potentially execute arbitrary code.8.1https://nvd.nist.gov/vuln/detail/CVE-2021-29630
CVE-2021-35062A Shell Metacharacter Injection vulnerability in result.php in DRK Odenwaldkreis Testerfassung March-2021 allow an attacker with a valid token of a COVID-19 test result to execute shell commands with the permissions of the web server.8.1https://nvd.nist.gov/vuln/detail/CVE-2021-35062
CVE-2021-34578This vulnerability allows an attacker who has access to the WBM to read and write settings-parameters of the device by sending specifically constructed requests without authentication on multiple WAGO PLCs in firmware versions up to FW07.8.1https://nvd.nist.gov/vuln/detail/CVE-2021-34578
CVE-2021-35221Improper Access Control Tampering Vulnerability using ImportAlert function which can lead to a Remote Code Execution (RCE) from the Alerts Settings page.8.1https://nvd.nist.gov/vuln/detail/CVE-2021-35221
CVE-2021-40378An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices. /cgi-bin/support/killps.cgi deletes all data from the device.8.1https://nvd.nist.gov/vuln/detail/CVE-2021-40378
CVE-2021-26436Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-36930.8.1https://nvd.nist.gov/vuln/detail/CVE-2021-26436
CVE-2021-36930Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26436.8.1https://nvd.nist.gov/vuln/detail/CVE-2021-36930
CVE-2021-38615In Eigen NLP 3.10.1, a lack of access control on the /auth/v1/sso/config/ SSO configuration endpoint allows any logged-in user (guest, standard, or admin) to view and modify information.8.1https://nvd.nist.gov/vuln/detail/CVE-2021-38615
CVE-2021-37725A remote cross-site request forgery (csrf) vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.8.0.1, 8.7.1.2, 8.6.0.8, 8.5.0.12, 8.3.0.15. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address this security vulnerability.8.1https://nvd.nist.gov/vuln/detail/CVE-2021-37725
CVE-2021-32800Nextcloud server is an open source, self hosted personal cloud. In affected versions an attacker is able to bypass Two Factor Authentication in Nextcloud. Thus knowledge of a password, or access to a WebAuthN trusted device of a user was sufficient to gain access to an account. It is recommended that the Nextcloud Server is upgraded to 20.0.12, 21.0.4 or 22.1.0. There are no workaround for this vulnerability.8.1https://nvd.nist.gov/vuln/detail/CVE-2021-32800
CVE-2021-3051An improper verification of cryptographic signature vulnerability exists in Cortex XSOAR SAML authentication that enables an unauthenticated network-based attacker with specific knowledge of the Cortex XSOAR instance to access protected resources and perform unauthorized actions on the Cortex XSOAR server. This issue impacts: Cortex XSOAR 5.5.0 builds earlier than 1578677; Cortex XSOAR 6.0.2 builds earlier than 1576452; Cortex XSOAR 6.1.0 builds earlier than 1578663; Cortex XSOAR 6.2.0 builds earlier than 1578666. All Cortex XSOAR instances hosted by Palo Alto Networks are protected from this vulnerability; no additional action is required for these instances.8.1https://nvd.nist.gov/vuln/detail/CVE-2021-3051
CVE-2015-8798Directory traversal vulnerability in the Management Server in Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x before 1.0 MP5, Embedded Security: Critical System Protection for Controllers and Devices (SES:CSP) 6.5.0 before MP1, Critical System Protection (SCSP) before 5.2.9 MP6, Data Center Security: Server Advanced Server (DCS:SA) 6.x before 6.5 MP1 and 6.6 before MP1, and Data Center Security: Server Advanced Server and Agents (DCS:SA) through 6.6 MP1 allows remote authenticated users to execute arbitrary code via unspecified vectors.8https://nvd.nist.gov/vuln/detail/CVE-2015-8798
CVE-2018-10990On Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices, a logout action does not immediately destroy all state on the device related to the validity of the "credential" cookie, which might make it easier for attackers to obtain access at a later time (e.g., "at least for a few minutes"). NOTE: there is no documentation stating that the web UI's logout feature was supposed to do anything beyond removing the cookie from one instance of a web browser; a client-side logout action is often not intended to address cases where a person has made a copy of a cookie outside of a browser.8https://nvd.nist.gov/vuln/detail/CVE-2018-10990
CVE-2021-22944A vulnerability found in UniFi Protect application V1.18.1 and earlier allows a malicious actor with a view-only role and network access to gain the same privileges as the owner of the UniFi Protect application. This vulnerability is fixed in UniFi Protect application V1.19.0 and later.8https://nvd.nist.gov/vuln/detail/CVE-2021-22944
CVE-2021-3052A reflected cross-site scripting (XSS) vulnerability in the Palo Alto Network PAN-OS web interface enables an authenticated network-based attacker to mislead another authenticated PAN-OS administrator to click on a specially crafted link that performs arbitrary actions in the PAN-OS web interface as the targeted authenticated administrator. This issue impacts: PAN-OS 8.1 versions earlier than 8.1.20; PAN-OS 9.0 versions earlier than 9.0.14; PAN-OS 9.1 versions earlier than 9.1.10; PAN-OS 10.0 versions earlier than 10.0.2. This issue does not affect Prisma Access.8https://nvd.nist.gov/vuln/detail/CVE-2021-3052
CVE-2016-2556The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU graphics driver R340 before 341.95 and R352 before 354.74 on Windows improperly allows access to restricted functionality, which allows local users to gain privileges via unspecified vectors.7.8https://nvd.nist.gov/vuln/detail/CVE-2016-2556
CVE-2015-7378Panda Security URL Filtering before 4.3.1.9 uses a weak ACL for the "Panda Security URL Filtering" directory and installed files, which allows local users to gain SYSTEM privileges by modifying Panda_URL_Filteringb.exe.7.8https://nvd.nist.gov/vuln/detail/CVE-2015-7378
CVE-2016-3943Panda Endpoint Administration Agent before 7.50.00, as used in Panda Security for Business products for Windows, uses a weak ACL for the Panda Security/WaAgent directory and sub-directories, which allows local users to gain SYSTEM privileges by modifying an executable module.7.8https://nvd.nist.gov/vuln/detail/CVE-2016-3943
CVE-2016-2211The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted CAB file that is mishandled during decompression.7.8https://nvd.nist.gov/vuln/detail/CVE-2016-2211
CVE-2017-5329Palo Alto Networks Terminal Services Agent before 7.0.7 allows local users to gain privileges via vectors that trigger an out-of-bounds write operation.7.8https://nvd.nist.gov/vuln/detail/CVE-2017-5329
CVE-2016-6268Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allows local webserv users to execute arbitrary code with root privileges via a Trojan horse .war file in the Solr webapps directory.7.8https://nvd.nist.gov/vuln/detail/CVE-2016-6268
CVE-2017-2130Untrusted search path vulnerability in the installer of PhishWall Client Internet Explorer version Ver. 3.7.13 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory.7.8https://nvd.nist.gov/vuln/detail/CVE-2017-2130
CVE-2017-9036Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows local users to gain privileges by leveraging an unrestricted quarantine directory.7.8https://nvd.nist.gov/vuln/detail/CVE-2017-9036
CVE-2017-8803Notepad++ 7.3.3 (32-bit) with Hex Editor Plugin v0.9.5 might allow user-assisted attackers to execute code via a crafted file, because of a "Data from Faulting Address controls Code Flow" issue. One threat model is a victim who obtains an untrusted crafted file from a remote location and issues several user-defined commands.7.8https://nvd.nist.gov/vuln/detail/CVE-2017-8803
CVE-2017-2226Untrusted search path vulnerability in Setup file of advance preparation for e-Tax software (WEB version) (1.17.1) and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.7.8https://nvd.nist.gov/vuln/detail/CVE-2017-2226
CVE-2017-8665The Xamarin.iOS update component on systems running macOS allows an attacker to run arbitrary code as root, aka "Xamarin.iOS Elevation Of Privilege Vulnerability."7.8https://nvd.nist.gov/vuln/detail/CVE-2017-8665
CVE-2017-8631A remote code execution vulnerability exists in Excel Services, Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Web Apps 2013, Microsoft Office Compatibility Pack Service Pack 3, Microsoft Excel Web App 2013 Service Pack 1, Microsoft Excel Viewer 2007 Service Pack 3, and Office Online Server when they fail to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8630, CVE-2017-8632, and CVE-2017-8744.7.8https://nvd.nist.gov/vuln/detail/CVE-2017-8631
CVE-2016-6914Ubiquiti UniFi Video before 3.8.0 for Windows uses weak permissions for the installation directory, which allows local users to gain SYSTEM privileges via a Trojan horse taskkill.exe file.7.8https://nvd.nist.gov/vuln/detail/CVE-2016-6914
CVE-2017-16928The arq_updater binary in Arq 5.10 and earlier for Mac allows local users to write to arbitrary files and consequently gain root privileges via a crafted update URL, as demonstrated by file:///tmp/blah/Arq.zip.7.8https://nvd.nist.gov/vuln/detail/CVE-2017-16928
CVE-2017-16945The standardrestorer binary in Arq 5.10 and earlier for Mac allows local users to write to arbitrary files and consequently gain root privileges via a crafted restore path.7.8https://nvd.nist.gov/vuln/detail/CVE-2017-16945
CVE-2018-8090Quick Heal Total Security 64 bit 17.00 (QHTS64.exe), (QHTSFT64.exe) - Version 10.0.1.38; Quick Heal Total Security 32 bit 17.00 (QHTS32.exe), (QHTSFT32.exe) - Version 10.0.1.38; Quick Heal Internet Security 64 bit 17.00 (QHIS64.exe), (QHISFT64.exe) - Version 10.0.0.37; Quick Heal Internet Security 32 bit 17.00 (QHIS32.exe), (QHISFT32.exe) - Version 10.0.0.37; Quick Heal AntiVirus Pro 64 bit 17.00 (QHAV64.exe), (QHAVFT64.exe) - Version 10.0.0.37; and Quick Heal AntiVirus Pro 32 bit 17.00 (QHAV32.exe), (QHAVFT32.exe) - Version 10.0.0.37 allow DLL Hijacking because of Insecure Library Loading.7.8https://nvd.nist.gov/vuln/detail/CVE-2018-8090
CVE-2018-5546The svpn and policyserver components of the F5 BIG-IP APM client prior to version 7.1.7.1 for Linux and macOS runs as a privileged process and can allow an unprivileged user to get ownership of files owned by root on the local client host. A malicious local unprivileged user may gain knowledge of sensitive information, manipulate certain data, or assume super-user privileges on the local client host.7.8https://nvd.nist.gov/vuln/detail/CVE-2018-5546
CVE-2018-16962Webroot SecureAnywhere before 9.0.8.34 on macOS mishandles access to the driver by a process that lacks root privileges.7.8https://nvd.nist.gov/vuln/detail/CVE-2018-16962
CVE-2018-6084Insufficiently sanitized distributed objects in Updater in Google Chrome on macOS prior to 66.0.3359.117 allowed a local attacker to execute arbitrary code via an executable file.7.8https://nvd.nist.gov/vuln/detail/CVE-2018-6084
CVE-2018-18333A DLL hijacking vulnerability in Trend Micro Security 2019 (Consumer) versions below 15.0.0.1163 and below could allow an attacker to manipulate a specific DLL and escalate privileges on vulnerable installations.7.8https://nvd.nist.gov/vuln/detail/CVE-2018-18333
CVE-2019-5780Insufficient restrictions on what can be done with Apple Events in Google Chrome on macOS prior to 72.0.3626.81 allowed a local attacker to execute JavaScript via Apple Events.7.8https://nvd.nist.gov/vuln/detail/CVE-2019-5780
CVE-2019-9135DaviewIndy 8.98.7 and earlier versions have a Heap-based overflow vulnerability, triggered when the user opens a malformed DIB format file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution.7.8https://nvd.nist.gov/vuln/detail/CVE-2019-9135
CVE-2019-9136DaviewIndy 8.98.7 and earlier versions have a Heap-based overflow vulnerability, triggered when the user opens a malformed JPEG2000 format file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution.7.8https://nvd.nist.gov/vuln/detail/CVE-2019-9136
CVE-2019-9847A vulnerability in LibreOffice hyperlink processing allows an attacker to construct documents containing hyperlinks pointing to the location of an executable on the target users file system. If the hyperlink is activated by the victim the executable target is unconditionally launched. Under Windows and macOS when processing a hyperlink target explicitly activated by the user there was no judgment made on whether the target was an executable file, so such executable targets were launched unconditionally. This issue affects: All LibreOffice Windows and macOS versions prior to 6.1.6; LibreOffice Windows and macOS versions in the 6.2 series prior to 6.2.3.7.8https://nvd.nist.gov/vuln/detail/CVE-2019-9847
CVE-2019-8342A Local Privilege Escalation in libqcocoa.dylib in Foxit Reader 3.1.0.0111 on macOS has been discovered due to an incorrect permission set.7.8https://nvd.nist.gov/vuln/detail/CVE-2019-8342
CVE-2019-12576A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for macOS could allow an authenticated, local attacker to run arbitrary code with elevated privileges. The openvpn_launcher binary is setuid root. This program is called during the connection process and executes several operating system utilities to configure the system. The networksetup utility is called using relative paths. A local unprivileged user can execute arbitrary commands as root by creating a networksetup trojan which will be executed during the connection process. This is possible because the PATH environment variable is not reset prior to executing the OS utility.7.8https://nvd.nist.gov/vuln/detail/CVE-2019-12576
CVE-2019-12577A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for macOS could allow an authenticated, local attacker to run arbitrary code with elevated privileges. The macOS binary openvpn_launcher.64 is setuid root. This binary creates /tmp/pia_upscript.sh when executed. Because the file creation mask (umask) is not reset, the umask value is inherited from the calling process. This value can be manipulated to cause the privileged binary to create files with world writable permissions. A local unprivileged user can modify /tmp/pia_upscript.sh during the connect process to execute arbitrary code as the root user.7.8https://nvd.nist.gov/vuln/detail/CVE-2019-12577
CVE-2019-12579A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for Linux and macOS could allow an authenticated, local attacker to run arbitrary code with elevated privileges. The PIA Linux/macOS binary openvpn_launcher.64 binary is setuid root. This binary accepts several parameters to update the system configuration. These parameters are passed to operating system commands using a "here" document. The parameters are not sanitized, which allow for arbitrary commands to be injected using shell metacharacters. A local unprivileged user can pass special crafted parameters that will be interpolated by the operating system calls.7.8https://nvd.nist.gov/vuln/detail/CVE-2019-12579
CVE-2019-10882The Netskope client service, v57 before 57.2.0.219 and v60 before 60.2.0.214, running with NT\\SYSTEM privilege, accepts network connections from localhost. The connection handling function in this service suffers from a stack based buffer overflow in "doHandshakefromServer" function. Local users can use this vulnerability to trigger a crash of the service and potentially cause additional impact on the system.7.8https://nvd.nist.gov/vuln/detail/CVE-2019-10882
CVE-2019-5012An exploitable privilege escalation vulnerability exists in the Wacom, driver version 6.3.32-3, update helper service in the startProcess command. The command takes a user-supplied script argument and executes it under root context. A user with local access can use this vulnerability to raise their privileges to root. An attacker would need local access to the machine for a successful exploit.7.8https://nvd.nist.gov/vuln/detail/CVE-2019-5012
CVE-2019-5013An exploitable privilege escalation vulnerability exists in the Wacom, driver version 6.3.32-3, update helper service in the start/stopLaunchDProcess command. The command takes a user-supplied string argument and executes launchctl under root context. A user with local access can use this vulnerability to raise load arbitrary launchD agents. An attacker would need local access to the machine for a successful exploit.7.8https://nvd.nist.gov/vuln/detail/CVE-2019-5013
CVE-2019-18631The Windows component of Centrify Authentication and Privilege Elevation Services 3.4.0, 3.4.1, 3.4.2, 3.4.3, 3.5.0, 3.5.1 (18.8), 3.5.2 (18.11), and 3.6.0 (19.6) does not properly handle an unspecified exception during use of partially trusted assemblies to serialize input data, which allows attackers to execute arbitrary code inside the Centrify process via (1) a crafted application that makes a pipe connection to the process and sends malicious serialized data or (2) a crafted Microsoft Management Console snap-in control file.7.8https://nvd.nist.gov/vuln/detail/CVE-2019-18631
CVE-2019-7960Adobe Animate CC versions 19.2.1 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation.7.8https://nvd.nist.gov/vuln/detail/CVE-2019-7960
CVE-2019-7962Adobe Illustrator CC versions 23.1 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation.7.8https://nvd.nist.gov/vuln/detail/CVE-2019-7962
CVE-2019-17387An authentication flaw in the AVPNC_RP service in Aviatrix VPN Client through 2.2.10 allows an attacker to gain elevated privileges through arbitrary code execution on Windows, Linux, and macOS.7.8https://nvd.nist.gov/vuln/detail/CVE-2019-17387
CVE-2019-8253Adobe Photoshop CC versions before 20.0.8 and 21.0.x before 21.0.2 have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.7.8https://nvd.nist.gov/vuln/detail/CVE-2019-8253
CVE-2019-8254Adobe Photoshop CC versions before 20.0.8 and 21.0.x before 21.0.2 have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.7.8https://nvd.nist.gov/vuln/detail/CVE-2019-8254
CVE-2020-5180Viscosity 1.8.2 on Windows and macOS allows an unprivileged user to set a subset of OpenVPN parameters, which can be used to load a malicious library into the memory of the OpenVPN process, leading to limited local privilege escalation. (When a VPN connection is initiated using a TLS/SSL client profile, the privileges are dropped, and the library will be loaded, resulting in arbitrary code execution as a user with limited privileges. This greatly reduces the impact of the vulnerability.)7.8https://nvd.nist.gov/vuln/detail/CVE-2020-5180
CVE-2019-3697UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of gnump3d in openSUSE Leap 15.1 allows local attackers to escalate from user gnump3d to root. This issue affects: openSUSE Leap 15.1 gnump3d version 3.0-lp151.2.1 and prior versions.7.8https://nvd.nist.gov/vuln/detail/CVE-2019-3697
CVE-2019-3699UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of privoxy on openSUSE Leap 15.1, Factory allows local attackers to escalate from user privoxy to root. This issue affects: openSUSE Leap 15.1 privoxy version 3.0.28-lp151.1.1 and prior versions. openSUSE Factory privoxy version 3.0.28-2.1 and prior versions.7.8https://nvd.nist.gov/vuln/detail/CVE-2019-3699
CVE-2020-3748Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .7.8https://nvd.nist.gov/vuln/detail/CVE-2020-3748
CVE-2019-20044In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIVILEGED option. Zsh fails to overwrite the saved uid, so the original privileges can be restored by executing MODULE_PATH=/dir/with/module zmodload with a module that calls setuid().7.8https://nvd.nist.gov/vuln/detail/CVE-2019-20044
CVE-2019-4000Improper neutralization of directives in dynamically evaluated code in Druva inSync Mac OS Client 6.5.0 allows a local, authenticated attacker to execute arbitrary Python expressions with root privileges.7.8https://nvd.nist.gov/vuln/detail/CVE-2019-4000
CVE-2020-0822An elevation of privilege vulnerability exists when the Windows Language Pack Installer improperly handles file operations, aka 'Windows Language Pack Installer Elevation of Privilege Vulnerability'.7.8https://nvd.nist.gov/vuln/detail/CVE-2020-0822
CVE-2019-20326A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg() in extensions/cairo_io/cairo-image-surface-jpeg.c in GNOME gThumb before 3.8.3 and Linux Mint Pix before 2.4.5 allows attackers to cause a crash and potentially execute arbitrary code via a crafted JPEG file.7.8https://nvd.nist.gov/vuln/detail/CVE-2019-20326
CVE-2020-3950VMware Fusion (11.x before 11.5.2), VMware Remote Console for Mac (11.x and prior before 11.0.1) and Horizon Client for Mac (5.x and prior before 5.4.0) contain a privilege escalation vulnerability due to improper use of setuid binaries. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to root on the system where Fusion, VMRC or Horizon Client is installed.7.8https://nvd.nist.gov/vuln/detail/CVE-2020-3950
CVE-2020-3803Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation.7.8https://nvd.nist.gov/vuln/detail/CVE-2020-3803
CVE-2020-10699A flaw was found in Linux, in targetcli-fb versions 2.1.50 and 2.1.51 where the socket used by targetclid was world-writable. If a system enables the targetclid socket, a local attacker can use this flaw to modify the iSCSI configuration and escalate their privileges to root.7.8https://nvd.nist.gov/vuln/detail/CVE-2020-10699
CVE-2019-5618A-PDF WAV to MP3 version 1.0.0 suffers from an instance of CWE-121: Stack-based Buffer Overflow.7.8https://nvd.nist.gov/vuln/detail/CVE-2019-5618
CVE-2019-5621ABBS Software Audio Media Player version 3.1 suffers from an instance of CWE-121: Stack-based Buffer Overflow.7.8https://nvd.nist.gov/vuln/detail/CVE-2019-5621
CVE-2020-7288Privilege Escalation vulnerability in McAfee Exploit Detection and Response (EDR) for Mac prior to 3.1.0 Hotfix 1 allows a malicious script or program to perform functions that the local executing user has not been granted access to.7.8https://nvd.nist.gov/vuln/detail/CVE-2020-7288
CVE-2020-7291Privilege Escalation vulnerability in McAfee Active Response (MAR) for Mac prior to 2.4.3 Hotfix 1 allows a malicious script or program to perform functions that the local executing user has not been granted access to.7.8https://nvd.nist.gov/vuln/detail/CVE-2020-7291
CVE-2020-9662Adobe After Effects versions 17.1 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .7.8https://nvd.nist.gov/vuln/detail/CVE-2020-9662
CVE-2019-8066Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution .7.8https://nvd.nist.gov/vuln/detail/CVE-2019-8066
CVE-2019-8249Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution .7.8https://nvd.nist.gov/vuln/detail/CVE-2019-8249
CVE-2019-8250Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution .7.8https://nvd.nist.gov/vuln/detail/CVE-2019-8250
CVE-2020-3974VMware Fusion (11.x before 11.5.5), VMware Remote Console for Mac (11.x and prior before 11.2.0 ) and Horizon Client for Mac (5.x and prior before 5.4.3) contain a privilege escalation vulnerability due to improper XPC Client validation. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to root on the system where Fusion, VMware Remote Console for Mac or Horizon Client for Mac is installed.7.8https://nvd.nist.gov/vuln/detail/CVE-2020-3974
CVE-2020-9698Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have a buffer error vulnerability. Successful exploitation could lead to arbitrary code execution .7.8https://nvd.nist.gov/vuln/detail/CVE-2020-9698
CVE-2020-9699Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have a buffer error vulnerability. Successful exploitation could lead to arbitrary code execution .7.8https://nvd.nist.gov/vuln/detail/CVE-2020-9699
CVE-2020-9700Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have a buffer error vulnerability. Successful exploitation could lead to arbitrary code execution .7.8https://nvd.nist.gov/vuln/detail/CVE-2020-9700
CVE-2020-9701Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have a buffer error vulnerability. Successful exploitation could lead to arbitrary code execution .7.8https://nvd.nist.gov/vuln/detail/CVE-2020-9701
CVE-2020-9693Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .7.8https://nvd.nist.gov/vuln/detail/CVE-2020-9693
CVE-2020-9694Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .7.8https://nvd.nist.gov/vuln/detail/CVE-2020-9694
CVE-2020-9704Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have a buffer error vulnerability. Successful exploitation could lead to arbitrary code execution .7.8https://nvd.nist.gov/vuln/detail/CVE-2020-9704
CVE-2020-9714Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have a security bypass vulnerability. Successful exploitation could lead to privilege escalation .7.8https://nvd.nist.gov/vuln/detail/CVE-2020-9714
CVE-2020-9715Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution .7.8https://nvd.nist.gov/vuln/detail/CVE-2020-9715
CVE-2020-9722Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution .7.8https://nvd.nist.gov/vuln/detail/CVE-2020-9722
CVE-2020-24559A vulnerability in Trend Micro Apex One, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services on macOS may allow an attacker to manipulate a certain binary to load and run a script from a user-writable folder, which then would allow them to execute arbitrary code as root. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.7.8https://nvd.nist.gov/vuln/detail/CVE-2020-24559
CVE-2020-9727A memory corruption vulnerability exists in InDesign 15.1.1 (and earlier versions). Insecure handling of a malicious indd file could be abused to cause an out-of-bounds memory access, potentially resulting in code execution in the context of the current user.7.8https://nvd.nist.gov/vuln/detail/CVE-2020-9727
CVE-2020-9728A memory corruption vulnerability exists in InDesign 15.1.1 (and earlier versions). Insecure handling of a malicious indd file could be abused to cause an out-of-bounds memory access, potentially resulting in code execution in the context of the current user.7.8https://nvd.nist.gov/vuln/detail/CVE-2020-9728
CVE-2020-9729A memory corruption vulnerability exists in InDesign 15.1.1 (and earlier versions). Insecure handling of a malicious indd file could be abused to cause an out-of-bounds memory access, potentially resulting in code execution in the context of the current user.7.8https://nvd.nist.gov/vuln/detail/CVE-2020-9729
CVE-2020-9730A memory corruption vulnerability exists in InDesign 15.1.1 (and earlier versions). Insecure handling of a malicious indd file could be abused to cause an out-of-bounds memory access, potentially resulting in code execution in the context of the current user.7.8https://nvd.nist.gov/vuln/detail/CVE-2020-9730
CVE-2020-9731A memory corruption vulnerability exists in InDesign 15.1.1 (and earlier versions). Insecure handling of a malicious indd file could be abused to cause an out-of-bounds memory access, potentially resulting in code execution in the context of the current user.7.8https://nvd.nist.gov/vuln/detail/CVE-2020-9731
CVE-2020-4607IBM Security Secret Server (IBM Security Verify Privilege Vault Remote 1.2 ) could allow a local user to bypass security restrictions due to improper input validation. IBM X-Force ID: 184884.7.8https://nvd.nist.gov/vuln/detail/CVE-2020-4607
CVE-2020-24412Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory corruption vulnerability that occurs when parsing a specially crafted .svg file. This could result in arbitrary code execution in the context of the current user. This vulnerability requires user interaction to exploit.7.8https://nvd.nist.gov/vuln/detail/CVE-2020-24412
CVE-2020-24413Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory corruption vulnerability that occurs when parsing a specially crafted .svg file. This could result in arbitrary code execution in the context of the current user. This vulnerability requires user interaction to exploit.7.8https://nvd.nist.gov/vuln/detail/CVE-2020-24413
CVE-2020-24414Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory corruption vulnerability that occurs when parsing a specially crafted .svg file. This could result in arbitrary code execution in the context of the current user. This vulnerability requires user interaction to exploit.7.8https://nvd.nist.gov/vuln/detail/CVE-2020-24414
CVE-2020-24415Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory corruption vulnerability that occurs when parsing a specially crafted .svg file. This could result in arbitrary code execution in the context of the current user. This vulnerability requires user interaction to exploit.7.8https://nvd.nist.gov/vuln/detail/CVE-2020-24415
CVE-2020-9748Adobe Animate version 20.5 (and earlier) is affected by a stack overflow vulnerability, which could lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .fla file in Animate.7.8https://nvd.nist.gov/vuln/detail/CVE-2020-9748
CVE-2020-24424Adobe Premiere Pro version 14.4 (and earlier) is affected by an uncontrolled search path element that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2020-24424
CVE-2020-24425Dreamweaver version 20.2 (and earlier) is affected by an uncontrolled search path element vulnerability that could lead to privilege escalation. Successful exploitation could result in a local user with permissions to write to the file system running system commands with administrator privileges.7.8https://nvd.nist.gov/vuln/detail/CVE-2020-24425
CVE-2020-24429Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) for macOS are affected by a signature verification bypass that could result in local privilege escalation. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2020-24429
CVE-2020-24430Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a use-after-free vulnerability when handling malicious JavaScript. This vulnerability could result in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2020-24430
CVE-2020-24432Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) and Adobe Acrobat Pro DC 2017.011.30175 (and earlier) are affected by an improper input validation vulnerability that could result in arbitrary JavaScript execution in the context of the current user. To exploit this issue, an attacker must acquire and then modify a certified PDF document that is trusted by the victim. The attacker then needs to convince the victim to open the document.7.8https://nvd.nist.gov/vuln/detail/CVE-2020-24432
CVE-2020-24433Adobe Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a local privilege escalation vulnerability that could enable a user without administrator privileges to delete arbitrary files and potentially execute arbitrary code as SYSTEM. Exploitation of this issue requires an attacker to socially engineer a victim, or the attacker must already have some access to the environment.7.8https://nvd.nist.gov/vuln/detail/CVE-2020-24433
CVE-2020-24435Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a heap-based buffer overflow vulnerability in the submitForm function, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .pdf file in Acrobat Reader.7.8https://nvd.nist.gov/vuln/detail/CVE-2020-24435
CVE-2020-24436Acrobat Pro DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an out-of-bounds write vulnerability that could result in writing past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. This vulnerability requires user interaction to exploit in that the victim must open a malicious document.7.8https://nvd.nist.gov/vuln/detail/CVE-2020-24436
CVE-2020-24437Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2020-24437
CVE-2020-5794A vulnerability in Nessus Network Monitor versions 5.11.0, 5.11.1, and 5.12.0 for Windows could allow an authenticated local attacker to execute arbitrary code by copying user-supplied files to a specially constructed path in a specifically named user directory. The attacker needs valid credentials on the Windows system to exploit this vulnerability.7.8https://nvd.nist.gov/vuln/detail/CVE-2020-5794
CVE-2020-13493A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. A specially crafted USDC file format path jumps decompression heap overflow in a way path jumps are processed. To trigger this vulnerability, the victim needs to open an attacker-provided malformed file.7.8https://nvd.nist.gov/vuln/detail/CVE-2020-13493
CVE-2020-24676In Symphony Plus Operations and Symphony Plus Historian, some services can be vulnerable to privilege escalation attacks. An unprivileged (but authenticated) user could execute arbitrary code and result in privilege escalation, depending on the user that the service runs as.7.8https://nvd.nist.gov/vuln/detail/CVE-2020-24676
CVE-2020-35931An issue was discovered in Foxit Reader before 10.1.1 (and before 4.1.1 on macOS) and PhantomPDF before 9.7.5 and 10.x before 10.1.1 (and before 4.1.1 on macOS). An attacker can spoof a certified PDF document via an Evil Annotation Attack because the products fail to consider a null value for a Subtype entry of the Annotation dictionary, in an incremental update.7.8https://nvd.nist.gov/vuln/detail/CVE-2020-35931
CVE-2021-23240selinux_edit_copy_tfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate privileges by replacing a temporary file with a symlink to an arbitrary file target. This affects SELinux RBAC support in permissive mode. Machines without SELinux are not vulnerable.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-23240
CVE-2020-25238A vulnerability has been identified in PCS neo (Administration Console) (All versions < V3.1), TIA Portal (V15, V15.1 and V16). Manipulating certain files in specific folders could allow a local attacker to execute code with SYSTEM privileges. The security vulnerability could be exploited by an attacker with a valid account and limited access rights on the system.7.8https://nvd.nist.gov/vuln/detail/CVE-2020-25238
CVE-2020-26191Dell EMC PowerScale OneFS versions 8.1.0 - 9.1.0 contain a privilege escalation vulnerability. A user with ISI_PRIV_JOB_ENGINE may use the PermissionRepair job to grant themselves the highest level of RBAC privileges thus being able to read arbitrary data, tamper with system software or deny service to users.7.8https://nvd.nist.gov/vuln/detail/CVE-2020-26191
CVE-2021-21036Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Integer Overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-21036
CVE-2021-21037Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Path Traversal vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-21037
CVE-2021-21038Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Write vulnerability when parsing a crafted jpeg file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-21038
CVE-2021-21039Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-21039
CVE-2021-21040Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-21040
CVE-2021-21041Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a use-after-free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-21041
CVE-2021-21044Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Write vulnerability when parsing a crafted jpeg file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-21044
CVE-2021-21047Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) are affected by an Out-of-bounds Write vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-21047
CVE-2021-21048Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) are affected by a Memory Corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file7.8https://nvd.nist.gov/vuln/detail/CVE-2021-21048
CVE-2021-21049Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) are affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-21049
CVE-2021-21050Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) are affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-21050
CVE-2021-21051Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted javascript file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-21051
CVE-2021-21054Adobe Illustrator version 25.1 (and earlier) is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-21054
CVE-2021-21058Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-21058
CVE-2021-21059Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-21059
CVE-2021-21062Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-21062
CVE-2021-21063Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-21063
CVE-2021-26898Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26872, CVE-2021-26901.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-26898
CVE-2021-26899Windows UPnP Device Host Elevation of Privilege Vulnerability7.8https://nvd.nist.gov/vuln/detail/CVE-2021-26899
CVE-2021-26901Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26872, CVE-2021-26898.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-26901
CVE-2021-21067Adobe Photoshop versions 21.2.5 (and earlier) and 22.2 (and earlier) are affected by an Out-of-bounds Write vulnerability in the CoolType library. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-21067
CVE-2021-21069Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by a local privilege escalation vulnerability that could allow an attacker to call functions against the installer to perform high privileged actions. Exploitation of this issue does not require user interaction.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-21069
CVE-2021-21100Adobe Digital Editions version 4.5.11.187245 (and earlier) is affected by a Privilege Escalation vulnerability during installation. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary file system write in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-21100
CVE-2021-28548Adobe Photoshop versions 21.2.6 (and earlier) and 22.3 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted JSX file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-28548
CVE-2021-28549Adobe Photoshop versions 21.2.6 (and earlier) and 22.3 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted JSX file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-28549
CVE-2020-9668Adobe Genuine Service version 6.6 (and earlier) is affected by an Improper Access control vulnerability when handling symbolic links. An unauthenticated attacker could exploit this to elevate privileges in the context of the current user.7.8https://nvd.nist.gov/vuln/detail/CVE-2020-9668
CVE-2021-31607In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exists in the snapper module that allows for local privilege escalation on a minion. The attack requires that a file is created with a pathname that is backed up by snapper, and that the master calls the snapper.diff function (which executes popen unsafely).7.8https://nvd.nist.gov/vuln/detail/CVE-2021-31607
CVE-2021-20294A flaw was found in binutils readelf 2.35 program. An attacker who is able to convince a victim using readelf to read a crafted file could trigger a stack buffer overflow, out-of-bounds write of arbitrary data supplied by the attacker. The highest impact of this flaw is to confidentiality, integrity, and availability.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-20294
CVE-2021-3516There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-3516
CVE-2021-3489The eBPF RINGBUF bpf_ringbuf_reserve() function in the Linux kernel did not check that the allocated size was smaller than the ringbuf size, allowing an attacker to perform out-of-bounds writes within the kernel and therefore, arbitrary code execution. This issue was fixed via commit 4b81ccebaeee ("bpf, ringbuf: Deny reserve of buffers larger than ringbuf") (v5.13-rc4) and backported to the stable kernels in v5.12.4, v5.11.21, and v5.10.37. It was introduced via 457f44363a88 ("bpf: Implement BPF ring buffer and verifier support for it") (v5.8-rc1).7.8https://nvd.nist.gov/vuln/detail/CVE-2021-3489
CVE-2021-3490The eBPF ALU32 bounds tracking for bitwise ops (AND, OR and XOR) in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of bounds reads and writes in the Linux kernel and therefore, arbitrary code execution. This issue was fixed via commit 049c4e13714e ("bpf: Fix alu32 const subreg bound tracking on bitwise operations") (v5.13-rc4) and backported to the stable kernels in v5.12.4, v5.11.21, and v5.10.37. The AND/OR issues were introduced by commit 3f50f132d840 ("bpf: Verifier, do explicit ALU32 bounds tracking") (5.7-rc1) and the XOR variant was introduced by 2921c90d4718 ("bpf:Fix a verifier failure with xor") ( 5.10-rc1).7.8https://nvd.nist.gov/vuln/detail/CVE-2021-3490
CVE-2021-31969Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability7.8https://nvd.nist.gov/vuln/detail/CVE-2021-31969
CVE-2021-22555A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space7.8https://nvd.nist.gov/vuln/detail/CVE-2021-22555
CVE-2021-0586In onCreate of DevicePickerFragment.java, there is a possible way to trick the user to select an unwanted bluetooth device due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-1825849407.8https://nvd.nist.gov/vuln/detail/CVE-2021-0586
CVE-2021-33909fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-33909
CVE-2021-30577Insufficient policy enforcement in Installer in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to perform local privilege escalation via a crafted file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-30577
CVE-2021-38166In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds write when many elements are placed in a single bucket. NOTE: exploitation might be impractical without the CAP_SYS_ADMIN capability.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-38166
CVE-2021-0084Improper input validation in the Intel(R) Ethernet Controllers X722 and 800 series Linux RMDA driver before version 1.3.19 may allow an authenticated user to potentially enable escalation of privilege via local access.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-0084
