CVE-2021-24791
Summary: The Header Footer Code Manager WordPress plugin before 1.1.14 does not validate and escape the "orderby" and "order" request...
Vulnerabilities
CVE-2016-3976
Summary: Directory traversal vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers to read arbitrary files via...
CVE-2016-3976
Summary: Directory traversal vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers to read arbitrary files via...
CVE-2021-36957
Summary: Windows Desktop Bridge Elevation of Privilege Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36957 CVSS Score (if available) v2: / MEDIUM v3:...
CVE-2021-42292 – Microsoft / Multiple – Security Feature Bypass
Summary: CVE-2021-42292 is a security feature bypass vulnerability impacting multiple versions of Microsoft Excel. A proof of concept (PoC) was...
CVE-2021-41226
Summary: TensorFlow is an open source platform for machine learning. In affected versions the implementation of `SparseBinCount` is vulnerable to...
CVE-2021-41212
Summary: TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `tf.ragged.cross` can...
CVE-2021-41224
Summary: TensorFlow is an open source platform for machine learning. In affected versions the implementation of `SparseFillEmptyRows` can be made...
CVE-2021-41223
Summary: TensorFlow is an open source platform for machine learning. In affected versions the implementation of `FusedBatchNorm` kernels is vulnerable...
CVE-2021-41203
Summary: TensorFlow is an open source platform for machine learning. In affected versions an attacker can trigger undefined behavior, integer...
CVE-2015-3636 – Linux Foundation / Linux Kernel – Use after free
Summary: CVE-2015-3636 is a use after free vulnerability impacting Linux kernel before versions 4.0.3. An exploit was observed in open...
CVE-2015-1805 – Linux Foundation / Linux Kernel – Unspecified
Summary: CVE-2015-1805 is an unspecified vulnerability impacting Linux kernel before versions 3.16. An exploit was observed in open source and...
CVE-2020-0041 – Google / Android – Out-of-bounds write
Summary: CVE-2020-0041 is an out-of-bounds write vulnerability impacting Google Android. An exploit was observed in open source and subsequently shared...
CVE-2021-36923
Summary: RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve unauthorized access...
CVE-2021-36924
Summary: RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve a pool...
CVE-2021-36925
Summary: RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve an arbitrary...
CVE-2020-28702
Summary: A SQL injection vulnerability in TopicMapper.xml of PybbsCMS v5.2.1 allows attackers to access sensitive database information. Reference Links(if available):...
CVE-2021-42557
Summary: In Jeedom through 4.1.19, a bug allows a remote attacker to bypass API access and retrieve users credentials. Reference...
CVE-2021-32762
Summary: Redis is an open source, in-memory database that persists on disk. The redis-cli command line tool and redis-sentinel service...
CVE-2019-7548
Summary: SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled. Reference Links(if available): https://github.com/no-security/sqlalchemy_test https://github.com/sqlalchemy/sqlalchemy/issues/4481#issuecomment-461204518 https://lists.debian.org/debian-lts-announce/2019/03/msg00020.html https://access.redhat.com/errata/RHSA-2019:0984...
CVE-2021-30846
Summary: A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS...
CVE-2021-30851
Summary: A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS...
CVE-2021-41103
Summary: containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug was found...
CVE-2021-38420
Summary: Delta Electronics DIALink versions 1.2.4.0 and prior default permissions give extensive permissions to low-privileged user accounts, which may allow...
