CVE-2021-39929
Summary: Uncontrolled Recursion in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of...
exploit
CVE-2021-43175
Summary: The GOautodial API prior to commit 3c3a979 made on October 13th, 2021 exposes an API router that accepts a...
CVE-2021-42993
Summary: FlexiHub For Windows is affected by Integer Overflow. IOCTL Handler 0x22001B in the FlexiHub For Windows above 2.0.4340 below...
CVE-2021-42996
Summary: Donglify is affected by Integer Overflow. IOCTL Handler 0x22001B in the Donglify above 1.0.12309 below 1.7.14110 allow local attackers...
CVE-2021-4069
Summary: vim is vulnerable to Use After Free Reference Links(if available): https://huntr.dev/bounties/0efd6d23-2259-4081-9ff1-3ade26907d74 https://github.com/vim/vim/commit/e031fe90cf2e375ce861ff5e5e281e4ad229ebb9 CVSS Score (if available) v2: / MEDIUM...
CVE-2021-4069
Summary: vim is vulnerable to Use After Free Reference Links(if available): https://huntr.dev/bounties/0efd6d23-2259-4081-9ff1-3ade26907d74 https://github.com/vim/vim/commit/e031fe90cf2e375ce861ff5e5e281e4ad229ebb9 CVSS Score (if available) v2: / MEDIUM...
CVE-2021-24917
Summary: The WPS Hide Login WordPress plugin before 1.9.1 has a bug which allows to get the secret login page...
CVE-2021-40348
Summary: Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code injection. rhn-config-satellite.pl doesn't sanitize the configuration filename used to...
CVE-2021-40348
Summary: Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code injection. rhn-config-satellite.pl doesn't sanitize the configuration filename used to...
CVE-2021-40348
Summary: Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code injection. rhn-config-satellite.pl doesn't sanitize the configuration filename used to...
CVE-2021-21899
Summary: A code execution vulnerability exists in the dwgCompressor::copyCompBytes21 functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dwg file can lead...
CVE-2021-21899
Summary: A code execution vulnerability exists in the dwgCompressor::copyCompBytes21 functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dwg file can lead...
CVE-2021-21900
Summary: A code execution vulnerability exists in the dxfRW::processLType() functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dxf file can lead...
CVE-2021-21900
Summary: A code execution vulnerability exists in the dxfRW::processLType() functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dxf file can lead...
CVE-2020-36133
Summary: AOM v2.0.1 was discovered to contain a global buffer overflow via the component av1/encoder/partition_search.h. Reference Links(if available): https://bugs.chromium.org/p/aomedia/issues/detail?id=2913&q=&can=1 CVSS...
CVE-2020-36131
Summary: AOM v2.0.1 was discovered to contain a stack buffer overflow via the component stats/rate_hist.c. Reference Links(if available): https://bugs.chromium.org/p/aomedia/issues/detail?id=2911&q=&can=1 CVSS...
CVE-2020-36129
Summary: AOM v2.0.1 was discovered to contain a stack buffer overflow via the component src/aom_image.c. Reference Links(if available): https://bugs.chromium.org/p/aomedia/issues/detail?id=2912&q=&can=1 CVSS...
CVE-2021-43790
Summary: Lucet is a native WebAssembly compiler and runtime. There is a bug in the main branch of `lucet-runtime` affecting...
CVE-2021-41732
Summary: ** DISPUTED ** An issue was discovered in zeek version 4.1.0. There is a HTTP request splitting vulnerability that...
CVE-2021-38147
Summary: Wipro Holmes Orchestrator 20.4.1 (20.4.1_02_11_2020) allows remote attackers to download arbitrary files, such as reports containing sensitive information, because...
CVE-2021-24892
Summary: Insecure Direct Object Reference in edit function of Advanced Forms (Free & Pro) before 1.6.9 allows authenticated remote attacker...
CVE-2021-24877
Summary: The MainWP Child WordPress plugin before 4.1.8 does not validate the orderby and order parameter before using them in...
CVE-2021-43557
Summary: The uri-block plugin in Apache APISIX before 2.10.2 uses $request_uri without verification. The $request_uri is the full original request...
CVE-2021-43057
Summary: An issue was discovered in the Linux kernel before 5.14.8. A use-after-free in selinux_ptrace_traceme (aka the SELinux handler for...
