CVE-2021-22173
Summary: Memory leak in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or...
MISC
CVE-2021-33175
Summary: EMQ X Broker versions prior to 4.2.8 are vulnerable to a denial of service attack as a result of...
CVE-2021-0482
Summary: In BinderDiedCallback of MediaCodec.cpp, there is a possible memory corruption due to a use after free. This could lead...
CVE-2021-32924
Summary: Invision Community (aka IPS Community Suite) before 4.6.0 allows eval-based PHP code injection by a moderator because the IPS\cms\modules\front\pages\_builder::previewBlock...
CVE-2021-32923
Summary: HashiCorp Vault and Vault Enterprise allowed the renewal of nearly-expired token leases and dynamic secret leases (specifically, those within...
CVE-2021-31985
Summary: Microsoft Defender Remote Code Execution Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31985 CVSS Score (if available) v2: / MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P v3: /...
CVE-2019-25036
Summary: ** DISPUTED ** Unbound before 1.9.5 allows an assertion failure and denial of service in synth_cname. NOTE: The vendor...
CVE-2019-25037
Summary: ** DISPUTED ** Unbound before 1.9.5 allows an assertion failure and denial of service in dname_pkt_copy via an invalid...
CVE-2019-25040
Summary: ** DISPUTED ** Unbound before 1.9.5 allows an infinite loop via a compressed name in dname_pkt_copy. NOTE: The vendor...
CVE-2019-25041
Summary: ** DISPUTED ** Unbound before 1.9.5 allows an assertion failure via a compressed name in dname_pkt_copy. NOTE: The vendor...
CVE-2021-3516
Summary: There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted...
CVE-2021-30509
Summary: Out of bounds write in Tab Strip in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a...
CVE-2010-3843
Summary: The gtkui_conf_read function in src/interfaces/gtk/ec_gtk_conf.c in Ettercap 0.7.3, when the GTK interface is used, does not ensure that the...
CVE-2019-13538
Summary: 3S-Smart Software Solutions GmbH CODESYS V3 Library Manager, all versions prior to 3.5.16.0, allows the system to display active...
CVE-2021-31525
Summary: net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service (panic)...
CVE-2016-20011
Summary: libgrss through 0.7.0 fails to perform TLS certificate verification when downloading feeds, allowing remote attackers to manipulate the contents...
CVE-2018-6383
Summary: Monstra CMS through 3.0.4 has an incomplete "forbidden types" list that excludes .php (and similar) file extensions but not...
CVE-2021-22908
Summary: A buffer overflow vulnerability exists in Windows File Resource Profiles in 9.X allows a remote authenticated user with privileges...
CVE-2021-28676
Summary: An issue was discovered in Pillow before 8.2.0. For FLI data, FliDecode did not properly check that the block...
CVE-2020-11993
Summary: Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic...
CVE-2020-9490
Summary: Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request...
CVE-2020-9490
Summary: Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request...
CVE-2021-3561
Summary: An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could allow an...
CVE-2018-16497
Summary: In Versa Analytics, the cron jobs are used for scheduling tasks by executing commands at specific dates and times...
