CVE-2018-20506
Summary: SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3...
Third Party Advisory
CVE-2021-21406
Summary: Combodo iTop is an open source, web based IT Service Management tool. In versions prior to 2.7.4, there is...
CVE-2020-29157
Summary: An issue in RAONWIZ K Editor v2018.0.0.10 allows attackers to perform a DLL hijacking attack when the service or...
CVE-2021-36122
Summary: An issue was discovered in Echo ShareCare 8.15.5. The UnzipFile feature in Access/EligFeedParse_Sup/UnzipFile_Upd.cfm is susceptible to a command argument...
CVE-2021-36121
Summary: An issue was discovered in Echo ShareCare 8.15.5. The file-upload feature in Access/DownloadFeed_Mnt/FileUpload_Upd.cfm is susceptible to an unrestricted upload...
CVE-2021-32727
Summary: Nextcloud Android Client is the Android client for Nextcloud. Clients using the Nextcloud end-to-end encryption feature download the public...
CVE-2021-32740
Summary: Addressable is an alternative implementation to the URI implementation that is part of Ruby's standard library. An uncontrolled resource...
CVE-2021-28931
Summary: Arbitrary file upload vulnerability in Fork CMS 5.9.2 allows attackers to create or replace arbitrary files in the /themes...
CVE-2021-32704
Summary: DHIS 2 is an information system for data capture, management, validation, analytics and visualization. A SQL injection security vulnerability...
CVE-2021-33503
Summary: An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in the...
CVE-2021-33503
Summary: An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in the...
CVE-2021-28588
Summary: Adobe RoboHelp Server version 2019.0.9 (and earlier) is affected by a Path Traversal vulnerability when parsing a crafted HTTP...
CVE-2021-33542
Summary: Phoenix Contact Classic Automation Worx Software Suite in Version 1.87 and below is affected by a remote code execution...
CVE-2021-33000
Summary: Parsing a maliciously crafted project file may cause a heap-based buffer overflow, which may allow an attacker to perform...
CVE-2021-33537
Summary: In Weidmueller Industrial WLAN devices in multiple versions an exploitable remote code execution vulnerability exists in the iw_webs configuration...
CVE-2018-19204
Summary: PRTG Network Monitor before 18.3.44.2054 allows a remote authenticated attacker (with read-write privileges) to execute arbitrary code and OS...
CVE-2018-19203
Summary: PRTG Network Monitor before 18.2.41.1652 allows remote unauthenticated attackers to terminate the PRTG Core Server Service via a special...
CVE-2020-25754
Summary: An issue was discovered on Enphase Envoy R3.x and D4.x devices. There is a custom PAM module for user...
CVE-2021-22212
Summary: ntpkeygen can generate keys that ntpd fails to parse. NTPsec 1.2.0 allows ntpkeygen to generate keys with '#' characters....
CVE-2021-29967
Summary: Mozilla developers reported memory safety bugs present in Firefox 88 and Firefox ESR 78.11. Some of these bugs showed...
CVE-2021-31586
Summary: Accellion Kiteworks before 7.4.0 allows an authenticated user to perform SQL Injection via LDAPGroup Search. Reference Links(if available): https://github.com/accellion/CVEs...
CVE-2021-32621
Summary: XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions...
CVE-2021-27657
Summary: Successful exploitation of this vulnerability could give an authenticated Metasys user an unintended level of access to the server...
CVE-2021-22212
Summary: ntpkeygen can generate keys that ntpd fails to parse. NTPsec 1.2.0 allows ntpkeygen to generate keys with '#' characters....
