CVE-2021-36948 – Microsoft / Windows – Privilege escalation
Summary: CVE-2021-36948 is a privilege escalation vulnerability impacting multiple products and versions of Microsoft Windows. A proof of concept (PoC)...
Vulnerabilities
CVE-2021-20091 – Buffalo / Multiple – Unspecified
Summary: CVE-2021-20091 is an unspecified vulnerability impacting Buffalo WSR-2533DHPL2 firmware versions 1.02 and earlier and Buffalo WSR-2533DHP3 firmware versions 1.24...
CVE-2020-29015 – Fortinet / FortiWeb – SQLi
Summary: CVE-2020-29015 is a structured query language injection (SQLi) vulnerability impacting multiple versions of Fortinet FortiWeb. A proof of concept...
CVE-2021-22123 – Fortinet / FortiWeb – OS command injection
Summary: CVE-2021-22123 is an OS command injection vulnerability impacting multiple versions of Fortinet FortiWeb's management interface. A proof of concept...
CVE-2020-14321 – Moodle / Moodle – Privilege escalation
Summary: CVE-2020-14321 is a privilege escalation vulnerability impacting multiple versions of Moodle. An exploit was observed in open source and...
CVE-2020-9497 – Apache / Guacamole – Information disclosure
Summary: CVE-2020-9497 is an information disclosure vulnerability impacting Apache Guacamole versions 1.1.0 and earlier. A proof of concept (PoC) was...
CVE-2020-19669
Summary: Cross Site Request Forgery (CSRF) vulnerability exists in Eyoucms 1.3.6 that can add an admin account via /login.php?m=admin&c=Admin&a=admin_add&lang=cn. Reference...
CVE-2020-22124
Summary: A vulnerability in the \inc\config.php component of joyplus-cms v1.6 allows attackers to access sensitive information. Reference Links(if available): https://github.com/876054426/vul/issues/1...
CVE-2020-22122
Summary: A SQL injection vulnerability in /oa.php?c=Staff&a=read of Find a Place LJCMS v 1.3 allows attackers to access sensitive database...
CVE-2020-22120
Summary: A remote code execution (RCE) vulnerability in /root/run/adm.php?admin-ediy&part=exdiy of imcat v5.1 allows authenticated attackers to execute arbitrary code. Reference...
CVE-2021-39282
Summary: Live555 through 1.08 has a memory leak in AC3AudioStreamParser for AC3 files. Reference Links(if available): http://www.live555.com/liveMedia/public/changelog.txt# http://lists.live555.com/pipermail/live-devel/2021-August/021970.html CVSS Score...
CVE-2021-34480
Summary: Scripting Engine Memory Corruption Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34480 CVSS Score (if available) v2: / MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P v3: / HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H...
CVE-2021-34483
Summary: Windows Print Spooler Elevation of Privilege Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34483 CVSS Score (if available) v2: / MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P v3:...
CVE-2021-38604
Summary: In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a...
CVE-2017-12613
Summary: When apr_time_exp*() or apr_os_exp_time*() functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2...
CVE-2021-38585
Summary: The WHM Locale Upload feature in cPanel before 98.0.1 allows unserialization attacks (SEC-585). Reference Links(if available): https://docs.cpanel.net/changelogs/98-change-log/ CVSS Score...
CVE-2021-38584
Summary: The WHM Locale Upload feature in cPanel before 98.0.1 allows XXE attacks (SEC-585). Reference Links(if available): https://docs.cpanel.net/changelogs/98-change-log/ CVSS Score...
CVE-2020-0570
Summary: Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5.9.10 may allow an authenticated user to potentially...
CVE-2021-38512
Summary: An issue was discovered in the actix-http crate before 3.0.0-beta.9 for Rust. HTTP/1 request smuggling (aka HRS) can occur,...
CVE-2021-38589
Summary: In cPanel before 96.0.13, scripts/fix-cpanel-perl does not properly restrict the overwriting of files (SEC-588). Reference Links(if available): https://docs.cpanel.net/changelogs/96-change-log/ CVSS...
CVE-2021-38587
Summary: In cPanel before 96.0.13, scripts/fix-cpanel-perl mishandles the creation of temporary files (SEC-586). Reference Links(if available): https://docs.cpanel.net/changelogs/96-change-log/ CVSS Score (if...
CVE-2021-38585
Summary: The WHM Locale Upload feature in cPanel before 98.0.1 allows unserialization attacks (SEC-585). Reference Links(if available): https://docs.cpanel.net/changelogs/98-change-log/ CVSS Score...
CVE-2021-38584
Summary: The WHM Locale Upload feature in cPanel before 98.0.1 allows XXE attacks (SEC-585). Reference Links(if available): https://docs.cpanel.net/changelogs/98-change-log/ CVSS Score...
CVE-2021-29376
Summary: ircII before 20210314 allows remote attackers to cause a denial of service (segmentation fault and client crash, disconnecting the...
