CVE-2021-1493
Summary: A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense...
Vulnerabilities
CVE-2021-31919
Summary: An issue was discovered in the rkyv crate before 0.6.0 for Rust. When an archive is created via serialization,...
CVE-2020-7731
Summary: This affects all versions of package github.com/russellhaering/gosaml2. There is a crash on nil-pointer dereference caused by sending malformed XML...
CVE-2021-25147
Summary: A remote authentication restriction bypass vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. Aruba has...
CVE-2021-21414
Summary: Prisma is an open source ORM for Node.js & TypeScript. As of today, we are not aware of any...
CVE-2021-25811
Summary: MERCUSYS Mercury X18G 1.0.5 devices allow Denial of service via a crafted value to the POST listen_http_lan parameter. Upon...
CVE-2020-21990
Summary: Emmanuel MyDomoAtHome (MDAH) REST API REST API Domoticz ISS Gateway 0.2.40 is affected by an information disclosure vulnerability due...
CVE-2020-10947
Summary: Mac Endpoint for Sophos Central before 9.9.6 and Mac Endpoint for Sophos Home before 2.2.6 allow Privilege Escalation. Reference...
CVE-2021-31791
Summary: In Hardware Sentry KM before 10.0.01 for BMC PATROL, a cleartext password may be discovered after a failure or...
CVE-2021-20401
Summary: IBM QRadar SIEM 7.3 and 7.4 contains hard-coded credentials, such as a password or cryptographic key, which it uses...
CVE-2020-5013
Summary: IBM QRadar SIEM 7.3 and 7.4 may vulnerable to a XML External Entity Injection (XXE) attack when processing XML...
CVE-2020-4932
Summary: IBM QRadar SIEM 7.3 and 7.4 contains hard-coded credentials, such as a password or cryptographic key, which it uses...
CVE-2020-22000
Summary: HomeAutomation 3.3.2 suffers from an authenticated OS command execution vulnerability using custom command v0.1 plugin. This can be exploited...
CVE-2020-21989
Summary: HomeAutomation 3.3.2 is affected by Cross Site Request Forgery (CSRF). The application interface allows users to perform certain actions...
CVE-2017-9438
Summary: libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service (stack consumption)...
CVE-2019-19648
Summary: In the macho_parse_file functionality in macho/macho.c of YARA 3.11.0, command_size may be inconsistent with the real size. A specially...
CVE-2020-7226
Summary: CiphertextHeader.java in Cryptacular 1.2.3, as used in Apereo CAS and other products, allows attackers to trigger excessive memory allocation...
CVE-2020-1763
Summary: An out-of-bounds buffer read flaw was found in the pluto daemon of libreswan from versions 3.27 till 3.31 where,...
CVE-2021-26675
Summary: A stack-based buffer overflow in dnsproxy in ConnMan before 1.39 could be used by network adjacent attackers to execute...
CVE-2021-21300
Summary: Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains...
CVE-2016-4971
Summary: GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to...
CVE-2020-27897
Summary: An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.1,...
CVE-2021-21431
Summary: sopel-channelmgnt is a channelmgnt plugin for sopel. In versions prior to 2.0.1, on some IRC servers, restrictions around the...
CVE-2021-27077
Summary: Windows Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26863, CVE-2021-26875, CVE-2021-26900. Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27077...
