CVE-2021-37701
Summary: The npm package "tar" (aka node-tar) before versions 4.4.16, 5.0.8, and 6.1.7 has an arbitrary file creation/overwrite and arbitrary...
CONFIRM
CVE-2021-37701
Summary: The npm package "tar" (aka node-tar) before versions 4.4.16, 5.0.8, and 6.1.7 has an arbitrary file creation/overwrite and arbitrary...
CVE-2021-37712
Summary: The npm package "tar" (aka node-tar) before versions 4.4.18, 5.0.10, and 6.1.9 has an arbitrary file creation/overwrite and arbitrary...
CVE-2021-37712
Summary: The npm package "tar" (aka node-tar) before versions 4.4.18, 5.0.10, and 6.1.9 has an arbitrary file creation/overwrite and arbitrary...
CVE-2021-37712
Summary: The npm package "tar" (aka node-tar) before versions 4.4.18, 5.0.10, and 6.1.9 has an arbitrary file creation/overwrite and arbitrary...
CVE-2021-41212
Summary: TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `tf.ragged.cross` can...
CVE-2021-41203
Summary: TensorFlow is an open source platform for machine learning. In affected versions an attacker can trigger undefined behavior, integer...
CVE-2021-32762
Summary: Redis is an open source, in-memory database that persists on disk. The redis-cli command line tool and redis-sentinel service...
CVE-2021-34595
Summary: A crafted request with invalid offsets may cause an out-of-bounds read or write access in CODESYS V2 Runtime Toolkit...
CVE-2021-34593
Summary: In CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56 unauthenticated crafted invalid requests may...
CVE-2020-11476
Summary: Concrete5 before 8.5.3 allows Unrestricted Upload of File with Dangerous Type such as a .phar file. Reference Links(if available):...
CVE-2021-41799
Summary: MediaWiki before 1.36.2 allows a denial of service (resource consumption because of lengthy query processing time). ApiQueryBacklinks (action=query&list=backlinks) can...
CVE-2021-41991
Summary: The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests with different...
CVE-2021-39225
Summary: Nextcloud is an open-source, self-hosted productivity platform. A missing permission check in Nextcloud Deck before 1.2.9, 1.4.5 and 1.5.3...
CVE-2019-10240
Summary: Eclipse hawkBit versions prior to 0.3.0M2 resolved Maven build artifacts for the Vaadin based UI over HTTP instead of...
CVE-2021-38479
Summary: Many API function codes receive raw pointers remotely from the user and trust these pointers as valid in-bound memory...
CVE-2020-1648
Summary: On Juniper Networks Junos OS and Junos OS Evolved devices, processing a specific BGP packet can lead to a...
CVE-2021-29679
Summary: IBM Cognos Analytics 11.1.7 and 11.2.0 could allow an authenticated user to execute code remotely due to incorrectly neutralizaing...
CVE-2018-13982
Summary: Smarty_Security::isTrustedResourceDir() in Smarty before 3.1.33 is prone to a path traversal vulnerability due to insufficient template code sanitization. This...
CVE-2021-29428
Summary: In Gradle before version 7.0, on Unix-like systems, the system temporary directory can be created with open permissions that...
CVE-2018-1000168
Summary: nghttp2 version >= 1.10.0 and nghttp2 = 1.31.1. Reference Links(if available): https://nghttp2.org/blog/2018/04/12/nghttp2-v1-31-1/ https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/ http://www.securityfocus.com/bid/103952 https://access.redhat.com/errata/RHSA-2019:0367 https://access.redhat.com/errata/RHSA-2019:0366 CVSS Score (if...
CVE-2021-20584
Summary: IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow a remote attacker to upload arbitrary files, caused by improper...
CVE-2021-35197
Summary: In MediaWiki before 1.31.15, 1.32.x through 1.35.x before 1.35.3, and 1.36.x before 1.36.1, bots have certain unintended API access....
CVE-2021-35197
Summary: In MediaWiki before 1.31.15, 1.32.x through 1.35.x before 1.35.3, and 1.36.x before 1.36.1, bots have certain unintended API access....
