CVE-2021-24006
Summary: An improper access control vulnerability in FortiManager versions 6.4.0 to 6.4.3 may allow an authenticated attacker with a restricted...
Vulnerabilities
CVE-2021-29631
Summary: In FreeBSD 13.0-STABLE before n246941-20f96f215562, 12.2-STABLE before r370400, 11.4-STABLE before r370399, 13.0-RELEASE before p4, 12.2-RELEASE before p10, and 11.4-RELEASE...
CVE-2021-35062
Summary: A Shell Metacharacter Injection vulnerability in result.php in DRK Odenwaldkreis Testerfassung March-2021 allow an attacker with a valid token...
CVE-2021-39373
Summary: Samsung Drive Manager 2.0.104 on Samsung H3 devices allows attackers to bypass intended access controls on disk management. WideCharToMultiByte,...
CVE-2021-29630
Summary: In FreeBSD 13.0-STABLE before n246938-0729ba2f49c9, 12.2-STABLE before r370383, 11.4-STABLE before r370381, 13.0-RELEASE before p4, 12.2-RELEASE before p10, and 11.4-RELEASE...
CVE-2021-39371
Summary: An XML external entity (XXE) injection in PyWPS before 4.4.5 allows an attacker to view files on the application...
CVE-2017-5156
Summary: A Cross-Site Request Forgery issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior. The...
CVE-2018-7720
Summary: A cross-site request forgery (CSRF) vulnerability exists in Western Bridge Cobub Razor 0.7.2 via /index.php?/user/createNewUser/, resulting in account creation....
CVE-2014-5086
Summary: A Command Execution vulnerability exists in Sphider Pro, and Sphider Plus 3.2 due to insufficient sanitization of fwrite to...
CVE-2021-35221
Summary: Improper Access Control Tampering Vulnerability using ImportAlert function which can lead to a Remote Code Execution (RCE) from the...
CVE-2021-36068
Summary: Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a...
CVE-2017-2630
Summary: A stack buffer overflow flaw was found in the Quick Emulator (QEMU) before 2.9 built with the Network Block...
CVE-2021-36370
Summary: An issue was discovered in Midnight Commander through 4.8.26. When establishing an SFTP connection, the fingerprint of the server...
CVE-2021-36691
Summary: libjxl v0.5.0 is affected by a Assertion failed issue in lib/jxl/image.cc jxl::PlaneBase::PlaneBase(). When encoding a malicous GIF file using...
CVE-2019-10086
Summary: In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker...
CVE-2021-21679
Summary: Jenkins Azure AD Plugin 179.vf6841393099e and earlier allows attackers to craft URLs that would bypass the CSRF protection of...
CVE-2019-18818 – Strapi / Strapi – Unspecified
Summary: CVE-2019-18818 is an unspecified vulnerability impacting multiple versions of Strapi. An exploit was observed in open source and a...
CVE-2019-19609 – Strapi / Strapi – OS command injection
Summary: CVE-2019-19609 is an OS command injection vulnerability impacting multiple versions of Strapi. An exploit was observed in open source...
CVE-2018-14576
Summary: The mintTokens function of a smart contract implementation for SunContract, an Ethereum token, has an integer overflow via the...
CVE-2019-12264
Summary: Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 6.9.4, and Vx7 has Incorrect Access Control in IPv4 assignment by the...
CVE-2019-12259
Summary: Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component....
CVE-2019-12263
Summary: Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). There...
CVE-2019-12258
Summary: Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component. This is a IPNET security vulnerability:...
CVE-2021-39608 – flatCore / flatCore CMS – Unrestricted file upload
Summary: CVE-2021-39608 is an unrestricted file upload vulnerability impacting FlatCore-CMS version 2.0.7. An exploit was observed in open source and...
