CVE-2021-3908
Summary: OctoRPKI does not limit the depth of a certificate chain, allowing for a CA to create children in an...
Third Party Advisory
CVE-2021-3910
Summary: OctoRPKI crashes when encountering a repository that returns an invalid ROA (just an encoded NUL (\0) character). Reference Links(if...
CVE-2021-3910
Summary: OctoRPKI crashes when encountering a repository that returns an invalid ROA (just an encoded NUL (\0) character). Reference Links(if...
CVE-2021-41203
Summary: TensorFlow is an open source platform for machine learning. In affected versions an attacker can trigger undefined behavior, integer...
CVE-2021-32762
Summary: Redis is an open source, in-memory database that persists on disk. The redis-cli command line tool and redis-sentinel service...
CVE-2021-38420
Summary: Delta Electronics DIALink versions 1.2.4.0 and prior default permissions give extensive permissions to low-privileged user accounts, which may allow...
CVE-2021-38422
Summary: Delta Electronics DIALink versions 1.2.4.0 and prior stores sensitive information in cleartext, which may allow an attacker to have...
CVE-2021-38416
Summary: Delta Electronics DIALink versions 1.2.4.0 and prior insecurely loads libraries, which may allow an attacker to use DLL hijacking...
CVE-2018-6122
Summary: Type confusion in WebAssembly in Google Chrome prior to 66.0.3359.139 allowed a remote attacker to potentially exploit heap corruption...
CVE-2020-23546
Summary: IrfanView 4.54 allows attackers to cause a denial of service or possibly other unspecified impacts via a crafted XBM...
CVE-2021-39225
Summary: Nextcloud is an open-source, self-hosted productivity platform. A missing permission check in Nextcloud Deck before 1.2.9, 1.4.5 and 1.5.3...
CVE-2020-28969
Summary: Aplioxio PDF ShapingUp 5.0.0.139 contains a buffer overflow which allows attackers to cause a denial of service (DoS) via...
CVE-2021-42107
Summary: Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and...
CVE-2021-24684
Summary: The WordPress PDF Light Viewer Plugin WordPress plugin before 1.4.12 allows users with Author roles to execute arbitrary OS...
CVE-2021-42369
Summary: Imagicle Application Suite (for Cisco UC) before 2021.Summer.2 allows SQL injection. A low-privileged user could inject a SQL statement...
CVE-2021-3581
Summary: Buffer Access with Incorrect Length Value in zephyr. Zephyr versions >= >=2.5.0 contain Buffer Access with Incorrect Length Value...
CVE-2021-41554
Summary: ** UNSUPPORTED WHEN ASSIGNED ** ARCHIBUS Web Central 21.3.3.815 (a version from 2014) does not properly validate requests for...
CVE-2021-37274
Summary: Kingdee KIS Professional Edition has a privilege escalation vulnerability. Attackers can use the vulnerability to gain computer administrator rights...
CVE-2021-37273
Summary: A Denial of Service issue exists in China Telecom Corporation EPON Tianyi Gateway ZXHN F450(EPON ONU) 3.0. Tianyi Gateway...
CVE-2021-30542
Summary: Use after free in Tab Strip in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user...
CVE-2021-30543
Summary: Use after free in Tab Strip in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user...
CVE-2021-39253
Summary: A crafted NTFS image can cause an out-of-bounds read in ntfs_runlists_merge_i in NTFS-3G < 2021.8.22. Reference Links(if available): https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp...
CVE-2021-39254
Summary: A crafted NTFS image can cause an integer overflow in memmove, leading to a heap-based buffer overflow in the...
CVE-2021-39123
Summary: Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to impact the application's availability via...
