Risk 2021

Overview of the different risk assignments of different sources of the documented vulnerabilities.

IDTitleVulDBCVSSSecuniaXForceNessus
175004BlackBerry Workspaces Server SAML Authentication improper authenticationmedium5.2---
175003QNAP Music Station access control [CVE-2020-36197]medium5.8---
175002Malware Remover command injection [CVE-2020-36198]medium6.5---
175001Deskpro Cloud Platform/On-Premise Custom Email Template cross site scriptinglow4.0---
175000Argo CD Web UI information exposure [CVE-2021-23135]low1.7---
174999DhCms Interface information disclosure [CVE-2020-19275]low2.7---
174998evm EVM Opcode Execution copy_large allocation of resourceslow4.0---
174997Linux Kernel NFC Socket use after free [CVE-2021-23134]medium6.8---
174996LAOBANCMS cross site scripting [CVE-2020-18165]low4.0---
174995Knowage Suite AdapterHTTP cross site scriptinglow5.0---
174994Knowage Suite saveNote cross site scriptinglow4.0---
174993Dhcms Guestbook cross site scripting [CVE-2020-19274]low4.0---
174992eXosip2 3xx Redirect eXcall_api.c null pointer dereferencelow2.3---
174991Speco Web Viewer GET Request path traversal [CVE-2021-32572]medium5.2---
174990Trend Micro HouseCall for Home Networks Scan access control [CVE-2021-31519]medium6.5---
174989Siemens Mendix Database Replication Table Mapping information exposurelow2.3---
174988Siemens Mendix Excel Importer Module XML File information exposurelow2.3---
174987Trend Micro HouseCall for Home Networks access control [CVE-2021-28649]medium7.5---
174986Siemens Tecnomatix Plant Simulation SPP File Parser PlantSimCore.dll stack-based overflowmedium5.2---
174985Siemens Tecnomatix Plant Simulation SPP File Parser PlantSimCore.dll memory corruptionmedium5.2---
174984Siemens Tecnomatix Plant Simulation SPP File Parser PlantSimCore.dll stack-based overflowmedium5.2---
174983Siemens SIMATIC HMI Comfort Outdoor Panels Device Layout memory corruptionlow2.7---
174982Siemens SIMATIC HMI Comfort Outdoor Panels SmartVNC memory corruptionlow2.7---
174981Siemens SIMATIC HMI Comfort Outdoor Panels exceptional conditionlow2.3---
174980Siemens SIMATIC HMI Comfort Outdoor Panels out-of-bounds writemedium5.2---
174979Siemens SIMATIC HMI Comfort Outdoor Panels out-of-bounds writemedium5.2---
174978Samba libldb out-of-bounds write [CVE-2021-20277]medium4.0---
174977Keycloak Java Process temp file [CVE-2021-20202]medium6.5---
174976Samba Domain Name out-of-bounds read [CVE-2020-27840]low5.0---
174975Siemens SIMATIC NET CP 343-1 Service Port 102 resource consumptionlow5.5---
174974Foreman Shellhooks Plugin authorization [CVE-2021-3457]medium6.5---
174973SmartStoreNET Forum Post _ForumPost.cshtml cross site scriptinglow4.0---
174972SmartStoreNET Private Message View.cshtml cross site scriptinglow4.0---
174971Siemens SIMATIC HMI Comfort Outdoor Panels Device Layout out-of-bounds writemedium5.2---
174970Siemens SCALANCE XM-400/SCALANCE XR-500 OSPF Protocol calculationmedium7.8---
174969Golo Laravel Theme unrestricted upload [CVE-2020-23790]medium4.9---
174968Siemens SIMATIC HMI Comfort Panels SNMP Service out-of-bounds writemedium5.5---
174967Wind River VxWorks calloc memory corruptionmedium5.2---
174966Siemens SIMATIC HMI Comfort Outdoor Panels SmartVNC Device Layout resource consumptionlow3.5---
174965Knowage Suite update cross site scriptinglow4.0---
174964Knowage Suite Template update injectionmedium5.2---
174963Codoforum Topic.php get_topic_info sql injectionmedium7.5---
174962McAfee Total Protection Client Token privileges management [CVE-2021-23891]medium4.6---
174961McAfee Total Protection File Lock privileges management [CVE-2021-23872]medium6.5---
174960hivex Registry File hivex_open out-of-bounds readmedium7.5---
174959SolarWinds Serv-U unknown vulnerability [CVE-2021-32604]low4.9---
174958ImageMagick Signature TransformSignature information disclosurelow1.4---
174957McAfee Endpoint Security Installation toctou [CVE-2021-23892]medium7.1---
174956ImageMagick thumbnail.c WriteTHUMBNAILImage integer overflowmedium5.0---
174955ImageMagick colorspace.c sRGBTransformImage divide by zerolow5.0---
174954ImageMagick colorspace.c ConvertXYZToJzazbz divide by zerolow5.0---
174953ImageMagick visual-effects.c WaveImage divide by zerolow5.0---
174952Atlassian JIRA Server/Data Center QueryComponentRendererValue!Default.jspa information disclosurelow3.3---
174951ZZZCMS zzzphp ?location=search os command injectionmedium6.5---
174950Linux Kernel isotp.c isotp_setsockopt use after freemedium9.0---
174949Xray Test Management for Jira Plugin cross-site request forgerylow4.0---
174948Dashboard View Plugin Image Dashboard Portlet cross site scriptinglow4.0---
174947Credentials Plugin cross site scripting [CVE-2021-21648]low4.0---
174946kk Star Ratings Plugin cross site scripting [CVE-2020-35438]low4.0---
174945express-cart Package Product Option cross site scripting [CVE-2021-32573] [Disputed]low3.3---
174944Xcode Integration Plugin XML Parser xml external entity referencemedium4.9---
174943OctoPrint API Error cross site scripting [CVE-2021-32561]low4.0---
174942P4 Plugin cross-site request forgery [CVE-2021-21655]low4.0---
174941Xray Test Management for Jira Plugin HTTP Endpoint authorizationmedium5.2---
174940S3 Publisher Plugin HTTP Endpoint Read authorizationmedium5.2---
174939S3 Publisher Plugin Artifact Upload authorization [CVE-2021-21650]low2.7---
174938JetBrains TeamCity Tests Page cross site scripting [CVE-2021-3315]low4.0---
174937JetBrains TeamCity cross site scripting [CVE-2021-31911]low4.0---
174936JetBrains TeamCity cross site scripting [CVE-2021-31908]low4.0---
174935JetBrains TeamCity Plugin permission [CVE-2021-31907]medium5.2---
174934JetBrains TeamCity Test History Page cross site scripting [CVE-2021-31904]low4.0---
174933JetBrains YouTrack Pull Request cross site scripting [CVE-2021-31903]low4.0---
174932JetBrains YouTrack Issue Attachment cross site scripting [CVE-2021-27733]low4.0---
174931JetBrains TeamCity Plugin denial of service [CVE-2021-26310]low2.3---
174930WEP/WPA/WPA2/WPA3 Fragment injection [CVE-2020-24586]medium6.4---
174929ForestBlog cross-site request forgery [CVE-2020-18964]low4.0---
174928OctoPrint Logging Subsystem access control [CVE-2021-32560]medium5.2---
174927JetBrains TeamCity GitHub SSO Token redirect_uri unknown vulnerabilitylow4.9---
174926JetBrains TeamCity password recovery [CVE-2021-31912]medium4.0---
174925JetBrains TeamCity File Upload unknown vulnerability [CVE-2021-31906]low2.2---
174924JetBrains YouTrack Export access control [CVE-2021-31902]medium5.2---
174923JetBrains Hub Two-factor Authentication improper authenticationlow1.8---
174922JetBrains Code With Me Browser unknown vulnerability [CVE-2021-31900]low4.9---
174921JetBrains Code With Me unknown vulnerability [CVE-2021-31899]low4.9---
174920JetBrains WebStorm HTTPS cleartext transmission [CVE-2021-31898]low2.6---
174919JetBrains TeamCity Plugin Temporary Files temp file [CVE-2021-26309]low1.7---
174918OpenClinic GA listImmoLabels.jsp sql injectionmedium6.5---
174917OpenClinic GA listImmoLabels.jsp sql injectionmedium6.5---
174916OpenClinic GA listImmoLabels.jsp sql injectionmedium6.5---
174915OpenClinic GA listImmoLabels.jsp sql injectionmedium6.5---
174914OpenClinic GA listImmoLabels.jsp sql injectionmedium6.5---
174913P4 Plugin HTTP Endpoint authorization [CVE-2021-21654]medium6.5---
174912JetBrains IntelliJ IDEA XML information disclosure [CVE-2021-30006]low2.3---
174911JetBrains PyCharm Project Local Privilege Escalation [CVE-2021-30005]low4.3---
174910JetBrains IntelliJ IDEA Project Local Privilege Escalation [CVE-2021-29263]low4.3---
174909Samsung Galaxy S3 i9305 WPA/WPA2/WPA3 injection [CVE-2020-26146]medium6.4---
174908Samsung Galaxy S3 i9305 WEP/WPA/WPA2/WPA3 injection [CVE-2020-26145]low6.4---
174907ALFA AWUS036ACH Driver Network Configuration injection [CVE-2020-26143]medium6.4---
174906ALFA AWUS036H Driver TKIP Frame improper enforcement of message integritymedium6.4---
174905ALFA AWUS036H Driver WEP/WPA/WPA2/WPA3 injection [CVE-2020-26140]medium6.4---
174904SAP Business One Hana Chef Cookbook code injection [CVE-2021-27614]medium6.5---
174903SAP GUI Website Remote Code Execution [CVE-2021-27612]low5.1---
174902MikroTik RouterOS resolver memory corruptionmedium6.5---
174901MikroTik RouterOS Packet wireless memory corruptionmedium6.5---
174900JetBrains TeamCity unknown vulnerability [CVE-2021-31914]low4.9---
174899JetBrains TeamCity server-side request forgery [CVE-2021-31910]low2.7---
174898JetBrains YouTrack Issue Preview information disclosure [CVE-2021-31905]low2.3---
174897JetBrains WebStorm Untrusted Project Remote Code Execution [CVE-2021-31897]medium7.5---
174896JetBrains IntelliJ IDEA allocation of resources [CVE-2021-30504]low3.5---
174895JetBrains Upsource Password information disclosure [CVE-2021-30482]low2.1---
174894Zebra Fixed RFID Reader FX9500 Web Interface unrestricted uploadmedium5.8---
174893SAP Process Integration Integration Builder Framework denial of servicelow3.3---
174892SAP Process Integration Integration Builder Framework denial of servicelow3.5---
174891VMware Workspace one UEM Console cross site scripting [CVE-2021-21990]low4.0---
174890SAP Business One Hana Chef Cookbook temp file [CVE-2021-27616]medium6.5---
174889SAP Business One Chef Cookbook temp file [CVE-2021-27613]medium6.5---
174888JetBrains TeamCity os command injection [CVE-2021-31915]medium6.5---
174887JetBrains TeamCity argument injection [CVE-2021-31909]medium6.5---
174886SAP Commerce Backoffice Search information disclosure [CVE-2021-27619]low4.0---
174885SAP NetWeaver AS ABAP ABAP Report injection [CVE-2021-27611]low5.8---
174884Synapse Push Rule resource consumption [CVE-2021-29471]low2.6---
174883SIS SIS-REWE Go index.php cross site scriptinglow4.0---
174882OpenBSD WEP/WPA/WPA2/WPA3 injection [CVE-2020-26142]medium4.8---
174881NetBSD Access Point denial of service [CVE-2020-26139]low2.6---
174880IBM OpenPages GRC Platform Web UI cross site scripting [CVE-2020-4535]low4.0---
174879IBM OpenPages GRC Platform information exposure [CVE-2020-4536]low4.0---
174878Linux Kernel WEP/WPA/WPA2/WPA3 injection [CVE-2020-26147]low5.0---
174877Backdoor.Win32.Delf.zho Service Port 21 improper authenticationmedium7.5---
174876Puma Connection resource consumption [CVE-2021-29509]low5.0---
174875Wire Type Information deserialization [CVE-2021-29508]medium4.9---
174874Microsoft Windows Wireless Networking unknown vulnerability [CVE-2020-24588]low3.3---
174873Microsoft Windows Wireless Networking information disclosurelow3.3---
174872Microsoft Visual Studio Remote Code Execution [CVE-2021-27068]low5.1---
174871Microsoft Windows Wireless Networking unknown vulnerability [CVE-2020-26144]low3.3---
174870Microsoft Windows Remote Privilege Escalation [CVE-2021-28455]medium9.0---
174869Microsoft Dynamics 365 for Finance and Operations unknown vulnerabilitylow2.7---
174868Microsoft Windows CSC Service information disclosure [CVE-2021-28479]low4.0---
174867Microsoft Internet Explorer Scripting Engine memory corruptionmedium7.5---
174866Microsoft Windows Container Manager Service Remote Privilege Escalationmedium9.0---
174865Microsoft Windows HTTP Protocol Stack Remote Code Execution [CVE-2021-31166]high10.0---
174864Microsoft Windows Container Manager Service Remote Privilege Escalationmedium9.0---
174863Microsoft Windows Container Manager Service Remote Privilege Escalationmedium9.0---
174862Microsoft Windows Container Manager Service Remote Privilege Escalationmedium9.0---
174861Microsoft Windows Graphics Remote Privilege Escalation [CVE-2021-31170]medium9.0---
174860Microsoft SharePoint Server information disclosure [CVE-2021-31171]low1.7---
174859Microsoft SharePoint Server unknown vulnerability [CVE-2021-31172]low6.4---
174858Microsoft SharePoint Server information disclosure [CVE-2021-31173]low2.1---
174857Microsoft Office/Excel information disclosure [CVE-2021-31174]low5.0---
174856Microsoft Office/Excel Remote Code Execution [CVE-2021-31175]medium7.5---
174855Microsoft Office Remote Code Execution [CVE-2021-31176]medium7.5---
174854Microsoft Office/Excel Remote Code Execution [CVE-2021-31177]medium7.5---
174853Microsoft Office/Excel information disclosure [CVE-2021-31178]low5.0---
174852Microsoft Office/Excel Remote Code Execution [CVE-2021-31179]medium7.5---
174851Microsoft Office/Word Graphics Remote Code Execution [CVE-2021-31180]medium7.5---
174850Microsoft SharePoint Server Remote Privilege Escalation [CVE-2021-31181]medium9.0---
174849Microsoft Windows Bluetooth Driver unknown vulnerability [CVE-2021-31182]low4.8---
174848Microsoft Windows Infrared Data Association information disclosurelow4.0---
174847Microsoft Windows Desktop Bridge denial of service [CVE-2021-31185]medium6.8---
174846Microsoft Windows RDP information disclosure [CVE-2021-31186]low5.0---
174845Microsoft Windows WalletService Remote Privilege Escalation [CVE-2021-31187]medium9.0---
174844Microsoft Windows Graphics Remote Privilege Escalation [CVE-2021-31188]medium9.0---
174843Microsoft Windows Container Isolation FS Filter Driver Remote Privilege Escalationmedium9.0---
174842Microsoft Windows Projected File System FS Filter Driver information disclosurelow4.0---
174841Microsoft Windows Media Foundation Core Remote Code Executionmedium7.5---
174840Microsoft Windows Remote Privilege Escalation [CVE-2021-31193]medium9.0---
174839Microsoft Windows OLE Automation Remote Privilege Escalationmedium9.0---
174838Microsoft Exchange Server information disclosure [CVE-2021-31195]low5.0---
174837Microsoft Exchange Server Remote Code Execution [CVE-2021-31198]medium10.0---
174836Microsoft .NET/Visual Studio Remote Privilege Escalation [CVE-2021-31204]medium9.0---
174835Microsoft Windows SMB Client Security Feature information disclosurelow5.0---
174834Microsoft Exchange Server Remote Privilege Escalation [CVE-2021-31207]medium6.8---
174833Microsoft Windows Container Manager Service Local Privilege Escalationmedium6.8---
174832Microsoft Exchange Server Remote Code Execution [CVE-2021-31209]low5.1---
174831Microsoft Visual Studio Code Remote Code Execution [CVE-2021-31211]low5.1---
174830Microsoft Visual Studio Code Remote Containers Extension Remote Code Executionlow5.1---
174829Microsoft Visual Studio Code Remote Code Execution [CVE-2021-31214]low5.1---
174828Microsoft Lync Server/Skype for Business Server Remote Privilege Escalationlow4.6---
174827Microsoft Lync/Skype for Business Server Remote Privilege Escalationmedium8.3---
174826Microsoft Web Media Extensions Remote Code Execution [CVE-2021-28465]medium7.5---
174825Microsoft SharePoint Server Remote Privilege Escalation [CVE-2021-28474]medium9.0---
174824Microsoft Windows Hyper-V Remote Privilege Escalation [CVE-2021-28476]high9.0---
174823Microsoft SharePoint Server unknown vulnerability [CVE-2021-28478]low5.5---
174822Microsoft SharePoint Server unknown vulnerability [CVE-2021-26418]low5.5---
174821Microsoft Common Utilities common_utils.py Remote Privilege Escalationmedium8.3---
174820Microsoft Accessibility Insights for Web information disclosurelow5.0---
174819igt+ IGT Search cross site scripting [CVE-2021-32544]low4.0---
174818RiyaLab CloudISO Event Item cross site scripting [CVE-2021-30174]low4.0---
174817Thunar Command-Line Argument command injection [CVE-2021-32563]medium5.2---
174816noneCMS add.html cross site scriptinglow4.0---
174815noneCMS add.html cross site scriptinglow4.0---
174814noneCms swfupload.swf cross site scriptinglow4.0---
174813OpenAPI Tools OpenAPI Generator API Endpoint File.createTempFile temp filemedium4.0---
174812OpenAPI Tools OpenAPI Generator File.createTempFile privileges managementmedium6.5---
174811OpenClinic GA manageServiceStocks.jsp sql injectionmedium6.5---
174810OpenClinic GA patientslist.do sql injectionmedium6.5---
174809OpenClinic GA patientslist.do sql injectionmedium6.5---
174808OpenClinic GA patientslist.do sql injectionmedium6.5---
174807OpenClinic GA HTTP Request quickFile.jsp sql injectionmedium6.5---
174806Kyocera d-COPIA253MF plus pathname traversal [CVE-2020-23575]low2.7---
174805YzmCMS IFRAME init.html cross site scriptinglow4.0---
174804HAPI FHIR JPA Server denial of service [CVE-2021-32053]low3.5---
174803WarnSystem Template injection [CVE-2021-29502]low5.5---
174802InvoicePlane Upload Directory information disclosure [CVE-2021-29022]low2.7---
174801Openscad STL File import_stl.cc import_stl out-of-bounds writemedium5.2---
174800NoneCMS add.html cross-site request forgerylow4.0---
174799Yubico yubihsm-shell _send_secure_msg integer overflowlow2.1---
174798Linux Kernel HCI Controller hci_request.c race conditionlow4.0---
174797YzmCMS SWF File controller.php cross site scriptinglow4.0---
174796PHPOK cross-site request forgery [CVE-2020-19199]low4.0---
174795Hotels_Server publishHotel.php& cross site scriptinglow4.0---
174794Linux Kernel syscall numeric conversionlow4.0---
174793F5 BIG-IP APM Static Content information disclosure [CVE-2021-23016]low2.7---
174792F5 BIG-IP ASM/Advanced WAF REST API Upload authorization [CVE-2021-23014]medium5.2---
174791F5 BIG-IP ASM WebSocket Request denial of service [CVE-2021-23010]low5.2---
174790F5 BIG-IP HTTP2 Request denial of service [CVE-2021-23009]low3.3---
174789F5 BIG-IP APM AD Key Distribution Center improper authenticationmedium5.8---
174788Moxa Camera VPort 06EC-2V LLDP Packet vport_lldpd denial of servicelow2.3---
174787Moxa Camera VPort 06EC-2V ChassisID TLV vport_lldpd denial of servicelow2.3---
174786WindScribe WindscribeService unquoted search path [CVE-2020-22809]medium4.9---
174785Foxit PDF Reader use after free [CVE-2021-21822]medium7.5---
174784EC-CUBE EC Web Site cross site scripting [CVE-2021-20717]low4.0---
174783Ticketer injection [CVE-2021-29501]low4.0---
174782Cyrus IMAP Replication access control [CVE-2021-32056]medium6.5---
174781ARM Mali GPU Kernel Driver access control [CVE-2021-28664]medium5.2---
174780F5 BIG-IP iControl REST Endpoint unknown vulnerability [CVE-2021-23015]low4.7---
174779F5 BIG-IP Traffic Management Microkernel denial of service [CVE-2021-23013]low2.3---
174778F5 BIG-IP input validation [CVE-2021-23012]medium5.8---
174777Trend Micro IM Security Web Management Interface improper authenticationlow2.6---
174776Moxa Camera VPort 06EC-2V LLDP Packet vport_lldpd integer underflowlow2.3---
174775Moxa Camera VPort 06EC-2V LLDP Packet vport_lldpd information disclosurelow2.3---
174774Moxa Camera VPort 06EC-2V LLDP Packet vport_lldpd information disclosurelow2.3---
174773Couchbase Server cbcollect_info.log log filelow2.2---
174772Fortinet FortiNAC sudo access control [CVE-2021-24011]medium7.2---
174771F5 BIG-IP Traffic Management Microkernel denial of service [CVE-2021-23011]low3.5---
174770Delta Industrial Automation CNCSoft ScreenEditor out-of-bounds writemedium6.5---
174769systemd DHCP FORCERENEW Packet denial of service [CVE-2020-13529]low4.0---
174768ARM Mali GPU Kernel Driver use after free [CVE-2021-28663]medium6.5---
174767HPE iLO Amplifier Pack Bootstrap cross site scripting [CVE-2021-26583]low4.0---
174766IBM Cloud Pak for Security improper authorization [CVE-2021-20538]medium5.1---
174765IBM Cloud Pak for Security Web UI cross site scripting [CVE-2021-20577]low3.3---
174764IBM Control Desk Web UI cross site scripting [CVE-2021-20559]low4.0---
174763Agenzia delle Entrate Desktop Telematico Update cleartext transmissionlow2.6---
174762Marvin Minsky Universal Turing Machine input validation [CVE-2021-32471]medium4.0---
174761Atlassian Connect Spring Boot Server-to-Server JWT improper authenticationmedium4.3---
174760Craft CMS cross site scripting [CVE-2021-32470]low4.0---
174759Tenda AC11 POST Request setportList stack-based overflowmedium5.2---
174758Tenda AC11 POST Request setVLAN stack-based overflowmedium5.2---
174757Tenda AC11 POST Request setwanType stack-based overflowmedium5.2---
174756Tenda AC11 POST Request setmac stack-based overflowmedium5.2---
174755Foxit Reader U3D Object out-of-bounds write [CVE-2021-31472]medium7.5---
174754Foxit Reader U3D File out-of-bounds read [CVE-2021-31468]low5.0---
174753Foxit Reader U3D Object out-of-bounds read [CVE-2021-31466]low5.0---
174752Foxit Reader U3D Object out-of-bounds write [CVE-2021-31465]medium7.5---
174751Foxit Reader app.media Object type confusion [CVE-2021-31461]medium7.5---
174750Foxit Reader Decimal Element heap-based overflow [CVE-2021-31454]medium7.5---
174749Foxit Reader XFA Form out-of-bounds write [CVE-2021-31452]medium7.5---
174748Foxit Reader U3D Object out-of-bounds write [CVE-2021-31442]medium7.5---
174747SIF go.uuid siftool.New random valueslow4.0---
174746Foxit Reader U3D Object out-of-bounds read [CVE-2021-31471]low5.0---
174745Foxit Reader U3D Object use after free [CVE-2021-31470]medium7.5---
174744Foxit Reader U3D Object out-of-bounds read [CVE-2021-31469]low5.0---
174743Foxit Reader U3D File out-of-bounds read [CVE-2021-31467]low5.0---
174742Foxit Reader U3D Object out-of-bounds read [CVE-2021-31464]low5.0---
174741Foxit Reader U3D Object out-of-bounds read [CVE-2021-31463]low5.0---
174740Foxit Reader U3D Object out-of-bounds read [CVE-2021-31462]low5.0---
174739Foxit Reader XFA Template use after free [CVE-2021-31460]medium7.5---
174738Foxit Reader XFA Form use after free [CVE-2021-31459]medium7.5---
174737Foxit Reader Annotation Object use after free [CVE-2021-31458]medium7.5---
174736Foxit Reader Annotation Object use after free [CVE-2021-31457]medium7.5---
174735Foxit Reader Annotation Object use after free [CVE-2021-31456]medium7.5---
174734Foxi Reader XFA Form use after free [CVE-2021-31455]medium7.5---
174733Foxit Reader XFA Form use after free [CVE-2021-31453]medium7.5---
174732Foxit Reader Annotation Object use after free [CVE-2021-31451]medium7.5---
174731Foxit Reader XFA Form use after free [CVE-2021-31450]medium7.5---
174730Foxit Reader U3D Object double free [CVE-2021-31449]medium7.5---
174729Foxit Reader U3D Object out-of-bounds read [CVE-2021-31448]low5.0---
174728Foxit Reader U3D Object out-of-bounds read [CVE-2021-31447]low5.0---
174727Foxit Reader U3D Object out-of-bounds read [CVE-2021-31446]low5.0---
174726Foxit Reader U3D Object out-of-bounds read [CVE-2021-31445]low5.0---
174725Foxit Reader U3D Object out-of-bounds read [CVE-2021-31444]low5.0---
174724Foxit Reader U3D Object out-of-bounds read [CVE-2021-31443]low5.0---
174723Foxit Reader Annotation Object use after free [CVE-2021-31441]medium7.5---
174722Emote Remote Mouse Update missing encryption [CVE-2021-27574]low2.6---
174721Emote Remote Mouse UDP Packet Remote Code Execution [CVE-2021-27573]medium7.5---
174720Emote Remote Mouse Packet authentication replay [CVE-2021-27572]medium5.1---
174719Emote Remote Mouse missing encryption [CVE-2021-27571]low5.0---
174718Emote Remote Mouse Packet cleartext transmission [CVE-2021-27570]low2.6---
174717Emote Remote Mouse Packet cleartext transmission [CVE-2021-27569]low2.6---
174716Backdoor.Win32.Antilam.13.a Service Port 47891 backdoormedium7.5---
174715Backdoor.Win32.MotivFTP.12 FTP Server improper authenticationmedium7.5---
174714Nim Standard Library certificate validation [CVE-2021-29495]medium5.1---
174713Texas Instruments SimpleLink Wi-Fi MSP432E4 SDK MCU API integer overflowlow4.9---
174712IBM Robotic Process Automation with Automation Anywhere unknown vulnerabilitymedium5.8---
174711Advantech WISE-PaaS RMM WISE-PaaS Dashboard improper authenticationmedium3.3---
174710Texas Instruments SimpleLink Wi-Fi MSP432E4 SDK Over-the-Air Firmware Update stack-based overflowmedium6.5---
174709Texas Instruments SimpleLink Wi-Fi MSP432E4 SDK Domain Name integer overflowmedium7.5---
174708SABnzbd PAR2 File filesystem.renamer path traversalmedium5.5---
174707Eventlet Compressed Data resource consumption [CVE-2021-21419]low5.0---
174706Avahi Hostname Resolution avahi_s_host_name_resolver_start null pointer dereferencelow1.7---
174705LivingLogic XIST4C Login login.htm cross site scriptinglow4.0---
174704LivingLogic XIST4C Feedback feedback.htm cross site scriptinglow4.0---
174703Proofpoint Enterprise Protection Email Message PoD Remote Code Executionmedium7.5---
174702Texas Instruments SimpleLink Wi-Fi MSP432E4 SDK HTTP Header integer overflowmedium6.0---
174701Texas Instruments SimpleLink Wi-Fi CC3100 Over-the-Air Firmware Update File integer overflowmedium8.3---
174700VMware vRealize Business for Cloud Remote Privilege Escalationmedium6.5---
174699PAX Technology PAXSTORE XML Data xml external entity referencemedium6.5---
174698Junhe Omnidirectional Communication System Picture Preview Page cross site scriptinglow4.0---
174697Junhe ERP POS News Page cross site scripting [CVE-2021-30171]low4.0---
174696Junhe ERP POS Customer Profile Page cross site scripting [CVE-2021-30170]low4.0---
174695Junhe Omnidirectional Communication System path traversal [CVE-2021-30173]medium6.5---
174694PAX Technology PAXSTORE Session Token information disclosurelow2.6---
174693PAX Technology PAXSTORE PUK Signature information disclosurelow2.7---
174692PAX Technology PAXSTORE Marketplace Endpoint access control [CVE-2020-36126]medium6.5---
174691PAX Technology PAXSTORE Endpoint access control [CVE-2020-36125]medium6.5---
174690StackLift LocalStack cross site scripting [CVE-2021-32091]low4.0---
174689StackLift LocalStack Dashboard os command injection [CVE-2021-32090]medium5.2---
174688Atlassian Confluence Server Team Calendar server-side request forgerymedium5.2---
174687Atlassian Confluence Server Team Calendar cross site scriptinglow4.0---
174686NSA Emissary ConfigFileAction information disclosure [CVE-2021-32093]low2.7---
174685NSA Emissary cross site scripting [CVE-2021-32092]low4.0---
174684HashiCorp vault-action GitHub Action log file [CVE-2021-32074]low2.7---
174683Qualcomm Snapdragon Auto FastRPC Driver use after free [CVE-2021-1927]medium6.8---
174682Qualcomm Snapdragon Auto Group Management Action Frame denial of servicemedium7.8---
174681Qualcomm Snapdragon Auto NDP Application Information buffer overflowmedium6.8---
174680Qualcomm Snapdragon Auto double free [CVE-2021-1910]medium7.5---
174679Qualcomm Snapdragon Auto GPU Address allocation of resourceslow4.6---
174678Qualcomm Snapdragon Auto Memory Mapping use after free [CVE-2021-1905]medium6.8---
174677Qualcomm Snapdragon Consumer IOT Image Flashing integer overflowmedium7.2---
174676Qualcomm Snapdragon Auto Audio Driver use after free [CVE-2021-1891]medium6.8---
174675Qualcomm Snapdragon Auto Camera use after free [CVE-2020-11295]medium6.8---
174674Qualcomm Snapdragon Auto Logging out-of-bounds write [CVE-2020-11294]medium4.3---
174673Qualcomm Snapdragon Auto Widevine TA out-of-bounds read [CVE-2020-11293]low4.0---
174672Qualcomm Snapdragon Auto TZ Command out-of-bounds write [CVE-2020-11289]medium6.8---
174671Qualcomm Snapdragon Auto Playready out-of-bounds write [CVE-2020-11288]medium6.8---
174670Qualcomm Snapdragon Auto RTCP Packet buffer overflow [CVE-2020-11285]medium7.5---
174669Qualcomm Snapdragon Auto SDES Packet memory corruption [CVE-2020-11279]medium5.0---
174668Qualcomm Snapdragon Auto Modem denial of service [CVE-2020-11274]medium7.8---
174667Qualcomm Snapdragon Auto Histogram null pointer dereference [CVE-2020-11273]medium6.8---
174666Qualcomm Snapdragon Auto/Snapdragon Mobile SIB1 denial of servicelow5.0---
174665Qualcomm Snapdragon Auto CTX Pointer memory corruption [CVE-2020-11254]medium4.6---
174664Qualcomm Snapdragon Auto System Call Local Privilege Escalationmedium6.8---
174663LMS edit_user cross-site request forgerylow4.0---
174662NightOwl WDB-20-V2 Web Server snapshot information disclosurelow3.3---
174661eWeLink Mobile Application QR Code Pairing Mode information disclosurelow1.2---
174660ForkCMS cross-site request forgery [CVE-2020-23264]low4.0---
174659Artica Pandora FMS Phar Deserialization deserialization [CVE-2021-32098]medium5.4---
174658NSA Emissary unknown vulnerability [CVE-2021-32095]low4.1---
174657NSA Emissary unrestricted upload [CVE-2021-32094]medium5.2---
174656QEMU Floppy Drive fdc.c fdctrl_transfer_handler memory corruptionmedium5.2---
174655AOMedia libaom aom_image.c memory corruptionmedium5.2---
174654Hongdian H8922 tools.cgi os command injectionmedium5.2---
174653Hongdian H8922 cli.conf information disclosurelow2.7---
174652Strapi Admin Panel Remote Code Execution [CVE-2021-28128]medium5.1---
174651Fork CMS add cross site scriptinglow4.0---
174650ModSecurity Cookie denial of service [CVE-2019-25043]low5.0---
174649mixme merge dynamically-managed code resourceslow5.5---
174648Wayfair git-parse gitDiff command injectionmedium5.2---
174647Dell EMC PowerScale OneFS os command injection [CVE-2021-21550]medium5.2---
174646Dell EMC PowerScale OneFS os command injection [CVE-2021-21527]medium5.2---
174645Chamilo LMS cross-site request forgery [CVE-2020-23128]low4.0---
174644Open Distro for Elasticsearch Alerting Plugin server-side request forgerymedium6.5---
174643Stormshield SNS SNMP Plugin resource consumption [CVE-2021-28665]low3.5---
174642Artica Pandora FMS file inclusion [CVE-2021-32100]medium4.9---
174641ASUS GT-AC2900 httpd.c handle_request improper authenticationmedium7.5---
174640Hongdian H8922 Telnet Service hard-coded credentials [CVE-2021-28152]medium5.8---
174639Hongdian H8922 log_download.cgi pathname traversalmedium4.0---
174638GitLab Community Edition/Enterprise Edition Query Parameter denial of servicelow5.0---
174637GitLab Community Edition/Enterprise Edition GraphQL unknown vulnerabilitylow5.0---
174636GitLab Timestamp permission [CVE-2021-22208]medium6.5---
174635GitLab Pull Mirror Credential information disclosure [CVE-2021-22206]low4.0---
174634libgetdata dirfile Database use after free [CVE-2021-20204]medium5.2---
174633VerityStream MSOW Solutions Primary Source Verification information disclosurelow2.6---
174632Red Hat Openstack tripleo-ansible information disclosure [CVE-2021-31918]low2.7---
174631kennnyshiwa-cogs Tickets Module code injection [CVE-2021-29493]medium4.0---
174630HPE Edgeline Infrastructure Manager improper authentication [CVE-2021-29203]medium7.5---
174629NSA Emissary ConsoleAction cross-site request forgery [CVE-2021-32096]low4.0---
174628Django URLValidator injection [CVE-2021-32052]medium5.2---
174627puppyCMS settings.php cross-site request forgerylow4.0---
174626OpenEMR usergroup_admin.php cross site scriptinglow3.3---
174625Linux Kernel af_x25.c x25_bind out-of-bounds readmedium7.5---
174624OpenEMR save.php sql injectionmedium6.5---
174623OpenEMR ajax_code.php sql injectionmedium6.5---
174622OpenEMR Patient Portal _machine_config.php access controlmedium5.8---
174621Artica Pandora FMS pandora_console chart_generator.php sql injectionmedium7.5---
174620Linux Kernel Multi-device Driver Module dm-ioctl.c list_devices out-of-bounds writemedium6.2---
174619puppyCMS Folder unknown vulnerability [CVE-2020-18888]low4.9---
174618Linux Kernel BPF Stack verifier.c information disclosurelow1.4---
174617emlog Database Backup File data.php unrestricted uploadmedium6.0---
174616puppyCMS functions.php permissionmedium6.5---
174615IBM Tivoli Storage Manager Command Line Administrative Interface dsmadmc.exe buffer overflowmedium5.2---
174614MapServer access control [CVE-2021-32062]medium6.5---
174613openmptcprouter-vps-admin omr-admin.py timing discrepancylow2.6---
174612GitLab Community Edition/Enterprise Edition Dependency Proxy unknown vulnerabilitymedium4.9---
174611ShapeShift KeepKey Hardware Wallet Message ethereum.c ethereum_extractThorchainSwapData buffer overflowmedium6.5---
174610NXP LPC55S6x ROM Patch Peripheral access control [CVE-2021-31532]medium5.2---
174609Vaadin EmailValidator resource consumption [CVE-2021-31409]low5.0---
174608Jellyfin API Endpoint Download server-side request forgerymedium7.5---
174607Business Directory Plugin cross-site request forgery [CVE-2021-24178]low4.0---
174606Business Directory Plugin cross-site request forgery [CVE-2021-24251]low4.0---
174605Business Directory Plugin Form Field cross site scripting [CVE-2021-24250]low4.0---
174604Business Directory Plugin cross-site request forgery [CVE-2021-24249]low4.0---
174603Contact Form Check Tester Plugin Dashboard cross site scriptinglow4.0---
174602Workscout Core Plugin AJAX Action workscout_send_message_chat cross site scriptinglow4.0---
174601Stop Spammers Plugin cross site scripting [CVE-2021-24245]low4.0---
174600WPBakery Page Builder Clipboard Plugin AJAX Action cross site scriptinglow4.0---
174599WPBakery Page Builder Clipboard Plugin AJAX Action authorizationlow5.2---
174598OpenID Connect Generic Client Plugin cross site scripting [CVE-2021-24214]low4.0---
174597Business Directory Plugin & Easy Listing Directories cross-site request forgerylow4.0---
174596stdlib ipaddress input validation [CVE-2021-29921]medium7.5---
174595Linux Kernel KVM API out-of-bounds write [CVE-2021-3501]medium5.2---
174594Cisco AnyConnect Secure Mobility Client Interprocess Communication input validationlow1.0---
174593Cisco SD-WAN CLI Command file access [CVE-2021-1512]low2.9---
174592Cisco AnyConnect Secure Mobility Client temp file [CVE-2021-1496]medium6.0---
174591Cisco Wide Area Application Services CLI exposure of resourcelow1.7---
174590Cisco AnyConnect Secure Mobility Client temp file [CVE-2021-1430]medium6.0---
174589Cisco AnyConnect Secure Mobility Client temp file [CVE-2021-1429]medium6.0---
174588Cisco AnyConnect Secure Mobility Client temp file [CVE-2021-1428]medium6.0---
174587Cisco AnyConnect Secure Mobility Client temp file [CVE-2021-1427]medium6.0---
174586Cisco AnyConnect Secure Mobility Client temp file [CVE-2021-1426]medium6.0---
174585Cisco Video Surveillance 8000 Discovery Protocol Packet memory corruptionmedium5.8---
174584Cisco SD-WAN vManage Software API Endpoint access control [CVE-2021-1515]medium3.3---
174583Cisco SD-WAN vManage Software Web-based Interface cross site scriptinglow4.0---
174582Cisco Web Security Appliance Web-based Management Interface cross site scriptinglow5.0---
174581Cisco SD-WAN vManage Software Web-based Messaging Service Interface access controlmedium5.8---
174580Online Book Store edit_book.php sql injectionmedium6.5---
174579Online Book Store admin_delete.php sql injectionmedium6.5---
174578Online Book Store admin_verify.php improper authenticationmedium7.5---
174577Online Book Store book.php sql injectionmedium6.5---
174576Online Book Store admin_edit.php sql injectionmedium6.5---
174575Online Book Store bookPerPub.php sql injectionmedium6.5---
174574Online Book Store edit_book.php sql injectionmedium6.5---
174573Cisco SD-WAN vManage Software Application access control [CVE-2021-1508]medium7.5---
174572Cisco SD-WAN vManage Software Application access control [CVE-2021-1506]medium7.5---
174571Cisco SD-WAN vManage Software Application access control [CVE-2021-1505]medium7.5---
174570Cisco SD-WAN vManage Software Application access control [CVE-2021-1468]medium7.5---
174569Cisco SD-WAN vManage Software access control [CVE-2021-1275]high10.0---
174568Cisco SD-WAN vManage Software Cluster Management Interface information disclosurelow5.0---
174567Cisco BroadWorks Messaging Server XML Data xml external entity referencemedium6.5---
174566Content Security Management Appliance Web-based Management Interface information disclosurelow4.0---
174565Cisco SD-WAN vDaemon denial of service [CVE-2021-1513]low5.0---
174564Cisco SD-WAN vEdge memory corruption [CVE-2021-1511]medium7.1---
174563Cisco SD-WAN vEdge memory corruption [CVE-2021-1510]medium7.1---
174562Cisco SD-WAN vEdge memory corruption [CVE-2021-1509]medium7.1---
174561Cisco HyperFlex HX Data Platform Web-based Management Interface missing authenticationmedium6.4---
174560Cisco HyperFlex HX Web-based Management Interface os command injectionhigh10.0---
174559Cisco HyperFlex HX Web-based Management Interface os command injectionhigh10.0---
174558Cisco SD-WAN vManage Software HTTP Header information exposurelow5.0---
174557Cisco Integrated Management Controller Web-based Management Interface redirectmedium7.5---
174556Online Book Store admin_add.php unrestricted uploadmedium6.5---
174555Cisco RV340/RV340W/RV345/RV345P Internal Messaging Service write-what-where conditionmedium6.0---
174554Cisco SD-WAN CLI input validation [CVE-2021-1514]medium4.3---
174553Cisco Content Security Management Appliance Password Generator privileges managementmedium6.5---
174552Cisco Enterprise NFV Infrastructure Software Configuration Command os command injectionmedium6.8---
174551Cisco TelePresence Collaboration Endpoint/RoomOS Video Endpoint API path traversalmedium4.0---
174550Event Banner Plugin Image File unrestricted upload [CVE-2021-24252]medium5.8---
174549Classyfrieds Plugin Content-Type unrestricted upload [CVE-2021-24253]medium6.5---
174548Business Directory Plugin File Import unrestricted upload [CVE-2021-24248]medium6.5---
174547Imagements Plugin Content-Type unrestricted upload [CVE-2021-24236]medium7.5---
174546College Publisher Import Plugin CSV File Import unrestricted uploadmedium5.8---
174545Cisco Unified Communications Manager JMX denial of service [CVE-2021-1478]low5.0---
174544Cisco Small Business Web-based Management Interface privileges managementmedium6.5---
174543Cisco Small Business Web-based Management Interface injectionmedium6.5---
174542Cisco Unified Communications Manager & Presence Service Web-based Management Interface sql injectionmedium6.5---
174541Cisco Unified Communications Manager IM & Presence Service Web-based Management Interface sql injectionmedium6.5---
174540Dell EMC Integrated System for Microsoft Azure Stack Hub hard-coded credentialshigh10.0---
174539Exim pdkim_finish_bodyhash out-of-bounds readlow4.0---
174538Exim tls-openssl.c use after freemedium6.5---
174537Exim smtp_ungetc heap-based overflowmedium6.5---
174536Exim BDAT Error memory corruption [CVE-2020-28019]medium6.5---
174535Exim Line spool_read_header injectionmedium5.5---
174534Exim extract_option out-of-bounds writemedium6.5---
174533Exim Spool Header File injection [CVE-2020-28021]medium5.5---
174532Exim smtp_setup_msg out-of-bounds readlow4.0---
174531Exim receive_msg integer overflowmedium7.5---
174530Exim receive_add_recipient integer overflowmedium5.1---
174529Exim get_stdinput integer overflowmedium6.5---
174528Exim Pipe Remote Privilege Escalation [CVE-2020-28012]medium6.5---
174527Exim Spool Header File injection [CVE-2020-28015]medium5.5---
174526Exim parse_fix_phrase out-of-bounds writemedium6.5---
174525Exim parse_fix_phrase heap-based overflowmedium6.5---
174524Exim main out-of-bounds writemedium6.5---
174523Exim queue_run heap-based overflowmedium6.5---
174522Exim unknown vulnerability [CVE-2021-27216]low3.8---
174521Exim File Creation unknown vulnerability [CVE-2020-28014]low4.9---
174520Exim Spool Directory Remote Privilege Escalation [CVE-2020-28008]high9.0---
174519Exim Log Directory Remote Privilege Escalation [CVE-2020-28007]high9.0---
174518Mozilla Firefox ESR/Thunderbird Mozilla Maintenance Service access controlmedium6.5---
174517Apple Safari WebKit integer overflow [CVE-2021-30663]medium7.5---
174516Apple Safari WebKit memory corruption [CVE-2021-30665]medium7.5---
174515Apple macOS WebKit integer overflow [CVE-2021-30663]medium7.5---
174514Apple macOS WebKit memory corruption [CVE-2021-30665]medium7.5---
174513Apple watchOS WebKit memory corruption [CVE-2021-30665]medium7.5---
174512Apple iOS WebKit Storage use after free [CVE-2021-30661]medium7.5---
174511Apple iOS/iPadOS WebKit integer overflow [CVE-2021-30663]medium7.5---
174510Apple iOS/iPadOS WebKit memory corruption [CVE-2021-30665]medium7.5---
174509Apple iOS WebKit buffer overflow [CVE-2021-30666]medium7.5---
174508Vaadin Frontend temp file [CVE-2021-31411]medium4.0---
174507ESRI ArcGIS GeoEvent Server path traversal [CVE-2021-29101]medium5.0---
174506Clever Addons for Elementor Plugin Widget cross site scriptinglow4.0---
174505Fitness Calculators Plugin cross-site request forgery [CVE-2021-24272]low4.0---
174504Ultimate Addons for Elementor Plugin Widget cross site scriptinglow4.0---
174503DeTheme Kit for Elementor Plugin Widget cross site scriptinglow4.0---
174502Sina Extension for Elementor Plugin Widget cross site scriptinglow4.0---
174501JetWidgets For Elementor Plugin Widget cross site scripting [CVE-2021-24268]low4.0---
174500All-in-One Addons for Elementor WidgetKit Plugin Widget cross site scriptinglow4.0---
174499The Plus Addons for Elementor Page Builder Lite Plugin Widget cross site scriptinglow4.0---
174498Rife Elementor Extensions & Templates Plugin Widget cross site scriptinglow4.0---
174497Image Hover Effects - Elementor Addon Plugin Widget cross site scriptinglow4.0---
174496Elementor Addons PowerPack Addons for Elementor Plugin Widget cross site scriptinglow4.0---
174495HT Mega Absolute Addons for Elementor Page Builder Plugin Widget cross site scriptinglow4.0---
174494Livemesh Addons for Elementor Plugin Widget cross site scriptinglow4.0---
174493Elementor Addon Elements Plugin Widget cross site scripting [CVE-2021-24259]low4.0---
174492Elements Kit Lite Plugin/Elements Kit Pro Plugin Widget cross site scriptinglow4.0---
174491Premium Addons for Elementor Plugin Widget cross site scriptinglow4.0---
174490Elementor - Header, Footer & Blocks Template Plugin Widget cross site scriptinglow4.0---
174489Essential Addons for Elementor Lite Plugin Widget cross site scriptinglow4.0---
174488Supsystic Contact Form Plugin Options Page cross site scriptinglow4.0---
174487Supsystic Popup Plugin Options Page cross site scripting [CVE-2021-24275]low4.0---
174486Supsystic Ultimate Maps Plugin Options Page cross site scriptinglow4.0---
174485WooLentor WooCommerce Elementor Addons and Builder Plugin Widget cross site scriptinglow4.0---
174484NextGEN Gallery Pro Plugin get_cart_items cross site scriptinglow4.0---
174483BTCPay Server POS Add Products cross site scripting [CVE-2021-29250]low4.0---
174482Mutt/NeoMutt QRESYNC util.c out-of-bounds readlow4.0---
174481Django File Name FieldFile pathname traversalmedium5.2---
174480Trend Micro Home Network Security File Parser denial of servicelow5.0---
174479Trend Micro Home Network Security File Parser denial of servicelow5.0---
174478Samba smbd File Server out-of-bounds read [CVE-2021-20254]medium4.6---
174477BTCPay Server Legacy API Key Generator random values [CVE-2021-29245]low1.4---
174476Highcharts JS Chart Options cross site scripting [CVE-2021-29489]low4.0---
174475BTCPay Server Plugin pathname traversal [CVE-2021-29246]medium4.7---
174474Esri ArcGIS Earth File Creation path traversal [CVE-2021-29100]medium4.3---
174473BTCPay Server missing secure attribute [CVE-2021-29248]low2.6---
174472BTCPay Server cookie without 'httponly' flag [CVE-2021-29247]low2.6---
174471Drupal JSON API access control [CVE-2020-13665]medium4.0---
174470Drupal External URL redirect [CVE-2020-13662]medium7.5---
174469IBM QRadar SIEM hard-coded credentials [CVE-2021-20401]low1.0---
174468IBM QRadar SIEM ZIP File Decompression path traversal [CVE-2020-4993]medium5.8---
174467IBM QRadar SIEM Inter-Deployment Communication Remote Code Executionmedium5.1---
174466IBM QRadar SIEM hard-coded credentials [CVE-2020-4932]medium5.0---
174465IBM QRadar SIEM Web UI cross site scripting [CVE-2021-20397]low5.0---
174464IBM QRadar SIEM XML Data xml external entity reference [CVE-2020-5013]medium6.5---
174463IBM QRadar SIEM Web UI cross site scripting [CVE-2020-4929]low4.0---
174462IBM QRadar SIEM information disclosure [CVE-2020-4883]low4.0---
174461EWWW Image Optimizer protection mechanism [CVE-2016-20010]medium4.6---
174460Drupal Directory Remote Code Execution [CVE-2020-13664]medium7.5---
174459Impacket smbserver.py pathname traversalmedium5.2---
174458openSUSE Factory Virtualbox default permission [CVE-2021-25319]medium4.3---
174457SUSE Linux Enterprise Server default permission [CVE-2021-25317]medium4.3---
174456SolarWinds Serv-U HTTP Host Header cross site scripting [CVE-2021-25179]low4.0---
174455SolarWinds Serv-U Directory Name cross site scripting [CVE-2020-22428]low4.0---
174454themegrill-demo-importer Database Wipe cross-site request forgerylow4.0---
174453themegrill-demo-importer Database Wipe improper authenticationmedium4.8---
174452Backdoor.Win32.Floder.gqe permissionmedium6.5---
174451Trojan.Win32.Siscos.bqe permissionmedium6.5---
174450Trojan.Win32.Agent.xdtv access controlmedium6.5---
174449Backdoor.Win32.NinjaSpy.c Service Port 2003 authentication bypassmedium5.1---
174448Packed.Win32.Black.d Service Port 1080 Hacker.com.cn.exe improper authenticationmedium7.5---
174447Dell DBUtil BIOS Driver dbutil_2_3.sys improper authorizationmedium9.0---
174446Windscribe VPN WindscribeService SYSTEM access controlmedium6.8---
174445SolarWinds Serv-U Macro injection [CVE-2021-3154]medium3.3---
174444Centreon Web File Extension unrestricted upload [CVE-2021-26804]medium6.5---
174443Redis redis-server integer overflowmedium4.6---
174442Redis Command integer overflow [CVE-2021-29477]medium4.6---
174441IBM FlashSystem 900 User Management GUI cross site scriptinglow4.0---
174440iWT FaceSentry Access Control System pingTest os command injectionmedium5.2---
174439CODESYS Development System Package Manager unknown vulnerabilitylow4.9---
174438IoT Devices SDK calloc buffer overflowmedium3.5---
174437path-parse Package Regular Expression splitPathRe denial of servicelow5.0---
174436handlebars Package Prototype code injection [CVE-2021-23383]medium7.5---
174435Apache Unomi Log crlf injection [CVE-2021-31164]medium4.9---
174434CODESYS Automation Server cross-site request forgery [CVE-2021-29238]low4.0---
174433OX Software OX App Suite Note Item cross site scripting [CVE-2020-28945]low4.0---
174432CODESYS Control Runtime System Packet input validation [CVE-2021-29242]medium5.2---
174431CODESYS Gateway denial of service [CVE-2021-29241]low2.3---
174430CODESYS Development System Library injection [CVE-2021-29239]low4.9---
174429Amazon Web Services FreeRTOS heap-based overflow [CVE-2021-32020]medium5.2---
174428Libre Wireless LS9 Web Interface improper authentication [CVE-2020-35758]medium5.8---
174427Libre Wireless LS9 luci_service Daemon information disclosurelow3.3---
174426Libre Wireless LS9 luci_service Daemon Read_ information disclosurelow2.3---
174425JEECG unrestricted upload [CVE-2020-23083]medium6.0---
174424OPNsense Login Page redirect [CVE-2020-23015]medium6.5---
174423MikroTik RouterOS Traceroute traceroute memory corruptionmedium4.0---
174422MikroTik RouterOS Traceroute traceroute memory corruptionmedium4.0---
174421Libre Wireless LS9 ADB over TCP improper authentication [CVE-2020-35757]medium5.0---
174420OctoberCMS Safe Mode permission [CVE-2021-21264]medium5.8---
174419mixme merge denial of servicelow2.7---
174418LibreOffice Denylist ShellExecute incomplete blacklistmedium5.2---
174417gnuplot Package os command injection [CVE-2021-29369]medium5.2---
174416algorithmica Crate merge double freemedium4.9---
174415Apache Airflow trigger cross site scriptinglow4.0---
174414Amazon AWS Cognito password recoverylow2.6---
174413OX Software OX App Suite Distribution List cross site scriptinglow4.0---
174412OX Software OX App Suite Contact Object cross site scriptinglow4.0---
174411SuiteCRM Client Account Page cross site scripting [CVE-2021-31792]low4.0---
174410Dell EMC Unity/UnityVSA/Unity XT Upgrade Readiness Utility cleartext storagelow0.8---
174409Dell Hybrid Client access control [CVE-2021-21537]medium4.3---
174408Dell Hybrid Client Register information disclosure [CVE-2021-21536]low1.7---
174407Dell Hybrid Client Local API information disclosure [CVE-2021-21534]low1.7---
174406Dell Unisphere for PowerMax Monitor Role authorization [CVE-2021-21531]medium4.3---
174405OX Software OX App Suite Snippet server-side request forgerymedium5.2---
174404yzmCMS login.html cross site scriptinglow4.0---
174403OX Software OX Guard WKS Server denial of service [CVE-2020-28944]low2.3---
174402gosaml2 XML Signature null pointer dereference [CVE-2020-7731]low2.3---
174401Ampache sql injection [CVE-2020-15153]medium7.5---
174400CubeCoders AMP Application Deployment Service permission [CVE-2021-31926]medium6.5---
174399Dell EMC iDRAC9 cross site scripting [CVE-2021-21541]low5.0---
174398Dell Hybrid Client missing authentication [CVE-2021-21535]medium6.8---
174397SUSI.AI Admin Config File path traversal [CVE-2020-4039]medium7.5---
174396Exiv2 Metadata out-of-bounds read [CVE-2021-29463]low4.3---
174395Dell EMC iDRAC9 Comment improper authentication [CVE-2021-21544]low3.3---
174394Dell EMC iDRAC9 Configuration stack-based overflow [CVE-2021-21540]medium6.5---
174393Dell EMC iDRAC9 Web Interface toctou [CVE-2021-21539]low4.6---
174392Dell OpenManage Enterprise-Modular Environment os command injectionmedium6.5---
174391Dell EMC iDRAC9 cross site scripting [CVE-2021-21543]low4.0---
174390Dell EMC iDRAC9 cross site scripting [CVE-2021-21542]low4.0---
174389Exiv2 Metadata heap-based overflow [CVE-2021-29464]medium7.5---
174388Dell EMC Networking X-Series/PowerEdge VRTX Switch Module access controlmedium3.3---
174387cumulative-distribution-function infinite loop [CVE-2021-29486]low5.0---
174386IBM Informix Dynamic Server stack-based overflow [CVE-2021-20515]medium6.5---
174385Google Chrome ANGLE heap-based overflow [CVE-2021-21233]medium7.5---
174384Google Chrome Dev Tools use after free [CVE-2021-21232]medium7.5---
174383Google Chrome V8 heap-based overflow [CVE-2021-21231]medium7.5---
174382Google Chrome V8 type confusion [CVE-2021-21230]medium7.5---
174381Google Chrome Extensions access control [CVE-2021-21228]medium5.1---
174380Google Chrome V8 heap-based overflow [CVE-2021-21227]medium7.5---
174379Chamilo fileUpload.lib.php pathname traversal [CVE-2021-31933]medium5.8---
174378Google Chrome Downloads clickjacking [CVE-2021-21229]low5.0---
174377Pritunl Client pritunl-service neutralization for logs [CVE-2020-27519]medium6.8---
174376pki-core KRA Agent Service cross site scripting [CVE-2020-1721]low4.0---
174375RPM rpmdb header.c hdrblobInit out-of-bounds readlow2.3---
174374CNCF Cortex Alertmanager password_file information disclosurelow1.7---
174373Grafana Enterprise Alertmanager password_file information disclosurelow1.7---
174372Ambarella Oryx RTSP Server RTSP Request libamprotocol-rtsp.so.1 parse_authentication_header buffer overflowmedium7.5---
