CVE-2021-42717
Summary: ModSecurity 3.x through 3.0.5 mishandles excessively nested JSON objects. Crafted JSON objects with nesting tens-of-thousands deep could result in...
Vulnerabilities
CVE-2021-45105 – Apache / Log4j – Uncontrolled resource consumption
Summary: CVE-2021-45105 is an uncontrolled resource consumption vulnerability impacting Apache Log4j2 versions 2.0-alpha1 through 2.16.0. A proof of concept (PoC)...
CVE-2021-30916
Summary: A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 15.1 and iPadOS...
CVE-2021-39646
Summary: Product: AndroidVersions: Android kernelAndroid ID: A-201537251References: N/A Reference Links(if available): https://source.android.com/security/bulletin/pixel/2021-12-01 CVSS Score (if available) v2: / MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N v3:...
CVE-2021-1016
Summary: In onCreate of UsbPermissionActivity.java, there is a possible way to grant an app access to USB without informed user...
CVE-2019-13115
Summary: In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow that could lead to an out-of-bounds read in...
CVE-2019-17498
Summary: In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check,...
CVE-2021-0675
Summary: In alac decoder, there is a possible out of bounds write due to an incorrect bounds check. This could...
CVE-2021-0769
Summary: In onCreate of AllowBindAppWidgetActivity.java, there is a possible bypass of user interaction requirements due to unclear UI. This could...
CVE-2021-0799
Summary: In ActivityThread.java, there is a possible way to collide the content provider's authorities. This could lead to local escalation...
CVE-2021-0918
Summary: In gatt_process_notification of gatt_cl.cc, there is a possible out of bounds write due to a missing bounds check. This...
CVE-2021-0918
Summary: In gatt_process_notification of gatt_cl.cc, there is a possible out of bounds write due to a missing bounds check. This...
CVE-2020-16156
Summary: CPAN 2.28 allows Signature Verification Bypass. Reference Links(if available): https://metacpan.org/pod/distribution/CPAN/scripts/cpan https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/ http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html CVSS Score (if available) v2: / MEDIUM...
CVE-2021-37604
Summary: In version 6.5 of our MiWi software and all previous versions including legacy products, there is a possibility of...
CVE-2021-37605
Summary: In version 6.5 of MiWi software and all previous versions including legacy products, the stack is validating only two...
CVE-2021-24945
Summary: The Like Button Rating ♥ LikeBtn WordPress plugin before 2.6.38 does not have any authorisation and CSRF checks in...
CVE-2021-41547
Summary: A vulnerability has been identified in Teamcenter Active Workspace V4.3 (All versions < V4.3.11), Teamcenter Active Workspace V5.0 (All...
CVE-2018-25021
Summary: The TCP Server module in toxcore before 0.2.8 doesn't free the TCP priority queue under certain conditions, which allows...
CVE-2021-44151
Summary: An issue was discovered in Reprise RLM 14.2. As the session cookies are small, an attacker can hijack any...
CVE-2016-8212
Summary: An issue was discovered in EMC RSA BSAFE Crypto-J versions prior to 6.2.2. There is an Improper OCSP Validation...
CVE-2019-3900
Summary: An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6,...
CVE-2021-44153
Summary: An issue was discovered in Reprise RLM 14.2. When editing the license file, it is possible for an admin...
CVE-2021-44154
Summary: An issue was discovered in Reprise RLM 14.2. By using an admin account, an attacker can write a payload...
CVE-2021-42278 – Microsoft / Windows – Privilege escalation
Summary: CVE-2021-42278 is a privilege escalation vulnerability impacting multiple products and versions of Microsoft Windows. An exploit and a vulnerability...