CVE-2021-37694@asyncapi/java-spring-cloud-stream-template generates a Spring Cloud Stream (SCSt) microservice. In versions prior to 0.7.0 arbitrary code injection was possible when an attacker controls the AsyncAPI document. An example is provided in GHSA-xj6r-2jpm-qvxp. There are no mitigations available and all users are advised to update.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-37694
CVE-2021-36770Encode.pm, as distributed in Perl through 5.34.0, allows local users to gain privileges via a Trojan horse Encode::ConfigLocal library (in the current working directory) that preempts dynamic module loading. Exploitation requires an unusual configuration, and certain 2021 versions of Encode.pm (3.05 through 3.11). This issue occurs because the || operator evaluates @INC in a scalar context, and thus @INC has only an integer value.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-36770
CVE-2021-28551Acrobat Reader DC versions versions 2021.001.20155 (and earlier), 2020.001.30025 (and earlier) and 2017.011.30196 (and earlier) are affected by an Out-of-bounds read vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-28551
CVE-2021-28552Acrobat Reader DC versions versions 2021.001.20155 (and earlier), 2020.001.30025 (and earlier) and 2017.011.30196 (and earlier) are affected by an Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-28552
CVE-2021-28554Acrobat Reader DC versions versions 2021.001.20155 (and earlier), 2020.001.30025 (and earlier) and 2017.011.30196 (and earlier) are affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-28554
CVE-2021-28631Acrobat Reader DC versions versions 2021.001.20155 (and earlier), 2020.001.30025 (and earlier) and 2017.011.30196 (and earlier) are affected by an Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-28631
CVE-2021-28632Acrobat Reader DC versions versions 2021.001.20155 (and earlier), 2020.001.30025 (and earlier) and 2017.011.30196 (and earlier) are affected by an Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-28632
CVE-2021-30860An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-30860
CVE-2021-28697grant table v2 status pages may remain accessible after de-allocation Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated when a guest switched (back) from v2 to v1. The freeing of such pages requires that the hypervisor know where in the guest these pages were mapped. The hypervisor tracks only one use within guest space, but racing requests from the guest to insert mappings of these pages may result in any of them to become mapped in multiple locations. Upon switching back from v2 to v1, the guest would then retain access to a page that was freed and perhaps re-used for other purposes.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-28697
CVE-2021-29631In FreeBSD 13.0-STABLE before n246941-20f96f215562, 12.2-STABLE before r370400, 11.4-STABLE before r370399, 13.0-RELEASE before p4, 12.2-RELEASE before p10, and 11.4-RELEASE before p13, certain VirtIO-based device models in bhyve failed to handle errors when fetching I/O descriptors. A malicious guest may cause the device model to operate on uninitialized I/O vectors leading to memory corruption, crashing of the bhyve process, and possibly arbitrary code execution in the bhyve process.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-29631
CVE-2021-33019A stack-based buffer overflow vulnerability in Delta Electronics DOPSoft Version 4.00.11 and prior may be exploited by processing a specially crafted project file, which may allow an attacker to execute arbitrary code.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-33019
CVE-2021-39134`@npmcli/arborist`, the library that calculates dependency trees and manages the `node_modules` folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed into the expected folder. This is, in part, accomplished by resolving dependency specifiers defined in `package.json` manifests for dependencies with a specific name, and nesting folders to resolve conflicting dependencies. When multiple dependencies differ only in the case of their name, Arborist's internal data structure saw them as separate items that could coexist within the same level in the `node_modules` hierarchy. However, on case-insensitive file systems (such as macOS and Windows), this is not the case. Combined with a symlink dependency such as `file:/some/path`, this allowed an attacker to create a situation in which arbitrary contents could be written to any location on the filesystem. For example, a package `pwn-a` could define a dependency in their `package.json` file such as `"foo": "file:/some/path"`. Another package, `pwn-b` could define a dependency such as `FOO: "file:foo.tgz"`. On case-insensitive file systems, if `pwn-a` was installed, and then `pwn-b` was installed afterwards, the contents of `foo.tgz` would be written to `/some/path`, and any existing contents of `/some/path` would be removed. Anyone using npm v7.20.6 or earlier on a case-insensitive filesystem is potentially affected. This is patched in @npmcli/arborist 2.8.2 which is included in npm v7.20.7 and above.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-39134
CVE-2021-39135`@npmcli/arborist`, the library that calculates dependency trees and manages the node_modules folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed into the expected folder. This is accomplished by extracting package contents into a project's `node_modules` folder. If the `node_modules` folder of the root project or any of its dependencies is somehow replaced with a symbolic link, it could allow Arborist to write package dependencies to any arbitrary location on the file system. Note that symbolic links contained within package artifact contents are filtered out, so another means of creating a `node_modules` symbolic link would have to be employed. 1. A `preinstall` script could replace `node_modules` with a symlink. (This is prevented by using `--ignore-scripts`.) 2. An attacker could supply the target with a git repository, instructing them to run `npm install --ignore-scripts` in the root. This may be successful, because `npm install --ignore-scripts` is typically not capable of making changes outside of the project directory, so it may be deemed safe. This is patched in @npmcli/arborist 2.8.2 which is included in npm v7.20.7 and above. For more information including workarounds please see the referenced GHSA-gmw6-94gg-2rc2.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-39135
CVE-2021-36235An issue was discovered in Ivanti Workspace Control before 10.6.30.0. A locally authenticated user with low privileges can bypass File and Folder Security by leveraging an unspecified attack vector. As a result, the attacker can start applications with elevated privileges.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-36235
CVE-2021-39373Samsung Drive Manager 2.0.104 on Samsung H3 devices allows attackers to bypass intended access controls on disk management. WideCharToMultiByte, WideCharStr, and MultiByteStr can contribute to password exposure.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-39373
CVE-2021-36046XMP Toolkit version 2020.1 (and earlier) is affected by a memory corruption vulnerability, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-36046
CVE-2021-36047XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Improper Input Validation vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-36047
CVE-2021-36048XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Improper Input Validation vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-36048
CVE-2021-36049Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious Bridge file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-36049
CVE-2021-36050XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-36050
CVE-2021-36052XMP Toolkit version 2020.1 (and earlier) is affected by a memory corruption vulnerability, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-36052
CVE-2021-36055XMP Toolkit SDK versions 2020.1 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-36055
CVE-2021-36056XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-36056
CVE-2021-36059Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious Bridge file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-36059
CVE-2021-36064XMP Toolkit version 2020.1 (and earlier) is affected by a Buffer Underflow vulnerability which could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-36064
CVE-2021-36065Adobe Photoshop versions 21.2.10 (and earlier) and 22.4.3 (and earlier) are affected by a heap-based buffer overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-36065
CVE-2021-36066Adobe Photoshop versions 21.2.10 (and earlier) and 22.4.3 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-36066
CVE-2021-36067Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious Bridge file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-36067
CVE-2021-36068Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious Bridge file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-36068
CVE-2021-36069Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious Bridge file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-36069
CVE-2021-36070Adobe Media Encoder version 15.1 (and earlier) is affected by an improper memory access vulnerability when parsing a crafted .SVG file. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-36070
CVE-2021-36072Adobe Bridge versions 11.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-36072
CVE-2021-36073Adobe Bridge version 11.1 (and earlier) is affected by a heap-based buffer overflow vulnerability when parsing a crafted .SGI file. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-36073
CVE-2021-36075Adobe Bridge version 11.1 (and earlier) is affected by a Buffer Overflow vulnerability due to insecure handling of a malicious Bridge file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-36075
CVE-2021-36076Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious Bridge file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-36076
CVE-2021-36078Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious Bridge file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-36078
CVE-2021-36079Adobe Bridge version 11.1 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted .SGI file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-36079
CVE-2021-39816Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious Bridge file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-39816
CVE-2021-39817Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious Bridge file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-39817
CVE-2021-39847XMP Toolkit SDK version 2020.1 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-39847
CVE-2021-21086Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Write vulnerability in the CoolType library. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-21086
CVE-2021-22775A CWE-427: Uncontrolled Search Path Element vulnerability exists in GP-Pro EX,V4.09.250 and prior, that could cause local code execution with elevated privileges when installing the software.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-22775
CVE-2021-35993Adobe After Effects version 18.2.1 (and earlier) is affected by an out-of-bounds Write vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-35993
CVE-2021-35994Adobe After Effects version 18.2.1 (and earlier) is affected by an out-of-bounds Write vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-35994
CVE-2021-35996Adobe After Effects version 18.2.1 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-35996
CVE-2021-36017Adobe After Effects version 18.2.1 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-36017
CVE-2021-32568mrdoc is vulnerable to Deserialization of Untrusted Data7.8https://nvd.nist.gov/vuln/detail/CVE-2021-32568
CVE-2021-36744Trend Micro Security (Consumer) 2021 and 2020 are vulnerable to a directory junction vulnerability which could allow an attacker to exploit the system to escalate privileges and create a denial of service.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-36744
CVE-2021-3770vim is vulnerable to Heap-based Buffer Overflow7.8https://nvd.nist.gov/vuln/detail/CVE-2021-3770
CVE-2021-1923Incorrect pointer argument passed to trusted application TA could result in un-intended memory operations in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT7.8https://nvd.nist.gov/vuln/detail/CVE-2021-1923
CVE-2021-28580Medium by Adobe version 2.4.5.331 (and earlier) is affected by a buffer overflow vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve remote code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-28580
CVE-2021-30724This issue was addressed with improved checks. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. A local attacker may be able to elevate their privileges.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-30724
CVE-2021-30735A malicious application may be able to execute arbitrary code with kernel privileges. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. An out-of-bounds write issue was addressed with improved bounds checking.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-30735
CVE-2021-30736A buffer overflow was addressed with improved size validation. This issue is fixed in macOS Big Sur 11.4, tvOS 14.6, watchOS 7.5, iOS 14.6 and iPadOS 14.6. An application may be able to execute arbitrary code with kernel privileges.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-30736
CVE-2021-30739A local attacker may be able to elevate their privileges. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. A memory corruption issue was addressed with improved validation.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-30739
CVE-2021-30740A logic issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.4, tvOS 14.6, watchOS 7.5, iOS 14.6 and iPadOS 14.6. A malicious application may be able to execute arbitrary code with kernel privileges.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-30740
CVE-2021-30742A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 14.5 and iPadOS 14.5. Processing a maliciously crafted audio file may lead to arbitrary code execution.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-30742
CVE-2021-30743An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4, Security Update 2021-003 Catalina, tvOS 14.5, macOS Big Sur 11.3. Processing a maliciously crafted image may lead to arbitrary code execution.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-30743
CVE-2021-30759A stack overflow was addressed with improved input validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. Processing a maliciously crafted font file may lead to arbitrary code execution.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-30759
CVE-2021-30764Processing a maliciously crafted file may lead to arbitrary code execution. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. This issue was addressed with improved checks.7.8https://nvd.nist.gov/vuln/detail/CVE-2021-30764
CVE-2016-4514Moxa PT-7728 devices with software 3.4 build 15081113 allow remote authenticated users to change the configuration via vectors involving a local proxy.7.7https://nvd.nist.gov/vuln/detail/CVE-2016-4514
CVE-2019-6257A Server Side Request Forgery (SSRF) vulnerability in elFinder before 2.1.46 could allow a malicious user to access the content of internal network resources. This occurs in get_remote_contents() in php/elFinder.class.php.7.7https://nvd.nist.gov/vuln/detail/CVE-2019-6257
CVE-2020-24428Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) for macOS are affected by a time-of-check time-of-use (TOCTOU) race condition vulnerability that could result in local privilege escalation. Exploitation of this issue requires user interaction in that a victim must open a malicious file.7.7https://nvd.nist.gov/vuln/detail/CVE-2020-24428
CVE-2015-8799Directory traversal vulnerability in the Management Server in Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x before 1.0 MP5, Embedded Security: Critical System Protection for Controllers and Devices (SES:CSP) 6.5.0 before MP1, Critical System Protection (SCSP) before 5.2.9 MP6, Data Center Security: Server Advanced Server (DCS:SA) 6.x before 6.5 MP1 and 6.6 before MP1, and Data Center Security: Server Advanced Server and Agents (DCS:SA) through 6.6 MP1 allows remote authenticated users to write update-package data to arbitrary agent locations via unspecified vectors.7.6https://nvd.nist.gov/vuln/detail/CVE-2015-8799
CVE-2021-39201WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. ### Impact The issue allows an authenticated but low-privileged user (like contributor/author) to execute XSS in the editor. This bypasses the restrictions imposed on users who do not have the permission to post `unfiltered_html`. ### Patches This has been patched in WordPress 5.8, and will be pushed to older versions via minor releases (automatic updates). It's strongly recommended that you keep auto-updates enabled to receive the fix. ### References https://wordpress.org/news/category/releases/ https://hackerone.com/reports/1142140 ### For more information If you have any questions or comments about this advisory: * Open an issue in [HackerOne](https://hackerone.com/wordpress)7.6https://nvd.nist.gov/vuln/detail/CVE-2021-39201
CVE-2021-39202WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions the widgets editor introduced in WordPress 5.8 beta 1 has improper handling of HTML input in the Custom HTML feature. This leads to stored XSS in the custom HTML widget. This has been patched in WordPress 5.8. It was only present during the testing/beta phase of WordPress 5.8.7.6https://nvd.nist.gov/vuln/detail/CVE-2021-39202
CVE-2016-4074The jv_dump_term function in jq 1.5 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted JSON file. This issue has been fixed in jg 1.6_rc1-r0.7.5https://nvd.nist.gov/vuln/detail/CVE-2016-4074
CVE-2016-6515The auth_password function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password authentication, which allows remote attackers to cause a denial of service (crypt CPU consumption) via a long string.7.5https://nvd.nist.gov/vuln/detail/CVE-2016-6515
CVE-2016-6639Cloud Foundry PHP Buildpack (aka php-buildpack) before 4.3.18 and PHP Buildpack Cf-release before 242, as used in Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.6.38 and 1.7.x before 1.7.19 and other products, place the .profile file in the htdocs directory, which might allow remote attackers to obtain sensitive information via an HTTP GET request for this file.7.5https://nvd.nist.gov/vuln/detail/CVE-2016-6639
CVE-2016-7887Adobe ColdFusion Builder versions 2016 update 2 and earlier, 3.0.3 and earlier have an important vulnerability that could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2016-7887
CVE-2017-5328Palo Alto Networks Terminal Services Agent before 7.0.7 allows attackers to spoof arbitrary users via unspecified vectors.7.5https://nvd.nist.gov/vuln/detail/CVE-2017-5328
CVE-2016-8370An issue was discovered in Mitsubishi Electric Automation MELSEC-Q series Ethernet interface modules QJ71E71-100, all versions, QJ71E71-B5, all versions, and QJ71E71-B2, all versions. Weakly encrypted passwords are transmitted to a MELSEC-Q PLC.7.5https://nvd.nist.gov/vuln/detail/CVE-2016-8370
CVE-2017-5168An issue was discovered in Hanwha Techwin Smart Security Manager Versions 1.5 and prior. Multiple Path Traversal vulnerabilities have been identified. The flaws exist within the ActiveMQ Broker service that is installed as part of the product. By issuing specific HTTP requests, if a user visits a malicious page, an attacker can gain access to arbitrary files on the server. Smart Security Manager Versions 1.4 and prior to 1.31 are affected by these vulnerabilities. These vulnerabilities can allow for remote code execution.7.5https://nvd.nist.gov/vuln/detail/CVE-2017-5168
CVE-2017-5169An issue was discovered in Hanwha Techwin Smart Security Manager Versions 1.5 and prior. Multiple Cross Site Request Forgery vulnerabilities have been identified. The flaws exist within the Redis and Apache Felix Gogo servers that are installed as part of this product. By issuing specific HTTP Post requests, an attacker can gain system level access to a remote shell session. Smart Security Manager Versions 1.5 and prior are affected by these vulnerabilities. These vulnerabilities can allow for remote code execution.7.5https://nvd.nist.gov/vuln/detail/CVE-2017-5169
CVE-2015-4057The "Plug-in for VMware vCenter" in VCE Vision Intelligent Operations before 2.6.5 sends a cleartext HTTP response upon a request for the Settings screen, which allows remote attackers to discover the admin user password by sniffing the network.7.5https://nvd.nist.gov/vuln/detail/CVE-2015-4057
CVE-2017-5995The NetApp ONTAP Select Deploy administration utility 2.0 through 2.2.1 might allow remote attackers to obtain sensitive information via unspecified vectors.7.5https://nvd.nist.gov/vuln/detail/CVE-2017-5995
CVE-2017-3009Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable buffer overflow vulnerability in the JPEG2000 parser. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2017-3009
CVE-2017-7408Palo Alto Networks Traps ESM Console before 3.4.4 allows attackers to cause a denial of service by leveraging improper validation of requests to revoke a Traps agent license.7.5https://nvd.nist.gov/vuln/detail/CVE-2017-7408
CVE-2017-8776Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 have approximately 165 PE files in the default installation that do not use ASLR/DEP protection mechanisms that provide sufficient defense against directed attacks against the product.7.5https://nvd.nist.gov/vuln/detail/CVE-2017-8776
CVE-2017-9024Secure Bytes Cisco Configuration Manager, as bundled in Secure Bytes Secure Cisco Auditor (SCA) 3.0, has a Directory Traversal issue in its TFTP Server, allowing attackers to read arbitrary files via ../ sequences in a pathname.7.5https://nvd.nist.gov/vuln/detail/CVE-2017-9024
CVE-2017-9977AVG AntiVirus for MacOS with scan engine before 4668 might allow remote attackers to bypass malware detection by leveraging failure to scan inside disk image (aka DMG) files.7.5https://nvd.nist.gov/vuln/detail/CVE-2017-9977
CVE-2017-9492The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST); Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST); Cisco DPC3939B (firmware version dpc3939b-v303r204217-150321a-CMCST); Cisco DPC3941T (firmware version DPC3941_2.5s3_PROD_sey); and Arris TG1682G (eMTA&DOCSIS version 10.0.132.SIP.PC20.CT, software version TG1682_2.2p7s2_PROD_sey) devices does not include the HTTPOnly flag in a Set-Cookie header for administration applications, which makes it easier for remote attackers to obtain potentially sensitive information via script access to cookies.7.5https://nvd.nist.gov/vuln/detail/CVE-2017-9492
CVE-2015-7944The RESTful control interface (aka RAPI or ganeti-rapi) in Ganeti before 2.9.7, 2.10.x before 2.10.8, 2.11.x before 2.11.8, 2.12.x before 2.12.6, 2.13.x before 2.13.3, 2.14.x before 2.14.2, and 2.15.x before 2.15.2, when used in SSL mode, allows remote attackers to cause a denial of service (resource consumption) via SSL parameter renegotiation.7.5https://nvd.nist.gov/vuln/detail/CVE-2015-7944
CVE-2015-7945The RESTful control interface (aka RAPI or ganeti-rapi) in Ganeti before 2.9.7, 2.10.x before 2.10.8, 2.11.x before 2.11.8, 2.12.x before 2.12.6, 2.13.x before 2.13.3, 2.14.x before 2.14.2, and 2.15.x before 2.15.2 allows remote attackers to obtain the DRBD secret via instance information job results.7.5https://nvd.nist.gov/vuln/detail/CVE-2015-7945
CVE-2017-5068Incorrect handling of picture ID in WebRTC in Google Chrome prior to 58.0.3029.96 for Mac, Windows, and Linux allowed a remote attacker to trigger a race condition via a crafted HTML page.7.5https://nvd.nist.gov/vuln/detail/CVE-2017-5068
CVE-2018-4871An Out-of-bounds Read issue was discovered in Adobe Flash Player before 28.0.0.137. This vulnerability occurs because of computation that reads data that is past the end of the target buffer. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure.7.5https://nvd.nist.gov/vuln/detail/CVE-2018-4871
CVE-2014-5068Directory traversal vulnerability in the web application in Symmetricom s350i 2.70.15 allows remote attackers to read arbitrary files via a (1) ../ (dot dot slash) or (2) ..\\ (dot dot forward slash) before a file name.7.5https://nvd.nist.gov/vuln/detail/CVE-2014-5068
CVE-2016-10708sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.7.5https://nvd.nist.gov/vuln/detail/CVE-2016-10708
CVE-2018-6479An issue was discovered on Netwave IP Camera devices. An unauthenticated attacker can crash a device by sending a POST request with a huge body size to the / URI.7.5https://nvd.nist.gov/vuln/detail/CVE-2018-6479
CVE-2018-7745An issue was discovered in Western Bridge Cobub Razor 0.7.2. Authentication is not required for /index.php?/install/installation/createuserinfo requests, resulting in account creation.7.5https://nvd.nist.gov/vuln/detail/CVE-2018-7745
CVE-2014-8421Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 allow remote attackers to gain super-user privileges by leveraging SSH access and incorrect ownership of (1) ConfigureCoreFile.sh, (2) Traceroute.sh, (3) apps.sh, (4) conversion_java2native.sh, (5) coreCompression.sh, (6) deletePasswd.sh, (7) findHealthSvcFDs.sh, (8) fw_printenv.sh, (9) fw_setenv.sh, (10) hw_wd_kicker.sh, (11) new_rootfs.sh, (12) opera_killSnmpd.sh, (13) opera_startSnmpd.sh, (14) rebootOperaSoftware.sh, (15) removeLogFiles.sh, (16) runOperaServices.sh, (17) setPasswd.sh, (18) startAccTestSvcs.sh, (19) usbNotification.sh, or (20) appWeb in /Opera_Deploy.7.5https://nvd.nist.gov/vuln/detail/CVE-2014-8421
CVE-2018-8012No authentication/authorization is enforced when a server attempts to join a quorum in Apache ZooKeeper before 3.4.10, and 3.5.0-alpha through 3.5.3-beta. As a result an arbitrary end point could join the cluster and begin propagating counterfeit changes to the leader.7.5https://nvd.nist.gov/vuln/detail/CVE-2018-8012
CVE-2018-12922Emerson Liebert IntelliSlot Web Card devices allow remote attackers to reconfigure access control via the config/configUser.htm or config/configTelnet.htm URI.7.5https://nvd.nist.gov/vuln/detail/CVE-2018-12922
CVE-2018-11654Information disclosure in Netwave IP camera at get_status.cgi (via HTTP on port 8000) allows an unauthenticated attacker to exfiltrate sensitive information from the device.7.5https://nvd.nist.gov/vuln/detail/CVE-2018-11654
CVE-2018-1545IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 142649.7.5https://nvd.nist.gov/vuln/detail/CVE-2018-1545
CVE-2018-1785IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive information. IBM X-Force ID: 148870.7.5https://nvd.nist.gov/vuln/detail/CVE-2018-1785
CVE-2018-17555The web component on ARRIS TG2492LG-NA 061213 devices allows remote attackers to obtain sensitive information via the /snmpGet oids parameter.7.5https://nvd.nist.gov/vuln/detail/CVE-2018-17555
CVE-2019-3399The BrowseProjects.jspa resource in Jira before version 7.13.2, and from version 8.0.0 before version 8.0.2 allows remote attackers to see information for archived projects through a missing authorisation check.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-3399
CVE-2019-7097Adobe Dreamweaver versions 19.0 and earlier have an insecure protocol implementation vulnerability. Successful exploitation could lead to sensitive data disclosure if smb request is subject to a relay attack.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-7097
CVE-2019-7028Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-7028
CVE-2019-7030Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an integer overflow vulnerability. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-7030
CVE-2019-7032Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-7032
CVE-2019-7033Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-7033
CVE-2019-7034Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-7034
CVE-2019-7035Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-7035
CVE-2019-7036Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-7036
CVE-2019-7038Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-7038
CVE-2019-7047Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-7047
CVE-2019-7053Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-7053
CVE-2019-7055Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-7055
CVE-2019-7056Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-7056
CVE-2019-7057Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-7057
CVE-2019-7058Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-7058
CVE-2019-7059Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-7059
CVE-2019-7063Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-7063
CVE-2019-7064Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-7064
CVE-2019-7065Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-7065
CVE-2019-7067Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-7067
CVE-2019-3569HHVM, when used with FastCGI, would bind by default to all available interfaces. This behavior could allow a malicious individual unintended direct access to the application, which could result in information disclosure. This issue affects versions 4.3.0, 4.4.0, 4.5.0, 4.6.0, 4.7.0, 4.8.0, versions 3.30.5 and below, and all versions in the 4.0, 4.1, and 4.2 series.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-3569
CVE-2019-11019Lack of authentication in case-exporting components in DDRT Dashcom Live through 2019-05-08 allows anyone to remotely access all claim details by visiting easily guessable exportpdf/all_claim_detail.php?claim_id= URLs.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-11019
CVE-2019-11020Lack of authentication in file-viewing components in DDRT Dashcom Live 2019-05-09 allows anyone to remotely access all claim details by visiting easily guessable dashboard/uploads/claim_files/claim_id_ URLs.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-11020
CVE-2019-8002Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8002
CVE-2019-8004Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8004
CVE-2019-8005Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8005
CVE-2019-8007Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8007
CVE-2019-8010Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8010
CVE-2019-8011Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8011
CVE-2019-8012Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8012
CVE-2019-8018Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8018
CVE-2019-8020Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8020
CVE-2019-8021Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8021
CVE-2019-8032Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8032
CVE-2019-8043Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8043
CVE-2019-8077Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8077
CVE-2019-8094Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8094
CVE-2019-8095Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8095
CVE-2019-8096Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8096
CVE-2019-8099Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an integer overflow vulnerability. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8099
CVE-2019-8101Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an integer overflow vulnerability. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8101
CVE-2019-8102Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8102
CVE-2019-8103Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8103
CVE-2019-8104Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8104
CVE-2019-8105Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8105
CVE-2019-8106Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8106
CVE-2019-15544An issue was discovered in the protobuf crate before 2.6.0 for Rust. Attackers can exhaust all memory via Vec::reserve calls.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-15544
CVE-2019-5054An exploitable denial-of-service vulnerability exists in the session handling functionality of the NETGEAR N300 (WNR2000v5 with Firmware Version V1.0.0.70) HTTP server. An HTTP request with an empty User-Agent string sent to a page requiring authentication can cause a null pointer dereference, resulting in the HTTP service crashing. An unauthenticated attacker can send a specially crafted HTTP request to trigger this vulnerability.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-5054
CVE-2019-5055An exploitable denial-of-service vulnerability exists in the Host Access Point Daemon (hostapd) on the NETGEAR N300 (WNR2000v5 with Firmware Version V1.0.0.70) wireless router. A SOAP request sent in an invalid sequence to the <WFAWLANConfig:1#PutMessage> service can cause a null pointer dereference, resulting in the hostapd service crashing. An unauthenticated attacker can send a specially-crafted SOAP request to trigger this vulnerability.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-5055
CVE-2019-1255A denial of service vulnerability exists when Microsoft Defender improperly handles files, aka 'Microsoft Defender Denial of Service Vulnerability'.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-1255
CVE-2019-8075Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8075
CVE-2019-0059A memory leak vulnerability in the of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the device by sending specific commands from a peered BGP host and having those BGP states delivered to the vulnerable device. This issue affects: Juniper Networks Junos OS: 18.1 versions prior to 18.1R2-S4, 18.1R3-S1; 18.1X75 all versions. Versions before 18.1R1 are not affected.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-0059
CVE-2019-13410TOPMeeting before version 8.8 (2019/08/19) shows attendees account and password in front end page that allows an attacker to obtain sensitive information by browsing the source code of the page.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-13410
CVE-2019-8164Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8164
CVE-2019-8168Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8168
CVE-2019-8182Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8182
CVE-2019-8184Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8184
CVE-2019-8185Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8185
CVE-2019-8193Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8193
CVE-2019-8194Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8194
CVE-2019-8198Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8198
CVE-2019-8201Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8201
CVE-2019-8202Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8202
CVE-2019-8207Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8207
CVE-2019-8216Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8216
CVE-2019-8218Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8218
CVE-2019-8222Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8222
CVE-2019-8226Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an incomplete implementation of security mechanism vulnerability. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8226
CVE-2011-1298An Integer Overflow exists in WebKit in Google Chrome before Blink M11 in the macOS WebCore::GraphicsContext::fillRect function.7.5https://nvd.nist.gov/vuln/detail/CVE-2011-1298
CVE-2019-8239Adobe Bridge CC versions 9.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8239
CVE-2019-8240Adobe Bridge CC versions 9.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-8240
CVE-2019-7481Vulnerability in SonicWall SMA100 allow unauthenticated user to gain read-only access to unauthorized resources. This vulnerablity impacted SMA100 version 9.0.0.3 and earlier.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-7481
CVE-2019-16449Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-16449
CVE-2019-16456Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-16456
CVE-2019-16457Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-16457
CVE-2019-16458Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-16458
CVE-2019-16461Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-16461
CVE-2019-16465Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2019-16465
CVE-2019-20421In Jp2Image::readMetadata() in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-20421
CVE-2015-2802An Information Disclosure vulnerability exists in HP SiteScope 11.2 and 11.3 on Windows, Linux and Solaris, HP Asset Manager 9.30 through 9.32, 9.40 through 9.41, 9.50, and Asset Manager Cloudsystem Chargeback 9.40, which could let a remote malicious user obtain sensitive information. This is the TLS vulnerability known as the RC4 cipher Bar Mitzvah vulnerability.7.5https://nvd.nist.gov/vuln/detail/CVE-2015-2802
CVE-2019-13946A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All Versions < V4.5), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All Versions < V4.6), PROFINET Driver for Controller (All Versions < V2.1), RUGGEDCOM RM1224 (All versions < V4.3), SCALANCE M-800 (All versions < V4.3), SCALANCE S615 (All versions < V4.3), SCALANCE W700 IEEE 802.11n (All versions <= V6.0.1), SCALANCE X-200 (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT (incl. SIPLUS NET variants) (All Versions < V5.3), SCALANCE X-300 (incl. X408 and SIPLUS NET variants) (All versions), SCALANCE XB-200 (All Versions < V3.0), SCALANCE XC-200 (All Versions < V3.0), SCALANCE XF-200BA (All Versions < V3.0), SCALANCE XM-400 (All Versions < V6.0), SCALANCE XP-200 (All Versions < V3.0), SCALANCE XR-300WG (All Versions < V3.0), SCALANCE XR-500 (All Versions < V6.0), SIMATIC CP 1616 and CP 1604 (All Versions < V2.8), SIMATIC CP 343-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 ERPC (All versions), SIMATIC CP 343-1 Lean (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET200AL IM 157-1 PN (All versions), SIMATIC ET200M IM153-4 PN IO HF (incl. SIPLUS variants) (All versions), SIMATIC ET200M IM153-4 PN IO ST (incl. SIPLUS variants) (All versions), SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants) (All Versions < V4.2.0), SIMATIC ET200MP IM155-5 PN ST (incl. SIPLUS variants) (All Versions < V4.1.0), SIMATIC ET200S (incl. SIPLUS variants) (All versions), SIMATIC ET200SP IM155-6 PN Basic (incl. SIPLUS variants) (All versions), SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants) (All Versions < V3.3.1), SIMATIC ET200SP IM155-6 PN ST (incl. SIPLUS variants) (All Versions < V4.1.0), SIMATIC ET200ecoPN (except 6ES7141-6BG00-0BB0, 6ES7141-6BH00-0BB0, 6ES7142-6BG00-0BB0, 6ES7142-6BR00-0BB0, 6S7143-6BH00-0BB0, 6ES7146-6FF00-0AB0, 6ES7148-6JD00-0AB0 and 6ES7148-6JG00-0BB0) (All versions), SIMATIC ET200pro, IM 154-3 PN HF (All versions), SIMATIC ET200pro, IM 154-4 PN HF (All versions), SIMATIC IPC Support, Package for VxWorks (All versions), SIMATIC MV400 (All Versions < V7.0.6), SIMATIC PN/PN Coupler 6ES7158-3AD01-0XA0 (incl. SIPLUS NET variant) (All Versions), SIMATIC RF180C (All versions), SIMATIC RF182C (All versions), SIMATIC RF600 (All versions < V3), SIMOTION C (All versions < V4.5), SIMOTION D (incl. SIPLUS variants) (All versions < V4.5), SIMOTION P (All versions < V4.5), SINAMICS DCP (All Versions < V1.3), SOFTNET-IE PNIO (All versions). Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit internal resource allocation when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface. This could lead to a denial of service condition due to lack of memory for devices that include a vulnerable version of the stack. The security vulnerability could be exploited by an attacker with network access to an affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise the availability of the device.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-13946
CVE-2020-3744Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2020-3744
CVE-2020-3747Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2020-3747
CVE-2020-3753Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a stack exhaustion vulnerability. Successful exploitation could lead to memory leak .7.5https://nvd.nist.gov/vuln/detail/CVE-2020-3753
CVE-2020-3755Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2020-3755
CVE-2020-3756Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a stack exhaustion vulnerability. Successful exploitation could lead to memory leak .7.5https://nvd.nist.gov/vuln/detail/CVE-2020-3756
CVE-2020-7943Puppet Server and PuppetDB provide useful performance and debugging information via their metrics API endpoints. For PuppetDB this may contain things like hostnames. Puppet Server reports resource names and titles for defined types (which may contain sensitive information) as well as function names and class names. Previously, these endpoints were open to the local network. PE 2018.1.13 & 2019.5.0, Puppet Server 6.9.2 & 5.3.12, and PuppetDB 6.9.1 & 5.2.13 disable trapperkeeper-metrics /v1 metrics API and only allows /v2 access on localhost by default. This affects software versions: Puppet Enterprise 2018.1.x stream prior to 2018.1.13 Puppet Enterprise prior to 2019.5.0 Puppet Server prior to 6.9.2 Puppet Server prior to 5.3.12 PuppetDB prior to 6.9.1 PuppetDB prior to 5.2.13 Resolved in: Puppet Enterprise 2018.1.13 Puppet Enterprise 2019.5.0 Puppet Server 6.9.2 Puppet Server 5.3.12 PuppetDB 6.9.1 PuppetDB 5.2.137.5https://nvd.nist.gov/vuln/detail/CVE-2020-7943
CVE-2020-3800Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have a memory address leak vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2020-3800
