CVE-2021-1073
Summary: NVIDIA GeForce Experience, all versions prior to 3.23, contains a vulnerability in the login flow when a user tries...
vulnerability
CVE-2020-24149
Summary: Server-side request forgery (SSRF) in the Podcast Importer SecondLine (podcast-importer-secondline) plugin 1.1.4 for WordPress via the podcast_feed parameter in...
CVE-2020-27827
Summary: A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost...
CVE-2021-20094
Summary: A denial of service vulnerability exists in Wibu-Systems CodeMeter versions < 7.21a. An unauthenticated remote attacker can exploit this...
CVE-2020-23960
Summary: Multiple cross-site request forgery (CSRF) vulnerabilities in the Admin Console in Fork before 5.8.3 allows remote attackers to perform...
CVE-2021-25440
Summary: Improper access control vulnerability in FactoryCameraFB prior to version 3.4.74 allows untrusted applications to access arbitrary files with an...
CVE-2020-24036
Summary: PHP object injection in the Ajax endpoint of the backend in ForkCMS below version 5.8.3 allows an authenticated remote...
CVE-2021-32740
Summary: Addressable is an alternative implementation to the URI implementation that is part of Ruby's standard library. An uncontrolled resource...
CVE-2021-28931
Summary: Arbitrary file upload vulnerability in Fork CMS 5.9.2 allows attackers to create or replace arbitrary files in the /themes...
CVE-2020-25868
Summary: Pexip Infinity 22.x through 24.x before 24.2 has Improper Input Validation for call setup. An unauthenticated remote attacker can...
CVE-2020-24144
Summary: Directory traversal in the Media File Organizer (aka media-file-organizer) plugin 1.0.1 for WordPress lets an attacker get access to...
CVE-2021-34620
Summary: The WP Fluent Forms plugin < 3.6.67 for WordPress is vulnerable to Cross-Site Request Forgery leading to stored Cross-Site...
CVE-2021-21807
Summary: An integer overflow vulnerability exists in the DICOM parse_dicom_meta_info functionality of Accusoft ImageGear 19.9. A specially crafted malformed file...
CVE-2021-21775
Summary: A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A...
CVE-2021-34549
Summary: An issue was discovered in Tor before 0.4.6.5, aka TROVE-2021-005. Hashing is mishandled for certain retrieval of circuit data....
CVE-2021-34550
Summary: An issue was discovered in Tor before 0.4.6.5, aka TROVE-2021-006. The v3 onion service descriptor parsing allows out-of-bounds memory...
CVE-2021-35331
Summary: ** DISPUTED ** In Tcl 8.6.11, a format string vulnerability in nmakehlp.c might allow code execution via a crated...
CVE-2020-25868
Summary: Pexip Infinity 22.x through 24.x before 24.2 has Improper Input Validation for call setup. An unauthenticated remote attacker can...
CVE-2020-24144
Summary: Directory traversal in the Media File Organizer (aka media-file-organizer) plugin 1.0.1 for WordPress lets an attacker get access to...
CVE-2021-26690
Summary: Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL...
CVE-2021-31618
Summary: Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured...
CVE-2021-26038
Summary: An issue was discovered in Joomla! 2.5.0 through 3.9.27. Install action in com_installer lack the required hardcoded ACL checks...
CVE-2021-3606
Summary: OpenVPN before version 2.5.3 on Windows allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration...
CVE-2021-3613
Summary: OpenVPN Connect 3.2.0 through 3.3.0 allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file...