174371Zoho ManageEngine EventLog Analyzer ZIP Archive pathname traversalmedium7.5---
174370GOG GalaxyClient DLL Loader zlib1.dll untrusted search pathlow4.3---
174369MongoDB Server Find Query denial of service [CVE-2021-20326]low5.0---
174368klibc malloc integer overflowmedium4.9---
174367klibc cpio Command integer overflow [CVE-2021-31872]medium4.9---
174366klibc cpio Command integer overflow [CVE-2021-31871]medium4.9---
174365klibc calloc integer overflowmedium4.9---
174364rkyv Crate Archive uninitialized pointer [CVE-2021-31919]low4.9---
174363iCMS HTTP Request database.admincp.php do_del path traversalmedium5.5---
174362NVIDIA Virtual GPU Manager Address Space Layout Randomization information disclosurelow1.7---
174361NVIDIA Virtual GPU Manager Shared Memory buffer overflow [CVE-2021-1085]medium6.8---
174360yii2_fecshop Check Cart Page cross site scripting [CVE-2020-22808]low4.0---
174359vTiger CRM Calendar Export sql injection [CVE-2020-22807]medium6.5---
174358Jeesns CkeditorUploadController.java cross site scriptinglow4.0---
174357NVIDIA Virtual GPU Manager Kernel Mode Driver buffer overflowmedium6.8---
174356NVIDIA Virtual GPU Manager Local Privilege Escalation [CVE-2021-1082]medium6.8---
174355NVIDIA Virtual GPU Manager Local Privilege Escalation [CVE-2021-1080]medium6.8---
174354django-filter numeric conversion [CVE-2020-15225]low5.0---
174353Ghost Endpoint preview cross site scriptinglow5.0---
174352NVIDIA Virtual GPU Manager access control [CVE-2021-1086]medium6.8---
174351NVIDIA Virtual GPU Manager Kernel Mode Driver buffer overflowmedium6.8---
174350NVIDIA vGPU Software Kernel Mode Driver buffer overflow [CVE-2021-1081]medium6.8---
174349Cygwin Git injection [CVE-2021-29468]low4.6---
174348systeminformation Parameter si.processLoad os command injectionmedium6.5---
174347Graphviz Graph Visualization Tools shapes.c buffer overflow [CVE-2020-18032]medium6.5---
174346Backdoor.Win32.Agent.ggw FTP Service improper authenticationmedium7.5---
174345Worm.Win32.Delf.hu permissionmedium6.5---
174344HEUR.Trojan.Win32.Bayrob.gen permissionmedium6.5---
174343Cisco Firepower Threat Defense CLI Command pathname traversalmedium4.3---
174342Cisco FirePOWER Management Center Web-based Management Interface cross site scriptinglow5.0---
174341Cisco FirePOWER Management Center Web-based Management Interface cross site scriptinglow5.0---
174340Cisco FirePOWER Management Center Web-based Management Interface cross site scriptinglow5.0---
174339Cisco FirePOWER Management Center Web-based Management Interface cross site scriptinglow5.0---
174338Cisco Firepower Device Manager REST API xml external entity referencemedium6.5---
174337Backdoor.Win32.Agent.oj Service Port 23 stack-based overflowmedium7.5---
174336Cisco Open Source Snort 2 Snort Detection Engine access controlmedium7.5---
174335Cisco Firepower Threat Defense TLS Message memory corruptionmedium5.0---
174334Backdoor.Win32.Agent.kte Service Port 80 stack-based overflowmedium7.5---
174333Cisco Firepower Threat Defense CLI input validation [CVE-2021-1448]medium6.8---
174332Cisco FirePOWER Management Center access control [CVE-2021-1477]medium6.5---
174331Cisco ASA/Firepower Threat Defense HTTPS Request out-of-bounds writemedium5.0---
174330Cisco ASA/Firepower Threat Defense SIP Inspection Engine denial of servicelow5.0---
174329Cisco ASA/Firepower Threat Defense Web Services Interface buffer overflowmedium6.5---
174328Cisco ASA/Firepower Threat Defense HTTPS Request out-of-bounds writemedium7.8---
174327Backdoor.Win32.Agent.gmug Service Port 33308 heap-based overflowmedium7.5---
174326Cisco ASA/Firepower Threat Defense Upgrade Package command injectionmedium6.5---
174325Cisco ASA/Firepower Threat Defense CLI os command injection [CVE-2021-1476]medium6.5---
174324Cisco Firepower Device Manager Web-based Management resource consumptionlow6.1---
174323Backdoor.Win32.Agent.oj Service Port 23 backdoormedium7.5---
174322emlog Article Comment cross site scripting [CVE-2021-30227]low4.0---
174321Mercusys Mercury X18G cross site scripting [CVE-2021-25810]low4.0---
174320Rukovoditel cross-site request forgery [CVE-2021-30224]low4.0---
174319Parallels Desktop IDE Virtual Device heap-based overflow [CVE-2021-31429]medium6.5---
174318Parallels Desktop IDE Virtual Device heap-based overflow [CVE-2021-31428]medium6.5---
174317Parallels Desktop Open Tools Gate heap-based overflow [CVE-2021-31424]medium6.8---
174316Parallels Desktop Toolgate stack-based overflow [CVE-2021-31420]medium6.8---
174315Pega Infinity Password Recovery improper authentication [CVE-2021-27651]medium4.3---
174314Babel path traversal [CVE-2021-20095]medium5.2---
174313novel-plus FileController.java fileDownload pathname traversallow2.7---
174312China Mobile An Lianbao WF-1 set_online_client command injectionmedium5.2---
174311Mercusys Mercury X18G denial of service [CVE-2021-25811]low2.3---
174310GNU Binutils readelf memory corruption [CVE-2021-20294]medium5.1---
174309Ansible Engine No Log basic.py information disclosurelow2.7---
174308Inxedu sql injection [CVE-2020-35430]medium6.5---
174307Samurai Build File build.c printstatus null pointer dereferencelow2.3---
174306Samurai Build File util.c writefile null pointer dereferencelow2.3---
174305md4c Markdown Document md4c.c md_analyze_line denial of servicelow2.3---
174304LIVE555 Streaming Media OnDemandServerMediaSubsession unknown vulnerabilitylow4.9---
174303Inim Electronics SmartLiving SmartLAN Telnet/SSH/FTP hard-coded credentialsmedium5.8---
174302Parallels Desktop IDE Virtual Device out-of-bounds read [CVE-2021-31432]low1.7---
174301Parallels Desktop IDE Virtual Device out-of-bounds read [CVE-2021-31431]low1.4---
174300Parallels Desktop IDE Virtual Device out-of-bounds read [CVE-2021-31430]low1.4---
174299Parallels Desktop Parallels Tools integer overflow [CVE-2021-31426]medium6.8---
174298Parallels Desktop Parallels Tools integer overflow [CVE-2021-31425]medium6.8---
174297Parallels Desktop Toolgate uninitialized resource [CVE-2021-31423]low1.4---
174296Parallels Desktop e1000e Virtual Device toctou [CVE-2021-31422]medium5.9---
174295Parallels Desktop Toolgate path traversal [CVE-2021-31421]medium4.3---
174294Parallels Desktop Toolgate uninitialized resource [CVE-2021-31419]medium6.8---
174293Parallels Desktop Toolgate uninitialized resource [CVE-2021-31418]medium6.8---
174292Parallels Desktop Toolgate uninitialized resource [CVE-2021-31417]medium6.8---
174291Inim Electronics SmartLiving SmartLAN GET Parameter onvif.cgi GetImage server-side request forgerymedium7.5---
174290Foxit Studio Photo PSP File stack-based overflow [CVE-2021-31438]medium7.5---
174289Foxit Studio Photo JP2 File out-of-bounds write [CVE-2021-31437]medium7.5---
174288Foxit Studio Photo SGI File heap-based overflow [CVE-2021-31436]medium7.5---
174287Foxit Studio Photo CMP File initialization [CVE-2021-31435]medium7.5---
174286Foxit Studio Photo JPM File out-of-bounds write [CVE-2021-31434]medium7.5---
174285Foxit Studio Photo ARW File out-of-bounds write [CVE-2021-31433]medium7.5---
174284China Mobile An Lianbao WF-1 set_MLD_PROXY Interface os command injectionmedium6.5---
174283China Mobile An Lianbao WF-1 setIptvInfo Interface os command injectionmedium6.5---
174282China Mobile An Lianbao WF-1 set_IGMP_PROXY Interface os command injectionmedium6.5---
174281China Mobile An Lianbao WF-1 set_ZRElink Interface os command injectionmedium6.5---
174280China Mobile An Lianbao WF-1 set_time_zone Interface os command injectionmedium6.5---
174279China Mobile An Lianbao WF-1 set_zrDm Interface os command injectionmedium6.5---
174278China Mobile An Lianbao WF-1 set_ZRAndlink Interface os command injectionmedium6.5---
174277FluidSynth SoundFont File use after free [CVE-2021-21417]medium7.5---
174276Screenly screenly-ose Add Asset Page cross site scripting [CVE-2020-21101]low4.0---
174275Aruba ClearPass Policy Manager cross site scripting [CVE-2021-29146]low4.0---
174274Aruba ClearPass Policy Manager cross site scripting [CVE-2021-29142]low4.0---
174273Aruba ClearPass Policy Manager cross site scripting [CVE-2021-29139]low4.0---
174272Smartwares HOME easy Backup Download information disclosure [CVE-2020-21997]low3.3---
174271Parallels Desktop toctou [CVE-2021-31427]low1.7---
174270Aruba ClearPass Policy Manager XML Data xml external entity referencemedium6.5---
174269Prisma VS Code Schema File code injection [CVE-2021-21415]medium5.1---
174268Aruba ClearPass Policy Manager command injection [CVE-2021-29147]medium6.5---
174267Aruba ClearPass Policy Manager information disclosure [CVE-2021-29144]low4.0---
174266Aruba ClearPass Policy Manager information disclosure [CVE-2021-29141]low4.0---
174265Aruba ClearPass Policy Manager information disclosure [CVE-2021-29138]low4.0---
174264Aruba AirWave Management Platform redirect [CVE-2021-29137]low6.5---
174263Buffalo WSR-2533DHPL2/WSR-2533DHP3 Web Interface information disclosurelow2.3---
174262Inim Electronics SmartLiving SmartLAN testemail Module web.cgi system format stringhigh10.0---
174261发货100-设计素材下载系统 HTTP Header function.php getip sql injectionmedium6.5---
174260Uniview ISC2500-S unrestricted upload [CVE-2020-21452]medium4.9---
174259Aruba ClearPass Policy Manager server-side request forgery [CVE-2021-29145]medium6.5---
174258Buffalo WSR-2533DHPL2/WSR-2533DHP3 path traversal [CVE-2021-20090]medium7.5---
174257Emmanuel MyDomoAtHome REST API Domoticz ISS Gateway information disclosurelow5.0---
174256Buffalo WSR-2533DHPL2/WSR-2533DHP3 Web Interface Remote Privilege Escalationmedium6.5---
174255PHPFusion search.php cross site scriptinglow4.0---
174254Aruba AirWave Management Platform improper authorization [CVE-2021-25167]medium6.5---
174253Aruba AirWave Management Platform improper authorization [CVE-2021-25166]medium6.5---
174252Aruba AirWave Management Platform XML Data xml external entity referencemedium6.5---
174251GNU wget HTTP Header information disclosure [CVE-2021-31879]low5.0---
174250Cesanta MongooseOS mJS JSON String mjs_json.c mjs_json_parse heap-based overflowmedium5.2---
174249ISC BIND Query denial of service [CVE-2021-25215]low5.0---
174248ISC BIND IXFR denial of service [CVE-2021-25214]low5.0---
174247Aviatrix VPN Client unquoted search path [CVE-2021-31776]medium9.0---
174246Bundler gem injection [CVE-2020-36327]low4.6---
174245CKEditor Regular Expression denial of service [CVE-2021-21391]low5.0---
174244Prisma getPackedPackage os command injectionmedium6.5---
174243ISC BIND SPNEGO buffer overflow [CVE-2021-25216]medium7.6---
174242Qibosoft QiboCMS kindeditor.js cross site scriptinglow4.0---
174241Sonatype Nexus Repository Manager NXRM Application cross site scriptinglow4.0---
174240browserslist Regular Expression denial of service [CVE-2021-23364]low5.0---
174239Etherpad Database Backend log file [CVE-2020-22783]low2.7---
174238Etherpad Import Endpoint denial of service [CVE-2020-22782]low2.3---
174237Etherpad Cache denial of service [CVE-2020-22781]low2.3---
174236Enferex PDFResurrect PDF File pdf.c get_xref_linear_skipped infinite looplow2.3---
174235AVE DOMINAplus denial of service [CVE-2020-21996]low3.3---
174234Avaya Equinox Conferencing xml external entity reference [CVE-2020-7037]medium6.5---
174233Safe FME Server cross site scripting [CVE-2020-22790]low4.0---
174232Safe FME Server cross site scripting [CVE-2020-22789]low5.0---
174231Aruba ClearPass Policy Manager Local Privilege Escalation [CVE-2020-7123]low4.3---
174230ManageWiki wikiconfig API information disclosure [CVE-2021-29483]low5.0---
174229zx Decompression readUvarint infinite looplow5.0---
174228Etherpad Import Endpoint denial of service [CVE-2020-22785]low2.7---
174227Sourcecodester Equipment Inventory System Add Section cross site scriptinglow4.0---
174226AVE DOMINAplus authClients.xml improper authenticationmedium3.3---
174225Aruba AirWave Management Platform xml external entity referencemedium6.5---
174224Aruba AirWave Management Platform XML xml external entity referencemedium6.5---
174223Aruba AirWave Management Platform Remote Privilege Escalationmedium6.5---
174222Aruba AirWave Management Platform sql injection [CVE-2021-25153]medium6.5---
174221Aruba AirWave Management Platform deserialization [CVE-2021-25152]medium6.5---
174220Aruba AirWave Management Platform deserialization [CVE-2021-25151]medium6.5---
174219Avaya Equinox Conferencing Management access control [CVE-2020-7038]medium7.5---
174218Etherpad UeberDB Trailing Space access control [CVE-2020-22784]medium6.5---
174217Aruba AirWave Management Platform improper authentication [CVE-2021-25147]medium7.5---
174216WEMS Enterprise Manager GET Parameter injection [CVE-2020-21993]low2.7---
174215MiniCMS post-edit.php cross site scriptinglow4.0---
174214SourceCodester Budget Management System index.php cross site scriptinglow4.0---
174213AVE DOMINAplus changeparams.php improper authenticationmedium5.8---
174212Koyshe PHPSE Mall System admin.php sql injectionmedium6.5---
174211Xinhu OA System mode_worcAction.php createfolderAjax sql injectionmedium4.0---
174210Oracle VM VirtualBox information disclosure [CVE-2021-2321]low4.3---
174209Huawei CloudEngine 12800 Message denial of service [CVE-2021-22393]low2.3---
174208Huawei P30 cross site scripting [CVE-2021-22331]low4.0---
174207Huawei P30 Message out-of-bounds write [CVE-2021-22330]medium5.8---
174206Huawei P30 File Parser memory corruption [CVE-2021-22327]medium5.2---
174205Huawei CloudEngine 12800 Module double free [CVE-2021-22332]medium4.0---
174204Micro Focus Application Performance Management Remote Privilege Escalationmedium6.0---
174203LILIN IP Camera P2/IP Camera Z2 information disclosure [CVE-2021-30169]low5.0---
174202LILIN IP Camera P2/IP Camera Z2 information disclosure [CVE-2021-30168]low5.0---
174201LILIN IP Camera P2/IP Camera Z2 User Profile insufficiently protected credentialsmedium6.5---
174200LILIN IP Camera P2/IP Camera Z2 NTP Server os command injectionmedium6.5---
174199Redmine Git Repository information disclosure [CVE-2021-31863]low2.3---
174198Redmine Filename unrestricted upload [CVE-2021-31865]medium4.9---
174197Redmine Incoming Mail permission [CVE-2021-31864]medium5.2---
174196Layer5 REST API meshery_pattern_persister.go sql injectionmedium6.5---
174195Redmine SysController/MailHandlerController timing discrepancylow1.4---
174194Synology Antivirus Essential Quarantine external reference [CVE-2021-27648]low6.5---
174193media2click Extension Backend cross site scripting [CVE-2021-31778]low4.0---
174192yoast_seo Extension Backend server-side request forgery [CVE-2021-31779]medium5.2---
174191dce Extension Backend sql injection [CVE-2021-31777]medium6.5---
174190pfSense services_wol_edit.php cross site scriptinglow4.0---
174189Buffalo BHR-4RV Debug Option os command injection [CVE-2021-20716]medium6.5---
174188Buffalo BHR-4GRV Telnet Service access control [CVE-2021-3512]high10.0---
174187Buffalo BHR-4GRV Configuration information disclosure [CVE-2021-3511]low4.3---
174186PHPMailer Phar Deserialization addAttachment deserializationmedium4.9---
174185GAEN System Logs log file [CVE-2021-31815]low1.7---
174184OpenAPI Tools OpenAPI Generator File.createTempFile temp filelow1.7---
174183HomeAutomation cross-site request forgery [CVE-2020-21989]low3.3---
174182HomeAutomation cross site scripting [CVE-2020-21987]low4.0---
174181Kirby Panel create cross site scriptinglow4.0---
174180HomeAutomation HTTP Header improper authentication [CVE-2020-22001]medium7.5---
174179Nacos ConfigOpsController remove missing authenticationmedium5.0---
174178Nacos AuthFilter Servlet Filter authentication spoofing [CVE-2021-29441]medium7.5---
174177Apache Tapestry URL information disclosure [CVE-2021-30638]low2.3---
174176Apache OFBiz deserialization [CVE-2021-30128]medium4.9---
174175Apache OFBiz deserialization [CVE-2021-29200]medium7.5---
174174Bootstrap Package Website Frontend cross site scripting [CVE-2021-21365]low4.0---
174173Requests FilteredIterator deserialization [CVE-2021-29476]medium7.5---
174172HomeAutomation Custom Command Plugin customcommand.plugin.php exec os command injectionmedium5.2---
174171Backdoor.Win32.Agent.afq UberWWW improper authenticationmedium5.0---
174170Trojan-Dropper.Win32.Injector.aobl permissionmedium6.5---
174169Backdoor.Win32.Agent.afq UberWWW pathname traversalmedium7.5---
174168HomeAutomation GET Parameter api.php redirectmedium7.5---
174167Backdoor.Win32.Agent.afq UberWWW msvcrt.dll heap-based overflowmedium7.5---
174166Composer URL code injection [CVE-2021-29472]medium6.5---
174165Trojan-Dropper.Win32.Dycler.vrp permissionmedium6.5---
174164Lenovo PCManager uncontrolled search path [CVE-2021-3464]medium6.8---
174163Lenovo PCManager Configuration default permission [CVE-2021-3451]medium4.3---
174162Soyal 701Client client.exe permissionmedium5.2---
174161Symantec Security Analytics Web UI os command injection [CVE-2021-30642]medium7.5---
174160IBM Spectrum Scale access control [CVE-2020-4981]medium3.2---
174159IBM Spectrum Scale Web UI cross site scripting [CVE-2021-29666]low4.0---
174158IBM Content Navigator Web UI cross site scripting [CVE-2021-20550]low4.0---
174157IBM Content Navigator Web UI cross site scripting [CVE-2021-20549]low4.0---
174156IBM Content Navigator Web UI cross site scripting [CVE-2021-20448]low4.0---
174155IBM Spectrum Scale csv injection [CVE-2021-29667]medium3.5---
174154SOYAL 701Server Binary permission [CVE-2021-28271]medium5.2---
174153Delta Industrial Automation CNCSoft-B out-of-bounds write [CVE-2021-22664]medium5.2---
174152Delta Industrial Automation CNCSoft-B out-of-bounds read [CVE-2021-22660]low2.3---
174151Delta Electronics Industrial Automation COMMGR stack-based overflowmedium6.5---
174150Hot Pepper Gourmet App access control [CVE-2021-20715]medium6.5---
174149Unisys Data Exchange Management Studio HTML Document cross site scriptinglow4.0---
174148Unbound Compressed Name rdata_copy out-of-bounds writemedium5.2---
174147Infinite Unbound Compressed Name dname_pkt_copy assertionlow4.9---
174146Infinite Unbound Compressed Name dname_pkt_copy infinite looplow2.3---
174145Unbound respip.c integer overflowmedium4.9---
174144Unbound dnscrypt.c integer overflowmedium4.9---
174143Unbound Packet dname_pkt_copy denial of servicelow2.3---
174142Unbound synth_cname denial of servicelow2.3---
174141Unbound sldns_bget_token_par out-of-bounds writemedium5.2---
174140Unbound sldns_str2wire_dname_buf_origin out-of-bounds writemedium5.2---
174139Unbound ALIGN_UP Macro integer overflow [CVE-2019-25033]medium4.9---
174138Unbound regional_alloc integer overflowmedium4.9---
174137Unbound Configuration create_unbound_ad_servers.sh cleartext transmissionlow2.6---
174136WP Fastest Cache pathname traversal [CVE-2021-20714]low4.7---
174135Apache Superset External URL redirect [CVE-2021-28125]low5.2---
174134Apache Ozone improper authorization [CVE-2020-17517]medium5.8---
174133MintHCM File Upload cross site scripting [CVE-2021-25838]low4.0---
174132xorg-x11-server Xserver integer underflow [CVE-2021-3472]medium4.3---
174131Shibboleth Service Provider Session Recovery null pointer dereferencelow2.3---
174130Advantech WebAccess/SCADA Portal permission assignment [CVE-2021-22669]medium5.2---
174129Foreman FreeIPA Module cleartext transmission [CVE-2021-3494]low1.8---
174128OrangeHRM Forgot Password information disclosure [CVE-2021-28399]low2.9---
174127MintHCM weak password [CVE-2021-25839]low1.8---
174126guix-daemon shadow access controlmedium4.3---
174125pgsync Schema Sync missing encryption [CVE-2021-31671]low1.4---
174124Sonatype Nexus Repository Manager UI Folder pathname traversalmedium4.0---
174123Edimax Wireless Network Camera hard-coded credentials [CVE-2021-30165]medium7.5---
174122Open Design Alliance Drawings SDK out-of-bounds write [CVE-2021-31784]medium5.2---
174121Exiv2 Metadata out-of-bounds read [CVE-2021-29473]low1.7---
174120Jansson JSON Parser json_loads out-of-bounds readlow2.3---
174119postcss Package previous-map.js loadAnnotation incorrect regexmedium5.0---
174118OpenVPN Control Channel Data authentication bypass [CVE-2020-15078]low4.0---
174117HedgeDoc PDF Export server-side request forgery [CVE-2021-29475]medium7.5---
174116HedgeDoc findNote path traversalmedium5.0---
174115LocalFilesEditor Extension show_default.php file inclusionmedium4.9---
174114IBM Spectrum Protect Client stack-based overflow [CVE-2021-29672]medium6.5---
174113IBM Spectrum Protect buffer overflow [CVE-2021-20546]low1.7---
174112IBM Spectrum Protect Plus File Systems Agent log file [CVE-2021-20536]low4.0---
174111IBM Spectrum Protect permission [CVE-2021-20532]medium6.0---
174110IBM Spectrum Protect Plus inadequate encryption [CVE-2021-29694]low2.6---
174109Gestsup forgot_pwd.php password recoverymedium4.6---
174108Apple Xcode Git link following [CVE-2021-21300]medium7.5---
174107Apple Safari WebRTC use after free [CVE-2020-7463]medium6.5---
174106Apple Safari WebKit cross site scripting [CVE-2021-1825]low5.0---
174105Apple iTunes WebRTC use after free [CVE-2020-7463]high9.0---
174104Apple iTunes WebKit cross site scripting [CVE-2021-1825]low5.0---
174103Apple iTunes CoreText state issue [CVE-2021-1811]low5.0---
174102Apple iTunes CFNetwork initialization [CVE-2021-1857]low5.0---
174101Apple watchOS WebKit Storage use after free [CVE-2021-30661]medium7.5---
174100Apple watchOS WebKit initialization [CVE-2021-1820]low5.0---
174099Apple watchOS WebKit cross site scripting [CVE-2021-1826]low5.0---
174098Apple watchOS WebKit memory corruption [CVE-2021-1817]medium7.5---
174097Apple watchOS WebKit cross site scripting [CVE-2021-1825]low5.0---
174096Apple watchOS Tailspin state issue [CVE-2021-1868]low4.3---
174095Apple watchOS Safari access control [CVE-2021-1807]low4.3---
174094Apple watchOS Preferences path traversal [CVE-2021-1740]low4.3---
174093Apple watchOS Preferences path traversal [CVE-2021-1739]low4.3---
174092Apple watchOS Preferences path traversal [CVE-2021-1815]low4.3---
174091Apple watchOS MobileInstallation access control [CVE-2021-1822]low4.3---
174090Apple watchOS libxslt double free [CVE-2021-1875]medium7.5---
174089Apple watchOS libxpc race condition [CVE-2021-30652]medium6.8---
174088Apple watchOS Kernel out-of-bounds read [CVE-2021-30660]low1.7---
174087Apple watchOS Kernel permission [CVE-2021-1832]low4.3---
174086Apple watchOS Kernel state issue [CVE-2021-1851]medium6.8---
174085Apple watchOS Kernel buffer overflow [CVE-2021-1816]medium6.8---
174084Apple watchOS Kernel initialization [CVE-2021-1860]low1.7---
174083Apple watchOS iTunes Store use after free [CVE-2021-1864]medium7.5---
174082Apple watchOS ImageIO out-of-bounds write [CVE-2021-1858]medium7.5---
174081Apple watchOS ImageIO out-of-bounds read [CVE-2021-1885]medium7.5---
174080Apple watchOS ImageIO Remote Code Execution [CVE-2021-1843]medium7.5---
174079Apple watchOS ImageIO Remote Code Execution [CVE-2021-1814]medium7.5---
174078Apple watchOS ImageIO Remote Code Execution [CVE-2021-30653]medium7.5---
174077Apple watchOS ImageIO Remote Code Execution [CVE-2021-1880]medium7.5---
174076Apple watchOS Heimdal denial of service [CVE-2021-1884]low5.0---
174075Apple watchOS Heimdal heap-based overflow [CVE-2021-1883]medium7.5---
174074Apple watchOS Foundation behavioral workflow [CVE-2021-1813]medium6.8---
174073Apple watchOS Foundation memory corruption [CVE-2021-1882]low4.3---
174072Apple watchOS FontParser out-of-bounds read [CVE-2021-1881]medium7.5---
174071Apple watchOS FaceTime state issue [CVE-2021-1872]low5.1---
174070Apple watchOS CoreText state issue [CVE-2021-1811]low5.0---
174069Apple watchOS CoreFoundation behavioral workflow [CVE-2021-30659]low2.7---
174068Apple watchOS CoreAudio memory corruption [CVE-2021-1809]low1.7---
174067Apple watchOS CoreAudio out-of-bounds read [CVE-2021-1846]low5.0---
174066Apple watchOS CFNetwork initialization [CVE-2021-1857]low5.0---
174065Apple watchOS Audio memory corruption [CVE-2021-1808]low1.7---
174064Apple watchOS AppleMobileFileIntegrity signature verificationlow4.3---
174063Apple tvOS WebKit Storage use after free [CVE-2021-30661]medium7.5---
174062Apple tvOS WebKit initialization [CVE-2021-1820]low5.0---
174061Apple tvOS WebKit cross site scripting [CVE-2021-1826]low5.0---
174060Apple tvOS WebKit memory corruption [CVE-2021-1817]medium7.5---
174059Apple tvOS WebKit cross site scripting [CVE-2021-1825]low5.0---
174058Apple tvOS WebKit memory corruption [CVE-2021-1844]medium7.5---
174057Apple tvOS Tailspin state issue [CVE-2021-1868]low4.3---
174056Apple tvOS Preferences path traversal [CVE-2021-1740]low4.3---
174055Apple tvOS Preferences path traversal [CVE-2021-1739]low4.3---
174054Apple tvOS Preferences path traversal [CVE-2021-1815]low4.3---
174053Apple tvOS MobileInstallation Local Privilege Escalation [CVE-2021-1822]low4.3---
174052Apple tvOS libxslt double free [CVE-2021-1875]medium7.5---
174051Apple tvOS libxpc race condition [CVE-2021-30652]medium6.8---
174050Apple tvOS Kernel out-of-bounds read [CVE-2021-30660]low1.7---
174049Apple tvOS Kernel permission [CVE-2021-1832]low4.3---
174048Apple tvOS Kernel state issue [CVE-2021-1851]medium6.8---
174047Apple tvOS Kernel buffer overflow [CVE-2021-1816]medium6.8---
174046Apple tvOS Kernel initialization [CVE-2021-1860]low1.7---
174045Apple tvOS iTunes Store use after free [CVE-2021-1864]medium7.5---
174044Apple tvOS ImageIO out-of-bounds write [CVE-2021-1858]medium7.5---
174043Apple tvOS ImageIO Remote Code Execution [CVE-2021-1843]medium7.5---
174042Apple tvOS ImageIO Remote Code Execution [CVE-2021-30653]medium7.5---
174041Apple tvOS ImageIO out-of-bounds read [CVE-2021-1885]medium7.5---
174040Apple tvOS Heimdal denial of service [CVE-2021-1884]low4.0---
174039Apple tvOS Heimdal heap-based overflow [CVE-2021-1883]medium6.5---
174038Apple tvOS Foundation behavioral workflow [CVE-2021-1813]medium6.8---
174037Apple tvOS Foundation memory corruption [CVE-2021-1882]low4.3---
174036Apple tvOS FontParser out-of-bounds read [CVE-2021-1881]medium7.5---
174035Apple tvOS CoreText state issue [CVE-2021-1811]low5.0---
174034Apple tvOS CoreAudio memory corruption [CVE-2021-1809]low1.7---
174033Apple tvOS CoreAudio out-of-bounds read [CVE-2021-1846]medium7.5---
174032Apple tvOS CFNetwork initialization [CVE-2021-1857]low5.0---
174031Apple tvOS Audio memory corruption [CVE-2021-1808]low4.3---
174030Apple tvOS Assets access control [CVE-2021-1836]low4.3---
174029Apple tvOS AppleMobileFileIntegrity signature verification [CVE-2021-1849]low4.3---
174028Apple macOS Windows Server permission [CVE-2021-1873]low2.7---
174027Apple macOS Wi-Fi permission [CVE-2021-30655]medium6.8---
174026Apple macOS Wi-Fi type confusion [CVE-2021-1829]medium6.8---
174025Apple macOS Wi-Fi memory corruption [CVE-2021-1828]medium6.8---
174024Apple macOS WebRTC use after free [CVE-2020-7463]high10.0---
174023Apple macOS WebKit Storage use after free [CVE-2021-30661]medium7.5---
174022Apple macOS WebKit initialization [CVE-2021-1820]low5.0---
174021Apple macOS WebKit cross site scripting [CVE-2021-1826]low5.0---
174020Apple macOS WebKit memory corruption [CVE-2021-1817]medium7.5---
174019Apple macOS WebKit cross site scripting [CVE-2021-1825]low5.0---
174018Apple macOS Time Machine permission [CVE-2021-1839]low4.3---
174017Apple macOS tcpdump resource consumption [CVE-2020-8037]low5.0---
174016Apple macOS System Preferences state issue [CVE-2021-30657]low4.3---
174015Apple macOS smbx integer overflow [CVE-2021-1878]low2.6---
174014Apple macOS SampleAnalysis state issue [CVE-2021-1868]low4.3---
174013Apple macOS Safari state issue [CVE-2021-1855]low5.0---
174012Apple macOS Safari information disclosure [CVE-2021-1861]low5.0---
174011Apple macOS Preferences path traversal [CVE-2021-1740]low4.3---
174010Apple macOS Preferences path traversal [CVE-2021-1739]low4.3---
174009Apple macOS Preferences path traversal [CVE-2021-1815]low4.3---
174008Apple macOS NSRemoteView use after free [CVE-2021-1876]medium7.5---
174007Apple macOS Notes state issue [CVE-2021-1859]low1.7---
174006Apple macOS Login Window information disclosure [CVE-2021-1824]low1.0---
174005Apple macOS libxslt double free [CVE-2021-1875]medium7.5---
IDTitleVulDBCVSSSecuniaXForceNessus
174004Apple macOS libxpc race condition [CVE-2021-30652]medium6.8---
174003Apple macOS Kernel out-of-bounds read [CVE-2021-30660]low1.7---
174002Apple macOS Kernel permission [CVE-2021-1832]low4.3---
174001Apple macOS Kernel state issue [CVE-2021-1851]medium6.8---
174000Apple macOS Kernel memory corruption [CVE-2021-1840]low4.3---
173999Apple macOS Kernel initialization [CVE-2021-1860]low1.7---
173998Apple macOS Intel Graphics Driver out-of-bounds write [CVE-2021-1834]medium6.8---
173997Apple macOS Intel Graphics Driver out-of-bounds write [CVE-2021-1841]medium6.8---
173996Apple macOS Installer access control [CVE-2021-30658]low4.3---
173995Apple macOS ImageIO out-of-bounds write [CVE-2021-1858]medium7.5---
173994Apple macOS ImageIO out-of-bounds read [CVE-2021-1885]medium7.5---
173993Apple macOS ImageIO Remote Code Execution [CVE-2021-1843]medium7.5---
173992Apple macOS ImageIO Remote Code Execution [CVE-2021-1814]medium7.5---
173991Apple macOS ImageIO Remote Code Execution [CVE-2021-30653]medium7.5---
173990Apple macOS ImageIO Remote Code Execution [CVE-2021-1880]medium7.5---
173989Apple macOS Heimdal denial of service [CVE-2021-1884]low4.0---
173988Apple macOS Heimdal heap-based overflow [CVE-2021-1883]medium7.5---
173987Apple macOS Foundation behavioral workflow [CVE-2021-1813]medium6.8---
173986Apple macOS Foundation memory corruption [CVE-2021-1882]low4.3---
173985Apple macOS FontParser out-of-bounds read [CVE-2021-1881]medium7.5---
173984Apple macOS FaceTime state issue [CVE-2021-1872]medium6.4---
173983Apple macOS DiskArbitration permission [CVE-2021-1784]low4.3---
173982Apple macOS curl buffer overflow [CVE-2020-8285]low4.0---
173981Apple macOS curl certificate validation [CVE-2020-8286]low5.2---
173980Apple macOS CoreText information disclosure [CVE-2021-1811]low5.0---
173979Apple macOS CoreGraphics memory corruption [CVE-2021-1847]medium7.5---
173978Apple macOS CoreFoundation information disclosure [CVE-2021-30659]low2.7---
173977Apple macOS CoreAudio memory corruption [CVE-2021-1809]low5.0---
173976Apple macOS CoreAudio out-of-bounds read [CVE-2021-1846]low5.0---
173975Apple macOS CFNetwork initialization [CVE-2021-1857]low5.0---
173974Apple macOS Audio memory corruption [CVE-2021-1808]low1.7---
173973Apple macOS Archive Utility state issue [CVE-2021-1810]low4.3---
173972Apple macOS Apple Neural Engine out-of-bounds read [CVE-2021-1867]medium6.8---
173971Apple macOS AppleMobileFileIntegrity signature verification [CVE-2021-1849]low4.3---
173970Apple macOS APFS state issue [CVE-2021-1853]low4.3---
173969Apple iOS/iPadOS WebRTC use after free [CVE-2020-7463]high10.0---
173968Apple iOS/iPadOS WebKit Storage use after free [CVE-2021-30661]medium7.5---
173967Apple iOS/iPadOS WebKit initialization [CVE-2021-1820]low5.0---
173966Apple iOS/iPadOS WebKit cross site scripting [CVE-2021-1826]low5.0---
173965Apple iOS/iPadOS WebKit memory corruption [CVE-2021-1817]medium7.5---
173964Apple iOS/iPadOS WebKit cross site scripting [CVE-2021-1825]low5.0---
173963Apple iOS/iPadOS Wallet information disclosure [CVE-2021-1848]low1.7---
173962Apple iOS/iPadOS Telephony behavioral workflow [CVE-2021-1854]low5.1---
173961Apple iOS/iPadOS Tailspin state issue [CVE-2021-1868]low4.3---
173960Apple iOS/iPadOS Shortcuts permission [CVE-2021-1831]low4.3---
173959Apple iOS/iPadOS Safari access control [CVE-2021-1807]low4.3---
173958Apple iOS/iPadOS Preferences access control [CVE-2021-1740]low4.3---
173957Apple iOS/iPadOS Preferences access control [CVE-2021-1739]low4.3---
173956Apple iOS/iPadOS Preferences access control [CVE-2021-1815]low4.3---
173955Apple iOS/iPadOS Password Manager information disclosure [CVE-2021-1865]low1.7---
173954Apple iOS/iPadOS MobileInstallation access control [CVE-2021-1822]low4.3---
173953Apple iOS/iPadOS libxslt double free [CVE-2021-1875]medium7.5---
173952Apple iOS/iPadOS libxpc race condition [CVE-2021-30652]medium6.8---
173951Apple iOS/iPadOS Kernel out-of-bounds read [CVE-2021-30660]low1.7---
173950Apple iOS/iPadOS Kernel permission [CVE-2021-1832]low4.3---
173949Apple iOS/iPadOS Kernel buffer overflow [CVE-2021-1816]medium6.8---
173948Apple iOS/iPadOS Kernel initialization [CVE-2021-1860]low1.7---
173947Apple iOS/iPadOS Kernel state issue [CVE-2021-1851]medium6.8---
173946Apple iOS/iPadOS Kernel state issue [CVE-2021-1874]medium6.8---
173945Apple iOS/iPadOS Kernel out-of-bounds read [CVE-2021-1830]low1.7---
173944Apple iOS/iPadOS Kernel out-of-bounds read [CVE-2021-1852]low1.7---
173943Apple iOS/iPadOS Kernel out-of-bounds read [CVE-2021-1877]low1.7---
173942Apple iOS/iPadOS iTunes Store use after free [CVE-2021-1864]medium7.5---
173941Apple iOS/iPadOS ImageIO out-of-bounds write [CVE-2021-1858]medium7.5---
173940Apple iOS/iPadOS ImageIO Remote Code Execution [CVE-2021-1843]medium7.5---
173939Apple iOS/iPadOS ImageIO Remote Code Execution [CVE-2021-30653]medium7.5---
173938Apple iOS/iPadOS ImageIO out-of-bounds read [CVE-2021-1885]medium7.5---
173937Apple iOS/iPadOS Heimdal denial of service [CVE-2021-1884]low5.0---
173936Apple iOS/iPadOS Heimdal heap-based overflow [CVE-2021-1883]medium7.5---
173935Apple iOS/iPadOS GPU Drivers information disclosure [CVE-2021-30656]low1.7---
173934Apple iOS/iPadOS Foundation Local Privilege Escalation [CVE-2021-1813]medium6.8---
173933Apple iOS/iPadOS Foundation memory corruption [CVE-2021-1882]low4.3---
173932Apple iOS/iPadOS FontParser out-of-bounds read [CVE-2021-1881]medium7.5---
173931Apple iOS/iPadOS FaceTime state issue [CVE-2021-1872]low4.0---
173930Apple iOS/iPadOS CoreText memory corruption [CVE-2021-1811]low5.0---
173929Apple iOS/iPadOS CoreFoundation information disclosure [CVE-2021-30659]low2.7---
173928Apple iOS/iPadOS CoreAudio memory corruption [CVE-2021-1809]low1.7---
173927Apple iOS/iPadOS CoreAudio out-of-bounds read [CVE-2021-1846]low5.0---
173926Apple iOS/iPadOS CFNetwork initialization [CVE-2021-1857]low5.0---
173925Apple iOS/iPadOS Audio memory corruption [CVE-2021-1808]low1.7---
173924Apple iOS/iPadOS Assets access control [CVE-2021-1836]low4.3---
173923Apple iOS/iPadOS AppleMobileFileIntegrity access control [CVE-2021-1849]low4.3---
173922Apple iOS/iPadOS Apple Neural Engine out-of-bounds read [CVE-2021-1867]medium6.8---
173921Apple iOS/iPadOS App Store certificate validation [CVE-2021-1837]low5.1---
173920Apple iOS/iPadOS Accessibility access control [CVE-2021-1835]low2.1---
173919Google Chrome QR Scanner clickjacking [CVE-2021-21208]low5.0---
173918Google Chrome IndexedDB use after free [CVE-2021-21207]medium5.1---
173917Google Chrome Extension use after free [CVE-2021-21202]medium5.1---
173916IBM Planning Analytics unknown vulnerability [CVE-2020-4562]low5.0---
173915Google Chrome Network exposure of resource [CVE-2021-21210]medium7.5---
173914Google Chrome Mojo unknown vulnerability [CVE-2021-21221]medium5.0---
173913Google Chrome V8 heap-based overflow [CVE-2021-21220]medium7.5---
173912Google Chrome PDFium uninitialized pointer [CVE-2021-21219]low5.0---
173911Google Chrome PDFium uninitialized pointer [CVE-2021-21218]low5.0---
173910Google Chrome PDFium uninitialized pointer [CVE-2021-21217]low5.0---
173909Google Chrome Autofill authentication spoofing [CVE-2021-21216]medium7.5---
173908Google Chrome Autofill authentication spoofing [CVE-2021-21215]medium7.5---
173907Google Chrome Network API use after free [CVE-2021-21214]medium7.5---
173906Google Chrome WebMIDI use after free [CVE-2021-21213]medium7.5---
173905Google Chrome Network Config UI Remote Code Execution [CVE-2021-21212]medium7.5---
173904Baidu Navigation unknown vulnerability [CVE-2021-21211]medium5.0---
173903Google Chrome Storage unknown vulnerability [CVE-2021-21209]medium5.0---
173902Google Chrome Blink use after free [CVE-2021-21206]medium7.5---
173901Google Chrome Blink use after free [CVE-2021-21204]medium7.5---
173900Google Chrome Blink use after free [CVE-2021-21203]medium7.5---
173899Google Chrome Permissions use after free [CVE-2021-21201]medium7.5---
173898IBM Spectrum Protect Plus Domain Name unknown vulnerability [CVE-2021-20432]medium6.4---
173897Google Chrome Navigation Remote Code Execution [CVE-2021-21205]medium7.5---
173896Jamovi omv Document cross site scripting [CVE-2021-28079]low4.0---
173895Netgear R7000 HTTP Request backup.cgi heap-based overflowmedium8.3---
173894Hame SD1 Telnet Service access control [CVE-2021-26797]medium7.7---
173893tyk-identity-broker Go XML Parser improper authentication [CVE-2021-23365]medium5.1---
173892safe-flat Prototype code injection [CVE-2021-25927]medium6.5---
173891safe-obj Prototype code injection [CVE-2021-25928]medium6.5---
173890LeoCAD Document use after free [CVE-2021-31804]medium4.9---
173889cPanel EasyApache 4 Save Profile cross site scripting [CVE-2021-31803]low4.0---
173888Google Chrome Navigation use after free [CVE-2021-21226]medium7.5---
173887Google Chrome V8 out-of-bounds read [CVE-2021-21225]low5.0---
173886Google Chrome V8 type confusion [CVE-2021-21224]medium7.5---
173885Google Chrome Mojo integer overflow [CVE-2021-21223]medium7.5---
173884Google Chrome V8 heap-based overflow [CVE-2021-21222]medium7.5---
173883Gurunavi App access control [CVE-2021-20693]medium6.5---
173882NEC Aterm WG2600HS os command injection [CVE-2021-20711]medium5.2---
173881NEC Aterm WF1200CR/Aterm WG1200CR/Aterm WG2600HS URL improper validation of integrity check valuelow4.7---
173880NEC Aterm WF1200CR/Aterm WG1200CR/Aterm WG2600HS URL os command injectionmedium5.2---
173879NEC Aterm WG2600HS Scripting cross site scripting [CVE-2021-20710]low4.0---
173878D-Link DAP-1880AC improper authentication [CVE-2021-20697]medium7.5---
173877D-Link DAP-1880AC CGI Program os command injection [CVE-2021-20696]medium6.5---
173876D-Link DAP-1880AC Telnet Service access control [CVE-2021-20694]medium6.5---
173875NEC Aterm WG2600HS/Aterm WX3000HP IPv6 Firewall access controlmedium5.2---
173874D-Link DAP-1880AC certificate validation [CVE-2021-20695]medium9.0---
173873NEC Aterm WG1900HP2 cross site scripting [CVE-2021-20680]low4.0---
173872Webmin User cross-site request forgery [CVE-2021-31762]low4.0---
173871Webmin Process cross site scripting [CVE-2021-31761]low4.0---
173870Webmin Process cross-site request forgery [CVE-2021-31760]low4.0---
173869npupnp UPnP SOAP/GENA dns rebinding [CVE-2021-31718]medium6.0---
173868Akuvox C315 cfgd_server Service command injection [CVE-2021-31726]medium6.5---
173867QNAP QTS/QuTS Hero/QuTScloud HBS 3 Hybrid Backup Sync improper authorizationmedium6.5---
173866Directum HTTP Header cross site scripting [CVE-2021-31794]low4.0---
173865react-draft-wysiwyg Javascript URI index.js cross site scriptinglow4.0---
173864vscode-ghc-simple Workspace Configuration injection [CVE-2021-30502]low5.1---
173863pvrsrvkm.ko PowerVR GPU Kernel Driver PhysmemNewRamBackedPMR heap-based overflowmedium5.2---
173862ezXML XML File Parser libezxml.a ezxml_decode heap-based overflowmedium5.2---
173861Vaadin Authentication.logout session expirationmedium3.5---
173860Sipwise C5 NGCP CSC save cross site scriptinglow4.0---
173859Sipwise C5 NGCP CSC cross-site request forgery [CVE-2021-31584]low3.3---
173858Wowza Straming Engine permission [CVE-2021-31540]medium4.3---
173857Wowza Streaming Engine Password File admin.password cleartext storagelow1.7---
173856Vaadin UIDL Request timing discrepancy [CVE-2021-31404]low1.0---
173855Vaadin com.vaadin:flow-server timing discrepancy [CVE-2021-31406]low1.0---
173854Vaadin UIDL Request timing discrepancy [CVE-2021-31403]low1.0---
173853Automox Agent log file [CVE-2021-26908]low1.7---
173852Cscape access control [CVE-2021-22682]medium5.2---
173851dotCMS Task Detail workflow& cross site scriptinglow4.0---
173850Node-redis Monitor Message resource consumption [CVE-2021-29469]low2.1---
173849Sonatype Nexus Repository Manager access control [CVE-2021-29158]medium5.2---
173848Cscape memory corruption [CVE-2021-22678]medium5.2---
173847purl Prototype Object.prototype code injectionmedium5.2---
173846mootools-more Prototype Object.prototype code injectionmedium5.2---
173845jquery-deparam Prototype Object.prototype code injectionmedium5.2---
173844jquery-bbq Prototype Object.prototype code injectionmedium5.2---
173843backbone-query-parameters Prototype Object.prototype code injectionmedium5.2---
173842jquery-sparkle Prototype Object.prototype code injectionmedium5.2---
173841jquery-plugin-query-object Prototype code injection [CVE-2021-20083]medium5.2---
173840Vaadin com.vaadin:flow-server RestController information disclosurelow2.1---
173839Vaadin UIDL Request unusual condition [CVE-2018-25007]low2.1---
173838Vaadin Grid cross site scripting [CVE-2019-25028]low2.6---
173837Vaadin com.vaadin:flow-server RouteNotFoundError cross site scriptinglow5.0---
173836Avaya Callback Assist xml external entity reference [CVE-2020-7036]medium6.5---
173835Avaya Aura Orchestration Designer Web-based User Interface xml external entity referencemedium6.5---
173834Hardware Sentry KM Timeout missing encryption [CVE-2021-31791]low2.3---
173833Vaadin com.vaadin:flow-server information disclosure [CVE-2021-31407]low5.0---
173832Exiv2 Metadata out-of-bounds read [CVE-2021-29470]low1.7---
173831Automox Agent S3 Bucket Endpoint access control [CVE-2021-26909]low2.6---
173830ExifTool djvu File neutralization [CVE-2021-22204]medium7.5---
173829Avaya Session Border Controller for Enterprise Message os command injectionmedium8.3---
173828Vaadin com.vaadin:flow-server path traversal [CVE-2020-36321]medium4.0---
173827Vaadin Designer Frontend Configuration information disclosurelow5.0---
173826Vaadin com.vaadin:vaadin-text-field-flow resource consumptionlow5.0---
173825GitLab Community Edition/Enterprise Edition Image File Remote Privilege Escalationmedium6.5---
173824Vaadin EmailValidator resource consumptionlow3.5---
173823Wireshark MS-WSP Dissector memory allocation [CVE-2021-22207]low2.6---
173822Rapid7 Metasploit Framework drb_remote_codeexec Exploit deserializationmedium5.1---
173821MISP Event Edit MispObject.php information disclosurelow2.3---
173820Void Aural Rec Monitor svc-login.php sql injectionmedium7.5---
173819Void Aural Rec Monitor svc-login.php source codelow4.0---
173818Samsung Secure Folder Debugging Command improper authorizationmedium6.5---
173817Apache Maven Project Object Model unknown vulnerability [CVE-2021-26291]low4.0---
173816SaltStack Salt Snapper Module access control [CVE-2021-31607]medium4.3---
173815Trend Micro Antivirus Local Privilege access control [CVE-2021-28648]medium6.8---
173814SolarWinds Orion Virtual Infrastructure Monitor OneTimeJobSchedulerEventsService WCF Service deserializationmedium6.8---
173813AquaNPlayer Download Page information disclosure [CVE-2020-7858]low4.0---
173812Siemens LOGO! Soft Comfort DLL uncontrolled search path [CVE-2020-25244]medium4.3---
173811xmlhttprequest-ssl certificate validation [CVE-2021-31597]medium5.8---
173810jhead exif.c Get16u heap-based overflowmedium5.2---
173809Check Point Identity Agent link following [CVE-2021-30356]medium4.1---
173808Jersey File.createTempFile temp filelow1.7---
173807Siemens Opcenter Quality/QMS Automotive Sign Key hard-coded keylow2.7---
173806Siemens Solid Edge SE2020/Solid Edge SE2021 PAR File Parser stack-based overflowmedium7.5---
173805Parallels Desktop Toolgate path traversal [CVE-2021-27278]medium6.5---
173804Siemens Solid Edge SE2020/Solid Edge SE2021 PAR File Parser out-of-bounds writemedium7.5---
173803Siemens Tecnomatix RobotExpert CELL File out-of-bounds writemedium7.5---
173802GitLab Scoped Label cross site scripting [CVE-2021-22199]low4.0---
173801Siemens LOGO! Soft Comfort Project File path traversal [CVE-2020-25243]medium7.5---
173800Advanced Custom Fields Pro Plugin Update Settings Page cross site scriptinglow4.0---
173799Pie Register User Registration Forms cross site scripting [CVE-2021-24239]low4.0---
173798Realteo Plugin Properties Page cross site scripting [CVE-2021-24237]low5.0---
173797Cooked Pro Plugin cross site scripting [CVE-2021-24233]low5.0---
173796Advanced Booking Calendar Plugin Settings Page cross site scriptinglow4.0---
173795FreeRTOS Kernel stream_buffer.c integer overflowmedium4.9---
173794FreeRTOS Queue queue.c integer overflowmedium4.9---
173793Siemens Nucleus NET DNS Module random values [CVE-2021-27393]low4.6---
173792Siemens Siveillance Video Open Network Bridge ONVIF hard-coded keylow4.0---
173791Siemens SIMOTICS CONNECT 400 DNS Module random values [CVE-2021-25677]low4.6---
173790Siemens SCALANCE XF208 POST Request heap-based overflow [CVE-2021-25668]medium6.5---
173789Siemens Nucleus IPv6 Packet infinite loop [CVE-2021-25664]low3.5---
173788Siemens Nucleus IPv6 Header infinite loop [CVE-2021-25663]low4.0---
173787Realteo Plugin access control [CVE-2021-24238]medium4.1---
173786Goto Theme Tour List Page cross site scripting [CVE-2021-24235]low5.0---
173785Ivory Search Plugin Search Forms Page cross site scripting [CVE-2021-24234]low4.0---
173784Mitsubishi Electric GOT2000/GOT Simple VNC Server improper authenticationmedium7.5---
173783Juniper Paragon Active Assurance Control Center access controlmedium5.1---
173782AnySupport File Copy KoinoFTServerDLL.dll path traversalmedium5.2---
173781Siemens Nucleus NET/Nucleus RTOS/VSTAR DNS Module out-of-bounds writemedium6.5---
173780Siemens Nucleus NET/Nucleus RTOS/VSTAR DNS Module out-of-bounds readmedium6.0---
173779Siemens Nucleus NET/Nucleus RTOS/VSTAR DNS Module null terminationlow3.5---
173778Siemens Nucleus NET/Nucleus RTOS/VSTAR DNS Module buffer overflowmedium4.6---
173777Siemens Solid Edge SE2020/Solid Edge SE2021 null pointer dereferencelow3.5---
173776Siemens Nucleus NET/Nucleus RTOS/VSTAR DNS Module out-of-bounds writemedium4.6---
173775Siemens SCALANCE XF208 Web Server stack-based overflow [CVE-2021-25669]medium6.5---
173774Juniper Junos OS Evolved Firewall Filter denial of service [CVE-2021-0264]low2.6---
173773Juniper Junos OS JDMD command injection [CVE-2021-0253]medium6.8---
173772Juniper Junos OS hard-coded credentials [CVE-2021-0245]medium6.8---
173771Juniper Junos OS JDHCPD denial of service [CVE-2021-0241]low3.3---
173770Juniper Junos OS JDHCPD denial of service [CVE-2021-0240]low3.3---
173769Juniper Junos OS J-Web cross site scripting [CVE-2021-0275]low5.0---
173768Juniper Junos OS Evolved infinite loop [CVE-2021-0273]low5.0---
173767Juniper Junos OS sfid double free [CVE-2021-0271]low3.3---
173766Juniper Junos OS J-Web input validation [CVE-2021-0269]medium7.5---
173765Juniper Junos OS HTTP Header response splitting [CVE-2021-0268]medium7.5---
173764Juniper Junos OS Evolved DHCP Relay Agent denial of service [CVE-2021-0267]low3.3---
173763Juniper Junos OS hard-coded key [CVE-2021-0266]low5.0---
173762Juniper Junos OS PFE Packet use after free [CVE-2021-0262]low3.3---
173761Juniper Junos OS Web Service allocation of resources [CVE-2021-0261]low5.0---
173760Juniper Junos OS Evolved VXLAN Configuration exceptional conditionlow3.3---
173759Juniper Junos OS cpcd null pointer dereference [CVE-2021-0251]low5.0---
173758Juniper Junos OS Evolved BGP UPDATE Message denial of servicelow5.0---
173757Juniper Junos OS Packet Forwarding Engine buffer overflow [CVE-2021-0249]medium7.6---
173756Juniper Junos OS hard-coded credentials [CVE-2021-0248]high10.0---
173755Juniper Junos OS Network Traffic SPC3 default permissionmedium4.0---
173754Juniper Junos OS BNG resource consumption [CVE-2021-0238]low1.7---
173753Juniper Junos OS Packet Forwarding Engine denial of service [CVE-2021-0237]low3.3---
173752Juniper Junos OS Evolved Routing Protocol denial of service [CVE-2021-0236]low4.0---
173751Juniper Junos OS Network Traffic default permission [CVE-2021-0235]medium4.0---
173750Juniper Junos OS Forwarding Engine Board resource consumptionlow5.0---
173749Juniper Junos OS J-web path traversal [CVE-2021-0231]medium4.0---
173748Juniper Junos OS VXLAN Configuration unusual condition [CVE-2021-0228]low3.3---
173747Juniper Junos OS Evolved IPv6 Packet denial of service [CVE-2021-0226]low3.3---
173746Juniper Junos OS Evolved Stateless Firewall unusual conditionmedium5.0---
173745Juniper Junos OS PPMD denial of service [CVE-2021-0214]low3.3---
173744Tutor LMS eLearning and Online Course Solution Plugin Tools file inclusionmedium4.1---
173743Business Hours Pro Plugin Manual Update unrestricted upload [CVE-2021-24240]medium6.8---
173742Juniper AppFormix REST API Remote Code Execution [CVE-2021-0265]medium7.6---
173741Juniper Junos OS snmpd improper authorization [CVE-2021-0260]medium7.5---
173740Juniper Junos OS unnecessary privileges [CVE-2021-0255]medium6.8---
173739Juniper Junos OS Device Management Daemon command injection [CVE-2021-0252]medium6.8---
173738Juniper Junos OS Evo-aftmand denial of service [CVE-2021-0239]low3.3---
173737Juniper Junos OS Packet Forwarding Engine initialization [CVE-2021-0234]low5.0---
173736Juniper Junos OS Flexible PIC Concentrator memory leak [CVE-2021-0272]low3.3---
173735Juniper Junos OS TCPv6 Packet denial of service [CVE-2021-0258]low5.4---
173734Juniper Junos OS IRB Interface memory leak [CVE-2021-0257]low3.3---
173733Juniper Junos OS Mosquitto unnecessary privileges [CVE-2021-0256]low1.7---
173732Juniper Junos OS dfwd race condition [CVE-2021-0247]low4.3---
173731Juniper Junos OS L2ALD denial of service [CVE-2021-0244]low5.0---
173730Juniper Junos OS Policer Limit resource consumption [CVE-2021-0243]low3.3---
173729Juniper Junos OS Unicast Frame memory corruption [CVE-2021-0242]medium3.3---
173728Juniper Junos OS MQTT Server resource consumption [CVE-2021-0229]low5.0---
173727Juniper Junos OS BFD Session denial of service [CVE-2021-0216]low3.3---
173726FeiFeiCMS HTTP Request DataAction.class.php path traversalmedium5.5---
173725FeiFeiCMS HTTP Request path traversal [CVE-2020-17563]medium5.5---
173724Juniper Junos OS inline-jflow use after free [CVE-2021-0270]medium7.8---
173723Juniper Junos OS Multi-Service Process rts_peer_cp_recv_timeout denial of servicelow2.6---
173722Juniper Junos OS Link Aggregation resource consumption [CVE-2021-0230]medium7.8---
173721Juniper Junos OS HTTP Packet memory corruption [CVE-2021-0227]medium7.8---
173720Linux Kernel SCTP Socket socket.c sctp_destroy_sock race conditionmedium9.0---