CVE-2020-3804Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2020-3804
CVE-2020-3806Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .7.5https://nvd.nist.gov/vuln/detail/CVE-2020-3806
CVE-2020-3777Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-3777
CVE-2020-1772It's possible to craft Lost Password requests with wildcards in the Token value, which allows attacker to retrieve valid Token(s), generated by users which already requested new passwords. This issue affects: ((OTRS)) Community Edition 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-1772
CVE-2019-19301A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions), SIMATIC CP 443-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC RF180C (All versions), SIMATIC RF182C (All versions). The VxWorks-based Profinet TCP Stack can be forced to make very expensive calls for every incoming packet which can lead to a denial of service.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-19301
CVE-2020-3262A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol handler of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of CAPWAP packets. An attacker could exploit this vulnerability by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to restart, resulting in a DoS condition.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-3262
CVE-2020-11021Actions Http-Client (NPM @actions/http-client) before version 1.0.8 can disclose Authorization headers to incorrect domain in certain redirect scenarios. The conditions in which this happens are if consumers of the http-client: 1. make an http request with an authorization header 2. that request leads to a redirect (302) and 3. the redirect url redirects to another domain or hostname Then the authorization header will get passed to the other domain. The problem is fixed in version 1.0.8.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-11021
CVE-2020-11028In affected versions of WordPress, some private posts, which were previously public, can result in unauthenticated disclosure under a specific set of conditions. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33).7.5https://nvd.nist.gov/vuln/detail/CVE-2020-11028
CVE-2020-9599Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-9599
CVE-2020-9600Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-9600
CVE-2020-9601Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-9601
CVE-2020-9625Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-9625
CVE-2020-9627Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-9627
CVE-2020-9628Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-9628
CVE-2019-7005A vulnerability was discovered in the web interface component of IP Office that may potentially allow a remote, unauthenticated user with network access to gain sensitive information. Affected versions of IP Office include: 9.x, 10.0 through 10.1.0.7 and 11.0 through 11.0.4.2.7.5https://nvd.nist.gov/vuln/detail/CVE-2019-7005
CVE-2020-9705Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-9705
CVE-2020-9716Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-9716
CVE-2020-9717Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-9717
CVE-2020-9718Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-9718
CVE-2020-9719Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-9719
CVE-2020-9720Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-9720
CVE-2020-9721Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-9721
CVE-2020-9723Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-9723
CVE-2020-9733An AEM java servlet in AEM versions 6.5.5.0 (and below) and 6.4.8.1 (and below) executes with the permissions of a high privileged service user. If exploited, this could lead to read-only access to sensitive data in an AEM repository.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-9733
CVE-2020-5975NVIDIA GeForce NOW, versions prior to 2.0.23 on Windows and macOS, contains a vulnerability in the desktop application software that includes sensitive information as part of a URL, which may lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-5975
CVE-2020-5976NVIDIA GeForce NOW, versions prior to 2.0.23 (Windows, macOS) and versions prior to 5.31 (Android, Shield TV), contains a vulnerability in the application software where the network test component transmits sensitive information insecurely, which may lead to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-5976
CVE-2020-26540An issue was discovered in Foxit Reader and PhantomPDF before 4.1 on macOS. Because the Hardened Runtime protection mechanism is not applied to code signing, code injection (or an information leak) can occur.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-26540
CVE-2020-1902A user running a quick search on a highly forwarded message on WhatsApp for Android from v2.20.108 to v2.20.140 or WhatsApp Business for Android from v2.20.35 to v2.20.49 could have been sent to the Google service over plain HTTP.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-1902
CVE-2020-11637A memory leak in the TFTP service in B&R Automation Runtime versions <N4.26, <N4.34, <F4.45, <E4.53, <D4.63, <A4.73 and prior could allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-11637
CVE-2020-17527While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associated with the subsequent stream. While this would most likely lead to an error and the closure of the HTTP/2 connection, it is possible that information could leak between requests.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-17527
CVE-2021-27212In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-27212
CVE-2021-21702In PHP versions 7.3.x below 7.3.27, 7.4.x below 7.4.15 and 8.0.x below 8.0.2, when using SOAP extension to connect to a SOAP server, a malicious SOAP server could return malformed XML data as a response that would cause PHP to access a null pointer and thus cause a crash.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-21702
CVE-2021-27218An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If g_byte_array_new_take() was called with a buffer of 4GB or more on a 64-bit platform, the length would be truncated modulo 2**32, causing unintended length truncation.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-27218
CVE-2021-23840Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).7.5https://nvd.nist.gov/vuln/detail/CVE-2021-23840
CVE-2021-27063Windows DNS Server Denial of Service Vulnerability This CVE ID is unique from CVE-2021-26896.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-27063
CVE-2020-6590Forcepoint Web Security Content Gateway versions prior to 8.5.4 improperly process XML input, leading to information disclosure.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-6590
CVE-2020-24285INTELBRAS TELEFONE IP TIP200 version 60.61.75.22 allows an attacker to obtain sensitive information through /cgi-bin/cgiServer.exx.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-24285
CVE-2021-25660A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\" & 15\\" (incl. SIPLUS variants) (All versions < V15 SP1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\" & 15\\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\" - 22\\" (incl. SIPLUS variants) (All versions < V15 SP1 Update 6), SIMATIC HMI Comfort Panels V16 4\\" - 22\\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15 SP1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15 SP1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the server side when sending data from the client, which could result in a Denial-of-Service condition.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-25660
CVE-2021-25661A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\" & 15\\" (incl. SIPLUS variants) (All versions < V15 SP1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\" & 15\\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\" - 22\\" (incl. SIPLUS variants) (All versions < V15 SP1 Update 6), SIMATIC HMI Comfort Panels V16 4\\" - 22\\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15 SP1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15 SP1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the client side when sending data from the server, which could result in a Denial-of-Service condition.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-25661
CVE-2021-25662A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\" & 15\\" (incl. SIPLUS variants) (All versions < V15 SP1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\" & 15\\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\" - 22\\" (incl. SIPLUS variants) (All versions < V15 SP1 Update 6), SIMATIC HMI Comfort Panels V16 4\\" - 22\\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15 SP1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15 SP1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC client fails to handle an exception properly if the program execution process is modified after sending a packet from the server, which could result in a Denial-of-Service condition.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-25662
CVE-2021-27383A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\" & 15\\" (incl. SIPLUS variants) (All versions < V15 SP1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\" & 15\\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\" - 22\\" (incl. SIPLUS variants) (All versions < V15 SP1 Update 6), SIMATIC HMI Comfort Panels V16 4\\" - 22\\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15 SP1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15 SP1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the server Tight encoder, which could result in a Denial-of-Service condition.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-27383
CVE-2021-27385A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\" & 15\\" (incl. SIPLUS variants) (All versions < V15 SP1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\" & 15\\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\" - 22\\" (incl. SIPLUS variants) (All versions < V15 SP1 Update 6), SIMATIC HMI Comfort Panels V16 4\\" - 22\\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15 SP1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15 SP1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). A remote attacker could send specially crafted packets to SmartVNC device layout handler on client side, which could influence the amount of resources consumed and result in a Denial-of-Service (infinite loop) condition.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-27385
CVE-2021-27386A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\" & 15\\" (incl. SIPLUS variants) (All versions < V15 SP1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\" & 15\\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\" - 22\\" (incl. SIPLUS variants) (All versions < V15 SP1 Update 6), SIMATIC HMI Comfort Panels V16 4\\" - 22\\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15 SP1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15 SP1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the device layout handler on client side, which could result in a Denial-of-Service condition.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-27386
CVE-2021-20988In Hilscher rcX RTOS versions prios to V2.1.14.1 the actual UDP packet length is not verified against the length indicated by the packet. This may lead to a denial of service of the affected device.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-20988
CVE-2020-25709A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP’s slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-25709
CVE-2021-28651An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a buffer-management bug, it allows a denial of service. When resolving a request with the urn: scheme, the parser leaks a small amount of memory. However, there is an unspecified attack methodology that can easily trigger a large amount of memory consumption.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-28651
CVE-2020-25710A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest threat from this vulnerability is to system availability.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-25710
CVE-2021-3530A flaw was discovered in GNU libiberty within demangle_path() in rust-demangle.c, as distributed in GNU Binutils version 2.36. A crafted symbol can cause stack memory to be exhausted leading to a crash.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-3530
CVE-2021-28676An issue was discovered in Pillow before 8.2.0. For FLI data, FliDecode did not properly check that the block advance was non-zero, potentially leading to an infinite loop on load.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-28676
CVE-2021-28677An issue was discovered in Pillow before 8.2.0. For EPS data, the readline implementation used in EPSImageFile has to deal with any combination of \\r and \\n as line endings. It used an accidentally quadratic method of accumulating lines while looking for a line ending. A malicious EPS file could use this to perform a DoS of Pillow in the open phase, before an image was accepted for opening.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-28677
CVE-2021-33560Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-33560
CVE-2020-15383Running security scans against the SAN switch can cause config and secnotify processes within the firmware before Brocade Fabric OS v9.0.0, v8.2.2d and v8.2.1e to consume all memory leading to denial of service impacts possibly including a switch panic.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-15383
CVE-2021-20027A buffer overflow vulnerability in SonicOS allows a remote attacker to cause a Denial of Service (DoS) by sending a specially crafted request. This vulnerability affects SonicOS Gen5, Gen6, Gen7 platforms, and SonicOSv virtual firewalls.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-20027
CVE-2021-30468A vulnerability in the JsonMapObjectReaderWriter of Apache CXF allows an attacker to submit malformed JSON to a web service, which results in the thread getting stuck in an infinite loop, consuming CPU indefinitely. This issue affects Apache CXF versions prior to 3.4.4; Apache CXF versions prior to 3.3.11.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-30468
CVE-2021-35050User credentials stored in a recoverable format within Fidelis Network and Deception CommandPost. In the event that an attacker gains access to the CommandPost, these values could be decoded and used to login to the application. The vulnerability is present in Fidelis Network and Deception versions prior to 9.3.3. This vulnerability has been addressed in version 9.3.3 and subsequent versions.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-35050
CVE-2021-33503An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in the authority component, the authority regular expression exhibits catastrophic backtracking, causing a denial of service if a URL were passed as a parameter or redirected to via an HTTP redirect.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-33503
CVE-2021-34548An issue was discovered in Tor before 0.4.6.5, aka TROVE-2021-003. An attacker can forge RELAY_END or RELAY_RESOLVED to bypass the intended access control for ending a stream.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-34548
CVE-2020-27361An issue exists within Akkadian Provisioning Manager 4.50.02 which allows attackers to view sensitive information within the /pme subdirectories.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-27361
CVE-2020-24143Directory traversal in the Video Downloader for TikTok (aka downloader-tiktok) plugin 1.3 for WordPress lets an attacker get access to files that are stored outside the web root folder via the njt-tk-download-video parameter.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-24143
CVE-2021-27293RestSharp < 106.11.8-alpha.0.13 uses a regular expression which is vulnerable to Regular Expression Denial of Service (ReDoS) when converting strings into DateTimes. If a server responds with a malicious string, the client using RestSharp will be stuck processing it for an exceedingly long time. Thus the remote server can trigger Denial of Service.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-27293
CVE-2021-35517When reading a specially crafted TAR archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. This could be used to mount a denial of service attack against services that use Compress' tar package.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-35517
CVE-2020-28400A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All versions < V4.7), RUGGEDCOM RM1224 (All Versions < V6.4), SCALANCE M-800 (All Versions < V6.4), SCALANCE S615 (All Versions < V6.4), SCALANCE W1700 IEEE 802.11ac (All versions), SCALANCE W700 IEEE 802.11n (All versions), SCALANCE X200-4 P IRT (All Versions < V5.5.0), SCALANCE X201-3P IRT (All Versions < V5.5.0), SCALANCE X201-3P IRT PRO (All Versions < V5.5.0), SCALANCE X202-2 IRT (All Versions < V5.5.0), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All Versions < V5.5.0), SCALANCE X202-2P IRT PRO (All Versions < V5.5.0), SCALANCE X204 IRT (All Versions < V5.5.0), SCALANCE X204 IRT PRO (All Versions < V5.5.0), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS (All versions < V5.2.5), SCALANCE X206-1 (All versions < V5.2.5), SCALANCE X206-1LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208PRO (All versions < V5.2.5), SCALANCE X212-2 (All versions < V5.2.5), SCALANCE X212-2LD (All versions < V5.2.5), SCALANCE X216 (All versions < V5.2.5), SCALANCE X224 (All versions < V5.2.5), SCALANCE X302-7EEC (All versions), SCALANCE X304-2FE (All versions), SCALANCE X306-1LDFE (All versions), SCALANCE X307-2EEC (All versions), SCALANCE X307-3 (All versions), SCALANCE X307-3LD (All versions), SCALANCE X308-2 (incl. SIPLUS NET variant) (All versions), SCALANCE X308-2LD (All versions), SCALANCE X308-2LH (All versions), SCALANCE X308-2LH+ (All versions), SCALANCE X308-2M (All versions), SCALANCE X308-2M POE (All versions), SCALANCE X308-2M TS (All versions), SCALANCE X310 (All versions), SCALANCE X310FE (All versions), SCALANCE X320-1FE (All versions), SCALANCE X320-3LDFE (All versions), SCALANCE XB-200 (All versions < V4.3), SCALANCE XC-200 (All versions < V4.3), SCALANCE XF-200BA (All versions < V4.3), SCALANCE XF201-3P IRT (All Versions < V5.5.0), SCALANCE XF202-2P IRT (All Versions < V5.5.0), SCALANCE XF204 (All versions < V5.2.5), SCALANCE XF204 IRT (All Versions < V5.5.0), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE XF204-2BA IRT (All Versions < V5.5.0), SCALANCE XF206-1 (All versions < V5.2.5), SCALANCE XF208 (All versions < V5.2.5), SCALANCE XM400 (All versions < V6.3.1), SCALANCE XP-200 (All versions < V4.3), SCALANCE XR-300WG (All versions < V4.3), SCALANCE XR324-12M (All versions), SCALANCE XR324-12M TS (All versions), SCALANCE XR324-4M EEC (All versions), SCALANCE XR324-4M POE (All versions), SCALANCE XR324-4M POE TS (All versions), SCALANCE XR500 (All versions < V6.3.1), SIMATIC CFU PA (All versions), SIMATIC CM 1542-1 (All versions < V3.0), SIMATIC CP1616/CP1604 (All Versions >= V2.7), SIMATIC CP1626 (All versions), SIMATIC IE/PB-LINK V3 (All versions), SIMATIC MV500 family (All versions < V3.0), SIMATIC NET DK-16xx PN IO (All Versions >= V2.7), SIMATIC PROFINET Driver (All versions), SIMATIC Power Line Booster PLB, Base Module (MLFB: 6ES7972-5AA10-0AB0) (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All Versions < V4.5), SIMOCODE proV Ethernet/IP (All versions < V1.1.3), SIMOCODE proV PROFINET (All versions < V2.1.3), SOFTNET-IE PNIO (All versions). Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-28400
CVE-2021-35527Password autocomplete vulnerability in the web application password field of Hitachi ABB Power Grids eSOMS allows attacker to gain access to user credentials that are stored by the browser. This issue affects: Hitachi ABB Power Grids eSOMS version 6.3 and prior versions.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-35527
CVE-2021-37172A vulnerability has been identified in SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (V4.5.0). Affected devices fail to authenticate against configured passwords when provisioned using TIA Portal V13. This could allow an attacker using TIA Portal V13 or later versions to bypass authentication and download arbitrary programs to the PLC. The vulnerability does not occur when TIA Portal V13 SP1 or any later version was used to provision the device.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-37172
CVE-2021-28845Null Pointer Dereference vulnerability exists in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW-821DAP2KAC 1.11B03, and TEW-825DAP 1.11B03, which could let a remote malicious user cause a denial of service by sending the POST request to apply_cgi via the lang action without a language key.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-28845
CVE-2021-38604In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. NOTE: this vulnerability was introduced as a side effect of the CVE-2021-33574 fix.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-38604
CVE-2021-39240An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. It does not ensure that the scheme and path portions of a URI have the expected characters. For example, the authority field (as observed on a target HTTP/2 server) might differ from what the routing rules were intended to achieve.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-39240
CVE-2021-39242An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. It can lead to a situation with an attacker-controlled HTTP Host header, because a mismatch between Host and authority is mishandled.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-39242
CVE-2021-25218In BIND 9.16.19, 9.17.16. Also, version 9.16.19-S1 of BIND Supported Preview Edition When a vulnerable version of named receives a query under the circumstances described above, the named process will terminate due to a failed assertion check. The vulnerability affects only BIND 9 releases 9.16.19, 9.17.16, and release 9.16.19-S1 of the BIND Supported Preview Edition.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-25218
CVE-2021-39371An XML external entity (XXE) injection in PyWPS before 4.4.5 allows an attacker to view files on the application server filesystem by assigning a path to the entity. OWSLib 0.24.1 may also be affected.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-39371
CVE-2020-36475An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). The calculations performed by mbedtls_mpi_exp_mod are not limited; thus, supplying overly large parameters could lead to denial of service when generating Diffie-Hellman key pairs.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-36475
CVE-2020-36478An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). A NULL algorithm parameters entry looks identical to an array of REAL (size zero) and thus the certificate is considered valid. However, if the parameters do not match in any way, then the certificate should be considered invalid.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-36478
CVE-2020-18730A segmentation violation in the Iec104_Deal_I function of IEC104 v1.0 allows attackers to cause a denial of service (DOS).7.5https://nvd.nist.gov/vuln/detail/CVE-2020-18730
CVE-2020-18731A segmentation violation in the Iec104_Deal_FirmUpdate function of IEC104 v1.0 allows attackers to cause a denial of service (DOS).7.5https://nvd.nist.gov/vuln/detail/CVE-2020-18731
CVE-2021-30603Data race in WebAudio in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-30603
CVE-2021-38154Certain Canon devices manufactured in 2012 through 2020 (such as imageRUNNER ADVANCE iR-ADV C5250), when Catwalk Server is enabled for HTTP access, allow remote attackers to modify an e-mail address setting, and thus cause the device to send sensitive information through e-mail to the attacker. For example, an incoming FAX may be sent through e-mail to the attacker. This occurs when a PIN is not required for General User Mode, as exploited in the wild in August 2021.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-38154
CVE-2021-36370An issue was discovered in Midnight Commander through 4.8.26. When establishing an SFTP connection, the fingerprint of the server is neither checked nor displayed. As a result, a user connects to the server without the ability to verify its authenticity.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-36370
CVE-2021-36691libjxl v0.5.0 is affected by a Assertion failed issue in lib/jxl/image.cc jxl::PlaneBase::PlaneBase(). When encoding a malicous GIF file using cjxl, an attacker can trigger a denial of service.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-36691
CVE-2021-40330git_connect_git in connect.c in Git before 2.30.1 allows a repository path to contain a newline character, which may result in unexpected cross-protocol requests, as demonstrated by the git://localhost:1234/%0d%0a%0d%0aGET%20/%20HTTP/1.1 substring.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-40330
CVE-2021-33555In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.7 the filename parameter is vulnerable to unauthenticated path traversal attacks, enabling read access to arbitrary files on the server.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-33555
CVE-2021-34581Missing Release of Resource after Effective Lifetime vulnerability in OpenSSL implementation of WAGO 750-831/xxx-xxx, 750-880/xxx-xxx, 750-881, 750-889 in versions FW4 up to FW15 allows an unauthenticated attacker to cause DoS on the device.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-34581
CVE-2021-3749axios is vulnerable to Inefficient Regular Expression Complexity7.5https://nvd.nist.gov/vuln/detail/CVE-2021-3749
CVE-2021-39316The Zoomsounds plugin <= 6.45 for WordPress allows arbitrary files, including sensitive configuration files such as wp-config.php, to be downloaded via the `dzsap_download` action using directory traversal in the `link` parameter.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-39316
CVE-2021-22684Tizen RT RTOS version 3.0.GBB is vulnerable to integer wrap-around in functions_calloc and mm_zalloc. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash7.5https://nvd.nist.gov/vuln/detail/CVE-2021-22684
CVE-2021-39176detect-character-encoding is a package for detecting character encoding using ICU. In detect-character-encoding v0.3.0 and earlier, allocated memory is not released. The problem has been patched in detect-character-encoding v0.3.1.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-39176
CVE-2021-22029VMware Workspace ONE UEM REST API contains a denial of service vulnerability. A malicious actor with access to /API/system/admins/session could cause an API denial of service due to improper rate limiting.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-22029
CVE-2021-22003VMware Workspace ONE Access and Identity Manager, unintentionally provide a login interface on port 7443. A malicious actor with network access to port 7443 may attempt user enumeration or brute force the login endpoint, which may or may not be practical based on lockout policy configuration and password complexity for the target account.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-22003
CVE-2020-20486IEC104 v1.0 contains a stack-buffer overflow in the parameter Iec10x_Sta_Addr.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-20486
CVE-2020-20490A heap buffer-overflow in the client_example1.c component of libiec_iccp_mod v1.5 leads to a denial of service (DOS).7.5https://nvd.nist.gov/vuln/detail/CVE-2020-20490
CVE-2021-33582Cyrus IMAP before 3.4.2 allows remote attackers to cause a denial of service (multiple-minute daemon hang) via input that is mishandled during hash-table interaction. Because there are many insertions into a single bucket, strcmp becomes slow. This is fixed in 3.4.2, 3.2.8, and 3.0.16.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-33582
CVE-2021-39109The renderWidgetResource resource in Atlasian Atlasboard before version 1.1.9 allows remote attackers to read arbitrary files via a path traversal vulnerability.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-39109
CVE-2020-9000An issue was discovered in iPortalis iCS 7.1.13.0. Attackers can send a sequence of requests to rapidly cause .NET Input Validation errors. This increases the size of the log file on the remote server until memory is exhausted, therefore consuming the maximum amount of resources (triggering a denial of service condition).7.5https://nvd.nist.gov/vuln/detail/CVE-2020-9000
CVE-2020-9002An issue was discovered in iPortalis iCS 7.1.13.0. An attacker can gain privileges by intercepting a request and changing UserRoleKey=COMPANY_ADMIN to UserRoleKey=DOMAIN_ADMIN (to achieve Domain Administrator access).7.5https://nvd.nist.gov/vuln/detail/CVE-2020-9002
CVE-2021-37151CyberArk Identity 21.5.131, when handling an invalid authentication attempt, sometimes reveals whether the username is valid. In certain authentication policy configurations with MFA, the API response length can be used to differentiate between a valid user and an invalid one (aka Username Enumeration). Response differentiation enables attackers to enumerate usernames of valid application users. Attackers can use this information to leverage brute-force and dictionary attacks in order to discover valid account information such as passwords.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-37151
CVE-2021-23426This affects all versions of package Proto. It is possible to inject pollute the object property of an application using Proto by leveraging the merge function.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-23426
CVE-2021-36030Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability during the checkout process. An unauthenticated attacker can leverage this vulnerability to alter the price of items.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-36030
CVE-2021-36044Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An unauthenticated attacker could abuse this vulnerability to cause a server-side denial-of-service using a GraphQL field.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-36044
CVE-2021-40379An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices. rstp://.../medias2 does not require authorization.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-40379
CVE-2021-40380An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices. cameralist.cgi and setcamera.cgi disclose credentials.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-40380
CVE-2021-40381An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices. index_MJpeg.cgi allows video access.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-40381
CVE-2021-40382An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices. mjpegStreamer.cgi allows video screenshot access.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-40382
CVE-2020-20340A SQL injection vulnerability in the 4.edu.php\\conn\\function.php component of S-CMS v1.0 allows attackers to access sensitive database information.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-20340
CVE-2020-20341YzmCMS v5.5 contains a server-side request forgery (SSRF) in the grab_image() function.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-20341
CVE-2021-31796An inadequate encryption vulnerability discovered in CyberArk Credential Provider before 12.1 may lead to Information Disclosure. An attacker may realistically have enough information that the number of possible keys (for a credential file) is only one, and the number is usually not higher than 2^36.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-31796
CVE-2021-39187Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to version 4.10.3, Parse Server crashes when if a query request contains an invalid value for the `explain` option. This is due to a bug in the MongoDB Node.js driver which throws an exception that Parse Server cannot catch. There is a patch for this issue in version 4.10.3. No workarounds aside from upgrading are known to exist.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-39187
CVE-2020-13929Authentication bypass vulnerability in Apache Zeppelin allows an attacker to bypass Zeppelin authentication mechanism to act as another user. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-13929
CVE-2021-22792A CWE-476: NULL Pointer Dereference vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions).7.5https://nvd.nist.gov/vuln/detail/CVE-2021-22792
CVE-2021-23437The package pillow from 0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the getrgb function.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-23437
CVE-2021-40516WeeChat before 3.2.1 allows remote attackers to cause a denial of service (crash) via a crafted WebSocket frame that trigger an out-of-bounds read in plugins/relay/relay-websocket.c in the Relay plugin.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-40516
CVE-2021-40523In Contiki 3.0, Telnet option negotiation is mishandled. During negotiation between a server and a client, the server may fail to give the WILL/WONT or DO/DONT response for DO and WILL commands because of improper handling of exception condition, which leads to property violations and denial of service. Specifically, a server sometimes sends no response, because a fixed buffer space is available for all responses and that space may have been exhausted.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-40523
CVE-2021-40524In Pure-FTPd 1.0.49, an incorrect max_filesize quota mechanism in the server allows attackers to upload files of unbounded size, which may lead to denial of service or a server hang. This occurs because a certain greater-than-zero test does not anticipate an initial -1 value.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-40524
CVE-2021-33484An issue was discovered in CommentsService.ashx in OnyakTech Comments Pro 3.8. An attacker can download a copy of the installer, decompile it, and discover a hardcoded IV used to encrypt the username and userid in the comment POST request. Additionally, the attacker can decrypt the encrypted encryption key (sent as a parameter in the comment form request) by setting this encrypted value as the username, which will appear on the comment page in its decrypted form. Using these two values (combined with the encryption functionality discovered in the decompiled installer), the attacker can encrypt another user's ID and username. These values can be used as part of the comment posting request in order to spoof the user.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-33484
CVE-2020-19131Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the "invertImage()" function in the component "tiffcrop".7.5https://nvd.nist.gov/vuln/detail/CVE-2020-19131
CVE-2020-7819A SQL-Injection vulnerability in the nTracker USB Enterprise(secure USB management solution) allows a remote unauthenticated attacker to perform SQL query to access username password and other session related information.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-7819
CVE-2020-19750An issue was discovered in gpac 0.8.0. The strdup function in box_code_base.c has a heap-based buffer over-read.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-19750
CVE-2020-19752The find_color_or_error function in gifsicle 1.92 contains a NULL pointer dereference.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-19752
CVE-2021-37628Nextcloud Richdocuments is an open source collaborative office suite. In affected versions the File Drop features ("Upload Only" public link shares in Nextcloud) can be bypassed using the Nextcloud Richdocuments app. An attacker was able to read arbitrary files in such a share. It is recommended that the Nextcloud Richdocuments is upgraded to 3.8.4 or 4.2.1. If upgrading is not possible then it is recommended to disable the Richdocuments application.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-37628
CVE-2020-19767A lack of target address verification in the destroycontract() function of 0xRACER 1.0 allows attackers to steal tokens from victim users via a crafted script.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-19767
CVE-2020-19768A lack of target address verification in the selfdestructs() function of ICOVO 1.0 allows attackers to steal tokens from victim users via a crafted script.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-19768
CVE-2020-19769A lack of target address verification in the BurnMe() function of Rob The Bank 1.0 allows attackers to steal tokens from victim users via a crafted script.7.5https://nvd.nist.gov/vuln/detail/CVE-2020-19769
CVE-2020-11301Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking7.5https://nvd.nist.gov/vuln/detail/CVE-2020-11301
CVE-2021-1914Loop with unreachable exit condition may occur due to improper handling of unsupported input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables7.5https://nvd.nist.gov/vuln/detail/CVE-2021-1914
CVE-2021-30729A logic issue was addressed with improved restrictions. This issue is fixed in iOS 14.6 and iPadOS 14.6. A device may accept invalid activation results.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-30729
CVE-2021-30798A logic issue was addressed with improved state management. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6. A malicious application may be able to bypass certain Privacy preferences.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-30798
CVE-2021-3053An improper handling of exceptional conditions vulnerability exists in the Palo Alto Networks PAN-OS dataplane that enables an unauthenticated network-based attacker to send specifically crafted traffic through the firewall that causes the service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.9; PAN-OS 10.0 versions earlier than PAN-OS 10.0.5. This issue does not affect Prisma Access.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-3053
CVE-2021-32836ZStack is open source IaaS(infrastructure as a service) software. In ZStack before versions 3.10.12 and 4.1.6 there is a pre-auth unsafe deserialization vulnerability in the REST API. An attacker in control of the request body will be able to provide both the class name and the data to be deserialized and therefore will be able to instantiate an arbitrary type and assign arbitrary values to its fields. This issue may lead to a Denial Of Service. If a suitable gadget is available, then an attacker may also be able to exploit this vulnerability to gain pre-auth remote code execution. For additional details see the referenced GHSL-2021-087.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-32836
CVE-2021-39204Pomerium is an open source identity-aware access proxy. Envoy, which Pomerium is based on, incorrectly handles resetting of HTTP/2 streams with excessive complexity. This can lead to high CPU utilization when a large number of streams are reset. This can result in a DoS condition. Pomerium versions 0.14.8 and 0.15.1 contain an upgraded envoy binary with this vulnerability patched.7.5https://nvd.nist.gov/vuln/detail/CVE-2021-39204
CVE-2017-9035Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows attackers to eavesdrop and tamper with updates by leveraging unencrypted communications with update servers.7.4https://nvd.nist.gov/vuln/detail/CVE-2017-9035
CVE-2017-8012In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) for SAS Solution Packs, the Java Management Extensions (JMX) protocol used to communicate between components in the Alerting and/or Compliance components can be leveraged to create a denial of service (DoS) condition. Attackers with knowledge of JMX agent user credentials could potentially exploit this vulnerability to create arbitrary files on the affected system and create a DoS condition by leveraging inherent JMX protocol capabilities.7.4https://nvd.nist.gov/vuln/detail/CVE-2017-8012
CVE-2018-2503By default, the SAP NetWeaver AS Java keystore service does not sufficiently restrict the access to resources that should be protected. This has been fixed in SAP NetWeaver AS Java (ServerCore versions 7.11, 7.20, 7.30, 7.31, 7.40, 7.50).7.4https://nvd.nist.gov/vuln/detail/CVE-2018-2503
CVE-2015-8800Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x before 1.0 MP5, Embedded Security: Critical System Protection for Controllers and Devices (SES:CSP) 6.5.0 before MP1, Critical System Protection (SCSP) before 5.2.9 MP6, Data Center Security: Server Advanced Server (DCS:SA) 6.x before 6.5 MP1 and 6.6 before MP1, and Data Center Security: Server Advanced Server and Agents (DCS:SA) through 6.6 MP1 allow remote authenticated users to conduct argument-injection attacks by leveraging certain named-pipe access.7.3https://nvd.nist.gov/vuln/detail/CVE-2015-8800
CVE-2016-2209Buffer overflow in Dec2SS.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code via a crafted file.7.3https://nvd.nist.gov/vuln/detail/CVE-2016-2209
CVE-2016-2210Buffer overflow in Dec2LHA.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code via a crafted file.7.3https://nvd.nist.gov/vuln/detail/CVE-2016-2210
CVE-2017-5151An issue was discovered in VideoInsight Web Client Version 6.3.5.11 and previous versions. A SQL Injection vulnerability has been identified, which may allow remote code execution.7.3https://nvd.nist.gov/vuln/detail/CVE-2017-5151
CVE-2019-5819Insufficient data validation in developer tools in Google Chrome on OS X prior to 74.0.3729.108 allowed a local attacker to execute arbitrary code via a crafted string copied to clipboard.7.3https://nvd.nist.gov/vuln/detail/CVE-2019-5819
