CVE-2021-37576
Summary: arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host...
exploit
CVE-2020-11581
Summary: An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet in tncc.jar, executed on...
CVE-2021-21897
Summary: A code execution vulnerability exists in the DL_Dxf::handleLWPolylineData functionality of Ribbonsoft dxflib 3.17.0. A specially-crafted .dxf file can lead...
CVE-2021-37694
Summary: @asyncapi/java-spring-cloud-stream-template generates a Spring Cloud Stream (SCSt) microservice. In versions prior to 0.7.0 arbitrary code injection was possible when...
CVE-2021-39141
Summary: XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may...
CVE-2021-39144
Summary: XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may...
CVE-2020-19750
Summary: An issue was discovered in gpac 0.8.0. The strdup function in box_code_base.c has a heap-based buffer over-read. Reference Links(if...
CVE-2020-19752
Summary: The find_color_or_error function in gifsicle 1.92 contains a NULL pointer dereference. Reference Links(if available): https://github.com/kohler/gifsicle/issues/140 CVSS Score (if available)...
CVE-2021-40524
Summary: In Pure-FTPd 1.0.49, an incorrect max_filesize quota mechanism in the server allows attackers to upload files of unbounded size,...
CVE-2020-19750
Summary: An issue was discovered in gpac 0.8.0. The strdup function in box_code_base.c has a heap-based buffer over-read. Reference Links(if...
CVE-2020-19752
Summary: The find_color_or_error function in gifsicle 1.92 contains a NULL pointer dereference. Reference Links(if available): https://github.com/kohler/gifsicle/issues/140 CVSS Score (if available)...
CVE-2021-40524
Summary: In Pure-FTPd 1.0.49, an incorrect max_filesize quota mechanism in the server allows attackers to upload files of unbounded size,...
CVE-2021-35062
Summary: A Shell Metacharacter Injection vulnerability in result.php in DRK Odenwaldkreis Testerfassung March-2021 allow an attacker with a valid token...
CVE-2021-39373
Summary: Samsung Drive Manager 2.0.104 on Samsung H3 devices allows attackers to bypass intended access controls on disk management. WideCharToMultiByte,...
CVE-2018-7720
Summary: A cross-site request forgery (CSRF) vulnerability exists in Western Bridge Cobub Razor 0.7.2 via /index.php?/user/createNewUser/, resulting in account creation....
CVE-2014-5086
Summary: A Command Execution vulnerability exists in Sphider Pro, and Sphider Plus 3.2 due to insufficient sanitization of fwrite to...
CVE-2021-36370
Summary: An issue was discovered in Midnight Commander through 4.8.26. When establishing an SFTP connection, the fingerprint of the server...
CVE-2021-36691
Summary: libjxl v0.5.0 is affected by a Assertion failed issue in lib/jxl/image.cc jxl::PlaneBase::PlaneBase(). When encoding a malicous GIF file using...
CVE-2021-39375
Summary: Philips Healthcare Tasy Electronic Medical Record (EMR) 3.06 allows SQL injection via the WAdvancedFilter/getDimensionItemsByCode FilterValue parameter. Reference Links(if available):...
CVE-2021-39375
Summary: Philips Healthcare Tasy Electronic Medical Record (EMR) 3.06 allows SQL injection via the WAdvancedFilter/getDimensionItemsByCode FilterValue parameter. Reference Links(if available):...
CVE-2021-39375
Summary: Philips Healthcare Tasy Electronic Medical Record (EMR) 3.06 allows SQL injection via the WAdvancedFilter/getDimensionItemsByCode FilterValue parameter. Reference Links(if available):...
CVE-2021-39375
Summary: Philips Healthcare Tasy Electronic Medical Record (EMR) 3.06 allows SQL injection via the WAdvancedFilter/getDimensionItemsByCode FilterValue parameter. Reference Links(if available):...
CVE-2021-27556
Summary: The Cron job tab in EasyCorp ZenTao 12.5.3 allows remote attackers (who have admin access) to execute arbitrary code...
CVE-2021-27556
Summary: The Cron job tab in EasyCorp ZenTao 12.5.3 allows remote attackers (who have admin access) to execute arbitrary code...