173719Juniper Junos OS Access Node Control Protocol Daemon allocation of resourceslow3.3---
173718Juniper Junos OS overlayd buffer overflow [CVE-2021-0254]medium7.5---
173717Oracle VM VirtualBox Core denial of service [CVE-2021-2312]medium4.3---
173716Oracle VM VirtualBox Core information disclosure [CVE-2021-2291]medium3.8---
173715Oracle VM VirtualBox Core information disclosure [CVE-2021-2297]medium3.7---
173714Oracle VM VirtualBox Core information disclosure [CVE-2021-2296]medium3.7---
173713Oracle VM VirtualBox Core information disclosure [CVE-2021-2266]medium4.3---
173712Oracle VM VirtualBox Core information disclosure [CVE-2021-2306]medium4.3---
173711Oracle VM VirtualBox Core information disclosure [CVE-2021-2287]medium4.9---
173710Oracle VM VirtualBox Core unknown vulnerability [CVE-2021-2286]medium4.9---
173709Oracle VM VirtualBox Core information disclosure [CVE-2021-2285]medium4.9---
173708Oracle VM VirtualBox Core unknown vulnerability [CVE-2021-2284]medium4.9---
173707Oracle VM VirtualBox Core information disclosure [CVE-2021-2283]medium4.9---
173706Oracle VM VirtualBox Core information disclosure [CVE-2021-2282]medium4.9---
173705Oracle VM VirtualBox Core unknown vulnerability [CVE-2021-2281]medium4.9---
173704Oracle VM VirtualBox Core information disclosure [CVE-2021-2280]medium4.9---
173703Oracle Secure Global Desktop OpenSSL certificate validation [CVE-2021-3450]medium7.1---
173702Oracle VM VirtualBox Core Local Privilege Escalation [CVE-2021-2310]medium5.9---
173701Oracle VM VirtualBox Core Local Privilege Escalation [CVE-2021-2145]medium5.9---
173700Oracle VM VirtualBox Core Local Privilege Escalation [CVE-2021-2309]medium5.9---
173699Oracle VM VirtualBox Core Remote Code Execution [CVE-2021-2279]medium7.6---
173698Oracle VM VirtualBox Core Local Privilege Escalation [CVE-2021-2250]medium6.5---
173697Oracle VM VirtualBox Core unknown vulnerability [CVE-2021-2264]medium6.2---
173696Oracle Secure Global Desktop Client Remote Code Execution [CVE-2021-2221]high10.0---
173695Oracle Secure Global Desktop Server Remote Code Execution [CVE-2021-2248]high10.0---
173694Oracle Secure Global Desktop Gateway Remote Code Execution [CVE-2021-2177]high10.0---
173693Oracle Utilities Framework General deserialization [CVE-2019-10086]medium7.5---
173692Oracle Utilities Framework General xml external entity referencemedium7.8---
173691Oracle Utilities Framework General unknown vulnerability [CVE-2020-11979]medium7.8---
173690Oracle Utilities Framework Securty Remote Code Execution [CVE-2020-28052]high10.0---
173689Oracle Utilities Framework General cross site scripting [CVE-2019-17495]high10.0---
173688Oracle ZFS Storage Appliance Kit Installation unknown vulnerabilitylow0.8---
173687Oracle ZFS Storage Appliance Kit Core unknown vulnerability [CVE-2021-2149]low1.0---
173686Oracle Solaris Kernel unknown vulnerability [CVE-2021-2192]medium5.2---
173685Oracle Solaris Common Desktop Environment Local Privilege Escalationmedium6.8---
173684Oracle ZFS Storage Appliance Kit Operating System Image privileges managementhigh10.0---
173683Oracle OSS Support Tools Diagnostic Assistant information disclosuremedium6.1---
173682Oracle Agile PLM Security deserialization [CVE-2019-10086]medium7.5---
173681Oracle Agile Product Lifecycle Management Integration Pack for SAP: Design to Release Core deserializationmedium7.5---
173680Oracle Agile Product Lifecycle Management Integration Pack for E-Business Suite Installer deserializationmedium7.5---
173679Oracle Advanced Supply Chain Planning Core unknown vulnerabilityhigh9.4---
173678Oracle Rapid Planning User interface Remote Code Execution [CVE-2019-2904]high10.0---
173677Oracle Storage Cloud Software Appliance Management Console information disclosurelow3.3---
173676Oracle Cloud Infrastructure Storage Gateway Management Console Remote Privilege Escalationhigh8.3---
173675Oracle Cloud Infrastructure Storage Gateway Management Console Remote Privilege Escalationhigh8.3---
173674Oracle Cloud Infrastructure Storage Gateway Management Console Remote Privilege Escalationhigh8.3---
173673Oracle Storage Cloud Software Appliance Management Console Remote Code Executionhigh10.0---
173672Oracle Cloud Infrastructure Storage Gateway Management Console Remote Code Executionhigh10.0---
173671Oracle Siebel UI Framework EAI information disclosure [CVE-2020-9488]low2.6---
173670Oracle Siebel UI Framework UIF Open UI cross site scripting [CVE-2019-11358]medium6.4---
173669Oracle Siebel UI Framework UIF Open UI cross site scripting [CVE-2016-7103]medium6.4---
173668Oracle Siebel Apps Customizable Prod/Configurator cross site scriptingmedium6.4---
173667Oracle Siebel UI Framework EAI information disclosure [CVE-2019-10080]medium6.8---
173666Oracle Siebel UI Framework SWSE Server server-side request forgerymedium6.8---
173665Oracle Siebel Engineering Siebel Approval Manager code downloadmedium7.6---
173664Oracle Siebel UI Framework EAI deserialization [CVE-2020-14195]medium7.6---
173663Oracle Retail Xstore Point of Service Xenvironment information disclosurelow2.6---
173662Oracle Retail Insights Cloud Service Suite OBIEE - Metadata information disclosurelow2.6---
173661Oracle Retail EFTLink Unified Payments information disclosurelow2.6---
173660Oracle Retail EFTLink Unified Payments unknown vulnerabilitymedium4.0---
173659Oracle Retail Store Inventory Management SIM Integration information disclosuremedium4.6---
173658Oracle Retail Merchandising System Foundation information disclosuremedium4.6---
173657Oracle Retail Predictive Application Server RPAS Server information disclosuremedium7.8---
173656Oracle Retail Returns Management Main Dashboard deserializationmedium7.5---
173655Oracle Retail Predictive Application Server RPAS Fusion Client deserializationmedium7.5---
173654Oracle Retail Point-of-Service Pricing deserialization [CVE-2019-10086]medium7.5---
173653Oracle Retail Central Office Commerce Anywhere deserializationmedium7.5---
173652Oracle Retail Back Office Pricing deserialization [CVE-2019-10086]medium7.5---
173651Oracle Retail Advanced Inventory Planning Operations / Maintenance deserializationmedium7.5---
173650Oracle Retail Xstore Point of Service Xenvironment unknown vulnerabilitymedium7.8---
173649Oracle Retail Size Profile Optimization Solver unknown vulnerabilitymedium7.8---
173648Oracle Retail Sales Audit Sales Audit Maintenance denial of servicemedium7.8---
173647Oracle Retail Returns Management Main Dashboard server-side request forgerymedium7.8---
173646Oracle Retail Replenishment Optimization AAI Framework unknown vulnerabilitymedium7.8---
173645Oracle Retail Regular Price Optimization Operations / Maintenance unknown vulnerabilitymedium7.8---
173644Oracle Retail Predictive Application Server RPAS Fusion Client unknown vulnerabilitymedium7.8---
173643Oracle Retail Point-of-Service Mobile POS server-side request forgerymedium7.8---
173642Oracle Retail Merchandising System Financials unknown vulnerabilitymedium7.8---
173641Oracle Retail Merchandise Financial Planning Merchandising Insights unknown vulnerabilitymedium7.8---
173640Oracle Retail Macro Space Optimization ODI Integration unknown vulnerabilitymedium7.8---
173639Oracle Retail Item Planning AAI Framework unknown vulnerabilitymedium7.8---
173638Oracle Retail EFTLink Unified Payments unknown vulnerabilitymedium7.8---
173637Oracle Retail Central Office Pricing server-side request forgerymedium7.8---
173636Oracle Retail Category Management Planning & Optimization ODI Integration unknown vulnerabilitymedium7.8---
173635Oracle Retail Back Office Pricing server-side request forgerymedium7.8---
173634Oracle Retail Assortment Planning Custom Workbooks unknown vulnerabilitymedium7.8---
173633Oracle Retail Advanced Inventory Planning Operations / Maintenance unknown vulnerabilitymedium7.8---
173632Oracle Retail Xstore Point of Service Xenvironment Remote Privilege Escalationmedium9.0---
173631Oracle Retail Predictive Application Server RPAS Fusion Client Remote Privilege Escalationmedium9.0---
173630Oracle Retail Xstore Point of Service Xstore Office xml external entity referencehigh10.0---
173629Oracle Retail Xstore Point of Service Xenvironment xml external entity referencehigh10.0---
173628Oracle PeopleSoft Enterprise CS Campus Community Frameworks information disclosurelow4.0---
173627Oracle PeopleSoft Enterprise SCM eProcurement Manage Requisition Status unknown vulnerabilitymedium5.5---
173626Oracle PeopleSoft Enterprise PeopleTools Security denial of servicemedium5.4---
173625Oracle PeopleSoft Enterprise SCM Purchasing cross site scriptingmedium6.4---
173624Oracle PeopleSoft Enterprise SCM eProcurement Manage Requisition Status cross site scriptingmedium6.4---
173623Oracle PeopleSoft Enterprise PT PeopleTools Weblogic cross site scriptingmedium6.4---
173622Oracle PeopleSoft Enterprise PeopleTools Rich Text Editor cross site scriptingmedium6.4---
173621Oracle PeopleSoft Enterprise PeopleTools Multichannel Framework unknown vulnerabilitymedium6.4---
173620Oracle PeopleSoft Enterprise FIN Expenses cross site scriptingmedium6.4---
173619Oracle PeopleSoft Enterprise FIN Common Application Objects Common Objects cross site scriptingmedium6.4---
173618Oracle PeopleSoft Enterprise PeopleTools Security Remote Privilege Escalationmedium8.0---
173617Oracle PeopleSoft Enterprise PeopleTools XML Messaging xml external entity referencemedium6.6---
173616Oracle PeopleSoft Enterprise PT PeopleTools Weblogic deserializationmedium7.5---
173615Oracle PeopleSoft Enterprise PeopleTools SQR Remote Privilege Escalationmedium6.5---
173614Oracle PeopleSoft Enterprise PT PeopleTools Application Server denial of servicemedium7.8---
173613Oracle PeopleSoft Enterprise PeopleTools File Processing certificate validationmedium7.8---
173612Oracle PeopleSoft Enterprise PeopleTools XML Messaging Remote Code Executionmedium7.6---
173611Oracle PeopleSoft Enterprise PT PeopleTools Health Center Remote Code Executionmedium7.5---
173610Oracle MySQL Server Group Replication Plugin denial of servicelow0.8---
173609Oracle MySQL Server Information Schema information disclosurelow3.3---
173608Oracle MySQL Server Information Schema information disclosurelow3.3---
173607Oracle MySQL Server Audit Plug-in unknown vulnerability [CVE-2021-2162]medium4.0---
173606Oracle MySQL Server Replication denial of service [CVE-2021-2171]medium4.6---
173605Oracle MySQL Server InnoDB denial of service [CVE-2021-2174]medium4.6---
173604Oracle MySQL Server Stored Procedure denial of service [CVE-2021-2293]medium6.1---
173603Oracle MySQL Server Stored Procedure denial of service [CVE-2021-2217]medium6.1---
173602Oracle MySQL Server Stored Procedure denial of service [CVE-2021-2215]medium6.1---
173601Oracle MySQL Server Partition denial of service [CVE-2021-2208]medium6.1---
173600Oracle MySQL Server Partition denial of service [CVE-2021-2201]medium6.1---
173599Oracle MySQL Server Options denial of service [CVE-2021-2146]medium6.1---
173598Oracle MySQL Server Optimizer denial of service [CVE-2021-2230]medium6.1---
173597Oracle MySQL Server Optimizer denial of service [CVE-2021-2299]medium6.1---
173596Oracle MySQL Server Optimizer denial of service [CVE-2021-2278]medium6.1---
173595Oracle MySQL Server Optimizer denial of service [CVE-2021-2213]medium6.1---
173594Oracle MySQL Server Optimizer denial of service [CVE-2021-2212]medium6.1---
173593Oracle MySQL Server Optimizer denial of service [CVE-2021-2203]medium6.1---
173592Oracle MySQL Server Optimizer denial of service [CVE-2021-2193]medium6.1---
173591Oracle MySQL Server Optimizer denial of service [CVE-2021-2170]medium6.1---
173590Oracle MySQL Server Optimizer denial of service [CVE-2021-2169]medium6.1---
173589Oracle MySQL Server Optimizer denial of service [CVE-2021-2164]medium6.1---
173588Oracle MySQL Server Optimizer denial of service [CVE-2021-2160]medium6.1---
173587Oracle MySQL Server Information Schema information disclosuremedium6.1---
173586Oracle MySQL Server Group Replication Plugin denial of servicemedium6.1---
173585Oracle MySQL Server DML denial of service [CVE-2021-2305]medium6.1---
173584Oracle MySQL Server DML denial of service [CVE-2021-2300]medium6.1---
173583Oracle MySQL Server DML denial of service [CVE-2021-2196]medium6.1---
173582Oracle MySQL Server DML denial of service [CVE-2021-2166]medium6.1---
173581Oracle MySQL Server DML denial of service [CVE-2021-2154]medium6.1---
173580Oracle MySQL Server InnoDB denial of service [CVE-2021-2194]medium6.1---
173579Oracle MySQL Server InnoDB denial of service [CVE-2021-2180]medium6.1---
173578Oracle MySQL Workbench denial of service [CVE-2019-7317]medium5.4---
173577Oracle MySQL Server Stored Procedure unknown vulnerability [CVE-2021-2304]medium6.8---
173576Oracle MySQL Server Packaging unknown vulnerability [CVE-2021-2307]medium5.6---
173575Oracle MySQL Server Replication denial of service [CVE-2021-2202]medium6.8---
173574Oracle MySQL Server Replication denial of service [CVE-2021-2178]medium6.8---
173573Oracle MySQL Server Optimizer denial of service [CVE-2021-2298]medium6.8---
173572Oracle MySQL Server DML denial of service [CVE-2021-2172]medium6.8---
173571Oracle MySQL Server Parser Remote Privilege Escalation [CVE-2021-2144]medium8.3---
173570Oracle MySQL Workbench certificate validation [CVE-2021-3450]medium7.1---
173569Oracle MySQL Server Encryption denial of service [CVE-2021-23841]medium7.8---
173568Oracle MySQL Server Encryption denial of service [CVE-2020-28196]medium7.8---
173567Oracle MySQL Server Packaging denial of service [CVE-2021-3449]medium7.8---
173566Oracle MySQL Server Compiling denial of service [CVE-2020-1971]medium7.8---
173565Oracle MySQL Enterprise Monitor General denial of service [CVE-2021-23841]medium7.8---
173564Oracle MySQL Enterprise Monitor General information disclosuremedium7.8---
173563Oracle MySQL Cluster JS module denial of service [CVE-2020-8277]medium7.8---
173562Oracle MySQL Enterprise Monitor General code injection [CVE-2020-17530]high10.0---
173561Oracle JD Edwards World Security World Software Security information disclosurelow2.6---
173560Oracle JD Edwards EnterpriseOne Tools Enterprise Infrastructure SEC path traversalmedium5.4---
173559Oracle JD Edwards EnterpriseOne Tools Web Runtime cross site scriptingmedium6.4---
173558Oracle JD Edwards EnterpriseOne Tools Web Runtime cross site scriptingmedium6.4---
173557Oracle JD Edwards EnterpriseOne Tools Portal SEC deserializationmedium7.5---
173556Oracle JD Edwards EnterpriseOne Orchestrator E1 IOT Orchestrator Security deserializationmedium7.5---
173555Oracle JD Edwards World Security World Software Security denial of servicemedium7.8---
173554Oracle JD Edwards EnterpriseOne Tools OneWorld Tools Security denial of servicemedium7.8---
173553Oracle JD Edwards EnterpriseOne Tools Web Runtime server-side request forgerymedium7.8---
173552Oracle JD Edwards EnterpriseOne Tools E1 Dev Platform Tech - Cloud Remote Code Executionhigh10.0---
173551Oracle Java SE Libraries unknown vulnerability [CVE-2021-2163]medium5.4---
173550Oracle Java SE Libraries unknown vulnerability [CVE-2021-2161]medium5.4---
173549Oracle GraalVM Enterprise Edition Node.js certificate validationmedium7.1---
173548Oracle GraalVM Enterprise Edition Node denial of service [CVE-2021-23841]medium7.8---
173547Oracle Insurance Data Gateway Apache Commons BeanUtils deserializationmedium7.5---
173546Oracle iLearning Apache Groovy information disclosure [CVE-2020-17521]medium4.6---
173545Oracle Hyperion Financial Management Task Automation Remote Privilege Escalationlow4.3---
173544Oracle Hyperion Analytic Provider Services JAPI Remote Code Executionhigh10.0---
173543Oracle Hospitality OPERA 5 Reporting information disclosure [CVE-2020-17521]medium4.6---
173542Oracle Hospitality OPERA 5 Integrations deserialization [CVE-2019-10086]medium7.5---
173541Oracle Hospitality OPERA 5 Integration server-side request forgerymedium7.8---
173540Oracle Hospitality Cruise Shipboard Property Management System Next-Gen SPMS Remote Privilege Escalationmedium9.0---
173539Oracle Hospitality OPERA 5 Login code injection [CVE-2020-17530]high10.0---
173538Oracle Hospitality OPERA 5 Logging xml external entity referencehigh10.0---
173537Oracle Healthcare Foundation Self Service Analytics deserializationmedium7.5---
173536Oracle Health Sciences Empirica Signal Topics/REST Services xml external entity referencemedium7.8---
173535Oracle Health Sciences Information Manager Health Record Locator information disclosurehigh9.4---
173534Oracle Business Intelligence Enterprise Edition Analytics Web General unknown vulnerabilitylow3.2---
173533Oracle WebLogic Server Console information disclosure [CVE-2021-2214]medium4.6---
173532Oracle WebLogic Server Core information disclosure [CVE-2021-2204]medium5.0---
173531Oracle HTTP Server Web Listener unknown vulnerability [CVE-2021-2315]medium6.4---
173530Oracle Business Intelligence Enterprise Edition Analytics Actions unknown vulnerabilitymedium5.5---
173529Oracle WebCenter Portal Security Framework denial of servicemedium4.9---
173528Oracle Outside In Technology Installation denial of service [CVE-2021-20227]medium4.6---
173527Oracle Outside In Technology Installation denial of service [CVE-2020-27842]medium4.9---
173526Oracle WebLogic Server Web Services information disclosure [CVE-2021-2211]medium5.4---
173525Oracle WebLogic Server Console unknown vulnerability [CVE-2021-2142]medium6.4---
173524Oracle Fusion Middleware MapViewer Install cross site scriptingmedium6.4---
173523Oracle Business Intelligence Enterprise Edition BI Platform Security cross site scriptingmedium6.4---
173522Oracle Business Intelligence Enterprise Edition BI Platform Security cross site scriptingmedium6.4---
173521Oracle WebLogic Server Core unknown vulnerability [CVE-2021-2294]medium6.4---
173520Oracle WebLogic Server Core information disclosure [CVE-2019-3740]medium7.8---
173519Oracle WebLogic Server Core deserialization [CVE-2019-10086]medium7.5---
173518Oracle Service Bus Web Container deserialization [CVE-2019-10086]medium7.5---
173517Oracle Outside In Technology Outside In Filters Remote Code Executionmedium7.5---
173516Oracle Fusion Middleware Centralized Thirdparty Jars deserializationmedium7.5---
173515Oracle WebLogic Server Proxy Plug-In SSL Module denial of servicemedium7.8---
173514Oracle WebLogic Server TopLink Integration information disclosuremedium7.8---
173513Oracle WebCenter Portal Security Framework denial of servicemedium7.8---
173512Oracle Security Service C Oracle SSL API denial of service [CVE-2020-5360]medium7.8---
173511Oracle HTTP Server SSL Module denial of service [CVE-2020-5360]medium7.8---
173510Oracle Fusion Middleware MapViewer Install server-side request forgerymedium7.8---
173509Oracle Enterprise Repository Security Subsystem information disclosuremedium7.8---
173508Oracle Endeca Information Discovery Studio unknown vulnerabilitymedium7.8---
173507Oracle Coherence Core xml external entity reference [CVE-2020-25649]medium7.8---
173506Oracle Coherence Core information disclosure [CVE-2021-2277]medium7.8---
173505Oracle Business Intelligence Enterprise Edition BI Platform Security denial of servicemedium7.8---
173504Oracle API Gateway denial of service [CVE-2020-1971]medium7.8---
173503Oracle API Gateway server-side request forgery [CVE-2019-17566]medium7.8---
173502Oracle API Gateway unknown vulnerability [CVE-2020-11979]medium7.8---
173501Oracle Identity Manager Connector General/Misc deserializationmedium7.6---
173500Oracle Outside In Technology Outside In Filters unknown vulnerabilitymedium8.5---
173499Oracle Fusion Middleware Centralized Thirdparty Jars Remote Privilege Escalationmedium9.0---
173498Oracle Endeca Information Discovery Studio os command injectionmedium9.0---
173497Oracle BAM (Business Activity Monitoring) General os command injectionmedium9.0---
173496Oracle FMW Platform Common Components operation after expirationhigh9.7---
173495Oracle WebLogic Server Coherence Container Remote Code Executionhigh10.0---
173494Oracle WebLogic Server Core Remote Code Execution [CVE-2021-2136]high10.0---
173493Oracle WebCenter Portal Security Framework resource consumptionhigh10.0---
173492Oracle Platform Security for Java OPSS Remote Code Executionhigh10.0---
173491Oracle Fusion Middleware Centralized Thirdparty Jars xml external entity referencehigh10.0---
173490Oracle Business Intelligence Enterprise Edition Analytics Server improper authenticationhigh10.0---
173489Oracle Hospitality Inventory Management Export to Reporting/Analytics information disclosuremedium6.8---
173488Oracle Hospitality RES 3700 LibExpat denial of service [CVE-2018-20843]medium7.8---
173487Oracle FLEXCUBE Direct Banking Pre Login unknown vulnerabilitylow1.7---
173486Oracle FLEXCUBE Private Banking Financial Planning denial of servicemedium4.9---
173485Oracle Financial Services Analytical Applications Infrastructure Rules Framework unknown vulnerabilitymedium6.4---
173484Oracle Banking Platform Alerts cross site scripting [CVE-2020-27193]medium6.4---
173483Oracle FLEXCUBE Private Banking Order Management information disclosuremedium6.8---
173482Oracle FLEXCUBE Private Banking Loans/Pledges deserializationmedium7.5---
173481Oracle Banking Platform Collections deserialization [CVE-2019-10086]medium7.5---
173480Oracle Financial Services Analytical Applications Infrastructure Rate Management server-side request forgerymedium7.8---
173479Oracle Banking Platform Framework xml external entity referencemedium7.8---
173478Oracle FLEXCUBE Private Banking Financial Planning Remote Privilege Escalationmedium9.0---
173477Oracle Banking Platform Collections os command injection [CVE-2020-26217]medium9.0---
173476Oracle FLEXCUBE Private Banking Demographics operation after expirationhigh9.7---
173475Oracle FLEXCUBE Private Banking Order Management xml external entity referencehigh10.0---
173474Oracle FLEXCUBE Private Banking Order Management deserializationhigh10.0---
173473Oracle FLEXCUBE Private Banking Financial Planning Remote Code Executionhigh10.0---
173472Oracle Enterprise Manager Base Platform UI Framework unknown vulnerabilitymedium6.4---
173471Oracle Enterprise Manager for Fusion Middleware FMW Control Plugin denial of servicemedium6.8---
173470Oracle Enterprise Manager for Virtualization Administration operations deserializationmedium7.5---
173469Oracle Enterprise Manager for Fusion Middleware FMW Control Plugin Remote Code Executionmedium7.5---
173468Oracle Enterprise Manager Ops Center Satellite Framework denial of servicemedium7.8---
173467Oracle Enterprise Manager Base Platform Reporting Framework information disclosuremedium7.8---
173466Oracle Enterprise Manager Base Platform EM on Market Place integer overflowmedium9.0---
173465Oracle Application Testing Suite Load Testing for Web Apps buffer overflowmedium10.0---
173464Oracle Enterprise Manager Base Platform Enterprise Manager Install unusual conditionhigh10.0---
173463Oracle One-to-One Fulfillment Documents unknown vulnerabilitymedium5.0---
173462Oracle Internet Expenses Mobile Expenses unknown vulnerabilitymedium5.0---
173461Oracle E-Business Suite Technology Stack Attachments/iRecruitment/Contracts (AntiSamy) cross site scriptingmedium6.4---
173460Oracle Applications Manager View Reports unknown vulnerabilitymedium7.7---
173459Oracle Sales Offline Template denial of service [CVE-2021-2190]medium7.8---
173458Oracle Sales Offline Template denial of service [CVE-2021-2189]medium7.8---
173457Oracle Application Server OpenSSL denial of service [CVE-2020-1967]medium7.8---
173456Oracle Document Management and Collaboration Attachments unknown vulnerabilitymedium6.8---
173455Oracle Work in Process Resource Exceptions unknown vulnerabilitymedium8.5---
173454Oracle Universal Work Queue Work Provider Site Level Administration unknown vulnerabilitymedium8.5---
173453Oracle Transportation Execution Install/Upgrade unknown vulnerabilitymedium8.5---
173452Oracle Time and Labor Timecard unknown vulnerability [CVE-2021-2239]medium8.5---
173451Oracle Subledger Accounting Inquiries unknown vulnerability [CVE-2021-2272]medium8.5---
173450Oracle Sourcing Intelligence/RFx unknown vulnerability [CVE-2021-2263]medium8.5---
173449Oracle Site Hub Sites unknown vulnerability [CVE-2021-2270]medium8.5---
173448Oracle Service Contracts Authoring unknown vulnerability [CVE-2021-2255]medium8.5---
173447Oracle Receivables Receipts unknown vulnerability [CVE-2021-2223]medium8.5---
173446Oracle Quoting Courseware unknown vulnerability [CVE-2021-2268]medium8.5---
173445Oracle Purchasing Endeca unknown vulnerability [CVE-2021-2262]medium8.5---
173444Oracle Projects User Interface unknown vulnerability [CVE-2021-2258]medium8.5---
173443Oracle Project Contracts Hold Management unknown vulnerabilitymedium8.5---
173442Oracle Product Hub Template/GTIN search unknown vulnerabilitymedium8.5---
173441Oracle Payables India Localization/Results unknown vulnerabilitymedium8.5---
173440Oracle MES for Process Manufacturing Process Operations unknown vulnerabilitymedium8.5---
173439Oracle Loans Loan Details/Loan Accounting Events unknown vulnerabilitymedium8.5---
173438Oracle Legal Entity Configurator Create Contracts unknown vulnerabilitymedium8.5---
173437Oracle Lease and Finance Management Quotes unknown vulnerabilitymedium8.5---
173436Oracle Landed Cost Management Shipment Workbench unknown vulnerabilitymedium8.5---
173435Oracle Labor Distribution User Interface unknown vulnerabilitymedium8.5---
173434Oracle iStore Shopping Cart unknown vulnerability [CVE-2021-2241]medium8.5---
173433Oracle iSetup General Ledger Update Transform/Reports unknown vulnerabilitymedium8.5---
173432Oracle Installed Base APIs unknown vulnerability [CVE-2021-2231]medium8.5---
173431Oracle Incentive Compensation User Interface unknown vulnerabilitymedium8.5---
173430Oracle Human Resources iRecruitment unknown vulnerability [CVE-2021-2260]medium8.5---
173429Oracle HRMS (France) French HR unknown vulnerability [CVE-2021-2316]medium8.5---
173428Oracle General Ledger Account Hierarchy Manager unknown vulnerabilitymedium8.5---
173427Oracle Financials Common Modules Advanced Global Intercompany unknown vulnerabilitymedium8.5---
173426Oracle Enterprise Asset Management Setup unknown vulnerabilitymedium8.5---
173425Oracle Engineering Change Management unknown vulnerability [CVE-2021-2290]medium8.5---
173424Oracle E-Business Tax User Interface unknown vulnerability [CVE-2021-2274]medium8.5---
173423Oracle E-Business Intelligence DBI Setups unknown vulnerabilitymedium8.5---
173422Oracle Document Management and Collaboration unknown vulnerabilitymedium8.5---
173421Oracle Depot Repair LOVs unknown vulnerability [CVE-2021-2229]medium8.5---
173420Oracle Customers Online Customer Tab unknown vulnerability [CVE-2021-2156]medium8.5---
173419Oracle CRM Technical Foundation Data Source unknown vulnerabilitymedium8.5---
173418Oracle Concurrent Processing BI Publisher Integration unknown vulnerabilitymedium8.5---
173417Oracle Compensation Workbench unknown vulnerability [CVE-2021-2224]medium8.5---
173416Oracle Cash Management Bank Account Transfer unknown vulnerabilitymedium8.5---
173415Oracle Bills of Material Bill Issues unknown vulnerability [CVE-2021-2288]medium8.5---
173414Oracle Bill Presentment Architecture Template Search unknown vulnerabilitymedium8.5---
173413Oracle Application Object Library Profiles unknown vulnerabilitymedium8.5---
173412Oracle Advanced Pricing Price Book unknown vulnerability [CVE-2021-2269]medium8.5---
173411Oracle Advanced Collections Admin unknown vulnerability [CVE-2021-2247]medium8.5---
173410Oracle Trade Management Quotes unknown vulnerability [CVE-2021-2210]medium8.5---
173409Oracle Trade Management Quotes unknown vulnerability [CVE-2021-2206]medium8.5---
173408Oracle Partner Management Attribute Admin Setup unknown vulnerabilitymedium8.5---
173407Oracle Knowledge Management Setup/Admin unknown vulnerabilitymedium8.5---
173406Oracle iStore Shopping Cart unknown vulnerability [CVE-2021-2199]medium8.5---
173405Oracle iStore Shopping Cart unknown vulnerability [CVE-2021-2150]medium8.5---
173404Oracle iStore Shopping Cart unknown vulnerability [CVE-2021-2197]medium8.5---
173403Oracle iStore Shopping Cart unknown vulnerability [CVE-2021-2188]medium8.5---
173402Oracle iStore Shopping Cart unknown vulnerability [CVE-2021-2187]medium8.5---
173401Oracle iStore Shopping Cart unknown vulnerability [CVE-2021-2186]medium8.5---
173400Oracle iStore Shopping Cart unknown vulnerability [CVE-2021-2185]medium8.5---
173399Oracle iStore Shopping Cart unknown vulnerability [CVE-2021-2184]medium8.5---
173398Oracle iStore Shopping Cart unknown vulnerability [CVE-2021-2183]medium8.5---
173397Oracle iStore Shopping Cart unknown vulnerability [CVE-2021-2182]medium8.5---
173396Oracle Email Center Message Display unknown vulnerability [CVE-2021-2209]medium7.5---
173395Oracle Marketing Marketing Administration unknown vulnerabilityhigh9.4---
173394Oracle Applications Framework Home page unknown vulnerabilityhigh9.4---
173393Oracle Primavera Unifier Core unknown vulnerability [CVE-2020-13956]medium5.0---
173392Oracle Instantis EnterpriseTrack Dashboards/Reports server-side request forgerymedium5.0---
173391Oracle Primavera Unifier Platform information disclosure [CVE-2020-17521]medium4.6---
173390Oracle Primavera Gateway Admin information disclosure [CVE-2020-17521]medium4.6---
173389Oracle Primavera Gateway Admin path traversal [CVE-2016-5725]medium5.4---
173388Oracle Primavera Unifier Core UI cross site scripting [CVE-2020-11022]medium6.4---
173387Oracle Instantis EnterpriseTrack WebServer information disclosuremedium7.8---
173386Oracle Instantis EnterpriseTrack Browser cross site scriptinghigh10.0---
173385Oracle Enterprise Session Border Controller Routing denial of servicemedium4.6---
173384Oracle Enterprise Communications Broker Routing denial of servicemedium4.6---
173383Oracle Communications Unified Session Manager Routing denial of servicemedium4.6---
173382Oracle Communications Subscriber-Aware Load Balancer Routing denial of servicemedium4.6---
173381Oracle Communications Session Router Routing denial of servicemedium4.6---
173380Oracle Communications Converged Application Server SC Admin server unknown vulnerabilitymedium4.0---
173379Oracle Communications Application Session Controller Security server-side request forgerymedium5.0---
173378Oracle Communications Services Gatekeeper PRM information disclosuremedium4.6---
173377Oracle SD-WAN Aware OS redirect [CVE-2020-1927]medium6.4---
173376Oracle SD-WAN Edge OS denial of service [CVE-2019-3900]medium4.9---
173375Oracle Enterprise Communications Broker Routing allocation of resourcesmedium6.6---
173374Oracle Communications Subscriber-Aware Load Balancer Routing allocation of resourcesmedium6.6---
173373Oracle Communications Session Router Routing allocation of resourcesmedium6.6---
173372Oracle Communications Session Border Controller Routing allocation of resourcesmedium6.6---
173371Oracle Communications Performance Intelligence Center Software PMAC deserializationmedium7.5---
173370Oracle SD-WAN Edge MGMT information disclosure [CVE-2020-17527]medium7.8---
173369Oracle SD-WAN Edge Config xml external entity reference [CVE-2020-25649]medium7.8---
173368Oracle Communications Session Border Controller Routing denial of servicemedium7.8---
173367Oracle Communications Interactive Session Recorder Provision API xml external entity referencemedium7.8---
173366Oracle Communications Performance Intelligence Center Software Mediation server buffer overflowmedium8.7---
173365Oracle Communications Interactive Session Recorder Provision API Remote Privilege Escalationmedium9.0---
173364Oracle Communications Application Session Controller Bouncy Castle Java Library Remote Code Executionhigh10.0---
173363Oracle Communications MetaSolv Solution Planning/Modeling server-side request forgerymedium5.0---
173362Oracle Communications Messaging Server Message Store cross site scriptingmedium6.4---
173361Oracle Communications Unified Inventory Management Inventory Group deserializationmedium7.5---
173360Oracle Communications Unified Inventory Management Apache Ant unknown vulnerabilitymedium7.8---
173359Oracle Communications Messaging Server Message Store denial of servicemedium7.8---
173358Oracle Communications Messaging Server jackson-databind deserializationmedium7.6---
173357Oracle Communications Contacts Server Contact Sharing deserializationmedium7.6---
173356Oracle Communications Calendar Server Event Reminders deserializationmedium7.6---
173355Oracle Communications Unified Inventory Management Reservations Remote Privilege Escalationmedium9.0---
173354Oracle Communications Messaging Server Message Store Remote Code Executionhigh10.0---
173353Oracle Communications Messaging Server Message Store resource consumptionhigh10.0---
173352Oracle Communications Messaging Server Message Store xml external entity referencehigh10.0---
173351Oracle Communications Design Studio Inventory Services resource consumptionhigh10.0---
173350Oracle Commerce Merchandising Experience Manager/Business Control Center cross site scriptingmedium6.4---
173349Oracle Commerce Merchandising Business Control Center cross site scriptingmedium6.4---
173348Oracle Commerce Guided Search Workbench/Experience Manager cross site scriptingmedium6.4---
173347Oracle Commerce Guided Search Content Acquisition System information disclosuremedium7.8---
173346Oracle SQL Developer Apache HttpClient unknown vulnerabilitymedium7.8---
173345Oracle Spatial Studio CodeMirror denial of service [CVE-2020-7760]medium4.0---
173344Oracle Spatial Studio Apache HttpClient unknown vulnerabilitymedium5.0---
173343Oracle REST Data Services Eclipse Jetty denial of service [CVE-2020-27223]medium5.0---
173342Oracle NoSQL Database Google Guava information disclosure [CVE-2020-8908]low1.7---
173341Oracle NoSQL Database Node.js denial of service [CVE-2021-22883]medium7.8---
173340Oracle NoSQL Database Netty denial of service [CVE-2020-11612]medium7.8---
173339Oracle NoSQL Database Apache HttpClient unknown vulnerabilitymedium7.8---
173338Oracle Global Lifecycle Management OPatch Patch Installer (Dell BSAFE Crypto-J) information disclosuremedium7.8---
173337Oracle Database RMAN Executable unknown vulnerability [CVE-2021-2207]low1.4---
173336Oracle Database Unified Audit unknown vulnerability [CVE-2021-2245]low3.3---
173335Oracle Database Database Vault information disclosure [CVE-2021-2175]low3.3---
173334Oracle Database Recovery information disclosure [CVE-2021-2173]low3.3---
173333Oracle Database Oracle Application Express denial of servicemedium4.0---
173332Oracle Database Java VM unknown vulnerability [CVE-2021-2234]medium4.9---
173331Oracle Database Oracle Application Express cross site scriptingmedium6.4---
173330Oracle Database Oracle Database Enterprise Edition Security information disclosuremedium7.8---
173329Oracle Database Workload Manager information disclosure [CVE-2020-17527]medium7.8---
173328Oracle Database Dell BSAFE Micro Edition Suite denial of servicemedium7.8---
173327Hashicorp Vault/Vault Enterprise TLS Certificate certificate validationmedium4.3---
173326Dart SDK dart:html cross site scriptinglow4.0---
173325Hashicorp Terraform Vault Provider unknown vulnerability [CVE-2021-30476]low4.9---
173324Hashicorp Vault/Vault Enterprise CRL certificate validation [CVE-2021-29653]medium5.8---
173323FusionAuth fusionauth-samlv2 XML parseFromBytes xml external entity referencelow4.9---
173322Apple GarageBand information disclosure [CVE-2021-30654]low1.7---
173321Zoho ManageEngine ManageEngine OpManager deserialization [CVE-2021-3287]medium6.8---
173320Config File Provider Plugin cross-site request forgery [CVE-2021-21644]low5.5---
173319XWiki cross site scripting [CVE-2021-29459]low5.0---
173318CloudBees CD Plugin HTTP Endpoint authorization [CVE-2021-21647]medium5.2---
173317Templating Engine Plugin Script Security Plugin protection mechanismmedium5.2---
173316Config File Provider Plugin HTTP Endpoint authorization [CVE-2021-21645]low2.7---
173315Config File Provider Plugin HTTP Endpoint authorization [CVE-2021-21643]low2.7---
173314Telegram App MtProtoKitFramework denial of service [CVE-2021-30496]low4.0---
173313NVIDIA GeForce Experience GameStream Plugins access control [CVE-2021-1079]medium6.5---
173312Config File Provider Plugin XML External Entity xml external entity referencemedium4.9---
173311Debian Xscreensaver Mesa 3D Graphics Library sonar Remote Privilege Escalationmedium6.5---
173310wrongthink Fingerprint cross site scriting [CVE-2021-29467]low4.0---
173309Authelia Web Portal redirect [CVE-2021-29456]medium7.5---
173308Unisys Stealth insufficiently protected credentials [CVE-2021-28492]low1.4---
173307Eclipse Openj9 jdk.internal.reflect.ConstantPool API missing initialization of resourcemedium4.9---
173306Hashicorp Consul Enterprise HTTP Event unknown vulnerabilitylow3.8---
173305Magento LTS sql injection [CVE-2021-21427]medium5.8---
173304Magento LTS deserialization [CVE-2021-21426]high10.0---
173303NVIDIA Windows GPU Display Driver Installer Remote Privilege Escalationmedium9.0---
173302NVIDIA Windows GPU Display Driver Kernel Driver nvlddmkm.sys null pointer dereferencemedium6.8---
173301NVIDIA Windows GPU Display Driver Kernel Mode Layer nvlddmkm.sys DxgkDdiEscape Remote Privilege Escalationmedium8.0---
173300Wikimedia analytics-quarry-web Content Type app.py cross site scriptinglow4.0---
173299Tobesoft XPlatform command injection [CVE-2020-7857]medium5.1---
173298Aviatrix VPN Client VPN Service permission [CVE-2020-27569]medium5.2---
173297Abus Secvest Wireless Alarm System FUAA50000 HTTPS Interface improper authenticationmedium3.3---
173296Hashicorp Consul/Consul Enterprise KV Raw Mode cross site scriptinglow4.0---
173295Aviatrix Controller permission [CVE-2020-27568]medium6.5---
173294Dell EMC PowerScale OneFS LDAP inadequate encryption [CVE-2020-26197]low5.1---
173293Xiaomi 10 SNO Information information disclosure [CVE-2020-14105]low2.3---
173292AbuseFilter Extension Account Creation access control [CVE-2021-31552]medium5.2---
173291CheckUser Extension Database Table denial of service [CVE-2021-31553]low2.3---
173290AbuseFilter Extension Account Block access control [CVE-2021-31554]medium5.2---
173289Oauth Extension input validation [CVE-2021-31555]low4.9---
173288PageForms Extension Query Parameter cross site scripting [CVE-2021-31551]low4.0---
173287CommentBox Extension Configuration cross site scripting [CVE-2021-31550]low4.0---
173286AbuseFilter Extension examine information disclosurelow2.3---
173285AbuseFilter Extension exposure of resource [CVE-2021-31548]low4.9---
173284AbuseFilter Extension AbuseFilterCheckMatch API information disclosurelow2.3---
173283AbuseFilter Extension information disclosure [CVE-2021-31546]low2.7---
173282AbuseFilter Extension page_recent_contributors information disclosurelow2.3---
173281Remote Clinic medicines cross site scriptinglow4.0---
173280Omicron StationGuard CTRL Ethernet denial of service [CVE-2021-30464]low3.5---
173279Alpine apk-tools Tarball Parser buffer overflow [CVE-2021-30139]medium5.2---
173278discord-recon app.py path traversallow4.0---
173277Portable SDK for UPnP Server dns rebinding [CVE-2021-29462]medium6.5---
173276REXML Gem unknown vulnerability [CVE-2021-28965]low3.8---
173275TIBCO Administrator Administration GUI csv injection [CVE-2021-28829]medium6.5---
173274TIBCO Administrator Administration GUI sql injection [CVE-2021-28828]medium6.5---
173273TIBCO Administrator/Runtime Agent Administration GUI cross site scriptinglow5.0---
173272Dell EMC PowerScale OneFS SmartLock Compliance Mode os command injectionmedium6.5---
173271NVIDIA GPU Display Driver Reference denial of service [CVE-2021-1077]medium6.8---
173270GPAC isom_hinter.c gf_hinter_track_finalize null pointer dereferencelow2.3---
173269GPAC isom_store.c SetupWriters null pointer dereferencelow2.3---
173268GPAC box_funcs.c gf_isom_box_del use after freemedium4.9---
173267GPAC rtp_pck_mpeg4.c gp_rtp_builder_do_avc heap-based overflowmedium5.2---
173266GPAC filedump.c dump_isom_sdp null pointer dereferencelow2.3---
173265GPAC write_nhml.c nhmldump_send_header denial of servicelow2.3---
173264giflib gif2rgb.c DumpScreen2RGB heap-based overflowmedium5.2---
173263cpp-peglib peglib.h resolve_escape_sequence heap-based overflowmedium5.2---
173262cpp-peglib peglib.h optimize null pointer dereferencelow2.3---
173261Bento4 Ap4StszAtom.cpp GetSampleSize null pointer dereferencelow2.3---
173260Avast retdec ir_modifications.cpp canSplitFunctionOn out-of-bounds readlow4.9---
173259Backdoor.Win32.DarkKomet.artr permissionmedium6.5---
173258IM-Worm.Win32.Bropia.aa permissionmedium6.5---
173257Trojan-Dropper.Win32.Agent.xtp permissionmedium6.5---
173256HEUR.Trojan.Win32.Generic permissionmedium6.5---
173255discord-recon setting.py code injectionmedium6.5---
173254discord-recon CommandInjection.py code injectionmedium6.5---
173253fast_ber asn_compiler.hpp yylex heap-based overflowmedium5.2---
173252Packed.Win32.Black.d Service Port 8080 backdoormedium7.5---
173251NVIDIA GPU Display Driver Kernel Mode Layer nvlddmkm.sys Remote Privilege Escalationmedium8.0---
173250WonderCMS Plugin Installer index.php installUpdateThemePluginAction os command injectionmedium6.5---
173249GPAC box_code_adobe.c abst_box_read heap-based overflowmedium5.2---
173248GPAC box_code_adobe.c abst_box_read heap-based overflowmedium5.2---
173247Remote Clinic register.php cross site scriptinglow4.0---
173246WonderCMS Plugin Installer index.php addCustomThemePluginRepository server-side request forgerymedium6.5---
173245IBM i SMTP resource consumption [CVE-2021-20501]low5.4---
173244Linux Kernel Spectre Mitigation verifier.c information disclosurelow1.0---
173243IBM WebSphere Application Server XML Data xml external entity referencemedium7.5---
173242Ivanti Pulse Connect Secure Gateway improper authentication [CVE-2021-22893]high10.0---
173241vscode-restructuredtext Workspace Configuration injection [CVE-2021-28793]medium5.1---
173240ADTRAN Netvanta 7060/Netvanta 7100 DNS unknown vulnerabilitylow4.9---
173239ADTRAN Netvanta 7060/Netvanta 7100 cross site scripting [CVE-2021-25680]low4.0---
173238ADTRAN Netvanta 7060/Netvanta 7100 cross site scripting [CVE-2021-25679]low4.0---
173237IBM WebSphere Application Server XML Data xml external entity referencemedium7.5---
173236SonicWall Email Security path traversal [CVE-2021-20023]medium4.0---
173235Helpcom improper authentication [CVE-2020-7856]medium7.6---
173234Palo Alto GlobalProtect App denial of service [CVE-2021-3038]low4.6---
173233Palo Alto PAN-OS Scheduled Configuration Export debug log filelow3.3---
173232Palo Alto PAN-OS XML API Request log file [CVE-2021-3036]low3.3---
173231Bridgecrew Checkov Terraform File deserialization [CVE-2021-3035]medium5.8---
173230Linux Kernel f2fs module node.c out-of-bounds readmedium7.5---
173229libtpms TPM 2 RsaAdjustPrimeCandidate entropylow1.4---
173228GStreamer Matroska heap-based overflow [CVE-2021-3498]medium5.2---
173227GStreamer Matroska File use after free [CVE-2021-3497]low4.9---
173226GPAC MP4Box AV1_DuplicateConfig denial of servicelow2.3---
173225GPAC MP4Box gf_hinter_track_new information disclosurelow2.3---
173224GPAC MP4Box MergeTrack denial of servicelow2.3---
173223GPAC MP4Box gf_isom_cenc_get_default_info_internal denial of servicelow2.3---
173222GPAC MP4Box gf_isom_set_extraction_slc denial of servicelow2.3---
173221GPAC MP4Box HintFile denial of servicelow2.3---
173220GPAC MP4Box stbl_GetSampleInfos memory leaklow2.3---
173219GPAC MP4Box abst_box_read buffer overflowmedium5.2---
173218GPAC MP4Box tenc_box_read denial of servicelow2.3---
173217GPAC MP4 File reframe_latm.c gf_filter_pck_get_data null pointer dereferencelow2.3---
173216GPAC av_parsers.c gf_avc_read_pps_bs_internal integer overflowlow2.3---
173215GPAC File av_parsers.c gf_hevc_read_pps_bs_internal infinite looplow2.3---
173214GPAC reframe_adts.c adts_dmx_process heap-based overflowmedium5.2---
173213GPAC filter_pck.c av1dmx_parse_flush_sample null pointer dereferencelow2.3---
173212GPAC av_parsers.c hevc_parse_slice_segment integer overflowlow2.3---
173211Exiv2 Metadata out-of-bounds read [CVE-2021-29458]low2.3---
173210Exiv2 Metadata heap-based overflow [CVE-2021-29457]medium5.2---
173209Grassroot Platform JSON Web Token signature verification [CVE-2021-29455]low2.6---
173208matrix-media-repo resource consumption [CVE-2021-29453]low4.0---
173207Wagtail Admin Interface cross site scripting [CVE-2021-29434]low4.0---
173206GPAC filter_props.c gf_props_assign_value integer overflowmedium4.9---
173205JTEKT TOYOPUC denial of service [CVE-2021-27458]low5.0---
173204cifs-utils krb5 CIFS File System privileges assignment [CVE-2021-20208]low5.2---
173203OpenClinic GA getAssets.jsp sql injectionmedium7.5---
173202OpenClinic GA getAssets.jsp sql injectionmedium7.5---
173201Autodesk FBX Review FBX File use after free [CVE-2021-27031]medium7.5---
173200Autodesk FBX Review FBX File pathname traversal [CVE-2021-27030]medium7.5---
173199Autodesk FBX Review FBX File denial of service [CVE-2021-27029]low5.0---
173198Autodesk FBX Review DLL File memory corruption [CVE-2021-27028]medium6.5---
173197Autodesk FBX Review DLL File out-of-bounds write [CVE-2021-27027]medium6.5---
173196VMware NSX-T Role Based Access Control access control [CVE-2021-21981]medium4.3---
173195Fibaro Home Center/Home Center Lite Web-based Management Interface cleartext transmissionlow2.6---
173194Fibaro Home Center/Home Center Lite os command injection [CVE-2021-20991]medium9.0---
173193Fibaro Home Center/Home Center Lite Internal Management Service authorizationmedium7.5---
173192Fibaro Home Center/Home Center Lite SSH Connection authorizationmedium5.1---
173191IBM Resilient SOAR command injection [CVE-2021-20527]low5.8---
173190Online Discussion Forum Messaging Subsystem cross site scriptinglow4.0---
173189XMB BBCode cross site scripting [CVE-2021-29399]low4.0---
173188Adobe Robohelp uncontrolled search path [CVE-2021-21070]medium3.5---
173187Innorix versuibs argument injection [CVE-2020-7851]medium7.5---
173186killing child_process command injectionmedium7.5---
173185roar-pidusage stat command injectionmedium5.1---
173184portkiller child_process command injectionmedium7.5---
173183picotts say command injectionmedium7.5---
173182onion-oled-js Scroll child_process command injectionmedium7.5---
173181ffmpegdotjs child_process command injectionmedium7.5---
173180psnode Kill child_process command injectionmedium7.5---
173179ps-visitor Kill child_process command injectionmedium7.5---
173178Trojan.Win32.Agent.hsm permissionmedium6.5---
173177Constructor.Win32.Bifrose.ag Bifrost Setting File Import stack-based overflowmedium6.5---
173176HEUR.Backdoor.Win32.Generic Service Port 1080 1314.exe backdoormedium7.5---
173175Trojan.Win32.Bayrob.dtrg permissionmedium6.5---
173174Trojan-Dropper.Win32.Agent.bjtzcp permissionmedium6.5---
173173Trojan.Win32.NanoBot.onh permissionmedium6.5---
173172Trojan.Win32.Agentb.iofv permissionmedium6.5---
173171overlayfs privileges management [CVE-2021-3493]medium9.0---
173170Shiftfs Kernel Memory copy_from_user double freemedium9.0---
173169ezXML XML File Parser libezxml.a ezxml_parse_str out-of-bounds readlow2.3---
173168ezXML XML File Parser libezxml.a ezxml_parse_str memory corruptionmedium5.2---
173167a12n-server HAL-Form privileges management [CVE-2021-29452]medium6.5---
173166Portofino JSON Web Token signature verification [CVE-2021-29451]medium7.5---
173165jose-node-cjs-runtime information exposure [CVE-2021-29446]low2.6---
173164jose-node-esm-runtime information exposure [CVE-2021-29445]low2.6---
173163jose-browser-runtime information exposure [CVE-2021-29444]low2.6---
173162jose information exposure [CVE-2021-29443]low2.6---
173161Siemens Mendix User Role privileges management [CVE-2021-27394]medium5.2---
173160Tribal Systems Zenario CMS Pugin Library Delete Module ajax.php sql injectionmedium6.5---
173159Adobe Genuine Service uncontrolled search path [CVE-2020-9681]medium6.8---
173158Adobe Genuine Service Symlink access control [CVE-2020-9668]medium7.5---
173157Adobe Genuine Service uncontrolled search path [CVE-2020-9667]medium6.8---
173156QNAP QTS Multimedia Console/Media Streaming Add-on sql injectionmedium7.5---
173155QNAP QTS/QuTS Hero command injection [CVE-2020-2509]medium5.2---
173154IBM Spectrum Protect Command Parser stack-based overflow [CVE-2021-20491]medium4.0---
173153vscode-bazel JSON Config File file inclusion [CVE-2021-22539]low4.3---
173152vscode-rpm-spec Extension Workspace Configuration Remote Code Executionlow5.1---
173151Tenda G1/G3 umountUSBPartition formSetUSBPartitionUmount os command injectionmedium6.5---
173150Tenda G0/G1/G3 setDebugCfg formSetDebugCfg os command injectionmedium6.5---
173149Atlassian Connect Spring Boot Lifecycle Endpoint improper authenticationmedium5.8---
173148Atlassian Connect Express Lifecycle Endpoint improper authenticationmedium5.8---
173147Synology QTS/QuTS Hero/QuTScloud File Station cross site scriptinglow4.0---
173146Wfilter ICF User-Agent Header cross site scripting [CVE-2021-3243]low2.7---
173145dio Package HTTP Method injection [CVE-2021-31402]medium4.9---
173144Apache OpenOffice Hyperlink Remote Code Execution [CVE-2021-30245]medium7.5---
173143WordPress Editor information disclosure [CVE-2021-29450]low4.0---
173142Pi-hole Admin Portal cross site scripting [CVE-2021-29448]low5.0---
173141WordPress Media Library Parser xml external entity referencemedium6.5---
173140Matrix Sydent resource consumption [CVE-2021-29433]low3.5---
173139Matrix Sydent Email input validation [CVE-2021-29432]low3.8---
173138Matrix Sydent HTTP GET Request server-side request forgery [CVE-2021-29431]medium4.0---
173137Matrix Sydent HTTP Request resource consumption [CVE-2021-29430]low5.0---
173136Centreon Centreon Web cross-site request forgery [CVE-2021-28055]low2.1---
173135LightCMS External Image NEditorController.php Remote Privilege Escalationmedium6.0---
173134HPE IceWall SSO Domain Gateway Option Module cross site scriptinglow5.0---
173133Fielcoin Lotus BLS Signature Validation VerifyCompressed signature verificationlow2.6---