CVE-2019-10086In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.7.3https://nvd.nist.gov/vuln/detail/CVE-2019-10086
CVE-2020-7461In FreeBSD 12.1-STABLE before r365010, 11.4-STABLE before r365011, 12.1-RELEASE before p9, 11.4-RELEASE before p3, and 11.3-RELEASE before p13, dhclient(8) fails to handle certain malformed input related to handling of DHCP option 119 resulting a heap overflow. The heap overflow could in principle be exploited to achieve remote code execution. The affected process runs with reduced privileges in a Capsicum sandbox, limiting the immediate impact of an exploit.7.3https://nvd.nist.gov/vuln/detail/CVE-2020-7461
CVE-2021-29242CODESYS Control Runtime system before 3.5.17.0 has improper input validation. Attackers can send crafted communication packets to change the router's addressing scheme and may re-route, add, remove or change low level communication packages.7.3https://nvd.nist.gov/vuln/detail/CVE-2021-29242
CVE-2021-36002Adobe Captivate version 11.5.5 (and earlier) is affected by an Creation of Temporary File In Directory With Incorrect Permissions vulnerability that could result in privilege escalation in the context of the current user. The attacker must plant a malicious file in a particular location of the victim's machine. Exploitation of this issue requires user interaction in that a victim must launch the Captivate Installer.7.3https://nvd.nist.gov/vuln/detail/CVE-2021-36002
CVE-2021-28581Adobe Creative Cloud Desktop 3.5 (and earlier) is affected by an uncontrolled search path vulnerability that could result in elevation of privileges. Exploitation of this issue requires user interaction in that a victim must log on to the attacker's local machine.7.3https://nvd.nist.gov/vuln/detail/CVE-2021-28581
CVE-2018-6312A privileged account with a weak default password on the Foxconn femtocell FEMTO AP-FC4064-T version AP_GT_B38_5.8.3lb15-W47 LTE Build 15 can be used to turn on the TELNET service via the web interface, which allows root login without any password. This vulnerability will lead to full system compromise and disclosure of user communications. The foxconn account with an 8-character lowercase alphabetic password can be used.7.2https://nvd.nist.gov/vuln/detail/CVE-2018-6312
CVE-2018-9010Intelbras TELEFONE IP TIP200/200 LITE 60.0.75.29 devices allow remote authenticated admins to read arbitrary files via the /cgi-bin/cgiServer.exx page parameter, aka absolute path traversal. In some cases, authentication can be achieved via the admin account with its default admin password.7.2https://nvd.nist.gov/vuln/detail/CVE-2018-9010
CVE-2019-19609The Strapi framework before 3.0.0-beta.17.8 is vulnerable to Remote Code Execution in the Install and Uninstall Plugin components of the Admin panel, because it does not sanitize the plugin name, and attackers can inject arbitrary shell commands to be executed by the execa function.7.2https://nvd.nist.gov/vuln/detail/CVE-2019-19609
CVE-2020-11033In GLPI from version 9.1 and before version 9.4.6, any API user with READ right on User itemtype will have access to full list of users when querying apirest.php/User. The response contains: - All api_tokens which can be used to do privileges escalations or read/update/delete data normally non accessible to the current user. - All personal_tokens can display another users planning. Exploiting this vulnerability requires the api to be enabled, a technician account. It can be mitigated by adding an application token. This is fixed in version 9.4.6.7.2https://nvd.nist.gov/vuln/detail/CVE-2020-11033
CVE-2019-15992A vulnerability in the implementation of the Lua interpreter integrated in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code with root privileges on the underlying Linux operating system of an affected device. The vulnerability is due to insufficient restrictions on the allowed Lua function calls within the context of user-supplied Lua scripts. A successful exploit could allow the attacker to trigger a heap overflow condition and execute arbitrary code with root privileges on the underlying Linux operating system of an affected device.7.2https://nvd.nist.gov/vuln/detail/CVE-2019-15992
CVE-2021-20206An improper limitation of path name flaw was found in containernetworking/cni in versions before 0.8.1. When specifying the plugin to load in the 'type' field in the network configuration, it is possible to use special elements such as "../" separators to reference binaries elsewhere on the system. This flaw allows an attacker to execute other existing binaries other than the cni plugins/types, such as 'reboot'. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.7.2https://nvd.nist.gov/vuln/detail/CVE-2021-20206
CVE-2021-39608Remote Code Execution (RCE) vulnerabilty exists in FlatCore-CMS 2.0.7 via the upload addon plugin, which could let a remote malicious user exeuct arbitrary php code.7.2https://nvd.nist.gov/vuln/detail/CVE-2021-39608
CVE-2021-32758OpenMage Magento LTS is an alternative to the Magento CE official releases. Prior to versions 19.4.15 and 20.0.11, layout XML enabled admin users to execute arbitrary commands via block methods. The latest OpenMage Versions up from v19.4.15 and v20.0.11 have this Issue patched.7.2https://nvd.nist.gov/vuln/detail/CVE-2021-32758
CVE-2021-35220Command Injection vulnerability in EmailWebPage API which can lead to a Remote Code Execution (RCE) from the Alerts Settings page.7.2https://nvd.nist.gov/vuln/detail/CVE-2021-35220
CVE-2021-36022Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an XML Injection vulnerability in the Widgets Update Layout. An attacker with admin privileges can trigger a specially crafted script to achieve remote code execution.7.2https://nvd.nist.gov/vuln/detail/CVE-2021-36022
CVE-2021-36024Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an Improper Neutralization of Special Elements Used In A Command via the Data collection endpoint. An attacker with admin privileges can upload a specially crafted file to achieve remote code execution.7.2https://nvd.nist.gov/vuln/detail/CVE-2021-36024
CVE-2021-36025Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability while saving a customer's details with a specially crafted file. An authenticated attacker with admin privileges can leverage this vulnerability to achieve remote code execution.7.2https://nvd.nist.gov/vuln/detail/CVE-2021-36025
CVE-2021-36028Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an XML Injection vulnerability when saving a configurable product. An attacker with admin privileges can trigger a specially crafted script to achieve remote code execution.7.2https://nvd.nist.gov/vuln/detail/CVE-2021-36028
CVE-2021-36029Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper improper authorization vulnerability. An attacker with admin privileges could leverage this vulnerability to achieve remote code execution.7.2https://nvd.nist.gov/vuln/detail/CVE-2021-36029
CVE-2021-36031Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by a Path Traversal vulnerability via the `theme[preview_image]` parameter. An attacker with admin privileges could leverage this vulnerability to achieve remote code execution.7.2https://nvd.nist.gov/vuln/detail/CVE-2021-36031
CVE-2021-36033Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an XML Injection vulnerability in the Widgets Module. An attacker with admin privileges can trigger a specially crafted script to achieve remote code execution.7.2https://nvd.nist.gov/vuln/detail/CVE-2021-36033
CVE-2021-36034Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An attacker with admin privileges can upload a specially crafted file to achieve remote code execution.7.2https://nvd.nist.gov/vuln/detail/CVE-2021-36034
CVE-2021-36035Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An attacker with admin privileges could make a crafted request to the Adobe Stock API to achieve remote code execution.7.2https://nvd.nist.gov/vuln/detail/CVE-2021-36035
CVE-2021-36040Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An attacker with admin privileges can upload a specially crafted file to bypass file extension restrictions and could lead to remote code execution.7.2https://nvd.nist.gov/vuln/detail/CVE-2021-36040
CVE-2021-36041Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An attacker with admin privileges could upload a specially crafted file in the 'pub/media` directory could lead to remote code execution.7.2https://nvd.nist.gov/vuln/detail/CVE-2021-36041
CVE-2021-36042Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability in the API File Option Upload Extension. An attacker with Admin privileges can achieve unrestricted file upload which can result in remote code execution.7.2https://nvd.nist.gov/vuln/detail/CVE-2021-36042
CVE-2021-39115Affected versions of Atlassian Jira Service Management Server and Data Center allow remote attackers with "Jira Administrators" access to execute arbitrary Java code or run arbitrary system commands via a Server_Side Template Injection vulnerability in the Email Template feature. The affected versions are before version 4.13.9, and from version 4.14.0 before 4.18.0.7.2https://nvd.nist.gov/vuln/detail/CVE-2021-39115
CVE-2021-22793A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exist in AccuSine PCS+ / PFV+ (Versions prior to V1.6.7) and AccuSine PCSn (Versions prior to V2.2.4) that could allow an authenticated attacker to access the device via FTP protocol.7.2https://nvd.nist.gov/vuln/detail/CVE-2021-22793
CVE-2021-39192Ghost is a Node.js content management system. An error in the implementation of the limits service between versions 4.0.0 and 4.9.4 allows all authenticated users (including contributors) to view admin-level API keys via the integrations API endpoint, leading to a privilege escalation vulnerability. This issue is patched in Ghost version 4.10.0. As a workaround, disable all non-Administrator accounts to prevent API access. It is highly recommended to regenerate all API keys after patching or applying the workaround.7.2https://nvd.nist.gov/vuln/detail/CVE-2021-39192
CVE-2021-24390A proid GET parameter of the WordPress支付�Alipay|财付通Tenpay|��PayPal集��件 WordPress plugin through 3.7.2 is not sanitised, properly escaped or validated before inserting to a SQL statement not delimited by quotes, leading to SQL injection.7.2https://nvd.nist.gov/vuln/detail/CVE-2021-24390
CVE-2021-24392An id GET parameter of the WordPress Membership SwiftCloud.io WordPress plugin through 1.0 is not properly sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.7.2https://nvd.nist.gov/vuln/detail/CVE-2021-24392
CVE-2021-24393A c GET parameter of the Comment Highlighter WordPress plugin through 0.13 is not properly sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.7.2https://nvd.nist.gov/vuln/detail/CVE-2021-24393
CVE-2021-24394An id GET parameter of the Easy Testimonial Manager WordPress plugin through 1.2.0 is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection7.2https://nvd.nist.gov/vuln/detail/CVE-2021-24394
CVE-2021-24395The editid GET parameter of the Embed Youtube Video WordPress plugin through 1.0 is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.7.2https://nvd.nist.gov/vuln/detail/CVE-2021-24395
CVE-2021-37717A remote arbitrary command execution vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.6; Prior to 8.7.1.4, 8.6.0.7, 8.5.0.12, 8.3.0.16. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address this security vulnerability.7.2https://nvd.nist.gov/vuln/detail/CVE-2021-37717
CVE-2021-37718A remote arbitrary command execution vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.6; Prior to 8.7.1.4, 8.6.0.7, 8.5.0.12, 8.3.0.16. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address this security vulnerability.7.2https://nvd.nist.gov/vuln/detail/CVE-2021-37718
CVE-2021-37719A remote arbitrary command execution vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.4, 8.6.0.9, 8.5.0.13, 8.3.0.16, 6.5.4.20, 6.4.4.25. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address this security vulnerability.7.2https://nvd.nist.gov/vuln/detail/CVE-2021-37719
CVE-2021-37720A remote arbitrary command execution vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.4, 8.6.0.9, 8.5.0.13, 8.3.0.16, 6.5.4.20, 6.4.4.25. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address this security vulnerability.7.2https://nvd.nist.gov/vuln/detail/CVE-2021-37720
CVE-2021-37721A remote arbitrary command execution vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.4, 8.6.0.9, 8.5.0.13, 8.3.0.16, 6.5.4.20, 6.4.4.25. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address this security vulnerability.7.2https://nvd.nist.gov/vuln/detail/CVE-2021-37721
CVE-2021-37722A remote arbitrary command execution vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.4, 8.6.0.9, 8.5.0.13, 8.3.0.16, 6.5.4.20, 6.4.4.25. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address this security vulnerability.7.2https://nvd.nist.gov/vuln/detail/CVE-2021-37722
CVE-2021-37723A remote arbitrary command execution vulnerability was discovered in Aruba Operating System Software version(s): Prior to 8.7.1.2, 8.6.0.8, 8.5.0.12, 8.3.0.16. Aruba has released patches for ArubaOS that address this security vulnerability.7.2https://nvd.nist.gov/vuln/detail/CVE-2021-37723
CVE-2021-37724A remote arbitrary command execution vulnerability was discovered in Aruba Operating System Software version(s): Prior to 8.7.1.2, 8.6.0.8, 8.5.0.12, 8.3.0.16. Aruba has released patches for ArubaOS that address this security vulnerability.7.2https://nvd.nist.gov/vuln/detail/CVE-2021-37724
CVE-2021-39503PHPMyWind 5.6 is vulnerable to Remote Code Execution. Becase input is filtered without "<, >, ?, =, `,...." In WriteConfig() function, an attacker can inject php code to /include/config.cache.php file.7.2https://nvd.nist.gov/vuln/detail/CVE-2021-39503
CVE-2021-3054A time-of-check to time-of-use (TOCTOU) race condition vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permission to upload plugins to execute arbitrary code with root user privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11; PAN-OS 10.0 versions earlier than PAN-OS 10.0.7; PAN-OS 10.1 versions earlier than PAN-OS 10.1.2. This issue does not affect Prisma Access.7.2https://nvd.nist.gov/vuln/detail/CVE-2021-3054
CVE-2021-32805Flask-AppBuilder is an application development framework, built on top of Flask. In affected versions if using Flask-AppBuilder OAuth, an attacker can share a carefully crafted URL with a trusted domain for an application built with Flask-AppBuilder, this URL can redirect a user to a malicious site. This is an open redirect vulnerability. To resolve this issue upgrade to Flask-AppBuilder 3.2.2 or above. If upgrading is infeasible users may filter HTTP traffic containing `?next={next-site}` where the `next-site` domain is different from the application you are protecting as a workaround.7.2https://nvd.nist.gov/vuln/detail/CVE-2021-32805
CVE-2019-12571A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v0.9.8 beta (build 02099) for macOS could allow an authenticated, local attacker to overwrite arbitrary files. When the client initiates a connection, the XML /tmp/pia-watcher.plist file is created. If the file exists, it will be truncated and the contents completely overwritten. This file is removed on disconnect. An unprivileged user can create a hard or soft link to arbitrary files owned by any user on the system, including root. This creates a denial of service condition and possible data loss if leveraged by a malicious local user.7.1https://nvd.nist.gov/vuln/detail/CVE-2019-12571
CVE-2019-12573A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for Linux and macOS could allow an authenticated, local attacker to overwrite arbitrary files. The openvpn_launcher binary is setuid root. This binary supports the --log option, which accepts a path as an argument. This parameter is not sanitized, which allows a local unprivileged user to overwrite arbitrary files owned by any user on the system, including root. This creates a denial of service condition and possible data loss if leveraged by a malicious local user.7.1https://nvd.nist.gov/vuln/detail/CVE-2019-12573
CVE-2019-1161An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Defender Elevation of Privilege Vulnerability'.7.1https://nvd.nist.gov/vuln/detail/CVE-2019-1161
CVE-2020-10597Delta Industrial Automation DOPSoft, Version 4.00.08.15 and prior. Multiple out-of-bounds read vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to read information and/or crash the application.7.1https://nvd.nist.gov/vuln/detail/CVE-2020-10597
CVE-2020-1002An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Defender Elevation of Privilege Vulnerability'.7.1https://nvd.nist.gov/vuln/detail/CVE-2020-1002
CVE-2019-19100A privilege escalation vulnerability in the upgrade service in B&R Automation Studio versions 4.0.x, 4.1.x, 4.2.x, < 4.3.11SP, < 4.4.9SP, < 4.5.4SP, <. 4.6.3SP, < 4.7.2 and < 4.8.1 allow authenticated users to delete arbitrary files via an exposed interface.7.1https://nvd.nist.gov/vuln/detail/CVE-2019-19100
CVE-2020-10274The access tokens for the REST API are directly derived (sha256 and base64 encoding) from the publicly available default credentials from the Control Dashboard (refer to CVE-2020-10270 for related flaws). This flaw in combination with CVE-2020-10273 allows any attacker connected to the robot networks (wired or wireless) to exfiltrate all stored data (e.g. indoor mapping images) and associated metadata from the robot's database.7.1https://nvd.nist.gov/vuln/detail/CVE-2020-10274
CVE-2020-24558A vulnerability in an Trend Micro Apex One, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services dll may allow an attacker to manipulate it to cause an out-of-bounds read that crashes multiple processes in the product. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.7.1https://nvd.nist.gov/vuln/detail/CVE-2020-24558
CVE-2020-29075Acrobat Reader DC versions 2020.013.20066 (and earlier), 2020.001.30010 (and earlier) and 2017.011.30180 (and earlier) are affected by an information exposure vulnerability, that could enable an attacker to get a DNS interaction and track if the user has opened or closed a PDF file when loaded from the filesystem without a prompt. User interaction is required to exploit this vulnerability.7.1https://nvd.nist.gov/vuln/detail/CVE-2020-29075
CVE-2021-3571A flaw was found in the ptp4l program of the linuxptp package. When ptp4l is operating on a little-endian architecture as a PTP transparent clock, a remote attacker could send a crafted one-step sync message to cause an information leak or crash. The highest threat from this vulnerability is to data confidentiality and system availability. This flaw affects linuxptp versions before 3.1.1 and before 2.0.1.7.1https://nvd.nist.gov/vuln/detail/CVE-2021-3571
CVE-2021-32610In Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different vulnerability than CVE-2020-36193.7.1https://nvd.nist.gov/vuln/detail/CVE-2021-32610
CVE-2021-1930Possible out of bounds read due to incorrect validation of incoming buffer length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile7.1https://nvd.nist.gov/vuln/detail/CVE-2021-1930
CVE-2021-30741A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination.7.1https://nvd.nist.gov/vuln/detail/CVE-2021-30741
CVE-2018-6218A DLL Hijacking vulnerability in Trend Micro's User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system.7https://nvd.nist.gov/vuln/detail/CVE-2018-6218
CVE-2018-15332The svpn component of the F5 BIG-IP APM client prior to version 7.1.7.2 for Linux and macOS runs as a privileged process and can allow an unprivileged user to get ownership of files owned by root on the local client host in a race condition.7https://nvd.nist.gov/vuln/detail/CVE-2018-15332
CVE-2019-3698UNIX Symbolic Link (Symlink) Following vulnerability in the cronjob shipped with nagios of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 11; openSUSE Factory allows local attackers to cause cause DoS or potentially escalate privileges by winning a race. This issue affects: SUSE Linux Enterprise Server 12 nagios version 3.5.1-5.27 and prior versions. SUSE Linux Enterprise Server 11 nagios version 3.0.6-1.25.36.3.1 and prior versions. openSUSE Factory nagios version 4.4.5-2.1 and prior versions.7https://nvd.nist.gov/vuln/detail/CVE-2019-3698
CVE-2020-3957VMware Fusion (11.x before 11.5.5), VMware Remote Console for Mac (11.x and prior) and VMware Horizon Client for Mac (5.x and prior) contain a local privilege escalation vulnerability due to a Time-of-check Time-of-use (TOCTOU) issue in the service opener. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to root on the system where Fusion, VMRC and Horizon Client are installed.7https://nvd.nist.gov/vuln/detail/CVE-2020-3957
CVE-2021-40490A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13.7https://nvd.nist.gov/vuln/detail/CVE-2021-40490
CVE-2018-6311One can gain root access on the Foxconn femtocell FEMTO AP-FC4064-T version AP_GT_B38_5.8.3lb15-W47 LTE Build 15 via UART pins without any restrictions, which leads to full system compromise and disclosure of user communications.6.8https://nvd.nist.gov/vuln/detail/CVE-2018-6311
CVE-2018-0381A vulnerability in the Cisco Aironet Series Access Points (APs) software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to a deadlock condition that may occur when an affected AP attempts to dequeue aggregated traffic that is destined to an attacker-controlled wireless client. An attacker who can successfully transition between multiple Service Set Identifiers (SSIDs) hosted on the same AP while replicating the required traffic patterns could trigger the deadlock condition. A watchdog timer that detects the condition will trigger a reload of the device, resulting in a DoS condition while the device restarts.6.8https://nvd.nist.gov/vuln/detail/CVE-2018-0381
CVE-2020-10290Universal Robots controller execute URCaps (zip files containing Java-powered applications) without any permission restrictions and a wide API that presents many primitives that can compromise the overall robot operations as demonstrated in our video. In our PoC we demonstrate how a malicious actor could 'cook' a custom URCap that when deployed by the user (intendedly or unintendedly) compromises the system6.8https://nvd.nist.gov/vuln/detail/CVE-2020-10290
CVE-2021-30594Use after free in Page Info UI in Google Chrome prior to 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption via physical access to the device.6.8https://nvd.nist.gov/vuln/detail/CVE-2021-30594
CVE-2021-30597Use after free in Browser UI in Google Chrome on Chrome prior to 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption via physical access to the device.6.8https://nvd.nist.gov/vuln/detail/CVE-2021-30597
CVE-2021-28694IOMMU page mapping issues on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Both AMD and Intel allow ACPI tables to specify regions of memory which should be left untranslated, which typically means these addresses should pass the translation phase unaltered. While these are typically device specific ACPI properties, they can also be specified to apply to a range of devices, or even all devices. On all systems with such regions Xen failed to prevent guests from undoing/replacing such mappings (CVE-2021-28694). On AMD systems, where a discontinuous range is specified by firmware, the supposedly-excluded middle range will also be identity-mapped (CVE-2021-28695). Further, on AMD systems, upon de-assigment of a physical device from a guest, the identity mappings would be left in place, allowing a guest continued access to ranges of memory which it shouldn't have access to anymore (CVE-2021-28696).6.8https://nvd.nist.gov/vuln/detail/CVE-2021-28694
CVE-2021-28695IOMMU page mapping issues on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Both AMD and Intel allow ACPI tables to specify regions of memory which should be left untranslated, which typically means these addresses should pass the translation phase unaltered. While these are typically device specific ACPI properties, they can also be specified to apply to a range of devices, or even all devices. On all systems with such regions Xen failed to prevent guests from undoing/replacing such mappings (CVE-2021-28694). On AMD systems, where a discontinuous range is specified by firmware, the supposedly-excluded middle range will also be identity-mapped (CVE-2021-28695). Further, on AMD systems, upon de-assigment of a physical device from a guest, the identity mappings would be left in place, allowing a guest continued access to ranges of memory which it shouldn't have access to anymore (CVE-2021-28696).6.8https://nvd.nist.gov/vuln/detail/CVE-2021-28695
CVE-2021-28696IOMMU page mapping issues on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Both AMD and Intel allow ACPI tables to specify regions of memory which should be left untranslated, which typically means these addresses should pass the translation phase unaltered. While these are typically device specific ACPI properties, they can also be specified to apply to a range of devices, or even all devices. On all systems with such regions Xen failed to prevent guests from undoing/replacing such mappings (CVE-2021-28694). On AMD systems, where a discontinuous range is specified by firmware, the supposedly-excluded middle range will also be identity-mapped (CVE-2021-28695). Further, on AMD systems, upon de-assigment of a physical device from a guest, the identity mappings would be left in place, allowing a guest continued access to ranges of memory which it shouldn't have access to anymore (CVE-2021-28696).6.8https://nvd.nist.gov/vuln/detail/CVE-2021-28696
CVE-2021-39133Rundeck is an open source automation service with a web console, command line tools and a WebAPI. Prior to version 3.3.14 and version 3.4.3, a user with `admin` access to the `system` resource type is potentially vulnerable to a CSRF attack that could cause the server to run untrusted code on all Rundeck editions. Patches are available in Rundeck versions 3.4.3 and 3.3.14.6.8https://nvd.nist.gov/vuln/detail/CVE-2021-39133
CVE-2021-39203WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions authenticated users who don't have permission to view private post types/data can bypass restrictions in the block editor under certain conditions. This affected WordPress 5.8 beta during the testing period. It's fixed in the final 5.8 release.6.8https://nvd.nist.gov/vuln/detail/CVE-2021-39203
CVE-2015-4056The System Library in VCE Vision Intelligent Operations before 2.6.5 does not properly implement cryptography, which makes it easier for local users to discover credentials by leveraging administrative access.6.7https://nvd.nist.gov/vuln/detail/CVE-2015-4056
CVE-2019-6145Forcepoint VPN Client for Windows versions lower than 6.6.1 have an unquoted search path vulnerability. This enables local privilege escalation to SYSTEM user. By default, only local administrators can write executables to the vulnerable directories. Forcepoint thanks Peleg Hadar of SafeBreach Labs for finding this vulnerability and for reporting it to us.6.7https://nvd.nist.gov/vuln/detail/CVE-2019-6145
CVE-2020-7580A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V16 (All versions < V16 Upd3), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC ProSave (All versions), SIMATIC S7-1500 Software Controller (All versions < V21.8), SIMATIC STEP 7 (All versions < V5.6 SP2 HF3), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMATIC WinCC OA V3.16 (All versions < P018), SIMATIC WinCC OA V3.17 (All versions < P003), SIMATIC WinCC Runtime Advanced (All versions < V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 3), SINAMICS STARTER (All Versions < V5.4 HF2), SINAMICS Startdrive (All Versions < V16 Update 3), SINEC NMS (All versions < V1.0 SP2), SINEMA Server (All versions < V14 SP3), SINUMERIK ONE virtual (All Versions < V6.14), SINUMERIK Operate (All Versions < V6.14). A component within the affected application regularly calls a helper binary with SYSTEM privileges while the call path is not quoted.6.7https://nvd.nist.gov/vuln/detail/CVE-2020-7580
CVE-2018-10989Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices are distributed by some ISPs with a default password of "password" for the admin account that is used over an unencrypted http://192.168.0.1 connection, which might allow remote attackers to bypass intended access restrictions by leveraging access to the local network. NOTE: one or more user's guides distributed by ISPs state "At a minimum, you should set a login password."6.6https://nvd.nist.gov/vuln/detail/CVE-2018-10989
CVE-2021-21057Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a null pointer dereference vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve denial of service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.6.6https://nvd.nist.gov/vuln/detail/CVE-2021-21057
CVE-2021-36043Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by a blind SSRF vulnerability in the bundled dotmailer extension. An attacker with admin privileges could abuse this to achieve remote code execution should Redis be enabled.6.6https://nvd.nist.gov/vuln/detail/CVE-2021-36043
CVE-2016-2291Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV before 4.05.000, PFXEXEDLS before 4.05.000, and PFXEXGRPLS before 4.05.000 allow remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.6.5https://nvd.nist.gov/vuln/detail/CVE-2016-2291
CVE-2016-2292Stack-based buffer overflow in Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV before 4.05.000, PFXEXEDLS before 4.05.000, and PFXEXGRPLS before 4.05.000 allows remote attackers to execute arbitrary code via unspecified vectors.6.5https://nvd.nist.gov/vuln/detail/CVE-2016-2292
CVE-2016-4828The Collne Welcart e-Commerce plugin before 1.8.3 for WordPress mishandles sessions, which allows remote attackers to obtain access by leveraging knowledge of the e-mail address associated with an account.6.5https://nvd.nist.gov/vuln/detail/CVE-2016-4828
CVE-2016-0767PostgreSQL PL/Java before 1.5.0 allows remote authenticated users with USAGE permission on the public schema to alter the public schema classpath.6.5https://nvd.nist.gov/vuln/detail/CVE-2016-0767
CVE-2016-2192PostgreSQL PL/Java before 1.5.0 allows remote authenticated users to alter type mappings for types they do not own.6.5https://nvd.nist.gov/vuln/detail/CVE-2016-2192
CVE-2017-2298The mcollective-sshkey-security plugin before 0.5.1 for Puppet uses a server-specified identifier as part of a path where a file is written. A compromised server could use this to write a file to an arbitrary location on the client with the filename appended with the string "_pub.pem".6.5https://nvd.nist.gov/vuln/detail/CVE-2017-2298
CVE-2017-9476The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST); Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST); and Arris TG1682G (eMTA&DOCSIS version 10.0.132.SIP.PC20.CT, software version TG1682_2.2p7s2_PROD_sey) devices makes it easy for remote attackers to determine the hidden SSID and passphrase for a Home Security Wi-Fi network.6.5https://nvd.nist.gov/vuln/detail/CVE-2017-9476
CVE-2017-5060Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.6.5https://nvd.nist.gov/vuln/detail/CVE-2017-5060
CVE-2017-5066Insufficient consistency checks in signature handling in the networking stack in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to incorrectly accept a badly formed X.509 certificate via a crafted HTML page.6.5https://nvd.nist.gov/vuln/detail/CVE-2017-5066
CVE-2017-5067An insufficient watchdog timer in navigation in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.6.5https://nvd.nist.gov/vuln/detail/CVE-2017-5067
CVE-2017-5076Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.6.5https://nvd.nist.gov/vuln/detail/CVE-2017-5076
CVE-2017-5086Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.86 for Windows and Mac allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.6.5https://nvd.nist.gov/vuln/detail/CVE-2017-5086
CVE-2017-5089Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.104 for Mac allowed a remote attacker to perform domain spoofing via a crafted domain name.6.5https://nvd.nist.gov/vuln/detail/CVE-2017-5089
CVE-2017-5090Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.115 for Mac allowed a remote attacker to perform domain spoofing via a crafted domain name containing a U+0620 character, aka Apple rdar problem 32458012.6.5https://nvd.nist.gov/vuln/detail/CVE-2017-5090
CVE-2017-5093Inappropriate implementation in modal dialog handling in Blink in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to prevent a full screen warning from being displayed via a crafted HTML page.6.5https://nvd.nist.gov/vuln/detail/CVE-2017-5093
CVE-2017-5094Type confusion in extensions JavaScript bindings in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to potentially maliciously modify objects via a crafted HTML page.6.5https://nvd.nist.gov/vuln/detail/CVE-2017-5094
CVE-2017-5101Inappropriate implementation in Omnibox in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to spoof the contents of the Omnibox via a crafted HTML page.6.5https://nvd.nist.gov/vuln/detail/CVE-2017-5101
CVE-2017-5104Inappropriate implementation in interstitials in Google Chrome prior to 60.0.3112.78 for Mac allowed a remote attacker to spoof the contents of the omnibox via a crafted HTML page.6.5https://nvd.nist.gov/vuln/detail/CVE-2017-5104
CVE-2017-5105Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.6.5https://nvd.nist.gov/vuln/detail/CVE-2017-5105
CVE-2017-5106Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.6.5https://nvd.nist.gov/vuln/detail/CVE-2017-5106
CVE-2017-5110Inappropriate implementation of the web payments API on blob: and data: schemes in Web Payments in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to spoof the contents of the Omnibox via a crafted HTML page.6.5https://nvd.nist.gov/vuln/detail/CVE-2017-5110
CVE-2017-5120Inappropriate use of www mismatch redirects in browser navigation in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially downgrade HTTPS requests to HTTP via a crafted HTML page. In other words, Chrome could transmit cleartext even though the user had entered an https URL, because of a misdesigned workaround for cases where the domain name in a URL almost matches the domain name in an X.509 server certificate (but differs in the initial "www." substring).6.5https://nvd.nist.gov/vuln/detail/CVE-2017-5120
CVE-2017-16541Tor Browser before 7.0.9 on macOS and Linux allows remote attackers to bypass the intended anonymity feature and discover a client IP address via vectors involving a crafted web site that leverages file:// mishandling in Firefox, aka TorMoil. NOTE: Tails is unaffected.6.5https://nvd.nist.gov/vuln/detail/CVE-2017-16541
CVE-2018-16080A missing check for popup window handling in Fullscreen in Google Chrome on macOS prior to 69.0.3497.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.6.5https://nvd.nist.gov/vuln/detail/CVE-2018-16080
CVE-2018-6097Incorrect handling of asynchronous methods in Fullscreen in Google Chrome on macOS prior to 66.0.3359.117 allowed a remote attacker to enter full screen without showing a warning via a crafted HTML page.6.5https://nvd.nist.gov/vuln/detail/CVE-2018-6097
CVE-2018-6113Improper handling of pending navigation entries in Navigation in Google Chrome on iOS prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via a crafted HTML page.6.5https://nvd.nist.gov/vuln/detail/CVE-2018-6113
CVE-2019-0757A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify a NuGet package's folder structure, aka 'NuGet Package Manager Tampering Vulnerability'.6.5https://nvd.nist.gov/vuln/detail/CVE-2019-0757
CVE-2019-7844Adobe Media Encoder version 13.0.2 has an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.6.5https://nvd.nist.gov/vuln/detail/CVE-2019-7844
CVE-2019-7045Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.6.5https://nvd.nist.gov/vuln/detail/CVE-2019-7045
CVE-2019-7049Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.6.5https://nvd.nist.gov/vuln/detail/CVE-2019-7049
CVE-2019-7090Flash Player Desktop Runtime versions 32.0.0.114 and earlier, Flash Player for Google Chrome versions 32.0.0.114 and earlier, and Flash Player for Microsoft Edge and Internet Explorer 11 versions 32.0.0.114 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.6.5https://nvd.nist.gov/vuln/detail/CVE-2019-7090
CVE-2019-8283Hasplm cookie in Gemalto Admin Control Center, all versions prior to 7.92, does not have 'HttpOnly' flag. This allows malicious javascript to steal it.6.5https://nvd.nist.gov/vuln/detail/CVE-2019-8283
CVE-2019-8040Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .6.5https://nvd.nist.gov/vuln/detail/CVE-2019-8040
CVE-2019-7977Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak.6.5https://nvd.nist.gov/vuln/detail/CVE-2019-7977
CVE-2019-7981Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak.6.5https://nvd.nist.gov/vuln/detail/CVE-2019-7981
CVE-2019-7987Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak.6.5https://nvd.nist.gov/vuln/detail/CVE-2019-7987
CVE-2019-7999Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak.6.5https://nvd.nist.gov/vuln/detail/CVE-2019-7999
CVE-2019-8000Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak.6.5https://nvd.nist.gov/vuln/detail/CVE-2019-8000
CVE-2019-14220An issue was discovered in BlueStacks 4.110 and below on macOS and on 4.120 and below on Windows. BlueStacks employs Android running in a virtual machine (VM) to enable Android apps to run on Windows or MacOS. Bug is in a local arbitrary file read through a system service call. The impacted method runs with System admin privilege and if given the file name as parameter returns you the content of file. A malicious app using the affected method can then read the content of any system file which it is not authorized to read6.5https://nvd.nist.gov/vuln/detail/CVE-2019-14220
CVE-2019-6144This vulnerability allows a normal (non-admin) user to disable the Forcepoint One Endpoint (versions 19.04 through 19.08) and bypass DLP and Web protection.6.5https://nvd.nist.gov/vuln/detail/CVE-2019-6144
CVE-2020-1600In a Point-to-Multipoint (P2MP) Label Switched Path (LSP) scenario, an uncontrolled resource consumption vulnerability in the Routing Protocol Daemon (RPD) in Juniper Networks Junos OS allows a specific SNMP request to trigger an infinite loop causing a high CPU usage Denial of Service (DoS) condition. This issue affects both SNMP over IPv4 and IPv6. This issue affects: Juniper Networks Junos OS: 12.3X48 versions prior to 12.3X48-D90; 15.1 versions prior to 15.1R7-S6; 15.1X49 versions prior to 15.1X49-D200; 15.1X53 versions prior to 15.1X53-D238, 15.1X53-D592; 16.1 versions prior to 16.1R7-S5; 16.2 versions prior to 16.2R2-S11; 17.1 versions prior to 17.1R3-S1; 17.2 versions prior to 17.2R3-S2; 17.3 versions prior to 17.3R3-S7; 17.4 versions prior to 17.4R2-S4, 17.4R3; 18.1 versions prior to 18.1R3-S5; 18.2 versions prior to 18.2R3; 18.2X75 versions prior to 18.2X75-D50; 18.3 versions prior to 18.3R2; 18.4 versions prior to 18.4R2; 19.1 versions prior to 19.1R2.6.5https://nvd.nist.gov/vuln/detail/CVE-2020-1600
CVE-2020-0028In notifyNetworkTested and related functions of NetworkMonitor.java, there is a possible bypass of private DNS settings. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9Android ID: A-1226520576.5https://nvd.nist.gov/vuln/detail/CVE-2020-0028
CVE-2015-5361Background For regular, unencrypted FTP traffic, the FTP ALG can inspect the unencrypted control channel and open related sessions for the FTP data channel. These related sessions (gates) are specific to source and destination IPs and ports of client and server. The design intent of the ftps-extensions option (which is disabled by default) is to provide similar functionality when the SRX secures the FTP/FTPS client. As the control channel is encrypted, the FTP ALG cannot inspect the port specific information and will open a wider TCP data channel (gate) from client IP to server IP on all destination TCP ports. In FTP/FTPS client environments to an enterprise network or the Internet, this is the desired behavior as it allows firewall policy to be written to FTP/FTPS servers on well-known control ports without using a policy with destination IP ANY and destination port ANY. Issue The ftps-extensions option is not intended or recommended where the SRX secures the FTPS server, as the wide data channel session (gate) will allow the FTPS client temporary access to all TCP ports on the FTPS server. The data session is associated to the control channel and will be closed when the control channel session closes. Depending on the configuration of the FTPS server, supporting load-balancer, and SRX inactivity-timeout values, the server/load-balancer and SRX may keep the control channel open for an extended period of time, allowing an FTPS client access for an equal duration.? Note that the ftps-extensions option is not enabled by default.6.5https://nvd.nist.gov/vuln/detail/CVE-2015-5361
CVE-2019-20626The remote keyless system on Honda HR-V 2017 vehicles sends the same RF signal for each door-open request, which might allow a replay attack.6.5https://nvd.nist.gov/vuln/detail/CVE-2019-20626
