CVE-2021-3272
Summary: jp2_decode in jp2/jp2_dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is an invalid relationship...
MISC
CVE-2020-24271
Summary: A CSRF vulnerability was discovered in EasyCMS v1.6 that can add an admin account through index.php?s=/admin/rbacuser/insert/navTabId/rbacuser/callbackType/closeCurrent, then post username=***&password=***....
CVE-2020-29394
Summary: A buffer overflow in the dlt_filter_load function in dlt_common.c from dlt-daemon 2.18.5 (GENIVI Diagnostic Log and Trace) allows arbitrary...
CVE-2020-15834
Summary: An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.1.5-std devices. The wireless network password is exposed in a QR...
CVE-2020-15832
Summary: An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.1.5-std devices. The poof.cgi script contains undocumented code that provides the...
CVE-2020-13860
Summary: An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices. The one-time password algorithm for the undocumented system account...
CVE-2021-3345
Summary: _gcry_md_block_write in cipher/hash-common.c in Libgcrypt version 1.9.0 has a heap-based buffer overflow when the digest final function sets a...
CVE-2020-13857
Summary: An issue was discovered on Mofi Network MOFI4500-4GXeLTE 3.6.1-std and 4.0.8-std devices. They can be rebooted by sending an...
CVE-2020-36207
Summary: An issue was discovered in the aovec crate through 2020-12-10 for Rust. Because Aovec does not have bounds on...
CVE-2020-36206
Summary: An issue was discovered in the rusb crate before 0.7.0 for Rust. Because of a lack of Send and...
CVE-2020-28052
Summary: An issue was discovered in Legion of the Bouncy Castle BC Java 1.65 and 1.66. The OpenBSDBCrypt.checkPassword utility method...
CVE-2020-27274
Summary: Some parsing functions in the affected product do not check the return value of malloc and the thread handling...
CVE-2020-27295
Summary: The affected product has uncontrolled resource consumption issues, which may allow an attacker to cause a denial-of-service condition on...
CVE-2020-6105
Summary: An exploitable code execution vulnerability exists in the multiple devices functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs...
CVE-2021-3309
Summary: packages/wekan-ldap/server/ldap.js in Wekan before 4.87 can process connections even though they are not authorized by the Certification Authority trust...
CVE-2020-26278
Summary: Weave Net is open source software which creates a virtual network that connects Docker containers across multiple hosts and...
CVE-2021-3164
Summary: ChurchRota 2.6.4 is vulnerable to authenticated remote code execution. The user does not need to have file upload permission...
CVE-2020-28403
Summary: A Cross-Site Request Forgery (CSRF) vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an attacker to change...
CVE-2021-20187
Summary: It was found in Moodle before version 3.10.1, 3.9.4, 3.8.7 and 3.5.16 that it was possible for site administrators...
CVE-2020-23162
Summary: Sensitive information disclosure and weak encryption in Pyrescom Termod4 time management devices before 10.04k allows remote attackers to read...
CVE-2021-21259
Summary: HedgeDoc is open source software which lets you create real-time collaborative markdown notes. In HedgeDoc before version 1.7.2, an...
CVE-2017-13750
Summary: There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1296 in JasPer 2.0.12 that will lead to...
CVE-2017-13751
Summary: There is a reachable assertion abort in the function calcstepsizes() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to...
CVE-2017-13752
Summary: There is a reachable assertion abort in the function jpc_dequantize() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to...
