CVE-2021-38147
Summary: Wipro Holmes Orchestrator 20.4.1 (20.4.1_02_11_2020) allows remote attackers to download arbitrary files, such as reports containing sensitive information, because...
Vulnerabilities
CVE-2021-30807 – Apple / Multiple – Memory corruption
Summary: CVE-2021-30807 is a memory corruption vulnerability impacting Apple iOS and iPadOS versions 14.7 and earlier, Apple macOS Big Sur...
CVE-2021-37035
Summary: There is a Remote DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause the app to exit...
CVE-2021-37007
Summary: There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause kernel crash. Reference Links(if...
CVE-2021-37008
Summary: There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause kernel crash. Reference...
CVE-2021-24892
Summary: Insecure Direct Object Reference in edit function of Advanced Forms (Free & Pro) before 1.6.9 allows authenticated remote attacker...
CVE-2021-20835
Summary: Improper authorization in handler for custom URL scheme vulnerability in Android App 'Mercari (Merpay) - Marketplace and Mobile Payments...
CVE-2017-14160
Summary: The bark_noise_hybridmp function in psy.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service (out-of-bounds...
CVE-2018-10392
Summary: mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels, which allows remote attackers to...
CVE-2018-10393
Summary: bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read. Reference Links(if available): https://gitlab.xiph.org/xiph/vorbis/issues/2334 https://access.redhat.com/errata/RHSA-2019:3703 https://lists.debian.org/debian-lts-announce/2019/11/msg00031.html https://security.gentoo.org/glsa/202003-36...
CVE-2020-0034
Summary: In vp8_decode_frame of decodeframe.c, there is a possible out of bounds read due to improper input validation. This could...
CVE-2021-35063
Summary: Suricata before 5.0.7 and 6.x before 6.0.3 has a "critical evasion." Reference Links(if available): https://github.com/OISF/suricata/releases https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990835 https://security-tracker.debian.org/tracker/CVE-2021-35063 https://forum.suricata.io/t/suricata-6-0-3-and-5-0-7-released/1489 https://bugzilla.redhat.com/show_bug.cgi?id=1980453...
CVE-2021-36311
Summary: Dell EMC Networker versions prior to 19.5 contain an Improper Authorization vulnerability. Any local malicious user with networker user...
CVE-2021-36335
Summary: Dell EMC CloudLink 7.1 and all prior versions contain an Improper Input Validation Vulnerability. A remote low privileged attacker,...
CVE-2021-20845
Summary: Cross-site request forgery (CSRF) vulnerability in Unlimited Sitemap Generator versions prior to v8.2 allows a remote attacker to hijack...
CVE-2021-20846
Summary: Cross-site request forgery (CSRF) vulnerability in Push Notifications for WordPress (Lite) versions prior to 6.0.1 allows a remote attacker...
CVE-2021-36917
Summary: WordPress Hide My WP plugin (versions
CVE-2021-36808
Summary: A local attacker could bypass the app password using a race condition in Sophos Secure Workspace for Android before...
CVE-2021-36808
Summary: A local attacker could bypass the app password using a race condition in Sophos Secure Workspace for Android before...
CVE-2021-3935
Summary: When PgBouncer is configured to use "cert" authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection...
CVE-2021-3935
Summary: When PgBouncer is configured to use "cert" authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection...
CVE-2021-3935
Summary: When PgBouncer is configured to use "cert" authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection...
CVE-2021-3935
Summary: When PgBouncer is configured to use "cert" authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection...
CVE-2021-24877
Summary: The MainWP Child WordPress plugin before 4.1.8 does not validate the orderby and order parameter before using them in...
