CVE-2020-10648
Summary: Das U-Boot through 2020.01 allows attackers to bypass verified boot restrictions and subsequently boot arbitrary images by providing a...
Vulnerabilities
CVE-2020-27874
Summary: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent WeChat 7.0.18. User interaction is...
CVE-2021-27587
Summary: When a user opens manipulated Jupiter Tessellation (.JT) format files received from untrusted sources in SAP 3D Visual Enterprise...
CVE-2021-27586
Summary: When a user opens manipulated Interchange File Format (.IFF) format files received from untrusted sources in SAP 3D Visual...
CVE-2021-28089
Summary: Tor before 0.4.5.7 allows a remote participant in the Tor directory protocol to exhaust CPU resources on a target,...
CVE-2020-11309
Summary: Use after free in GPU driver while mapping the user memory to GPU memory due to improper check of...
CVE-2021-21349
Summary: XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there...
CVE-2021-28789
Summary: The unofficial apple/swift-format extension before 1.1.2 for Visual Studio Code allows remote attackers to execute arbitrary code by constructing...
CVE-2020-25649
Summary: A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw...
CVE-2021-21380
Summary: XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected...
CVE-2020-13949
Summary: In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large...
CVE-2020-13949
Summary: In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large...
CVE-2020-13949
Summary: In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large...
CVE-2020-13949
Summary: In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large...
CVE-2021-24146
Summary: Lack of authorisation checks in the Modern Events Calendar Lite WordPress plugin, versions before 5.16.5, did not properly restrict...
CVE-2021-27057
Summary: Microsoft Office Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24108, CVE-2021-27059. Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27057 https://www.zerodayinitiative.com/advisories/ZDI-21-334/...
CVE-2021-26991
Summary: Cloud Manager versions prior to 3.9.4 contain an insecure Cross-Origin Resource Sharing (CORS) policy which could allow a remote...
CVE-2021-26992
Summary: Cloud Manager versions prior to 3.9.4 are susceptible to a vulnerability which could allow a remote attacker to cause...
CVE-2021-28419
Summary: The "order_col" parameter in archive.php of SEO Panel 4.8.0 is vulnerable to time-based blind SQL injection, which leads to...
CVE-2021-20678
Summary: SQL injection vulnerability in the Paid Memberships Pro versions prior to 2.5.6 allows remote authenticated attackers to execute arbitrary...
CVE-2021-27892
Summary: SSH Tectia Client and Server before 6.4.19 on Windows allow local privilege escalation. ConnectSecure on Windows is affected. Reference...
CVE-2021-25289
Summary: An issue was discovered in Pillow before 8.1.1. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files...
CVE-2021-28295
Summary: Online Ordering System 1.0 is vulnerable to unauthenticated SQL injection through /onlineordering/GPST/admin/design.php, which may lead to database information disclosure....
CVE-2020-13949
Summary: In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large...