CVE-2020-1625The kernel memory usage represented as "temp" via 'show system virtual-memory' may constantly increase when Integrated Routing and Bridging (IRB) is configured with multiple underlay physical interfaces, and one interface flaps. This memory leak can affect running daemons (processes), leading to an extended Denial of Service (DoS) condition. Usage of "temp" virtual memory, shown here by a constantly increasing value of outstanding Requests, can be monitored by executing the 'show system virtual-memory' command as shown below: user@junos> show system virtual-memory |match "fpc|type|temp" fpc0: -------------------------------------------------------------------------- Type InUse MemUse HighUse Requests Size(s) temp 2023 431K - 10551 16,32,64,128,256,512,1024,2048,4096,65536,262144,1048576,2097152,4194304,8388608 fpc1: -------------------------------------------------------------------------- Type InUse MemUse HighUse Requests Size(s) temp 2020 431K - 6460 16,32,64,128,256,512,1024,2048,4096,65536,262144,1048576,2097152,4194304,8388608 user@junos> show system virtual-memory |match "fpc|type|temp" fpc0: -------------------------------------------------------------------------- Type InUse MemUse HighUse Requests Size(s) temp 2023 431K - 16101 16,32,64,128,256,512,1024,2048,4096,65536,262144,1048576,2097152,4194304,8388608 fpc1: -------------------------------------------------------------------------- Type InUse MemUse HighUse Requests Size(s) temp 2020 431K - 6665 16,32,64,128,256,512,1024,2048,4096,65536,262144,1048576,2097152,4194304,8388608 user@junos> show system virtual-memory |match "fpc|type|temp" fpc0: -------------------------------------------------------------------------- Type InUse MemUse HighUse Requests Size(s) temp 2023 431K - 21867 16,32,64,128,256,512,1024,2048,4096,65536,262144,1048576,2097152,4194304,8388608 fpc1: -------------------------------------------------------------------------- Type InUse MemUse HighUse Requests Size(s) temp 2020 431K - 6858 16,32,64,128,256,512,1024,2048,4096,65536,262144,1048576,2097152,4194304,8388608 This issue affects Juniper Networks Junos OS: 16.1 versions prior to 16.1R7-S6; 17.1 versions prior to 17.1R2-S11, 17.1R3-S1; 17.2 versions prior to 17.2R2-S8, 17.2R3-S3; 17.2X75 versions prior to 17.2X75-D44; 17.3 versions prior to 17.3R2-S5, 17.3R3-S6; 17.4 versions prior to 17.4R2-S5, 17.4R3; 18.1 versions prior to 18.1R3-S7; 18.2 versions prior to 18.2R2-S5, 18.2R3; 18.2X75 versions prior to 18.2X75-D33, 18.2X75-D411, 18.2X75-D420, 18.2X75-D60; 18.3 versions prior to 18.3R1-S5, 18.3R2-S3, 18.3R3; 18.4 versions prior to 18.4R2-S2, 18.4R3; 19.1 versions prior to 19.1R1-S3, 19.1R2; 19.2 versions prior to 19.2R1-S3, 19.2R2. This issue does not affect Juniper Networks Junos OS 12.3 and 15.1.6.5https://nvd.nist.gov/vuln/detail/CVE-2020-1625
CVE-2020-11420UPS Adapter CS141 before 1.90 allows Directory Traversal. An attacker with Admin or Engineer login credentials could exploit the vulnerability by manipulating variables that reference files and by doing this achieve access to files and directories outside the web root folder. An attacker may access arbitrary files and directories stored in the file system, but integrity of the files are not jeopardized as attacker have read access rights only.6.5https://nvd.nist.gov/vuln/detail/CVE-2020-11420
CVE-2020-11009In Rundeck before version 3.2.6, authenticated users can craft a request that reveals Execution data and logs and Job details that they are not authorized to see. Depending on the configuration and the way that Rundeck is used, this could result in anything between a high severity risk, or a very low risk. If access is tightly restricted and all users on the system have access to all projects, this is not really much of an issue. If access is wider and allows login for users that do not have access to any projects, or project access is restricted, there is a larger issue. If access is meant to be restricted and secrets, sensitive data, or intellectual property are exposed in Rundeck execution output and job data, the risk becomes much higher. This vulnerability is patched in version 3.2.66.5https://nvd.nist.gov/vuln/detail/CVE-2020-11009
CVE-2020-14711Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. Note: The CVE-2020-14711 is applicable to macOS host only. CVSS 3.1 Base Score 6.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H).6.5https://nvd.nist.gov/vuln/detail/CVE-2020-14711
CVE-2020-15799A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0). The vulnerability could allow an unauthenticated attacker to reboot the device over the network by using special urls from integrated web server of the affected products.6.5https://nvd.nist.gov/vuln/detail/CVE-2020-15799
CVE-2021-21042Acrobat Reader DC versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Read vulnerability that could lead to arbitrary disclosure of information in the memory stack. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-21042
CVE-2021-28363The urllib3 library 1.26.x before 1.26.4 for Python omits SSL certificate validation in some cases involving HTTPS to HTTPS proxies. The initial connection to the HTTPS proxy (if an SSLContext isn't given via proxy_config) doesn't verify the hostname of the certificate. This means certificates for different servers that still validate properly with the default urllib3 SSLContext will be silently accepted.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-28363
CVE-2021-28546Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are missing support for an integrity check. An unauthenticated attacker could leverage this vulnerability to modify content in a certified PDF without invalidating the certification. Exploitation of this issue requires user interaction in that a victim must open the tampered file.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-28546
CVE-2020-9681Adobe Genuine Service version 6.6 (and earlier) is affected by an Uncontrolled Search Path element vulnerability. An authenticated attacker could exploit this to rewrite the file of the administrator, which may lead to elevated permissions. Exploitation of this issue requires user interaction.6.5https://nvd.nist.gov/vuln/detail/CVE-2020-9681
CVE-2021-31806An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a memory-management bug, it is vulnerable to a Denial of Service attack (against all clients using the proxy) via HTTP Range request processing.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-31806
CVE-2021-31808An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to an input-validation bug, it is vulnerable to a Denial of Service attack (against all clients using the proxy). A client sends an HTTP Range request to trigger this.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-31808
CVE-2021-31807An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. An integer overflow problem allows a remote server to achieve Denial of Service when delivering responses to HTTP Range requests. The issue trigger is a header that can be expected to exist in HTTP traffic without any malicious intent.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-31807
CVE-2020-24511Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.6.5https://nvd.nist.gov/vuln/detail/CVE-2020-24511
CVE-2021-32559An integer overflow exists in pywin32 prior to version b301 when adding an access control entry (ACE) to an access control list (ACL) that would cause the size to be greater than 65535 bytes. An attacker who successfully exploited this vulnerability could crash the vulnerable process.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-32559
CVE-2021-30580Insufficient policy enforcement in Android intents in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious application to obtain potentially sensitive information via a crafted HTML page.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-30580
CVE-2021-30582Inappropriate implementation in Animation in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to leak cross-origin data via a crafted HTML page.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-30582
CVE-2021-30583Insufficient policy enforcement in image handling in iOS in Google Chrome on iOS prior to 92.0.4515.107 allowed a remote attacker to leak cross-origin data via a crafted HTML page.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-30583
CVE-2021-30584Incorrect security UI in Downloads in Google Chrome on Android prior to 92.0.4515.107 allowed a remote attacker to perform domain spoofing via a crafted HTML page.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-30584
CVE-2021-0009Out-of-bounds read in the firmware for Intel(R) Ethernet Adapters 800 Series Controllers and associated adapters before version 1.5.3.0 may allow an unauthenticated user to potentially enable denial of service via adjacent access.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-0009
CVE-2021-33598A Denial-of-Service (DoS) vulnerability was discovered in all versions of F-Secure Atlant whereby the SAVAPI component used in certain F-Secure products can crash while scanning fuzzed files. The exploit can be triggered remotely by an attacker. A successful attack will result in Denial-of-Service (DoS) of the Anti-Virus engine.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-33598
CVE-2021-32832Rocket.Chat is an open-source fully customizable communications platform developed in JavaScript. In Rocket.Chat before versions 3.11.3, 3.12.2, and 3.13 an issue with certain regular expressions could lead potentially to Denial of Service. This was fixed in versions 3.11.3, 3.12.2, and 3.13.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-32832
CVE-2021-3634A flaw has been found in libssh in versions prior to 0.9.6. The SSH protocol keeps track of two shared secrets during the lifetime of the session. One of them is called secret_hash and the other session_id. Initially, both of them are the same, but after key re-exchange, previous session_id is kept and used as an input to new secret_hash. Historically, both of these buffers had shared length variable, which worked as long as these buffers were same. But the key re-exchange operation can also change the key exchange method, which can be based on hash of different size, eventually creating "secret_hash" of different size than the session_id has. This becomes an issue when the session_id memory is zeroed or when it is used again during second key re-exchange.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-3634
CVE-2021-36233The function AdminGetFirstFileContentByFilePath in MIK.starlight 7.9.5.24363 allows (by design) an authenticated attacker to read arbitrary files from the filesystem by specifying the file path.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-36233
CVE-2021-40085An issue was discovered in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. Authenticated attackers can reconfigure dnsmasq via a crafted extra_dhcp_opts value.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-40085
CVE-2021-40352OpenEMR 6.0.0 has a pnotes_print.php?noteid= Insecure Direct Object Reference vulnerability via which an attacker can read the messages of all users.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-40352
CVE-2021-36012Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by a business logic error in the placeOrder graphql mutation. An authenticated attacker can leverage this vulnerability to altar the price of an item.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-36012
CVE-2021-36037Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper improper authorization vulnerability. An authenticated attacker could leverage this vulnerability to achieve sensitive information disclosure.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-36037
CVE-2021-36038Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability in the Multishipping Module. An authenticated attacker could leverage this vulnerability to achieve sensitive information disclosure.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-36038
CVE-2021-36039Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability via the `quoteId` parameter. An attacker can abuse this vulnerability to disclose sensitive information.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-36039
CVE-2021-3758bookstack is vulnerable to Server-Side Request Forgery (SSRF)6.5https://nvd.nist.gov/vuln/detail/CVE-2021-3758
CVE-2021-22789A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions).6.5https://nvd.nist.gov/vuln/detail/CVE-2021-22789
CVE-2021-22790A CWE-125: Out-of-bounds Read vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions).6.5https://nvd.nist.gov/vuln/detail/CVE-2021-22790
CVE-2021-22791A CWE-787: Out-of-bounds Write vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions).6.5https://nvd.nist.gov/vuln/detail/CVE-2021-22791
CVE-2021-38312The Gutenberg Template Library & Redux Framework plugin <= 4.2.11 for WordPress used an incorrect authorization check in the REST API endpoints registered under the “redux/v1/templates/” REST Route in “redux-templates/classes/class-api.php”. The `permissions_callback` used in this file only checked for the `edit_posts` capability which is granted to lower-privileged users such as contributors, allowing such users to install arbitrary plugins from the WordPress repository and edit arbitrary posts.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-38312
CVE-2021-40491The ftp client in GNU Inetutils before 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they match the server address. This is similar to CVE-2020-8284 for curl.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-40491
CVE-2021-30615Inappropriate implementation in Navigation in Google Chrome prior to 93.0.4577.63 allowed a remote attacker to leak cross-origin data via a crafted HTML page.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-30615
CVE-2021-30617Policy bypass in Blink in Google Chrome prior to 93.0.4577.63 allowed a remote attacker to bypass site isolation via a crafted HTML page.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-30617
CVE-2021-30619Inappropriate implementation in Autofill in Google Chrome prior to 93.0.4577.63 allowed a remote attacker to spoof security UI via a crafted HTML page.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-30619
CVE-2021-30621Inappropriate implementation in Autofill in Google Chrome prior to 93.0.4577.63 allowed a remote attacker to spoof security UI via a crafted HTML page.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-30621
CVE-2021-25735A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook. Clusters are only affected by this vulnerability if they run a Validating Admission Webhook for Nodes that denies admission based at least partially on the old state of the Node object. Validating Admission Webhook does not observe some previous fields.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-25735
CVE-2021-28135The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a denial of service (crash) in ESP32 by flooding the target device with LMP Feature Response data.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-28135
CVE-2021-28136The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly handle the reception of multiple LMP IO Capability Request packets during the pairing process, allowing attackers in radio range to trigger memory corruption (and consequently a crash) in ESP32 via a replayed (duplicated) LMP packet.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-28136
CVE-2021-28155The Bluetooth Classic implementation on JBL TUNE500BT devices does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a denial of service and shutdown a device by flooding the target device with LMP Feature Response data.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-28155
CVE-2021-31613The Bluetooth Classic implementation on Zhuhai Jieli AC690X and AC692X devices does not properly handle the reception of a truncated LMP packet during the LMP auto rate procedure, allowing attackers in radio range to immediately crash (and restart) a device via a crafted LMP packet.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-31613
CVE-2021-33831api/account/register in the TH Wildau COVID-19 Contact Tracing application through 2021-09-01 has Incorrect Access Control. An attacker can interfere with tracing of infection chains by creating 500 random users within 2500 seconds.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-33831
CVE-2021-34144The Bluetooth Classic implementation in the Zhuhai Jieli AC6366C BT SDK through 0.9.1 does not properly handle the reception of truncated LMP_SCO_Link_Request packets while no other BT connections are active, allowing attackers in radio range to prevent new BT connections (disabling the AB5301A inquiry and page scan procedures) via a crafted LMP packet. The user needs to manually perform a power cycle (restart) of the device to restore BT connectivity.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-34144
CVE-2021-34150The Bluetooth Classic implementation on Bluetrum AB5301A devices with unknown firmware versions does not properly handle the reception of oversized DM1 LMP packets while no other BT connections are active, allowing attackers in radio range to prevent new BT connections (disabling the AB5301A inquiry and page scan procedures) via a crafted LMP packet. The user needs to manually perform a power cycle (restart) of the device to restore BT connectivity.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-34150
CVE-2021-31609The Bluetooth Classic implementation in Silicon Labs iWRAP 6.3.0 and earlier does not properly handle the reception of an oversized LMP packet greater than 17 bytes, allowing attackers in radio range to trigger a crash in WT32i via a crafted LMP packet.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-31609
CVE-2021-31610The Bluetooth Classic implementation on AB32VG1 devices does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a denial of service (either restart or deadlock the device) by flooding a device with LMP_AU_rand data.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-31610
CVE-2021-31785The Bluetooth Classic implementation on Actions ATS2815 and ATS2819 chipsets does not properly handle the reception of multiple LMP_host_connection_req packets, allowing attackers in radio range to trigger a denial of service (deadlock) of the device via crafted LMP packets. Manual user intervention is required to restart the device and restore Bluetooth communication.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-31785
CVE-2021-31786The Bluetooth Classic Audio implementation on Actions ATS2815 and ATS2819 devices does not properly handle a connection attempt from a host with the same BDAddress as the current connected BT host, allowing attackers to trigger a disconnection and deadlock of the device by connecting with a forged BDAddress that matches the original connected host.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-31786
CVE-2021-34143The Bluetooth Classic implementation in the Zhuhai Jieli AC6366C_DEMO_V1.0 does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a denial of service (deadlock) of the device by flooding it with LMP_AU_Rand packets after paging procedure. User intervention is required to restart the device.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-34143
CVE-2021-34146The Bluetooth Classic implementation in the Cypress CYW920735Q60EVB does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a denial of service and restart (crash) of the device by flooding it with LMP_AU_Rand packets after the paging procedure.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-34146
CVE-2021-34147The Bluetooth Classic implementation in the Cypress WICED BT stack through 2.9.0 for CYW20735B1 does not properly handle the reception of a malformed LMP timing accuracy response followed by multiple reconnections to the link slave, allowing attackers to exhaust device BT resources and eventually trigger a crash via multiple attempts of sending a crafted LMP timing accuracy response followed by a sudden reconnection with a random BDAddress.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-34147
CVE-2021-34148The Bluetooth Classic implementation in the Cypress WICED BT stack through 2.9.0 for CYW20735B1 devices does not properly handle the reception of LMP_max_slot with a greater ACL Length after completion of the LMP setup procedure, allowing attackers in radio range to trigger a denial of service (firmware crash) via a crafted LMP packet.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-34148
CVE-2021-34149The Bluetooth Classic implementation on the Texas Instruments CC256XCQFN-EM does not properly handle the reception of continuous LMP_AU_Rand packets, allowing attackers in radio range to trigger a denial of service (deadlock) of the device by flooding it with LMP_AU_Rand packets after the paging procedure.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-34149
CVE-2019-5318A remote cross-site request forgery (csrf) vulnerability was discovered in Aruba Operating System Software version(s): 6.x.x.x: all versions, 8.x.x.x: all versions prior to 8.8.0.0. Aruba has released patches for ArubaOS that address this security vulnerability.6.5https://nvd.nist.gov/vuln/detail/CVE-2019-5318
CVE-2021-37728A remote path traversal vulnerability was discovered in Aruba Operating System Software version(s): Prior to 8.8.0.1, 8.7.1.4, 8.6.0.11, 8.5.0.13. Aruba has released patches for ArubaOS that address this security vulnerability.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-37728
CVE-2021-37729A remote path traversal vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.0-2.2.0.4; Prior to 8.7.1.3, 8.6.0.9, 8.5.0.12, 8.3.0.16, 6.5.4.19, 6.4.4.25. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address this security vulnerability.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-37729
CVE-2021-39195Misskey is an open source, decentralized microblogging platform. In affected versions a Server-Side Request Forgery vulnerability exists in "Upload from URL" and remote attachment handling. This could result in the disclosure of non-public information within the internal network. This has been fixed in 12.90.0. However, if you are using a proxy, you will need to take additional measures. As a workaround this exploit may be avoided by appropriately restricting access to private networks from the host where the application is running.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-39195
CVE-2021-39196pcapture is an open source dumpcap web service interface . In affected versions this vulnerability allows an authenticated but unprivileged user to use the REST API to capture and download packets with no capture filter and without adequate permissions. This is important because the capture filters can effectively limit the scope of information that a user can see in the data captures. If no filter is present, then all data on the local network segment where the program is running can be captured and downloaded. v3.12 fixes this problem. There is no workaround, you must upgrade to v3.12 or greater.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-39196
CVE-2021-37630Nextcloud Circles is an open source social network built for the nextcloud ecosystem. In affected versions the Nextcloud Circles application allowed any user to join any "Secret Circle" without approval by the Circle owner leaking private information. It is recommended that Nextcloud Circles is upgraded to 0.19.15, 0.20.11 or 0.21.4. There are no workarounds for this issue.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-37630
CVE-2021-37631Deck is an open source kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. In affected versions the Deck application didn't properly check membership of users in a Circle. This allowed other users in the instance to gain access to boards that have been shared with a Circle, even if the user was not a member of the circle. It is recommended that Nextcloud Deck is upgraded to 1.5.1, 1.4.4 or 1.2.9. If you are unable to update it is advised to disable the Deck plugin.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-37631
CVE-2021-39194kaml is an open source implementation of the YAML format with support for kotlinx.serialization. In affected versions attackers that could provide arbitrary YAML input to an application that uses kaml could cause the application to endlessly loop while parsing the input. This could result in resource starvation and denial of service. This only affects applications that use polymorphic serialization with the default tagged polymorphism style. Applications using the property polymorphism style are not affected. YAML input for a polymorphic type that provided a tag but no value for the object would trigger the issue. Version 0.35.3 or later contain the fix for this issue.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-39194
CVE-2021-28567Magento versions 2.4.2 (and earlier), 2.4.1-p1 (and earlier) and 2.3.6-p1 (and earlier) are vulnerable to an Improper Authorization vulnerability in the customers module. Successful exploitation could allow a low-privileged user to modify customer data. Access to the admin console is required for successful exploitation.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-28567
CVE-2021-28568Adobe Genuine Services version 7.1 (and earlier) is affected by an Insecure file permission vulnerability during installation process. A local authenticated attacker could leverage this vulnerability to achieve privilege escalation in the context of the current user.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-28568
CVE-2021-3055An improper restriction of XML external entity (XXE) reference vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to read any arbitrary file from the file system and send a specifically crafted request to the firewall that causes the service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.10; PAN-OS 10.0 versions earlier than PAN-OS 10.0.6. This issue does not affect Prisma Access.6.5https://nvd.nist.gov/vuln/detail/CVE-2021-3055
CVE-2020-10277There is no mechanism in place to prevent a bad operator to boot from a live OS image, this can lead to extraction of sensible files (such as the shadow file) or privilege escalation by manually adding a new user with sudo privileges on the machine.6.4https://nvd.nist.gov/vuln/detail/CVE-2020-10277
CVE-2020-15707Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. These could be triggered by an extremely large number of arguments to the initrd command on 32-bit architectures, or a crafted filesystem with very large files on any architecture. An attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. This issue affects GRUB2 version 2.04 and prior versions.6.4https://nvd.nist.gov/vuln/detail/CVE-2020-15707
CVE-2017-5038Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac had a use after free bug in GuestView, which allowed a remote attacker to perform an out of bounds memory read via a crafted Chrome extension.6.3https://nvd.nist.gov/vuln/detail/CVE-2017-5038
CVE-2017-5044Heap buffer overflow in filter processing in Skia in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.6.3https://nvd.nist.gov/vuln/detail/CVE-2017-5044
CVE-2017-5063A numeric overflow in Skia in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.6.3https://nvd.nist.gov/vuln/detail/CVE-2017-5063
CVE-2017-5071Insufficient validation of untrusted input in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows and Mac, and 59.0.3071.92 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.6.3https://nvd.nist.gov/vuln/detail/CVE-2017-5071
CVE-2019-8027Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .6.3https://nvd.nist.gov/vuln/detail/CVE-2019-8027
CVE-2021-21055Adobe Dreamweaver versions 21.0 (and earlier) and 20.2 (and earlier) is affected by an untrusted search path vulnerability that could result in information disclosure. An attacker with physical access to the system could replace certain configuration files and dynamic libraries that Dreamweaver references, potentially resulting in information disclosure.6.2https://nvd.nist.gov/vuln/detail/CVE-2021-21055
CVE-2021-37731A local path traversal vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.0-2.2.0.4; Prior to 8.7.1.1, 8.6.0.7, 8.5.0.12, 8.3.0.16. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address this security vulnerability.6.2https://nvd.nist.gov/vuln/detail/CVE-2021-37731
CVE-2016-1160Cross-site scripting (XSS) vulnerability in the WP Favorite Posts plugin before 1.6.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.6.1https://nvd.nist.gov/vuln/detail/CVE-2016-1160
CVE-2016-1224CRLF injection vulnerability in Trend Micro Worry-Free Business Security Service 5.x and Worry-Free Business Security 9.0 allows remote attackers to inject arbitrary HTTP headers and conduct cross-site scripting (XSS) attacks via unspecified vectors.6.1https://nvd.nist.gov/vuln/detail/CVE-2016-1224
CVE-2016-4826Cross-site scripting (XSS) vulnerability in the Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-4827.6.1https://nvd.nist.gov/vuln/detail/CVE-2016-4826
CVE-2016-5811An issue was discovered in Visonic PowerLink2, all versions prior to October 2016 firmware release. User controlled input is not neutralized prior to being placed in web page output (CROSS-SITE SCRIPTING).6.1https://nvd.nist.gov/vuln/detail/CVE-2016-5811
CVE-2015-6027Castle Rock Computing SNMPc before 2015-12-17 has XSS via SNMP.6.1https://nvd.nist.gov/vuln/detail/CVE-2015-6027
CVE-2017-2134Cross-site scripting vulnerability in ASSETBASE 8.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.6.1https://nvd.nist.gov/vuln/detail/CVE-2017-2134
CVE-2017-9032Multiple cross-site scripting (XSS) vulnerabilities in Trend Micro ServerProtect for Linux 3.0 before CP 1531 allow remote attackers to inject arbitrary web script or HTML via the (1) T1 or (2) tmLastConfigFileModifiedDate parameter to log_management.cgi.6.1https://nvd.nist.gov/vuln/detail/CVE-2017-9032
CVE-2017-9037Multiple cross-site scripting (XSS) vulnerabilities in Trend Micro ServerProtect for Linux 3.0 before CP 1531 allow remote attackers to inject arbitrary web script or HTML via the (1) S44, (2) S5, (3) S_action_fail, (4) S_ptn_update, (5) T113, (6) T114, (7) T115, (8) T117117, (9) T118, (10) T_action_fail, (11) T_ptn_update, (12) textarea, (13) textfield5, or (14) tmLastConfigFileModifiedDate parameter to notification.cgi.6.1https://nvd.nist.gov/vuln/detail/CVE-2017-9037
CVE-2017-16836Arris TG1682G devices with Comcast TG1682_2.0s7_PRODse 10.0.59.SIP.PC20.CT software allow Unauthenticated Stored XSS via the actionHandler/ajax_managed_services.php service parameter.6.1https://nvd.nist.gov/vuln/detail/CVE-2017-16836
CVE-2017-17933cgi/surgeftpmgr.cgi (aka the Web Manager interface on TCP port 7021 or 9021) in NetWin SurgeFTP version 23f2 has XSS via the classid, domainid, or username parameter.6.1https://nvd.nist.gov/vuln/detail/CVE-2017-17933
CVE-2014-5069Cross-site scripting (XSS) vulnerability in Symmetricom s350i 2.70.15 allows remote attackers to inject arbitrary web script or HTML via vectors involving system logs.6.1https://nvd.nist.gov/vuln/detail/CVE-2014-5069
CVE-2018-7473Open redirect vulnerability in the SO Connect SO WIFI hotspot web interface, prior to version 140, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL.6.1https://nvd.nist.gov/vuln/detail/CVE-2018-7473
CVE-2018-1000842FatFreeCRM version <=0.14.1, >=0.15.0 <=0.15.1, >=0.16.0 <=0.16.3, >=0.17.0 <=0.17.2, ==0.18.0 contains a Cross Site Scripting (XSS) vulnerability in commit 6d60bc8ed010c4eda05d6645c64849f415f68d65 that can result in Javascript execution. This attack appear to be exploitable via Content with Javascript payload will be executed on end user browsers when they visit the page. This vulnerability appears to have been fixed in 0.18.1, 0.17.3, 0.16.4, 0.15.2, 0.14.2.6.1https://nvd.nist.gov/vuln/detail/CVE-2018-1000842
CVE-2018-1853IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 151014.6.1https://nvd.nist.gov/vuln/detail/CVE-2018-1853
CVE-2019-0234A Reflected Cross-site Scripting (XSS) vulnerability exists in Apache Roller. Roller's Math Comment Authenticator did not property sanitize user input and could be exploited to perform Reflected Cross Site Scripting (XSS). The mitigation for this vulnerability is to upgrade to the latest version of Roller, which is now Roller 5.2.3.6.1https://nvd.nist.gov/vuln/detail/CVE-2019-0234
CVE-2019-10092In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only be exploitable where a server was set up with proxying enabled but was misconfigured in such a way that the Proxy Error page was displayed.6.1https://nvd.nist.gov/vuln/detail/CVE-2019-10092
CVE-2019-10219A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.6.1https://nvd.nist.gov/vuln/detail/CVE-2019-10219
CVE-2019-6146It has been reported that cross-site scripting (XSS) is possible in Forcepoint Web Security, version 8.x, via host header injection. CVSSv3.0: 5.3 (Medium) (/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)6.1https://nvd.nist.gov/vuln/detail/CVE-2019-6146
CVE-2020-8514An issue was discovered in Rumpus 8.2.10 on macOS. By crafting a directory name, it is possible to activate JavaScript in the context of the web application after invoking the rename folder functionality.6.1https://nvd.nist.gov/vuln/detail/CVE-2020-8514
CVE-2020-10598In BD Pyxis MedStation ES System v1.6.1 and Pyxis Anesthesia (PAS) ES System v1.6.1, a restricted desktop environment escape vulnerability exists in the kiosk mode functionality of affected devices. Specially crafted inputs could allow the user to escape the restricted environment, resulting in access to sensitive data.6.1https://nvd.nist.gov/vuln/detail/CVE-2020-10598
CVE-2020-24553Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header.6.1https://nvd.nist.gov/vuln/detail/CVE-2020-24553
CVE-2020-9743AEM versions 6.5.5.0 (and below), 6.4.8.1 (and below), 6.3.3.8 (and below) and 6.2 SP1-CFP20 (and below) are affected by an HTML injection vulnerability in the content editor component that allows unauthenticated users to craft an HTTP request that includes arbitrary HTML code in a parameter value. An attacker could then use the malicious GET request to lure victims to perform unsafe actions in the page (ex. phishing).6.1https://nvd.nist.gov/vuln/detail/CVE-2020-9743
CVE-2018-6449Host Header Injection vulnerability in the http management interface in Brocade Fabric OS versions before v9.0.0 could allow a remote attacker to exploit this vulnerability by injecting arbitrary HTTP headers6.1https://nvd.nist.gov/vuln/detail/CVE-2018-6449
CVE-2020-24701OX App Suite through 7.10.4 allows XSS via the app loading mechanism (the PATH_INFO to the /appsuite URI).6.1https://nvd.nist.gov/vuln/detail/CVE-2020-24701
CVE-2021-26580A potential security vulnerability has been identified in HPE iLO Amplifier Pack. The vulnerability could be remotely exploited to allow Cross-Site Scripting (XSS). HPE has provided the following software update to resolve the vulnerability in HPE iLO Amplifier Pack: HPE iLO Amplifier Pack 1.95 or later.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-26580
CVE-2021-29011DMA Softlab Radius Manager 4.4.0 is affected by Cross Site Scripting (XSS) via the description, name, or address field (under admin.php).6.1https://nvd.nist.gov/vuln/detail/CVE-2021-29011
CVE-2021-29484Ghost is a Node.js CMS. An unused endpoint added during the development of 4.0.0 has left sites vulnerable to untrusted users gaining access to Ghost Admin. Attackers can gain access by getting logged in users to click a link containing malicious code. Users do not need to enter credentials and may not know they've visited a malicious site. Ghost(Pro) has already been patched. We can find no evidence that the issue was exploited on Ghost(Pro) prior to the patch being added. Self-hosters are impacted if running Ghost a version between 4.0.0 and 4.3.2. Immediate action should be taken to secure your site. The issue has been fixed in 4.3.3, all 4.x sites should upgrade as soon as possible. As the endpoint is unused, the patch simply removes it. As a workaround blocking access to /ghost/preview can also mitigate the issue.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-29484
CVE-2020-13529An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.6.1https://nvd.nist.gov/vuln/detail/CVE-2020-13529
CVE-2021-29106A reflected Cross Site Scripting (XSS) vulnerability in Esri ArcGIS Server version 10.8.1 and below may allow a remote attacker able to convince a user to click on a crafted link which could potentially execute arbitrary JavaScript code in the user’s browser.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-29106
CVE-2021-39249Invision Community (aka IPS Community Suite or IP-Board) before 4.6.5.1 allows reflected XSS because the filenames of uploaded files become predictable through a brute-force attack against the PHP mt_rand function.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-39249
CVE-2021-24438The ShareThis Dashboard for Google Analytics WordPress plugin before 2.5.2 does not sanitise or escape the 'ga_action' parameter in the stats view before outputting it back in an attribute when the plugin is connected to a Google Analytics account, leading to a reflected Cross-Site Scripting issue which will be executed in the context of a logged in administrator6.1https://nvd.nist.gov/vuln/detail/CVE-2021-24438
CVE-2021-27909For Mautic versions prior to 3.3.4/4.0.0, there is an XSS vulnerability on Mautic's password reset page where a vulnerable parameter, "bundle," in the URL could allow an attacker to execute Javascript code. The attacker would be required to convince or trick the target into clicking a password reset URL with the vulnerable parameter utilized.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-27909
CVE-2021-27910Insufficient sanitization / filtering allows for arbitrary JavaScript Injection in Mautic using the bounce management callback function. The values submitted in the "error" and "error_related_to" parameters of the POST request of the bounce management callback will be permanently stored and executed once the details page of an affected lead is opened by a Mautic user. An attacker with access to the bounce management callback function (identified with the Mailjet webhook, but it is assumed this will work uniformly across all kinds of webhooks) can inject arbitrary JavaScript Code into the "error" and "error_related_to" parameters of the POST request (POST /mailer/<product / webhook>/callback). It is noted that there is no authentication needed to access this function. The JavaScript Code is stored permanently in the web application and executed every time an authenticated user views the details page of a single contact / lead in Mautic. This means, arbitrary code can be executed to, e.g., steal or tamper with information.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-27910
CVE-2021-27911Mautic versions before 3.3.4/4.0.0 are vulnerable to an inline JS XSS attack through the contact's first or last name and triggered when viewing a contact's details page then clicking on the action drop down and hovering over the Campaigns button. Contact first and last name can be populated from different sources such as UI, API, 3rd party syncing, forms, etc.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-27911
CVE-2021-39175HedgeDoc is a platform to write and share markdown. In versions prior to 1.9.0, an unauthenticated attacker can inject arbitrary JavaScript into the speaker-notes of the slide-mode feature by embedding an iframe hosting the malicious code into the slides or by embedding the HedgeDoc instance into another page. The problem is patched in version 1.9.0. There are no known workarounds aside from upgrading.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-39175
CVE-2021-39178Next.js is a React framework. Versions of Next.js between 10.0.0 and 11.0.0 contain a cross-site scripting vulnerability. In order for an instance to be affected by the vulnerability, the `next.config.js` file must have `images.domains` array assigned and the image host assigned in `images.domains` must allow user-provided SVG. If the `next.config.js` file has `images.loader` assigned to something other than default or the instance is deployed on Vercel, the instance is not affected by the vulnerability. The vulnerability is patched in Next.js version 11.1.1.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-39178
CVE-2021-27558A cross site scripting (XSS) issue in EasyCorp ZenTao 12.5.3 allows remote attackers to execute arbitrary web script via various areas such as data-link-creator.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-27558
CVE-2020-13639A stored XSS vulnerability was discovered in the ECT Provider in OutSystems before 2020-09-04, affecting generated applications. It could allow an unauthenticated remote attacker to craft and store malicious Feedback content into /ECT_Provider/, such that when the content is viewed (it can only be viewed by Administrators), attacker-controlled JavaScript will execute in the security context of an administrator's browser. This is fixed in Outsystems 10.0.1005.2, Outsystems 11.9.0 Platform Server, and Outsystems 11.7.0 LifeTime Management Console.6.1https://nvd.nist.gov/vuln/detail/CVE-2020-13639
CVE-2021-38143An issue was discovered in Form Tools through 3.0.20. When an administrator creates a customer account, it is possible for the customer to log in and proceed with a change of name and last name. However, these fields are vulnerable to XSS payload insertion, being triggered in the admin panel when the admin tries to see the client list. This type of XSS (stored) can lead to the extraction of the PHPSESSID cookie belonging to the admin.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-38143
