CVE-2021-21414
Summary: Prisma is an open source ORM for Node.js & TypeScript. As of today, we are not aware of any...
MISC
CVE-2021-25811
Summary: MERCUSYS Mercury X18G 1.0.5 devices allow Denial of service via a crafted value to the POST listen_http_lan parameter. Upon...
CVE-2021-31791
Summary: In Hardware Sentry KM before 10.0.01 for BMC PATROL, a cleartext password may be discovered after a failure or...
CVE-2020-22000
Summary: HomeAutomation 3.3.2 suffers from an authenticated OS command execution vulnerability using custom command v0.1 plugin. This can be exploited...
CVE-2019-19648
Summary: In the macho_parse_file functionality in macho/macho.c of YARA 3.11.0, command_size may be inconsistent with the real size. A specially...
CVE-2020-7226
Summary: CiphertextHeader.java in Cryptacular 1.2.3, as used in Apereo CAS and other products, allows attackers to trigger excessive memory allocation...
CVE-2021-26675
Summary: A stack-based buffer overflow in dnsproxy in ConnMan before 1.39 could be used by network adjacent attackers to execute...
CVE-2021-21300
Summary: Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains...
CVE-2020-27897
Summary: An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.1,...
CVE-2021-27077
Summary: Windows Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26863, CVE-2021-26875, CVE-2021-26900. Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27077...
CVE-2021-27077
Summary: Windows Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26863, CVE-2021-26875, CVE-2021-26900. Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27077...
CVE-2021-27077
Summary: Windows Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26863, CVE-2021-26875, CVE-2021-26900. Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27077...
CVE-2021-27077
Summary: Windows Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26863, CVE-2021-26875, CVE-2021-26900. Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27077...
CVE-2021-1640
Summary: Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26878. Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1640 https://www.zerodayinitiative.com/advisories/ZDI-21-493/...
CVE-2020-14295
Summary: A SQL injection issue in color.php in Cacti 1.2.12 allows an admin to inject SQL via the filter parameter....
CVE-2021-23988
Summary: Mozilla developers reported memory safety bugs present in Firefox 86. Some of these bugs showed evidence of memory corruption...
CVE-2021-23988
Summary: Mozilla developers reported memory safety bugs present in Firefox 86. Some of these bugs showed evidence of memory corruption...
CVE-2021-23988
Summary: Mozilla developers reported memory safety bugs present in Firefox 86. Some of these bugs showed evidence of memory corruption...
CVE-2021-23988
Summary: Mozilla developers reported memory safety bugs present in Firefox 86. Some of these bugs showed evidence of memory corruption...
CVE-2021-31540
Summary: Wowza Streaming Engine through 4.8.5 (in a default installation) has incorrect file permissions of configuration files in the conf/...
CVE-2021-31540
Summary: Wowza Streaming Engine through 4.8.5 (in a default installation) has incorrect file permissions of configuration files in the conf/...
CVE-2021-20088
Summary: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in mootools-more 1.6.0 allows a malicious user to inject properties...
CVE-2021-20088
Summary: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in mootools-more 1.6.0 allows a malicious user to inject properties...
CVE-2021-20087
Summary: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in jquery-deparam 0.5.1 allows a malicious user to inject properties...
