CVE-2021-23343
Summary: All versions of package path-parse are vulnerable to Regular Expression Denial of Service (ReDoS) via splitDeviceRe, splitTailRe, and splitPathRe...
MISC
CVE-2021-28041
Summary: ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such...
CVE-2020-36197
Summary: An improper access control vulnerability has been reported to affect earlier versions of Music Station. If exploited, this vulnerability...
CVE-2021-27434
Summary: Products with Unified Automation .NET based OPC UA Client/Server SDK Bundle: Versions V3.0.7 and prior (.NET 4.5, 4.0, and...
CVE-2021-22117
Summary: RabbitMQ installers on Windows prior to version 3.8.16 do not harden plugin directory permissions, potentially allowing attackers with sufficient...
CVE-2020-10364
Summary: The SSH daemon on MikroTik routers through v6.44.3 could allow remote attackers to generate CPU activity, trigger refusal of...
CVE-2021-30145
Summary: A format string vulnerability in mpv through 0.33.0 allows user-assisted remote attackers to achieve code execution via a crafted...
CVE-2021-26311
Summary: In the AMD SEV/SEV-ES feature, memory can be rearranged in the guest address space that is not detected by...
CVE-2021-26311
Summary: In the AMD SEV/SEV-ES feature, memory can be rearranged in the guest address space that is not detected by...
CVE-2020-27150
Summary: In multiple versions of NPort IA5000A Series, the result of exporting a device’s configuration contains the passwords of all...
CVE-2020-28648
Summary: Improper input validation in the Auto-Discovery component of Nagios XI before 5.7.5 allows an authenticated attacker to execute remote...
CVE-2021-32918
Summary: An issue was discovered in Prosody before 0.11.9. Default settings are susceptible to remote unauthenticated denial-of-service (DoS) attacks via...
CVE-2021-32919
Summary: An issue was discovered in Prosody before 0.11.9. The undocumented dialback_without_dialback option in mod_dialback enables an experimental feature for...
CVE-2021-32920
Summary: Prosody before 0.11.9 allows Uncontrolled CPU Consumption via a flood of SSL/TLS renegotiation requests. Reference Links(if available): https://blog.prosody.im/prosody-0.11.9-released/ http://www.openwall.com/lists/oss-security/2021/05/13/1...
CVE-2021-32918
Summary: An issue was discovered in Prosody before 0.11.9. Default settings are susceptible to remote unauthenticated denial-of-service (DoS) attacks via...
CVE-2021-32919
Summary: An issue was discovered in Prosody before 0.11.9. The undocumented dialback_without_dialback option in mod_dialback enables an experimental feature for...
CVE-2021-32920
Summary: Prosody before 0.11.9 allows Uncontrolled CPU Consumption via a flood of SSL/TLS renegotiation requests. Reference Links(if available): https://blog.prosody.im/prosody-0.11.9-released/ http://www.openwall.com/lists/oss-security/2021/05/13/1...
CVE-2021-23009
Summary: On BIG-IP version 16.0.x before 16.0.1.1 and 15.1.x before 15.1.3, malformed HTTP/2 requests may cause an infinite loop which...
CVE-2020-28393
Summary: An unauthenticated remote attacker could create a permanent denial-of-service condition by sending specially crafted OSPF packets. Successful exploitation requires...
CVE-2021-27383
Summary: SmartVNC has a heap allocation leak vulnerability in the server Tight encoder, which could result in a denial-of-service condition...
CVE-2021-27385
Summary: A remote attacker could send specially crafted packets to a SmartVNC device layout handler on the client side, which...
CVE-2021-30482
Summary: In JetBrains UpSource before 2020.1.1883, application passwords were not revoked correctly Reference Links(if available): https://blog.jetbrains.com/blog/2021/05/07/jetbrains-security-bulletin-q1-2021/ https://blog.jetbrains.com CVSS Score (if...
CVE-2021-3472
Summary: A flaw was found in xorg-x11-server in versions before 1.20.11. An integer underflow can occur in xserver which can...
CVE-2020-15078
Summary: OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers...