CVE-2021-34562In PEPPERL+FUCHS WirelessHART-Gateway 3.0.8 it is possible to inject arbitrary JavaScript into the application's response.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-34562
CVE-2021-22929An information disclosure exists in Brave Browser Desktop prior to version 1.28.62, where logged warning messages that included timestamps of connections to V2 onion domains in tor.log.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-22929
CVE-2021-36026Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by a stored cross-site scripting vulnerability in the customer address upload feature that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-36026
CVE-2021-36027Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by a stored cross-site scripting vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-36027
CVE-2021-36062Adobe Connect version 11.2.2 (and earlier) is affected by a Reflected Cross-site Scripting vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-36062
CVE-2021-36063Adobe Connect version 11.2.2 (and earlier) is affected by a Reflected Cross-site Scripting vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-36063
CVE-2021-39320The underConstruction plugin <= 1.18 for WordPress echoes out the raw value of `$GLOBALS['PHP_SELF']` in the ucOptions.php file. On certain configurations including Apache+modPHP, this makes it possible to use it to perform a reflected Cross-Site Scripting attack by injecting malicious code in the request path.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-39320
CVE-2021-39186GlobalNewFiles is a MediaWiki extension maintained by Miraheze. Prior to commit number cee254e1b158cdb0ddbea716b1d3edc31fa4fb5d, the username column of the GlobalNewFiles special page is vulnerable to a stored XSS. Commit number cee254e1b158cdb0ddbea716b1d3edc31fa4fb5d contains a patch. As a workaround, one may disallow <,> (or other characters required to insert html/js) from being used in account names so an XSS is not possible.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-39186
CVE-2021-34732A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-34732
CVE-2021-27578Cross Site Scripting vulnerability in markdown interpreter of Apache Zeppelin allows an attacker to inject malicious scripts. This issue affects Apache Zeppelin Apache Zeppelin versions prior to 0.9.0.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-27578
CVE-2021-39191mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In versions prior to 2.4.9.4, the 3rd-party init SSO functionality of mod_auth_openidc was reported to be vulnerable to an open redirect attack by supplying a crafted URL in the `target_link_uri` parameter. A patch in version 2.4.9.4 made it so that the `OIDCRedirectURLsAllowed` setting must be applied to the `target_link_uri` parameter. There are no known workarounds aside from upgrading to a patched version.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-39191
CVE-2021-23439This affects the package file-upload-with-preview before 4.2.0. A file containing malicious JavaScript code in the name can be uploaded (a user needs to be tricked into uploading such a file).6.1https://nvd.nist.gov/vuln/detail/CVE-2021-23439
CVE-2021-24435The iframe-font-preview.php file of the titan-framework does not properly escape the font-weight and font-family GET parameters before outputting them back in an href attribute, leading to Reflected Cross-Site Scripting issues6.1https://nvd.nist.gov/vuln/detail/CVE-2021-24435
CVE-2021-24588The SMS Alert Order Notifications WordPress plugin before 3.4.7 is affected by a cross site scripting (XSS) vulnerability in the plugin's setting page.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-24588
CVE-2021-24599The Email Encoder – Protect Email Addresses WordPress plugin before 2.1.2 has an endpoint that requires no authentication and will render a user supplied value in the HTML response without escaping or sanitizing the data.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-24599
CVE-2021-39278Certain MOXA devices allow reflected XSS via the Config Import menu. This affects WAC-2004 1.7, WAC-1001 2.1, WAC-1001-T 2.1, OnCell G3470A-LTE-EU 1.7, OnCell G3470A-LTE-EU-T 1.7, TAP-323-EU-CT-T 1.3, TAP-323-US-CT-T 1.3, TAP-323-JP-CT-T 1.3, WDR-3124A-EU 2.3, WDR-3124A-EU-T 2.3, WDR-3124A-US 2.3, and WDR-3124A-US-T 2.3.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-39278
CVE-2021-39285A XSS vulnerability exists in Versa Director Release: 16.1R2 Build: S8. An attacker can use the administration web interface URL to create a XSS based attack.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-39285
CVE-2021-38123Open Redirect vulnerability in Micro Focus Network Automation, affecting Network Automation versions 10.4x, 10.5x, 2018.05, 2018.11, 2019.05, 2020.02, 2020.08, 2020.11, 2021.05. The vulnerability could allow redirect users to malicious websites after authentication.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-38123
CVE-2021-39199remark-html is an open source nodejs library which compiles Markdown to HTML. In affected versions the documentation of remark-html has mentioned that it was safe by default. In practice the default was never safe and had to be opted into. That is, user input was not sanitized. This means arbitrary HTML can be passed through leading to potential XSS attacks. The problem has been patched in 13.0.2 and 14.0.1: `remark-html` is now safe by default, and the implementation matches the documentation. On older affected versions, pass `sanitize: true` if you cannot update.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-39199
CVE-2021-38704Multiple reflected cross-site scripting (XSS) vulnerabilities in ClinicCases 7.3.3 allow unauthenticated attackers to introduce arbitrary JavaScript by crafting a malicious URL. This can result in account takeover via session token theft.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-38704
CVE-2021-39499A Cross-site scripting (XSS) vulnerability in Users in Qiong ICP EyouCMS 1.5.4 allows remote attackers to inject arbitrary web script or HTML via the `title` parameter in bind_email function.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-39499
CVE-2021-39501EyouCMS 1.5.4 is vulnerable to Open Redirect. An attacker can redirect a user to a malicious url via the Logout function.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-39501
CVE-2020-19855phpwcms v1.9 contains a cross-site scripting (XSS) vulnerability in /image_zoom.php.6.1https://nvd.nist.gov/vuln/detail/CVE-2020-19855
CVE-2021-1928Buffer over read could occur due to incorrect check of buffer size while flashing emmc devices in Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking6.1https://nvd.nist.gov/vuln/detail/CVE-2021-1928
CVE-2020-19265A stored cross-site scripting (XSS) vulnerability in the index.php/Dswjcms/Basis/links component of Dswjcms 1.6.4 allows attackers to execute arbitrary web scripts or HTML.6.1https://nvd.nist.gov/vuln/detail/CVE-2020-19265
CVE-2020-19266A stored cross-site scripting (XSS) vulnerability in the index.php/Dswjcms/Site/articleList component of Dswjcms 1.6.4 allows attackers to execute arbitrary web scripts or HTML.6.1https://nvd.nist.gov/vuln/detail/CVE-2020-19266
CVE-2021-38316The WP Academic People List WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the category_name parameter in the ~/admin-panel.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.4.1.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-38316
CVE-2021-38317The Konnichiwa! Membership WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the plan_id parameter in the ~/views/subscriptions.html.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.8.3.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-38317
CVE-2021-38318The 3D Cover Carousel WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the id parameter in the ~/cover-carousel.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-38318
CVE-2021-38319The More From Google WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $_SERVER["PHP_SELF"] value in the ~/morefromgoogle.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.0.2.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-38319
CVE-2021-38320The simpleSAMLphp Authentication WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $_SERVER["PHP_SELF"] value in the ~/simplesamlphp-authentication.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.7.0.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-38320
CVE-2021-38321The Custom Menu Plugin WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the selected_menu parameter found in the ~/custom-menus.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.3.3.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-38321
CVE-2021-38323The RentPress WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the selections parameter found in the ~/src/rentPress/AjaxRequests.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 6.6.4.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-38323
CVE-2021-38325The User Activation Email WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the uae-key parameter found in the ~/user-activation-email.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.3.0.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-38325
CVE-2020-19282A reflected cross-site scripting (XSS) vulnerability in Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the system error message's text field.6.1https://nvd.nist.gov/vuln/detail/CVE-2020-19282
CVE-2020-19283A reflected cross-site scripting (XSS) vulnerability in the /newVersion component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML.6.1https://nvd.nist.gov/vuln/detail/CVE-2020-19283
CVE-2020-19295A reflected cross-site scripting (XSS) vulnerability in the /weibo/topic component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML.6.1https://nvd.nist.gov/vuln/detail/CVE-2020-19295
CVE-2021-38326The Post Title Counter WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the notice parameter found in the ~/post-title-counter.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.1.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-38326
CVE-2021-38328The Notices WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $_SERVER["PHP_SELF"] value in the ~/notices.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 6.1.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-38328
CVE-2021-38329The DJ EmailPublish WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $_SERVER["PHP_SELF"] value in the ~/dj-email-publish.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.7.2.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-38329
CVE-2021-38330The Yet Another bol.com Plugin WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $_SERVER["PHP_SELF"] value in the ~/yabp.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.4.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-38330
CVE-2021-38331The WP-T-Wap WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the posted parameter found in the ~/wap/writer.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.13.2.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-38331
CVE-2021-38332The On Page SEO + Whatsapp Chat Button Plugin WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $_SERVER["PHP_SELF"] value in the ~/settings.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0.1.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-38332
CVE-2021-38333The WP Scrippets WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $_SERVER["PHP_SELF"] value in the ~/wp-scrippets.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.5.1.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-38333
CVE-2021-38334The WP Design Maps & Places WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the filename parameter found in the ~/wpdmp-admin.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.2.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-38334
CVE-2021-38335The Wise Agent Capture Forms WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $_SERVER["PHP_SELF"] value in the ~/WiseAgentCaptureForm.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-38335
CVE-2021-38337The RSVPMaker Excel WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $_SERVER["PHP_SELF"] value in the ~/phpexcel/PHPExcel/Shared/JAMA/docs/download.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.1.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-38337
CVE-2021-38338The Border Loading Bar WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the `f` and `t` parameter found in the ~/titan-framework/iframe-googlefont-preview.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0.1.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-38338
CVE-2021-38339The Simple Matted Thumbnails WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $_SERVER["PHP_SELF"] value in the ~/simple-matted-thumbnail.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.01.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-38339
CVE-2021-38340The Wordpress Simple Shop WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the update_row parameter found in the ~/includes/add_product.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.2.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-38340
CVE-2021-38341The WooCommerce Payment Gateway Per Category WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $_SERVER["PHP_SELF"] value in the ~/includes/plugin_settings.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.0.10.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-38341
CVE-2021-38347The Custom Website Data WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the id parameter found in the ~/views/edit.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.2.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-38347
CVE-2021-38348The Advance Search WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the wpas_id parameter found in the ~/inc/admin/views/html-advance-search-admin-options.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.1.2.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-38348
CVE-2021-38349The Integration of Moneybird for WooCommerce WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the error_description parameter found in the ~/templates/wcmb-admin.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.1.1.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-38349
CVE-2021-38350The spideranalyse WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the date parameter found in the ~/analyse/index.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.0.1.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-38350
CVE-2021-38351The OSD Subscribe WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the osd_subscribe_message parameter found in the ~/options/osd_subscribe_options_subscribers.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.2.3.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-38351
CVE-2021-38352The Feedify – Web Push Notifications WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the feedify_msg parameter found in the ~/includes/base.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.1.8.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-38352
CVE-2021-38354The GNU-Mailman Integration WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the gm_error parameter found in the ~/includes/admin/mailing-lists-page.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0.6.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-38354
CVE-2021-38355The Bug Library WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the successimportcount parameter found in the ~/bug-library.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.0.3.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-38355
CVE-2021-38357The SMS OVH WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the position parameter found in the ~/sms-ovh-sent.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.1.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-38357
CVE-2021-38358The MoolaMojo WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the classes parameter found in the ~/views/button-generator.html.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.7.4.1.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-38358
CVE-2021-38359The WordPress InviteBox Plugin for viral Refer-a-Friend Promotions WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the message parameter found in the ~/admin/admin.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.4.1.6.1https://nvd.nist.gov/vuln/detail/CVE-2021-38359
CVE-2017-5544An issue was discovered on FiberHome Fengine S5800 switches V210R240. An unauthorized attacker can access the device's SSH service, using a password cracking tool to establish SSH connections quickly. This will trigger an increase in the SSH login timeout (each of the login attempts will occupy a connection slot for a longer time). Once this occurs, legitimate login attempts via SSH/telnet will be refused, resulting in a denial of service; you must restart the device.5.9https://nvd.nist.gov/vuln/detail/CVE-2017-5544
CVE-2016-1184Tokyo Star bank App for Android before 1.4 and Tokyo Star bank App for iOS before 1.4 do not validate SSL certificates.5.9https://nvd.nist.gov/vuln/detail/CVE-2016-1184
CVE-2016-4840Coordinate Plus App for Android 1.0.2 and earlier and Coordinate Plus App for iOS 1.0.2 and earlier do not verify SSL certificates.5.9https://nvd.nist.gov/vuln/detail/CVE-2016-4840
CVE-2017-8060Acceptance of invalid/self-signed TLS certificates in "Panda Mobile Security" 1.1 for iOS allows a man-in-the-middle and/or physically proximate attacker to silently intercept information sent during the login API call.5.9https://nvd.nist.gov/vuln/detail/CVE-2017-8060
CVE-2017-8935The Quest Information Systems Indiana Voters app 1.1.24 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.5.9https://nvd.nist.gov/vuln/detail/CVE-2017-8935
CVE-2017-8939The Warner Bros. ellentube app 3.1.1 through 3.1.3 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.5.9https://nvd.nist.gov/vuln/detail/CVE-2017-8939
CVE-2017-8943The PUMA PUMATRAC app 3.0.2 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.5.9https://nvd.nist.gov/vuln/detail/CVE-2017-8943
CVE-2017-18268Symantec IntelligenceCenter 3.3 is vulnerable to the Return of the Bleichenbacher Oracle Threat (ROBOT) attack. A remote attacker, who has captured a pre-recorded SSL session inspected by SSLV, can establish large numbers of crafted SSL connections to the target and obtain the session keys required to decrypt the pre-recorded SSL session.5.9https://nvd.nist.gov/vuln/detail/CVE-2017-18268
CVE-2018-18070An issue was discovered in Daimler Mercedes-Benz COMAND 17/13.0 50.12 on Mercedes-Benz C-Class 2018 vehicles. Defining or receiving a specific navigation route might cause the system to freeze and reboot after a few transmissions. When the system next starts, it tries to re-calculate the route, which will cause a boot loop. (Under certain circumstances, it is possible to quickly overwrite the malicious route to regain the stability of the system.)5.9https://nvd.nist.gov/vuln/detail/CVE-2018-18070
CVE-2019-0248Under certain conditions SAP Gateway of ABAP Application Server (fixed in SAP_GWFND 7.5, 7.51, 7.52, 7.53; SAP_BASIS 7.5) allows an attacker to access information which would otherwise be restricted.5.9https://nvd.nist.gov/vuln/detail/CVE-2019-0248
CVE-2019-5884php/elFinder.class.php in elFinder before 2.1.45 leaks information if PHP's curl extension is enabled and safe_mode or open_basedir is not set.5.9https://nvd.nist.gov/vuln/detail/CVE-2019-5884
CVE-2019-3566A bug in WhatsApp for Android's messaging logic would potentially allow a malicious individual who has taken over over a WhatsApp user's account to recover previously sent messages. This behavior requires independent knowledge of metadata for previous messages, which are not available publicly. This issue affects WhatsApp for Android 2.19.52 and 2.19.54 - 2.19.103, as well as WhatsApp Business for Android starting in v2.19.22 until v2.19.38.5.9https://nvd.nist.gov/vuln/detail/CVE-2019-3566
CVE-2019-13603An issue was discovered in the HID Global DigitalPersona (formerly Crossmatch) U.are.U 4500 Fingerprint Reader Windows Biometric Framework driver 5.0.0.5. It has a statically coded initialization vector to encrypt a user's fingerprint image, resulting in weak encryption of that. This, in combination with retrieving an encrypted fingerprint image and encryption key (through another vulnerability), allows an attacker to obtain a user's fingerprint image.5.9https://nvd.nist.gov/vuln/detail/CVE-2019-13603
CVE-2019-13420Search Guard versions before 21.0 had an timing side channel issue when using the internal user database.5.9https://nvd.nist.gov/vuln/detail/CVE-2019-13420
CVE-2019-6147Forcepoint NGFW Security Management Center (SMC) versions lower than 6.5.12 or 6.7.1 have a rare issue that in specific circumstances can corrupt the internal configuration database. When the database is corrupted, the SMC might produce an incorrect IPsec configuration for the Forcepoint Next Generation Firewall (NGFW), possibly resulting in settings that are weaker than expected. All SMC versions lower than 6.5.12 or 6.7.1 are vulnerable.5.9https://nvd.nist.gov/vuln/detail/CVE-2019-6147
CVE-2020-25658It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher text encrypted with RSA.5.9https://nvd.nist.gov/vuln/detail/CVE-2020-25658
CVE-2020-28391A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0). Devices create a new unique key upon factory reset, except when used with C-PLUG. When used with C-PLUG the devices use the hardcoded private RSA-key shipped with the firmware-image. An attacker could leverage this situation to a man-in-the-middle situation and decrypt previously captured traffic.5.9https://nvd.nist.gov/vuln/detail/CVE-2020-28391
CVE-2020-20950Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in Microchip Libraries for Applications 2018-11-26 All up to 2018-11-26. The vulnerability can allow one to use Bleichenbacher's oracle attack to decrypt an encrypted ciphertext by making successive queries to the server using the vulnerable library, resulting in remote information disclosure.5.9https://nvd.nist.gov/vuln/detail/CVE-2020-20950
CVE-2021-21295Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty (io.netty:netty-codec-http2) before version 4.1.60.Final there is a vulnerability that enables request smuggling. If a Content-Length header is present in the original HTTP/2 request, the field is not validated by `Http2MultiplexHandler` as it is propagated up. This is fine as long as the request is not proxied through as HTTP/1.1. If the request comes in as an HTTP/2 stream, gets converted into the HTTP/1.1 domain objects (`HttpRequest`, `HttpContent`, etc.) via `Http2StreamFrameToHttpObjectCodec `and then sent up to the child channel's pipeline and proxied through a remote peer as HTTP/1.1 this may result in request smuggling. In a proxy case, users may assume the content-length is validated somehow, which is not the case. If the request is forwarded to a backend channel that is a HTTP/1.1 connection, the Content-Length now has meaning and needs to be checked. An attacker can smuggle requests inside the body as it gets downgraded from HTTP/2 to HTTP/1.1. For an example attack refer to the linked GitHub Advisory. Users are only affected if all of this is true: `HTTP2MultiplexCodec` or `Http2FrameCodec` is used, `Http2StreamFrameToHttpObjectCodec` is used to convert to HTTP/1.1 objects, and these HTTP/1.1 objects are forwarded to another remote peer. This has been patched in 4.1.60.Final As a workaround, the user can do the validation by themselves by implementing a custom `ChannelInboundHandler` that is put in the `ChannelPipeline` behind `Http2StreamFrameToHttpObjectCodec`.5.9https://nvd.nist.gov/vuln/detail/CVE-2021-21295
CVE-2021-21409Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty (io.netty:netty-codec-http2) before version 4.1.61.Final there is a vulnerability that enables request smuggling. The content-length header is not correctly validated if the request only uses a single Http2HeaderFrame with the endStream set to to true. This could lead to request smuggling if the request is proxied to a remote peer and translated to HTTP/1.1. This is a followup of GHSA-wm47-8v5p-wjpj/CVE-2021-21295 which did miss to fix this one case. This was fixed as part of 4.1.61.Final.5.9https://nvd.nist.gov/vuln/detail/CVE-2021-21409
CVE-2021-3537A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest threat from this vulnerability is to system availability.5.9https://nvd.nist.gov/vuln/detail/CVE-2021-3537
CVE-2021-26439Microsoft Edge for Android Information Disclosure Vulnerability5.9https://nvd.nist.gov/vuln/detail/CVE-2021-26439
CVE-2021-40528The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.5.9https://nvd.nist.gov/vuln/detail/CVE-2021-40528
CVE-2021-40529The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.5.9https://nvd.nist.gov/vuln/detail/CVE-2021-40529
CVE-2021-40530The ElGamal implementation in Crypto++ through 8.5 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.5.9https://nvd.nist.gov/vuln/detail/CVE-2021-40530
CVE-2020-26300systeminformation is an npm package that provides system and OS information library for node.js. In systeminformation before version 4.26.2 there is a command injection vulnerability. Problem was fixed in version 4.26.2 with a shell string sanitation fix.5.9https://nvd.nist.gov/vuln/detail/CVE-2020-26300
CVE-2017-5042Cast in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android sent cookies to sites discovered via SSDP, which allowed an attacker on the local network segment to initiate connections to arbitrary URLs and observe any plaintext cookies sent.5.7https://nvd.nist.gov/vuln/detail/CVE-2017-5042
CVE-2021-0129Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access.5.7https://nvd.nist.gov/vuln/detail/CVE-2021-0129
CVE-2021-31611The Bluetooth Classic implementation on Zhuhai Jieli AC690X and AC692X devices does not properly handle an out-of-order LMP Setup procedure that is followed by a malformed LMP packet, allowing attackers in radio range to deadlock a device via a crafted LMP packet. The user needs to manually reboot the device to restore communication.5.7https://nvd.nist.gov/vuln/detail/CVE-2021-31611
CVE-2016-0264Buffer overflow in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) allows remote attackers to execute arbitrary code via unspecified vectors.5.6https://nvd.nist.gov/vuln/detail/CVE-2016-0264
CVE-2020-1744A flaw was found in keycloak before version 9.0.1. When configuring an Conditional OTP Authentication Flow as a post login flow of an IDP, the failure login events for OTP are not being sent to the brute force protection event queue. So BruteForceProtector does not handle this events.5.6https://nvd.nist.gov/vuln/detail/CVE-2020-1744
CVE-2016-10011authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.5.5https://nvd.nist.gov/vuln/detail/CVE-2016-10011
CVE-2016-5309The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for Windows/Mac; Symantec Endpoint Protection Small Business Edition 12.1; CSAPI before 10.0.4 HF02; Symantec Protection Engine (SPE) before 7.0.5 HF02, 7.5.x before 7.5.4 HF02, 7.5.5 before 7.5.5 HF01, and 7.8.x before 7.8.0 HF03; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF2.1, 8.1.x before 8.1.2 HF2.3, and 8.1.3 before 8.1.3 HF2.2; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 6.5.8_3968140 HF2.3, 7.x before 7.0_3966002 HF2.1, and 7.5.x before 7.5_3966008 VHF2.2; Symantec Protection for SharePoint Servers (SPSS) before SPSS_6.0.3_To_6.0.5_HF_2.5 update, 6.0.6 before 6.0.6 HF_2.6, and 6.0.7 before 6.0.7_HF_2.7; Symantec Messaging Gateway (SMG) before 10.6.2; Symantec Messaging Gateway for Service Providers (SMG-SP) before 10.5 patch 260 and 10.6 before patch 259; Symantec Web Gateway; and Symantec Web Security.Cloud allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted RAR file that is mishandled during decompression.5.5https://nvd.nist.gov/vuln/detail/CVE-2016-5309
CVE-2016-5310The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for Windows/Mac; Symantec Endpoint Protection Small Business Edition 12.1; CSAPI before 10.0.4 HF02; Symantec Protection Engine (SPE) before 7.0.5 HF02, 7.5.x before 7.5.4 HF02, 7.5.5 before 7.5.5 HF01, and 7.8.x before 7.8.0 HF03; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF2.1, 8.1.x before 8.1.2 HF2.3, and 8.1.3 before 8.1.3 HF2.2; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 6.5.8_3968140 HF2.3, 7.x before 7.0_3966002 HF2.1, and 7.5.x before 7.5_3966008 VHF2.2; Symantec Protection for SharePoint Servers (SPSS) before SPSS_6.0.3_To_6.0.5_HF_2.5 update, 6.0.6 before 6.0.6 HF_2.6, and 6.0.7 before 6.0.7_HF_2.7; Symantec Messaging Gateway (SMG) before 10.6.2; Symantec Messaging Gateway for Service Providers (SMG-SP) before 10.5 patch 260 and 10.6 before patch 259; Symantec Web Gateway; and Symantec Web Security.Cloud allows remote attackers to cause a denial of service (memory corruption) via a crafted RAR file that is mishandled during decompression.5.5https://nvd.nist.gov/vuln/detail/CVE-2016-5310
CVE-2017-8339PSKMAD.sys in Panda Free Antivirus 18.0 allows local users to cause a denial of service (BSoD) via a crafted DeviceIoControl request to \\\\.\\PSMEMDriver.5.5https://nvd.nist.gov/vuln/detail/CVE-2017-8339
CVE-2017-10888BOOK WALKER for Windows Ver.1.2.9 and earlier, BOOK WALKER for Mac Ver.1.2.5 and earlier allow an attacker to access local files via unspecified vectors.5.5https://nvd.nist.gov/vuln/detail/CVE-2017-10888
CVE-2017-16951Winamp Pro 5.66 Build 3512 allows remote attackers to cause a denial of service via a crafted WAV, WMV, AU, ASF, AIFF, or AIF file.5.5https://nvd.nist.gov/vuln/detail/CVE-2017-16951
CVE-2019-0976A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify contents of the intermediate build folder (by default "obj"), aka 'NuGet Package Manager Tampering Vulnerability'.5.5https://nvd.nist.gov/vuln/detail/CVE-2019-0976
CVE-2019-13013Little Snitch versions 4.3.0 to 4.3.2 have a local privilege escalation vulnerability in their privileged helper tool. The privileged helper tool implements an XPC interface which is available to any process and allows directory listings and copying files as root.5.5https://nvd.nist.gov/vuln/detail/CVE-2019-13013
CVE-2019-18808A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247.5.5https://nvd.nist.gov/vuln/detail/CVE-2019-18808
CVE-2019-15367The Haier P10 Android device with a build fingerprint of Haier/P10/P10:8.1.0/O11019/1532662449:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.5.5https://nvd.nist.gov/vuln/detail/CVE-2019-15367
CVE-2020-10618LCDS LAquis SCADA Versions 4.3.1 and prior. The affected product is vulnerable to sensitive information exposure by unauthorized users.5.5https://nvd.nist.gov/vuln/detail/CVE-2020-10618
CVE-2019-8251Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a type confusion vulnerability. Successful exploitation could lead to information disclosure.5.5https://nvd.nist.gov/vuln/detail/CVE-2019-8251
CVE-2019-8252Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a type confusion vulnerability. Successful exploitation could lead to information disclosure.5.5https://nvd.nist.gov/vuln/detail/CVE-2019-8252
CVE-2020-11937In whoopsie, parse_report() from whoopsie.c allows a local attacker to cause a denial of service via a crafted file. The DoS is caused by resource exhaustion due to a memory leak. Fixed in 0.2.52.5ubuntu0.5, 0.2.62ubuntu0.5 and 0.2.69ubuntu0.1.5.5https://nvd.nist.gov/vuln/detail/CVE-2020-11937
CVE-2020-9696Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have a security bypass vulnerability. Successful exploitation could lead to security feature bypass.5.5https://nvd.nist.gov/vuln/detail/CVE-2020-9696
CVE-2020-9697Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have a disclosure of sensitive data vulnerability. Successful exploitation could lead to memory leak.5.5https://nvd.nist.gov/vuln/detail/CVE-2020-9697
CVE-2020-9702Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have a stack exhaustion vulnerability. Successful exploitation could lead to application denial-of-service.5.5https://nvd.nist.gov/vuln/detail/CVE-2020-9702
CVE-2020-9703Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have a stack exhaustion vulnerability. Successful exploitation could lead to application denial-of-service.5.5https://nvd.nist.gov/vuln/detail/CVE-2020-9703
CVE-2020-9712Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have a security bypass vulnerability. Successful exploitation could lead to security feature bypass.5.5https://nvd.nist.gov/vuln/detail/CVE-2020-9712
CVE-2020-29384An issue was discovered in PNGOUT 2020-01-15. When compressing a crafted PNG file, it encounters an integer overflow.5.5https://nvd.nist.gov/vuln/detail/CVE-2020-29384
CVE-2020-13494A heap overflow vulnerability exists in the Pixar OpenUSD 20.05 parsing of compressed string tokens in binary USD files. A specially crafted malformed file can trigger a heap overflow which can result in out of bounds memory access which could lead to information disclosure. This vulnerability could be used to bypass mitigations and aid further exploitation. To trigger this vulnerability, victim needs to access an attacker-provided malformed file.5.5https://nvd.nist.gov/vuln/detail/CVE-2020-13494
CVE-2020-13496An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles parses certain encoded types. A specially crafted malformed file can trigger an arbitrary out of bounds memory access in TfToken Type Index. This vulnerability could be used to bypass mitigations and aid further exploitation. To trigger this vulnerability, the victim needs to access an attacker-provided malformed file.5.5https://nvd.nist.gov/vuln/detail/CVE-2020-13496
CVE-2020-13497An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles parses certain encoded types. A specially crafted malformed file can trigger an arbitrary out of bounds memory access in String Type Index. This vulnerability could be used to bypass mitigations and aid further exploitation. To trigger this vulnerability, the victim needs to access an attacker-provided malformed file.5.5https://nvd.nist.gov/vuln/detail/CVE-2020-13497
CVE-2020-13498An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles parses certain encoded types. A specially crafted malformed file can trigger an arbitrary out of bounds memory access in SdfPath Type Index. This vulnerability could be used to bypass mitigations and aid further exploitation. To trigger this vulnerability, the victim needs to access an attacker-provided malformed file.5.5https://nvd.nist.gov/vuln/detail/CVE-2020-13498
CVE-2021-21290Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty before version 4.1.59.Final there is a vulnerability on Unix-like systems involving an insecure temp file. When netty's multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. On unix-like systems, the temporary directory is shared between all user. As such, writing to this directory using APIs that do not explicitly set the file/directory permissions can lead to information disclosure. Of note, this does not impact modern MacOS Operating Systems. The method "File.createTempFile" on unix-like systems creates a random file, but, by default will create this file with the permissions "-rw-r--r--". Thus, if sensitive information is written to this file, other local users can read this information. This is the case in netty's "AbstractDiskHttpData" is vulnerable. This has been fixed in version 4.1.59.Final. As a workaround, one may specify your own "java.io.tmpdir" when you start the JVM or use "DefaultHttpDataFactory.setBaseDir(...)" to set the directory to something that is only readable by the current user.5.5https://nvd.nist.gov/vuln/detail/CVE-2021-21290
CVE-2021-27204Telegram before 7.4 (212543) Stable on macOS stores the local passcode in cleartext, leading to information disclosure.5.5https://nvd.nist.gov/vuln/detail/CVE-2021-27204
CVE-2021-27205Telegram before 7.4 (212543) Stable on macOS stores the local copy of self-destructed messages in a sandbox path, leading to sensitive information disclosure.5.5https://nvd.nist.gov/vuln/detail/CVE-2021-27205
CVE-2021-23827Keybase Desktop Client before 5.6.0 on Windows and macOS, and before 5.6.1 on Linux, allows an attacker to obtain potentially sensitive media (such as private pictures) in the Cache and uploadtemps directories. It fails to effectively clear cached pictures, even after deletion via normal methodology within the client, or by utilizing the "Explode message/Explode now" functionality. Local filesystem access is needed by the attacker.5.5https://nvd.nist.gov/vuln/detail/CVE-2021-23827
CVE-2021-1450A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials on the device. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending one or more crafted IPC messages to the AnyConnect process on an affected device. A successful exploit could allow the attacker to stop the AnyConnect process, causing a DoS condition on the device. Note: The process under attack will automatically restart so no action is needed by the user or admin.5.5https://nvd.nist.gov/vuln/detail/CVE-2021-1450
CVE-2021-25252Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file.5.5https://nvd.nist.gov/vuln/detail/CVE-2021-25252
CVE-2021-21417fluidsynth is a software synthesizer based on the SoundFont 2 specifications. A use after free violation was discovered in fluidsynth, that can be triggered when loading an invalid SoundFont file.5.5https://nvd.nist.gov/vuln/detail/CVE-2021-21417
CVE-2021-28675An issue was discovered in Pillow before 8.2.0. PSDImagePlugin.PsdImageFile lacked a sanity check on the number of input layers relative to the size of the data block. This could lead to a DoS on Image.open prior to Image.load.5.5https://nvd.nist.gov/vuln/detail/CVE-2021-28675
CVE-2021-28678An issue was discovered in Pillow before 8.2.0. For BLP data, BlpImagePlugin did not properly check that reads (after jumping to file offsets) returned data. This could lead to a DoS where the decoder could be run a large number of times on empty data.5.5https://nvd.nist.gov/vuln/detail/CVE-2021-28678
CVE-2021-31970Windows TCP/IP Driver Security Feature Bypass Vulnerability5.5https://nvd.nist.gov/vuln/detail/CVE-2021-31970
CVE-2021-1100NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager kernel mode driver (nvidia.ko), in which a pointer to a user-space buffer is not validated before it is dereferenced, which may lead to denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8).5.5https://nvd.nist.gov/vuln/detail/CVE-2021-1100
CVE-2021-1101NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can dereference a NULL pointer, which may lead to denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8).5.5https://nvd.nist.gov/vuln/detail/CVE-2021-1101
CVE-2021-1102NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can lead to floating point exceptions, which may lead to denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8).5.5https://nvd.nist.gov/vuln/detail/CVE-2021-1102
CVE-2021-0003Improper conditions check in some Intel(R) Ethernet Controllers 800 series Linux drivers before version 1.4.11 may allow an authenticated user to potentially enable information disclosure via local access.5.5https://nvd.nist.gov/vuln/detail/CVE-2021-0003
CVE-2021-29727IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 201106.5.5https://nvd.nist.gov/vuln/detail/CVE-2021-29727
CVE-2021-28698long running loops in grant table handling In order to properly monitor resource use, Xen maintains information on the grant mappings a domain may create to map grants offered by other domains. In the process of carrying out certain actions, Xen would iterate over all such entries, including ones which aren't in use anymore and some which may have been created but never used. If the number of entries for a given domain is large enough, this iterating of the entire table may tie up a CPU for too long, starving other domains or causing issues in the hypervisor itself. Note that a domain may map its own grants, i.e. there is no need for multiple domains to be involved here. A pair of "cooperating" guests may, however, cause the effects to be more severe.5.5https://nvd.nist.gov/vuln/detail/CVE-2021-28698
CVE-2021-28699inadequate grant-v2 status frames array bounds check The v2 grant table interface separates grant attributes from grant status. That is, when operating in this mode, a guest has two tables. As a result, guests also need to be able to retrieve the addresses that the new status tracking table can be accessed through. For 32-bit guests on x86, translation of requests has to occur because the interface structure layouts commonly differ between 32- and 64-bit. The translation of the request to obtain the frame numbers of the grant status table involves translating the resulting array of frame numbers. Since the space used to carry out the translation is limited, the translation layer tells the core function the capacity of the array within translation space. Unfortunately the core function then only enforces array bounds to be below 8 times the specified value, and would write past the available space if enough frame numbers needed storing.5.5https://nvd.nist.gov/vuln/detail/CVE-2021-28699
