CVE-2021-22173
Summary: Memory leak in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or...
vulnerability
CVE-2021-33175
Summary: EMQ X Broker versions prior to 4.2.8 are vulnerable to a denial of service attack as a result of...
CVE-2021-0482
Summary: In BinderDiedCallback of MediaCodec.cpp, there is a possible memory corruption due to a use after free. This could lead...
CVE-2021-32924
Summary: Invision Community (aka IPS Community Suite) before 4.6.0 allows eval-based PHP code injection by a moderator because the IPS\cms\modules\front\pages\_builder::previewBlock...
CVE-2021-32923
Summary: HashiCorp Vault and Vault Enterprise allowed the renewal of nearly-expired token leases and dynamic secret leases (specifically, those within...
CVE-2021-31985
Summary: Microsoft Defender Remote Code Execution Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31985 CVSS Score (if available) v2: / MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P v3: /...
CVE-2019-25036
Summary: ** DISPUTED ** Unbound before 1.9.5 allows an assertion failure and denial of service in synth_cname. NOTE: The vendor...
CVE-2019-25037
Summary: ** DISPUTED ** Unbound before 1.9.5 allows an assertion failure and denial of service in dname_pkt_copy via an invalid...
CVE-2019-25040
Summary: ** DISPUTED ** Unbound before 1.9.5 allows an infinite loop via a compressed name in dname_pkt_copy. NOTE: The vendor...
CVE-2019-25041
Summary: ** DISPUTED ** Unbound before 1.9.5 allows an assertion failure via a compressed name in dname_pkt_copy. NOTE: The vendor...
CVE-2021-3516
Summary: There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted...
CVE-2021-23895
Summary: Deserialization of untrusted data vulnerability in McAfee Database Security (DBSec) prior to 4.8.2 allows a remote authenticated attacker to...
CVE-2021-22112
Summary: Spring Security 5.4.x prior to 5.4.4, 5.3.x prior to 5.3.8.RELEASE, 5.2.x prior to 5.2.9.RELEASE, and older unsupported versions can...
CVE-2021-33502
Summary: The normalize-url package before 4.5.1, 5.x before 5.3.1, and 6.x before 6.0.1 for Node.js has a ReDoS (regular expression...
CVE-2021-33194
Summary: golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service (infinite loop) via crafted ParseFragment input. Reference Links(if...
CVE-2020-36008
Summary: OBottle 2.0 in \c\t.php contains an arbitrary file write vulnerability. Reference Links(if available): https://github.com/SomeBottle/OBottle/issues/7 CVSS Score (if available) v2:...
CVE-2021-30509
Summary: Out of bounds write in Tab Strip in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a...
CVE-2020-36009
Summary: OBottle 2.0 in \c\g.php contains an arbitrary file download vulnerability. Reference Links(if available): https://github.com/SomeBottle/OBottle/issues/6 CVSS Score (if available) v2:...
CVE-2010-3843
Summary: The gtkui_conf_read function in src/interfaces/gtk/ec_gtk_conf.c in Ettercap 0.7.3, when the GTK interface is used, does not ensure that the...
CVE-2019-13538
Summary: 3S-Smart Software Solutions GmbH CODESYS V3 Library Manager, all versions prior to 3.5.16.0, allows the system to display active...
CVE-2021-31525
Summary: net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service (panic)...
CVE-2016-20011
Summary: libgrss through 0.7.0 fails to perform TLS certificate verification when downloading feeds, allowing remote attackers to manipulate the contents...
CVE-2018-6383
Summary: Monstra CMS through 3.0.4 has an incomplete "forbidden types" list that excludes .php (and similar) file extensions but not...
CVE-2021-22908
Summary: A buffer overflow vulnerability exists in Windows File Resource Profiles in 9.X allows a remote authenticated user with privileges...
