CVE-2021-26570
Summary: The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer...
vulnerability
CVE-2020-29553
Summary: The Scheduler in Grav CMS through 1.7.0-rc.17 allows an attacker to execute a system command by tricking an admin...
CVE-2020-14987
Summary: An issue was discovered in Bloomreach Experience Manager (brXM) 4.1.0 through 14.2.2. It allows remote attackers to execute arbitrary...
CVE-2020-13936
Summary: An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands...
CVE-2020-4184
Summary: IBM Security Guardium 11.2 performs an operation at a privilege level that is higher than the minimum level required,...
CVE-2020-35231
Summary: The NSDP protocol implementation on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices was affected by an authentication issue that allows an attacker...
CVE-2021-27055
Summary: Microsoft Visio Security Feature Bypass Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27055 CVSS Score (if available) v2: / MEDIUM v3: /...
CVE-2021-27070
Summary: Windows 10 Update Assistant Elevation of Privilege Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27070 CVSS Score (if available) v2: / MEDIUM...
CVE-2021-27063
Summary: Windows DNS Server Denial of Service Vulnerability This CVE ID is unique from CVE-2021-26896. Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27063 CVSS...
CVE-2021-27053
Summary: Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-27054. Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27053 CVSS Score...
CVE-2020-5258
Summary: In affected versions of dojo (NPM package), the deepCopy method is vulnerable to Prototype Pollution. Prototype Pollution refers to...
CVE-2021-20253
Summary: A flaw was found in ansible-tower. The default installation is vulnerable to Job Isolation escape allowing an attacker to...
CVE-2021-26862
Summary: Windows Installer Elevation of Privilege Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26862 https://www.zerodayinitiative.com/advisories/ZDI-21-285/ CVSS Score (if available) v2: / MEDIUMAV:L/AC:L/Au:N/C:C/I:C/A:C v3:...
CVE-2021-26862
Summary: Windows Installer Elevation of Privilege Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26862 https://www.zerodayinitiative.com/advisories/ZDI-21-285/ CVSS Score (if available) v2: / MEDIUMAV:L/AC:L/Au:N/C:C/I:C/A:C v3:...
CVE-2021-26866
Summary: Windows Update Service Elevation of Privilege Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26866 https://www.zerodayinitiative.com/advisories/ZDI-21-286/ CVSS Score (if available) v2: / MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P...
CVE-2021-0369
Summary: In CrossProfileAppsServiceImpl.java, there is the possibility of an application's INTERACT_ACROSS_PROFILES grant state not displaying properly in the setting UI...
CVE-2020-1921
Summary: In the crypt function, we attempt to null terminate a buffer using the size of the input salt without...
CVE-2018-16873
Summary: In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to remote code execution when...
CVE-2018-16874
Summary: In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to directory traversal when executed...
CVE-2019-16276
Summary: Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling. Reference Links(if available): https://groups.google.com/forum/#!msg/golang-announce/cszieYyuL9Q/g4Z7pKaqAgAJ https://github.com/golang/go/issues/34540 https://lists.fedoraproject.org/archives/list/[email protected]/message/LULL72EUUKIY4NWDZVJVN2LIB4MXHS5P/ https://lists.fedoraproject.org/archives/list/[email protected]/message/Q5MD2F7ATWSTB45ZJIPJHBAAHVRGRAKG/ https://lists.fedoraproject.org/archives/list/[email protected]/message/O7GMJ3VXF5RXK2C7CL66KJ6XOOTOL5BJ/...
CVE-2019-17596
Summary: Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid...
CVE-2021-22880
Summary: The PostgreSQL adapter in Active Record before 6.1.2.1, 6.0.3.5, 5.2.4.5 suffers from a regular expression denial of service (REDoS)...
CVE-2021-26864
Summary: Windows Virtual Registry Provider Elevation of Privilege Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26864 CVSS Score (if available) v2: / MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P...
CVE-2021-26863
Summary: Windows Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26875, CVE-2021-26900, CVE-2021-27077. Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26863...