CVE-2021-34560In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.9 a form contains a password field with autocomplete enabled. The stored credentials can be captured by an attacker who gains control over the user's computer. Therefore the user must have logged in at least once.5.5https://nvd.nist.gov/vuln/detail/CVE-2021-34560
CVE-2021-34564Any cookie-stealing vulnerabilities within the application or browser would enable an attacker to steal the user's credentials to the PEPPERL+FUCHS WirelessHART-Gateway 3.0.9.5.5https://nvd.nist.gov/vuln/detail/CVE-2021-34564
CVE-2021-21681Jenkins Nomad Plugin 0.7.4 and earlier stores Docker passwords unencrypted in the global config.xml file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system.5.5https://nvd.nist.gov/vuln/detail/CVE-2021-21681
CVE-2021-36234Use of a hard-coded cryptographic key in MIK.starlight 7.9.5.24363 allows local users to decrypt credentials via unspecified vectors.5.5https://nvd.nist.gov/vuln/detail/CVE-2021-36234
CVE-2021-36054XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability potentially resulting in local application denial of service in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.5.5https://nvd.nist.gov/vuln/detail/CVE-2021-36054
CVE-2021-36058XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Integer Overflow vulnerability potentially resulting in application-level denial of service in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.5.5https://nvd.nist.gov/vuln/detail/CVE-2021-36058
CVE-2021-36077Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious SVG file, potentially resulting in local application denial of service in the context of the current user. User interaction is required to exploit this vulnerability.5.5https://nvd.nist.gov/vuln/detail/CVE-2021-36077
CVE-2021-34733A vulnerability in the CLI of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, local attacker to access sensitive information stored on the underlying file system of an affected system. This vulnerability exists because sensitive information is not sufficiently secured when it is stored. An attacker could exploit this vulnerability by gaining unauthorized access to sensitive information on an affected system. A successful exploit could allow the attacker to create forged authentication requests and gain unauthorized access to the affected system.5.5https://nvd.nist.gov/vuln/detail/CVE-2021-34733
CVE-2021-22525This release addresses a potential information leakage vulnerability in NetIQ Access Manager versions prior to 5.0.15.5https://nvd.nist.gov/vuln/detail/CVE-2021-22525
CVE-2021-33599A vulnerability affecting F-Secure Antivirus engine was discovered whereby scanning WIM archive file can lead to denial-of-service (infinite loop and freezes AV engine scanner). The vulnerability can be exploit remotely by an attacker. A successful attack will result in Denial-of-Service of the Anti-Virus engine.5.5https://nvd.nist.gov/vuln/detail/CVE-2021-33599
CVE-2021-32801Nextcloud server is an open source, self hosted personal cloud. In affected versions logging of exceptions may have resulted in logging potentially sensitive key material for the Nextcloud Encryption-at-Rest functionality. It is recommended that the Nextcloud Server is upgraded to 20.0.12, 21.0.4 or 22.1.0. If upgrading is not an option users are advised to disable system logging to resolve this issue until such time that an upgrade can be performed Note that ff you do not use the Encryption-at-Rest functionality of Nextcloud you are not affected by this bug.5.5https://nvd.nist.gov/vuln/detail/CVE-2021-32801
CVE-2021-39116Affected versions of Atlassian Jira Server and Data Center allow remote attackers to impact the application's availability via a Denial of Service (DoS) vulnerability in the GIF Image Reader component. The affected versions are before version 8.19.0.5.5https://nvd.nist.gov/vuln/detail/CVE-2021-39116
CVE-2021-1904Child process can leak information from parent process due to numeric pids are getting compared and these pid can be reused in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables5.5https://nvd.nist.gov/vuln/detail/CVE-2021-1904
CVE-2021-1929Lack of strict validation of bootmode can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables5.5https://nvd.nist.gov/vuln/detail/CVE-2021-1929
CVE-2021-30727A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, tvOS 14.6, watchOS 7.5, iOS 14.6 and iPadOS 14.6. A malicious application may be able to modify protected parts of the file system.5.5https://nvd.nist.gov/vuln/detail/CVE-2021-30727
CVE-2021-30733An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted font may result in the disclosure of process memory.5.5https://nvd.nist.gov/vuln/detail/CVE-2021-30733
CVE-2021-30738A malicious application may be able to overwrite arbitrary files. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-004 Mojave. An issue with path validation logic for hardlinks was addressed with improved path sanitization.5.5https://nvd.nist.gov/vuln/detail/CVE-2021-30738
CVE-2021-30763An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.7, watchOS 7.6. A shortcut may be able to bypass Internet permission requirements.5.5https://nvd.nist.gov/vuln/detail/CVE-2021-30763
CVE-2018-8434An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.5.4https://nvd.nist.gov/vuln/detail/CVE-2018-8434
CVE-2019-0275SAML 1.1 SSO Demo Application in SAP NetWeaver Java Application Server (J2EE-APPS), versions 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40 and 7.50, does not sufficiently encode user-controlled inputs, which results in cross-site scripting (XSS) vulnerability.5.4https://nvd.nist.gov/vuln/detail/CVE-2019-0275
CVE-2018-19658The Markdown editor in YXBJ before 8.3.2 on macOS has stored XSS. This behavior may be encountered by some Evernote users; however, it is a vulnerability in YXBJ, not a vulnerability in Evernote.5.4https://nvd.nist.gov/vuln/detail/CVE-2018-19658
CVE-2020-11038In FreeRDP less than or equal to 2.0.0, an Integer Overflow to Buffer Overflow exists. When using /video redirection, a manipulated server can instruct the client to allocate a buffer with a smaller size than requested due to an integer overflow in size calculation. With later messages, the server can manipulate the client to write data out of bound to the previously allocated buffer. This has been patched in 2.1.0.5.4https://nvd.nist.gov/vuln/detail/CVE-2020-11038
CVE-2020-24700OX App Suite through 7.10.3 allows SSRF because GET requests are sent to arbitrary domain names with an initial autoconfig. substring.5.4https://nvd.nist.gov/vuln/detail/CVE-2020-24700
CVE-2021-31712react-draft-wysiwyg (aka React Draft Wysiwyg) before 1.14.6 allows a javascript\: URi in a Link Target of the link decorator in decorators/Link/index.js when a draft is shared across users, leading to XSS.5.4https://nvd.nist.gov/vuln/detail/CVE-2021-31712
CVE-2021-24273The “Clever Addons for Elementor” WordPress Plugin before 2.1.0 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.5.4https://nvd.nist.gov/vuln/detail/CVE-2021-24273
CVE-2021-30170Special characters of ERP POS customer profile page are not filtered in users’ input, which allow remote authenticated attackers can inject malicious JavaScript and carry out stored XSS (Stored Cross-site scripting) attacks, additionally access and manipulate customer’s information.5.4https://nvd.nist.gov/vuln/detail/CVE-2021-30170
CVE-2021-30171Special characters of ERP POS news page are not filtered in users’ input, which allow remote authenticated attackers can inject malicious JavaScript and carry out stored XSS (Stored Cross-site scripting) attacks, additionally access and manipulate customer’s information.5.4https://nvd.nist.gov/vuln/detail/CVE-2021-30171
CVE-2021-28807A post-authentication reflected XSS vulnerability has been reported to affect QNAP NAS running Q’center. If exploited, this vulnerability allows remote attackers to inject malicious code. QNAP have already fixed this vulnerability in the following versions of Q’center: QTS 4.5.3: Q’center v1.12.1012 and later QTS 4.3.6: Q’center v1.10.1004 and later QTS 4.3.3: Q’center v1.10.1004 and later QuTS hero h4.5.2: Q’center v1.12.1012 and later QuTScloud c4.5.4: Q’center v1.12.1012 and later5.4https://nvd.nist.gov/vuln/detail/CVE-2021-28807
CVE-2021-32106In ICEcoder 8.0 allows, a reflected XSS vulnerability was identified in the multipe-results.php page due to insufficient sanitization of the _GET['replace'] variable. As a result, arbitrary Javascript code can get executed.5.4https://nvd.nist.gov/vuln/detail/CVE-2021-32106
CVE-2021-35501PandoraFMS <=7.54 allows Stored XSS by placing a payload in the name field of a visual console. When a user or an administrator visits the console, the XSS payload will be executed.5.4https://nvd.nist.gov/vuln/detail/CVE-2021-35501
CVE-2021-29105A stored Cross Site Scripting (XSS) vulnerability in Esri ArcGIS Server Services Directory version 10.8.1 and below may allow a remote authenticated attacker to pass and store malicious strings in the ArcGIS Services Directory.5.4https://nvd.nist.gov/vuln/detail/CVE-2021-29105
CVE-2020-19201A Stored Cross-Site Scripting (XSS) vulnerability was found in status_filter_reload.php, a page in the pfSense software WebGUI, on Netgate pfSense version 2.4.4-p2 and earlier. The page did not encode output from the filter reload process, and a stored XSS was possible via the descr (description) parameter on NAT rules.5.4https://nvd.nist.gov/vuln/detail/CVE-2020-19201
CVE-2021-32764Discourse is an open-source discussion platform. In Discourse versions 2.7.5 and prior, parsing and rendering of YouTube Oneboxes can be susceptible to XSS attacks. This vulnerability only affects sites which have modified or disabled Discourse's default Content Security Policy. The issue is patched in `stable` version 2.7.6, `beta` version 2.8.0.beta3, and `tests-passed` version 2.8.0.beta3. As a workaround, ensure that the Content Security Policy is enabled, and has not been modified in a way which would make it more vulnerable to XSS attacks.5.4https://nvd.nist.gov/vuln/detail/CVE-2021-32764
CVE-2021-25204Cross-site scripting (XSS) vulnerability in SourceCodester E-Commerce Website v 1.0 allows remote attackers to inject arbitrary web script or HTM via the subject field to feedback_process.php.5.4https://nvd.nist.gov/vuln/detail/CVE-2021-25204
CVE-2021-25790Multiple stored cross site scripting (XSS) vulnerabilities in the "Register" module of House Rental and Property Listing 1.0 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payloads in all text fields except for Phone Number and Alternate Phone Number.5.4https://nvd.nist.gov/vuln/detail/CVE-2021-25790
CVE-2021-36563The CheckMK management web console (versions 1.5.0 to 2.0.0) does not sanitise user input in various parameters of the WATO module. This allows an attacker to open a backdoor on the device with HTML content and interpreted by the browser (such as JavaScript or other client-side scripts), the XSS payload will be triggered when the user accesses some specific sections of the application. In the same sense a very dangerous potential way would be when an attacker who has the monitor role (not administrator) manages to get a stored XSS to steal the secretAutomation (for the use of the API in administrator mode) and thus be able to create another administrator user who has high privileges on the CheckMK monitoring web console. Another way is that persistent XSS allows an attacker to modify the displayed content or change the victim's information. Successful exploitation requires access to the web management interface, either with valid credentials or with a hijacked session.5.4https://nvd.nist.gov/vuln/detail/CVE-2021-36563
CVE-2021-39169Misskey is a decentralized microblogging platform. In versions of Misskey prior to 12.51.0, malicious actors can use the web client built-in dialog to display a malicious string, leading to cross-site scripting (XSS). XSS could compromise the API request token. This issue has been fixed in version 12.51.0. There are no known workarounds aside from upgrading.5.4https://nvd.nist.gov/vuln/detail/CVE-2021-39169
CVE-2021-38144An issue was discovered in Form Tools through 3.0.20. A low-privileged user can trigger Reflected XSS when a viewing a form via the submission_id parameter, e.g., clients/forms/edit_submission.php?form_id=1&view_id=1&submission_id=[XSS].5.4https://nvd.nist.gov/vuln/detail/CVE-2021-38144
CVE-2020-19048Cross Site Scripting (XSS) in MyBB v1.8.20 allows remote attackers to inject arbitrary web script or HTML via the "Title" field found in the "Add New Forum" page by doing an authenticated POST HTTP request to '/Upload/admin/index.php?module=forum-management&action=add'.5.4https://nvd.nist.gov/vuln/detail/CVE-2020-19048
CVE-2021-35239A security researcher found a user with Orion map manage rights could store XSS through via text box hyperlink.5.4https://nvd.nist.gov/vuln/detail/CVE-2021-35239
CVE-2021-37794A stored cross-site scripting (XSS) vulnerability exists in FileBrowser < v2.16.0 that allows an authenticated user authorized to upload a malicious .svg file which acts as a stored XSS payload. If this stored XSS payload is triggered by an administrator it will trigger malicious OS commands on the server running the FileBrowser instance.5.4https://nvd.nist.gov/vuln/detail/CVE-2021-37794
CVE-2021-39166Pimcore is an open source data & experience management platform. Prior to version 10.1.2, text-values were not properly escaped before printed in the version preview. This allowed XSS by authenticated users with access to the resources. This issue is patched in Pimcore version 10.1.2.5.4https://nvd.nist.gov/vuln/detail/CVE-2021-39166
CVE-2021-39170Pimcore is an open source data & experience management platform. Prior to version 10.1.2, an authenticated user could add XSS code as a value of custom metadata on assets. There is a patch for this issue in Pimcore version 10.1.2. As a workaround, users may apply the patch manually.5.4https://nvd.nist.gov/vuln/detail/CVE-2021-39170
CVE-2021-36061Adobe Connect version 11.2.2 (and earlier) is affected by a secure design principles violation vulnerability via the 'pbMode' parameter. An unauthenticated attacker could leverage this vulnerability to edit or delete recordings on the Connect environment. Exploitation of this issue requires user interaction in that a victim must publish a link of a Connect recording.5.4https://nvd.nist.gov/vuln/detail/CVE-2021-36061
CVE-2021-29852IBM Planning Analytics 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 205528.5.4https://nvd.nist.gov/vuln/detail/CVE-2021-29852
CVE-2021-40509ViewCommon.java in JForum2 2.7.0 allows XSS via a user signature.5.4https://nvd.nist.gov/vuln/detail/CVE-2021-40509
CVE-2021-24513The Form Builder | Create Responsive Contact Forms WordPress plugin before 1.9.8.4 does not sanitise or escape its Form Title, allowing high privilege users such as admin to set Cross-Site Scripting payload in them, even when the unfiltered_html capability is disallowed5.4https://nvd.nist.gov/vuln/detail/CVE-2021-24513
CVE-2021-24517The Stop Spammers Security | Block Spam Users, Comments, Forms WordPress plugin before 2021.18 does not escape some of its settings, allowing high privilege users such as admin to set Cross-Site Scripting payloads in them even when the unfiltered_html capability is disallowed5.4https://nvd.nist.gov/vuln/detail/CVE-2021-24517
CVE-2021-24568The AddToAny Share Buttons WordPress plugin before 1.7.46 does not sanitise its Sharing Header setting when outputting it in frontend pages, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed5.4https://nvd.nist.gov/vuln/detail/CVE-2021-24568
CVE-2021-24590The Cookie Notice & Consent Banner for GDPR & CCPA Compliance WordPress plugin before 1.7.2 does not properly sanitize inputs to prevent injection of arbitrary HTML within the plugin's design customization options.5.4https://nvd.nist.gov/vuln/detail/CVE-2021-24590
CVE-2021-24591The Highlight WordPress plugin before 0.9.3 does not sanitise its CustomCSS setting, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed5.4https://nvd.nist.gov/vuln/detail/CVE-2021-24591
CVE-2021-24601The WPFront Notification Bar WordPress plugin before 2.1.0.08087 does not properly sanitise and escape its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.5.4https://nvd.nist.gov/vuln/detail/CVE-2021-24601
CVE-2021-24603The Site Reviews WordPress plugin before 5.13.1 does not sanitise some of its Review Details when adding a review as an admin, which could allow them to perform Cross-Site Scripting attacks when the unfiltered_html is disallowed5.4https://nvd.nist.gov/vuln/detail/CVE-2021-24603
CVE-2021-24611The Keyword Meta WordPress plugin through 3.0 does not sanitise of escape its settings before outputting them back in the page after they are saved, allowing for Cross-Site Scripting issues. Furthermore, it is also lacking any CSRF check, allowing attacker to make a logged in high privilege user save arbitrary setting via a CSRF attack.5.4https://nvd.nist.gov/vuln/detail/CVE-2021-24611
CVE-2021-3767bookstack is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')5.4https://nvd.nist.gov/vuln/detail/CVE-2021-3767
CVE-2021-3768bookstack is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')5.4https://nvd.nist.gov/vuln/detail/CVE-2021-3768
CVE-2021-36094It's possible to craft a request for appointment edit screen, which could lead to the XSS attack. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.28 and prior versions.5.4https://nvd.nist.gov/vuln/detail/CVE-2021-36094
CVE-2021-33483An issue was discovered in CommentsService.ashx in OnyakTech Comments Pro 3.8. The comment posting functionality allows an attacker to add an XSS payload to the JSON request that will execute when users visit the page with the comment.5.4https://nvd.nist.gov/vuln/detail/CVE-2021-33483
CVE-2021-36696Deskpro cloud and on-premise Deskpro 2021.1.6 and fixed in Deskpro 2021.1.7 contains a cross-site scripting (XSS) vulnerability in social media links on a user profile due to lack of input validation.5.4https://nvd.nist.gov/vuln/detail/CVE-2021-36696
CVE-2021-32782Nextcloud Circles is an open source social network built for the nextcloud ecosystem. In affected versions the Nextcloud Circles application is vulnerable to a stored Cross-Site Scripting (XSS) vulnerability. Due the strict Content-Security-Policy shipped with Nextcloud, this issue is not exploitable on modern browsers supporting Content-Security-Policy. It is recommended that the Nextcloud Circles application is upgraded to 0.21.3, 0.20.10 or 0.19.14 to resolve this issue. As a workaround users may use a browser that has support for Content-Security-Policy. A notable exemption is Internet Explorer which does not support CSP properly.5.4https://nvd.nist.gov/vuln/detail/CVE-2021-32782
CVE-2021-38707Persistent cross-site scripting (XSS) vulnerabilities in ClinicCases 7.3.3 allow low-privileged attackers to introduce arbitrary JavaScript to account parameters. The XSS payloads will execute in the browser of any user who views the relevant content. This can result in account takeover via session token theft.5.4https://nvd.nist.gov/vuln/detail/CVE-2021-38707
CVE-2021-39496Eyoucms 1.5.4 lacks sanitization of input data, allowing an attacker to inject malicious code into `filename` param to trigger Reflected XSS.5.4https://nvd.nist.gov/vuln/detail/CVE-2021-39496
CVE-2021-40377SmarterTools SmarterMail 16.x before build 7866 has stored XSS. The application fails to sanitize email content, thus allowing one to inject HTML and/or JavaScript into a page that will then be processed and stored by the application.5.4https://nvd.nist.gov/vuln/detail/CVE-2021-40377
CVE-2021-36695Deskpro cloud and on-premise Deskpro 2021.1.6 and fixed in Deskpro 2021.1.7 contains a cross-site scripting (XSS) vulnerability in the download file feature on a manager profile due to lack of input validation.5.4https://nvd.nist.gov/vuln/detail/CVE-2021-36695
CVE-2021-30720A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious website may be able to access restricted ports on arbitrary servers.5.4https://nvd.nist.gov/vuln/detail/CVE-2021-30720
CVE-2020-19281A stored cross-site scripting (XSS) vulnerability in the /manage/loginusername component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the username field.5.4https://nvd.nist.gov/vuln/detail/CVE-2020-19281
CVE-2020-19284A stored cross-site scripting (XSS) vulnerability in the /group/comment component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the group comments text field.5.4https://nvd.nist.gov/vuln/detail/CVE-2020-19284
CVE-2020-19285A stored cross-site scripting (XSS) vulnerability in the /group/apply component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Name text field.5.4https://nvd.nist.gov/vuln/detail/CVE-2020-19285
CVE-2020-19286A stored cross-site scripting (XSS) vulnerability in the /question/detail component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the source field of the editor.5.4https://nvd.nist.gov/vuln/detail/CVE-2020-19286
CVE-2020-19287A stored cross-site scripting (XSS) vulnerability in the /group/post component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the title.5.4https://nvd.nist.gov/vuln/detail/CVE-2020-19287
CVE-2020-19288A stored cross-site scripting (XSS) vulnerability in the /localhost/u component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in a private message.5.4https://nvd.nist.gov/vuln/detail/CVE-2020-19288
CVE-2020-19289A stored cross-site scripting (XSS) vulnerability in the /member/picture/album component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the new album tab.5.4https://nvd.nist.gov/vuln/detail/CVE-2020-19289
CVE-2020-19290A stored cross-site scripting (XSS) vulnerability in the /weibo/comment component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Weibo comment section.5.4https://nvd.nist.gov/vuln/detail/CVE-2020-19290
CVE-2020-19291A stored cross-site scripting (XSS) vulnerability in the /weibo/publishdata component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in a posted Weibo.5.4https://nvd.nist.gov/vuln/detail/CVE-2020-19291
CVE-2020-19292A stored cross-site scripting (XSS) vulnerability in the /question/ask component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in a posted question.5.4https://nvd.nist.gov/vuln/detail/CVE-2020-19292
CVE-2020-19293A stored cross-site scripting (XSS) vulnerability in the /article/add component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in a posted article.5.4https://nvd.nist.gov/vuln/detail/CVE-2020-19293
CVE-2020-19294A stored cross-site scripting (XSS) vulnerability in the /article/comment component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the article comments section.5.4https://nvd.nist.gov/vuln/detail/CVE-2020-19294
CVE-2017-6955An issue was discovered in by-email/by-email.php in the Invite Anyone plugin before 1.3.15 for WordPress. A user is able to change the subject and the body of the invitation mail that should be immutable, which facilitates a social engineering attack.5.3https://nvd.nist.gov/vuln/detail/CVE-2017-6955
CVE-2017-6356Palo Alto Networks Terminal Services (aka TS) Agent 6.0, 7.0, and 8.0 before 8.0.1 uses weak permissions for unspecified resources, which allows attackers to obtain sensitive session information via unknown vectors.5.3https://nvd.nist.gov/vuln/detail/CVE-2017-6356
CVE-2017-9491The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST); Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST); Cisco DPC3939B (firmware version dpc3939b-v303r204217-150321a-CMCST); Cisco DPC3941T (firmware version DPC3941_2.5s3_PROD_sey); and Arris TG1682G (eMTA&DOCSIS version 10.0.132.SIP.PC20.CT, software version TG1682_2.2p7s2_PROD_sey) devices does not set the secure flag for cookies in an https session to an administration application, which makes it easier for remote attackers to capture these cookies by intercepting their transmission within an http session.5.3https://nvd.nist.gov/vuln/detail/CVE-2017-9491
CVE-2017-5061A race condition in navigation in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.5.3https://nvd.nist.gov/vuln/detail/CVE-2017-5061
CVE-2017-5107A timing attack in SVG rendering in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to extract pixel values from a cross-origin page being iframe'd via a crafted HTML page.5.3https://nvd.nist.gov/vuln/detail/CVE-2017-5107
CVE-2018-6470Nibbleblog 4.0.5 on macOS defaults to having .DS_Store in each directory, causing DS_Store information to leak.5.3https://nvd.nist.gov/vuln/detail/CVE-2018-6470
CVE-2018-10470Little Snitch versions 4.0 to 4.0.6 use the SecStaticCodeCheckValidityWithErrors() function without the kSecCSCheckAllArchitectures flag and therefore do not validate all architectures stored in a fat binary. An attacker can maliciously craft a fat binary containing multiple architectures that may cause a situation where Little Snitch treats the running process as having no code signature at all while erroneously indicating that the binary on disk does have a valid code signature. This could lead to users being confused about whether or not the code signature is valid.5.3https://nvd.nist.gov/vuln/detail/CVE-2018-10470
CVE-2019-3401The ManageFilters.jspa resource in Jira before version 7.13.3 and from version 8.0.0 before version 8.1.1 allows remote attackers to enumerate usernames via an incorrect authorisation check.5.3https://nvd.nist.gov/vuln/detail/CVE-2019-3401
CVE-2019-8097Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an internal ip disclosure vulnerability. Successful exploitation could lead to information disclosure.5.3https://nvd.nist.gov/vuln/detail/CVE-2019-8097
CVE-2020-1730A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR (or DES ciphers if enabled) ciphers. The server or client could crash when the connection hasn't been fully initialized and the system tries to cleanup the ciphers when closing the connection. The biggest threat from this vulnerability is system availability.5.3https://nvd.nist.gov/vuln/detail/CVE-2020-1730
CVE-2020-24381GUnet Open eClass Platform (aka openeclass) before 3.11 might allow remote attackers to read students' submitted assessments because it does not ensure that the web server blocks directory listings, and the data directory is inside the web root by default.5.3https://nvd.nist.gov/vuln/detail/CVE-2020-24381
CVE-2020-13956Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.5.3https://nvd.nist.gov/vuln/detail/CVE-2020-13956
CVE-2020-7071In PHP versions 7.3.x below 7.3.26, 7.4.x below 7.4.14 and 8.0.0, when validating URL with functions like filter_var($url, FILTER_VALIDATE_URL), PHP will accept an URL with invalid password as valid URL. This may lead to functions that rely on URL being valid to mis-parse the URL and produce wrong data as components of the URL.5.3https://nvd.nist.gov/vuln/detail/CVE-2020-7071
CVE-2020-15386Brocade Fabric OS prior to v9.0.1a and 8.2.3a and after v9.0.0 and 8.2.2d may observe high CPU load during security scanning, which could lead to a slower response to CLI commands and other operations.5.3https://nvd.nist.gov/vuln/detail/CVE-2020-15386
CVE-2021-33037Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP transfer-encoding request header in some circumstances leading to the possibility to request smuggling when used with a reverse proxy. Specifically: - Tomcat incorrectly ignored the transfer encoding header if the client declared it would only accept an HTTP/1.0 response; - Tomcat honoured the identify encoding; and - Tomcat did not ensure that, if present, the chunked encoding was the final encoding.5.3https://nvd.nist.gov/vuln/detail/CVE-2021-33037
CVE-2021-36156An issue was discovered in Grafana Loki through 2.2.1. The header value X-Scope-OrgID is used to construct file paths for rules files, and if crafted to conduct directory traversal such as ae ../../sensitive/path/in/deployment pathname, then Loki will attempt to parse a rules file at that location and include some of the contents in the error message.5.3https://nvd.nist.gov/vuln/detail/CVE-2021-36156
CVE-2021-38165Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data.5.3https://nvd.nist.gov/vuln/detail/CVE-2021-38165
CVE-2020-28397A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC S7 PLCSIM Advanced (All versions > V2 < V4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (Version V4.4), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions > V2.5 < V2.9.2), SIMATIC S7-1500 Software Controller (All versions > V2.5 < V21.9), TIM 1531 IRC (incl. SIPLUS NET variants) (Version V2.1). Due to an incorrect authorization check in the affected component, an attacker could extract information about access protected PLC program variables over port 102/tcp from an affected device when reading multiple attributes at once.5.3https://nvd.nist.gov/vuln/detail/CVE-2020-28397
CVE-2021-39241An issue was discovered in HAProxy 2.0 before 2.0.24, 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. An HTTP method name may contain a space followed by the name of a protected resource. It is possible that a server would interpret this as a request for that protected resource, such as in the "GET /admin? HTTP/1.1 /static/images HTTP/1.1" example.5.3https://nvd.nist.gov/vuln/detail/CVE-2021-39241
CVE-2021-34434In Eclipse Mosquitto versions 2.0 to 2.0.11, when using the dynamic security plugin, if the ability for a client to make subscriptions on a topic is revoked when a durable client is offline, then existing subscriptions for that client are not revoked.5.3https://nvd.nist.gov/vuln/detail/CVE-2021-34434
CVE-2021-34559In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.8 a vulnerability may allow remote attackers to rewrite links and URLs in cached pages to arbitrary strings.5.3https://nvd.nist.gov/vuln/detail/CVE-2021-34559
CVE-2021-27668HashiCorp Vault Enterprise 0.9.2 through 1.6.2 allowed the read of license metadata from DR secondaries without authentication. Fixed in 1.6.3.5.3https://nvd.nist.gov/vuln/detail/CVE-2021-27668
CVE-2021-39119Affected versions of Atlassian Jira Server and Data Center allow users who have watched an issue to continue receiving updates on the issue even after their Jira account is revoked, via a Broken Access Control vulnerability in the issue notification feature. The affected versions are before version 8.19.0.5.3https://nvd.nist.gov/vuln/detail/CVE-2021-39119
CVE-2021-38314The Gutenberg Template Library & Redux Framework plugin <= 4.2.11 for WordPress registered several AJAX actions available to unauthenticated users in the `includes` function in `redux-core/class-redux-core.php` that were unique to a given site but deterministic and predictable given that they were based on an md5 hash of the site URL with a known salt value of '-redux' and an md5 hash of the previous hash with a known salt value of '-support'. These AJAX actions could be used to retrieve a list of active plugins and their versions, the site's PHP version, and an unsalted md5 hash of site’s `AUTH_KEY` concatenated with the `SECURE_AUTH_KEY`.5.3https://nvd.nist.gov/vuln/detail/CVE-2021-38314
CVE-2021-39193Frontier is Substrate's Ethereum compatibility layer. Prior to commit number 0b962f218f0cdd796dadfe26c3f09e68f7861b26, a bug in `pallet-ethereum` can cause invalid transactions to be included in the Ethereum block state in `pallet-ethereum` due to not validating the input data size. Any invalid transactions included this way have no possibility to alter the internal Ethereum or Substrate state. The transaction will appear to have be included, but is of no effect as it is rejected by the EVM engine. The impact is further limited by Substrate extrinsic size constraints. A patch is available in commit number 0b962f218f0cdd796dadfe26c3f09e68f7861b26. There are no workarounds aside from applying the patch.5.3https://nvd.nist.gov/vuln/detail/CVE-2021-39193
CVE-2021-36093It's possible to create an email which can be stuck while being processed by PostMaster filters, causing DoS. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.28 and prior versions; 8.0.x version 8.0.15 and prior versions.5.3https://nvd.nist.gov/vuln/detail/CVE-2021-36093
CVE-2021-36095Malicious attacker is able to find out valid user logins by using the "lost password" feature. This issue affects: OTRS AG ((OTRS)) Community Edition version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.28 and prior versions.5.3https://nvd.nist.gov/vuln/detail/CVE-2021-36095
CVE-2021-34145The Bluetooth Classic implementation in the Cypress WICED BT stack through 2.9.0 for CYW20735B1 devices does not properly handle the reception of LMP_max_slot with an invalid Baseband packet type (and LT_ADDRESS and LT_ADDR) after completion of the LMP setup procedure, allowing attackers in radio range to trigger a denial of service (firmware crash) via a crafted LMP packet.5.3https://nvd.nist.gov/vuln/detail/CVE-2021-34145
CVE-2021-35947The public share controller in the ownCloud server before version 10.8.0 allows a remote attacker to see the internal path and the username of a public share by including invalid characters in the URL.5.3https://nvd.nist.gov/vuln/detail/CVE-2021-35947
CVE-2021-35949The shareinfo controller in the ownCloud Server before 10.8.0 allows an attacker to bypass the permission checks for upload only shares and list metadata about the share.5.3https://nvd.nist.gov/vuln/detail/CVE-2021-35949
CVE-2021-32766Nextcloud Text is an open source plaintext editing application which ships with the nextcloud server. In affected versions the Nextcloud Text application returned different error messages depending on whether a folder existed in a public link share. This is problematic in case the public link share has been created with "Upload Only" privileges. (aka "File Drop"). A link share recipient is not expected to see which folders or files exist in a "File Drop" share. Using this vulnerability an attacker is able to enumerate folders in such a share. Exploitation requires that the attacker has access to a valid affected "File Drop" link share. It is recommended that the Nextcloud Server is upgraded to 20.0.12, 21.0.4 or 22.0.1. Users who are unable to upgrade are advised to disable the Nextcloud Text application in the app settings.5.3https://nvd.nist.gov/vuln/detail/CVE-2021-32766
CVE-2021-37629Nextcloud Richdocuments is an open source collaborative office suite. In affected versions there is a lack of rate limiting on the Richdocuments OCS endpoint. This may have allowed an attacker to enumerate potentially valid share tokens. It is recommended that the Nextcloud Richdocuments app is upgraded to either 3.8.4 or 4.2.1 to resolve. For users unable to upgrade it is recommended that the Richdocuments application be disabled.5.3https://nvd.nist.gov/vuln/detail/CVE-2021-37629
CVE-2021-39122Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to view users' emails via an Information Disclosure vulnerability in the /rest/api/2/search endpoint. The affected versions are before version 8.5.13, from version 8.6.0 before 8.13.5, and from version 8.14.0 before 8.15.1.5.3https://nvd.nist.gov/vuln/detail/CVE-2021-39122
CVE-2020-29012An insufficient session expiration vulnerability in FortiSandbox versions 3.2.1 and below may allow an attacker to reuse the unexpired admin user session IDs to gain information about other users configured on the device, should the attacker be able to obtain that session ID (via other, hypothetical attacks)5.3https://nvd.nist.gov/vuln/detail/CVE-2020-29012
CVE-2021-39200WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions output data of the function wp_die() can be leaked under certain conditions, which can include data like nonces. It can then be used to perform actions on your behalf. This has been patched in WordPress 5.8.1, along with any older affected versions via minor releases. It's strongly recommended that you keep auto-updates enabled to receive the fix.5.3https://nvd.nist.gov/vuln/detail/CVE-2021-39200
CVE-2021-31797The user identification mechanism used by CyberArk Credential Provider prior to 12.1 is susceptible to a local host race condition, leading to password disclosure.5.1https://nvd.nist.gov/vuln/detail/CVE-2021-31797
CVE-2014-9563CRLF injection vulnerability in the web-based management (WBM) interface in Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 allows remote authenticated users to modify the root password and consequently access the debug port using the serial interface via the ssh-password parameter to page.cmd.4.9https://nvd.nist.gov/vuln/detail/CVE-2014-9563
CVE-2019-6841A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580 with firmware (version prior to V3.10), Modicon M340 (all firmware versions), and Modicon BMxCRA and 140CRA modules (all firmware versions), which could cause a Denial of Service attack on the PLC when upgrading the firmware with no firmware image inside the package using FTP protocol.4.9https://nvd.nist.gov/vuln/detail/CVE-2019-6841
CVE-2019-6842A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA and 140CRA modules (all firmware versions), which could cause a Denial of Service attack on the PLC when upgrading the firmware with a missing web server image inside the package using FTP protocol.4.9https://nvd.nist.gov/vuln/detail/CVE-2019-6842
CVE-2019-6843A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580 with firmware (version prior to V3.10), Modicon M340 (all firmware versions), and Modicon BMxCRA and 140CRA modules (all firmware versions), which could cause a Denial of Service attack on the PLC when upgrading the controller with an empty firmware package using FTP protocol.4.9https://nvd.nist.gov/vuln/detail/CVE-2019-6843
CVE-2019-6844A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA and 140CRA modules (all firmware versions), which could cause a Denial of Service atack on the PLC when upgrading the controller with a firmware package containing an invalid web server image using FTP protocol.4.9https://nvd.nist.gov/vuln/detail/CVE-2019-6844
CVE-2019-6847A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA and 140CRA modules (all firmware versions), which could cause a Denial of Service attack on the FTP service when upgrading the firmware with a version incompatible with the application in the controller using FTP protocol.4.9https://nvd.nist.gov/vuln/detail/CVE-2019-6847
CVE-2020-1774When user downloads PGP or S/MIME keys/certificates, exported file has same name for private and public keys. Therefore it's possible to mix them and to send private key to the third-party instead of public key. This issue affects ((OTRS)) Community Edition: 5.0.42 and prior versions, 6.0.27 and prior versions. OTRS: 7.0.16 and prior versions.4.9https://nvd.nist.gov/vuln/detail/CVE-2020-1774
CVE-2021-25643An issue was discovered in Couchbase Server 5.x and 6.x before 6.5.2 and 6.6.x before 6.6.2. Internal users with administrator privileges, @cbq-engine-cbauth and @index-cbauth, leak credentials in cleartext in the indexer.log file when they make a /listCreateTokens, /listRebalanceTokens, or /listMetadataTokens call.4.9https://nvd.nist.gov/vuln/detail/CVE-2021-25643
CVE-2021-28700xen/arm: No memory limit for dom0less domUs The dom0less feature allows an administrator to create multiple unprivileged domains directly from Xen. Unfortunately, the memory limit from them is not set. This allow a domain to allocate memory beyond what an administrator originally configured.4.9https://nvd.nist.gov/vuln/detail/CVE-2021-28700
CVE-2021-35219ExportToPdfCmd Arbitrary File Read Information Disclosure Vulnerability using ImportAlert function within the Alerts Settings page.4.9https://nvd.nist.gov/vuln/detail/CVE-2021-35219
CVE-2021-36096Generated Support Bundles contains private S/MIME and PGP keys if containing folder is not hidden. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.28 and prior versions; 8.0.x version 8.0.15 and prior versions.4.9https://nvd.nist.gov/vuln/detail/CVE-2021-36096
CVE-2021-37733A remote path traversal vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.1, 8.6.0.7, 8.5.0.11, 8.3.0.16. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address this security vulnerability.4.9https://nvd.nist.gov/vuln/detail/CVE-2021-37733
CVE-2021-27022A flaw was discovered in bolt-server and ace where running a task with sensitive parameters results in those sensitive parameters being logged when they should not be. This issue only affects SSH/WinRM nodes (inventory service nodes).4.9https://nvd.nist.gov/vuln/detail/CVE-2021-27022
CVE-2021-35240A security researcher stored XSS via a Help Server setting. This affects customers using Internet Explorer, because they do not support 'rel=noopener'.4.8https://nvd.nist.gov/vuln/detail/CVE-2021-35240
CVE-2021-35238User with Orion Platform Admin Rights could store XSS through URL POST parameter in CreateExternalWebsite website.4.8https://nvd.nist.gov/vuln/detail/CVE-2021-35238
CVE-2021-34759A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. To exploit this vulnerability, an attacker would need valid administrative credentials.4.8https://nvd.nist.gov/vuln/detail/CVE-2021-34759
CVE-2021-25737A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to private networks on a Node. Kubernetes already prevents creation of Endpoint IPs in the localhost or link-local range, but the same validation was not performed on EndpointSlice IPs.4.8https://nvd.nist.gov/vuln/detail/CVE-2021-25737
