CVE-2021-25289
Summary: An issue was discovered in Pillow before 8.1.1. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files...
MISC
CVE-2021-28295
Summary: Online Ordering System 1.0 is vulnerable to unauthenticated SQL injection through /onlineordering/GPST/admin/design.php, which may lead to database information disclosure....
CVE-2020-13949
Summary: In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large...
CVE-2020-13949
Summary: In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large...
CVE-2020-35654
Summary: In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation...
CVE-2020-13949
Summary: In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large...
CVE-2021-27364
Summary: An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an...
CVE-2021-27364
Summary: An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an...
CVE-2021-27365
Summary: An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length...
CVE-2021-27365
Summary: An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length...
CVE-2021-28375
Summary: An issue was discovered in the Linux kernel through 5.11.6. fastrpc_internal_invoke in drivers/misc/fastrpc.c does not prevent user applications from...
CVE-2021-21180
Summary: Use after free in tab search in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit...
CVE-2021-21188
Summary: Use after free in Blink in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap...
CVE-2021-21190
Summary: Uninitialized data in PDFium in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information...
CVE-2021-28375
Summary: An issue was discovered in the Linux kernel through 5.11.6. fastrpc_internal_invoke in drivers/misc/fastrpc.c does not prevent user applications from...
CVE-2020-24983
Summary: An issue was discovered in Quadbase EspressReports ES 7 Update 9. An unauthenticated attacker can create a malicious HTML...
CVE-2021-21381
Summary: Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In Flatpack since version 0.9.4...
CVE-2021-27085
Summary: Internet Explorer Remote Code Execution Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27085 CVSS Score (if available) v2: / HIGH v3: /...
CVE-2021-26901
Summary: Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26872, CVE-2021-26898. Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26901...
CVE-2021-27918
Summary: encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder)...
CVE-2021-26896
Summary: Windows DNS Server Denial of Service Vulnerability This CVE ID is unique from CVE-2021-27063. Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26896 CVSS...
CVE-2021-26896
Summary: Windows DNS Server Denial of Service Vulnerability This CVE ID is unique from CVE-2021-27063. Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26896 CVSS...
CVE-2021-26570
Summary: The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer...
CVE-2020-29553
Summary: The Scheduler in Grav CMS through 1.7.0-rc.17 allows an attacker to execute a system command by tricking an admin...
