CVE-2019-10081
Summary: HTTP/2 (2.4.20 through 2.4.39) very early pushes, for example configured with "H2PushResource", could lead to an overwrite of memory...
MISC
CVE-2019-10097
Summary: In Apache HTTP Server 2.4.32-2.4.39, when mod_remoteip was configured to use a trusted intermediary proxy server using the "PROXY"...
CVE-2020-11993
Summary: Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic...
CVE-2021-33623
Summary: The trim-newlines package before 3.0.1 and 4.x before 4.0.1 for Node.js has an issue related to regular expression denial-of-service...
CVE-2021-33587
Summary: The css-what package before 5.0.1 for Node.js does not ensure that attribute parsing has Linear Time Complexity relative to...
CVE-2021-33558
Summary: Boa 0.94.13 allows remote attackers to obtain sensitive information via a misconfiguration involving backup.html, preview.html, js/log.js, log.html, email.html, online-users.html,...
CVE-2021-22359
Summary: There is a denial of service vulnerability in the verisions V200R005C00SPC500 of S5700 and V200R005C00SPC500 of S6700. An attacker...
CVE-2021-22734
Summary: Improper Verification of Cryptographic Signature vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could...
CVE-2021-22735
Summary: Improper Verification of Cryptographic Signature vulnerability exists inhomeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could allow...
CVE-2021-22736
Summary: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in homeLYnk (Wiser For KNX) and...
CVE-2018-16495
Summary: In VOS user session identifier (authentication token) is issued to the browser prior to authentication but is not changed...
CVE-2021-21206
Summary: Use after free in Blink in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap...
CVE-2021-21207
Summary: Use after free in IndexedDB in Google Chrome prior to 90.0.4430.72 allowed an attacker who convinced a user to...
CVE-2020-36197
Summary: An improper access control vulnerability has been reported to affect earlier versions of Music Station. If exploited, this vulnerability...
CVE-2020-27815
Summary: A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with...
CVE-2021-33563
Summary: Koel before 5.1.4 lacks login throttling, lacks a password strength policy, and shows whether a failed login attempt had...
CVE-2021-27028
Summary: A Memory Corruption Vulnerability in Autodesk FBX Review version 1.4.0 may lead to remote code execution through maliciously crafted...
CVE-2019-15538
Summary: An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a...
CVE-2021-27027
Summary: A Out-Of-Bounds Read/Write Vulnerability in Autodesk FBX Review version 1.4.0 may lead to remote code execution through maliciously crafted...
CVE-2020-35517
Summary: A flaw was found in qemu. A host privilege escalation issue was found in the virtio-fs shared file system...
CVE-2020-18395
Summary: A NULL-pointer deference issue was discovered in GNU_gama::set() in ellipsoid.h in Gama 2.04 which can lead to a denial...
CVE-2021-20095
Summary: Relative Path Traversal in Babel 2.9.0 allows an attacker to load arbitrary locale files on disk and execute arbitrary...
CVE-2021-29350
Summary: SQL injection in the getip function in conn/function.php in ??100-???????? 1.1 allows remote attackers to inject arbitrary SQL commands...
CVE-2021-21230
Summary: Type confusion in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption...