CVE-2016-3684SAP Download Manager 2.1.142 and earlier uses a hardcoded encryption key to protect stored data, which allows context-dependent attackers to obtain sensitive configuration information by leveraging knowledge of this key, aka SAP Security Note 2282338.4.7https://nvd.nist.gov/vuln/detail/CVE-2016-3684
CVE-2016-3685SAP Download Manager 2.1.142 and earlier generates an encryption key from a small key space on Windows and Mac systems, which allows context-dependent attackers to obtain sensitive configuration information by leveraging knowledge of a hardcoded key in the program code and a computer BIOS serial number, aka SAP Security Note 2282338.4.7https://nvd.nist.gov/vuln/detail/CVE-2016-3685
CVE-2017-5065Lack of an appropriate action on page navigation in Blink in Google Chrome prior to 58.0.3029.81 for Windows and Mac allowed a remote attacker to potentially confuse a user into making an incorrect security decision via a crafted HTML page.4.7https://nvd.nist.gov/vuln/detail/CVE-2017-5065
CVE-2018-1882In a certain atypical IBM Spectrum Protect 7.1 and 8.1 configurations, the node password could be displayed in plain text in the IBM Spectrum Protect client trace file. IBM X-Force ID: 151968.4.7https://nvd.nist.gov/vuln/detail/CVE-2018-1882
CVE-2021-21060Adobe Acrobat Pro DC versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an improper input validation vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.4.6https://nvd.nist.gov/vuln/detail/CVE-2021-21060
CVE-2020-5324Dell Client Consumer and Commercial Platforms contain an Arbitrary File Overwrite Vulnerability. The vulnerability is limited to the Dell Firmware Update Utility during the time window while being executed by an administrator. During this time window, a locally authenticated low-privileged malicious user could exploit this vulnerability by tricking an administrator into overwriting arbitrary files via a symlink attack. The vulnerability does not affect the actual binary payload that the update utility delivers.4.4https://nvd.nist.gov/vuln/detail/CVE-2020-5324
CVE-2020-8316A vulnerability was reported in Lenovo Vantage prior to version 10.2003.10.0 that could allow an authenticated user to read files on the system with elevated privileges.4.4https://nvd.nist.gov/vuln/detail/CVE-2020-8316
CVE-2018-1985IBM Trusteer Rapport/Apex 3.6.1908.22 contains an unused legacy driver which could allow a user with administrator privileges to cause a buffer overflow that would result in a kernel panic. IBM X-Force ID: 154207.4.4https://nvd.nist.gov/vuln/detail/CVE-2018-1985
CVE-2020-24431Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) for macOS are affected by a security feature bypass that could result in dynamic library code injection by the Adobe Reader process. Exploitation of this issue requires user interaction in that a victim must open a malicious file.4.4https://nvd.nist.gov/vuln/detail/CVE-2020-24431
CVE-2021-22194In all versions of GitLab, marshalled session keys were being stored in Redis.4.4https://nvd.nist.gov/vuln/detail/CVE-2021-22194
CVE-2021-27094Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-28447.4.4https://nvd.nist.gov/vuln/detail/CVE-2021-27094
CVE-2021-28447Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-27094.4.4https://nvd.nist.gov/vuln/detail/CVE-2021-28447
CVE-2021-0051Improper input validation in the Intel(R) SPS versions before SPS_E5_04.04.04.023.0, SPS_E5_04.04.03.228.0 or SPS_SoC-A_05.00.03.098.0 may allow a privileged user to potentially enable denial of service via local access.4.4https://nvd.nist.gov/vuln/detail/CVE-2021-0051
CVE-2021-0004Improper buffer restrictions in the firmware of Intel(R) Ethernet Adapters 800 Series Controllers and associated adapters before version 1.5.3.0 may allow a privileged user to potentially enable denial of service via local access.4.4https://nvd.nist.gov/vuln/detail/CVE-2021-0004
CVE-2021-0005Uncaught exception in firmware for Intel(R) Ethernet Adapters 800 Series Controllers and associated adapters before version 1.5.3.0 may allow a privileged user to potentially enable denial of service via local access.4.4https://nvd.nist.gov/vuln/detail/CVE-2021-0005
CVE-2021-0006Improper conditions check in firmware for Intel(R) Ethernet Adapters 800 Series Controllers and associated adapters before version 1.5.4.0 may allow a privileged user to potentially enable denial of service via local access.4.4https://nvd.nist.gov/vuln/detail/CVE-2021-0006
CVE-2021-0007Uncaught exception in firmware for Intel(R) Ethernet Adapters 800 Series Controllers and associated adapters before version 1.5.1.0 may allow a privileged attacker to potentially enable denial of service via local access.4.4https://nvd.nist.gov/vuln/detail/CVE-2021-0007
CVE-2021-0008Uncontrolled resource consumption in firmware for Intel(R) Ethernet Adapters 800 Series Controllers and associated adapters before version 1.5.3.0 may allow privileged user to potentially enable denial of service via local access.4.4https://nvd.nist.gov/vuln/detail/CVE-2021-0008
CVE-2021-31798The effective key space used to encrypt the cache in CyberArk Credential Provider prior to 12.1 has low entropy, and under certain conditions a local malicious user can obtain the plaintext of cache files.4.4https://nvd.nist.gov/vuln/detail/CVE-2021-31798
CVE-2021-39212ImageMagick is free software delivered as a ready-to-run binary distribution or as source code that you may use, copy, modify, and distribute in both open and proprietary applications. In affected versions and in certain cases, Postscript files could be read and written when specifically excluded by a `module` policy in `policy.xml`. ex. <policy domain="module" rights="none" pattern="PS" />. The issue has been resolved in ImageMagick 7.1.0-7 and in 6.9.12-22. Fortunately, in the wild, few users utilize the `module` policy and instead use the `coder` policy that is also our workaround recommendation: <policy domain="coder" rights="none" pattern="{PS,EPI,EPS,EPSF,EPSI}" />.4.4https://nvd.nist.gov/vuln/detail/CVE-2021-39212
CVE-2017-5033Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android failed to correctly propagate CSP restrictions to local scheme pages, which allowed a remote attacker to bypass content security policy via a crafted HTML page, related to the unsafe-inline keyword.4.3https://nvd.nist.gov/vuln/detail/CVE-2017-5033
CVE-2017-5040V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android was missing a neutering check, which allowed a remote attacker to read values in memory via a crafted HTML page.4.3https://nvd.nist.gov/vuln/detail/CVE-2017-5040
CVE-2017-5045XSS Auditor in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed detection of a blocked iframe load, which allowed a remote attacker to brute force JavaScript variables via a crafted HTML page.4.3https://nvd.nist.gov/vuln/detail/CVE-2017-5045
CVE-2017-5046V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android had insufficient policy enforcement, which allowed a remote attacker to spoof the location object via a crafted HTML page, related to Blink information disclosure.4.3https://nvd.nist.gov/vuln/detail/CVE-2017-5046
CVE-2017-5069Incorrect MIME type of XSS-Protection reports in Blink in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to circumvent Cross-Origin Resource Sharing checks via a crafted HTML page.4.3https://nvd.nist.gov/vuln/detail/CVE-2017-5069
CVE-2017-5075Inappropriate implementation in CSP reporting in Blink in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to obtain the value of url fragments via a crafted HTML page.4.3https://nvd.nist.gov/vuln/detail/CVE-2017-5075
CVE-2017-5079Inappropriate implementation in Blink in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed a remote attacker to display UI on a non attacker controlled tab via a crafted HTML page.4.3https://nvd.nist.gov/vuln/detail/CVE-2017-5079
CVE-2017-5083Inappropriate implementation in Blink in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed a remote attacker to display UI on a non attacker controlled tab via a crafted HTML page.4.3https://nvd.nist.gov/vuln/detail/CVE-2017-5083
CVE-2017-5102Use of an uninitialized value in Skia in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.4.3https://nvd.nist.gov/vuln/detail/CVE-2017-5102
CVE-2017-5103Use of an uninitialized value in Skia in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.4.3https://nvd.nist.gov/vuln/detail/CVE-2017-5103
CVE-2017-5109Inappropriate implementation of unload handler handling in permission prompts in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to display UI on a non attacker controlled tab via a crafted HTML page.4.3https://nvd.nist.gov/vuln/detail/CVE-2017-5109
CVE-2017-5118Blink in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, failed to correctly propagate CSP restrictions to javascript scheme pages, which allowed a remote attacker to bypass content security policy via a crafted HTML page.4.3https://nvd.nist.gov/vuln/detail/CVE-2017-5118
CVE-2018-15670An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. Its primary WebView instance implements "webView:decidePolicyForNavigationAction:request:frame:decisionListener:" such that OpenURL is the default URL handler. A navigation request is processed by the default URL handler only if the currentEvent is NX_LMOUSEUP or NX_OMOUSEUP. An attacker may abuse HTML elements with an EventHandler for a chance to validate navigation requests for URLs that are processed during the NX_LMOUSEUP event triggered by clicking an email.4.3https://nvd.nist.gov/vuln/detail/CVE-2018-15670
CVE-2019-8035Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .4.3https://nvd.nist.gov/vuln/detail/CVE-2019-8035
CVE-2019-8037Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .4.3https://nvd.nist.gov/vuln/detail/CVE-2019-8037
CVE-2019-8051Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .4.3https://nvd.nist.gov/vuln/detail/CVE-2019-8051
CVE-2019-8052Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .4.3https://nvd.nist.gov/vuln/detail/CVE-2019-8052
CVE-2019-8053Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .4.3https://nvd.nist.gov/vuln/detail/CVE-2019-8053
CVE-2019-8054Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .4.3https://nvd.nist.gov/vuln/detail/CVE-2019-8054
CVE-2019-8056Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .4.3https://nvd.nist.gov/vuln/detail/CVE-2019-8056
CVE-2019-8058Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .4.3https://nvd.nist.gov/vuln/detail/CVE-2019-8058
CVE-2019-8059Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .4.3https://nvd.nist.gov/vuln/detail/CVE-2019-8059
CVE-2019-14997The AccessLogFilter class in Jira before version 8.4.0 allows remote anonymous attackers to learn details about other users, including their username, via an information expose through caching vulnerability when Jira is configured with a reverse Proxy and or a load balancer with caching or a CDN.4.3https://nvd.nist.gov/vuln/detail/CVE-2019-14997
CVE-2019-8163Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .4.3https://nvd.nist.gov/vuln/detail/CVE-2019-8163
CVE-2019-8172Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .4.3https://nvd.nist.gov/vuln/detail/CVE-2019-8172
CVE-2019-8173Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .4.3https://nvd.nist.gov/vuln/detail/CVE-2019-8173
CVE-2019-8187Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .4.3https://nvd.nist.gov/vuln/detail/CVE-2019-8187
CVE-2019-8188Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .4.3https://nvd.nist.gov/vuln/detail/CVE-2019-8188
CVE-2019-8189Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .4.3https://nvd.nist.gov/vuln/detail/CVE-2019-8189
CVE-2019-8190Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .4.3https://nvd.nist.gov/vuln/detail/CVE-2019-8190
CVE-2019-8241Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.4.3https://nvd.nist.gov/vuln/detail/CVE-2019-8241
CVE-2019-8242Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.4.3https://nvd.nist.gov/vuln/detail/CVE-2019-8242
CVE-2019-8243Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.4.3https://nvd.nist.gov/vuln/detail/CVE-2019-8243
CVE-2019-8244Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.4.3https://nvd.nist.gov/vuln/detail/CVE-2019-8244
CVE-2019-15594GitLab 11.8 and later contains a security vulnerability that allows a user to obtain details of restricted pipelines via the merge request endpoint.4.3https://nvd.nist.gov/vuln/detail/CVE-2019-15594
CVE-2020-6797By downloading a file with the .fileloc extension, a semi-privileged extension could launch an arbitrary application on the user's computer. The attacker is restricted as they are unable to download non-quarantined files or supply command line arguments to the application, limiting the impact. Note: this issue only occurs on Mac OSX. Other operating systems are unaffected. This vulnerability affects Thunderbird < 68.5, Firefox < 73, and Firefox < ESR68.5.4.3https://nvd.nist.gov/vuln/detail/CVE-2020-6797
CVE-2020-3771Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.4.3https://nvd.nist.gov/vuln/detail/CVE-2020-3771
CVE-2020-3778Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.4.3https://nvd.nist.gov/vuln/detail/CVE-2020-3778
CVE-2020-3781Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.4.3https://nvd.nist.gov/vuln/detail/CVE-2020-3781
CVE-2020-3782Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.4.3https://nvd.nist.gov/vuln/detail/CVE-2020-3782
CVE-2020-3791Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.4.3https://nvd.nist.gov/vuln/detail/CVE-2020-3791
CVE-2020-1769In the login screens (in agent and customer interface), Username and Password fields use autocomplete, which might be considered as security issue. This issue affects: ((OTRS)) Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.4.3https://nvd.nist.gov/vuln/detail/CVE-2020-1769
CVE-2020-1770Support bundle generated files could contain sensitive information that might be unwanted to be disclosed. This issue affects: ((OTRS)) Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.4.3https://nvd.nist.gov/vuln/detail/CVE-2020-1770
CVE-2020-15376Brocade Fabric OS versions before v9.0.0 and after version v8.1.0, configured in Virtual Fabric mode contain a weakness in the ldap implementation that could allow a remote ldap user to login in the Brocade Fibre Channel SAN switch with "user" privileges if it is not associated with any groups.4.3https://nvd.nist.gov/vuln/detail/CVE-2020-15376
CVE-2021-21034Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to locally elevate privileges in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.4.3https://nvd.nist.gov/vuln/detail/CVE-2021-21034
CVE-2021-20306A flaw was found in the BPMN editor in version jBPM 7.51.0.Final. Any authenticated user from any project can see the name of Ruleflow Groups from other projects, despite the user not having access to those projects. The highest threat from this vulnerability is to confidentiality.4.3https://nvd.nist.gov/vuln/detail/CVE-2021-20306
CVE-2021-30587Inappropriate implementation in Compositing in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page.4.3https://nvd.nist.gov/vuln/detail/CVE-2021-30587
CVE-2021-30589Insufficient validation of untrusted input in Sharing in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to bypass navigation restrictions via a crafted click-to-call link.4.3https://nvd.nist.gov/vuln/detail/CVE-2021-30589
CVE-2021-30596Incorrect security UI in Navigation in Google Chrome on Android prior to 92.0.4515.131 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.4.3https://nvd.nist.gov/vuln/detail/CVE-2021-30596
CVE-2021-27557A cross-site request forgery (CSRF) vulnerability in the Cron job tab in EasyCorp ZenTao 12.5.3 allows attackers to update the fields of a Cron job.4.3https://nvd.nist.gov/vuln/detail/CVE-2021-27557
CVE-2021-29851IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser. IBM X-Force ID: 205527.4.3https://nvd.nist.gov/vuln/detail/CVE-2021-29851
CVE-2021-29853IBM Planning Analytics 2.0 could expose information that could be used to to create attacks by not validating the return values from some methods or functions. IBM X-Force ID: 205529.4.3https://nvd.nist.gov/vuln/detail/CVE-2021-29853
CVE-2020-15939An improper access control vulnerability (CWE-284) in FortiSandbox versions 3.2.1 and below and 3.1.4 and below may allow an authenticated, unprivileged attacker to download the device configuration file via the recovery URL.4.3https://nvd.nist.gov/vuln/detail/CVE-2020-15939
CVE-2021-39121Affected versions of Atlassian Jira Server and Data Center allow authenticated remote attackers to enumerate the keys of private Jira projects via an Information Disclosure vulnerability in the /rest/api/latest/projectvalidate/key endpoint. The affected versions are before version 8.5.18, from version 8.6.0 before 8.13.10, and from version 8.14.0 before 8.18.2.4.3https://nvd.nist.gov/vuln/detail/CVE-2021-39121
CVE-2021-28569Adobe Media Encoder version 15.1 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.4.3https://nvd.nist.gov/vuln/detail/CVE-2021-28569
CVE-2021-38641Microsoft Edge for Android Spoofing Vulnerability4.2https://nvd.nist.gov/vuln/detail/CVE-2021-38641
CVE-2021-38642Microsoft Edge for iOS Spoofing Vulnerability4.2https://nvd.nist.gov/vuln/detail/CVE-2021-38642
CVE-2021-3592An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootp_input() function and could occur while processing a udp packet that is smaller than the size of the 'bootp_t' structure. A malicious guest could use this flaw to leak 10 bytes of uninitialized heap memory from the host. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0.3.8https://nvd.nist.gov/vuln/detail/CVE-2021-3592
CVE-2017-5928The W3C High Resolution Time API, as implemented in various web browsers, does not consider that memory-reference times can be measured by a performance.now "Time to Tick" approach even with the https://bugzilla.mozilla.org/show_bug.cgi?id=1167489#c9 protection mechanism in place, which makes it easier for remote attackers to conduct AnC attacks via crafted JavaScript code.3.7https://nvd.nist.gov/vuln/detail/CVE-2017-5928
CVE-2017-5081Lack of verification of an extension's locale folder in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed an attacker with local write access to modify extensions by modifying extension files.3.3https://nvd.nist.gov/vuln/detail/CVE-2017-5081
CVE-2020-1987An information exposure vulnerability in the logging component of Palo Alto Networks Global Protect Agent allows a local authenticated user to read VPN cookie information when the troubleshooting logging level is set to "Dump". This issue affects Palo Alto Networks Global Protect Agent 5.0 versions prior to 5.0.9; 5.1 versions prior to 5.1.1.3.3https://nvd.nist.gov/vuln/detail/CVE-2020-1987
CVE-2020-3972VMware Tools for macOS (11.x.x and prior before 11.1.1) contains a denial-of-service vulnerability in the Host-Guest File System (HGFS) implementation. Successful exploitation of this issue may allow attackers with non-admin privileges on guest macOS virtual machines to create a denial-of-service condition on their own VMs.3.3https://nvd.nist.gov/vuln/detail/CVE-2020-3972
CVE-2020-9706Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.3.3https://nvd.nist.gov/vuln/detail/CVE-2020-9706
CVE-2020-9707Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.3.3https://nvd.nist.gov/vuln/detail/CVE-2020-9707
CVE-2020-9710Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.3.3https://nvd.nist.gov/vuln/detail/CVE-2020-9710
CVE-2020-24426Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.3.3https://nvd.nist.gov/vuln/detail/CVE-2020-24426
CVE-2020-24427Acrobat Reader versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an input validation vulnerability when decoding a crafted codec that could result in the disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.3.3https://nvd.nist.gov/vuln/detail/CVE-2020-24427
CVE-2020-24434Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.3.3https://nvd.nist.gov/vuln/detail/CVE-2020-24434
CVE-2020-24438Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a use-after-free vulnerability that could result in a memory address leak. Exploitation of this issue requires user interaction in that a victim must open a malicious file.3.3https://nvd.nist.gov/vuln/detail/CVE-2020-24438
CVE-2021-21046Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to cause an application denial-of-service. Exploitation of this issue requires user interaction in that a victim must open a malicious file.3.3https://nvd.nist.gov/vuln/detail/CVE-2021-21046
CVE-2021-21061Acrobat Pro DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use-after-free vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.3.3https://nvd.nist.gov/vuln/detail/CVE-2021-21061
CVE-2020-24512Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.3.3https://nvd.nist.gov/vuln/detail/CVE-2020-24512
CVE-2020-18974Buffer Overflow in Netwide Assembler (NASM) v2.15.xx allows attackers to cause a denial of service via 'crc64i' in the component 'nasmlib/crc64'. This issue is different than CVE-2019-7147.3.3https://nvd.nist.gov/vuln/detail/CVE-2020-18974
CVE-2021-34563In PEPPERL+FUCHS WirelessHART-Gateway 3.0.8 and 3.0.9 the HttpOnly attribute is not set on a cookie. This allows the cookie's value to be read or set by client-side JavaScript.3.3https://nvd.nist.gov/vuln/detail/CVE-2021-34563
CVE-2021-36045XMP Toolkit SDK versions 2020.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.3.3https://nvd.nist.gov/vuln/detail/CVE-2021-36045
CVE-2021-36053XMP Toolkit SDK versions 2020.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.3.3https://nvd.nist.gov/vuln/detail/CVE-2021-36053
CVE-2021-36057XMP Toolkit SDK version 2020.1 (and earlier) is affected by a write-what-where condition vulnerability caused during the application's memory allocation process. This may cause the memory management functions to become mismatched resulting in local application denial of service in the context of the current user.3.3https://nvd.nist.gov/vuln/detail/CVE-2021-36057
CVE-2021-36071Adobe Bridge versions 11.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.3.3https://nvd.nist.gov/vuln/detail/CVE-2021-36071
CVE-2021-36074Adobe Bridge versions 11.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.3.3https://nvd.nist.gov/vuln/detail/CVE-2021-36074
CVE-2021-35995Adobe After Effects version 18.2.1 (and earlier) is affected by an Improper input validation vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.3.3https://nvd.nist.gov/vuln/detail/CVE-2021-35995
CVE-2021-36018Adobe After Effects version 18.2.1 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.3.3https://nvd.nist.gov/vuln/detail/CVE-2021-36018
CVE-2021-36019Adobe After Effects version 18.2.1 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.3.3https://nvd.nist.gov/vuln/detail/CVE-2021-36019
CVE-2020-5301SimpleSAMLphp versions before 1.18.6 contain an information disclosure vulnerability. The module controller in `SimpleSAML\\Module` that processes requests for pages hosted by modules, has code to identify paths ending with `.php` and process those as PHP code. If no other suitable way of handling the given path exists it presents the file to the browser. The check to identify paths ending with `.php` does not account for uppercase letters. If someone requests a path ending with e.g. `.PHP` and the server is serving the code from a case-insensitive file system, such as on Windows, the processing of the PHP code does not occur, and the source code is instead presented to the browser. An attacker may use this issue to gain access to the source code in third-party modules that is meant to be private, or even sensitive. However, the attack surface is considered small, as the attack will only work when SimpleSAMLphp serves such content from a file system that is not case-sensitive, such as on Windows. This issue is fixed in version 1.18.6.3.1https://nvd.nist.gov/vuln/detail/CVE-2020-5301
CVE-2021-39163Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the name, avatar, topic and number of members of a room if they know the ID of the room. This vulnerability is limited to homeservers where the vulnerable homeserver is in the room and untrusted users are permitted to create groups (communities). By default, only homeserver administrators can create groups. However, homeserver administrators can already access this information in the database or using the admin API. As a result, only homeservers where the configuration setting `enable_group_creation` has been set to `true` are impacted. Server administrators should upgrade to 1.41.1 or higher to patch the vulnerability. There are two potential workarounds. Server administrators can set `enable_group_creation` to `false` in their homeserver configuration (this is the default value) to prevent creation of groups by non-administrators. Administrators that are using a reverse proxy could, with partial loss of group functionality, block the endpoints `/_matrix/client/r0/groups/{group_id}/rooms` and `/_matrix/client/unstable/groups/{group_id}/rooms`.3.1https://nvd.nist.gov/vuln/detail/CVE-2021-39163
CVE-2021-39164Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the membership (list of members, with their display names) of a room if they know the ID of the room. The vulnerability is limited to rooms with `shared` history visibility. Furthermore, the unauthorised user must be using an account on a vulnerable homeserver that is in the room. Server administrators should upgrade to 1.41.1 or later in order to receive the patch. One workaround is available. Administrators of servers that use a reverse proxy could, with potentially unacceptable loss of functionality, block the endpoints: `/_matrix/client/r0/rooms/{room_id}/members` with `at` query parameter, and `/_matrix/client/unstable/rooms/{room_id}/members` with `at` query parameter.3.1https://nvd.nist.gov/vuln/detail/CVE-2021-39164
CVE-2020-24439Acrobat Reader DC for macOS versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a security feature bypass. While the practical security impact is minimal, a defense-in-depth fix has been implemented to further harden the Adobe Reader update process.2.8https://nvd.nist.gov/vuln/detail/CVE-2020-24439
CVE-2021-28566Magento versions 2.4.2 (and earlier), 2.4.1-p1 (and earlier) and 2.3.6-p1 (and earlier) are vulnerable to an Information Disclosure vulnerability when uploading a modified png file to a product image. Successful exploitation could lead to the disclosure of document root path by an unauthenticated attacker. Access to the admin console is required for successful exploitation.2.7https://nvd.nist.gov/vuln/detail/CVE-2021-28566
CVE-2021-3049An improper authorization vulnerability in the Palo Alto Networks Cortex XSOAR server enables an authenticated network-based attacker with investigation read permissions to download files from incident investigations of which they are aware but are not a part of. This issue impacts: All Cortex XSOAR 5.5.0 builds; Cortex XSOAR 6.1.0 builds earlier than 12099345. This issue does not impact Cortex XSOAR 6.2.0 versions.2.6https://nvd.nist.gov/vuln/detail/CVE-2021-3049
CVE-2019-1573GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS may allow a local authenticated attacker who has compromised the end-user account and gained the ability to inspect memory, to access authentication and/or session tokens and replay them to spoof the VPN session and gain access as the user.2.5https://nvd.nist.gov/vuln/detail/CVE-2019-1573
CVE-2021-40089An issue was discovered in PrimeKey EJBCA before 7.6.0. The General Purpose Custom Publisher, which is normally run to invoke a local script upon a publishing operation, was still able to run if the System Configuration setting Enable External Script Access was disabled. With this setting disabled it's not possible to create new such publishers, but existing publishers would continue to run.2.3https://nvd.nist.gov/vuln/detail/CVE-2021-40089
CVE-2020-11046In FreeRDP after 1.0 and before 2.0.0, there is a stream out-of-bounds seek in update_read_synchronize that could lead to a later out-of-bounds read.2.2https://nvd.nist.gov/vuln/detail/CVE-2020-11046
CVE-2001-0893Acme mini_httpd before 1.16 allows remote attackers to view sensitive files under the document root (such as .htpasswd) via a GET request with a trailing /.https://nvd.nist.gov/vuln/detail/CVE-2001-0893
CVE-2001-0892Acme Thttpd Secure Webserver before 2.22, with the chroot option enabled, allows remote attackers to view sensitive files under the document root (such as .htpasswd) via a GET request with a trailing /.https://nvd.nist.gov/vuln/detail/CVE-2001-0892
CVE-2007-0066The kernel in Microsoft Windows 2000 SP4, XP SP2, and Server 2003, when ICMP Router Discovery Protocol (RDP) is enabled, allows remote attackers to cause a denial of service via fragmented router advertisement ICMP packets that trigger an out-of-bounds read, aka "Windows Kernel TCP/IP/ICMP Vulnerability."https://nvd.nist.gov/vuln/detail/CVE-2007-0066
CVE-2010-2657Opera before 10.60 on Windows and Mac OS X does not properly prevent certain double-click operations from running a program located on a web site, which allows user-assisted remote attackers to execute arbitrary code via a crafted web page that bypasses a dialog.https://nvd.nist.gov/vuln/detail/CVE-2010-2657
CVE-2010-3414Google Chrome before 6.0.472.59 on Mac OS X does not properly implement file dialogs, which allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. NOTE: this issue exists because of an incorrect fix for CVE-2010-3112 on Mac OS X.https://nvd.nist.gov/vuln/detail/CVE-2010-3414
CVE-2010-4487Incomplete blacklist vulnerability in Google Chrome before 8.0.552.215 on Linux and Mac OS X allows remote attackers to have an unspecified impact via a "dangerous file."https://nvd.nist.gov/vuln/detail/CVE-2010-4487
CVE-2011-0776The sandbox implementation in Google Chrome before 9.0.597.84 on Mac OS X might allow remote attackers to obtain potentially sensitive information about local files via vectors related to the stat system call.https://nvd.nist.gov/vuln/detail/CVE-2011-0776
CVE-2011-0782Google Chrome before 9.0.597.84 on Mac OS X does not properly mitigate an unspecified flaw in the Mac OS X 10.5 SSL libraries, which allows remote attackers to cause a denial of service (application crash) via unknown vectors.https://nvd.nist.gov/vuln/detail/CVE-2011-0782
CVE-2011-1305Race condition in Google Chrome before 11.0.696.57 on Linux and Mac OS X allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to linked lists and a database.https://nvd.nist.gov/vuln/detail/CVE-2011-1305
CVE-2011-4374Integer overflow in Adobe Reader 9.x before 9.4.6 on Linux allows attackers to execute arbitrary code via unspecified vectors.https://nvd.nist.gov/vuln/detail/CVE-2011-4374
CVE-2012-0724Adobe Flash Player before 11.2.202.229 in Google Chrome before 18.0.1025.151 allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2012-0725.https://nvd.nist.gov/vuln/detail/CVE-2012-0724
CVE-2012-0725Adobe Flash Player before 11.2.202.229 in Google Chrome before 18.0.1025.151 allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2012-0724.https://nvd.nist.gov/vuln/detail/CVE-2012-0725
CVE-2012-1248app/config/core.php in baserCMS 1.6.15 and earlier does not properly handle installations in shared-hosting environments, which allows remote attackers to hijack sessions by leveraging administrative access to a different domain.https://nvd.nist.gov/vuln/detail/CVE-2012-1248
CVE-2012-2034Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2037.https://nvd.nist.gov/vuln/detail/CVE-2012-2034
CVE-2012-2035Stack-based buffer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code via unspecified vectors.https://nvd.nist.gov/vuln/detail/CVE-2012-2035
CVE-2012-2036Integer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code via unspecified vectors.https://nvd.nist.gov/vuln/detail/CVE-2012-2036
CVE-2012-2037Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2034.https://nvd.nist.gov/vuln/detail/CVE-2012-2037
CVE-2012-2038Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.https://nvd.nist.gov/vuln/detail/CVE-2012-2038
CVE-2012-2039Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via unspecified vectors.https://nvd.nist.gov/vuln/detail/CVE-2012-2039
CVE-2012-2040Untrusted search path vulnerability in the installer in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows local users to gain privileges via a Trojan horse executable file in an unspecified directory.https://nvd.nist.gov/vuln/detail/CVE-2012-2040
CVE-2011-4612icecast before 2.3.3 allows remote attackers to inject control characters such as newlines into the error loc (error.log) via a crafted URL.https://nvd.nist.gov/vuln/detail/CVE-2011-4612
CVE-2013-0894Buffer overflow in the vorbis_parse_setup_hdr_floors function in the Vorbis decoder in vorbisdec.c in libavcodec in FFmpeg through 1.1.3, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attackers to cause a denial of service (divide-by-zero error or out-of-bounds array access) or possibly have unspecified other impact via vectors involving a zero value for a bark map size.https://nvd.nist.gov/vuln/detail/CVE-2013-0894
CVE-2013-0256darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not properly generate documents, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL.https://nvd.nist.gov/vuln/detail/CVE-2013-0256
CVE-2013-2555Integer overflow in Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and before 11.1.115.54 on Android 4.x; Adobe AIR before 3.7.0.1530; and Adobe AIR SDK & Compiler before 3.7.0.1530 allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013.https://nvd.nist.gov/vuln/detail/CVE-2013-2555
CVE-2014-5247The _UpgradeBeforeConfigurationChange function in lib/client/gnt_cluster.py in Ganeti 2.10.0 before 2.10.7 and 2.11.0 before 2.11.5 uses world-readable permissions for the configuration backup file, which allows local users to obtain SSL keys, remote API credentials, and other sensitive information by reading the file, related to the upgrade command.https://nvd.nist.gov/vuln/detail/CVE-2014-5247
CVE-2014-0566Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0565.https://nvd.nist.gov/vuln/detail/CVE-2014-0566
CVE-2015-0312Double free vulnerability in Adobe Flash Player before 13.0.0.264 and 14.x through 16.x before 16.0.0.296 on Windows and OS X and before 11.2.202.440 on Linux allows attackers to execute arbitrary code via unspecified vectors.https://nvd.nist.gov/vuln/detail/CVE-2015-0312
CVE-2015-1209Use-after-free vulnerability in the VisibleSelection::nonBoundaryShadowTreeRootNode function in core/editing/VisibleSelection.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers improper handling of a shadow-root anchor.https://nvd.nist.gov/vuln/detail/CVE-2015-1209
CVE-2015-1210The V8ThrowException::createDOMException function in bindings/core/v8/V8ThrowException.cpp in the V8 bindings in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android, does not properly consider frame access restrictions during the throwing of an exception, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.https://nvd.nist.gov/vuln/detail/CVE-2015-1210
CVE-2015-1211The OriginCanAccessServiceWorkers function in content/browser/service_worker/service_worker_dispatcher_host.cc in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android does not properly restrict the URI scheme during a ServiceWorker registration, which allows remote attackers to gain privileges via a filesystem: URI.https://nvd.nist.gov/vuln/detail/CVE-2015-1211
CVE-2015-1212Multiple unspecified vulnerabilities in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android allow attackers to cause a denial of service or possibly have other impact via unknown vectors.https://nvd.nist.gov/vuln/detail/CVE-2015-1212
CVE-2015-1494The FancyBox for WordPress plugin before 3.0.3 for WordPress does not properly restrict access, which allows remote attackers to conduct cross-site scripting (XSS) attacks via an mfbfw[*] parameter in an update action to wp-admin/admin-post.php, as demonstrated by the mfbfw[padding] parameter and exploited in the wild in February 2015.https://nvd.nist.gov/vuln/detail/CVE-2015-1494
CVE-2014-6184Stack-based buffer overflow in dsmtca in the client in IBM Tivoli Storage Manager (TSM) 5.4 through 5.4.3.6, 5.5 through 5.5.4.3, 6.1 through 6.1.5.6, 6.2 before 6.2.5.4, and 6.3 before 6.3.2.3 on UNIX, Linux, and OS X allows local users to gain privileges via unspecified vectors.https://nvd.nist.gov/vuln/detail/CVE-2014-6184
CVE-2015-5122Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that leverages improper handling of the opaqueBackground property, as exploited in the wild in July 2015.https://nvd.nist.gov/vuln/detail/CVE-2015-5122
CVE-2015-5123Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a valueOf function, as exploited in the wild in July 2015.https://nvd.nist.gov/vuln/detail/CVE-2015-5123
CVE-2014-8450Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2015-4449, CVE-2015-4450, CVE-2015-5088, CVE-2015-5089, and CVE-2015-5092.https://nvd.nist.gov/vuln/detail/CVE-2014-8450
CVE-2015-3095Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5087, CVE-2015-5094, CVE-2015-5100, CVE-2015-5102, CVE-2015-5103, CVE-2015-5104, and CVE-2015-5115.https://nvd.nist.gov/vuln/detail/CVE-2015-3095
CVE-2015-4435Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-4438, CVE-2015-4441, CVE-2015-4445, CVE-2015-4447, CVE-2015-4451, CVE-2015-4452, CVE-2015-5085, and CVE-2015-5086.https://nvd.nist.gov/vuln/detail/CVE-2015-4435
CVE-2015-4438Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-4435, CVE-2015-4441, CVE-2015-4445, CVE-2015-4447, CVE-2015-4451, CVE-2015-4452, CVE-2015-5085, and CVE-2015-5086.https://nvd.nist.gov/vuln/detail/CVE-2015-4438
CVE-2015-4441Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-4435, CVE-2015-4438, CVE-2015-4445, CVE-2015-4447, CVE-2015-4451, CVE-2015-4452, CVE-2015-5085, and CVE-2015-5086.https://nvd.nist.gov/vuln/detail/CVE-2015-4441
CVE-2015-4443Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to cause a denial of service (NULL pointer dereference) via unspecified vectors, a different vulnerability than CVE-2015-4444.https://nvd.nist.gov/vuln/detail/CVE-2015-4443
CVE-2015-4444Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to cause a denial of service (NULL pointer dereference) via unspecified vectors, a different vulnerability than CVE-2015-4443.https://nvd.nist.gov/vuln/detail/CVE-2015-4444
CVE-2015-4445Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-4435, CVE-2015-4438, CVE-2015-4441, CVE-2015-4447, CVE-2015-4451, CVE-2015-4452, CVE-2015-5085, and CVE-2015-5086.https://nvd.nist.gov/vuln/detail/CVE-2015-4445
CVE-2015-4446Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass intended access restrictions and perform a transition from Low Integrity to Medium Integrity via unspecified vectors, a different vulnerability than CVE-2015-5090 and CVE-2015-5106.https://nvd.nist.gov/vuln/detail/CVE-2015-4446
CVE-2015-4447Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-4435, CVE-2015-4438, CVE-2015-4441, CVE-2015-4445, CVE-2015-4451, CVE-2015-4452, CVE-2015-5085, and CVE-2015-5086.https://nvd.nist.gov/vuln/detail/CVE-2015-4447
CVE-2015-4448Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5095, CVE-2015-5099, CVE-2015-5101, CVE-2015-5111, CVE-2015-5113, and CVE-2015-5114.https://nvd.nist.gov/vuln/detail/CVE-2015-4448
CVE-2015-4449Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2014-8450, CVE-2015-4450, CVE-2015-5088, CVE-2015-5089, and CVE-2015-5092.https://nvd.nist.gov/vuln/detail/CVE-2015-4449
CVE-2015-4450Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2014-8450, CVE-2015-4449, CVE-2015-5088, CVE-2015-5089, and CVE-2015-5092.https://nvd.nist.gov/vuln/detail/CVE-2015-4450
CVE-2015-4451Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-4435, CVE-2015-4438, CVE-2015-4441, CVE-2015-4445, CVE-2015-4447, CVE-2015-4452, CVE-2015-5085, and CVE-2015-5086.https://nvd.nist.gov/vuln/detail/CVE-2015-4451
CVE-2015-4452Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-4435, CVE-2015-4438, CVE-2015-4441, CVE-2015-4445, CVE-2015-4447, CVE-2015-4451, CVE-2015-5085, and CVE-2015-5086.https://nvd.nist.gov/vuln/detail/CVE-2015-4452
CVE-2015-5085Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-4435, CVE-2015-4438, CVE-2015-4441, CVE-2015-4445, CVE-2015-4447, CVE-2015-4451, CVE-2015-4452, and CVE-2015-5086.https://nvd.nist.gov/vuln/detail/CVE-2015-5085
CVE-2015-5086Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-4435, CVE-2015-4438, CVE-2015-4441, CVE-2015-4445, CVE-2015-4447, CVE-2015-4451, CVE-2015-4452, and CVE-2015-5085.https://nvd.nist.gov/vuln/detail/CVE-2015-5086
CVE-2015-5087Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3095, CVE-2015-5094, CVE-2015-5100, CVE-2015-5102, CVE-2015-5103, CVE-2015-5104, and CVE-2015-5115.https://nvd.nist.gov/vuln/detail/CVE-2015-5087
CVE-2015-5088Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2014-8450, CVE-2015-4449, CVE-2015-4450, CVE-2015-5089, and CVE-2015-5092.https://nvd.nist.gov/vuln/detail/CVE-2015-5088
CVE-2015-5089Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2014-8450, CVE-2015-4449, CVE-2015-4450, CVE-2015-5088, and CVE-2015-5092.https://nvd.nist.gov/vuln/detail/CVE-2015-5089
CVE-2015-5090Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass intended access restrictions and perform a transition from Low Integrity to Medium Integrity via unspecified vectors, a different vulnerability than CVE-2015-4446 and CVE-2015-5106.https://nvd.nist.gov/vuln/detail/CVE-2015-5090