173132QED ResourceXpress URL input validation [CVE-2020-28898]medium6.0---
173131GNU Binutils BFD Library memory allocation [CVE-2021-3487]low2.3---
173130ezXML XML File Parser libezxml.a ezxml_internal_dtd out-of-bounds writemedium5.2---
173129Textpattern Plug-In unrestricted upload [CVE-2021-30209]medium7.4---
173128Adobe Photoshop JSX File Parser buffer overflow [CVE-2021-28549]medium7.5---
173127Adobe Photoshop JSX File Parser buffer overflow [CVE-2021-28548]medium7.5---
173126b2evolution evoadm.php sql injectionlow2.1---
173125Tribal Systems Zenario CMS admin_boxes.ajax.php cross site scriptinglow4.0---
173124Tribal Systems Zenario CMS admin_boxes.ajax.php sql injectionlow2.1---
173123Adobe Bridge Genuine Software Service improper authorizationmedium4.3---
173122Adobe Bridge out-of-bounds write [CVE-2021-21095]medium4.3---
173121Adobe Bridge out-of-bounds write [CVE-2021-21094]medium4.3---
173120Adobe Bridge memory corruption [CVE-2021-21093]medium4.3---
173119Adobe Bridge buffer overflow [CVE-2021-21092]medium4.3---
173118Adobe Bridge out-of-bounds read [CVE-2021-21091]low1.7---
173117Adobe ColdFusion cross site scripting [CVE-2021-21087]low5.0---
173116Ceph CEPHX_GET_AUTH_SESSION_KEY Request improper authenticationmedium7.5---
173115Cosori Smart Air Fryer CS158-AF JSON Object backdoor [CVE-2020-28593]medium5.8---
173114Cosori Smart Air Fryer CS158-AF JSON Object heap-based overflowmedium6.5---
173113OpenClinic GA getAssets.jsp sql injectionmedium7.5---
173112Tilde OpenClinic GA getAssets.jsp sql injectionmedium7.5---
173111OpenClinic GA getAssets.jsp sql injectionmedium7.5---
173110Apache Tapestry AppModule.class deserializationmedium4.3---
173109PHPGurukul Beauty Parlour Management System add-services.php sql injectionmedium6.5---
173108PHPGurukul Beauty Parlour Management Syste add-services.php cross site scriptinglow4.0---
173107CASAP Automated Enrollment System Students cross site scriptinglow4.0---
173106McAfee Data Loss Prevention hdlphook Driver privileges managementmedium6.8---
173105McAfee Data Loss Prevention hdlphook Driver denial of servicelow4.6---
173104McAfee Content Security Reporter ePO Extension cleartext transmissionlow2.2---
173103Google Android pb_encode.c pb_write out-of-bounds writemedium4.3---
173102McAfee Endpoint Security/Global Threat Intelligence DNS cleartext transmissionlow2.6---
173101McAfee Advanced Threat Defense HTTP Request Parameter information disclosurelow1.7---
173100McAfee Advanced Threat Defense HTTP Request Parameter information disclosurelow2.7---
173099Adobe Digital Editions access control [CVE-2021-21100]medium5.2---
173098Zulip Server Topic Moving API permission assignment [CVE-2021-30487]low3.7---
173097Zulip Server all_public_streams API access control [CVE-2021-30479]medium5.2---
173096Zulip Server permission [CVE-2021-30478]medium5.2---
173095Zulip Server Webhook access control [CVE-2021-30477]medium5.2---
173094Jazzband Django Debug Toolbar SQL Panel sql injection [CVE-2021-30459]medium6.5---
173093Intelbras WIN 300/WRN 342 source code [CVE-2021-3017]low3.5---
173092AjaxSearchPro Administration Panel deserialization [CVE-2021-29654]medium6.5---
173091Pi-hole privileges management [CVE-2021-29449]medium4.3---
173090Deark fmtutil.c divide by zerolow2.3---
173089Deark deark-dbuf.c dbuf_write null pointer dereferencelow2.3---
173088TIBCO Messaging Eclipse Mosquitto Distribution Installation access controlmedium6.8---
173087TIBCO Messaging Eclipse Mosquitto Distribution Installation access controlmedium5.2---
173086YubiHSM yubihsm-connector Endpoint infinite looplow2.3---
173085Devolutions Server/Server LTS delete sql injectionmedium5.8---
173084Group Office URL Parameter upload.php server-side request forgerymedium6.5---
173083Devolutions Server/Server LTS HTML Page unknown vulnerabilitymedium6.0---
173082TOTOLINK X5000R/A720R HTTP Request os command injection [CVE-2021-27710]medium6.5---
173081TOTOLINK X5000R/A720R HTTP Request os command injection [CVE-2021-27708]medium6.5---
173080Parallels Desktop Toolgate out-of-bounds read [CVE-2021-27260]low1.4---
173079Parallels Desktop Toolgate integer overflow [CVE-2021-27259]medium6.8---
173078SolarWinds Orion Platform SaveUserSetting Endpoint access controlmedium7.5---
173077Netgear Nighthawk R7800 apply_bind.cgi heap-based overflowmedium8.3---
173076Netgear R7800 DHCP os command injection [CVE-2021-27252]medium8.3---
173075Netgear Nighthawk R7800 Update cleartext transmission [CVE-2021-27251]medium6.8---
173074D-Link DAP-2020 CGI Script file inclusion [CVE-2021-27250]low3.3---
173073D-Link DAP-2020 CGI Script os command injection [CVE-2021-27249]medium8.3---
173072D-Link DAP-2020 CGI Script stack-based overflow [CVE-2021-27248]medium8.3---
173071Tencent WeChat Desktop out-of-bounds read [CVE-2021-27247]low5.0---
173070TP-LINK Archer A7 AC1750 tdpServer Endpoint stack-based overflowmedium8.3---
173069Alt-N MDaemon Remote Privilege Escalation [CVE-2021-27183]medium6.0---
173068Alt-N MDaemon Worldclient injection [CVE-2021-27182]medium4.9---
173067Alt-N MDaemon cross-site request forgery [CVE-2021-27181]low4.0---
173066Alt-N MDaemon Worldclient cross site scripting [CVE-2021-27180]low4.0---
173065Atlassian JIRA Server/Data Center Cookie missing secure attributelow2.6---
173064Atlassian JIRA Server/Data Center Jira Importers Plugin information disclosurelow4.0---
173063Joomla! Module Layout Settings unknown vulnerability [CVE-2021-26031]medium4.9---
173062Joomla! Error Page cross site scripting [CVE-2021-26030]low4.0---
173061Atlassian JIRA Server/Data Center Issue Navigation/Search View cross site scriptinglow4.0---
173060Monica Journal Page cross site scripting [CVE-2020-35660]low4.0---
173059Group Office Parameter cross site scripting [CVE-2020-35419]low4.0---
173058Group Office Contact Page cross site scripting [CVE-2020-35418]low4.0---
173057LavaLite cross site scripting [CVE-2020-28124]low4.0---
173056Backdoor.Win32.Zombam.h HTTP GET Request buffer overflowmedium6.5---
173055Multilaser AC1200 cross-site request forgery [CVE-2021-31152]low4.0---
173054Razer Synapse File Name unknown vulnerability [CVE-2021-30494]low4.9---
173053Razer Synapse File Name unknown vulnerability [CVE-2021-30493]low4.9---
173052OpenJPEG Command Line Option integer overflow [CVE-2021-29338]low3.5---
173051GPAC MP4 File track.c MergeTrack null pointer dereferencelow4.9---
173050Forescout CounterACT SecureConnector symlink [CVE-2021-28098]medium5.8---
173049Appspace mail.aspx improper authenticationmedium5.8---
173048libexif JPG File actions.c denial of servicelow2.3---
173047Tenda G1/G3 formDelPortMapping buffer overflowmedium6.5---
173046Tenda G1/G3 formIPMacBindDel buffer overflowmedium6.5---
173045Tenda G1/G3 formQOSRuleDel buffer overflowmedium6.5---
173044SAP Setup Installation unquoted search path [CVE-2021-27608]medium5.9---
173043SAP NetWeaver ABAP Server/ABAP Platform Process Integration xml external entity referencelow4.0---
173042SAP NetWeaver ABAP Server/ABAP Platform Process Integration access controlmedium4.0---
173041X2Engine X2CRM activity cross site scriptinglow4.0---
173040Online Reviewer System sql injection [CVE-2021-27130]medium5.8---
173039D-Link DIR-816 A2 addassignment stack-based overflowmedium5.2---
173038D-Link DIR-816 A2 HTTP Request addRouting os command injectionmedium5.2---
173037Priority Enterprise Management System Reset Password Page cross site scriptinglow4.0---
173036TP-LINK WR2041 v1/TL-WR2041+ HTTP Request popupSiteSurveyRpm.html buffer overflowmedium4.0---
173035Jitsi Meet Plugin sessionpriv.php cross site scriptinglow4.0---
173034tsMuxer WAV File add_a_user buffer overflowlow2.7---
173033SUSE Linux Enterprise hawk2 temp file [CVE-2021-25314]medium6.5---
173032libsixel sixel_encoder_encode_bytes buffer overflowlow2.7---
173031Orchard File Type cross site scripting [CVE-2020-29593]low4.0---
173030Orchard TinyMCE HTML Editor File Upload unrestricted upload [CVE-2020-29592]medium5.2---
173029X2engine X2CRM create cross site scriptinglow4.0---
173028X2Engine X2CRM Rename a Module Tool cross site scripting [CVE-2020-21087]low4.0---
173027Shopxo index.php access controlmedium6.5---
173026Appspace sgcontentset.aspx cross site scriptinglow4.0---
173025Nextcloud Desktop Client URL Validation resource injection [CVE-2021-22879]medium6.5---
173024SUSE Linux Enterprise Server s390-tools temp file [CVE-2021-25316]medium5.5---
173023Standard Library from_iter double freelow2.3---
173022QNAP NAS Surveillance Station stack-based overflow [CVE-2021-28797]high10.0---
173021Facebook Thrift release of reference [CVE-2021-24028]low4.9---
173020Standard Library String Join uninitialized pointer [CVE-2020-36323]low4.9---
173019Linux Kernel Filesystem fuse_do_getattr denial of servicelow5.2---
173018Standard Library get_mut race conditionlow4.0---
173017Standard Library MutexGuard Object race condition [CVE-2017-20004]low4.0---
173016Lenovo XClarity Controller XCC Configuration Backup restore cleartext transmissionlow3.3---
173015Lenovo Power Management Driver null pointer dereference [CVE-2021-3463]low4.6---
173014Lenovo Power Management Driver Device Object default permissionmedium4.3---
173013Motorola MH702x Communication Channel certificate validationlow2.6---
173012Grav Twig Processing code injection [CVE-2021-29440]medium5.8---
173011Grav Admin Plugin admin authorizationmedium5.8---
173010Nextcloud Dialogs Library Toast cross site scripting [CVE-2021-29438]low4.0---
173009ScratchOAuth2 authorization [CVE-2021-29437]medium5.1---
173008Anuko Time Tracker common.php.lib ttMitigateCSRF cross-site request forgerylow5.0---
173007trestle-auth cross-site request forgery [CVE-2021-29435]low5.0---
173006Gradle temp file [CVE-2021-29428]medium4.3---
173005Gradle unknown vulnerability [CVE-2021-29427]low4.3---
IDTitleVulDBCVSSSecuniaXForceNessus
173004Thanos-Soft Cheetah Browser Intent Scheme cross site scriptinglow5.0---
173003mongo-express Collection Exception denial of service [CVE-2021-23372]low1.7---
173002Ampache Subsonic API access control [CVE-2021-21399]medium7.5---
173001Xerox AltaLink C8070 hard-coded password [CVE-2019-10881]medium7.5---
173000HEUR.Hoax.Win32.FrauDrop.gen permissionmedium6.5---
172999Trojan.Win32.Agent.zfgh permissionmedium6.5---
172998Trojan.Win32.Jorik.qje permissionmedium6.5---
172997SAP Focused RUN oData Service improper authorization [CVE-2021-27609]medium5.2---
172996SAP HCM Travel Management Fiori Apps information disclosure [CVE-2021-27605]low4.0---
172995SAP NetWeaver AS ABAP SPI_WAIT_MILLIS denial of service [CVE-2021-27603]low4.0---
172994SAP Commerce Backoffice Application injection [CVE-2021-27602]medium9.0---
172993SAP NetWeaver AS JAVA File cross site scripting [CVE-2021-27601]low4.0---
172992SAP Manufacturing Execution HTTP Parameter cross site scriptinglow4.0---
172991SAP NetWeaver AS JAVA Servlet access control [CVE-2021-27598]medium5.0---
172990Eaton Intelligent Power Manager Packet meta_driver_srv.js coverterCheckList code injectionhigh10.0---
172989Eaton Intelligent Power Manager File Upload maps_srv.js uploadBackgroud unrestricted uploadmedium6.5---
172988Eaton Intelligent Power Manager meta_driver_srv.js saveDriverData input validationmedium3.2---
172987Eaton Intelligent Power Manager Packet maps_srv.js removeBackground input validationmedium4.1---
172986Eaton Intelligent Power Manager Code Syntax utils.js loadUserFile code injectionmedium6.8---
172985Eaton Intelligent Power Manager Packet sql injection [CVE-2021-23276]medium6.5---
172984Schneider Electric C-Bus Toolkit Project Restore path traversalmedium6.5---
172983Schneider Electric C-Bus Toolkit File Upload path traversal [CVE-2021-22719]medium6.5---
172982Schneider Electric C-Bus Toolkit Project File Restore path traversalmedium6.5---
172981Schneider Electric C-Bus Toolkit Config File path traversal [CVE-2021-22717]medium6.5---
172980Schneider Electric C-Bus Toolkit privileges management [CVE-2021-22716]medium6.5---
172979AccuSoft ImageGear JPG File out-of-bounds write [CVE-2021-21784]medium7.5---
172978SAP NetWeaver Application Server Java authentication spoofingmedium5.0---
172977SAP NetWeaver Application Server for Java NTLM Hash information disclosurelow5.0---
172976SAP Solution Manager information disclosure [CVE-2021-21483]low3.3---
172975SAP NetWeaver Master Data Management information disclosure [CVE-2021-21482]low1.8---
172974Google Android CryptoPlugin.cpp decrypt_1_2 out-of-bounds readlow1.7---
172973Google Android LK Local Privilege Escalation [CVE-2021-0468]low4.6---
172972Google Android ImportVCardActivity improper restriction of rendered ui layerslow4.3---
172971Google Android WelcomeActivity.java start Local Privilege Escalationlow4.3---
172970Google Android Contacts QuickContactActivity.java onActivityResult information disclosurelow1.7---
172969Google Android Screenshot ScreenshotHelper.java information disclosurelow1.7---
172968Google Android InputApplicationHandle.cpp updateInfo use after freemedium4.3---
172967Google Android com_android_server_power_PowerManagerService.cpp setPowerModeWithHandle out-of-bounds writemedium4.3---
172966Google Android InputDispatcher.cpp improper restriction of rendered ui layerslow4.3---
172965Google Android DrmPlugin.cpp setPlayPolicy double freemedium4.3---
172964Google Android CryptoPlugin.cpp decrypt out-of-bounds readlow1.7---
172963Google Android avrc_api.cc avrc_proc_vendor_command information disclosurelow5.0---
172962Google Android Bluetooth DeviceChooserActivity.java onCreate improper restriction of rendered ui layerslow4.3---
172961Google Android StatsPullerManager.cpp ForceClearPullerCache use after freemedium4.3---
172960Google Android avrc_api.cc avrc_msg_cback out-of-bounds readlow4.0---
172959Google Android NFC rw_mfc.cc rw_mfc_handle_read_op out-of-bounds writemedium7.5---
172958Google Android ALooper.cpp pollOnce memory corruptionmedium4.3---
172957Google Android TelephonyManager.java getSimSerialNumber information disclosurelow1.7---
172956Google Android LogEvent.cpp parseExclusiveStateAnnotation out-of-bounds writemedium4.3---
172955Google Android LogEvent.cpp parsePrimaryFieldFirstUidAnnotation out-of-bounds writemedium5.2---
172954Google Android GnssLocationProvider.java handleUpdateLocation input validationmedium5.2---
172953Slic3r libslic3r OBJ File TriangleMesh out-of-bounds readlow2.3---
172952Windriver Helix ALM Administration Console xml external entity referencemedium6.0---
172951Microsoft Azure DevOps Server/Team Foundation Server information disclosurelow4.0---
172950Microsoft Windows Win32k privileges management [CVE-2021-27072]medium6.0---
172949Microsoft Windows Media Photo Codec information disclosure [CVE-2021-27079]low5.0---
172948Microsoft Windows Event Tracing privileges management [CVE-2021-27088]medium6.8---
172947Microsoft Windows Internet Messaging API Remote Code Executionmedium7.5---
172946Microsoft Windows Secure Kernel Mode privileges management [CVE-2021-27090]medium6.8---
172945Microsoft Windows RPC Endpoint Mapper Service privileges managementmedium6.8---
172944Microsoft Windows Azure AD Web Sign-in Local Privilege Escalationmedium7.2---
172943Microsoft Windows Kernel information disclosure [CVE-2021-27093]low1.7---
172942Microsoft Windows Early Launch Antimalware Driver unknown vulnerabilitylow4.3---
172941Microsoft Windows Media Video Decoder Remote Code Execution [CVE-2021-27095]medium7.5---
172940Microsoft Windows NTFS Local Privilege Escalation [CVE-2021-27096]medium6.8---
172939Microsoft Windows Installer unknown vulnerability [CVE-2021-26413]low4.6---
172938Microsoft Windows Installer Local Privilege Escalation [CVE-2021-26415]medium6.8---
172937Microsoft Windows Hyper-V denial of service [CVE-2021-26416]medium6.8---
172936Microsoft Windows Overlay Filter information disclosure [CVE-2021-26417]low1.7---
172935Microsoft Windows Kernel information disclosure [CVE-2021-28309]low1.7---
172934Microsoft Windows Win32k Local Privilege Escalation [CVE-2021-28310]medium6.8---
172933Microsoft Windows Application Compatibility Cache denial of servicemedium7.8---
172932Microsoft Windows NTFS denial of service [CVE-2021-28312]low1.7---
172931Microsoft Windows Diagnostics Hub Standard Collector Service Local Privilege Escalationmedium6.8---
172930Microsoft Windows Hyper-V Local Privilege Escalation [CVE-2021-28314]medium6.8---
172929Microsoft Windows Media Video Decoder Remote Code Execution [CVE-2021-28315]medium7.5---
172928Microsoft Windows WLAN AutoConfig Service information disclosurelow1.2---
172927Microsoft Windows Codecs Library information disclosure [CVE-2021-28317]low1.7---
172926Microsoft Windows GDI+ information disclosure [CVE-2021-28318]low1.7---
172925Microsoft Windows TCP/IP Driver denial of service [CVE-2021-28319]medium7.8---
172924Microsoft Windows esource Manager PSM Service Extension privileges managementmedium6.8---
172923Microsoft Windows Diagnostics Hub Standard Collector Service privileges managementmedium6.8---
172922Microsoft Windows Diagnostics Hub Standard Collector Service privileges managementmedium6.8---
172921Microsoft Windows DNS information disclosure [CVE-2021-28323]low4.0---
172920Microsoft Windows SMB information disclosure [CVE-2021-28324]low5.0---
172919Microsoft Windows SMB information disclosure [CVE-2021-28325]low4.0---
172918Microsoft Windows AppX Deployment Server denial of service [CVE-2021-28326]low4.6---
172917Microsoft Windows Remote Procedure Call Runtime Remote Privilege Escalationmedium9.0---
172916Microsoft Windows DNS information disclosure [CVE-2021-28328]low4.0---
172915Microsoft Windows Remote Procedure Call Runtime Remote Privilege Escalationmedium9.0---
172914Microsoft Windows Remote Procedure Call Runtime Remote Privilege Escalationmedium9.0---
172913Microsoft Windows Remote Procedure Call Runtime Remote Privilege Escalationmedium9.0---
172912Microsoft Windows Remote Privilege Escalation [CVE-2021-28332]medium9.0---
172911Microsoft Windows Remote Procedure Call Runtime Remote Privilege Escalationmedium9.0---
172910Microsoft Windows Remote Procedure Call Runtime Remote Privilege Escalationmedium9.0---
172909Microsoft Windows Remote Procedure Call Runtime Remote Privilege Escalationmedium9.0---
172908Microsoft Windows Remote Procedure Call Runtime Remote Privilege Escalationmedium9.0---
172907Microsoft Windows Remote Procedure Call Runtime Remote Privilege Escalationmedium9.0---
172906Microsoft Windows Remote Procedure Call Runtime Remote Privilege Escalationmedium9.0---
172905Microsoft Windows Remote Privilege Escalation [CVE-2021-28339]medium9.0---
172904Microsoft Windows Remote Procedure Call Runtime Remote Privilege Escalationmedium9.0---
172903Microsoft Windows Remote Procedure Call Runtime Remote Privilege Escalationmedium9.0---
172902Microsoft Windows Remote Procedure Call Runtime Remote Privilege Escalationmedium9.0---
172901Microsoft Windows Remote Procedure Call Runtime Remote Privilege Escalationmedium9.0---
172900Microsoft Windows Remote Procedure Call Runtime Remote Privilege Escalationmedium9.0---
172899Microsoft Windows Remote Procedure Call Runtime Remote Remote Privilege Escalationmedium9.0---
172898Microsoft Windows Remote Procedure Call Runtime Remote Privilege Escalationmedium9.0---
172897Microsoft Windows Speech Runtime Local Privilege Escalation [CVE-2021-28347]medium6.8---
172896Microsoft Windows GDI+ Remote Code Execution [CVE-2021-28348]medium7.5---
172895Microsoft Windows GDI+ Remote Code Execution [CVE-2021-28349]medium7.5---
172894Microsoft Windows GDI+ Remote Code Execution [CVE-2021-28350]medium7.5---
172893Microsoft Windows Speech Runtime Local Privilege Escalation [CVE-2021-28351]medium6.8---
172892Microsoft Windows Remote Procedure Call Runtime Remote Privilege Escalationmedium9.0---
172891Microsoft Windows Remote Procedure Call Runtime Remote Privilege Escalationmedium9.0---
172890Microsoft Windows Remote Procedure Call Runtime Remote Privilege Escalationmedium9.0---
172889Microsoft Windows Remote Procedure Call Runtime Remote Privilege Escalationmedium9.0---
172888Microsoft Windows Remote Procedure Call Runtime Remote Privilege Escalationmedium9.0---
172887Microsoft Windows Remote Procedure Call Runtime Remote Privilege Escalationmedium9.0---
172886Microsoft Windows Remote Procedure Call Runtime Remote Privilege Escalationmedium9.0---
172885Microsoft Windows Remote Procedure Call Runtime Remote Privilege Escalationmedium9.0---
172884Microsoft Windows Event Tracing information disclosure [CVE-2021-28435]low1.7---
172883Microsoft Windows Speech Runtime Local Privilege Escalation [CVE-2021-28436]medium6.8---
172882Microsoft Windows Installer information disclosure [CVE-2021-28437]low1.7---
172881Microsoft Windows Console Driver denial of service [CVE-2021-28438]low4.6---
172880Microsoft Windows TCP/IP Driver denial of service [CVE-2021-28439]medium7.8---
172879Microsoft Windows Installer Local Privilege Escalation [CVE-2021-28440]medium6.0---
172878Microsoft Windows Hyper-V information disclosure [CVE-2021-28441]low1.7---
172877Microsoft Windows TCP/IP information disclosure [CVE-2021-28442]low4.0---
172876Microsoft Windows Console Driver denial of service [CVE-2021-28443]low4.6---
172875Microsoft Windows Hyper-V unknown vulnerability [CVE-2021-28444]low5.5---
172874Microsoft Windows Network File System unknown vulnerability [CVE-2021-28445]medium8.5---
172873Microsoft Windows Early Launch Antimalware Driver unknown vulnerabilitymedium6.2---
172872Microsoft Windows Early Launch Antimalware Driver unknown vulnerabilitylow4.3---
172871Microsoft Kubernetes Tools Remote Code Execution [CVE-2021-28448]medium7.5---
172870Microsoft Office Excel Remote Code Execution [CVE-2021-28449]medium7.5---
172869Microsoft SharePoint Update denial of service [CVE-2021-28450]low4.0---
172868Microsoft Office Excel Remote Code Execution [CVE-2021-28451]medium7.5---
172867Microsoft Outlook memory corruption [CVE-2021-28452]medium7.5---
172866Microsoft Word/Office/SharePoint Remote Code Execution [CVE-2021-28453]medium7.5---
172865Microsoft Office Excel Remote Code Execution [CVE-2021-28454]medium7.5---
172864Microsoft Office Excel information disclosure [CVE-2021-28456]low1.7---
172863Microsoft Visual Studio Code Remote Code Execution [CVE-2021-28457]low5.1---
172862Microsoft @azure-ms-rest-nodeauth Local Privilege Escalationmedium6.8---
172861Microsoft Azure DevOps Server unknown vulnerability [CVE-2021-28459]low6.4---
172860Microsoft Azure Sphere Local Privilege Escalation [CVE-2021-28460]medium6.0---
172859Microsoft Visual Studio Code Remote Code Execution [CVE-2021-28469]low5.1---
172858Microsoft GitHub Pull Requests and Issues Extension Remote Code Executionmedium7.5---
172857Microsoft Visual Studio Code Remote Development Extension Remote Code Executionlow5.1---
172856Microsoft Maven for Java Extension Remote Code Execution [CVE-2021-28472]medium7.5---
172855Microsoft Visual Studio Code Remote Code Execution [CVE-2021-28475]low5.1---
172854Microsoft Visual Studio Code Remote Code Execution [CVE-2021-28477]low5.1---
172853Microsoft Exchange Server Remote Code Execution [CVE-2021-28480]high10.0---
172852Microsoft Exchange Server Remote Code Execution [CVE-2021-28481]high10.0---
172851Microsoft Exchange Server Remote Privilege Escalation [CVE-2021-28482]medium9.0---
172850Microsoft Exchange Server unknown vulnerability [CVE-2021-28483]medium7.7---
172849Microsoft Visual Studio Installer Local Privilege Escalationmedium6.8---
172848Microsoft Windows Services/Controller App Local Privilege Escalationmedium6.8---
172847Microsoft VP9 Video Extensions Remote Code Execution [CVE-2021-28464]medium10.0---
172846Microsoft Raw Image Extension Remote Code Execution [CVE-2021-28466]medium10.0---
172845Microsoft Raw Image Extension Remote Code Execution [CVE-2021-28468]medium10.0---
172844Microsoft Visual Studio Code Remote Code Execution [CVE-2021-28473]low5.1---
172843Wind River VxWorks dhcp Server stack-based overflow [CVE-2021-29999]medium5.2---
172842Wind River VxWorks dhcp Client heap-based overflow [CVE-2021-29998]medium5.2---
172841Perforce Helix ALM XML Import xml external entity reference [CVE-2021-28973]medium4.9---
172840ZTE ZXCLOUD iRAI Management Page cross-site request forgery [CVE-2021-21731]low4.0---
172839ZTE ZXHN H168N CLI access control [CVE-2021-21730]medium4.6---
172838ZTE ZXHN H168N/ZXHN H108N cross-site request forgery [CVE-2021-21729]low4.0---
172837ZEROF Expert Pro Authorization Header add sql injectionmedium6.5---
172836ZEROF Web Server Login Page HandleEvent sql injectionmedium6.5---
172835Trend Micro Password Manager DLL uncontrolled search path [CVE-2021-28647]medium6.5---
172834Trend Micro Apex One/Apex One as a Service/OfficeScan XG SP1 Log File permissionmedium6.5---
172833Trend Micro OfficeScan XG SP1 access control [CVE-2021-28645]medium6.5---
172832FluidSynth soundfont2 File fluid_sffile.c use after freelow4.9---
172831Trend Micro Apex One/Apex One as a Service/OfficeScan XG SP1 access controlmedium6.5---
172830Trend Micro Apex One/Apex One as a Service/OfficeScan XG SP1 access controlmedium6.5---
172829Micro Focus Operations Agent access control [CVE-2021-22505]medium5.2---
172828OpenClinic GA getAssets.jsp sql injectionmedium6.5---
172827OpenClinic GA getAssets.jsp sql injectionmedium6.5---
172826OpenClinic GA getAssets.jsp sql injectionmedium6.5---
172825OpenClinic GA getAssets.jsp sql injectionmedium6.5---
172824OpenClinic GA Installation permission [CVE-2020-27228]medium5.2---
172823OpenClinic GA Web Request command injection [CVE-2020-27227]medium5.8---
172822phpGACL POST Parameter edit_group.php sql injectionmedium6.5---
172821phpGACL POST Parameter edit_group.php sql injectionmedium6.5---
172820HTMLy config.html.php cross site scriptinglow4.0---
172819GLSL Linting Extension Workspace Configuration injection [CVE-2021-30503]low5.1---
172818Remote Clinic register.php cross site scriptinglow4.0---
172817Remote Clinic register.php cross site scriptinglow4.0---
172816Remote Clinic register-report.php cross site scriptinglow4.0---
172815Remote Clinic register-report.php cross site scriptinglow4.0---
172814Remote Clinic register-patient.php cross site scriptinglow4.0---
172813Apache Solr ConfigurableInternodeAuthHadoopPlugin authorizationmedium5.8---
172812Apache Commons IO FileNameUtils.normalize path traversalmedium5.2---
172811Apache Solr VMParamsAllAndReadonlyDigestZkACLProvider insufficiently protected credentialslow2.3---
172810Papoo CMS Light/CMS Pro Admin Interface cross-site request forgerylow4.0---
172809Genexis Platinum 4410 os command injection [CVE-2021-29003]medium6.5---
172808Siren Federate Thread information disclosure [CVE-2021-28938]low1.4---
172807Apache Solr replication server-side request forgerymedium5.2---
172806Slab Quill HTML Editor cross site scripting [CVE-2021-3163]low4.0---
172805ASUS RT-AX3000/ZenWiFi AX/RT-AX88U IPv6 Router Advertisement infinite looplow3.3---
172804TP-Link TL-XDR5430 Router Advertisement infinite loop [CVE-2021-3125]low3.3---
172803Gradle Download temp file [CVE-2021-29429]low4.0---
172802OutSystems Platform Server ECT Provider server-side request forgerymedium5.2---
172801TP-Link TL-WR802N/Archer_C50v5_US httpd buffer overflow [CVE-2021-29302]medium6.5---
172800Gargoyle OS Router Advertisement infinite loop [CVE-2021-23270]low3.3---
172799NetIQ Advanced Authentication user session [CVE-2021-22497]low0.8---
172798Dell Peripheral Manager uncontrolled search path [CVE-2021-21545]medium6.8---
172797Dell SRM deserialization [CVE-2021-21524]high10.0---
172796Synapse resource consumption [CVE-2021-21394]low4.9---
172795Synapse resource consumption [CVE-2021-21393]low4.9---
172794Synapse IPv6 redirect [CVE-2021-21392]medium6.5---
172793IBM Jazz Team Server Web UI cross site scripting [CVE-2021-20519]low4.0---
172792MongoDB Database Tools certificate validation [CVE-2020-7924]medium5.1---
172791IBM Jazz Team Server inadequate encryption [CVE-2020-4965]low2.6---
172790IBM Jazz Team Server Message injection [CVE-2020-4964]low4.0---
172789IBM Jazz Team Server Web UI cross site scripting [CVE-2020-4920]low4.0---
172788Bitdefender Safepay File Upload origin validation [CVE-2020-15734]medium7.5---
172787Pega Platform pyActivity access control [CVE-2020-15390]low2.7---
172786Liberty lisPBX Configuration Backup lispbx-CONF-YYYY-MM-DD.tar improper authenticationmedium5.0---
172785Fatek Automation WinProladder out-of-bounds write [CVE-2021-27486]medium5.2---
172784SiCKRAGE Quicksearch cross site scripting [CVE-2021-25926]low4.0---
172783SiCKRAGE cross site scripting [CVE-2021-25925]low4.0---
172782Patreon Plugin cross-site request forgery [CVE-2021-24231]low4.0---
172781Patreon Plugin cross-site request forgery [CVE-2021-24230]low4.0---
172780Patreon Plugin AJAX Action patreon_save_attachment_patreon_level cross site scriptinglow4.0---
172779Patreon Plugin Login Form wp-login.php cross site scriptinglow4.0---
172778Patreon Plugin wp-config.php information disclosurelow4.0---
172777AccessAlly Plugin product-shortcode.php information disclosurelow5.0---
172776Advanced Booking Calendar Plugin GET Parameter cross site scriptinglow4.0---
172775Easy Form Builder Plugin AJAX Action EFBP_verify_upload_file unrestricted uploadmedium6.5---
172774N5 Upload Form Plugin unrestricted upload [CVE-2021-24223]medium4.0---
172773WP-Curriculo Vitae Free Plugin Profile Picture unrestricted uploadmedium6.8---
172772Quiz And Survey Master Plugin sql injection [CVE-2021-24221]medium7.5---
172771Thrive Legacy Rise Theme REST API Endpoint unrestricted uploadmedium6.5---
172770Thrive Optimize Plugin REST API access control [CVE-2021-24219]medium5.2---
172769Facebook for WordPress Plugin AJAX Action wp_ajax_delete_fbe_settings cross-site request forgerylow4.0---
172768Facebook for WordPress Plugin Function run_action deserializationmedium6.0---
172767Controlled Admin Access Plugin customization.php access controlmedium6.5---
172766GiveWP cross site scripting [CVE-2021-24213]low4.0---
172765wpDataTables sql injection [CVE-2021-24200]medium4.6---
172764wpDataTables sql injection [CVE-2021-24199]medium6.5---
172763wpDataTables access control [CVE-2021-24198]medium5.2---
172762wpDataTables access control [CVE-2021-24197]medium5.2---
172761Fortinet FortiADCManager/FortiADC log file [CVE-2021-24024]low4.0---
172760chrono-node Date String denial of service [CVE-2021-23371]low5.0---
172759swiper denial of service [CVE-2021-23370]low5.0---
172758handlebars Template Compile Remote Code Execution [CVE-2021-23369]low5.1---
172757postcss Map Parser incorrect regex [CVE-2021-23368]medium5.0---
172756GitLab JWT Token path traversal [CVE-2021-22190]medium4.6---
172755Monitorr _register.php authorizationmedium5.2---
172754Fortinet FortiWeb Web Vulnerability Scan Profile information disclosurelow4.0---
172753Fortinet FortiOS/FortiProxy HTTP Daemon stack-based overflowmedium6.5---
172752Intelbras Tip 200 cgiServer.exx information disclosurelow2.3---
172751D-Link DIR-802 A1 UPnP command injection [CVE-2021-29379]medium5.2---
172750Standard Library ZIP integer overflow [CVE-2021-28879]medium4.9---
172749Standard Library __iterator_get_unchecked memory corruptionmedium5.2---
172748Standard Library __iterator_get_unchecked memory corruptionmedium5.2---
172747Standard Library __iterator_get_unchecked memory corruptionmedium5.2---
172746Standard Library read_to_end buffer overflowmedium5.2---
172745Standard Library make_contiguous use after freemedium4.9---
172744Standard Library UTF-8 Encoding retain memory corruptionmedium5.2---
172743Standard Library Comparison sift_down_range memory corruptionmedium5.2---
172742ezXML XML File libezxml.a ezxml_internal_dtd null pointer dereferencelow2.3---
172741Valve Steam Source Engine Game buffer overflow [CVE-2021-30481]medium6.5---
172740SonicWall GMS improper authentication [CVE-2021-20020]medium6.8---
172739Zoom Chat Remote Privilege Escalation [CVE-2021-30480]medium4.6---
172738Samsung Account Pendingetent improper authorization [CVE-2021-25381]low1.7---
172737Samsung Bixby Exception Remote Code Execution [CVE-2021-25380]medium5.1---
172736Samsung Gallery Intents information disclosure [CVE-2021-25379]low1.7---
172735Samsung SmartThings Port denial of service [CVE-2021-25378]low1.7---
172734Samsung Experience Service Intent improper authentication [CVE-2021-25377]low2.1---
172733Samsung Email Synchronization information disclosure [CVE-2021-25376]low1.8---
172732Samsung Email Attachment information disclosure [CVE-2021-25375]low5.0---
172731Samsung Members samsungrewards Scheme for Deeplink improper authorizationmedium5.0---
172730Samsung Customization Service Pendingetent improper authorizationlow1.7---
172729Samsung softsimd API privileges management [CVE-2021-25365]medium4.3---
172728Samsung Secure Folder Contact Information information disclosurelow1.7---
172727Samsung ActivityManagerService privileges management [CVE-2021-25363]medium4.3---
172726Samsung CertInstaller privileges management [CVE-2021-25362]medium3.2---
172725Samsung StickerCenter access control [CVE-2021-25361]medium4.3---
172724Samsung libswmfextractor heap-based overflow [CVE-2021-25360]high10.0---
172723Samsung SELinux Policy AP Information permission [CVE-2021-25359]low1.7---
172722Samsung Smart Phone IMSI Value permission [CVE-2021-25358]low1.7---
172721Samsung Create Movie Contact Information information disclosurelow1.0---
172720Samsung Managed Provisioning permission [CVE-2021-25356]medium6.8---
172719ZTE ZXA10 C300M Configuration Error resource consumption [CVE-2021-21728]low4.0---
172718Discord Recon Server code injection [CVE-2021-21433]medium6.5---
172717Vela .netrc improper authorizationmedium4.0---
172716Google Chrome Aura use after free [CVE-2021-21199]medium7.5---
172715Google Chrome IPC out-of-bounds read [CVE-2021-21198]medium7.5---
172714Google Chrome TabStrip heap-based overflow [CVE-2021-21197]medium7.5---
172713Google Chrome TabStrip heap-based overflow [CVE-2021-21196]medium7.5---
172712Google Chrome v8 use after free [CVE-2021-21195]medium7.5---
172711Google Chrome Screen Sharing use after free [CVE-2021-21194]medium7.5---
172710Zoho ManageEngine ServiceDesk Plus/AssetExplorer XML Asset File cross site scriptinglow5.0---
172709SonicWALL Email Security unrestricted upload [CVE-2021-20022]medium6.5---
172708SonicWALL Email Security HTTP Request privileges management [CVE-2021-20021]medium6.5---
172707Online Book Store admin.php sql injectionmedium7.5---
172706Larsens Calender Plugin cross site scripting [CVE-2020-23762]low4.0---
172705Subrion CMS Payment Gateway cross site scripting [CVE-2020-23761]low4.0---
172704Rukovoditel Project Management App choices sql injectionmedium6.5---
172703Rukovoditel Project Management App rules_form sql injectionmedium6.5---
172702Rukovoditel Project Management App rules cross-site request forgerylow4.0---
172701Dreamreport Dream Report CLSID access control [CVE-2020-13534]medium5.2---
172700Dreamreport Dream Report Binary backdoor [CVE-2020-13533]medium5.2---
172699Dreamreport Dream Report Syncfusion Dashboard Service access controlmedium7.7---
172698IBM Spectrum Scale Filesystem Audit Log unknown vulnerabilitylow4.0---
172697Erlang OTP erlsrv.exe access controlmedium9.0---
172696Skyworth Digital Technology RN510 app-staticIP.asp unknown vulnerabilitylow5.2---
172695Skyworth Digital Technology RN510 net-routeadd.asp cross-site request forgerylow4.0---
172694Skyworth Digital Technology RN510 Wi-Fi test_version.asp access controlmedium5.8---
172693sopel-channelmgnt Kick Command access control [CVE-2021-21431]low4.7---
172692Unibox SMB/Enterprise Series/Campus Series network-trace cross-site request forgerylow4.0---
172691Unibox U-50/Enterprise Series/Campus Series ping os command injectionmedium7.7---
172690Wikimedia Parsoid Wikitext WTUtils.php cross site scriptinglow4.0---
172689MediaWiki isValidMoveTarget denial of servicelow2.9---
172688MediaWiki Special:Contributions information disclosurelow2.3---
172687MediaWiki ContentModelChange permissionmedium5.2---
172686MediaWiki API permission [CVE-2021-30152]medium5.2---
172685Atlassian JIRA Server/Data Center Dashboard Gadgets Preference Resource authorizationmedium7.5---
172684Exiv2 JPG Image jp2image.cpp readMetadata heap-based overflowmedium5.2---
172683dnsmasq Port security check for standard [CVE-2021-3448]low5.1---
172682Red Hat Satellite tfm-rubygem-foreman_azure_rm information disclosurelow2.3---
172681Aprelium Abyss Web Server HTTP Request out-of-bounds read [CVE-2021-3328]low5.0---
172680Dolby Audio X2 API Remote Privilege Escalation [CVE-2021-3146]medium6.5---
172679Linux Kernel BPF JIT Compiler Remote Privilege Escalation [CVE-2021-29154]medium9.0---
172678Micro Focus Application Automation Tools Plugin authorizationmedium4.9---
172677Micro Focus Application Automation Tools Plugin cross-site request forgerylow4.0---
172676Micro Focus Application Automation Tools Plugin certificate validationmedium4.3---
172675Micro Focus Application Automation Tools Plugin cross site scriptinglow4.0---
172674Micro Focus Operations Bridge Manager improper authenticationmedium7.5---
172673Huawei Secospace USG9500 Message memory leak [CVE-2021-22312]low3.5---
172672Cloud Foundry Cloud Controller API Service Broker Credential log filelow2.3---
172671Forcepoint Web Security Content Gateway XML information disclosurelow3.5---
172670Xiaomi Mobile Phone MIUI information disclosure [CVE-2020-14106]low1.7---
172669Xiaomi AX3600 XQBackup race condition [CVE-2020-14104]medium4.9---
172668Xiaomi 10 MIUI SNO information disclosure [CVE-2020-14103]low1.7---
172667Xiaomi AX1800/RM1800 Backup hard-coded key [CVE-2020-14099]low1.4---
172666Squirro Insights Engine cross site scripting [CVE-2021-27945]low4.0---
172665Learnsite Cookie index.aspx JudgIsAdmin access controlmedium6.5---
172664Realtek rtl8723de BLE Stack CONNECT_REQ Message denial of servicelow3.5---
172663VestaCP user.conf permissionmedium4.0---
172662VestaCP sudo Configuration bin access controlmedium9.0---
172661zzcms adv.php access controlmedium5.2---
172660Web-School ERP Voucher Payment create cross-site request forgerylow4.0---
172659Web-School ERP Event cross site scripting [CVE-2021-30113]low2.1---
172658Web-School ERP create student_leave_application cross-site request forgerylow4.0---
172657Web-School ERP Event injection [CVE-2021-30111]medium4.9---
172656Nagios Network Analyzer sql injection [CVE-2021-28925]medium6.5---
172655Nagios Network Analyzer queries cross site scriptinglow4.0---
172654IBM WebSphere Application Server server-side request forgerymedium6.5---
172653ESRI ArcGIS Online onerror cross site scripting [CVE-2021-3012]low4.0---
172652ASUS GPUTweak II AsIO2_64.sys DeviceIoControl denial of servicelow4.0---
172651ASUS GPUTweak II Physical Memory AsIO2_64.sys Remote Privilege Escalationhigh9.0---
172650ClamAV Antivirus PDF Parser buffer overflow [CVE-2021-1405]medium5.0---
172649ClamAV Antivirus parsing module denial of service [CVE-2021-1404]low5.0---
172648ClamAV Antivirus Excel XLM Macro Parsing Module denial of servicelow5.0---
172647Mitake Smart Stock Selection System URL improper authenticationmedium7.5---
172646Cisco IOS XR CLI argument injection [CVE-2021-1485]medium4.3---
172645Cisco SD-WAN vManage Software memory corruption [CVE-2021-1480]high10.0---
172644Cisco SD-WAN vManage Software memory corruption [CVE-2021-1479]high10.0---
172643Cisco Umbrella Scheduled Report csv injection [CVE-2021-1475]medium6.5---
172642Cisco Umbrella Scheduled Report csv injection [CVE-2021-1474]medium6.5---
172641Cisco Small Business RV Series Router Web-based Management Interface memory corruptionmedium7.5---
172640Cisco Small Business RV Series Router Web-based Management Interface memory corruptionmedium7.5---
172639Cisco Webex Meetings Client Avatar access control [CVE-2021-1467]medium4.0---
172638Cisco Unified Intelligence Center Web-based Management Interface cross site scriptinglow5.0---
172637Cisco RV110W/RV130/RV130W/RV215W Web-based Management Interface memory corruptionhigh10.0---
172636Cisco Webex Meetings cross site scriting [CVE-2021-1420]low5.0---
172635Cisco RV340/RV340W/RV345/RV345P Web-based Management Interface deserializationmedium6.5---
172634Cisco RV340/RV340W/RV345/RV345P Web-based Management Interface deserializationmedium6.5---
172633Cisco RV340/RV340W/RV345/RV345P Web-based Management Interface deserializationmedium6.5---
172632Cisco Unified Communications Manager Web-based Management Interface cross site scriptinglow5.0---
172631Cisco Unified Communications Manager Web-based Management Interface cross site scriptinglow5.0---
172630Cisco Unified Communications Manager Web-based Management Interface cross site scriptinglow5.0---
172629Cisco Unified Communications Manager file information disclosurelow2.1---
172628Cisco Unified Communications Manager Self Care Portal improper authenticationmedium7.5---
172627Cisco Advanced Malware Protection/Immunet DLL Loader uncontrolled search pathmedium7.1---
172626Cisco Unified Communications Manager Web-based Management Interface cross site scriptinglow5.0---
172625Cisco Unified Communications Manager SOAP API Endpoint code injectionmedium9.0---
172624Cisco Small Business RV Series Router Link Layer Discovery Protocol memory corruptionmedium5.8---
172623Cisco Small Business RV Series Router Link Layer Discovery Protocol memory corruptionmedium5.8---
172622Cisco Small Business RV Series Router Link Layer Discovery Protocol memory corruptionmedium5.8---
172621Cisco SD-WAN vManage Software memory corruption [CVE-2021-1137]medium7.5---
172620id-map Crate remove_set double freemedium4.9---
172619id-map Crate get_or_insert double freemedium4.9---
172618id-map Crate Clone clone clone_from double freemedium4.9---
172617outer_cgi Crate KeyValueReader uninitialized pointerlow4.9---
172616jsrsasign Package RSA PKCS#1 v1.5 Signature Verification signature verificationlow4.0---
172615FFmpeg libavcodec buffer overflow [CVE-2021-30123]medium7.5---
172614Directus Upload Directory unrestricted upload [CVE-2021-29641]medium6.0---
172613Eclipse Mosquitto MQTT v5 null pointer dereference [CVE-2021-28166]low4.0---
172612Litespeed Technologies OpenLiteSpeed access control [CVE-2021-26758]medium7.7---
172611Grav Admin Plugin access control [CVE-2021-21425]medium7.5---
172610RELIC PKCS Signature signature verification [CVE-2020-36316]low1.4---
172609RELIC RSA PKCS Signature certificate validation [CVE-2020-36315]medium4.3---
172608Wcms html.php server-side request forgerymedium5.2---
172607Wcms cssjs.php server-side request forgerymedium5.2---
172606Wcms cssjs.php pathname traversalmedium5.2---
172605Wcms cssjs.php cross site scriptinglow4.0---
172604Ps Project Management Team unity-firefox-extension denial of servicelow5.0---
172603Ps Project Management Team unity-firefox-extension denial of servicelow5.0---
172602Backdoor.Win32.Small.n Service Port 1337 backdoorhigh10.0---
172601Backdoor.Win32.Hupigon.das Service Port 8080 winserv.com backdoormedium7.5---
172600Trojan-Downloader.Win32.Genome.omht permissionmedium6.5---
172599Trojan-Downloader.Win32.Genome.qiw tmp permissionmedium6.5---
172598Trojan.Win32.Hotkeychick.d Sniperscan permissionmedium6.5---
172597Trojan.Win32.Hosts2.yqf mlekaocYUmaae permissionmedium6.5---
172596Trojan-Downloader.Win32.FraudLoad.xevn permissionmedium6.5---
172595Trojan.Win32.Sharer.h HFS HTTP File Server buffer overflow [CVE-2020-13432]medium6.5---
172594Trojan.Win32.Sharer.h FTP Server backdoormedium7.5---
172593Trojan.Win32.Sharer.h FTP Server improper authenticationmedium7.5---
172592CERN Indico Host Header password recovery [CVE-2021-30185]medium4.9---
172591FreeBSD Listening Socket accf_create use after freemedium4.9---
172590FreeBSD Shared Memory Page use after free [CVE-2021-29626]low4.9---
172589libretro RetroArch PowerShell platform_win32.c accessibility_speak_windows command injectionmedium5.2---
172588Jenkins Promoted Builds Plugin cross-site request forgery [CVE-2021-21641]low4.0---
172587Jenkins View permission [CVE-2021-21640]medium5.2---
172586Jenkins REST API Endpoint config.xml permissionmedium5.2---
172585FreeBSD jail race condition [CVE-2020-25584]low4.6---
172584Wcms html.php cross site scriptinglow4.0---
172583Wcms html.php pathname traversallow2.7---
172582GNU Chess PGN cmd.cc cmd_pgnreplay buffer overflowmedium7.5---
172581GNOME file-roller Extraction fr-archive-libarchive.c pathname traversalmedium5.2---
172580PHP-Nuke User Registration sql injection [CVE-2021-30177]medium6.5---
172579D-Link DSL-320B-D1 login.xgi buffer overflowmedium7.5---
172578EikiSoft Archive Collectively Operation Utility ZIP Archive pathname traversalmedium5.2---
172577Yomi-Search cross site scripting [CVE-2021-20691]low4.0---
172576Yomi-Search cross site scripting [CVE-2021-20690]low4.0---
172575Yomi-Search cross site scripting [CVE-2021-20689]low4.0---
172574Click Ranker cross site scripting [CVE-2021-20688]low4.0---
172573Kagemai cross-site request forgery [CVE-2021-20687]low4.0---
172572Kagemai cross site scripting [CVE-2021-20686]low4.0---
172571Kagemai cross site scripting [CVE-2021-20685]low4.0---
172570MagazinegerZ cross site scripting [CVE-2021-20684]low4.0---
172569Qualcomm Snapdragon Compute IO Control memory corruption [CVE-2021-1892]medium6.8---
172568Qualcomm Snapdragon Auto RTCP Packet denial of service [CVE-2020-11255]medium7.8---
172567Qualcomm Snapdragon Auto TrustZone information disclosure [CVE-2020-11252]low0.8---
172566Qualcomm Snapdragon Auto DTMF Payload out-of-bounds read [CVE-2020-11251]medium7.5---
172565Qualcomm Snapdragon Auto out-of-bounds read [CVE-2020-11247]medium6.5---
172564Qualcomm Snapdragon Auto Suspend Mode double free [CVE-2020-11246]medium6.8---
172563Qualcomm Snapdragon Auto NS EL2 access control [CVE-2020-11245]medium6.8---
172562Qualcomm Snapdragon Auto RRC denial of service [CVE-2020-11243]low5.0---
172561Qualcomm Snapdragon Industrial IOT/Snapdragon Mobile SDI Local Privilege Escalationmedium6.8---
172560Qualcomm Snapdragon Auto Histogram memory corruption [CVE-2020-11237]medium6.8---
172559Qualcomm Snapdragon Auto Dimensions memory corruption [CVE-2020-11236]medium6.8---
172558Qualcomm Snapdragon Auto Socket Event use after free [CVE-2020-11234]medium6.8---
172557Qualcomm Snapdragon Compute Thread heap-based overflow [CVE-2020-11231]medium6.5---
172556Qualcomm Snapdragon Connectivity RPM memory corruption [CVE-2020-11210]medium6.8---
172555Qualcomm Snapdragon Auto SDP out-of-bounds read [CVE-2020-11191]medium7.5---
172554Linux Kernel SynIC Hyper-V hyperv.c synic_get null pointer dereferencelow2.3---
172553DMA Softlab Radius Manager admin.php cross-site request forgerylow4.0---
172552Linux Kernel KVM Subsystem kvm-s390.c unknown vulnerabilitylow4.9---
172551Linux Kernel kvm_main.c kvm_io_bus_unregister_dev memory leaklow2.3---
172550Linux Kernel SEV VM sev.c denial of servicelow2.3---
172549Linux Kernel svm.c set_memory_region_test infinite looplow2.3---
172548Proofpoint Insider Threat Management Server Web Console improper authorizationmedium5.2---
172547Proofpoint Insider Threat Management Agents channel accessiblemedium5.1---
172546Teradici PCoIP Connection Manager and Security Gateway log filelow2.7---
172545Proofpoint Insider Threat Management Server Web Console xml external entity referencemedium4.9---
172544Proofpoint Insider Threat Management Server cross site scriptinglow4.0---
172543projen Project Configuration Remote Privilege Escalation [CVE-2021-21423]medium4.6---
172542Syncthing Relay Messages denial of service [CVE-2021-21404]low2.3---
172541ngx_http_lua_module API unknown vulnerability [CVE-2020-36309]low4.9---
172540OpenIAM permission [CVE-2020-13422]medium5.2---
172539OpenIAM access control [CVE-2020-13421]medium5.2---
172538OpenIAM Groovy Script Remote Privilege Escalation [CVE-2020-13420]medium6.0---
172537OpenIAM Batch pathname traversal [CVE-2020-13419]medium5.2---
172536OpenIAM Add New User cross site scripting [CVE-2020-13418]low4.0---
172535Seafile Share of Library cross site scripting [CVE-2021-30146]low4.0---
172534LiquidFiles Send Email cross site scripting [CVE-2021-30140]low4.0---
172533phpseclib RSA PKCS#1 v1.5 Signature Verification signature verificationlow2.3---
172532VIGRA Computer Vision Library File impex.hxx read_image_band denial of servicelow2.3---
172531SerenityOS read buffer overflowmedium5.2---
172530Net::Netmask Zero access control [CVE-2021-29424]medium5.2---
172529Open Container Initiative umoci Image symlink [CVE-2021-29136]medium5.2---
172528SerenityOS LibTextCode buffer overflow [CVE-2021-28874]medium5.2---
172527Django MultiPartParser pathname traversal [CVE-2021-28658]medium5.2---
172526Vangene deltaFlow E-Platform unrestricted upload [CVE-2021-28173]medium7.5---
172525Vangene deltaFlow E-Platform File Download path traversal [CVE-2021-28172]medium5.0---
172524Vangene deltaFlow E-Platform Cookie insufficiently protected credentialsmedium6.5---
172523CITSmart Filtro de Autocomplete unknown vulnerability [CVE-2021-28142]low4.9---
172522iKuaiOS information disclosure [CVE-2021-28075]low2.3---
172521RIOT-OS gnrc_rpl_control_messages.c _parse_options buffer overflowmedium5.2---
172520RIOT-OS gnrc_rpl_validation.c gnrc_rpl_validation_options buffer overflowmedium5.2---
172519RIOT-OS gnrc_rpl_control_messages.c buffer overflowmedium5.2---
172518SerenityOS ASN.1 DER.h der_decode_sequence buffer overflowlow2.7---
172517TimelyBills JWT Token Storage cleartext storage [CVE-2021-26833]low1.7---
172516Facebook WhatsApp/WhatsApp Business Cache Configuration information disclosurelow1.4---
172515Facebook WhatsApp/WhatsApp Business Decoding Pipeline out-of-bounds writemedium7.5---
172514MongoDB Compass privileges management [CVE-2021-20334]medium6.5---
172513Union Pay signature verification [CVE-2020-36285]medium5.2---
172512Union Pay signature verification [CVE-2020-36284]medium5.2---
172511Union Pay Shopping signature verification [CVE-2020-23533]medium5.2---
172510Red Hat Enterprise Linux QEMU out-of-bounds read [CVE-2021-20295]low2.3---
172509Redmine Issues API permission [CVE-2021-30164]medium5.2---
172508Redmine Project information disclosure [CVE-2021-30163]low2.3---
172507LG Mobile Devices ISMS Services access control [CVE-2021-30162]medium5.2---
172506LG Mobile Device Lockscreen protection mechanism [CVE-2021-30161]medium4.6---
172505MediaWiki Special:ResetTokens improper authenticationlow1.4---
172504MediaWiki ChangesList Special Pages cross site scripting [CVE-2021-30157]low4.0---
172503MediaWiki Special:NewFiles cross site scriptinglow4.0---
172502Sidekiq Live-Poll cross site scripting [CVE-2021-30151]low2.1---
172501Composr XML Script cross site scripting [CVE-2021-30150]low4.0---
172500Composr unrestricted upload [CVE-2021-30149]medium4.9---
172499Dashboard Plugin main2.php access controlmedium4.0---
172498ASUS BMC Web Management Page path traversal [CVE-2021-28209]low3.3---
172497ASUS BMC Web Management Page path traversal [CVE-2021-28208]low3.3---
172496ASUS BMC Web Management Page path traversal [CVE-2021-28207]low3.3---
172495ASUS BMC Web Management Page path traversal [CVE-2021-28206]low3.3---
172494ASUS BMC Web Management Page path traversal [CVE-2021-28205]low3.3---
172493ASUS BMC Web Management Page os command injection [CVE-2021-28204]medium8.3---
172492ASUS BMC Web Set Media Image os command injection [CVE-2021-28203]medium8.3---
172491ASUS BMC Web Management Page buffer overflow [CVE-2021-28202]low3.3---
172490ASUS BMC Web Management Page buffer overflow [CVE-2021-28201]low3.3---
172489ASUS BMC CD Media Configuration buffer overflow [CVE-2021-28200]low3.3---
172488ASUS BMC Web Management Page buffer overflow [CVE-2021-28199]low3.3---
172487ASUS BMC Firmware Protocol Configuration buffer overflow [CVE-2021-28198]low3.3---
172486ASUS BMC Active Directory Configuration buffer overflow [CVE-2021-28197]low3.3---
172485ASUS BMC SSL Certificate buffer overflow [CVE-2021-28196]low3.3---
172484ASUS BMC Web Management Page buffer overflow [CVE-2021-28195]low3.3---
172483ASUS BMC Web Management Page buffer overflow [CVE-2021-28194]low3.3---
172482ASUS BMC SMTP Configuration buffer overflow [CVE-2021-28193]low3.3---
172481ASUS BMC Web Management Page buffer overflow [CVE-2021-28192]low3.3---
172480ASUS BMC Web Management Page buffer overflow [CVE-2021-28191]low3.3---
172479ASUS BMC Web Management Page buffer overflow [CVE-2021-28190]low3.3---
172478ASUS BMC Web Management Page buffer overflow [CVE-2021-28189]low3.3---
172477ASUS BMC Web Management Page buffer overflow [CVE-2021-28188]low3.3---
172476ASUS BMC SSL Certificate buffer overflow [CVE-2021-28187]low3.3---
172475ASUS BMC Web Management Page buffer overflow [CVE-2021-28186]low3.3---
172474ASUS BMC Web Management Page buffer overflow [CVE-2021-28185]low3.3---
172473ASUS BMC Active Directory Configuration buffer overflow [CVE-2021-28184]low3.3---
172472ASUS BMC Web Management Page buffer overflow [CVE-2021-28183]low3.3---
172471ASUS BMC Web Service Configuration buffer overflow [CVE-2021-28182]low3.3---
172470ASUS BMC Web Management Page buffer overflow [CVE-2021-28181]low3.3---
172469ASUS BMC Web Management Page buffer overflow [CVE-2021-28180]low3.3---
172468ASUS BMC Web Management Page buffer overflow [CVE-2021-28179]low3.3---
172467ASUS BMC UEFI Configuration buffer overflow [CVE-2021-28178]low3.3---
172466ASUS BMC Web Management Page buffer overflow [CVE-2021-28177]low3.3---
172465ASUS BMC Web Management Page buffer overflow [CVE-2021-28176]low3.3---
172464ASUS BMC Web Management Page buffer overflow [CVE-2021-28175]low3.3---
172463Redmine CSV Export information disclosure [CVE-2020-36308]low2.3---
172462Redmine Textile cross site scripting [CVE-2020-36307]low4.0---
172461Redmine cross site scripting [CVE-2020-36306]low4.0---
172460Redmine Textile unknown vulnerability [CVE-2019-25026]low4.9---
172459Friendica UserExport.php memory allocation [Disputed]low2.3---
172458WooCommerce Help Scout Plugin hstmp unrestricted uploadmedium6.8---
172457Related Posts Plugin Settings Page cross site scripting [CVE-2021-24211]low4.0---
172456PhastPress Plugin redirect [CVE-2021-24210]low6.0---
172455WP Super Cache Plugin Cache Settings wp-cache-config.php code injectionmedium6.5---
172454WP Page Builder Plugin Raw HTML Widget/Custom HTML Widget cross site scriptinglow4.0---
172453WP Page Builder Plugin Subscriber access control [CVE-2021-24207]medium5.2---
172452Elementor Website Builder Plugin image-box.php cross site scriptinglow4.0---
172451Elementor Website Builder Plugin icon-box.php cross site scriptinglow4.0---
172450Elementor Website Builder Plugin Saved Pages accordion.php cross site scriptinglow4.0---
172449Elementor Website Builder Plugin Saved Pages divider.php cross site scriptinglow4.0---
172448Elementor Website Builder Plugin Saved Pages heading.php cross site scriptinglow4.0---
172447Elementor Website Builder Plugin column.php cross site scriptinglow4.0---
172446Social Slider Widget Plugin Settings Page cross site scriptinglow4.0---
172445SEO Redirection Plugin 301 Redirect cross site scripting [CVE-2021-24187]low4.0---
172444Tutor LMS Plugin get_answer_by_id sql injectionmedium6.5---
172443Tutor LMS AJAX tutor_place_rating sql injectionmedium6.5---
172442Tutor LMS AJAX Endpoint privileges management [CVE-2021-24184]medium5.2---
172441Tutor LMS Plugin AJAX tutor_quiz_builder_get_question_form sql injectionmedium6.5---
172440Tutor LMS Plugin AJAX tutor_quiz_builder_get_answers_by_question sql injectionmedium6.5---
172439Tutor LMS tutor_mark_answer_as_correct sql injectionmedium4.6---
172438Related Posts Plugin GET Parameter cross site scripting [CVE-2021-24180]low4.0---
172437File Manager Plugin cross site scripting [CVE-2021-24177]low4.0---
172436JH 404 Logger Plugin Path cross site scripting [CVE-2021-24176]low4.0---
172435Plus Addons for Elementor Page Builder Plugin improper authenticationmedium5.8---
172434Database Backups Plugin cross-site request forgery [CVE-2021-24174]low4.0---
172433VM Backups Plugin cross-site request forgery [CVE-2021-24173]low4.0---
172432VM Backups Plugin cross-site request forgery [CVE-2021-24172]low4.0---
172431WooCommerce Upload Files Plugin Blacklist unrestricted uploadmedium6.5---
172430User Profile Picture Plugin REST API Endpoint get_users information disclosurelow2.3---
172429Advanced Order Export for WooCommerce Plugin Admin Panel cross site scriptinglow4.0---
172428Easy Contact Form Pro Plugin cross site scripting [CVE-2021-24168]low4.0---
172427Web-Stat XMLHttpRequest wts_web_stat_load_init information disclosurelow2.3---
172426Ninja Forms Contact Form Drag/Drop Form Builder wp_ajax_nf_oauth_disconnect cross-site request forgerylow4.0---
172425Ninja Forms Contact Form Plugin wp_ajax_nf_oauth_connect redirectlow4.9---
172424Ninja Forms Contact Form Plugin wp_ajax_nf_oauth information disclosurelow4.0---
172423SendWP Ninja Forms Contact Form Plugin AJAX wp_ajax_ninja_forms_sendwp_remote_install_handler information disclosurelow4.0---
172422Reponsive Menu Plugin Setting cross-site request forgery [CVE-2021-24162]low5.0---
172421Reponsive Menu Plugin ZIP cross-site request forgery [CVE-2021-24161]low4.0---
172420Reponsive Menu Plugin unrestricted upload [CVE-2021-24160]medium6.5---
172419Contact Form 7 Style Plugin Custom CSS cross site scripting [CVE-2021-24159]low4.0---
172418ThemeIsle Orbit Fox Registration privileges management [CVE-2021-24158]medium5.2---
172417ThemeIsle Orbit Fox Header cross site scripting [CVE-2021-24157]low4.0---
172416Testimonial Rotator cross site scripting [CVE-2021-24156]low4.0---
172415Backup and Migrate Plugin Privileges unrestricted upload [CVE-2021-24155]medium5.8---
172414Theme Editor Plugin passwd download_file file accesslow3.3---
172413Yoast SEO Plugin Blacklist cross site scripting [CVE-2021-24153]low4.0---
172412Popup Builder All Subscribers Setting Page cross site scriptinglow4.0---
172411LikeBtn Like Button Rating server-side request forgery [CVE-2021-24150]medium5.8---
172410HTMLDOC integer overflow [CVE-2021-20308]low4.9---
172409libpano13 panoFileOutputNamesCreate format stringmedium5.2---
172408Nettle signature verification [CVE-2021-20305]low2.6---
172407Core FTP Server buffer overflow [CVE-2020-19596]medium6.5---
172406Core FTP Server buffer overflow [CVE-2020-19595]medium5.2---
172405WSO2 Management Console login.jsp cross site scriptinglow4.0---
172404IBM InfoSphere Information Server Web UI cross site scriptinglow4.0---
172403IBM Edge Web UI cross site scripting [CVE-2020-4792]low4.0---
172402Froala Editor Hyperlink Creation Module cross site scriptinglow5.0---
172401Knowage Suite execute cross site scriptinglow4.0---
172400Knowage Suite analyticalDrivers cross site scriptinglow4.0---
172399Knowage Suite publish cross site scriptinglow4.0---
172398Knowage Suite URL Analytics Driver sql injection [CVE-2021-30055]medium6.5---
172397Mark Text md File cross site scripting [CVE-2021-29996]low4.0---
172396Svelte Extension Workspace Configuration unknown vulnerabilitylow4.9---
172395VSCodeVim Workspace Configuration unknown vulnerability [CVE-2021-28832]low4.9---
172394TerraMaster F2-210 UPnP information disclosure [CVE-2021-30127]low5.0---
172393Dell Wyse Management Suite Job Status Retrieval Page denial of servicelow4.0---
172392Dell Wyse ThinOS Management Server certificate validation [CVE-2021-21532]medium4.3---
172391Dell System Update resource consumption [CVE-2021-21529]low1.7---
172390RStudio Shiny Server pathname traversal [CVE-2021-3374]medium4.0---
172389Lightmeter ControlCenter Setting HTTP Query information disclosurelow1.8---
172388Webiness Jamf Pro Inventory History cross site scripting [CVE-2021-30125]low4.0---
172387docsify Code Block cross site scripting [CVE-2021-30074]low4.0---
172386D-Link DIR-878 prog.cgi strcat stack-based overflowmedium5.2---
172385Softing OPC Toolbox Trace File diag_values.html cross site scriptinglow4.0---
172384Softing OPC Toolbox cfg_setpwd.html cross-site request forgerylow4.0---
172383Scripts MagpieRSS HTTPS Request Snoopy.class.inc information disclosurelow2.3---
172382Scripts MagpieRSS HTTPS URL Snoopy.class.inc exec command injectionmedium5.2---
172381Piwigo sql injection [CVE-2021-27973]medium5.2---
172380GitHub Enterprise Server REST API improper authorization [CVE-2021-22865]medium5.2---
172379Apple tvOS ImageIO state issue [CVE-2021-1818]medium6.5---
172378Apple watchOS ImageIO state issue [CVE-2021-1818]medium6.5---
172377Apple iOS/iPadOS ImageIO state issue [CVE-2021-1818]medium6.5---
172376Apple macOS iCloud Document permission [CVE-2021-1803]low1.7---
172375Apple tvOS WebKit access control [CVE-2021-1801]medium7.5---
172374Apple watchOS WebKit access control [CVE-2021-1801]medium7.5---
172373Apple iOS/iPadOS WebKit access control [CVE-2021-1801]medium7.5---
172372Apple Safari WebRTC redirect [CVE-2021-1799]low5.2---
172371Apple tvOS WebRTC redirect [CVE-2021-1799]low5.2---
172370Apple watchOS WebRTC redirect [CVE-2021-1799]low5.2---
172369Apple iOS/iPadOS WebRTC redirect [CVE-2021-1799]low5.2---
172368Apple tvOS APFS permission [CVE-2021-1797]low1.7---
172367Apple watchOS APFS permission [CVE-2021-1797]low1.7---
172366Apple iOS/iPadOS APFS permission [CVE-2021-1797]low1.7---
172365Apple iOS/iPadOS out-of-bounds write [CVE-2021-1796]medium7.5---
172364Apple iOS/iPadOS out-of-bounds write [CVE-2021-1795]medium7.5---
172363Apple iOS/iPadOS out-of-bounds read [CVE-2021-1794]medium6.5---
172362Apple tvOS ImageIO Remote Code Execution [CVE-2021-1793]medium7.5---
172361Apple watchOS ImageIO Remote Code Execution [CVE-2021-1793]medium7.5---
172360Apple iOS/iPadOS ImageIO Remote Code Execution [CVE-2021-1793]medium7.5---
172359Apple tvOS CoreText out-of-bounds read [CVE-2021-1792]medium6.5---
172358Apple watchOS CoreText out-of-bounds read [CVE-2021-1792]medium6.5---
172357Apple iOS/iPadOS CoreText out-of-bounds read [CVE-2021-1792]medium6.5---
172356Apple tvOS FairPlay out-of-bounds read [CVE-2021-1791]low1.7---
172355Apple watchOS FairPlay out-of-bounds read [CVE-2021-1791]low1.7---
172354Apple iOS/iPadOS FairPlay out-of-bounds read [CVE-2021-1791]low1.7---
172353Apple tvOS WebKit type confusion [CVE-2021-1789]medium7.5---
172352Apple watchOS WebKit type confusion [CVE-2021-1789]medium7.5---
172351Apple iOS/iPadOS WebKit type confusion [CVE-2021-1789]medium7.5---
172350Apple watchOS WebKit use after free [CVE-2021-1788]medium7.5---
172349Apple tvOS WebKit use after free [CVE-2021-1788]medium7.5---
172348Apple iOS/iPadOS WebKit use after free [CVE-2021-1788]medium7.5---
172347Apple tvOS Crash Reporter behavioral workflow [CVE-2021-1787]low4.3---
172346Apple watchOS Crash Reporter behavioral workflow [CVE-2021-1787]low4.3---
172345Apple iOS/iPadOS Crash Reporter behavioral workflow [CVE-2021-1787]low4.3---
172344Apple watchOS Crash Reporter state issue [CVE-2021-1786]low4.3---
172343Apple tvOS Crash Reporter state issue [CVE-2021-1786]low4.3---
172342Apple iOS/iPadOS Crash Reporter state issue [CVE-2021-1786]low4.3---
172341Apple tvOS ImageIO out-of-bounds read [CVE-2021-1785]medium7.5---
172340Apple watchOS ImageIO out-of-bounds read [CVE-2021-1785]medium7.5---
172339Apple iOS/iPadOS ImageIO out-of-bounds read [CVE-2021-1785]medium7.5---
172338Apple watchOS ImageIO memory corruption [CVE-2021-1783]medium7.5---
172337Apple tvOS ImageIO memory corruption [CVE-2021-1783]medium7.5---
172336Apple iOS/iPadOS ImageIO memory corruption [CVE-2021-1783]medium7.5---
172335Apple iOS/iPadOS Contact Card information disclosure [CVE-2021-1781]low1.7---
172334Apple macOS Contact Card information disclosure [CVE-2021-1781]low1.7---
172333Apple iOS/iPadOS memory corruption [CVE-2021-1780]low1.8---
172332Apple tvOS ImageIO out-of-bounds read [CVE-2021-1778]medium4.9---
172331Apple watchOS ImageIO out-of-bounds read [CVE-2021-1778]medium4.9---
172330Apple iOS/iPadOS ImageIO out-of-bounds read [CVE-2021-1778]medium4.9---
172329Apple tvOS ImageIO Remote Code Execution [CVE-2021-1777]medium7.5---
172328Apple watchOS ImageIO Remote Code Execution [CVE-2021-1777]medium7.5---
172327Apple iOS/iPadOS ImageIO Remote Code Execution [CVE-2021-1777]medium7.5---
172326Apple tvOS CoreGraphics out-of-bounds write [CVE-2021-1776]medium7.5---
172325Apple watchOS CoreGraphics out-of-bounds write [CVE-2021-1776]medium7.5---
172324Apple iOS/iPadOS CoreGraphics out-of-bounds write [CVE-2021-1776]medium7.5---
172323Apple tvOS ImageIO Remote Code Execution [CVE-2021-1774]medium7.5---
172322Apple watchOS ImageIO Remote Code Execution [CVE-2021-1774]medium7.5---
172321Apple iOS/iPadOS ImageIO Remote Code Execution [CVE-2021-1774]medium7.5---
172320Apple tvOS denial of service [CVE-2021-1773]medium7.5---
172319Apple watchOS denial of service [CVE-2021-1773]medium7.5---
172318Apple iOS/iPadOS denial of service [CVE-2021-1773]medium7.5---
172317Apple tvOS CoreText stack-based overflow [CVE-2021-1772]medium7.5---
172316Apple watchOS CoreText stack-based overflow [CVE-2021-1772]medium7.5---
172315Apple iOS/iPadOS CoreText stack-based overflow [CVE-2021-1772]medium7.5---
172314Apple tvOS Swift memory corruption [CVE-2021-1769]low5.2---
172313Apple watchOS Swift memory corruption [CVE-2021-1769]low5.2---
172312Apple iOS/iPadOS Swift memory corruption [CVE-2021-1769]low5.2---
172311Apple iOS/iPadOS Model IO out-of-bounds read [CVE-2021-1768]medium7.5---
172310Apple iOS/iPadOS Model IO heap-based overflow [CVE-2021-1767]medium7.5---
172309Apple tvOS ImageIO denial of service [CVE-2021-1766]low5.0---
172308Apple watchOS ImageIO denial of service [CVE-2021-1766]low5.0---
172307Apple iOS/iPadOS ImageIO denial of service [CVE-2021-1766]low5.0---
172306Apple watchOS Kernel use after free [CVE-2021-1764]low4.0---
172305Apple tvOS Kernel use after free [CVE-2021-1764]low4.0---
172304Apple iOS/iPadOS Kernel use after free [CVE-2021-1764]low4.0---
172303Apple iOS/iPadOS Model IO buffer overflow [CVE-2021-1763]medium7.5---
172302Apple tvOS Crash Reporter denial of service [CVE-2021-1761]low4.0---
172301Apple watchOS Crash Reporter denial of service [CVE-2021-1761]low4.0---
172300Apple iOS/iPadOS Crash Reporter denial of service [CVE-2021-1761]low4.0---
172299Apple tvOS CoreAnimation memory corruption [CVE-2021-1760]low4.3---
172298Apple watchOS CoreAnimation memory corruption [CVE-2021-1760]low4.3---
172297Apple iOS/iPadOS CoreAnimation memory corruption [CVE-2021-1760]low4.3---
172296Apple tvOS CoreMedia out-of-bounds read [CVE-2021-1759]medium7.5---
172295Apple watchOS CoreMedia out-of-bounds read [CVE-2021-1759]medium7.5---
172294Apple iOS/iPadOS CoreMedia out-of-bounds read [CVE-2021-1759]medium7.5---
172293Apple watchOS FontParser out-of-bounds read [CVE-2021-1758]medium6.5---
172292Apple tvOS FontParser out-of-bounds read [CVE-2021-1758]medium6.5---
172291Apple iOS/iPadOS FontParser out-of-bounds read [CVE-2021-1758]medium6.5---
172290Apple tvOS IOSkywalkFamily out-of-bounds read [CVE-2021-1757]low4.3---
172289Apple watchOS IOSkywalkFamily out-of-bounds read [CVE-2021-1757]low4.3---
172288Apple iOS/iPadOS IOSkywalkFamily out-of-bounds read [CVE-2021-1757]low4.3---
172287Apple iOS/iPadOS Lock Screen access control [CVE-2021-1756]low2.1---
172286Apple macOS Lock Screen access control [CVE-2021-1755]low2.1---
172285Apple tvOS ImageIO Remote Code Execution [CVE-2021-1754]medium7.5---
172284Apple watchOS ImageIO Remote Code Execution [CVE-2021-1754]medium7.5---
172283Apple iOS/iPadOS ImageIO Remote Code Execution [CVE-2021-1754]medium7.5---
172282Apple iOS/iPadOS Model I/O out-of-bounds read [CVE-2021-1753]medium7.5---
172281Apple watchOS Kernel behavioral workflow [CVE-2021-1750]medium6.8---
172280Apple tvOS Kernel behavioral workflow [CVE-2021-1750]medium6.8---
172279Apple iOS/iPadOS Kernel behavioral workflow [CVE-2021-1750]medium6.8---
172278Apple tvOS URL cross site scripting [CVE-2021-1748]low5.0---
172277Apple watchOS URL cross site scripting [CVE-2021-1748]low5.0---
172276Apple iOS/iPadOS URL cross site scripting [CVE-2021-1748]low5.0---
172275Apple watchOS CoreAudio out-of-bounds write [CVE-2021-1747]medium7.5---
172274Apple tvOS CoreAudio out-of-bounds write [CVE-2021-1747]medium7.5---
172273Apple iOS/iPadOS CoreAudio out-of-bounds write [CVE-2021-1747]medium7.5---
172272Apple tvOS ImageIO Remote Code Execution [CVE-2021-1746]medium7.5---
172271Apple watchOS ImageIO Remote Code Execution [CVE-2021-1746]medium7.5---
172270Apple iOS/iPadOS ImageIO Remote Code Execution [CVE-2021-1746]medium7.5---
172269Apple iOS/iPadOS Model IO out-of-bounds read [CVE-2021-1745]medium7.5---
172268Apple watchOS ImageIO out-of-bounds write [CVE-2021-1744]medium7.5---
172267Apple tvOS ImageIO out-of-bounds write [CVE-2021-1744]medium7.5---
172266Apple iOS/iPadOS ImageIO out-of-bounds write [CVE-2021-1744]medium7.5---
172265Apple watchOS ImageIO out-of-bounds read [CVE-2021-1743]medium7.5---
172264Apple tvOS ImageIO out-of-bounds read [CVE-2021-1743]medium7.5---
172263Apple iOS/iPadOS ImageIO out-of-bounds read [CVE-2021-1743]medium7.5---
172262Apple watchOS ImageIO Remote Code Execution [CVE-2021-1742]medium7.5---
172261Apple tvOS ImageIO Remote Code Execution [CVE-2021-1742]medium7.5---
172260Apple iOS/iPadOS ImageIO Remote Code Execution [CVE-2021-1742]medium7.5---
172259Apple tvOS ImageIO out-of-bounds read [CVE-2021-1741]medium7.5---
172258Apple watchOS ImageIO out-of-bounds read [CVE-2021-1741]medium7.5---
172257Apple iOS/iPadOS ImageIO out-of-bounds read [CVE-2021-1741]medium7.5---
172250Apple tvOS XPC Service launchd access controlmedium6.8---
172249Apple watchOS XPC Service launchd access controlmedium6.8---
172236Apple tvOS Image out-of-bounds write [CVE-2020-9955]medium5.2---
172235Apple watchOS Image out-of-bounds write [CVE-2020-9955]medium5.2---
172234Apple macOS Image out-of-bounds write [CVE-2020-9955]medium5.2---
172233Apple iOS/iPadOS Image out-of-bounds write [CVE-2020-9955]medium5.2---
172232Apple macOS out-of-bounds read [CVE-2020-9930]medium5.7---
172231Apple iCloud XML use after free [CVE-2020-9926]medium7.5---
172230Apple tvOS XML use after free [CVE-2020-9926]medium7.5---
172229Apple watchOS XML use after free [CVE-2020-9926]medium7.5---
172228Apple macOS XML use after free [CVE-2020-9926]medium7.5---
172227Apple iOS/iPadOS XML use after free [CVE-2020-9926]medium7.5---
172226Apple iOS/iPadOS Font out-of-bounds read [CVE-2020-29639]low5.0---
172225Apple macOS Image Remote Code Execution [CVE-2020-29625]medium7.5---
172224Apple tvOS Font File memory corruption [CVE-2020-29624]medium7.5---
172223Apple macOS Font File memory corruption [CVE-2020-29624]medium7.5---
172222Apple iOS/iPadOS Font File memory corruption [CVE-2020-29624]medium7.5---
172221Apple tvOS Clear History information disclosure [CVE-2020-29623]low3.2---
172220Apple macOS Clear History information disclosure [CVE-2020-29623]low3.2---
172219Apple iOS/iPadOS Clear History information disclosure [CVE-2020-29623]low3.2---
172218Apple tvOS Image out-of-bounds read [CVE-2020-29615]low5.0---
172217Apple watchOS Image out-of-bounds read [CVE-2020-29615]low5.0---
172216Apple macOS Image out-of-bounds read [CVE-2020-29615]low5.0---
172215Apple iOS/iPadOS Image out-of-bounds read [CVE-2020-29615]low5.0---
172214Apple tvOS Model IO Remote Code Execution [CVE-2020-29614]medium7.5---
172213Apple iOS/iPadOS Model IO Remote Code Execution [CVE-2020-29614]medium7.5---
172212Apple tvOS Audio File out-of-bounds read [CVE-2020-29610]low5.0---
172211Apple watchOS Audio File out-of-bounds read [CVE-2020-29610]low5.0---
172210Apple macOS Audio File out-of-bounds read [CVE-2020-29610]low5.0---
172209Apple iOS/iPadOS Audio File out-of-bounds read [CVE-2020-29610]low5.0---
172208Apple watchOS FontParser out-of-bounds read [CVE-2020-29608]medium6.5---
172207Apple iOS/iPadOS FontParser out-of-bounds read [CVE-2020-29608]medium6.5---
172206Apple tvOS FontParser out-of-bounds read [CVE-2020-29608]medium6.5---
172205Apple macOS Image Remote Code Execution [CVE-2020-27939]medium7.5---
172204Apple macOS Kernel Memory out-of-bounds read [CVE-2020-27936]low4.3---
172203Apple tvOS sandbox [CVE-2020-27935]medium5.2---
172202Apple watchOS sandbox [CVE-2020-27935]medium5.2---
172201Apple macOS sandbox [CVE-2020-27935]medium5.2---
172200Apple iOS/iPadOS sandbox [CVE-2020-27935]medium5.2---
172199Apple macOS Image memory corruption [CVE-2020-27933]medium7.5---
172198Apple tvOS Image memory corruption [CVE-2020-27933]medium7.5---
172197Apple watchOS Image memory corruption [CVE-2020-27933]medium7.5---
172196Apple iCloud Image memory corruption [CVE-2020-27933]medium7.5---
172195Apple iOS/iPadOS Image memory corruption [CVE-2020-27933]medium7.5---
172176Apple tvOS use after free [CVE-2020-27899]medium4.3---
172175Apple watchOS use after free [CVE-2020-27899]medium4.3---
172174Apple macOS use after free [CVE-2020-27899]medium4.3---
172173Apple iOS/iPadOS use after free [CVE-2020-27899]medium4.3---
172172Apple macOS Screen Sharing state issue [CVE-2020-27893]low2.7---
172171D-Link DIR-846 SetMasterWLanSettings.php os command injectionmedium6.5---
172170WUZHI CMS index.php pathname traversalmedium5.2---
172169Core FTP LE Username Editbox buffer overflow [CVE-2020-21588]low1.7---
172168emlog ZIP Plugin Module unrestricted upload [CVE-2020-21585]medium4.9---
172167WiZ Colors A60 WiFi Credential cleartext storage [CVE-2020-11924]low1.4---
172166WiZ Colors A60 API Credential log file [CVE-2020-11923]low1.7---
172165Apple macOS access control [CVE-2020-10008]low1.4---
172164Apple macOS memory corruption [CVE-2020-10001]low1.7---
172163Pomerium Sign-in/Sign-out redirect [CVE-2021-29652]medium4.9---
172162Pomerium redirect [CVE-2021-29651]low4.9---
172161DMA Softlab Radius Manager Session Cookie improper authorizationmedium5.1---
172160DMA Softlab Radius Manager admin.php cross site scriptinglow4.0---
172159Cohesity DataPlatform Support Channel channel accessible [CVE-2021-28124]low2.6---
172158Cohesity DataPlatform SSH Key hard-coded key [CVE-2021-28123]low2.6---
172157Okta Access Gateway os command injection [CVE-2021-28113]medium5.8---
172156Magnolia CMS login.html cross site scriptinglow4.0---
172155Magnolia CMS cross site scripting [CVE-2021-25893]low4.0---
172154GitLab Community Edition/Enterprise Edition Wiki Page information disclosurelow2.6---
172153GitLab Community Edition/Enterprise Edition API cross-site request forgerylow5.0---
172152GitLab Community Edition/Enterprise Edition Import File information disclosurelow4.0---
172151GitLab Community Edition/Enterprise Edition Public Project information disclosurelow2.6---
172150GitLab Community Edition/Enterprise Edition Public Project denial of servicelow5.5---
172149GitLab Community Edition/Enterprise Edition Branch infinite looplow4.0---
172148GitLab Community Edition/Enterprise Edition Merge Request cross site scriptinglow4.0---
172147wire-webapp Input Element information disclosure [CVE-2021-21400]low2.1---
172146Luvion Grand Elite 3 Connect hard-coded credentials [CVE-2020-11925]medium8.3---
172145WiZ Colors A60 information disclosure [CVE-2020-11922]low2.6---
172144Sannce Smart HD Wifi Security Camera EAN 2 Password passwd credentials storagelow1.0---
172143Sannce Smart HD Wifi Security Camera EAN 2 Telnet missing authenticationmedium7.5---
172142Sannce Smart HD Wifi Security Camera EAN 2 Streaming authentication bypassmedium5.0---
172141Sannce Smart HD Wifi Security Camera EAN 2 Service Port 20188 denial of servicelow5.0---
172140wpa_supplicant/hostapd pkcs1.c unknown vulnerability [CVE-2021-30004]low4.9---
172139Nokia G-120W-F Administrative Interface cross site scriptinglow4.0---
172138Linux Kernel Webcam v4l2-ioctl.c video_usercopy memory leaklow2.3---
172137LATRIX inandout.php sql injectionmedium5.2---
172136Apache CXF JWT Token server-side request forgery [CVE-2021-22696]medium4.1---
172135Devolutions Server Type Document cross site scripting [CVE-2021-23925]low4.0---
172134Devolutions Server Diagnostic File information disclosure [CVE-2021-23924]low2.3---
172133Devolutions Server Windows Domain User improper authenticationmedium5.8---
172132Devolutions Remote Desktop Manager Webviews cross site scriptinglow4.0---
172131Devolutions SERVER Password List Entry access control [CVE-2021-23921]medium5.2---
172130node-etsy-client REST API information disclosure [CVE-2021-21421]low4.0---
172129vscode-stripe Repository injection [CVE-2021-21420]low5.1---
172128django-registration User Registration information exposure [CVE-2021-21416]low4.0---
172127Ansible Tower Modules log file [CVE-2021-3447]low2.7---
172126pikepdf Package XMP Metadata metadata.py xml external entity referencelow4.9---
172125eMPS Central Management sql injection [CVE-2021-28970]medium6.5---
172124eMPS Email Search sql injection [CVE-2021-28969]medium6.5---
172123Devolutions Remote Desktop Manager Administrative Reports cross site scriptinglow4.0---
172122Pega Chat Access Group Portal access control [CVE-2021-27653]low1.7---
172121Kaspersky Internet Security Anti-Virus Protection protection mechanismmedium7.5---
172120HPE Superdome Flex Server BMC Web Interface denial of servicelow3.5---
172119HPE iLO Amplifier Pack cross site scripting [CVE-2021-26580]low4.0---
172118Atlassian Confluence Server/Confluence Data Center WidgetConnector Plugin server-side request forgerymedium6.5---
172117GoCD backup cross-site request forgerylow4.0---
172116cURL/libcURL TLS 1.3 Handshake certificate validation [CVE-2021-22890]medium7.5---
172115GitLab gitlab-vscode-extension Local Privilege Escalation [CVE-2021-22195]low4.3---
172114VMware Carbon Black Cloud Workload Appliance Administrative Interface information disclosurelow2.7---
172113Containers Storage Container Image locking [CVE-2021-20291]low5.0---
172112Zoho ManageEngine OpManager Spark Gateway denial of service [CVE-2021-20078]low4.0---
172111Huawei Smartphone Interface unknown vulnerability [CVE-2020-9149]low3.2---
172110Huawei Smartphone Interface denial of service [CVE-2020-9148]low3.2---
172109Huawei Smartphone Interface out-of-bounds read [CVE-2020-9147]low1.7---
172108Huawei Smartphone Interface memory leak [CVE-2020-9146]low1.7---
172107mblog profile cross site scriptinglow4.0---
172106mblog editing cross site scriptinglow4.0---
172105mblog profile cross site scriptinglow4.0---
172104mblog Header Field editing cross site scriptinglow4.0---
172103sunkaifei FlyCMS ImagesService.java saveUrlAs server-side request forgerymedium5.2---
172102Trojan-Downloader.Win32.Delf.nzg Arquivos de Programas permissionmedium6.5---
172101Trojan-Downloader.Win32.Delf.oxz RECYCLER permissionmedium6.5---
172100Trojan-Downloader.Win32.Delf.ur Messenger permissionmedium6.5---
172099PostgreSQL UPDATE Permission information exposure [CVE-2021-3393]low4.0---
172098Adobe Acrobat Reader PDF File improper validation of integrity check valuemedium7.5---
172097Adobe Acrobat Reader PDF File improper validation of integrity check valuemedium7.5---
172096Eclipse Jetty TLS Frame resource consumption [CVE-2021-28165]low5.0---
172095Eclipse Jetty Default Compliance Mode web.xml information disclosurelow5.0---
172094Eclipse Jetty Directory information disclosure [CVE-2021-28163]low2.6---
172093GitLab Community Edition/Enterprise Edition gitlab-shell denial of servicelow4.0---
172092Academy Software Foundation OpenEXR Dwa Decompression null pointer dereferencelow2.3---
172091ZeroMQ Server Decoder decoder_allocators.hpp out-of-bounds writemedium7.5---
172090ZeroMQ Client pipe.cpp resource consumptionlow3.5---
172089Backdoor.Win32.Burbul.b FTP Server information disclosuremedium5.0---
172088IRC-Worm.Win32.Silentium.a Games permissionmedium6.5---
172087netmask Package input validation [CVE-2021-28918]medium7.5---
172086reorder Crate swap_index uninitialized pointermedium4.9---
172085reorder Crate swap_index out-of-bounds writemedium5.2---
172084through Crate through_and double freelow2.3---
172083stackvector Crate extend out-of-bounds writemedium5.2---
172082slice-deque Crate Predicate drain_filter denial of servicelow2.3---
172081telemetry Crate vec_with_size uninitialized pointermedium4.9---
172080adtensor Crate FromIterator uninitialized pointermedium4.9---
172079rocket Crate Formatter use after freelow2.3---
172078uu_od Crate PartialReader uninitialized pointerlow2.3---
172077insert_many Crate a .next denial of servicelow2.3---
172076parse_duration Crate Exponent memory allocation [CVE-2021-29932]low2.3---
172075arenavec Crate drop denial of servicelow2.3---
172074arenavec Crate default uninitialized pointerlow2.3---
172073endian_trait Crate double free [CVE-2021-29929]medium4.9---
172072BTCPay Server Policy Setting unknown vulnerability [CVE-2021-29251]low4.9---
172071Synology DiskStation Manager SYNO.Core.Network.PPPoE os command injectionmedium8.3---
172070Atlassian JIRA Server/Data Center SetFeatureEnabled.jspa cross-site request forgerylow4.0---
172069Atlassian JIRA Server/Data Center JQL Search membersOf information disclosurelow3.5---
172068Atlassian JIRA Server/Data Center render information disclosurelow4.0---
172067cURL/libcURL Referer information disclosure [CVE-2021-22876]low5.0---
172066Citrix Hypervisor resource consumption [CVE-2021-28688]medium6.3---
172065Xen resource consumption [CVE-2021-28688]medium6.3---
172064CourseMS Job Title add_jobs.php cross site scriptinglow3.3---
172063Data::Validate::IP Module IP Address String access control [CVE-2021-29662]medium5.2---
172062vscode-rufo Extension Binary Remote Code Execution [CVE-2021-29658]low5.1---
172061Mahara Inbox-Mail inbox.php pieform_delete_all_notifications cross-site request forgerylow4.0---
172060Kopano Groupware Core kopano-ical memory allocation [CVE-2021-28994]low2.3---
172059Advanced Order Export cross site scripting [CVE-2021-27349]low4.0---
172058PRTG Network Monitor Screenshot information disclosure [CVE-2021-27220]low2.3---
172057ASUS UX360CA BIOS SMM Local Privilege Escalation [CVE-2021-26943]medium6.8---
172056F5 BIG-IP Traffic Management Microkernel denial of service [CVE-2021-23007]low2.3---
172055Google Exposure Notification Verification Server permission [CVE-2021-22538]medium5.2---
172054VMware vRealize Operations Manager API unknown vulnerabilitylow4.9---
172053VMware vRealize Operations Manager API server-side request forgerymedium5.2---
172052ps_emailsubscription Newsletter cross site scripting [CVE-2021-21418]low4.0---
172051DICOM Server command injection [CVE-2020-35308]low4.9---
172050EPiServer Find _click redirectlow5.2---
172049Academy Software Foundation OpenEXR Scanline API resource consumptionlow2.3---
172048Academy Software Foundation OpenEXR Scanline Input File resource consumptionlow2.3---
172047Academy Software Foundation OpenEXR Deep Tile Sample Size Calculator integer overflowlow2.3---
172046Redis out-of-bounds write [CVE-2021-3470]medium4.0---
172045PbootCMS index.php sql injectionmedium4.0---
172044Mozilla Firefox memory corruption [CVE-2021-23988]medium7.5---
172043Mozilla Firefox/Firefox ESR/Thunderbird memory corruption [CVE-2021-23987]medium7.5---
172042Mozilla Firefox Extension information disclosure [CVE-2021-23986]low5.1---
172041Mozilla Firefox Devtools Remote Debugging information disclosurelow2.6---
172040Mozilla Firefox/Firefox ESR/Thunderbird Popup Window clickjackingmedium7.5---
172039Mozilla Firefox CSS Rule memory corruption [CVE-2021-23983]medium7.5---
172038Mozilla Firefox/Firefox ESR/Thunderbird WebRTC Connection information disclosurelow5.0---
172037Mozilla Firefox/Firefox ESR/Thunderbird WebGL memory corruptionmedium7.5---
172036portprocesses killProcess command injectionmedium6.5---
172035AccuSoft ImageGear SGI Format out-of-bounds write [CVE-2021-21782]medium5.2---
172034AccuSoft ImageGear SGI Format out-of-bounds write [CVE-2021-21776]medium5.2---
172033AccuSoft ImageGear TIFF Header out-of-bounds write [CVE-2021-21773]medium5.2---
172032Simple College Website Image Upload unrestricted upload [CVE-2020-28173]medium6.5---
172031Simple College Website sql injection [CVE-2020-28172]medium7.5---
172030Apache Tika MP3Parser infinite loop [CVE-2021-28657]low2.3---
172029Academy Software Foundation OpenEXR B44 Uncompression integer overflowlow2.3---
172028Academy Software Foundation OpenEXR File integer overflow [CVE-2021-3475]low2.3---
172027Academy Software Foundation OpenEXR Input File FastHufDecoder buffer overflowlow2.7---
172026Linux Kernel Netfilter Subsystem x_tables.c denial of servicelow2.3---
172025Linux Kernel User Mode Driver usermode_driver.c copy_process memory leaklow2.3---
172024Linux Kernel BPF Subsystem syscall.c map_create denial of servicelow5.2---
172023Linux Kernel qrtr.c qrtr_recvmsg uninitialized pointerlow2.3---
172022Linux Kernel node.c tipc_nl_retrieve_key buffer overflowmedium5.2---
172021GistPad Gist API information disclosure [CVE-2021-29642]low2.3---
172020HPE Unified Data Management hard-coded key [CVE-2021-26579]low2.3---
172019isolated-vm API dynamically-managed code resources [CVE-2021-21413]medium4.3---
172018@thi.ng egf os command injection [CVE-2021-21412]medium6.5---
172017FFmpeg aacdec_template.c sniff_channel_order buffer overflowmedium7.5---
172016mongo-express Advanced Syntax unknown vulnerability [CVE-2020-24391]low4.9---
172015PrestaShop Grid Column Type DataColumn cross site scripting [CVE-2021-21398]low4.0---
172014IBM Jazz Foundation Web UI cross site scripting [CVE-2021-20520]low4.0---
172013IBM Jazz Foundation Web UI cross site scripting [CVE-2021-20518]low4.0---
172012IBM Jazz Foundation Web UI cross site scripting [CVE-2021-20504]low4.0---
172011IBM Jazz Foundation Web UI cross site scripting [CVE-2021-20503]low4.0---
172010IBM Jazz Foundation xml external entity reference [CVE-2021-20502]medium6.5---
172009IBM Cloud Pak for Automation xml external entity reference [CVE-2021-20482]medium6.5---
172008IBM Jazz Foundation Web UI cross site scripting [CVE-2021-20447]low4.0---
172007IBM Jazz Foundation Web UI cross site scripting [CVE-2021-20352]low4.0---
172006IBM UrbanCode Deploy Manual Edit credentials storage [CVE-2020-4944]low2.1---
172005IBM UrbanCode Deploy credentials storage [CVE-2020-4884]low4.0---
172004IBM UrbanCode Deploy Plugin access control [CVE-2020-4848]medium6.5---
172003Foxit PhantomPDF U3D Object memory corruption [CVE-2021-27271]medium7.5---
172002Foxit PhantomPDF JPEG2000 Images out-of-bounds read [CVE-2021-27270]medium7.5---
172001Foxit PhantomPDF U3D Object out-of-bounds write [CVE-2021-27269]medium7.5---
172000Foxit PhantomPDF U3D Object use after free [CVE-2021-27268]medium7.5---
171999Foxit PhantomPDF U3D Object use after free [CVE-2021-27267]medium7.5---
171998Foxit PhantomPDF U3D Object out-of-bounds read [CVE-2021-27266]low5.0---
171997Foxit PhantomPDF U3D Object out-of-bounds read [CVE-2021-27265]low5.0---
171996Foxit PhantomPDF U3D Object out-of-bounds read [CVE-2021-27264]low5.0---
171995Foxit PhantomPDF U3D Object out-of-bounds read [CVE-2021-27263]low5.0---
171994Foxit PhantomPDF U3D Object out-of-bounds read [CVE-2021-27262]low5.0---
171993Foxit PhantomPDF U3D Object out-of-bounds read [CVE-2021-27261]medium7.5---
171992D-Link DIR-816 A2 dir_setWanWifi command injectionmedium6.5---
171991kill-by-port killByPort command injectionmedium6.5---
171990Netty Content-Length Header request smuggling [CVE-2021-21409]medium5.1---
171989OpenVPN Connect Installer tmp symlinkmedium5.2---
171988Ovidentia CMS index.php sql injectionmedium4.0---
171987CMS Made Simple Title Field addbookmark.php cross site scriptinglow4.0---
171986Team Foundation Server Plugin cross-site request forgery [CVE-2021-21638]low4.0---
171985Jenkins Team Foundation Server Plugin authorization [CVE-2021-21637]medium5.2---
171984Team Foundation Server Plugin authorization [CVE-2021-21636]low2.7---
171983REST List Parameter Plugin cross site scripting [CVE-2021-21635]low4.0---
171982Jabber Notifier and Control Plugin Configuration File credentials storagelow2.7---
171981Jenkins OWASP Dependency-Track Plugin cross-site request forgerylow4.0---
171980OWASP Dependency-Track Plugin permission [CVE-2021-21632]medium5.2---
171979Cloud Statistics Plugin HTTP Endpoint authorization [CVE-2021-21631]low2.7---
171978Extra Columns Plugin cross site scripting [CVE-2021-21630]low4.0---
171977Build with Parameters Plugin Parameter cross-site request forgerylow4.0---
171976Build with Parameters Plugin cross site scripting [CVE-2021-21628]low4.0---
171975netmask Package IP Address String access control [CVE-2021-29418]medium5.2---
171974ircII CTCP UTC Message denial of service [CVE-2021-29376]low5.0---
171973Apache Druid JDBC permission [CVE-2021-26919]medium5.2---
171972Aruba Instant Access Point command injection [CVE-2021-25162]medium6.0---
171971Aruba Instant Access Point cross site scripting [CVE-2021-25161]low4.0---
171970Aruba Instant Access Point unknown vulnerability [CVE-2021-25160]low4.9---
171969Aruba Instant Access Point unknown vulnerability [CVE-2021-25159]low4.9---
IDTitleVulDBCVSSSecuniaXForceNessus
171968Aruba Instant Access Point information disclosure [CVE-2021-25158]low4.0---
171967Aruba Instant Access Point information disclosure [CVE-2021-25157]low4.0---
171966Aruba Instant Access Point Remote Privilege Escalation [CVE-2021-25156]medium6.0---
171965Aruba Instant Access Point unknown vulnerability [CVE-2021-25155]low4.9---
171964Aruba Instant Access Point command injection [CVE-2021-25150]medium6.0---
171963Aruba Instant Access Point buffer overflow [CVE-2021-25149]medium6.5---
171962Aruba Instant Access Point unknown vulnerability [CVE-2021-25148]low4.9---
171961Aruba Instant Access Point command injection [CVE-2021-25146]medium6.0---
171960Aruba Instant Access Point information disclosure [CVE-2021-25145]low3.5---
171959Zhiyuan G6 Government Collaboration System hrSalary.do cross site scriptinglow4.0---
171958INSMA Wifi Mini Spy 1080P HD Security IP Camera FTP Settings Page formSetFtpCfg cross site scriptinglow4.0---
171957INSMA Wifi Mini Spy 1080P HD Security IP Camera SD Card recdata.db unrestricted uploadlow4.3---
171956INSMA Wifi Mini Spy 1080P HD Security IP Camera formUserMng privileges managementmedium6.5---
171955INSMA Wifi Mini Spy 1080P HD Security IP Camera denial of servicelow2.9---
171954INSMA Wifi Mini Spy 1080P HD Security IP Camera WebUI cross-site request forgerylow4.0---
171953Aruba Instant buffer overflow [CVE-2019-5319]medium6.5---
171952knot-resolver DNS Message denial of service [CVE-2018-1110]low2.3---
171951Braces incorrect regex [CVE-2018-1109]medium4.9---
171950is-my-json-valid Regular Expression resource consumption [CVE-2018-1107]low2.3---
171949MobileIron Mobile@Work Lockout information exposure [CVE-2021-3391]low1.4---
171948gitjacker .git Directory pathname traversal [CVE-2021-29417]medium6.5---
171947PortSwigger Burp Suite Proxy Configuration information disclosurelow2.6---
171946Xerox VersaLink C9000 Web User Interface Remote Privilege Escalationmedium6.5---
171945Xerox Phaser 6510 Parameter buffer overflow [CVE-2021-28672]medium6.5---
171944Xerox Phaser 6510 Web User Interface Remote Privilege Escalationmedium6.0---
171943Xerox AltaLink C8070 Scan to Mailbox denial of service [CVE-2021-28670]low3.8---
171942Xerox AltaLink C8070 Configuration Attribute authorization [CVE-2021-28669]low4.9---
171941Xerox Xerox AltaLink C8070 sql injection [CVE-2021-28668]medium6.5---
171940Netgear ProSAFE Network Management System MibController path traversalmedium6.5---
171939Netgear ProSAFE Network Management System ConfigFileController path traversalmedium6.5---
171938Netgear ProSAFE Network Management System MFileUploadController unrestricted uploadhigh10.0---
171937Netgear ProSAFE Network Management System SettingConfigController os command injectionmedium9.0---
171936Netgear ProSAFE Network Management System ReportTemplateController path traversalmedium5.5---
171935TP-LINK Archer A7/Archer C7 IPv6 SSH protection mechanism [CVE-2021-27245]medium5.1---
171934Parallels Desktop Toolgate out-of-bounds read [CVE-2021-27244]low1.7---
171933Parallels Desktop Toolgate integer overflow [CVE-2021-27243]medium6.8---
171932Parallels Parallels Desktop Toolgate memory corruption [CVE-2021-27242]medium6.8---
171931Avast Premium Security AvastSvc.exe link followingmedium3.2---
171930SolarWinds Patch Manager DataGridService WCF Service deserializationmedium9.0---
171929Netgear R6400/R6700 upnpd stack-based overflow [CVE-2021-27239]medium8.3---
171928Mitel MiContact Center Enterprise Enterprise License Manager Portal pathname traversalmedium5.2---
171927Aruba Instant Access Point buffer overflow [CVE-2021-25144]medium6.5---
171926Aruba Instant Access Point denial of service [CVE-2021-25143]low3.5---
171925MobileIron Agent hard-coded key [CVE-2020-35138]medium3.3---
171924MobileIron Agent API Key RegisterActivity.java hard-coded credentialsmedium5.8---
171923FreeBSD DNSSL Option buffer overflow [CVE-2020-25583]medium5.2---
171922Aruba Instant Access Point command injection [CVE-2020-24636]medium6.5---
171921Aruba Instant Access Point command injection [CVE-2020-24635]medium6.5---
171920IRC-Worm.Win32.Jane.a Remote Code Executionmedium7.5---
171919IRC-Worm.Win32.Jane.a FTP Server backdoormedium7.5---
171918SherlockIM Chatbot Attachment cross site scriptinglow5.0---
171917Ilch CMS redirect [CVE-2021-27352]medium7.5---
171916ZTE ZXHN F623 IPv6 denial of service [CVE-2021-21727]low3.5---
171915NBBDownloader.ocx ActiveX Control argument injection [CVE-2020-7850]medium7.5---
171914Grandstream GRP261x Administrative Web Interface improper authenticationmedium5.8---
171913Grandstream GRP261x Administrative Web Interface command injectionmedium7.7---
171912Aruba Instant Access Point improper authentication [CVE-2019-5317]medium4.3---
171911underscore Template Remote Code Execution [CVE-2021-23358]medium7.5---
171910Redmine Issue Subject cross site scripting [CVE-2021-29274]low4.0---
171909Acexy Wireless-N WiFi Repeater Web Management Interface password.html cleartext transmissionlow2.6---
171908Acexy Wireless-N WiFi Repeater Web Management Administrator Password password recoverymedium5.8---
171907bluemonday Cyrillic Character cross site scripting [CVE-2021-29272]low4.0---
171906remark42 comment.go cross site scriptinglow4.0---
171905Apple iOS/iPadOS WebKit cross site scripting [CVE-2021-1879]low5.0---
171904Apple watchOS WebKit cross site scripting [CVE-2021-1879]low5.0---
171903SolarWinds Orion Platform Custom Menu Item Options Page unknown vulnerabilitylow4.9---
171902Linux Kernel Character Device vdpa.c use after freemedium4.9---
171901Linux Kernel Stub-up Sequence stub_dev.c usbip_sockfd_store denial of servicelow2.3---
171900Linux Kernel Freescale Gianfar Ethernet Driver gianfar.c denial of servicelow2.3---
171899MicroSeven MYM71080i-B pnp.microseven.com cleartext transmissionlow2.6---
171898BTCPay Server Payment Button unknown vulnerability [CVE-2021-29249]low4.9---
171897Samsung DSP Driver out-of-bounds read [CVE-2021-25372]low5.9---
171896Samsung DSP Driver ELF Library backdoor [CVE-2021-25371]medium5.9---
171895Samsung DPU Driver memory corruption [CVE-2021-25370]low3.7---
171894Samsung sec_log information disclosure [CVE-2021-25369]low1.7---
171893App Rocket.Chat Nested Markdown cross site scripting [CVE-2021-22886]low4.0---
171892Micro Focus Access Manager Configuration information disclosurelow2.3---
171891GitLab Community Edition Redis credentials storage [CVE-2021-22194]low1.7---
171890GitLab Community Edition log file [CVE-2021-22184]low4.0---
171889GitLab Community Edition Analytic Page access control [CVE-2021-22180]medium4.0---
171888GitLab Community Edition Private Project improper authorizationmedium6.5---
171887OAuth2-Proxy authorization [CVE-2021-21411]medium5.8---
171886kongchuanhujiao Server improper authentication [CVE-2021-21403]medium5.0---
171885wire-server The endpoint list-clients information disclosurelow4.0---
171884BuddyPress REST API authorization [CVE-2021-21389]medium6.5---
171883Nimble Nim Refresh certificate validation [CVE-2021-21374]medium5.1---
171882Nimble Refresh cleartext transmission [CVE-2021-21373]low2.6---
171881Nim Nimble doCmd injectionlow5.1---
171880Matrix Synapse Notification injection [CVE-2021-21333]low2.6---
171879Matrix Synapse Password Reset Endpoint cross site scripting [CVE-2021-21332]low2.6---
171878RESTEasy Endpoint Class information exposure [CVE-2021-20289]low3.5---
171877UPX ELF File p_lx_elf.cpp buffer overflowmedium5.2---
171876GNU Binutils elf.c _bfd_elf_slurp_secondary_reloc_section heap-based overflowmedium5.2---
171875GNU RPM Signature Check insufficient verification of data authenticityhigh10.0---
171874containernetworking cni Network Configuration path traversalmedium5.2---
171873GNU Binutils ar/objcopy/strip/ranlib link followingmedium6.5---
171872GNU Tar Input File list.c memory leaklow5.0---
171871SalesForce Tableau Server URL redirect [CVE-2021-1629]low4.0---
171870MuleSoft Mule Runtime xml external entity reference [CVE-2021-1628]low4.9---
171869MuleSoft Mule Runtime server-side request forgery [CVE-2021-1627]medium5.2---
171868MuleSoft Mule Runtime Remote Privilege Escalation [CVE-2021-1626]medium6.0---
171867SolarWinds Orion Platform Customize View Page cross site scriptinglow3.3---
171866389-ds-base DN Reply information disclosure [CVE-2020-35518]low3.3---
171865Linux Kernel Signal initialization [CVE-2020-35508]low4.3---
171864Askey Fiber Router RTF3505VW-N1 Dashboard/SSH log file [CVE-2020-28695]low3.5---
171863ImageMagick tiff.c heap-based overflowmedium5.0---
171862Micro Focus Access Manager cross site scripting [CVE-2020-25840]low4.0---
171861FreeBSD Jail access control [CVE-2020-25582]medium5.2---
171860FreeBSD jail_remove race conditionlow4.0---
171859FreeBSD login.access Rule Processor access control [CVE-2020-25580]medium5.2---
171858FreeBSD msdosfs information disclosure [CVE-2020-25579]low4.0---
171857FreeBSD File System information disclosure [CVE-2020-25578]low4.0---
171856Craft CMS new cross site scriptinglow4.0---
171855Oria GridX test_grid_filter.php Remote Privilege Escalationmedium6.0---
171854Backdoor.Win32.Delf.zs Service Port 2005 backdoormedium7.5---
171853Backdoor.Win32.Kwak.12 FTP Server command injectionmedium7.5---
171852Backdoor.Win32.Kwak.12 FTP Server channel accessiblemedium7.5---
171851Backdoor.Win32.Kwak.12 Service Port 37885 improper authenticationmedium7.5---
171850Backdoor.Win32.Kwak.12 Service Port 37885 denial of servicelow5.0---
171849Backdoor.Win32.DarkKomet.gozu AQIpWUAQIpWU permissionmedium6.5---
171848Worm.Win32.Ngrbot.acno ffffd76 permissionmedium6.5---
171847Worm.Win32.Recyl.dp RECYCLER permissionmedium6.5---
171846Worm.Win32.Ngrbot.abpr Win.Msi permissionmedium6.5---
171845Virus.Win32.Sality.gen z_Drivers permissionmedium6.5---
171844Trojan-Dropper.Win32.Dycler.yhb RECYCLER permissionmedium6.5---
171843Worm.Win32.Detnat.c Recycled permissionmedium6.5---
171842Trojan-Dropper.Win32.Demp.rft tmp permissionmedium6.5---
171841Trojan-Dropper.Win32.Delf.da Service Port 37031 stack-based overflowmedium7.5---
171840TP-LINK Archer C3150v2 dhcp.htm setDefaultHostname cross site scriptinglow5.0---
171839McAfee ePolicy Orchestrator Agent information disclosure [CVE-2021-23890]low5.0---
171838McAfee ePolicy Orchestrator cross site scripting [CVE-2021-23889]low3.3---
171837McAfee ePolicy Orchestrator redirect [CVE-2021-23888]low6.5---
171836CA eHealth Performance Manager runpicEhealth unnecessary privilegesmedium6.5---
171835CA eHealth Performance Manager Shared Object access control [CVE-2021-28249]medium5.2---
171834CA eHealth Performance Manager excessive authentication [CVE-2021-28248]low1.8---
171833CA eHealth Performance Manager nhWeb cross site scriptinglow4.0---
171832CA eHealth Performance Manager Shared Object untrusted search pathmedium6.5---
171831BaserCMS Blog Article cross site scripting [CVE-2021-20683]low4.0---
171830BaserCMS os command injection [CVE-2021-20682]medium5.8---
171829BaserCMS cross site scripting [CVE-2021-20681]low4.0---
171828NEC SL2100 Command denial of service [CVE-2021-20677]low3.5---
171827Hashicorp Terraform Enterprise Two-factor Authentication improper authenticationlow2.6---
171826Zetetic SQLCipher crypto.c sqlcipher_export denial of servicelow3.5---
171825LibrIT PaSSHport user.py ldap injectionlow4.9---
171824Esri ArcReader/ArcGIS Desktop/ArcGIS Engine/ArcGIS Pro File uninitialized pointerlow4.3---
171823Esri ArcReader/ArcGIS Desktop/ArcGIS Engine/ArcGIS Pro File Parser stack-based overflowmedium4.3---
171822Esri ArcGIS Server uninitialized pointer [CVE-2021-29095]low4.3---
171821Esri ArcGIS Server buffer overflow [CVE-2021-29094]medium4.6---
171820Esri ArcGIS Server use after free [CVE-2021-29093]medium4.9---
171819Seo Panel archive.php cross site scriptinglow4.0---
171818Seo Panel archive.php cross site scriptinglow4.0---
171817Seo Panel webmaster-tools.php cross site scriptinglow4.0---
171816GE Reason DR60 unnecessary privileges [CVE-2021-27454]low4.0---
171815GE MU320E hard-coded password [CVE-2021-27452]medium5.8---
171814GE MU320E SSH Configuration File inadequate encryption [CVE-2021-27450]low2.6---
171813GE MU320E File System unnecessary privileges [CVE-2021-27448]medium5.2---
171812GE Reason DR60 hard-coded password [CVE-2021-27440]low2.3---
171811GE Reason DR60 hard-coded password [CVE-2021-27438]medium10.0---
171810Realtek xPON RTL9601D SDK Build-In Network Monitoring Tool insufficiently protected credentialsmedium7.7---
171809Revive Adserver stats.php cross site scriptinglow4.0---
171808Revive Adserver campaign-zone-zones.php cross site scriptinglow4.0---
171807ACRN virtio.c paddr_guest2host null pointer dereferencelow2.3---
171806Aryanic HighMail Login Form cross site scripting [CVE-2020-23517]low4.0---
171805Invigo Automatic Device Management search_by.php pathname traversalmedium4.0---
171804Invigo Automatic Device Management admapi.php os command injectionmedium6.5---
171803Invigo Automatic Device Management display_errors.php sql injectionmedium6.5---
171802Invigo Automatic Device Management information disclosure [CVE-2020-10581]low3.5---
171801Invigo Automatic Device Management broadcast.php command injectionmedium6.5---
171800Invigo Automatic Device Management sysmon.php path traversalmedium4.0---
171799HEUR.Trojan.Win32.Generic RECYCLER permissionmedium6.5---
171798Trojan-Dropper.Win32.Dycler.vrp Drivers permissionmedium6.5---
171797Backdoor.Win32.Agent.mzn Service Port 80 aspimgr.exe buffer overflowmedium7.5---
171796Trojan-Dropper.Win32.Delf.p Service Port 3080 mmtask.exe stack-based overflowmedium7.5---
171795Trojan-Dropper.Win32.Delf.p TCP Service mmtask.exe server-side request forgerymedium7.5---
171794Trojan-Proxy.Win32.Wimain TCP Services stack-based overflowmedium7.5---
171793Trojan-Dropper.Win32.Delf.xk Service Port 30005 server.exe memory corruptionmedium5.0---
171792Backdoor.Win32.Zombam.l HTTP GET Request httpserver.exe buffer overflowmedium7.5---
171791Trojan.Win32.Scar.dxir P2 permissionmedium6.5---
171790Trojan.Win32.Siscos.bqe Windupdt permissionmedium6.5---
171789Trojan-Banker.Win32.Delf.ac BancoBrasil permissionmedium6.5---
171788Trojan-Dropper.Win32.Hamer.10 Service Port 80 winlogon.exe memory corruptionmedium7.5---
171787Trojan-Spy.Win32.KeyLogger.qt config permissionmedium6.5---
171786Backdoor.Win32.Agent.bjev Windupdt permissionmedium6.5---
171785Backdoor.Win32.GTbot.c WINNT permissionmedium6.5---
171784Backdoor.Win32.Antilam.14.o Service Port 47891 backdoormedium7.5---
171783Backdoor.Win32.BO2K.09.b Service Port 707 Remote Code Executionmedium7.5---
171782Backdoor.Win32.BO2K.ab PsyConf buffer overflowmedium4.9---
171781Backdoor.Win32.DarkKomet.irv updt.exe access controlmedium6.5---
171780Trojan-Spy.Win32.Stealer.osh DESKTOP-2C3IQHO access controlmedium6.5---
171779Backdoor.Win32.RemoteManipulator.fdo vp8encoder.dll access controlmedium6.5---
171778Trojan-Proxy.Win32.Delf.ai HTTP TRACE Request buffer overflowmedium7.5---
171777Trojan.Win32.Hotkeychick.am Korektor_MPiPS-01 access controlmedium6.5---
171776Backdoor.Win32.Azbreg.amw MSDCSC access controlmedium6.5---
171775Trojan-Spy.Win32.SpyEyes.elr 40404504504 access controlmedium6.5---
171774Trojan-Dropper.Win32.Daws.etlm Service Port 139 MSWDM.EXE denial of servicelow5.0---
171773Jasper JP2 Image Format Decoder null pointer dereference [CVE-2021-3467]low2.3---
171772GNU libmicrohttpd post_process_urlencoded buffer overflowmedium6.5---
171771OpenSSL Certificate Chain Verification certificate validationmedium5.1---
171770OpenSSL TLS Server denial of service [CVE-2021-3449]low5.0---
171769libtpms OpenSSL initialization [CVE-2021-3446]low1.4---
171768Jasper JP2 Image Format Decoder null pointer dereference [CVE-2021-3443]low2.3---
171767Esri ArcReader/ArcGIS Desktop/ArcGIS Engine/ArcGIS Pro use after freemedium6.8---
171766Netop Vision Pro authentication replay [CVE-2021-27195]medium5.1---
171765Netop Vision Pro cleartext transmission [CVE-2021-27194]low2.6---
171764Netop Vision Pro API permission [CVE-2021-27193]medium7.5---
171763Netop Vision Pro Windows Client access control [CVE-2021-27192]medium4.3---
171762Nokia NetAct Site Configuration Tool Web Site sct unrestricted uploadmedium6.5---
171761Nokia NetAct File Upload cross site scripting [CVE-2021-26596]low4.0---
171760Samsung Cloud Provider improper authentication [CVE-2021-25368]low1.7---
171759Samsung Notes path traversal [CVE-2021-25367]medium4.6---
171758Samsung Internet Secret Mode improper authentication [CVE-2021-25366]medium3.4---
171757Ssamsung Notes Pendingetent permission [CVE-2021-25355]low1.7---
171756Samsung Internet Deeplink improper authorization [CVE-2021-25354]low1.7---
171755Samsung Galaxy Themes Pendingetent improper authorization [CVE-2021-25353]low1.7---
171754Samsung Bixby Voice Pendingetent information disclosure [CVE-2021-25352]low1.7---
171753Samsung Account EmailValidationView improper authorizationlow1.7---
171752Samsung Account log file [CVE-2021-25350]low1.7---
171751Samsung Slow Motion Editor Pendingetent permission [CVE-2021-25349]low1.7---
171750Rockwell Automation MicroLogix 1400 ModBus Packet buffer overflowmedium5.0---
171749Micro Focus Access Manager information disclosure [CVE-2021-22496]low5.0---
171748Genivia gSOAP WS-Addressing Plugin integer overflow [CVE-2021-21783]medium6.0---
171747Privoxy CGI Request denial of service [CVE-2021-20217]low2.3---
171746Privoxy Decompression resource consumption [CVE-2021-20216]low2.3---
171745Privoxy show-status CGI memory leak [CVE-2021-20215]low5.2---
171744Privoxy client-tags CGI handler memory leak [CVE-2021-20214]low2.3---
171743Privoxy accept-intercepted-requests null pointer dereferencelow2.1---
171742Privoxy PCRE memory leak [CVE-2021-20212]low5.2---
171741Privoxy memory leak [CVE-2021-20211]low5.2---
171740Privoxy show-status CGI memory leak [CVE-2021-20210]low5.2---
171739Duo Authentication Proxy Installer symlink [CVE-2021-1492]medium6.5---
171738Bosch Video Streaming Gateway Installer uncontrolled search pathmedium9.0---
171737Bosch Monitor Wall Installer uncontrolled search path [CVE-2020-6789]medium9.0---
171736Bosch Configuration Manager Installer uncontrolled search pathmedium9.0---
171735Bosch Video Client Installer uncontrolled search path [CVE-2020-6787]medium9.0---
171734Bosch Video Recording Manager Installer uncontrolled search pathmedium9.0---
171733Bosch BVMS/BVMS Viewer DLL uncontrolled search path [CVE-2020-6785]medium9.0---
171732Bosch IP Helper DLL uncontrolled search path [CVE-2020-6771]medium9.0---
171731Privoxy Response Buffer memory leak [CVE-2020-35502]low2.3---
171730Apache SpamAssassin Rule Configuration os command injection [CVE-2020-1946]medium5.2---
171729ForgeRock OpenAM Webfinger Protocol ldap injection [CVE-2021-29156]medium5.8---
171728MITREid Connect Server OpenID Connect Server server-side request forgerymedium5.8---
171727Fuji Xerox DocuCentre-VII/ApeosPort-VII/ApeosPort/DocuPrint Command denial of servicelow2.3---
171726APKLeaks Package Name os command injection [CVE-2021-21386]medium7.5---
171725Mifos-Mobile App certificate validation [CVE-2021-21385]medium5.1---
171724Cisco Japper null termination [CVE-2021-1471]medium6.5---
171723Cisco Jabber null termination [CVE-2021-1469]medium6.5---
171722Cisco 809 Industrial ISR IOx Application Framework resource consumptionlow5.0---
171721Cisco IOS XE SD-WAN CLI input validation [CVE-2021-1454]medium6.5---
171720Cisco IOS XE Software Image insufficient verification of data authenticitymedium7.2---
171719Cisco IOS XE ROM Monitor insufficient verification of data authenticitymedium7.2---
171718Cisco IOS XE Easy Virtual Switching System memory corruptionmedium7.6---
171717Cisco Aironet/Catalyst Boot Logic insufficient verification of data authenticitymedium6.5---
171716Cisco IOS XE DNS ALG denial of service [CVE-2021-1446]medium7.8---
171715Cisco IOS XE Web UI command injection [CVE-2021-1443]medium8.3---
171714Cisco IOS XE UPnP Subsystem log file [CVE-2021-1442]low1.0---
171713Cisco IOS XE Hardware Initialization os command injection [CVE-2021-1441]medium6.5---
171712Cisco Aironet mDNS Gateway denial of service [CVE-2021-1439]medium6.1---
171711Cisco Aironet TFTP information disclosure [CVE-2021-1437]low5.0---
171710Cisco IOS XE SD-WAN CLI path traversal [CVE-2021-1436]medium4.0---
171709Cisco IOS XE Web UI path traversal [CVE-2021-1435]medium5.8---
171708Cisco IOS XE SD-WAN CLI Command file access [CVE-2021-1434]low1.4---
171707Cisco IOS XE SD-WAN vDaemon memory corruption [CVE-2021-1433]medium7.6---
171706Cisco IOS XE SD-WAN CLI command injection [CVE-2021-1432]medium6.8---
171705Cisco IOS XE SD-WAN vDaemon denial of service [CVE-2021-1431]medium7.8---
171704Cisco Aironet CLI Command exposure of resource [CVE-2021-1423]medium4.3---
171703Cisco Jabber null termination [CVE-2021-1418]medium6.5---
171702Cisco Jabber null termination [CVE-2021-1417]medium7.5---
171701Cisco Jabber null termination [CVE-2021-1411]medium6.5---
171700Cisco IOS XE Websocket insufficient verification of data authenticitylow5.0---
171699Cisco IOS XE Unified Extensible Firmware Interface insufficient verification of data authenticitymedium7.2---
171698Cisco IOS XE Web Management Interface denial of service [CVE-2021-1394]low5.0---
171697Cisco IOS/IOS XE CLI insufficiently protected credentials [CVE-2021-1392]low1.7---
171696Cisco IOS XE Dragonite Debugger Local Privilege Escalation [CVE-2021-1391]medium6.5---
171695Cisco IOS XE Diagnostic Test CLI Command write-what-where conditionmedium6.5---
171694Cisco IOS/IOS XE IOx Application path traversal [CVE-2021-1385]medium5.8---
171693Cisco IOS XE IOx Application command injection [CVE-2021-1384]medium8.3---
171692Cisco IOS XE SD-WAN CLI input validation [CVE-2021-1383]medium6.5---
171691Cisco IOS XE SD-WAN CLI command injection [CVE-2021-1382]medium6.5---
171690Cisco IOS XE Debugging Console improper authorization [CVE-2021-1381]medium7.2---
171689Cisco IOS/IOS XE ARP resource management [CVE-2021-1377]low5.0---
171688Cisco IOS XE Fast Reload signature verification [CVE-2021-1376]medium6.5---
171687Cisco IOS XE Fast Reload signature verification [CVE-2021-1375]medium6.5---
171686Cisco IOS XE Wireless Controller Web-based Management Interface cross site scriptinglow4.0---
171685Cisco IOS XE Wireless Controller CAPWAP Packet buffer overflowmedium7.8---
171684Cisco IOS XE SD-WAN Role-Based Access Control privileges managementmedium6.8---
171683Cisco IOS XE Web UI denial of service [CVE-2021-1356]low4.0---
171682Cisco IOS XE DECnet denial of service [CVE-2021-1352]medium6.1---
171681Cisco IOS XE SD-WAN CLI Management resource management [CVE-2021-1281]medium6.5---
171680Cisco IOS XE Web UI denial of service [CVE-2021-1220]low4.0---
171679Tobesoft XPlatform out-of-bounds write [CVE-2020-7853]medium7.5---
171678DaviewIndy ex.j2c Format File Daview.exe heap-based overflowmedium7.5---
171677go-ipfs Console Output escape output [CVE-2020-26283]low4.0---
171676go-ipfs DAG path traversal [CVE-2020-26279]medium4.6---
171675GitLab Community Edition Private Project information disclosurelow4.0---
171674GitLab Community Edition/Enterprise Edition Remote Privilege Escalationmedium6.5---
171673GitLab Community Edition/Enterprise Edition CI CD improper authorizationmedium5.8---
171672GitLab Community Edition Wiki cross site scripting [CVE-2021-22185]low4.0---
171671GitLab Community Edition Outbound Requests server-side request forgerymedium6.5---
171670GitLab Community Edition Prometheus Integration information disclosurelow4.0---
171669GitLab Community Edition Merge Request access control [CVE-2021-22176]medium4.0---
171668GitLab Enterprise Edition information exposure [CVE-2021-22169]low4.0---
171667MaEPSBroker command injection [CVE-2020-7839]medium7.5---
171666HID OMNIKEY 5427/OMNIKEY 5127 EEM Driver cross-site request forgerylow4.0---
171665ThinkSAAS topic.php sql injectionmedium6.5---
171664SpinetiX HMP350/HMP300/HMP400/HMP400W/DiVA spxmanage server-side request forgerymedium6.5---
171663Red Hat OpenShift operator-framework/hadoop passwd privileges assignmentmedium5.2---
171662Red Hat OpenShift operator-framework/hive passwd privileges assignmentmedium5.2---
171661Red Hat OpenShift operator-framework/presto passwd privileges assignmentmedium5.2---
171660Red Hat OpenShift ansible-service-broker passwd privileges assignmentmedium5.2---
171659Red Hat Openshift operator-framework/operator-metering passwd privileges assignmentmedium5.2---
171658Plone CMS site-controlpanel cross site scripting [CVE-2021-29002]low4.0---
171657Contiki ICMPv6 Error Message rpl-ext-header.c integer underflowmedium5.2---
171656Doctor Appointment System contactus.php sql injectionmedium7.5---
171655Doctor Appointment System contactus.php sql injectionmedium7.5---
171654Doctor Appointment System contactus.php sql injectionmedium7.5---
171653Doctor Appointment System contactus.php sql injectionmedium7.5---
171652IBM Elastic Storage System/Elastic Storage Server UDP Request denial of servicelow5.0---
171651Bitweaver edit_group.php cross site scriptinglow4.0---
171650Bitweaver preferences.php cross site scriptinglow4.0---
171649Bitweaver users_import.php cross site scriptinglow4.0---
171648Bitweaver index.php cross site scriptinglow4.0---
171647Bitweaver edit_personal_page.php cross site scriptinglow4.0---
171646Bitweaver user_activity.php cross site scriptinglow4.0---
171645Bitweaver index.php cross site scriptinglow4.0---
171644Bitweaver permissions.php cross site scriptinglow4.0---
171643Bitweaver my_images.php cross site scriptinglow4.0---
171642Alpine Linux Configuration Framework haserl information disclosurelow4.0---
171641MATLAB Extension Lint Configuration injection [CVE-2021-28967]low5.1---
171640Linux Kernel bpf Verifier out-of-bounds write [CVE-2021-3444]medium9.0---
171639QEMU SDHCI Controller Emulation out-of-bounds write [CVE-2021-3409]medium5.2---
171638TIBCO ActiveSpaces Community Edition access control [CVE-2021-28824]medium9.0---
171637TIBCO eFTL Community Edition access control [CVE-2021-28823]medium9.0---
171636TIBCO Enterprise Message Service access control [CVE-2021-28822]medium9.0---
171635TIBCO Enterprise Message Service access control [CVE-2021-28821]medium9.0---
171634TIBCO FTP Community Edition Server/C API/Golang API/Java API/.Net API access controlmedium9.0---
171633TIBCO FTP Community Edition or access controlmedium9.0---
171632TIBCO Rendezvous/Rendezvous Developer Edition Routing Daemon privileges managementhigh9.0---
171631TIBCO Rendezvous/Rendezvous Developer Edition or access controlmedium9.0---
171630Netflix Priam Filesystem File.createTempFile permissionmedium4.0---
171629Netflix OSS Hollow Files.exists(parent) permissionmedium4.6---
171628Dolphin CMS Page Builder cross site scripting [CVE-2021-27969]low4.0---
171627Mautic information disclosure [CVE-2021-27908]low0.8---
171626DynPG cross site scripting [CVE-2021-27531]low4.0---
171625DynPG index.php cross site scriptinglow4.0---
171624DynPG cross site scripting [CVE-2021-27529]low4.0---
171623DynPG cross site scripting [CVE-2021-27528]low4.0---
171622DynPG cross site scripting [CVE-2021-27527]low4.0---
171621DynPG cross site scripting [CVE-2021-27526]low4.0---
171620Clansphere CMS cross site scripting [CVE-2021-27310]low5.0---
171619Clansphere CMS cross site scripting [CVE-2021-27309]low5.0---
171618hosted-git-info fromUrl incorrect regexmedium4.0---
171617TIBCO API Exchange Gateway Config UI clickjacking [CVE-2021-23274]low5.0---
171616GitHub Enterprise Server Configuration command injection [CVE-2021-22864]medium6.5---
171615Jellyfin path traversal [CVE-2021-21402]medium4.0---
171614Nanopb Message Type realloc release of referencemedium6.5---
171613XWiki Ratings API sql injection [CVE-2021-21380]medium6.5---
171612OMERO.web URL Validation redirect [CVE-2021-21377]low4.6---
171611OMERO.web information disclosure [CVE-2021-21376]low2.1---
171610Pygments SMLLexer infinite loop [CVE-2021-20270]low3.5---
171609SQLite SELECT Query select.c use after freelow4.3---
171608Keycloak Account Console input validation [CVE-2021-20222]medium4.9---
171607Linux Kernel n_tty.c n_tty_receive_char_special denial of servicemedium6.8---
171606McAfee Data Loss Prevention privileges management [CVE-2020-7346]medium6.8---
171605libass ass_parse.c parse_tag stack-based overflowmedium6.5---
171604Vivo AppStore Parameter redirect [CVE-2020-12483]medium7.5---
171603Undertow HttpOpenListener resource consumptionlow4.0---
171602Netgear RBS850 information disclosure [CVE-2021-29082]low3.3---
171601Netgear RBR750 stack-based overflow [CVE-2021-29081]medium7.2---
171600Netgear RBS750 password recovery [CVE-2021-29080]medium5.8---
171599Netgear RBK852/RBK853/RBK854/RBR850/RBS850 command injectionmedium8.3---
171598Netgear RBS750 command injection [CVE-2021-29078]medium8.3---
171597Netgear RBS750 command injection [CVE-2021-29077]medium8.3---
171596Netgear RBK852/RBK853/RBK854/RBR850/RBS850 command injectionmedium8.3---
171595Netgear RBS750 stack-based overflow [CVE-2021-29075]medium7.2---
171594Netgear RBS750 stack-based overflow [CVE-2021-29074]medium7.2---
171593Netgear RAX200 stack-based overflow [CVE-2021-29073]medium6.2---
171592Netgear RBK852/RBK853/RBK854/RBR850/RBS850 command injectionmedium7.2---
171591Netgear RBS750 command injection [CVE-2021-29071]medium7.7---
171590Netgear RBK852/RBK853/RBK854/RBR850/RBS850 command injectionmedium7.2---
171589Netgear XR450/XR500/WNR2000v5 command injection [CVE-2021-29069]medium6.2---
171588Netgear XR300 buffer overflow [CVE-2021-29068]medium9.0---
171587Netgear RBS750 improper authentication [CVE-2021-29067]medium8.3---
171586Netgear RBK852/RBK853/RBK854/RBR850/RBS850 improper authenticationmedium8.3---
171585Netgear RBR850 improper authentication [CVE-2021-29065]medium8.3---
171584copy-props Prototype code injection [CVE-2020-28503]medium7.5---
171583OpenEMR cross site scripting [CVE-2021-25922]low4.0---
171582OpenEMR Allergies cross site scripting [CVE-2021-25921]low5.0---
171581OpenEMR Create New User access control [CVE-2021-25920]medium5.2---
171580OpenEMR Create New User cross site scripting [CVE-2021-25919]low3.3---
171579OpenEMR Create New User cross site scripting [CVE-2021-25918]low3.3---
171578OpenEMR Create New User cross site scripting [CVE-2021-25917]low3.3---
171577Huawei Secospace USG9500 use after free [CVE-2021-22321]medium4.9---
171576Huawei ManageOne access control [CVE-2021-22314]medium4.3---
171575TYPO3 Page Module cross site scripting [CVE-2021-21370]low4.0---
171574TYPO3 information exposure [CVE-2021-21359]low5.0---
171573TYPO3 Form Designer Backend Module cross site scripting [CVE-2021-21358]low4.0---
171572TYPO3 Form Designer Backend Module unrestricted upload [CVE-2021-21357]medium6.5---
171571TYPO3 unrestricted upload [CVE-2021-21355]medium7.5---
171570XStream deserialization [CVE-2021-21351]medium4.6---
171569XStream deserialization [CVE-2021-21350]medium5.1---
171568XStream deserialization [CVE-2021-21349]medium5.1---
171567XStream deserialization [CVE-2021-21348]low2.6---
171566XStream deserialization [CVE-2021-21347]medium5.1---
171565XStream deserialization [CVE-2021-21346]medium5.1---
171564XStream deserialization [CVE-2021-21345]medium5.1---
171563XStream deserialization [CVE-2021-21344]medium5.1---
171562XStream deserialization [CVE-2021-21343]medium5.1---
171561XStream server-side request forgery [CVE-2021-21342]medium5.1---
171560XStream denial of service [CVE-2021-21341]low5.0---
171559TYPO3 Database Field cross site scripting [CVE-2021-21340]low4.0---
171558TYPO3 User Session cleartext storage [CVE-2021-21339]low2.6---
171557TYPO3 Login Handling redirect [CVE-2021-21338]medium7.5---
171556Linux Kernel RPA PCI Hotplug Driver rpadlpar_sysfs.c buffer overflowmedium9.0---
171555Linux Kernel PEBS Status ds.c intel_pmu_drain_pebs_nhm denial of servicemedium6.8---
171554PunBB BBcode Tag cross site scripting [CVE-2021-28968]low4.0---
171553Grafana Enterprise Usage Insights HTTP API Endpoint denial of servicelow3.3---
171552Grafana Enterprise Team Sync HTTP API improper authenticationmedium5.2---
171551Grafana Enterprise HTTP API access control [CVE-2021-28146]medium5.2---
171550Grafana Enterprise Dashboard permission [CVE-2021-27962]medium6.5---
171549SAP 3D Visual Enterprise Viewer 3DS File denial of service [CVE-2021-27596]low5.0---
171548SAP 3D Visual Enterprise Viewer PDF File denial of service [CVE-2021-27595]low5.0---
171547SAP 3D Visual Enterprise Viewer BMP File denial of service [CVE-2021-27594]low5.0---
171546SAP 3D Visual Enterprise Viewer GIF File denial of service [CVE-2021-27593]low5.0---
1715454images Admin Login Panel cross site scripting [CVE-2021-27308]low4.0---
171544HPE Network Orchestrator sql injection [CVE-2021-26578]medium6.5---
171543Apache OFBiz deserialization [CVE-2021-26295]medium5.8---
171542Sophos Connect Client Website Remote Code Execution [CVE-2021-25265]medium7.5---
171541Huawei Secospace USG6600 Message denial of service [CVE-2021-22320]low2.3---
171540Huawei ManageOne permission [CVE-2021-22311]medium4.0---
171539Huawei Secospace USG9500 log file [CVE-2021-22310]low2.3---
171538Huawei USG9500/USG9520/USG9560/USG9580 random values [CVE-2021-22309]low1.4---
171537Huawei Secospace SG9500 Packet denial of service [CVE-2020-9213]low2.3---
171536Huawei USG9500 information disclosure [CVE-2020-9212]low2.3---
171535Huawei eUDC660 information disclosure [CVE-2020-9206]low3.5---
171534IBM Planning Analytics server-side request forgery [CVE-2020-4882]medium6.5---
171533es6-crawler-detect User Agent incorrect regex [CVE-2020-28501]medium5.0---
171532Linux Kernel Cloning Operation ctree.c get_old_root denial of servicelow2.3---
171531Shibboleth Service Provider Template injection [CVE-2021-28963]medium4.9---
171530vscode-sass-lint Workspace Remote Code Execution [CVE-2021-28956]medium7.5---
171529git-bug git.bat uncontrolled search pathmedium4.9---
171528Atlassian JIRA Server/Data Center behind-the-firewall Protection improper authenticationmedium7.5---
171527Atlassian JIRA Server/Data Center API Endpoint ActionsAndOperations information disclosurelow4.0---
171526OTRS FAQ Category access control [CVE-2021-21438]low2.7---
171525OTRSCIsInCustomerFrontend General Catalog access control [CVE-2021-21437]low4.0---
171524killport Package child_process command injectionlow4.6---
171523SOPlanning improper authentication [CVE-2020-13963]medium5.8---
171522OpenWrt DDNS Package detail.lua command injectionmedium6.5---
171521lxml HTML5 defs.py cross site scriptingmedium4.9---
171520Chris Walz Bit code injection [CVE-2021-28954]low4.9---
171519C Flylint Exension Repository code injection [CVE-2021-28953]low4.9---
171518Linux Kernel Soundwire Device Driver sdm845.c buffer overflowmedium5.2---
171517Linux Kernel Thread io_uring.c deadlocklow2.3---
171516Linux Kernel Inode fuse_i.h infinite looplow2.3---
171515KDE Discover URL KNSResource.cpp Remote Privilege Escalationmedium6.0---
171514Linux Kernel Spectre Mitigation verifier.c integer underflowlow1.4---
171513Linux Kernel Spectre Mitigation verifier.c out-of-bounds readlow1.4---
171512FUDForum index.php cross site scriptinglow4.0---
171511FUDForum index.php cross site scriptinglow4.0---
171510NetApp Cloud Manager denial of service [CVE-2021-26992]low3.5---
171509NetApp Cloud Manager unknown vulnerability [CVE-2021-26991]medium6.5---
171508NetApp Cloud Manager authorization [CVE-2021-26990]low4.9---
171507schema-inspector Email Validation resource consumption [CVE-2021-21267]low5.0---
171506Tenable Nessus Agent IAM Role Security Token information disclosurelow4.0---
171505Moodle Forum Subscribe Link redirect [CVE-2019-14831]low6.5---
171504Moodle Mobile Launch Endpoint redirect [CVE-2019-14830]medium6.5---
171503Moodle Activity Creation unknown vulnerability [CVE-2019-14829]medium4.9---
171502Moodle Course improper authorization [CVE-2019-14828]medium4.0---
171501Openshift Container Platform GlusterFS StorageClass insufficiently protected credentialslow2.7---
171500Openshift Container Platform access control [CVE-2019-10200]medium6.5---
171499http-proxy-agent resource consumption [CVE-2019-10196]low3.5---
171498PostgreSQL Windows Installer access control [CVE-2019-10128]medium6.5---
171497PostgreSQL Windows Installer access control [CVE-2019-10127]medium4.6---
171496Apache PDFbox memory allocation [CVE-2021-27906]low2.7---
171495Apache PDFbox PDF File iteration [CVE-2021-27807]low2.3---
171494Stormshield Network Security ClamAV Service denial of servicelow5.0---
171493FTAPI Background Image Upload cross site scripting [CVE-2021-25278]low4.0---
171492FTAPI File Submission cross site scripting [CVE-2021-25277]low4.0---
171491MinIO PUT Request improper enforcement of message integrity [CVE-2021-21390]low5.0---
171490wrongthink inadequate encryption [CVE-2021-21387]low2.6---
171489IBM Resilient SOAR information disclosure [CVE-2020-4635]low2.6---
171488Ovation Dynamic Content cross site scripting [CVE-2021-3327]low4.0---
171487Kramdown Route Formatter Formatters unknown vulnerabilitylow4.9---
171486BusyBox gzip Data decompress_gunzip.c huft_build exceptional conditionlow5.0---
171485Western Digital ArmorLock App improper authentication [CVE-2021-28653]low1.7---
171484TranzWare e-Commerce Payment Gateway index.jsp cross site scriptinglow4.0---
171483TranzWare e-Commerce Payment Gateway XML Parser exec xml external entity referencemedium6.0---
171482TranzWare FIMI login_tw.php cross site scriptinglow4.0---
171481Tor Proxy assertion [CVE-2021-28090]low5.0---
171480Tor Proxy Directory Protocol resource consumption [CVE-2021-28089]low5.0---
171479MariaDB untrusted search path [CVE-2021-27928]medium6.5---
171478MikroTik RouterOS RSC File export command injection [Disputed]low5.5---
171477ozum eslint-fixer os command injection [CVE-2021-26275]medium5.2---
171476Pillow SGIRleDecode.c out-of-bounds readlow2.3---
171475Pillow PDF Parser incorrect regex [CVE-2021-25292]low2.3---
171474Pillow TiffDecode.c TiffreadRGBATile out-of-bounds readlow2.3---
171473Pillow Offset TiffDecode.c memcpy out-of-bounds writelow4.9---
171472Pillow YCbCr File TiffDecode heap-based overflowmedium5.2---
171471shescape _Shescape_ argument injectionmedium4.3---
171470Zen Cart tpl_main_page.php cross site scriptinglow4.0---
171469IT-Recht Kanzlei Plugin itrk-api.php rechtstext_language sql injectionmedium5.2---
171468Squid Web Proxy Config Setting uri_whitespace request smugglingmedium5.2---
171467QEMU NIC stack-based overflow [CVE-2021-3416]medium5.2---
171466transformers Markdown cross site scriptinglow4.0---
171465ShellCheck shellcheck.executablePath unknown vulnerabilitylow4.9---
171464Swift Development Environment Extension Workspace Remote Code Executionmedium7.5---
171463SwiftFormat Workspace Remote Code Execution [CVE-2021-28791]medium7.5---
171462Microsoft Workspace Remote Code Execution [CVE-2021-28790]medium7.5---
171461Apple swift-format Workspace Remote Code Execution [CVE-2021-28789]medium7.5---
171460Acexy Wireless-N WiFi Repeater SSID cross site scripting [CVE-2021-28160]low4.0---
171459Concrete CMS Survey Block cross site scripting [CVE-2021-28145]low4.0---
171458Exacq exacqVision Web Service information disclosure [CVE-2021-27656]low5.0---
171457Advantech WebAccess/SCADA cross site scripting [CVE-2021-27436]low4.0---
171456Grafana Snapshot denial of service [CVE-2021-27358]low4.3---
171455SeedDMS out.EditFolder.php cross-site request forgerylow4.0---
171454SeedDMS out.EditDocument.php cross-site request forgerylow4.0---
171453JetBrains PhpStorm Debug Log source code [CVE-2021-25764]medium6.0---
171452Rockwell Automation DriveTools SP/Drives AOP uncontrolled search pathmedium6.8---
171451ExWiki.js Mustache Expression cross site scripting [CVE-2021-21383]low4.0---
171450Cisco RV132W ADSL2+/RV134W VDSL2 Web-based Management Interface stack-based overflowmedium8.3---
171449Zoho ManageEngine Desktop Central MSP DLL dcinventory.exe uncontrolled search pathmedium6.5---
171448Redash ldap injection [CVE-2020-36144]low5.2---
171447Cairo image-compositor image-compositor.c out-of-bounds writemedium7.5---
171446openvswitch LLDP Packet resource consumption [CVE-2020-27827]low2.3---
171445Softaculous Data Store access control [CVE-2020-26886]medium4.3---
171444MediaArea MediaInfo ChooseParser_ChannelGrouping heap-based overflowmedium5.2---
171443Utimaco SecurityServer Environment Variable permission [CVE-2020-26155]medium5.2---
171442Rockwell Automation FactoryTalk Services Platform unknown vulnerabilitylow1.4---
171441Red Hat Quay Web Application session expiration [CVE-2019-3867]medium5.1---
171440Red Hat 3scale API Management Platform apicast inadequate encryptionlow2.6---
171439nbdkit denial of service [CVE-2019-14851]low2.3---
171438nbdkit Backend Plugin resource consumption [CVE-2019-14850]low4.0---
171437Seo Panel alerts.php cross site scriptinglow4.0---
171436Seo Panel archive.php sql injectionmedium4.6---
171435Seo Panel settings.php cross site scriptinglow4.0---
171434Seo Panel archive.php cross site scriptinglow4.0---
171433Zoom Screen Sharing information disclosure [CVE-2021-28133]low5.0---
171432Kong Gateway JWT Plugin access control [CVE-2021-27306]medium5.8---
171431WoWonder sql injection [CVE-2021-26935]medium6.5---
171430FastStone Image Viewer CUR File FSViewer.exe memory corruptionmedium7.5---
171429FastStone Image Viewer CUR File buffer overflow [CVE-2021-26236]medium7.5---
171428FastStone Image Viewer CUR File FSViewer.exe memory corruptionmedium7.5---
171427FastStone Image Viewer CUR File FSViewer.exe memory corruptionmedium7.5---
171426FastStone Image Viewer CUR File FSViewer.exe memory corruptionmedium7.5---
171425Modern Events Calendar Lite Plugin POST Parameter mec_fes_form sql injectionmedium6.5---
171424MStore API Plugin Authentication Cookies improper authenticationmedium5.8---
171423Modern Events Calendar Lite Plugin cross site scripting [CVE-2021-24147]low4.0---
171422Modern Events Calendar Lite Plugin Export access control [CVE-2021-24146]medium3.3---
171421Modern Events Calendar Lite Plugin File Import unrestricted uploadmedium5.2---
171420Contact Form 7 Database Addon Plugin csv injection [CVE-2021-24144]medium6.5---
171419AccessPress Social Icons Plugin Widget Attribute sql injectionmedium6.5---
171418301 Redirects - Easy Redirect Manager Plugin WordPress sql injectionmedium6.5---
171417Advanced Database Cleaner Plugin sql injection [CVE-2021-24141]medium5.8---
171416Ajax Load More Plugin admin-ajax.php sql injectionmedium6.5---
17141510Web Photo Gallery Plugin model.php sql injectionmedium6.5---
171414AdRotate Plugin sql injection [CVE-2021-24138]medium6.5---
171413Blog2Social Plugin Post Re-Share sql injection [CVE-2021-24137]medium6.5---
171412Testimonials Widget Plugin cross site scripting [CVE-2021-24136]low4.0---
171411WP Customer Reviews Plugin cross site scripting [CVE-2021-24135]low4.0---
171410Constant Contact Forms Plugin Post cross site scripting [CVE-2021-24134]low4.0---
171409ActiveCampaign Plugin Settings cross-site request forgery [CVE-2021-24133]low4.0---
171408Slider by 10Web Plugin save_slider_db sql injectionmedium5.8---
171407Anti-Spam by CleanTalk Plugin sql injection [CVE-2021-24131]medium5.8---
171406WP Google Map Plugin Manage Locations Page sql injection [CVE-2021-24130]medium5.8---
171405Themify Portfolio Post Plugin Custom Panel cross site scriptinglow4.0---
171404Team Members Plugin cross site scripting [CVE-2021-24128]low4.0---
171403ThirstyAffiliates Affiliate Link Manager Plugin cross site scriptinglow4.0---
171402Envira Gallery Lite Plugin cross site scripting [CVE-2021-24126]low4.0---
171401Contact Form Submissions Plugin sql injection [CVE-2021-24125]medium6.5---
171400WP Shieldon Plugin CAPTCHA Page cross site scripting [CVE-2021-24124]low5.0---
171399PowerPress Plugin unrestricted upload [CVE-2021-24123]medium6.0---
171398port-killer child_process input validationlow4.6---
171397Libvirt Agents Plugin Hypervisor Domain cross-site request forgerylow5.5---
171396Warnings Next Generation Plugin authorization [CVE-2021-21626]medium5.2---
171395CloudBees AWS Credentials Plugin authorization [CVE-2021-21625]medium5.2---
171394Role-based Authorization Strategy Plugin Read authorizationmedium5.2---
171393Matrix Authorization Strategy Plugin authorization [CVE-2021-21623]medium5.2---
171392Unisys Stealth Management Server information disclosure [CVE-2021-3141]low1.7---
171391Hgiga MailSherlock URL Parameter sql injection [CVE-2021-22848]medium6.5---
171390Pion WebRTC DTLS Connection certificate validation [CVE-2021-28681]medium5.8---
171389StackStorm Python 3 infinite loop [CVE-2021-28667]low2.3---
171388Paid Memberships Pro sql injection [CVE-2021-20678]medium6.5---
171387M-System DL8-A/DL8-B/DL8-C/DL8-D/DL8-E Access Restriction access controlmedium6.5---
171386M-System DL8-A/DL8-B/DL8-C/DL8-D/DL8-E denial of service [CVE-2021-20675]low3.5---
171385Cybozu Office Custom App access control [CVE-2021-20634]medium5.2---
171384Cybozu Office Cabinet access control [CVE-2021-20633]medium5.2---
171383Cybozu Office Bulletin Board access control [CVE-2021-20632]medium5.2---
171382Cybozu Office Custom App input validation [CVE-2021-20631]medium5.2---
171381Cybozu Office Phone Message access control [CVE-2021-20630]medium5.2---
171380Cybozu Office E-Mail cross site scripting [CVE-2021-20629]low4.0---
171379Cybozu Office Address Book cross site scripting [CVE-2021-20628]low4.0---
171378Cybozu Office Address Book cross site scripting [CVE-2021-20627]low4.0---
171377Cybozu Office Workflow access control [CVE-2021-20626]medium5.2---
171376Cybozu Office Bulletin Board access control [CVE-2021-20625]medium5.2---
171375Cybozu Office Scheduler access control [CVE-2021-20624]medium5.2---
171374Advantech Spectre RT ERT351 excessive authentication [CVE-2019-18235]low2.6---
171373Advantech Spectre RT Industrial Routers ERT351 Error Response cross site scriptinglow4.0---
171372Advantech Spectre RT ERT351 cleartext transmission [CVE-2019-18231]low2.6---
171371Linux Kernel ioctl_linux.c rtw_wx_set_scan buffer overflowmedium5.2---
171370ua-parser-js Header denial of service [CVE-2021-27292]low2.3---
171369pygments Lexer denial of service [CVE-2021-27291]low2.3---
171368Taidii Diibear App logcat log file [CVE-2020-35456]low2.3---
171367Taidii Diibear App Shared Preferences insufficiently protected credentialslow2.3---
171366Taidii Diibear App Configuration information disclosure [CVE-2020-35454]low2.3---
171365Fluxbb Login Form resource consumption [CVE-2020-28873]low2.3---
171364Apache Subversion mod_authz_svn null pointer dereference [CVE-2020-17525]low1.4---
171363Fujitsu ServerView Suite iRMC Save Configuration XML Document cross site scriptinglow4.0---
171362GNOME gnome-autoar Symlink autoar-extractor.c pathname traversalmedium5.2---
171361EIC E-Document System permission [CVE-2021-22860]medium7.5---
171360EIC E-Document System sql injection [CVE-2021-22859]medium7.5---
171359Apache Ambari pathname traversal [CVE-2020-13924]medium5.2---
171358Qualcomm Snapdragon Auto GPU Memory use after free [CVE-2020-11309]medium4.9---
171357Qualcomm Snapdragon Auto Unicode String buffer overflow [CVE-2020-11308]medium5.2---
171356Qualcomm Snapdragon Consumer IOT Argument integer overflow [CVE-2020-11305]medium4.9---
171355Qualcomm Snapdragon Auto Video buffer overflow [CVE-2020-11299]medium7.5---
171354Qualcomm Snapdragon Auto msm ioctl Event use after free [CVE-2020-11290]medium4.9---
171353Qualcomm Snapdragon Auto qseecom Driver memory corruption [CVE-2020-11230]medium5.2---
171352Qualcomm Snapdragon Auto RPM Region privileges management [CVE-2020-11228]low4.9---
171351Qualcomm Snapdragon Auto RTT TTY Packet Parser out-of-bounds writemedium5.2---
171350Qualcomm Snapdragon Auto Data Modem out-of-bounds read [CVE-2020-11226]low2.3---
171349Qualcomm Snapdragon Auto MT SMS buffer overflow [CVE-2020-11222]medium7.5---
171348Qualcomm Snapdragon Auto QTEE Diagnostic information disclosurelow2.3---
171347Qualcomm Snapdragon Auto SCM Command toctou [CVE-2020-11220]low4.0---
171346Qualcomm Snapdragon Auto Baseband denial of service [CVE-2020-11218]low2.3---
171345Qualcomm Snapdragon Auto EL3 Stack access control [CVE-2020-11199]low2.7---
171344Qualcomm Snapdragon Auto SDP String out-of-bounds write [CVE-2020-11192]medium5.2---
171343Qualcomm Snapdragon Auto SDP Value buffer overflow [CVE-2020-11190]medium5.2---
171342Qualcomm Snapdragon Auto SDP Value buffer overflow [CVE-2020-11189]medium5.2---
171341Qualcomm Snapdragon Auto SDP Value buffer overflow [CVE-2020-11188]medium5.2---
171340Qualcomm Snapdragon Auto Histogram Dimension infinite loop [CVE-2020-11186]low2.3---
171339Qualcomm Snapdragon Auto SDP Value buffer overflow [CVE-2020-11171]medium5.2---
171338Qualcomm Snapdragon Auto ROHC Header out-of-bounds read [CVE-2020-11166]low2.3---
171337shadow Physical Terminal securetty access controlmedium4.3---
171336Openshift Builder Container Image or insufficiently protected credentialslow1.4---
171335NATS Server/JWT Library Import Token access control [CVE-2021-3127]medium5.2---
171334VHS sql injection [CVE-2021-28381]medium5.2---
171333Aimeos Backend cross site scripting [CVE-2021-28380]low4.0---
171332Online Ordering System design.php sql injectionmedium3.3---
171331Online Ordering System initiateorder.php unrestricted uploadmedium6.0---
171330Fabric8 Kubernetes Client copy Command path traversal [CVE-2021-20218]medium5.2---
171329Red Hat Certification rhcert file accesslow1.4---
171328varnish-modules Configuration null pointer dereference [CVE-2021-28543]low2.6---
171327Silverstripe CMS silverstripe-queuedjobs cross site scriptinglow4.0---
171326patchmerge Prototype code injection [CVE-2021-25916]medium6.5---
171325Juniper Pulse Secure PSA5000/Pulse Secure PSA7000 BIOS Firmware unknown vulnerabilitymedium7.4---
171324Google Chrome Blink use after free [CVE-2021-21193]medium7.5---
171323Google Chrome Tab Groups heap-based overflow [CVE-2021-21192]medium7.5---
171322Google Chrome WebRTC use after free [CVE-2021-21191]medium7.5---
171321IBM Spectrum Scale REST API excessive authentication [CVE-2020-4891]low2.6---
171320IBM Spectrum Scale REST API denial of service [CVE-2020-4890]low1.4---
171319IBM Spectrum Scale Log File injection [CVE-2020-4851]medium6.5---
171318ZyXEL LTE4506-M606 JSON gui.cgi improper authenticationhigh10.0---
171317Portainer access control [CVE-2020-24264]medium6.5---
171316Portainer permission [CVE-2020-24263]medium6.5---
171315Apache Hive Cookie Signature Verification timing discrepancylow1.4---
171314grub2 improper validation of integrity check value [CVE-2021-3418]medium5.8---
171313Cloudera Data Engineering JWT Authentication information disclosurelow2.7---
171312Cryptshare Server Delete Personal Data Page cross site scriptinglow4.0---
171311urllib3 Library certificate validation [CVE-2021-28363]low2.6---
171310MyBB Custom Moderator Tools cross site scripting [CVE-2021-27949]low4.0---
171309MyBB User Group sql injection [CVE-2021-27948]medium6.5---
171308MyBB Forum Management sql injection [CVE-2021-27947]medium6.5---
171307MyBB Poll Vote Count sql injection [CVE-2021-27946]medium6.5---
171306MyBB Theme XML File sql injection [CVE-2021-27890]medium6.5---
171305MyBB Message Parser cross site scripting [CVE-2021-27889]low4.0---
171304ShopXO phar File unrestricted upload [CVE-2021-27817]medium6.0---
171303openMAINT Add Card Building cross site scripting [CVE-2021-27695]low4.0---
171302Siemens Solid Edge SE2020/Solid Edge SE2021 PAR File Parser out-of-bounds readlow4.9---
171301Siemens Solid Edge SE2020/Solid Edge SE2021 PAR File Parser out-of-bounds writemedium5.2---
171300ExpressionEngine _lang.php save code injectionmedium5.2---
171299NetApp Element Plug-In for vCenter Server SpringBoot Framework Remote Code Executionmedium7.5---
171298Siemens SCALANCE SC-600 SSH Authentication excessive authenticationlow1.8---
171297Siemens SIMATIC S7-PLCSIM divide by zero [CVE-2021-25675]low2.3---
171296Siemens SIMATIC S7-PLCSIM null pointer dereference [CVE-2021-25674]low2.3---
171295Siemens SIMATIC S7-PLCSIM infinite loop [CVE-2021-25673]low2.3---
171294Medix orgot Password Appstore Module access control [CVE-2021-25672]medium5.2---
171293Siemens RUGGEDCOM RM1224 STP BPDU Frame stack-based overflowmedium6.5---
171292Facebook mvfst QUIC Session assertion [CVE-2021-24029]low2.3---
171291McAfee Endpoint Product Removal Tool unquoted search path [CVE-2021-23879]medium6.8---
171290Tyk Gateway Management API handleAddOrUpdateApi pathname traversalmedium3.5---
171289kill-process-by-name child_process command injectionmedium5.1---
171288ps-kill command injection [CVE-2021-23355]medium7.5---
171287Wireshark URL Handling injection [CVE-2021-22191]medium5.1---
171286IBM API Connect Registration Remote Privilege Escalation [CVE-2021-20440]low4.6---
171285libnbd opt.c nbd_unlocked_opt_go denial of servicelow2.3---
171284Moodle Web Service authorization [CVE-2021-20283]low2.7---
171283Moodle Verification authorization [CVE-2021-20282]low5.0---
171282Moodle Online Users Block information disclosure [CVE-2021-20281]low2.7---
171281Moodle Feedback Answer cross site scripting [CVE-2021-20280]low4.0---
171280Moodl User Profile Field cross site scripting [CVE-2021-20279]low4.0---
171279IBM Security Guardium privileges management [CVE-2020-4184]medium4.3---
171278Grav CMS Backup path traversal [CVE-2020-29556]medium7.5---
171277Grav CMS path traversal [CVE-2020-29555]medium7.5---
171276Grav CMS Scheduler cross-site request forgery [CVE-2020-29553]low4.0---
171275Siemens Solid Edge SE2020/Solid Edge SE2021 SEECTCXML File xml external entity referencemedium6.0---
171274Siemens Solid Edge SE2020/Solid Edge SE2021 DFT File Parser out-of-bounds writemedium5.2---
171273myDBR CSRF Token cross site scripting [CVE-2020-28149]low4.0---
171272Hamilton Medical T1-Ventillator Configuration Interface information disclosurelow2.1---
171271Hamilton Medical T1-Ventillator XML Validation denial of servicelow2.1---
171270Hamilton Medical T1-Ventillator Configuration Interface hard-coded credentialsmedium4.6---
171269Siemens SIMATIC MV400 TCP Stack denial of service [CVE-2020-25241]low5.0---
171268Siemens SINEMA Remote Connect Server URL authorization [CVE-2020-25240]medium4.6---
171267Siemens SINEMA Remote Connect Server UMC Authorization Server authorizationmedium6.5---
171266Siemens LOGO! 8 BM exceptional condition [CVE-2020-25236]low2.3---
171265Quadbase EspressReports ES MenuPage Section input validationmedium5.2---
171264Quadbase ExpressDashboard cross-site request forgery [CVE-2020-24982]low4.0---
171263zzzcms zzzphp sql injection [CVE-2020-24877]medium6.5---
171262Barracuda Web Application Firewall Online Demo Certificate FFM-SSLInspect denial of servicelow5.5---
171261SSH Tectia Client ConnectSecure privileges management [CVE-2021-27893]medium4.6---
171260SSH Tectia Client ConnectSecure privileges management [CVE-2021-27892]medium6.5---
171259SSH Tectia Client ConnectSecure entropy [CVE-2021-27891]low1.4---
171258Argo CD cross site scripting [CVE-2021-26924]low4.0---
171257Argo CD Endpoint version improper authenticationmedium3.3---
171256Xilinx Zynq-7000 nand Driver buffer overflow [CVE-2021-27208]medium6.8---
171255Valid pki-core Key authorization [CVE-2021-20179]medium5.8---
171254DomainMod session expiration [CVE-2020-35358]low4.6---
171253Vesta Control Panel/myVesta UploadHandler.php unrestricted uploadmedium4.9---
171252Gitea Issue cross site scripting [CVE-2021-28378]low4.0---
171251Linux Kernel RPC Message fastrpc.c fastrpc_internal_invoke privileges managementmedium4.9---
171250courier-authlib authdaemon permissionmedium4.0---
171249Apache OpenMeetings NetTest Web Service resource consumptionlow2.3---
171248Tiny Tiny RSS OTP Code improper authentication [CVE-2021-28373]medium4.0---
171247Storage Performance Development Kit PDU null pointer dereferencelow2.3---
171246Zoho ManageEngine ServiceDesk Plus SAML Login improper authenticationmedium5.8---
171245SonicWALL SMA100 Configuration File information disclosure [CVE-2021-20018]low2.3---
171244SonicWALL SMA100 os command injection [CVE-2021-20017]medium6.5---
171243pupnp Parser_parseDocument denial of servicelow2.3---
171242Eclipse Theia Notification Message cross site scripting [CVE-2021-28162]low4.0---
171241Eclipse Theia Debug Console cross site scripting [CVE-2021-28161]low4.0---
171240is-svg Package Regular Expression denial of service [CVE-2021-28092]low2.3---
171239ssri Regular Expression denial of service [CVE-2021-27290]low2.3---
171238printf Package Regular Expression printf.js denial of servicelow5.0---
171237ZTE ZXONE 9700 /ZXONE 8700/ZXONE 19700 Diagnostic Function Interface input validationmedium4.9---
171236Dell SupportAssist Client Costura Fody Plugin uncontrolled search pathmedium4.3---
171235XWiki Wiki Macro permissions [CVE-2021-21379]medium6.5---
171234msgpack5 Prototype code injection [CVE-2021-21368]medium4.6---
171233Elementary Switchboard Bluetooth Plug authorization [CVE-2021-21367]medium4.6---
171232xmldom System Identifier deserialization [CVE-2021-21366]medium7.5---
171231Adobe Connect Registration Form injection [CVE-2021-21085]medium7.5---
171230Adobe Photoshop memory corruption [CVE-2021-21082]medium7.5---
171229Adobe Connect cross site scripting [CVE-2021-21080]low5.0---
171228Adobe Connect cross site scripting [CVE-2021-21079]low4.0---
171227Adobe Creative Cloud Desktop Application CCXProcess untrusted search pathlow3.4---
171226Adobe Animate heap-based overflow [CVE-2021-21077]medium7.5---
171225Adobe Animate out-of-bounds read [CVE-2021-21076]low5.0---
171224Adobe Animate out-of-bounds read [CVE-2021-21075]low5.0---
171223Adobe Animate out-of-bounds read [CVE-2021-21074]low5.0---
171222Adobe Animate out-of-bounds read [CVE-2021-21073]low5.0---
171221Adobe Animate out-of-bounds read [CVE-2021-21072]low5.0---
171220Adobe Animate memory corruption [CVE-2021-21071]medium7.5---
171219Adobe Creative Cloud Desktop Application Installer access controlmedium4.3---
171218Adobe Creative Cloud Desktop Application temp file [CVE-2021-21068]low4.0---
171217Adobe Photoshop CoolType Library out-of-bounds write [CVE-2021-21067]medium7.5---
171216Adobe Framemaker out-of-bounds read [CVE-2021-21056]medium7.5---
171215GnuTLS pre_shared_key.c client_send_params use after freemedium7.5---
171214GnuTLS key_share Extension use after free [CVE-2021-20231]medium7.5---
171213IBM DataPower Gateway inadequate encryption [CVE-2020-4831]low2.6---
171212fltk Crate Constructor out-of-bounds read [CVE-2021-28308]low4.9---
171211fltk Crate Window Icon null pointer dereference [CVE-2021-28307]low2.3---
171210fltk Crate Image null pointer dereference [CVE-2021-28306]low2.3---
171209diesel Crate SQLite Backend sqlite3_column_name use after freemedium4.9---
171208Synology DiskStation Manager Web Request iscsi_snapshot_comm_core out-of-bounds readmedium7.5---
171207Synology DiskStation Manager Web Request iscsi_snapshot_comm_core use after freemedium7.5---
171206Synology DiskStation Manager Thread iscsi_snapshot_comm_core race conditionmedium7.5---
171205Barracuda Web Application Firewall Online Demo lookup.cgi ldap injectionlow4.0---
171204Apple Safari WebKit memory corruption [CVE-2021-1844]medium7.5---
171203Apple macOS WebKit memory corruption [CVE-2021-1844]medium7.5---
171202Apple watchOS WebKit memory corruption [CVE-2021-1844]medium7.5---
171201Apple iOS/iPadOS WebKit memory corruption [CVE-2021-1844]medium7.5---
171200F5 BIG-IQ REST services cross site scripting [CVE-2021-23006]low2.3---
171199F5 BIG-IQ High Availability missing encryption [CVE-2021-23005]low2.3---
171198F5 BIG-IP TCP  Profile unknown vulnerability [CVE-2021-23004]low4.9---
171197F5 BIG-IP TCP  Profile denial of service [CVE-2021-23003]low2.3---
171196F5 BIG-IP APM/BIG-IP APM Clients VPN information disclosure [CVE-2021-23002]low2.3---
171195F5 BIG-IP ASM iControl REST unrestricted upload [CVE-2021-23001]low4.9---
171194F5 BIG-IP TMM denial of service [CVE-2021-23000]low2.3---
171193F5 BIG-IP HTTP2 Profile resource consumption [CVE-2021-22999]low2.3---
171192F5 BIG-IP SNAT resource consumption [CVE-2021-22998]low3.5---
171191F5 BIG-IP Advanced WAF/ASM TMUI Remote Privilege Escalation [CVE-2021-22990]medium6.0---
171190F5 BIG-IQ High Availability unknown vulnerability [CVE-2021-22997]medium5.4---
171189F5 BIG-IQ Data Collection denial of service [CVE-2021-22996]low2.3---
171188F5 BIG-IQ High Availability unknown vulnerability [CVE-2021-22995]medium5.4---
171187F5 BIG-IP iControl REST cross site scripting [CVE-2021-22994]low2.3---
171186F5 BIG-IP Advanced WAF/ASM TMUI cross site scripting [CVE-2021-22993]low2.3---
171185F5 BIG-IP Advanced WAF/ASM TMUI unknown vulnerability [CVE-2021-22989]medium7.4---
171184F5 BIG-IP TMUI Remote Privilege Escalation [CVE-2021-22988]high8.5---
171183F5 BIG-IP Advanced WAF/ASM Data Plane buffer overflow [CVE-2021-22992]medium7.4---
171182F5 BIG-IP Data Plane buffer overflow [CVE-2021-22991]medium7.4---
171181F5 BIG-IP TMUI Remote Privilege Escalation [CVE-2021-22987]high8.5---
171180F5 BIG-IP/BIG-IQ iControl REST Remote Code Execution [CVE-2021-22986]high9.3---
171179Camunda Modeler IPC Message writeFile state issue [Disputed]medium4.6---
171178GNOME GLib g_file_replace symlinkmedium4.6---
171177D-Link DIR-841 ping/ping6/traceroute jsonrpc command injectionmedium6.5---
171176Schneider Electric PowerLogic ION9000 memory corruption [CVE-2021-22714]medium6.5---
171175Schneider Electric PowerLogic ION8600 memory corruption [CVE-2021-22713]low2.7---
171174Schneider Electric Interactive Graphical SCADA System Configuration Group File Def.exe buffer overflowmedium5.2---
171173Schneider Electric Interactive Graphical SCADA System Configuration Group File Def.exe buffer overflowmedium5.2---
171172Schneider Electric Interactive Graphical SCADA System Configuration Group File Def.exe buffer overflowmedium6.5---
171171Schneider Electric Interactive Graphical SCADA System Configuration Group File Def.exe buffer overflowmedium6.5---
171170MagicConnect Client untrusted search path [CVE-2021-20674]medium6.5---
171169Linux Kernel Floppy Disk Drive Controller Driver fd0 race conditionmedium4.6---
171168JMS Client for RabbitMQ StreamMessage Data deserialization [CVE-2020-36282]medium4.9---
171167Dan Bloomberg Leptonica colorquant1.c pixFewColorsOctcubeQuantMixed heap-based overflowmedium5.2---
171166Dan Bloomberg Leptonica tiffio.c pixReadFromTiffStream heap-based overflowmedium5.2---
171165Dan Bloomberg Leptonica adaptmap_reg.c rasteropGeneralLow heap-based overflowmedium5.2---
171164Dan Bloomberg Leptonica ccbord.c findNextBorderPixel heap-based overflowmedium5.2---
171163Dan Bloomberg Leptonica pixconv.c pixConvert2To8 denial of servicelow2.3---
171162Quadbase EspressReports ES File Upload cross-site request forgerylow4.0---
171161Quadbase EspressReports ES POST Request cross-site request forgerylow5.0---
171160Wind River VxWorks DNS ipdnsc_decode_name stack-based overflowmedium5.2---
171159food-and-drink-menu Plugin fdm_cart Cookie class-cart-manager.php load_cart_from_cookie deserializationmedium6.0---
171158Bloomreach Experience Manager cross-site request forgery [CVE-2020-14989]low4.0---
171157Bloomreach Experience Manager Login Page unrestricted uploadmedium4.9---
171156D-Link DIR-3060 prog.cgi SetVirtualServerSettings command injectionmedium9.0---
171155Progress Telerik UI for ASP.NET AJAX Telerik.Web.UI.WebResource.axd command injectionmedium6.5---
171154ImpressCMS Profile content.php cross site scriptinglow4.0---
171153Batflat CMS Navigation cross site scripting [CVE-2021-27679]low4.0---
171152Batflat CMS Snippets cross site scripting [CVE-2021-27678]low4.0---
171151Batflat CMS Galleries cross site scripting [CVE-2021-27677]low4.0---
171150CSZ CMS cross site scripting [CVE-2021-26776]low4.0---
171149Flatpak File Forwarding injection [CVE-2021-21381]medium4.3---
171148IBM Tivoli Netcool/OMNIbus_GUI Web UI cross site scripting [CVE-2021-20336]low4.0---
171147IBM DB2/DB2 Connect Server buffer overflow [CVE-2020-5025]medium9.0---
171146IBM DB2/DB2 Connect Server SSL Handshake denial of service [CVE-2020-5024]low5.0---
171145IBM DB2/DB2 Connect Server permission [CVE-2020-4976]medium6.5---
171144Bloomreach Experience Manager Updater Editor permission assignmentlow5.8---
171143LUCY Security Awareness Software Migration Tool static unrestricted uploadmedium7.5---
171142Envoy JWT Token improper authentication [CVE-2021-21378]medium7.5---
171141swagger-codegen Directory temp file [CVE-2021-21364]medium4.0---
171140swagger-codegen temp file [CVE-2021-21363]medium6.5---
171139Facebook HHVM Dynamic Property use after free [CVE-2020-1900]low4.9---
171138Facebook HHVM Type Code unserialize uninitialized pointermedium4.9---
171137Facebook HHVM fb_unserialize recursionmedium4.9---
171136cszcms new cross site scriptinglow4.0---
171135Palo Alto Cortex XSOAR SSO log file [CVE-2021-3034]low2.7---
171134Clipper IPC Message Remote Privilege Escalation [CVE-2021-28134]medium6.0---
171133Open5GS WebUI improper authentication [CVE-2021-28122]medium5.8---
171132Web Based Quiz System register.php cross site scriptinglow4.0---
171131Google Go ZIP Archive denial of service [CVE-2021-27919]low2.3---
171130Google Go Token Reader Skip infinite looplow2.3---
171129Facebook Gameroom fbgames Protocol argument injection [CVE-2021-24030]medium5.2---
171128Facebook HHVM preg_quote integer overflowmedium4.9---
171127lib3mf 3MF File releaseZIP use after freemedium4.9---
171126SAP NetWeaver Application Server Java redirect [CVE-2021-21491]medium7.5---
171125PJSIP INVITE denial of service [CVE-2021-21375]low5.0---
171124Tenable for Jira Cloud yaml.load deserializationmedium4.3---
171123containerd Environment Variable exposure of resource [CVE-2021-21334]medium5.2---
171122October CMS Host Header Remote Privilege Escalation [CVE-2021-21265]medium6.5---
171121Linux Kernel Signal unix_stream_recvmsg resource consumptionmedium6.8---
171120libjpeg-turbo GIF Image divide by zero [CVE-2021-20205]low2.3---
171119Google Android face.cc GenerateFaceMask out-of-bounds writemedium4.3---
171118Google Android platform.h sound_trigger_event_alloc out-of-bounds writemedium4.3---
171117Google Android convert.cpp convertToHidl out-of-bounds readlow1.7---
171116Google Android NXP NFC Firmware privileges management [CVE-2021-0462]medium6.5---
171115Google Android iaxxx-module.c iaxxx_core_sensor_change_state out-of-bounds writemedium6.5---
171114Google Android FingerTipS Touch Screen Driver out-of-bounds readlow1.4---
171113Google Android fts_proc.c fts_driver_test_write out-of-bounds readlow1.4---
171112Google Android FingerTipS Touch Screen Driver out-of-bounds readlow1.4---
171111Google Android FingerTipS Touch Screen Driver out-of-bounds writemedium6.5---
171110Google Android Citadel Chip Firmware out-of-bounds write [CVE-2021-0456]medium6.5---
171109Google Android Citadel Chip Firmware out-of-bounds write [CVE-2021-0455]medium6.5---
171108Google Android Citadel Chip Firmware out-of-bounds write [CVE-2021-0454]medium6.5---
171107Google Android Titan M Chip Firmware information disclosure [CVE-2021-0453]low1.4---
171106Google Android Titan M Chip Firmware information disclosure [CVE-2021-0452]low1.7---
171105Google Android Titan M Chip Firmware information disclosure [CVE-2021-0451]low1.4---
171104Google Android Titan M Chip Firmware information disclosure [CVE-2021-0450]low1.4---
171103Google Android Titan M Chip Firmware information disclosure [CVE-2021-0449]low1.4---
171102Google Android xt_qtaguid.c qtaguid_untag use after freelow4.3---
171101Google Android Foreground ActiveServices.java bindServiceLocked Local Privilege Escalationlow4.3---
171100Google Android sdp_discovery.cc sdp_copy_raw_data double freemedium7.5---
171099Google Android builtins-arm.cc Generate_ArgumentsAdaptorTrampoline out-of-bounds writemedium6.5---
171098Google Android reboot.cpp StopServicesAndLogViolations use after freemedium4.3---
171097Google Android android_os_Parcel.cpp android_os_Parcel_readString8 out-of-bounds readlow1.7---
171096Google Android PAC File scanner.cc NewCapacity out-of-bounds writemedium7.5---
171095Google Android main.cpp main double freelow4.3---
171094Google Android Privileges ChooseTypeAndAccountActivity.java onCreate information disclosurelow1.7---
171093Google Android WifiNetworkSuggestionsManager.java permissionmedium4.3---
171092Google Android UiModeManagerService.java setNightModeActivated permissionmedium4.3---
171091Google Android Broadcast ImsPhoneCallTracker.java onReceive privileges managementlow4.3---
171090Google Android QuotaUtils.cpp FindQuotaDeviceForUuid use after freemedium6.5---
171089Google Android UsbConfirmActivity improper restriction of rendered ui layerslow4.3---
171088Google Android WiFi ConnectToNetworkNotificationBuilder.java createConnectToAvailableNetworkNotification privileges managementmedium4.6---
171087Google Android jdapistd.c read_and_discard_scanlines denial of servicelow5.0---
171086Google Android CaptivePortalLoginActivity.java done privileges managementlow4.3---
171085Google Android SliceManagerService.java checkSlicePermission information disclosurelow2.1---
171084Google Android Pendingetent DeviceStorageMonitorService.java updateNotifications information disclosurelow1.7---
171083Google Android Provisioning URL DcTracker.java onReceive permissionmedium4.3---
171082Google Android pvmp3_getbits.cpp getUpTo17bits out-of-bounds readlow5.0---
171081Google Android pvmp3_getbits.cpp getNbits out-of-bounds readlow5.0---
171080Google Android delta_performer.cc Write input validationmedium4.3---
171079Google Android MediaProvider.java checkUriPermission permissionmedium4.3---
171078Google Android VoiceInteractionManagerService.java onPackageModified random valueslow4.3---
171077Google Android IAudioPolicyService.cpp onTransact out-of-bounds readlow1.0---
171076Google Android Pendingetent RemoteMediaSlice.java getMediaOutputSliceAction permissionmedium4.3---
171075Google Android nci_hrcv.cc nci_proc_rf_management_ntf out-of-bounds readmedium6.8---
171074Google Android NFC Server NxpMfcReader.cc Write out-of-bounds writemedium6.8---
171073Google Android Setting UI CrossProfileAppsServiceImpl.java state issuemedium4.3---
171072Google Android bitwise.c oggpack_look out-of-bounds readlow5.0---
171071IBM WebSphere Application Server JAX-RPC Application path traversallow2.1---
171070IBM SPSS Modeler Subscription Installer symlink [CVE-2020-4717]medium4.3---
171069Baby Care System Edit Page Tab cross site scripting [CVE-2020-35752]low4.0---
171068Netgear JGS516PE/GS116Ev2 TFTP Server denial of service [CVE-2020-35233]low5.0---
171067Netgear JGS516PE/GS116Ev2 TFTP Firmware Update Remote Privilege Escalationhigh8.5---
171066Netgear JGS516PE/GS116Ev2 NSDP Protocol improper authenticationmedium8.3---
171065Netgear JGS516PE/GS116Ev2 Web Administration Panel integer overflowlow2.3---
171064Netgear JGS516PE/GS116Ev2 NSDP improper authentication [CVE-2020-35229]medium4.3---
171063Netgear JGS516PE/GS116Ev2 Administration Web Panel cross site scriptinglow4.0---
171062Netgear JGS516PE/GS116Ev2 Administration Web Panel buffer overflowmedium5.2---
171061Netgear JGS516PE/GS116Ev2 DHCP Configuration injection [CVE-2020-35226]medium5.4---
171060Netgear JGS516PE/GS116Ev2 NSDP Protocol denial of service [CVE-2020-35225]low2.3---
171059Netgear JGS516PE/GS116Ev2 NSDP Protocol buffer overflow [CVE-2020-35224]medium5.0---
171058Netgear JGS516PE/GS116Ev2 Web Administration Panel cross-site request forgerylow4.0---
171057Netgear GS516PE/GS116Ev2 NSDP Protocol information disclosurelow5.0---
171056Netgear JGS516PE/GS116Ev2 NSDP Passwort unknown vulnerabilitylow2.6---
171055Netgear JGS516PE/GS116Ev2 TFTP Server Remote Privilege Escalationhigh9.0---
171054Fuel CMS 3 cross-site request forgerylow4.0---
171053Siemens SIMATIC MV400 ISN Generator initialization [CVE-2020-27632]low5.1---
171052Fuel CMS 1 sql injectionmedium6.5---
171051Fuel CMS privileges management [CVE-2020-23722]medium4.9---
171050Fuel CMS cross site scripting [CVE-2020-23721]low4.0---
171049Emerson Smart Wireless Gateway 1420 Administrator Console improper authenticationmedium7.5---
171048Emerson Smart Wireless Gateway 1420 Administrative Task privileges managementmedium4.9---
171047Facebook HHVM crypt stack-based overflowmedium5.2---
171046Facebook HHVM substr_compare out-of-bounds readlow2.3---
171045Facebook HHVM In-Memory File buffer overflow [CVE-2020-1918]medium5.2---
171044Facebook HHVM xbuf_format_converter heap-based overflowmedium5.2---
171043Facebook HHVM ldap_escape heap-based overflowmedium5.2---
171042PJSIP certificate validation [CVE-2020-15260]low2.6---
171041Google Android PackageManagerService.java deletePackageVersionedInternal permissionlow4.3---
171040GROWI cross site scripting [CVE-2021-20673]low4.0---
171039GROWI cross site scripting [CVE-2021-20672]low4.0---
171038GROWI File Validation input validation [CVE-2021-20671]medium5.8---
171037GROWI or access controlmedium5.0---
171036GROWI path traversal [CVE-2021-20669]medium4.7---
171035GROWI path traversal [CVE-2021-20668]low2.2---
171034GROWI Content Security Policy cross site scripting [CVE-2021-20667]low4.0---
171033Apache Velocity Tools VelocityView cross site scripting [CVE-2020-13959]low4.0---
171032Apache Velocity Engine Template command injection [CVE-2020-13936]medium5.2---
171031Western Digital My Cloud OS SMB/AFP symlink [CVE-2021-3310]medium5.2---
171030ExpressVPN Router Nginx Webserver integer overflow [CVE-2020-29238]medium4.0---
171029Microsoft Edge memory corruption [CVE-2021-26411]medium7.5---
171028Microsoft Windows Win32k privileges management [CVE-2021-26900]medium6.8---
171027Microsoft Windows Win32k privileges management [CVE-2021-26875]medium6.8---
171026Microsoft Windows Win32k privileges management [CVE-2021-26863]medium6.0---
171025Microsoft Windows Win32k privileges management [CVE-2021-27077]medium6.8---
171024Microsoft Windows WalletService privileges management [CVE-2021-26885]medium6.8---
171023Microsoft Windows WalletService privileges management [CVE-2021-26871]medium6.8---
171022Microsoft Windows Virtual Registry Provider privileges managementmedium6.8---
171021Microsoft Windows User Profile Service privileges managementmedium6.0---
171020Microsoft Windows Update Stack Setup privileges management [CVE-2021-1729]medium6.2---
171019Microsoft Windows Update Stack privileges management [CVE-2021-26889]medium6.8---
171018Microsoft Windows Update Service privileges management [CVE-2021-26866]medium6.8---
171017Microsoft Windows UPnP Device Host privileges management [CVE-2021-26899]medium6.8---
171016Microsoft Windows Projected File System privileges managementmedium6.8---
171015Microsoft Windows Print Spooler privileges management [CVE-2021-26878]medium6.8---
171014Microsoft Windows Print Spooler privileges management [CVE-2021-1640]medium6.8---
171013Microsoft Windows Overlay Filter privileges management [CVE-2021-26874]medium6.8---
171012Microsoft Windows NAT denial of service [CVE-2021-26879]medium7.8---
171011Microsoft Windows Media Photo Codec information disclosure [CVE-2021-26884]low1.7---
171010Microsoft Windows Installer privileges management [CVE-2021-26862]medium6.0---
171009Microsoft Windows Hyper-V Remote Privilege Escalation [CVE-2021-26867]high9.0---
171008Microsoft Windows Graphics Local Privilege Escalation [CVE-2021-26861]medium6.8---
171007Microsoft Windows Graphics privileges management [CVE-2021-26868]medium6.8---
171006Microsoft Windows Extensible Firmware Interface unknown vulnerabilitylow4.6---
171005Microsoft Windows Event Tracing information disclosure [CVE-2021-24107]low1.7---
171004Microsoft Windows Event Tracing privileges management [CVE-2021-26901]medium6.8---
171003Microsoft Windows Event Tracing privileges management [CVE-2021-26898]medium6.8---
171002Microsoft Windows Event Tracing privileges management [CVE-2021-26872]medium6.8---
171001Microsoft Windows Error Reporting privileges management [CVE-2021-24090]medium6.8---
171000Microsoft Windows DNS Server Remote Code Execution [CVE-2021-26897]high10.0---
170999Microsoft Windows DNS Server Remote Code Execution [CVE-2021-26895]high10.0---
170998Microsoft Windows DNS Server Remote Code Execution [CVE-2021-26894]high10.0---
170997Microsoft Windows DNS Server Remote Code Execution [CVE-2021-26893]high10.0---
170996Microsoft Windows DNS Server code injection [CVE-2021-26877]high10.0---
170995Microsoft Windows DNS Server denial of service [CVE-2021-27063]medium7.8---
170994Microsoft Windows DNS Server denial of service [CVE-2021-26896]medium7.8---
170993Microsoft Windows Container Execution Agent privileges managementmedium6.8---
170992Microsoft Windows Container Execution Agent privileges managementmedium6.8---
170991Microsoft Windows App-V Overlay Filter privileges managementmedium6.8---
170990Microsoft Windows Admin Center information disclosure [CVE-2021-27066]low4.0---
170989Microsoft Windows ActiveX Installer Service information disclosurelow1.7---
170988Microsoft Windows Update Assistant privileges management [CVE-2021-27070]medium6.8---
170987Microsoft Visual Studio Code Remote Code Execution [CVE-2021-27060]medium7.5---
170986Microsoft Visual Studio Code Java Extension Pack Remote Code Executionmedium7.5---
170985Microsoft Visual Studio Code ESLint Extension Remote Code Executionmedium7.5---
170984Microsoft Windows User Profile Service denial of service [CVE-2021-26886]low4.6---
170983Microsoft Windows Storage Spaces Controller privileges managementmedium6.8---
170982Microsoft Visual Studio Code Remote Containers Extension Remote Code Executionmedium7.5---
170981Microsoft Windows Remote Access API privileges management [CVE-2021-26882]medium9.0---
170980Microsoft Quantum Development Kit for Visual Studio Code Remote Code Executionmedium7.5---
170979Microsoft Windows OpenType Font Parser code injection [CVE-2021-26876]medium7.5---
170978Microsoft Windows Media Foundation Remote Privilege Escalationmedium7.1---
170977Microsoft Windows 10 Version 2004 for 32-bit Systems privileges managementmedium6.8---
170976Microsoft Office/Visio/365 Apps for Enterprise Local Privilege Escalationlow3.7---
170975Microsoft Word input validation [CVE-2021-24104]low2.9---
170974Microsoft SharePoint Server/Office Web Apps Remote Privilege Escalationmedium9.0---
170973Microsoft SharePoint Server/Office Web Apps information disclosurelow2.1---
170972Microsoft Office PowerPoint Remote Code Execution [CVE-2021-27056]medium7.5---
170971Microsoft Power BI Report Server information disclosure [CVE-2021-26859]low4.0---
170970Microsoft Office Remote Code Execution [CVE-2021-27059]medium7.5---
170969Microsoft Office Remote Code Execution [CVE-2021-27057]medium7.5---
IDTitleVulDBCVSSSecuniaXForceNessus
170968Microsoft Office Remote Code Execution [CVE-2021-24108]medium7.5---
170967Microsoft 365 Apps for Enterprise ClickToRun Remote Code Executionmedium7.5---
170959Microsoft Office Excel Remote Code Execution [CVE-2021-27054]medium7.5---
170958Microsoft Office Excel Remote Code Execution [CVE-2021-27053]medium7.5---
170957Microsoft Internet Explorer Remote Code Execution [CVE-2021-27085]medium7.5---
170956Microsoft Internet Explorer memory corruption [CVE-2021-26411]medium7.5---
170955Microsoft HEVC Video Extensions Remote Code Execution [CVE-2021-27062]medium7.5---
170954Microsoft HEVC Video Extensions Remote Code Execution [CVE-2021-27061]medium7.5---
170953Microsoft HEVC Video Extensions Remote Code Execution [CVE-2021-27051]medium7.5---
170952Microsoft HEVC Video Extensions Remote Code Execution [CVE-2021-27050]medium7.5---
170951Microsoft HEVC Video Extensions Remote Code Execution [CVE-2021-27049]medium7.5---
170950Microsoft HEVC Video Extensions Remote Code Execution [CVE-2021-27048]medium7.5---
170949Microsoft HEVC Video Extensions Remote Code Execution [CVE-2021-27047]medium7.5---
170948Microsoft HEVC Video Extensions Remote Code Execution [CVE-2021-26902]medium7.5---
170947Microsoft HEVC Video Extensions Remote Code Execution [CVE-2021-24110]medium7.5---
170946Microsoft HEVC Video Extensions Remote Code Execution [CVE-2021-24089]medium7.5---
170945Microsoft Visual Studio Git link following [CVE-2021-21300]medium7.5---
170944Microsoft Windows DirectX privileges management [CVE-2021-24095]medium6.0---
170943Microsoft Edge uninitialized resource [CVE-2021-21190]medium7.5---
170942Microsoft Edge Payments improper authentication [CVE-2021-21189]medium7.5---
170941Microsoft Edge Blink use after free [CVE-2021-21188]medium7.5---
170940Microsoft Edge URL Formatting Remote Code Execution [CVE-2021-21187]medium7.5---
170939Microsoft Edge QR Scanning authorization [CVE-2021-21186]medium7.5---
170938Microsoft Edge Extensions Remote Code Execution [CVE-2021-21185]medium7.5---
170937Microsoft Edge Performance API origin validation [CVE-2021-21184]medium7.5---
170936Microsoft Edge Performance API origin validation [CVE-2021-21183]medium7.5---
170935Microsoft Edge Navigations authorization [CVE-2021-21182]medium7.5---
170934Microsoft Edge Autofill information disclosure [CVE-2021-21181]low2.6---
170933Microsoft Edge Tab Search use after free [CVE-2021-21180]medium7.5---
170932Microsoft Edge Network Internals use after free [CVE-2021-21179]medium7.5---
170931Microsoft Edge Remote Code Execution [CVE-2021-21178]medium7.5---
170930Microsoft Edge Autofill improper authentication [CVE-2021-21177]low5.0---
170929Microsoft Edge Full Screen Mode Remote Code Execution [CVE-2021-21176]medium7.5---
170928Microsoft Edge Site Isolation origin validation [CVE-2021-21175]medium7.5---
170927Microsoft Edge Referrer information disclosure [CVE-2021-21174]low5.0---
170926Microsoft Edge Network Inter Network Internals information disclosurelow2.6---
170925Microsoft Edge File System API Remote Code Execution [CVE-2021-21172]medium7.5---
170924Microsoft Edge TabStrip/Navigation Remote Code Execution [CVE-2021-21171]medium7.5---
170923Microsoft Edge Loader Remote Code Execution [CVE-2021-21170]medium7.5---
170922Microsoft Edge V8 out-of-bounds read [CVE-2021-21169]medium7.5---
170921Microsoft Edge appcache Remote Code Execution [CVE-2021-21168]medium7.5---
170920Microsoft Edge Bookmarks use after free [CVE-2021-21167]medium7.5---
170919Microsoft Edge Audio information disclosure [CVE-2021-21166]low5.0---
170918Microsoft Edge Audio information disclosure [CVE-2021-21165]low5.0---
170917Microsoft Edge information disclosure [CVE-2021-21164]low5.0---
170916Microsoft Edge Reader Mode information disclosure [CVE-2021-21163]low5.0---
170915Microsoft Edge WebRTC use after free [CVE-2021-21162]medium7.5---
170914Microsoft Edge TabStrip heap-based overflow [CVE-2021-21161]medium7.5---
170913Microsoft Edge WebAudio heap-based overflow [CVE-2021-21160]medium7.5---
170912Microsoft Edge TabStrip heap-based overflow [CVE-2021-21159]medium7.5---
170911Microsoft Edge OpenJPEG heap-based overflow [CVE-2020-27844]medium7.5---
170910Microsoft Azure Spring Cloud information disclosure [CVE-2021-27075]medium5.5---
170909Microsoft Azure Sphere Local Privilege Escalation [CVE-2021-27080]medium6.8---
170908Microsoft Azure Sphere unknown vulnerability [CVE-2021-27074]low4.6---
170907Microsoft Windows Application Virtualization code injection [CVE-2021-26890]medium10.0---
170906Lenovo LXCO FFDC Service Log log file [CVE-2021-3417]low4.0---
170905Linux Kernel Linking State code injection [CVE-2021-3411]medium5.2---
170904Twinkle Tray IPC Message Remote Privilege Escalation [CVE-2021-28119]medium6.0---
170903Squid Web Proxy WCCP Protocol out-of-bounds read [CVE-2021-28116]low2.6---
170902OUGC Feedback Plugin Edit cross site scripting [CVE-2021-28115]low4.0---
170901Web Based Quiz System admin.php cross site scriptinglow4.0---
170900SAP 3D Visual Enterprise Viewer U3D File denial of service [CVE-2021-27592]low5.0---
170899SAP 3D Visual Enterprise Viewer PDF File denial of service [CVE-2021-27591]low5.0---
170898SAP 3D Visual Enterprise Viewer TIFF File denial of service [CVE-2021-27590]low5.0---
170897SAP 3D Visual Enterprise Viewer SVG File denial of service [CVE-2021-27589]low5.0---
170896SAP 3D Visual Enterprise Viewer HPGL File denial of service [CVE-2021-27588]low5.0---
170895SAP 3D Visual Enterprise Viewer JT File denial of service [CVE-2021-27587]low5.0---
170894SAP 3D Visual Enterprise Viewer IFF File denial of service [CVE-2021-27586]low5.0---
170893SAP 3D Visual Enterprise Viewer CGM File denial of service [CVE-2021-27585]low5.0---
170892SAP 3D Visual Enterprise Viewer PSD File denial of service [CVE-2021-27584]low5.0---
170891changeset Prototype code injection [CVE-2021-25915]medium6.5---
170890jspdf addImage incorrect regexlow2.6---
170889madge dot sql injectionmedium7.5---
170888TIBCO Spotfire Analyst Spotfire Client cross site scripting [CVE-2021-23273]low4.0---
170887SAP 3D Visual Enterprise Viewer GIF File denial of service [CVE-2021-21493]low5.0---
170886IBM Knowledge Management deserialization [CVE-2021-21488]medium6.5---
170885SAP Payment Engine improper authorization [CVE-2021-21487]low2.7---
170884SAP Enterprise Financial Services improper authorization [CVE-2021-21486]medium4.6---
170883SAP HANA Database LDAP Authentication improper authenticationmedium5.1---
170882SAP NetWeaver MigrationService improper authorization [CVE-2021-21481]high8.3---
170881SAP MII Dashboard access control [CVE-2021-21480]medium7.5---
170880Hyperledger Besu HTTP JSON-RPC API Service resource consumptionlow5.0---
170879Git Symbolic Links link following [CVE-2021-21300]medium5.1---
170878Netty Content-Length Header request smuggling [CVE-2021-21295]medium5.1---
170877IBM Cloud Pak for Multicloud Management Monitoring Header information disclosurelow5.0---
170876Privoxy pcre_compile memory corruptionlow2.7---
170875Privoxy chunked_body_is_complete memory corruptionlow2.7---
170874Privoxy Socks Server null pointer dereference [CVE-2021-20274]low2.3---
170873Privoxy CGI Request denial of service [CVE-2021-20273]low2.3---
170872Privoxy CGI Request assertion [CVE-2021-20272]low2.3---
170871Linux Kernel eBPF Code Verifier sock_map_alloc out-of-bounds readlow4.3---
170870QEMU virtio-fs Shared File System Daemon permissions [CVE-2021-20263]medium4.0---
170869Keycloak Password Update missing authentication [CVE-2021-20262]medium4.6---
170868QEMU eepro100 i8255x Device Emulator infinite loop [CVE-2021-20255]low2.7---
170867ansible-tower Job Isolation file access [CVE-2021-20253]low3.3---
170866ImageMagick resample.c divide by zerolow5.0---
170865ImageMagick webp.c divide by zerolow5.0---
170864ImageMagick visual-effects.c divide by zerolow5.0---
170863ImageMagick resize.c divide by zerolow5.0---
170862ImageMagick jp2.c divide by zerolow5.0---
170861Lenovo PCManager Configuration denial of service [CVE-2020-8357]low1.7---
170860Lenovo LXCO FFDC Service Log log file [CVE-2020-8356]low2.7---
170859LibTIFF TIFF2PDF heap-based overflow [CVE-2020-35524]medium7.5---
170858LibTIFF tif_getimage.c integer overflowmedium7.5---
170857LibTIFF tif_pixarlog.c memory corruptionmedium5.0---
170856LibTIFF tif_read.c memory corruptionmedium5.0---
170855Apache Oozie OozieSharelibCLI temp file [CVE-2020-35451]low4.0---
170854Athom Homey/Homey Pro hard-coded key [CVE-2020-28952]low1.8---
170853i-net Clear Reports redirect [CVE-2020-28150]medium4.9---
170852Eclipse Help Subsystem missing authentication [CVE-2020-27225]medium4.3---
170851Time in Status App cross site scripting [CVE-2021-27222]low4.0---
170850Oryx Embedded CycloneTCP TCP Packet denial of service [CVE-2021-26788]low2.9---
170849Facebook react-dev-utils getProcessForPort os command injectionmedium5.2---
170848Elasticsearch Field Level Security information disclosure [CVE-2021-22134]low2.7---
170847Dell iDRAC8 Host Header injection [CVE-2021-21510]medium7.5---
170846Dell EMC PowerScale OneFS API input validation [CVE-2021-21506]medium6.5---
170845Dell EMC PowerScale OneFS os command injection [CVE-2021-21503]medium6.8---
170844MinIO MC Share Upload URL improper authorization [CVE-2021-21362]medium6.5---
170843gradle-vagrant-plugin Environment information disclosure [CVE-2021-21361]low1.7---
170842Products.GenericSetup Generic Setup Tool information disclosurelow5.0---
170841Pollbot redirect [CVE-2021-21354]medium7.5---
170840Products.PluggableAuthService redirect [CVE-2021-21337]medium6.5---
170839Frappe Products.PluggableAuthService information disclosure [CVE-2021-21336]low4.0---
170838SPNEGO HTTP Authentication Module Username improper authenticationmedium7.5---
170837RATCF Multi-Factor Authentication improper authentication [CVE-2021-21329]medium5.1---
170836GLPI Self-Service Interface authorization [CVE-2021-21326]medium6.5---
170835GLPI cross site scripting [CVE-2021-21325]low4.0---
170834GLPI resource injection [CVE-2021-21324]medium4.0---
170833IBM DataPower Gateway server-side request forgery [CVE-2020-5014]medium4.0---
170832IBM API Connect Registration Invitation Link information disclosurelow2.6---
170831IBM API Connect Database Replication cleartext transmission [CVE-2020-4695]low2.6---
170830KeyCloak Client Registration Endpoint missing authenticationmedium5.8---
170829Maxum Rumpus Folder Name cross site scripting [CVE-2020-27576]low4.0---
170828Maxum Rumpus Web Administration command injection [CVE-2020-27575]medium4.7---
170827Maxum Rumpus cross-site request forgery [CVE-2020-27574]low4.0---
170826Dr.Web Security Space Autoupdate signature verification [CVE-2020-23967]medium6.8---
170825Pires go-proxyproto parseVersion1 resource consumptionlow2.1---
170824MantisBT session expiration [CVE-2009-20001]medium5.1---
170823NATS nats-server NATS Service denial of service [CVE-2020-28466]low5.0---
170822Linux Kernel iSCSI Data Structure iscsi_host_get_param information disclosurelow4.0---
170821Linux Kernel Netlink Message scsi_transport_iscsi.c iscsi_if_recv_msg out-of-bounds readlow4.9---
170820Linux Kernel iSCSI Transport scsi_transport_iscsi.c information disclosurelow4.0---
170819AfterLogic Aurora/WebMail Pro settings.xml path traversalmedium5.2---
170818Wazuh API files input validationmedium4.9---
170817newlib nano_pvalloc heap-based overflowmedium5.2---
170816ansi_up ANSI Escape Code cross site scripting [CVE-2021-3377]low4.0---
170815Deutsche Post Mailoptimizer ZIP Archive path traversal [CVE-2021-28042]medium6.5---
170814OpenSSH ssh-agent double free [CVE-2021-28041]medium4.0---
170813OSSEC XML Tag os_xml.c _ReadElem recursionlow2.3---
170812Xen Dom0/Driver Domain denial of service [CVE-2021-28039]low4.6---
170811Xen Netback Driver denial of service [CVE-2021-28038]low5.2---
170810jpeg-xl JXL File coeff_order.cc ReadPermutation heap-based overflowmedium5.2---
170809Kentico CMS Blog Module sql injection [CVE-2021-27581]medium6.5---
170808Netgear R7800 FTP certificate validation [CVE-2021-27257]medium4.8---
170807Netgear R7800 apply_save.cgi improper authenticationmedium5.8---
170806Netgear R7800 Endpoint refresh_status.aspx missing authenticationmedium5.8---
170805Netgear R7800 Endpoint apply_save.cgi hard-coded keymedium5.8---
170804SPIFFE SPIRE Node Attestor authorization [CVE-2021-27099]low4.9---
170803SPIFFE SPIRE FetchX509SVID RPC certificate validation [CVE-2021-27098]medium5.8---
170802Aruba AirWave Management Platform Web-based Management Interface os command injectionmedium6.5---
170801Aruba AirWave Management Platform Web-based Management Interface os command injectionmedium6.5---
170800Aruba AirWave Management Platform Web-based Management Interface xml entity expansionlow4.0---
170799Aruba AirWave Management Platform Web-based Management Interface cross site scriptinglow4.0---
170798Aruba AirWave Management Platform Web-based Management Interface cross site scriptinglow4.0---
170797Aruba AirWave Management Platform API sql injection [CVE-2021-26966]medium6.5---
170796Aruba AirWave Management Platform sql injection [CVE-2021-26965]medium6.5---
170795Aruba AirWave Management Platform Web-based Management Interface improper authenticationmedium6.5---
170794Aruba AirWave Management Platform CLI Remote Privilege Escalationhigh9.0---
170793Aruba AirWave Management Platform CLI command injection [CVE-2021-26962]medium6.5---
170792Aruba AirWave Management Platform Web-based Management Interface cross-site request forgerylow5.0---
170791Aruba AirWave Management Platform Web-based Management Interface cross-site request forgerylow5.0---
170790SquareBox CatDV Server RMI getConnections improper authenticationmedium5.8---
170789ZTE H196Q Product information disclosure [CVE-2021-21725]low2.3---
170788Zoho ManageEngine ADManager Plus cross site scripting [CVE-2020-35594]low4.0---
170787TOTVS Fluig Lake path traversal [CVE-2020-29134]medium5.2---
170786Secomea GateManager Firmware improper validation of integrity check valuemedium8.3---
170785Secomea GateManager Web GUI cross-site request forgery [CVE-2020-29030]low5.0---
170784Secomea GateManager Web GUI cross site scripting [CVE-2020-29029]low5.0---
170783Secomea GateManager Web GUI cross site scripting [CVE-2020-29028]low5.0---
170782Secomea SiteManager Web UI access control [CVE-2020-29020]medium6.5---
170781xmlhttprequest/xmlhttprequest-ssl XMLHttpRequest injection [CVE-2020-28502]medium5.1---
170780Zoho ManageEngine Desktop Central Authentication Secret improper authenticationmedium5.8---
170779Apache Superset Dashboard cross site scripting [CVE-2021-27907]low4.0---
170778internment Crate memory corruption [CVE-2021-28037]medium5.2---
170777quinn Crate SocketAddrV6 memory corruptionmedium5.2---
170776stack_dst Crate push_inner uninitialized pointerlow4.9---
170775stack_dst Crate push_inner double freemedium4.9---
170774byte_struct Crate deserialization [CVE-2021-28033]medium4.9---
170773nano_arena Crate split_at out-of-bounds writemedium5.2---
170772scratchpad Crate move_elements double freemedium4.9---
170771truetype Crate take_bytes uninitialized pointerlow2.3---
170770toodee Crate Row Insert uninitialized pointer [CVE-2021-28029]low2.3---
170769toodee Crate Row Insert double free [CVE-2021-28028]medium4.9---
170768bam Crate bgzip Block Load out-of-bounds write [CVE-2021-28027]medium5.2---
170767SUSE Rancher cross site scripting [CVE-2021-25313]low5.0---
170766Movable Type Add Asset Screen cross site scripting [CVE-2021-20665]low4.0---
170765Movable Type Asset Registration Screen cross site scripting [CVE-2021-20664]low4.0---
170764Movable Type Role Authority Setting cross site scripting [CVE-2021-20663]low4.0---
170763Zoho ManageEngine Application Control Plus Nginx Configuration Setting access controlmedium5.2---
170762activerecord-session_store timing discrepancy [CVE-2019-25025]low2.6---
170761MSI Dragon Center IOCTL Request MsIo64.sys buffer overflowmedium5.2---
170760SonLogger POST Request SaveUploadedHotspotLogoFile unrestricted uploadmedium5.8---
170759SonLogger POST Request saveUser improper authenticationmedium7.5---
170758SonicWALL Directory Services Connector SSO Agent improper authenticationmedium7.5---
170757IdentityModel Branca improper authentication [CVE-2020-36255]medium5.8---
170756Sangoma Asterisk SIP Request chan_sip.c improper authenticationmedium7.5---
170755ytnef File ytnef.c SwapWord heap-based overflowmedium6.5---
170754ytnef ytnef.c TNEFSubjectHandler double freemedium6.0---
170753Doctor Appointment System admin.php sql injectionmedium7.5---
170752Yubico yubihsm-shell _send_secure_msg out-of-bounds readlow2.3---
170751NetApp Clustered Data ONTAP SMB Access denial of service [CVE-2021-26989]low3.5---
170750NetApp Clustered Data ONTAP information disclosure [CVE-2021-26988]low2.3---
170749AfterLogic Aurora/WebMail Pro DAV DAVServer.php pathname traversalmedium5.2---
170748Joomla! Form Filter input validation [CVE-2021-26029]medium6.0---
170747Joomla! ZIP Package path traversal [CVE-2021-26028]medium5.2---
170746Joomla! Category exposure of resource [CVE-2021-26027]medium4.9---
170745Samsung Internet Permission permission [CVE-2021-25348]low4.3---
170744Samsung Mobile Device Email App improper authentication [CVE-2021-25347]medium4.3---
170743Samsung Mobile Device quram Library memory corruption [CVE-2021-25346]medium7.5---
170742Samsung Mobile Device hwcomposer denial of service [CVE-2021-25345]low5.0---
170741Samsung Mobile Device knox_custom Service permission [CVE-2021-25344]low1.7---
170740Samsung Mobile Device memory corruption [CVE-2021-25343]low5.9---
170739Samsung SMP SDK Provider denial of service [CVE-2021-25342]low1.7---
170738Samsung S Assistant denial of service [CVE-2021-25341]low2.1---
170737Samsung Mobile Device Keyboard access control [CVE-2021-25340]medium4.6---
170736Samsung Mobile Devices HArx memory corruption [CVE-2021-25339]medium5.9---
170735Samsung Mobile Devices RKP access control [CVE-2021-25338]medium5.9---
170734Samsung Mobile Devices Clipboard Service access control [CVE-2021-25337]medium4.3---
170733Samsung Mobile Devices NotificationManagerService privileges managementmedium4.3---
170732Samsung Mobile Devices Lockscreen access control [CVE-2021-25335]low2.1---
170731Samsung Mobile Devices Application denial of service [CVE-2021-25334]low4.6---
170730Samsung Pay Mini Application Lockscreen access control [CVE-2021-25333]low1.7---
170729Samsung Pay Mini Application Lockscreen access control [CVE-2021-25332]low2.1---
170728Samsung Pay Mini Application Lockscreen access control [CVE-2021-25331]low2.1---
170727Facebook Zstandard permission [CVE-2021-24032]medium5.2---
170726Facebook Zstandard permission [CVE-2021-24031]medium5.2---
170725html-parse-stringify Regex resource consumption [CVE-2021-23346]low2.6---
170724total.js set code injectionmedium7.5---
170723Joomla! com_media path traversal [CVE-2021-23132]medium5.2---
170722Joomla! Template Manager input validation [CVE-2021-23131]medium4.9---
170721Joomla! Feed Field cross site scripting [CVE-2021-23130]low4.0---
170720Joomla! Message cross site scripting [CVE-2021-23129]low4.0---
170719Joomla! FOFEncryptRandval random valueslow1.4---
170718Joomla! 2FA Secret random values [CVE-2021-23127]low1.4---
170717Joomla! 2FA Secret rand random valueslow1.4---
170716GitLab Community Edition/Enterprise Edition improper authenticationmedium4.3---
170715GitLab Community Edition/Enterprise Edition Epics Page cross site scriptinglow4.0---
170714Fortinet FortiProxy SSL VPN Portal access control [CVE-2021-22128]medium6.5---
170713IBM Engineering Web UI cross site scripting [CVE-2021-20351]low4.0---
170712IBM Engineering Web UI cross site scripting [CVE-2021-20350]low4.0---
170711IBM Engineering Web UI cross site scripting [CVE-2021-20340]low4.0---
170710fs-path removeSync command injectionmedium5.2---
170709IBM Engineering Web UI cross site scripting [CVE-2020-4975]low4.0---
170708IBM Engineering Web UI cross site scripting [CVE-2020-4866]low4.0---
170707IBM Engineering Web UI cross site scripting [CVE-2020-4863]low4.0---
170706IBM Engineering Web UI cross site scripting [CVE-2020-4857]low4.0---
170705IBM Engineering Web UI cross site scripting [CVE-2020-4856]low4.0---
170704CGAL libcgal Nef polygon-parsing SNC_io_parser.h read_sface out-of-bounds readlow4.9---
170703CGAL libcgal Nef polygon-parsing SNC_io_parser.h read_sloop out-of-bounds readlow4.9---
170702Courier Management System sql injection [CVE-2020-35329]medium6.5---
170701Courier Management System cross site scripting [CVE-2020-35328]low4.0---
170700Courier Management System admin_class.php sql injectionmedium6.5---
170699CGAL libcgal Nef polygon-parsing SNC_io_parser.h read_sloop out-of-bounds readlow4.9---
170698CGAL libcgal Nef polygon-parsing PM_io_parser.h read_vertex out-of-bounds readlow2.3---
170697Linux Kernel GPU Nouveau Driver DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC null pointer dereferencelow4.6---
170696Fortinet FortiGate HTTP Header unknown vulnerability [CVE-2020-15938]low5.0---
170695Xerox AltaLink C8070 Drive Encryption cleartext storage [CVE-2019-18630]low1.7---
170694GLPI dropdownConnect.php getItemForItemtype injectionmedium7.5---
170693QCubed POST Request profile.php deserializationmedium7.5---
170692QCubed profile.php sql injectionmedium7.5---
170691QCubed profile.php cross site scriptinglow5.0---
170690ForkCMS Ajax endpoint injection [CVE-2020-24036]medium6.5---
170689Google Chrome PDFium uninitialized pointer [CVE-2021-21190]medium7.5---
170688Google Chrome Payments improper authentication [CVE-2021-21189]low4.9---
170687Google Chrome Blink use after free [CVE-2021-21188]medium7.5---
170686Google Chrome URL Format unknown vulnerability [CVE-2021-21187]low4.9---
170685Google Chrome QR Scanning authorization [CVE-2021-21186]low4.9---
170684Google Chrome Extensions Remote Code Execution [CVE-2021-21185]medium7.5---
170683Google Chrome Performance API origin validation [CVE-2021-21184]medium7.5---
170682Google Chrome Performance API origin validation [CVE-2021-21183]medium7.5---
170681Google Chrome Navigation authorization [CVE-2021-21182]medium7.5---
170680Google Chrome Autofill information disclosure [CVE-2021-21181]low2.6---
170679Google Chrome OpenJPEG heap-based overflow [CVE-2020-27844]medium7.5---
170678Google Chrome Tab Search use after free [CVE-2021-21180]medium7.5---
170677Google Chrome Network Internals use after free [CVE-2021-21179]medium7.5---
170676Google Chrome Compositing Remote Code Execution [CVE-2021-21178]medium7.5---
170675Google Chrome Autofill improper authentication [CVE-2021-21177]medium7.5---
170674Google Chrome Full Screen Mode Remote Code Execution [CVE-2021-21176]medium7.5---
170673Google Chrome Site Isolation sandbox [CVE-2021-21175]medium7.5---
170672Google Chrome Referrer Remote Code Execution [CVE-2021-21174]medium7.5---
170671Google Chrome Network Internals information disclosure [CVE-2021-21173]low2.6---
170670Google Chrome File System API Remote Code Execution [CVE-2021-21172]medium7.5---
170669Google Chrome TabStrip/Navigation Remote Code Execution [CVE-2021-21171]medium7.5---
170668Google Chrome Loader Remote Code Execution [CVE-2021-21170]medium7.5---
170667Google Chrome V8 out-of-bounds read [CVE-2021-21169]medium7.5---
170666Google Chrome AppCache Remote Code Execution [CVE-2021-21168]medium7.5---
170665Google Chrome Bookmarks use after free [CVE-2021-21167]medium7.5---
170664Google Chrome Audio memory corruption [CVE-2021-21166]medium7.5---
170663Google Chrome Audio memory corruption [CVE-2021-21165]medium7.5---
170662Google Chrome origin validation [CVE-2021-21164]medium7.5---
170661Google Chrome Reader Mode origin validation [CVE-2021-21163]medium7.5---
170660Google Chrome WebRTC use after free [CVE-2021-21162]medium7.5---
170659Google Chrome TabStrip heap-based overflow [CVE-2021-21161]medium7.5---
170658Google Chrome WebAudio heap-based overflow [CVE-2021-21160]medium7.5---
170657Google Chrome TabStrip heap-based overflow [CVE-2021-21159]medium7.5---
170656Xerox AltaLink C8070 Clone Install unknown vulnerability [CVE-2019-18629]low4.0---
170655Xerox AltaLink C8070 cleartext transmission [CVE-2019-18628]low2.6---
170654openark Orchestrator orchestrator.js cross site scriptinglow4.0---
170653AdGuard inadequate encryption [CVE-2021-27935]low2.6---
170652LumisXP API PageControllerXml.jsp xml external entity referencelow2.9---
170651Zabbix CControllerAuthenticationUpdate cross-site request forgerylow4.0---
170650BigProf Online Invoicing System csv injection [CVE-2021-27839]medium4.9---
170649genugate Web Interface improper authentication [CVE-2021-27215]medium7.5---
170648markdown2 Regular Expression denial of service [CVE-2021-26813]low5.0---
170647Trend Micro Visua Scan API/Advanced Threat Scan Engine File denial of servicelow2.3---
170646Node.js DNS Server hosts dns rebindingmedium4.9---
170645Node.js File Descriptor Limit resource consumption [CVE-2021-22883]low2.3---
170644Nextcloud Server Notification cross site scripting [CVE-2021-22878]low4.0---
170643NextCloud access control [CVE-2021-22877]medium5.2---
170642Fatek FvDesigner Project File out-of-bounds write [CVE-2021-22683]medium7.5---
170641Rockwell Automation Studio 5000 Logix Designer/RSLogix 5000 insufficiently protected credentialsmedium5.8---
170640Fatek FvDesigner Project File uninitialized pointer [CVE-2021-22670]medium7.5---
170639Fatek FvDesigner Project File stack-based overflow [CVE-2021-22666]medium7.5---
170638Fatek FvDesigner Project File use after free [CVE-2021-22662]medium7.5---
170637Fatek FvDesigner Project File out-of-bounds read [CVE-2021-22638]medium7.5---
170636GitLab Community Edition/Enterprise Edition Branch Log information disclosurelow5.0---
170635GitLab Community Edition/Enterprise Edition Merge Request cross site scriptinglow4.0---
170634Bitnami Docker Container .env random valueslow2.3---
170633VMware View Planner logupload Web Application improper authorizationmedium6.5---
170632DataDog API Client Java Temporary Files prepareDownloadFilecreates temp filelow4.0---
170631GLPI Ticket Update cross site scripting [CVE-2021-21314]low4.0---
170630GLPI common.tabs.php cross site scriptinglow4.0---
170629GLPI Document Upload document.form.php cross site scriptinglow4.0---
170628IBM Security Verify Bridge external hard-coded credentials [CVE-2021-20442]low2.6---
170627IBM Security Verify Bridge inadequate encryption [CVE-2021-20441]low2.6---
170626grub2 Calculation Setparam_prefix out-of-bounds writemedium5.2---
170625grub2 Options out-of-bounds write [CVE-2021-20225]medium5.2---
170624Tenable Tenable.sc/Tenable.sc Core Hypertext Preprocessor deserializationmedium6.5---
170623Nextcloud Server credentials storage [CVE-2020-8296]low1.4---
170622zoujingli ThinkAdmin Dashboard hard-coded credentials [CVE-2020-35296]medium5.8---
170621wp-hotel-booking Plugin Cookie class-wphb-sessions.php deserializationmedium6.0---
170620Epignosis EfrontPro password recovery [CVE-2020-28597]low1.4---
170619Slic3r libslic3r AMF File endElement out-of-bounds readlow2.3---
170618grub2 cutmem Command memory corruption [CVE-2020-27779]medium5.2---
170617grub2 Command Line stack-based overflow [CVE-2020-27749]medium5.2---
170616grub2 USB Device Initialization memory corruption [CVE-2020-25647]medium4.6---
170615grub2 rmmod use after free [CVE-2020-25632]medium4.9---
170614Fortinet FortiGate Log Dashboard cross site scripting [CVE-2020-15937]low5.0---
170613grub2 ACPI Command memory corruption [CVE-2020-14372]medium6.8---
170612WebKit WebKitGTK Web Page AudioSourceProviderGStreamer use after freemedium7.5---
170611Advantech WebAccess/SCADA access control [CVE-2020-13554]medium6.8---
170610Pillow ICO Container memory allocation [CVE-2021-27923]low2.3---
170609Pillow Image memory allocation [CVE-2021-27922]low2.3---
170608Pillow BLP Container memory allocation [CVE-2021-27921]low2.3---
170607SuSE Linux Enterprise Server salt improper authentication [CVE-2021-25315]high10.0---
170606Argo CD SSO Provider cross site scripting [CVE-2021-23347]low3.3---
170605GitHub Enterprise Server GraphQL API improper authorization [CVE-2021-22863]medium5.2---
170604GitHub Enterprise Server Fork improper authorization [CVE-2021-22862]medium5.2---
170603GitHub Enterprise Server REST API improper authorization [CVE-2021-22861]medium6.5---
170602Oracle Cloud Infrastructure Data Science Notebook Sessions Local Privilege Escalationlow4.3---
170601pug Template injection [CVE-2021-21353]low2.6---
170600Anuko Time Tracker Password Reset password recovery [CVE-2021-21352]low2.6---
170599GitHub Enterprise Server Parser Configuration command injectionmedium6.5---
170598Stormshield Network Security Table Management denial of servicelow2.3---
170597e107 CMS usersettings.php protection mechanismmedium4.9---
170596Microsoft Exchange Server Remote Privilege Escalation [CVE-2021-27078]high8.3---
170595Microsoft Exchange Server Remote Code Execution [CVE-2021-27065]medium7.5---
170594Microsoft Exchange Server Remote Code Execution [CVE-2021-26858]medium7.5---
170593Microsoft Exchange Server Remote Code Execution [CVE-2021-26857]medium7.5---
170592Microsoft Exchange Server unknown vulnerability [CVE-2021-26855]high9.4---
170591Microsoft Exchange Server Remote Privilege Escalation [CVE-2021-26854]medium6.8---
170590Microsoft Exchange Server Remote Privilege Escalation [CVE-2021-26412]high8.3---
170589Samsung MobileWips App denial of service [CVE-2021-25330]low2.3---
170588HarmonyOS Filesystem denial of service [CVE-2021-22296]low1.7---
170587HarmonyOS Component API permission [CVE-2021-22294]medium4.0---
170586GitLab Community Edition/Enterprise Edition Project resource consumptionlow4.0---
170585Dell EMC OpenManage Server Administrator path traversal [CVE-2021-21514]low3.3---
170584Dell EMC OpenManage Server Administrator Distributed Web Server improper authenticationmedium7.5---
170583GLPI kanban.php cross site scriptinglow4.0---
170582GLPI resource injection [CVE-2021-21255]low2.1---
170581IBM Cloud APM information disclosure [CVE-2020-4726]low1.7---
170580IBM Cloud APM APM UI cross site scripting [CVE-2020-4725]low4.0---
170579IBM Cloud APM DNS Query name resolution [CVE-2020-4719]low3.3---
170578bPanel Administrative Ajax Endpoint aj_*.php sql injectionmedium5.8---
170577BlackBoard Collaborate Ultra Class Room cross site scriptinglow4.0---
170576UltimateKode Neo Billing cross site scripting [CVE-2020-23518]low4.0---
170575MB Connect Line mymbCONNECT24/mbCONNECT24 GET Parameter redirect.php cross site scriptinglow5.0---
170574MB Connect Line mymbCONNECT24/mbCONNECT24 LDAP server-side request forgerymedium5.0---
170573MB Connect Line mymbCONNECT24/mbCONNECT24 web2go Session privileges managementmedium4.0---
170572MB Connect Line mymbCONNECT24/mbCONNECT24 privileges managementmedium6.8---
170571MISP SharingGroupServer.php access controlmedium5.2---
170570LG Mobile Device Fingerprint unknown vulnerability [CVE-2021-27901]medium4.9---
170569Apache Ambari Views cross site scripting [CVE-2020-1936]low4.0---
170568ZendTo Filename cross site scripting [CVE-2021-27888]low4.0---
170567JPEG XL memory corruption [CVE-2021-27804]medium5.2---
170566Accellion FTA User Endpoint cross site scripting [CVE-2021-27731]low4.0---
170565Accellion FTA Admin Endpoint argument injection [CVE-2021-27730]medium5.2---
170564Gigaset DX600A Telnet Administrator Service excessive authenticationlow2.6---
170563Gigaset DX600A AT Command buffer overflow [CVE-2021-25306]medium6.5---
170562fastify-http-proxy escape output [CVE-2021-21322]medium7.5---
170561fastify-reply-from HTTP Request escape output [CVE-2021-21321]medium7.5---
170560matrix-react-sdk insufficient verification of data authenticitylow2.1---
170559EPrints Latex os command injection [CVE-2021-3342]medium6.0---
170558WPS Hide Login post_password protection mechanismmedium6.0---
170557rakibtg Docker Dashboard API terminal.js os command injectionmedium5.2---
170556YMFE YApi JSON Web Token random values [CVE-2021-27884]low2.3---
170555Veritas Backup Exec TLS Communication improper authenticationmedium6.5---
170554Veritas Backup Exec SHA Authentication improper authenticationmedium7.5---
170553Veritas Backup Exec TLS Communication improper authenticationmedium7.5---
170552Doctor Appointment System contactus.php cross site scriptinglow4.0---
170551Doctor Appointment System contactus.php cross site scriptinglow4.0---
170550EPrints toolbox os command injectionmedium6.0---
170549EPrints JSON phrase xml external entity referencemedium6.0---
170548EPrints dataset_dictionary cross site scriptinglow4.0---
170547EPrints Latex os command injection [CVE-2021-26476]medium6.5---
170546EPrints cal cross site scriptinglow4.0---
170545object-collider Prototype code injection [CVE-2021-25914]medium6.5---
170544ONLYOFFICE DocumentServer Server Module Remote Privilege Escalationmedium6.0---
170543ONLYOFFICE DocumentServer Core Module heap-based overflow [CVE-2021-25832]medium6.5---
170542ONLYOFFICE DocumentServer Core Module Remote Privilege Escalationmedium6.0---
170541ONLYOFFICE DocumentServer Core Module Remote Privilege Escalationmedium6.0---
170540ONLYOFFICE DocumentServer Code Module denial of service [CVE-2021-25829]low2.3---
170539VMware Spring-integration-zip Incomplete Fix CVE-2018-1263 path traversalmedium4.0---
170538Dell EMC SRS Policy Manager XML Parser xml external entity referencemedium7.5---
170537Dell EMC SourceOne cross site scripting [CVE-2021-21515]low4.0---
170536Apache AsterixDB UDF Deployment path traversal [CVE-2020-9479]medium4.0---
170535MongoDB Regex denial of service [CVE-2020-7929]low4.0---
170534Crowd ResourceDownloadRewriteRule path traversalmedium5.0---
170533MongoDB Generic Explain Command denial of service [CVE-2018-25004]low4.0---
170532Apache Tomcat Incomplete Fix CVE-2020-9484 deserialization [CVE-2021-25329]medium7.5---
170531Apache Tomcat h2c Connection information disclosure [CVE-2021-25122]low2.6---
170530Dataiku DSS Project access control [CVE-2021-27225]medium5.8---
170529SerComm Combo VD625 HTTP Header injection [CVE-2021-27132]medium4.9---
170528SaltStack Salt SSH Client os command injection [CVE-2021-3197]medium5.2---
170527i-doit cross site scripting [CVE-2021-3151]low4.0---
170526SaltStack Salt API thin.py salt.utils.thin.gen_thin command injectionmedium5.2---
170525SaltStack Salt eauth Token session expiration [CVE-2021-3144]medium5.2---
170524wpa_supplicant P2P Provision Discovery Request p2p_pd.c denial of servicelow2.1---
170523Zint Barcode Generator C API upcean.c ean_leading_zeroes buffer overflowmedium5.2---
170522Visualware MyConnection Server Web Service unrestricted uploadmedium6.8---
170521Synology DiskStation Manager faad path traversal [CVE-2021-26567]medium6.5---
170520Synology DiskStation Manager synorelayd insertion of sensitive information into sent datamedium5.1---
170519Synology DiskStation Manager HTTP Session cleartext transmissionlow2.6---
170518Synology DiskStation Manager HTTP Session channel accessiblelow2.6---
170517Synology DiskStation Manager Kernel Module access control [CVE-2021-26563]low1.7---
170516Synology DiskStation Manager HTTP Header out-of-bounds writemedium7.6---
170515Synology DiskStation Manager HTTP Header stack-based overflowmedium7.6---
170514Synology DiskStation Manager HTTP Session channel accessiblelow2.6---
170513SaltStack Salt salt.modules.cmdmod log filelow2.7---
170512SaltStack Salt Jinja Renderer injection [CVE-2021-25283]medium4.9---
170511SaltStack Salt salt.wheel.pillar_roots.write pathname traversalmedium5.2---
170510SaltStack Salt salt-api improper authentication [CVE-2021-25281]medium6.5---
170509Redis integer overflow [CVE-2021-21309]medium7.5---
170508PrestaShop Soft Logout System improper authentication [CVE-2021-21308]medium7.5---
170507PrestaShop Admin Panel csv injection [CVE-2021-21302]medium6.5---
170506Google Android cameraisp out-of-bounds write [CVE-2021-0406]medium6.8---
170505Google Android Performance Driver out-of-bounds write [CVE-2021-0405]medium6.8---
170504Google Android mobile_log_d information disclosure [CVE-2021-0404]low1.7---
170503Google Android netdiag information disclosure [CVE-2021-0403]low1.7---
170502Google Android jpeg out-of-bounds write [CVE-2021-0402]medium6.8---
170501Google Android vow memory corruption [CVE-2021-0401]medium6.8---
170500Google Android vpu memory corruption [CVE-2021-0367]medium6.8---
170499Google Android vpu memory corruption [CVE-2021-0366]medium6.8---
170498Zenphoto CMS Uploader Plugin unrestricted upload [CVE-2020-36079]medium6.5---
170497SaltStack Salt certificate validation [CVE-2020-35662]medium5.1---
170496SaltStack Salt certificate validation [CVE-2020-28972]medium5.1---
170495SaltStack Salt Process Name command injection [CVE-2020-28243]medium4.3---
170494GNU C Library Mutlibyte iconv infinite looplow5.0---
170493Eclipse Jetty Accept Header algorithmic complexity [CVE-2020-27223]low2.3---
170492Scytl sVote X-Forwarded-For Header injection [CVE-2019-25023]medium3.3---
170491Scytl sVote Event Alias Runtime.getRuntime.exec code injectionmedium5.2---
170490Scytl sVote Database Manager hard-coded password [CVE-2019-25021]medium5.8---
170489Scytl sVote sdm-ws-rest API preconfiguration improper authenticationmedium3.3---
170488OpenText Content Server cross site scripting [CVE-2021-3010]low4.0---
170487LMA ISIDA Retriever sql injection [CVE-2021-26904]medium6.5---
170486LMA ISIDA Retriever cross site scripting [CVE-2021-26903]low4.0---
170485Mozilla Firefox memory corruption [CVE-2021-23979]medium7.5---
170484Mozilla Firefox/Firefox ESR/Thunderbird memory corruption [CVE-2021-23978]medium7.5---
170483Mozilla Firefox memory corruption [CVE-2021-23965]medium7.5---
170482Mozilla Firefox/Firefox ESR/Thunderbird memory corruption [CVE-2021-23964]medium7.5---
170481thecodingmachine Gotenberg html server-side request forgerymedium5.0---
170480ProSoft ICX35-HWC-A/ICX35-HWC-E Module Webpage access controlmedium5.8---
170479Node-Red Projects API path traversal [CVE-2021-21298]low2.1---
170478Node-Red Admin API dynamically-determined object attributes [CVE-2021-21297]medium6.5---
170477Synapse .well-known resource consumptionlow5.0---
170476Synapse redirect [CVE-2021-21273]low2.6---
170475ownCloud Client DLL injection [CVE-2020-28646]medium4.9---
170474best it Amazon Pay Plugin information disclosure [CVE-2020-28199]low2.3---
170473Kaspersky Rescue Disk/Endpoint Security UEFI Module improper authenticationmedium7.2---
170472ABB AC500 V2 Web Visualization resource consumption [CVE-2020-24686]low5.0---
170471Bosch DIVAR IP 5000 access control [CVE-2019-11684]medium7.5---
170470Keylime Agent/Registrar signature verification [CVE-2021-3406]medium4.3---
170469Custom Global Variables Plugin Form Field cross site scriptinglow4.0---
170468Triconsole Datepicker Calendar calendar_form.php cross site scriptinglow4.0---
170467Microsoft Edge unknown vulnerability [CVE-2021-24113]low5.5---
170466Mozilla Firefox toctou [CVE-2021-23977]low1.0---
170465Mozilla Firefox Fullscreen improper restriction of rendered ui layersmedium7.5---
170464Mozilla Firefox Developer Page allocation of resources [CVE-2021-23975]low1.7---
170463Mozilla Firefox DOMParser API cross site scripting [CVE-2021-23974]low5.0---
170462Mozilla Firefox/Firefox ESR/Thunderbird Decoding unknown vulnerabilitymedium5.0---
170461Mozilla Firefox HTTP Authentication improper restriction of rendered ui layersmedium7.5---
170460Mozilla Firefox Referer Policy information disclosure [CVE-2021-23971]low5.0---
170459Mozilla Firefox Shared Jump Table assertion [CVE-2021-23970]low4.6---
170458Mozilla Firefox/Firefox ESR/Thunderbird Content Security Policy information disclosurelow5.0---
170457Mozilla Firefox/Firefox ESR/Thunderbird Content Security Policy unknown vulnerabilitymedium7.5---
170456Mozilla Firefox WebRTC Share permission [CVE-2021-23963]medium7.5---
170455Mozilla Firefox RowCountChanged denial of servicelow5.0---
170454Mozilla Firefox information disclosure [CVE-2021-23961]low5.0---
170453Mozilla Firefox/Firefox ESR/Thunderbird Garbage Collector denial of servicelow5.0---
170452Mozilla Firefox Error Page cross site scripting [CVE-2021-23959]low5.0---
170451Mozilla Firefox Screen Sharing information disclosure [CVE-2021-23958]low5.0---
170450Mozilla Firefox intent Scheme sandbox [CVE-2021-23957]medium7.5---
170449Mozilla Firefox File Picker unrestricted upload [CVE-2021-23956]medium7.5---
170448Mozilla Firefox Pointer Lock clickjacking [CVE-2021-23955]low5.0---
170447Mozilla Firefox/Firefox ESR/Thunderbird Javascript Switch memory corruptionmedium7.5---
170446Mozilla Firefox/Firefox ESR/Thunderbird PDF Reader unknown vulnerabilitymedium5.0---
170445ZTE ZXR10 8900E memory leak [CVE-2021-21724]low1.7---
170444aiohttp redirect [CVE-2021-21330]low5.1---
170443Vapor Bootstrap denial of service [CVE-2021-21328]low5.0---
170442mongo-java-driver certificate validation [CVE-2021-20328]medium4.3---
170441mongodb-client-encryption certificate validation [CVE-2021-20327]medium4.3---
170440QEMU vmxnet3 NIC Emulator integer overflow [CVE-2021-20203]medium5.2---
170439restify-paginate HTTP Host Header denial of service [CVE-2020-27543]low4.0---
170438tpm2-tss Initialization initialization [CVE-2020-24455]low4.3---
170437gopeak masterlab Upgrade.php server-side request forgerymedium6.5---
170436Microsoft Windows Extended Protection for Authentication improper authenticationmedium9.0---
170435Micro Focus Solutions Business Manager information disclosurelow2.7---
170434Micro Focus Solutions Business Manager session fixiation [CVE-2019-18946]medium5.2---
170433Micro Focus Solutions Business Manager access control [CVE-2019-18945]medium4.0---
170432Micro Focus Solutions Business Manager cross site scriting [CVE-2019-18944]low4.0---
170431Micro Focus Solutions Business Manager xml external entity referencelow2.7---
170430Micro Focus Solutions Business Manager cross site scripting [CVE-2019-18942]low4.0---
170429Trojan.Win32.Gofot.htx SkinH.dll buffer overflowmedium6.5---
170428Backdoor.Win32.Wollf.h Service Port 7614 wrm.exe improper authenticationmedium7.5---
170427Backdoor.Win32.Delf.adag FTP Server hard-coded credentialsmedium7.5---
170426Backdoor.Win32.Agent.xw HTTP GET Request null pointer dereferencelow5.0---
170425Backdoor.Win32.Agent.xs Recycler permissionmedium6.5---
170424Backdoor.Win32.DarkKomet.irv Windupdt permissionmedium6.5---
170423Trojan.Win32.Pincav.cmfl Windupdt permissionmedium6.5---
170422Trojan.Win32.Pluder.o z_Drivers permissionmedium6.5---
170421Trojan-Proxy.Win32.Daemonize.i Service Port 5823 memory corruptionmedium7.5---
170420Backdoor.Win32.Ketch.h Web Server buffer overflowmedium7.5---
170419Backdoor.Win32.Inject.tyq hotfix permissionmedium6.5---
170418Backdoor.Win32.Bionet.10 Service Port 12348 missing authenticationmedium7.5---
170417Backdoor.Win32.DarkKomet.apcc msdcsc.exe permissionmedium6.5---
170416Backdoor.Win32.DarkKomet.bhfh permissionmedium6.5---
170415Backdoor.Win32.Agent.aak HTTP Service Port 8080 buffer overflowmedium7.5---
170414Backdoor.Win32.Agent.aak HTTP Server cross-site request forgerylow5.0---
170413Backdoor.Win32.Agent.aak Web Service Port 8080 hard-coded credentialsmedium7.5---
170412Backdoor.Win32.Burbul.b Service Port 2121 missing authenticationmedium7.5---
170411Backdoor.Win32.Indexer.a Service Port 47885 denial of servicelow5.0---
170410Backdoor.Win32.Indexer.a Service Port 47885 hard-coded credentialsmedium7.5---
170409Backdoor.Win32.Bifrose.ahvb Temp permissionmedium6.5---
170408Backdoor.Win32.Azbreg.aant RECYCLER permissionmedium6.5---
170407Backdoor.Win32.Cabrotor.21 ROBADO permissionmedium6.5---
170406Trojan-Spy.Win32.WinSpy.wlt Service Port 443 dlink.exe permissionmedium6.5---
170405Backdoor.Win32.Cafeini.08.b Service Port 51966 improper authenticationmedium7.5---
170404Backdoor.Win32.Backlash.101 Service Port 11831 d3d8thk.exe improper authenticationmedium7.5---
170403Nagios XI Web System graphtemplates.php code injectionmedium5.8---
170402Adobe Bridge TTF File out-of-bounds write [CVE-2021-21066]medium7.5---
170401Adobe Bridge TTF File out-of-bounds write [CVE-2021-21065]medium7.5---
170400Magento UPWARD-php/UPWARD Connector YAML File path traversallow3.3---
170399openSUSE cyrus-sasl temp file [CVE-2020-8032]medium9.0---
170398Dropbear Filename scp.c unknown vulnerabilitylow4.9---
170397comrak Crate cross site scripting [CVE-2021-27671]low4.0---
170396Appspace jsonprequest server-side request forgerymedium5.2---
170395Cisco AnyConnect Secure Mobility Client Interprocess Communication denial of servicelow4.0---
170394Cisco Application Services Engine missing authentication [CVE-2021-1396]medium7.5---
170393Cisco Application Services Engine missing authentication [CVE-2021-1393]medium7.5---
170392Cisco ACI Multi-Site Orchestrator API Endpoint privileges managementmedium7.5---
170391Cisco NX-OS IPv6 memory leak [CVE-2021-1387]medium7.8---
170390Cisco FXOS/NX-OS UDLD out-of-bounds write [CVE-2021-1368]medium4.3---
170389Cisco NX-OS Protocol Independent Multicast denial of servicelow3.3---
170388Cisco NX-OS Service Port 9075 file access [CVE-2021-1361]medium7.5---
170387Cisco Nexus 9000 SFP Interface access control [CVE-2021-1231]medium4.8---
170386Cisco Nexus 9000 BGP UPDATE Message denial of service [CVE-2021-1230]medium7.8---
170385Cisco NX-OS ICMPv6 memory leak [CVE-2021-1229]low5.0---
170384Cisco Nexus 9000 ACI Mode access control [CVE-2021-1228]medium4.8---
170383Cisco NX-OS NX-API cross-site request forgery [CVE-2021-1227]low2.6---
170382LightCMS SensitiveWords cross site scriptinglow4.0---
170381GNU C Library nscd netgroupcache.c double freelow5.0---
170380Advantech BB-ESWGP506-2SFP-T hard-coded credentials [CVE-2021-22667]medium5.8---
170379OpenSLP Service Port 427 heap-based overflow [CVE-2021-21974]medium6.5---
170378VMware vCenter Server/Cloud Foundation vSphere Client server-side request forgerymedium5.2---
170377VMware vCenter Server/Cloud Foundation vSphere Client Remote Privilege Escalationmedium6.0---
170376Artifact Repository Parameter Plugin cross site scripting [CVE-2021-21622]low4.0---
170375Jenkins Support Core Plugin insertion of sensitive information into sent datalow3.3---
170374Claim Plugin cross-site request forgery [CVE-2021-21620]low4.0---
170373Claim Plugin Display Name cross site scripting [CVE-2021-21619]low4.0---
170372Repository Connector Plugin Permission cross site scripting [CVE-2021-21618]low4.0---
170371Configuration Slicing Plugin cross-site request forgery [CVE-2021-21617]low4.0---
170370Active Choices Plugin cross site scripting [CVE-2021-21616]low4.0---
170369Helpcom hard-coded key [CVE-2020-7846]low6.5---
170368Voiceye WSActiveBridgeES stack-based overflow [CVE-2020-7836]medium4.6---
170367IBM MQ Message denial of service [CVE-2020-4931]low4.0---
170366Openscad STL File import_stl.cc import_stl stack-based overflowmedium7.5---
170365Eclipse Theia Markdown cross site scripting [CVE-2020-27224]low4.0---
170364CoolKit eWeLink Quick Pairing Mode inadequate encryption [CVE-2020-12702]low1.5---
170363Apache XmlGraphics Commons XMPParser server-side request forgerymedium5.2---
170362Apache Batik NodePickerPanel server-side request forgery [CVE-2020-11987]medium5.2---
170361Contec SolarView Compact SV-CPT-MC310 improper authenticationmedium5.8---
170360Contec SolarView Compact SV-CPT-MC310 pathname traversal [CVE-2021-20661]medium5.2---
170359Contec SolarView Compact SV-CPT-MC310 cross site scripting [CVE-2021-20660]low4.0---
170358Contec SolarView Compact SV-CPT-MC310 PHP Script unrestricted uploadmedium4.9---
170357Contec SolarView Compact SV-CPT-MC310 Web Server os command injectionmedium5.2---
170356Contec SolarView Compact SV-CPT-MC310 access control [CVE-2021-20657]medium5.2---
170355Contec SolarView Compact SV-CPT-MC310 information disclosurelow2.3---
170354libcaca canvas.c caca_resize buffer overflowmedium4.3---
170353Artifex MuPDF memory corruption [CVE-2021-3407]medium5.2---
170352libEBML ReadData heap-based overflowmedium5.2---
170351Directus Password Reset information disclosure [CVE-2021-27583]low2.3---
170350Jasper jp2_dec.c jp2_decode null pointer dereferencelow2.3---
170349Aruba ClearPass Policy Manager Web-based Management Interface command injectionmedium9.0---
170348Aruba ClearPass Policy Manager Web-based Management Interface command injectionmedium9.0---
170347Aruba ClearPass Policy Manager OnGuard privileges managementmedium6.8---
170346Directus api-aa information disclosure [CVE-2021-26595]low2.3---
170345Directus PATCH Method privileges management [CVE-2021-26594]low4.9---
170344Directus API {id} information disclosurelow2.3---
170343UniFi Protect Controller denial of service [CVE-2021-22882]low2.3---
170342VMware Spring Security security check for standard [CVE-2021-22112]low4.7---
170341Brave Web Browser Proxy information disclosure [CVE-2021-21323]low5.0---
170340Red Hat Satellite BMC Interface information disclosure [CVE-2021-20256]low1.7---
170339Red Hat 3scale API Management Platform Backend resource consumptionlow2.3---
170338mbsync Mailbox Name Validator path traversal [CVE-2021-20247]low4.9---
170337Linux Kernel BPF __cgroup_bpf_run_filter_getsockopt heap-based overflowmedium3.5---
170336Openshift ose-docker-builder file access [CVE-2021-20182]low2.7---
170335Nextcloud Deck resource injection [CVE-2020-8297]medium4.9---
170334Aruba ClearPass Policy Manager OnGuard buffer overflow [CVE-2020-7120]medium4.3---
170333SoftMaker Office PlanMaker Document heap-based overflow [CVE-2020-28587]medium7.5---
170332Undertow AJP Connector denial of service [CVE-2020-27782]low2.3---
170331KACO New Energy XP100U information disclosure [CVE-2021-3252]low2.3---
170330MITREid Connect OpenID Connect Server OAuthConfirmationController.java improper authorizationmedium5.2---
170329Snow Inventory Agent Configuration privileges management [CVE-2021-27579]medium4.9---
170328Polaris Office PDF File PolarisOffice.exe divide by zerolow5.0---
170327Jasper jp2_decode out-of-bounds readlow4.9---
170326Aruba ClearPass Policy Manager Web-based Management Interface sql injectionmedium6.5---
170325Aruba ClearPass Policy Manager Web-based Management Interface sql injectionmedium6.5---
170324Aruba ClearPass Policy Manager Web-based Management Interface command injectionmedium9.0---
170323Aruba ClearPass Policy Manager Web-based Management Interface command injectionmedium9.0---
170322Aruba ClearPass Policy Manager cross site scripting [CVE-2021-26682]low4.0---
170321Aruba ClearPass Policy Manager command injection [CVE-2021-26681]medium9.0---
170320Aruba ClearPass Policy Manager Web-based Management Interface cross site scriptinglow5.0---
170319Collabora Online loolforkit privileges management [CVE-2021-25630]medium6.8---
170318Luxion KeyShot Extraction path traversal [CVE-2021-22651]medium5.2---
170317VMware Spring Cloud Netflix Zuul Sensitive Headers authorizationlow4.9---
170316stunnel certificate validation [CVE-2021-20230]medium5.8---
170315PostgreSQL Query authorization [CVE-2021-20229]low5.0---
170314Linux Kernel Object io_uring use after freemedium9.0---
170313Undertow HTTP Request 1.x request smugglingmedium5.2---
170312Openshift Installer Kublet missing authentication [CVE-2021-20198]medium7.5---
170311ipTIME NAS-I Bulletin Manage unrestricted upload [CVE-2020-7847]medium6.0---
170310IBM Planning Analytics information disclosure [CVE-2020-4953]low4.0---
170309theme-core utils.js command injection [CVE-2020-28432]medium7.5---
170308wc-cmd index.js command injectionmedium7.5---
170307nuance-gulp-build-common index.js command injectionmedium6.5---
170306geojson2kml index.js command injectionmedium7.5---
170305fastadmin cross site scripting [CVE-2020-26609]low4.0---
170304Advantech WebAccess/SCADA WADashboard external reference [CVE-2020-25161]medium6.5---
170303WECON LeviStudioU Project File buffer overflow [CVE-2020-16243]medium7.5---
170302Keycloak HTTP Header authentication bypass [CVE-2020-14359]medium5.2---
170301Rendertron Screenshot server-side request forgery [CVE-2020-8902]medium4.0---
170300NanoHTTPD HTTP GET RouterNanoHTTPD.java GeneralHandler cross site scriptinglow4.0---
170299netplex json-smart-v1/json-smart-v2 unusual condition [CVE-2021-27568]low4.9---
170298CIRA Canadian Shield App certificate validation [CVE-2021-27189]low2.6---
170297Nozomi Guardian/CMC Web GUI path traversal [CVE-2021-26725]medium5.8---
170296Nozomi Guardian/CMC Web GUI os command injection [CVE-2021-26724]medium5.8---
170295Atlassian JIRA Server for Slack Plugin Endpoint injection [CVE-2021-26068]medium6.0---
170294Keybase Desktop Client Cache information disclosure [CVE-2021-23827]low1.7---
170293Luxion KeyShot Project File null pointer dereference [CVE-2021-22649]low5.0---
170292Luxion KeyShot Project File out-of-bounds write [CVE-2021-22647]medium7.5---
170291Luxion KeyShot Network Share dll Remote Privilege Escalationmedium6.0---
170290Luxion KeyShot Project File out-of-bounds read [CVE-2021-22643]medium7.5---
170289Google Chrome Web Sockets use after free [CVE-2021-21157]medium7.5---
170288Google Chrome V8 heap-based overflow [CVE-2021-21156]medium7.5---
170287Google Chrome Tab Strip heap-based overflow [CVE-2021-21155]medium7.5---
170286Google Chrome Tab Strip heap-based overflow [CVE-2021-21154]medium7.5---
170285Google Chrome GPU Process stack-based overflow [CVE-2021-21153]medium7.5---
170284Google Chrome Media heap-based overflow [CVE-2021-21152]medium7.5---
170283Google Chrome Payments use after free [CVE-2021-21151]medium7.5---
170282Google Chrome HTML Page use after free [CVE-2021-21150]medium7.5---
170281Google Chrome Data Transfer buffer overflow [CVE-2021-21149]medium7.5---
170280Atlassian atlassian-gadgets HTTP Request MessageBundleWhiteList server-side request forgerylow4.9---
170279Gist Chatbot Chatbox cross site scripting [CVE-2020-35852]low5.0---
170278Atlassian JIRA Server/Data Center CachingResourceDownloadRewriteRule information disclosurelow5.0---
170277Atlassian Confluence Server/Confluence Data Center ConfluenceResourceDownloadRewriteRule information disclosurelow5.0---
170276libxls XLS Cell Parser xls2csv.c null pointer dereferencelow5.0---
170275ImageMagick quantum-private.h integer overflowmedium7.5---
170274FontForge SFD File Parser out-of-bounds write [CVE-2020-25690]medium7.5---
170273YITH WooCommerce Gift Cards Premium Plugin Shopping Cart php unrestricted uploadmedium7.5---
170272Appspace Network Tab cross site scripting [CVE-2021-27564]low4.0---
170271Monica Contact Page cross site scripting [CVE-2021-27559]low4.0---
170270Genymotion Desktop Clipboard information disclosure [CVE-2021-27549] [Disputed]low1.7---
170269Monica Contact Page cross site scripting [CVE-2021-27371]low4.0---
170268Monica Contact Page cross site scripting [CVE-2021-27370]low4.0---
170267Monica Contact Page cross site scripting [CVE-2021-27369]low4.0---
170266Monica Contact Page cross site scripting [CVE-2021-27368]low4.0---
170265MyBB MyCode cross site scripting [CVE-2021-27279]low4.0---
170264Shinobi auth.js names access controlmedium5.2---
170263Yz1 Filename buffer overflow [CVE-2020-24175]medium7.5---
170262Astrid Tasks VoiceCommandActivity permission [CVE-2020-22475]medium4.3---
170261webERP ManualContents.php file inclusionmedium4.9---
170260Inspur ClusterEngine Control Server command injection [CVE-2020-21224]medium6.5---
170259Automated Logic WebCTRL GET Request failuremessage.jsp cross site scriptinglow4.0---
170258Qualcomm Snapdragon Auto Hypervisor out-of-bounds read [CVE-2020-3664]low2.3---
170257Qualcomm Snapdragon Auto WLAN module denial of service [CVE-2020-11297]low2.3---
170256Qualcomm Snapdragon Auto NOA IE integer overflow [CVE-2020-11296]low4.9---
170255Qualcomm Snapdragon Auto RTT Frame information disclosure [CVE-2020-11287]low2.3---
170254Qualcomm Snapdragon Auto USB Control Transfer null pointer dereferencelow2.3---
170253Qualcomm Snapdragon Auto MKV Clip buffer overflow [CVE-2020-11283]medium7.5---
170252Qualcomm Snapdragon Auto kgsl Driver access control [CVE-2020-11282]medium5.2---
170251Qualcomm Snapdragon Auto RTT Frame information disclosure [CVE-2020-11281]low2.3---
170250Qualcomm Snapdragon Auto FTMR denial of service [CVE-2020-11280]low2.3---
170249Qualcomm Snapdragon Auto Host WMI Command denial of service [CVE-2020-11278]low2.3---
170248Qualcomm Snapdragon Compute RPC Message race condition [CVE-2020-11277]low4.9---
170247Qualcomm Snapdragon Auto P2P IE buffer overflow [CVE-2020-11276]medium5.2---
170246Qualcomm Snapdragon Auto Beacon Frame buffer overflow [CVE-2020-11275]medium5.2---
170245Qualcomm Snapdragon Auto Hash Table use after free [CVE-2020-11272]medium4.9---
170244Qualcomm Snapdragon Auto Global Control Element out-of-bounds readlow2.3---
170243Qualcomm Snapdragon Auto RTT Responder denial of service [CVE-2020-11270]low2.3---
170242Qualcomm Snapdragon Auto EAPOL Frame memory corruption [CVE-2020-11269]medium5.2---
170241Qualcomm Snapdragon Auto Video Driver buffer overflow [CVE-2020-11253]medium5.2---
170240Qualcomm Snapdragon Auto Camera Driver array index [CVE-2020-11223]medium4.9---
170239Qualcomm Snapdragon Auto Sub-System memory corruption [CVE-2020-11204]medium5.2---
170238Qualcomm Snapdragon Auto GSM/WCDMA stack-based overflow [CVE-2020-11203]medium5.2---
170237Qualcomm Snapdragon Auto TZ information disclosure [CVE-2020-11198]low2.2---
170236Qualcomm Snapdragon Auto out-of-bounds write [CVE-2020-11195]medium5.2---
170235Qualcomm Snapdragon Auto out-of-bounds read [CVE-2020-11194]low2.3---
170234Qualcomm Snapdragon Auto BSI Module memory corruption [CVE-2020-11187]medium5.2---
170233Qualcomm Snapdragon Auto SPC unknown vulnerability [CVE-2020-11177]low4.9---
170232Qualcomm Snapdragon Auto Music Playback out-of-bounds read [CVE-2020-11170]low2.3---
170231Qualcomm Snapdragon Auto IKEv2 Parameter Update buffer overflowmedium5.2---
170230Qualcomm Snapdragon Compute Audio Module use after free [CVE-2020-11147]medium4.9---
170229Netshield NANO 25 C Library manual_ping.cgi os command injectionmedium5.2---
170228URI.js Backslash path traversal [CVE-2021-27516]low2.3---
170227url-parse Backslash path traversal [CVE-2021-27515]low2.3---
170226EyesOfNetwork improper authentication [CVE-2021-27514]medium7.5---
170225EyesOfNetwork admin_ITSM xml.php unrestricted uploadmedium6.5---
170224Smarty Function code injection [CVE-2021-26120]medium5.2---
170223Smarty Sandbox Mode $smarty.template_object sandboxmedium5.2---
170222Botan unknown vulnerability [CVE-2021-24115]low4.9---
170221Django ASGI channels.http.AsgiHandler information disclosuremedium6.0---
170220Acronis Cyber Protect Console cross site scripting [CVE-2020-35664]low4.0---
170219MantisBT Custom Field manage_custom_field_update.php helper_ensure_confirmed unknown vulnerabilitymedium4.0---
170218Acronis Cyber Protect Notification Service unknown vulnerabilitylow2.3---
170217OpenEnergyMonitor EmonCMS schedule.php cross site scriptinglow4.0---
170216Digium Asterisk WebRTC Client res_rtp_asterisk.c stack-based overflowmedium4.0---
170215BloodHound GenericAll.jsx command injectionmedium7.5---
170214Webware WebDesktop server-side request forgery [CVE-2021-3204]low2.7---
170213slashify Package Localhost redirect [CVE-2021-3189]medium4.9---
170212Visualware MyConnection Server Reports access control [CVE-2021-27509]medium5.2---
170211Telegram App Terminate Session session expiration [CVE-2021-27351]medium6.5---
170210Yeastar NeoGate TG400 pathname traversal [CVE-2021-27328]low2.7---
170209Zoho ManageEngine ADSelfService Plus Administrative Interface server-side request forgerymedium7.5---
170208Sangoma Asterisk WebRTC Client res_rtp_asterisk.c stack-based overflowmedium5.2---
170207Livy Server Session Name cross site scripting [CVE-2021-26544]low4.0---
170206docsify cross site scripting [CVE-2021-23342]low5.0---
170205Schneider Electric PowerLogic PM800 Network Traffic cleartext transmissionlow2.6---
170204Schneider Electric PowerLogic PM800 Network Traffic cleartext transmissionlow2.6---
170203Schneider Electric PowerLogic PM800 HTTP Web Interface cross-site request forgerylow4.0---
170202Dell EMC PowerProtect Cyber Recovery information disclosure [CVE-2021-21512]low1.4---
170201Mitsubishi FA Engineering Software buffer overflow [CVE-2021-20588]medium7.5---
170200Mitsubishi FA Engineering Software buffer overflow [CVE-2021-20587]medium7.5---
170199Johnson Controls Metasys Reporting Engine Web Services path traversalmedium7.5---
170198Linux Kernel Socket Connection sco.c sco_sock_getsockopt null pointer dereferencelow5.0---
170197png-img PNG File InitStorage_ integer overflowmedium4.9---
170196SmartStoreNET create cross-site request forgerylow4.0---
170195Mailtrain campaigns.js sql injection [CVE-2020-24617]medium6.5---
170194TweetStream Library Eventmachine certificate validation [CVE-2020-24393]low2.6---
170193voloko twitter-stream certificate validation [CVE-2020-24392]low2.6---
170192Sytech XL Reporter access control [CVE-2020-13549]medium4.3---
170191Alfresco Enterprise Content Management FreeMarker Template injectionmedium6.5---
170190Jinjava information disclosure [CVE-2020-12668]low4.9---
170189Intel Server Boards/Server Systems/Compute Modules BMC Firmware buffer overflowmedium6.8---
170188ModernFlow Search Screen/Profile Screen improper authenticationlow4.9---
170187Apache MyFaces Core cross-site request forgery [CVE-2021-26296]low4.0---
170186ownCloud Server Request information disclosure [CVE-2020-36252]low4.0---
170185ownCloud Server Share denial of service [CVE-2020-36251]low4.0---
170184ownCloud App Lock Protection time protection mechanismmedium4.6---
170183ownCloud Server File Type information disclosure [CVE-2020-36249]low2.6---
170182ownCloud App Backup Archive information disclosure [CVE-2020-36248]low1.0---
170181Open OnDemand cross-site request forgery [CVE-2020-36247]low4.0---
170180tribe29 Checkmk local Local Privilege Escalationmedium6.8---
170179ownCloud Preview improper authentication [CVE-2020-10254]medium5.8---
170178ownCloud external server-side request forgerymedium6.5---
170177progfay scrapbox-parser Regular Expression denial of servicelow2.3---
170176Askey RTF8115VW HTTP Header injection [CVE-2021-27404]medium4.9---
170175Askey RTF8115VW te_acceso_router.cgi cross site scriptinglow4.0---
170174Chamilo agenda_list.php cross site scriptinglow4.0---
170173Amaze File Manager symlink [CVE-2020-36246]medium7.7---
170172OpenRepeater ajax_system.php os command injectionmedium5.8---
170171PressBooks cross site scripting [CVE-2021-3271]low4.0---
170170Digium Asterisk SDP Negotiation res_pjsip_session.c denial of servicelow3.5---
170169Netis WF2780/WF2411 Ping Command os command injection [CVE-2021-26747]medium6.5---
170168Sangoma Asterisk T.38 Negotiaton denial of service [CVE-2021-26717]low3.5---
170167Sangoma Asterisk SRTP Packet res_srtp.c access controlmedium7.5---
170166Atlassian Bitbucket Server/Data Center Installer access controlmedium4.3---
170165Sangoma Asterisk SIP 181 Response res_pjsip_diversion.c buffer overflowmedium4.0---
170164Pi-hole Options Header cross site scripting [CVE-2020-35592]low4.0---
170163Pi-Hole Session Cookie session fixiation [CVE-2020-35591]medium7.5---
170162FinalWire AIDA64 Engineer SEH buffer overflow [CVE-2020-19513]medium5.2---
170161Xen IOMMU Update memory corruption [CVE-2021-27379]medium5.2---
170160KollectApps deserialization [CVE-2021-27335]medium6.0---
170159Friendica parse_url server-side request forgerymedium5.2---
170158Opencast authorization [CVE-2021-21318]medium5.5---
170157GE Digital HMI-SCADA iFIX Registry access control [CVE-2019-18243]medium4.3---
170156prismjs prism-asciidoc/prism-rest/prism-tap/prism-eiffel resource consumptionlow5.0---
170155Pimcore CustomReportController.php downloadCsvAction file inclusionmedium4.3---
170154IBM Maximo for Civil Infrastructure Web UI cross site scriptinglow4.0---
170153IBM Maximo for Civil Infrastructure information disclosure [CVE-2021-20445]low4.0---
170152IBM Maximo for Civil Infrastructure Web UI cross site scriptinglow5.0---
170151IBM Maximo for Civil Infrastructure Library unknown vulnerabilitymedium6.5---
170150IBM WebSphere Application Server path traversal [CVE-2021-20354]low2.6---
170149IBM Jazz Reporting Service Web UI cross site scripting [CVE-2020-4933]low4.0---
170148Endalia Selection Portal Identification Number resource injectionmedium4.6---
170147DJI Mavic 2 Firmware Upgrade dji_sys command injectionlow4.3---
170146merge Package Prototype _recursiveMerge code injectionmedium7.5---
170145three Package Color denial of service [CVE-2020-28496]low5.0---
170144FasterXML jackson-dataformat-cbor memory corruption [CVE-2020-28491]medium5.0---
170143async-git command injection [CVE-2020-28490]medium7.5---
170142ReportLab server-side request forgery [CVE-2020-28463]medium4.0---
170141GE Digital HMI-SCADA iFIX Section Object access control [CVE-2019-18255]medium4.3---
170140rand_core Crate read_u64_into entropylow1.4---
170139yottadb Crate ydb_subscript_prev_st use after freemedium4.9---
170138nb-connect Crate SocketAddrV6 memory corruptionmedium5.2---
170137Traefik IFRAME origin validation [CVE-2021-27375]medium5.8---
170136Doctor Appointment System search_result.php sql injectionmedium4.0---
170135OpenNMS Meridian/Horizon/Newts Access Control access controlmedium6.5---
170134VertiGIS WebOffice access control [CVE-2021-27374]medium5.2---
170133Bolt FileEditController.php pathname traversalmedium5.2---
170132Das U-Boot Boot Loader Local Privilege Escalation [CVE-2021-27138]low4.3---
170131Das U-Boot Boot Loader Local Privilege Escalation [CVE-2021-27097]low4.3---
170130Canary Mail IMAP MCIMAPSession.cpp certificate validationmedium5.1---
170129avashi avahi-daemon-check-dns.sh symlinkmedium6.5---
170128Tesla SolarCity Solar Monitoring Gateway Digi ConnectPort X2e hard-coded credentialsmedium8.3---
170127ISC BIND GSS-TSIG denial of service [CVE-2020-8625]medium7.6---
170126GramAddict UIAutomator2/ATX-Agent code injection [CVE-2020-36245]medium5.2---
170125Agora Video SDK Network Traffic missing encryption [CVE-2020-25605]low2.6---
170124Advantech WebAccess/SCADA COM Server access control [CVE-2020-13555]medium9.0---
170123Advantech WebAccess/SCADA Loaded Module access control [CVE-2020-13553]medium9.0---
170122Advantech WebAccess/SCADA Services access control [CVE-2020-13552]medium9.0---
170121Advantech WebAccess/SCADA access control [CVE-2020-13551]medium9.0---
170120Advantech WebAccess/SCADA HTTP Request information disclosurelow2.7---
170119Digi ConnectPort X2e Python S50dropbear.sh symlinkmedium9.0---
170118WPG Plugin memory corruption [CVE-2021-27362]medium7.5---
170117WPG Plugin memory corruption [CVE-2021-27224]medium7.5---
170116PHPGurukul Car Rental Project changeimage1.php unrestricted uploadmedium6.0---
170115Apache Airflow Lineage Endpoint improper authentication [CVE-2021-26697]medium5.8---
170114Apache Airflow Configurations Endpoint airflow.cfg access controlmedium5.2---
170113Baby Care System posts.php unrestricted uploadmedium6.0---
170112Baby Care System contentsectionpage.php sql injectionmedium6.5---
170111Feiteng HR Portal deserialization [CVE-2021-22855]medium7.5---
170110Feiteng HR Portal sql injection [CVE-2021-22854]medium5.0---
170109Feiteng HR Portal access control [CVE-2021-22853]medium6.5---
170108Wireshark USB HID Dissector denial of service [CVE-2021-22174]low2.6---
170107Wireshark USB HID Dissector denial of service [CVE-2021-22173]low2.6---
170106Cisco Identity Services Engine Admin Portal privileges assignmentmedium6.5---
170105Cisco Identity Services Engine privileges assignment [CVE-2021-1412]low4.0---
170104Cisco StarOS SSH Service resource consumption [CVE-2021-1378]low5.0---
170103Cisco Webex Meetings Desktop App information disclosure [CVE-2021-1372]low1.7---
170102Cisco AnyConnect Secure Mobility Client Interprocess Communication uncontrolled search pathmedium9.0---
170101Cisco Webex Meetings Web-based Interface cross site scritinglow5.0---
170100Intel SOC Driver Package for STK1A32SC permission [CVE-2021-0109]medium4.3---
170099Intel RealSense DCM permission [CVE-2020-8765]medium4.3---
170098Intel SSD Toolbox permission [CVE-2020-8701]medium4.3---
170097Intel Graphics Drivers access control [CVE-2020-8678]medium4.3---
170096uPrism.io CURIX URL input validation [CVE-2020-7849]medium6.5---
170095EFM ipTIME C200 IP Camera GET Request os command injection [CVE-2020-7848]medium5.2---
170094Online Book Store detail.php sql injectionmedium4.0---
170093Seat-Reservation-System index.php sql injectionmedium4.0---
17009274cms ConfigController.class.php permissionmedium6.5---
170091Intel 700-Series of Ethernet Controller denial of service [CVE-2020-24505]low1.7---
170090Intel Ethernet E810 Adapter Driver resource consumption [CVE-2020-24504]low1.7---
170089Intel Ethernet E810 Adapter Driver information disclosure [CVE-2020-24503]low1.7---
170088Intel Ethernet E810 Adapter Driver denial of service [CVE-2020-24502]low1.7---
170087Intel E810 Ethernet Controller <=1.4.1.12 denial of service [CVE-2020-24501]low3.3---
170086Intel E810 Ethernet Controller buffer overflow [CVE-2020-24500]low1.7---
170085Intel E810 Ethernet Controller buffer overflow [CVE-2020-24498]low1.7---
170084Intel E810 Ethernet Controller denial of service [CVE-2020-24497]low1.7---
170083Intel 722 Ethernet Controller denial of service [CVE-2020-24496]low1.7---
170082Intel 700-Series of Ethernet Controller denial of service [CVE-2020-24495]low1.7---
170081Intel 722 Ethernet Controller denial of service [CVE-2020-24494]low1.7---
170080Intel 700-Series of Ethernet Controller denial of service [CVE-2020-24493]low1.7---
170079Intel 722 Ethernet Controller denial of service [CVE-2020-24492]low1.7---
170078Intel CPU Debug Message information disclosure [CVE-2020-24491]low1.7---
170077Intel Trace Analyzer and Collector uncontrolled search path [CVE-2020-24485]medium4.3---
170076Intel 7360 Cell Modem denial of service [CVE-2020-24482]low5.0---
170075Intel Quartus Prime Pro/Quartus Prime Standard Edition permissionmedium4.3---
170074Intel XTU out-of-bounds write [CVE-2020-24480]medium4.3---
170073Intel Graphics Driver out-of-bounds write [CVE-2020-24462]medium4.3---
170072Intel PROSet/Wireless WiFi Cleanup denial of service [CVE-2020-24458]low4.1---
170071Intel EPID SDK input validation [CVE-2020-24453]medium4.3---
170070Intel SGX Platform Software denial of service [CVE-2020-24452]low1.7---
170069Intel Optane DC Persistent Memory Installer uncontrolled search pathmedium4.3---
170068Intel Graphics Drivers unusual condition [CVE-2020-24450]low4.3---
170067Intel Graphics Drivers Exception denial of service [CVE-2020-24448]low1.7---
170066Intel Graphics Drivers out-of-bounds write [CVE-2020-12386]low1.7---
170065Intel Graphics Drivers input validation [CVE-2020-12385]medium4.3---
170064Intel Graphics Drivers access control [CVE-2020-12384]medium4.3---
170063Intel Server Boards/Server Systems/Compute Modules BMC Firmware out-of-bounds readlow4.3---
170062Intel Server Boards/Server Systems/Compute Modules BMC Firmware input validationmedium4.3---
170061Intel Server Boards/Server Systems/Compute Modules BMC Firmware hard-coded keylow1.7---
170060Intel Server Boards/Server Systems/Compute Modules heap-based overflowmedium4.3---
170059Intel Server Boards/Server Systems/Compute Modules BMC Firmware buffer overflowmedium4.3---
170058Intel Graphics Drivers denial of service [CVE-2020-12372]low1.7---
170057Intel Graphics Drivers divide by zero [CVE-2020-12371]low1.7---
170056Intel Graphics Drivers denial of service [CVE-2020-12370]low1.7---
170055Intel Graphics Drivers out-of-bounds write [CVE-2020-12369]medium4.3---
170054Intel Graphics Drivers integer overflow [CVE-2020-12368]medium4.3---
170053Intel Graphics Drivers integer overflow [CVE-2020-12367]medium4.3---
170052Intel Graphics Drivers input validation [CVE-2020-12366]medium4.3---
170051Intel Graphics Drivers denial of service [CVE-2020-12365]low1.7---
170050Intel Graphics Drivers null pointer dereference [CVE-2020-12364]low1.7---
170049Intel Graphics Drivers denial of service [CVE-2020-12363]low1.7---
170048Intel Graphics Drivers integer overflow [CVE-2020-12362]medium4.3---
170047Intel Graphics Drivers use after free [CVE-2020-12361]low1.7---
170046Intel Collaboration Suite for WebRTC API control flow [CVE-2020-12339]medium6.5---
170045Intel Graphics Drivers Kernel Mode Driver control flow [CVE-2020-0544]medium4.3---
170044Intel Ethernet I210 Controller denial of service [CVE-2020-0525]low1.7---
170043Intel Ethernet I210 Controller denial of service [CVE-2020-0524]low1.7---
170042Intel Ethernet I210 Controller denial of service [CVE-2020-0523]low1.7---
170041Intel Ethernet I210 Controller denial of service [CVE-2020-0522]low1.7---
170040Intel Graphics Drivers Control Flow Management control flow [CVE-2020-0521]medium4.3---
170039Intel HD Graphics Control Panel access control [CVE-2020-0518]medium4.3---
170038CGE property management system Account Management improper authenticationmedium6.5---
170037CGE property management system pathname traversal [CVE-2021-22857]medium5.0---
170036CGE property management system Cookie sql injection [CVE-2021-22856]medium5.0---
170035Jetty git Operation resource consumption [CVE-2021-22553]low5.0---
170034McAfee Web Gateway User Interface privileges management [CVE-2021-23885]medium6.5---
170033akka-http-core Transfer-Encoding request smuggling [CVE-2021-23339]low5.1---
170032Accellion FTA Admin Endpoint os command injection [CVE-2021-27104]medium5.2---
170031Accellion FTA POST Request wmProgressstat.html server-side request forgerymedium5.2---
170030Accellion FTA Web Service os command injection [CVE-2021-27102]medium4.3---
170029Accellion FTA Host Header document_root.html sql injectionmedium6.5---
170028Xen Backend drm_xen_front allocation of resourceslow4.9---
170027Xen Cache memory corruption [CVE-2021-26933]medium5.2---
170026Xen Batch Hypercall unknown vulnerability [CVE-2021-26932]low4.9---
170025Xen SCSI Backend blkback.c allocation of resourceslow5.2---
170024Xen PV Backend blkback.c state issuemedium4.0---
170023Soliton FileZen os command injection [CVE-2021-20655]medium5.8---
170022NEC Calsos CSDJ/Calsos CSDJ-D/Calsos CSDJ-A access control [CVE-2021-20653]medium6.5---
170021QNAP Photo Station cross site scripting [CVE-2020-2502]low4.0---
170020QNAP NAS Surveillance Station stack-based overflow [CVE-2020-2501]medium5.2---
170019BlackCat CMS ajax_save.php cross site scriptinglow3.3---
170018Dekart Private Disk Type3 null pointer dereference [CVE-2021-27203]low2.3---
170017Racom MIDGE configd access control [CVE-2021-20075]medium5.2---
170016Racom MIDGE Command Line Interface os command injection [CVE-2021-20074]medium5.2---
170015Racom MIDGE cross-site request forgery [CVE-2021-20073]low4.0---
170014Racom MIDGE path traversal [CVE-2021-20072]medium5.2---
170013Racom MIDGE sms.php cross site scriptinglow4.0---
170012Racom MIDGE virtualization.php cross site scriptinglow4.0---
170011Racom MIDGE regionalSettings.php cross site scriptinglow4.0---
170010Racom MIDGE Error cross site scripting [CVE-2021-20068]low4.0---
170009Racom MIDGE information disclosure [CVE-2021-20067]low3.3---
170008JSDom unknown vulnerability [CVE-2021-20066]low3.5---
170007OPC Foundation OPC UA .NET Standard certificate validation [CVE-2020-29457]medium7.5---
170006DualShield Login Form information exposure [CVE-2020-28918]low5.0---
170005Zscaler Client Connector RPC privileges management [CVE-2020-11635]low4.3---
170004Pelco Digital Sentry Server ActiveX Control RTSPLive555.dll SetCameraConnectionParameter buffer overflowmedium7.5---
170003Testes de Codigo Administrative Interface access control [CVE-2021-25648]medium5.2---
170002OpenSSL EVP_DecryptUpdate return valuemedium5.0---
170001OpenSSL EVP_DecryptUpdate return valuemedium5.0---
170000OpenSSL RSA Signature inadequate encryption [CVE-2021-23839]low2.6---
169999uap-core Regular Expression resource consumption [CVE-2021-21317]low5.0---
169998less-openui5 Theming Resource File injection [CVE-2021-21316]low1.7---
169997System Information Library si.processLoad os command injectionmedium4.3---
169996Hilscher EtherNet-IP Core Ethernet stack-based overflowmedium7.8---
169995Hilscher PROFINET IO Device stack-based overflow [CVE-2021-20986]medium4.1---
169994MB connect line mymbCONNECT24/mbCONNECT24 information disclosurelow5.0---
169993MB connect line mymbCONNECT24/mbCONNECT24 Login Page cross site scriptinglow5.0---
169992MB connect line mymbCONNECT24/mbCONNECT24 information disclosurelow2.7---
169991MB connect line mymbCONNECT24/mbCONNECT24 hard-coded credentialsmedium5.8---
169990MB connect line mymbCONNECT24/mbCONNECT24 JSON File file inclusionlow2.7---
169989MB connect line mymbCONNECT24/mbCONNECT24 Login excessive authenticationlow2.6---
169988MB connect line mymbCONNECT24/mbCONNECT24 injection [CVE-2020-35564]low4.0---
169987MB connect line mymbCONNECT24/mbCONNECT24 cross site scriptinglow4.0---
169986MB connect line mymbCONNECT24/mbCONNECT24 HA Module server-side request forgerymedium5.8---
169985MB connect line mymbCONNECT24/mbCONNECT24 redirect.phpmedium5.4---
169984MB connect line mymbCONNECT24/mbCONNECT24 resource consumptionlow2.3---
169983MB connect line mymbCONNECT24/mbCONNECT24 MySQL Access Check server-side request forgerymedium5.2---
169982MB connect line mymbCONNECT24/mbCONNECT24 access control [CVE-2020-35557]medium5.2---
169981Secomea SiteManager cross site scripting [CVE-2020-29027]low4.0---
169980Secomea SiteManager-Embedded URL cross site scripting [CVE-2020-29025]low5.0---
169979Secomea GateManager missing secure attribute [CVE-2020-29024]medium5.1---
169978Secomea GateManager CSV Report Generator csv injection [CVE-2020-29023]low5.8---
169977Secomea GateManager Host Header request smuggling [CVE-2020-29022]low5.0---
169976NFStream Module denial of service [CVE-2020-25340]low1.5---
169975PNPSCADA browse.jsp sql injectionmedium6.5---
169974Apple macOS Sudo out-of-bounds write [CVE-2021-3156]low4.3---
169973Apple macOS Intel Graphics Driver race condition [CVE-2021-1806]medium6.8---
169972Apple macOS Intel Graphics Driver out-of-bounds write [CVE-2021-1805]medium6.8---
169971ActivePresenter memory corruption [CVE-2021-3375]medium5.2---
169970E-Learning System sql injection [CVE-2021-3239]medium7.5---
169969Mutare Voice getfile.asp file inclusionmedium6.8---
169968Mutare Voice Admin Portal diagzip.asp information disclosurelow2.3---
169967Mutare Voice Adminlog.asp sql injectionmedium6.5---
169966Mutare Voice Settings.asp missing encryptionlow2.3---
169965Hestia Control Panel Domain Name Remote Privilege Escalationmedium6.0---
169964Mumble Open Webpage Text link following [CVE-2021-27229]medium6.0---
169963GNOME GLib g_bytes_new memory corruptionmedium5.2---
169962GNOME GLib g_byte_array_new_take buffer overflowmedium5.2---
<
IDTitleVulDBCVSSSecuniaXForceNessus
169961steghide information disclosure [CVE-2021-27211]low2.3---
169960Endian Firewall Community os command injection [CVE-2021-27201]medium6.5---
169959Teachers Record Management System POST Parameter search-teacher.php sql injectionmedium7.5---
169958CASAP Automated Enrollment System Login Panel improper authenticationmedium5.8---
169957Library System sql injection [CVE-2021-26200]medium5.8---
169956Nagios XI sshterm.php cross site scriptinglow4.0---
169955Nagios XI HTTP Request cloud-vm.inc.php os command injectionmedium5.2---
169954Nagios XI HTTP Request switch.inc.php os command injectionmedium5.2---
169953Nagios XI HTTP Request windowswmi.inc.php os command injectionmedium5.2---
169952qlib CLI behavioral workflow [CVE-2021-23338]medium4.3---
169951lodash Template command injection [CVE-2021-23337]medium5.8---
169950cpython urllib.parse.parse_qs request smugglingmedium7.5---
169949Dell EMC Avamar Server Web UI improper authorization [CVE-2021-21511]medium6.5---
169948IBM Spectrum Protect Operations Center RPC denial of servicelow1.4---
169947IBM Spectrum Protect Operations Center Servlet Request unrestricted uploadmedium6.5---
169946IBM Spectrum Protect Operations Center Session improper authenticationmedium5.1---
169945CITSmart ldap injection [CVE-2020-35775]medium4.9---
169944Batflat User Tab Sruu.pl code injectionmedium5.8---
169943D-Bus Policy Rules use after free [CVE-2020-35512]medium4.0---
169942OpenEMR non_reported.php sql injectionmedium6.5---
169941OpenEMR usergroup_admin.php sql injectionmedium6.5---
169940OpenEMR immunization_report.php sql injectionmedium6.5---
169939OpenEMR patient_select.php sql injectionmedium6.5---
169938Secomea GateManager Web UI insufficient permissions or privilegeslow5.5---
169937Secomea GateManager File Upload path traversal [CVE-2020-29026]medium5.8---
169936Microweber Unzip Module pathname traversal [CVE-2020-28337]medium6.5---
169935Nagios XI Webapp Query command injection [CVE-2020-24899]medium6.5---
169934Nagios XI Request command injection [CVE-2020-22427]medium6.5---
169933Centreon sql injection [CVE-2020-22425]medium6.5---
169932lodash Regular Expression denial of service [CVE-2020-28500]low5.0---
169931PHP URL Validation filter_var input validationlow5.0---
169930Atlassian JIRA Server/Data Center Custom Field information disclosurelow5.0---
169929Atlassian JIRA Server/Data Center Endpoint ViewWorkflowSchemes.jspa cross site scriptinglow4.0---
169928Atlassian JIRA Server/Data Center Custom Field information disclosurelow5.0---
169927Atlassian JIRA Server/Data Center Screens Modal View cross site scriptinglow4.0---
169926Atlassian JIRA Server/Data Center Plugin Report Page information disclosurelow3.5---
169925pystemon YAML Deserialization config.py safe_load deserializationmedium4.9---
169924OpenLDAP slapd schema_init.c issuerAndThisUpdateCheck denial of servicelow2.3---
169923Horde Groupware Webmail Edition Text Filter Library Text2html.php preProcess cross site scriptinglow4.0---
169922LimeSurvey Participant Model sql injection [CVE-2019-25019]medium6.5---
169921TP-LINK Archer C5v information disclosure [CVE-2021-27210]low4.0---
169920TP-LINK Archer C5v missing encryption [CVE-2021-27209]low2.6---
169919NeDi System Files System-Files.php injectionmedium5.2---
169918NeDi Nodes Traffic Nodes-Traffic.php os command injectionmedium5.2---
169917NeDi Monitoring History Monitoring-History.php sql injectionmedium6.5---
169916F5 BIG-IP APM VPN Traffic memory allocation [CVE-2021-22985]low2.3---
169915F5 BIG-IP ASM/Advanced WAF Client Request redirect [CVE-2021-22984]low2.9---
169914F5 BIG-IP AFM Configuration Utility cross site scripting [CVE-2021-22983]low4.0---
169913F5 BIG-IP DNS/BIG-IP GTM big3d buffer overflow [CVE-2021-22982]medium5.2---
169912F5 BIG-IP TLS Protocol certificate validation [CVE-2021-22981]low2.6---
169911F5 BIG-IP APM Client Troubleshooting Utility Edge Client untrusted search pathmedium7.5---
169910F5 BIG-IP Configuration utility cross site scripting [CVE-2021-22979]low4.0---
169909F5 BIG-IP iControl REST Endpoint cross site scripting [CVE-2021-22978]low4.0---
169908F5 BIG-IP TMM denial of service [CVE-2021-22977]low2.3---
169907F5 BIG-IP ASM/Advanced WAF Websocket resource consumption [CVE-2021-22976]low2.3---
169906F5 BIG-IP Traffic Management Microkernel denial of service [CVE-2021-22975]low2.7---
169905F5 BIG-IP/BIG-IQ iControl REST race condition [CVE-2021-22974]low4.9---
169904F5 BIG-IP JSON Parser out-of-bounds read [CVE-2021-22973]low2.3---
169903Micro Focus Operations Bridge Manager Remote Privilege Escalationmedium6.0---
169902IBM Security Verify Information Queue hard-coded credentialsmedium5.0---
169901IBM Security Verify Information Queue Session Identifier resource transfermedium7.5---
169900IBM Security Verify Information Queue cleartext storage [CVE-2021-20410]low2.1---
169899IBM Security Verify Information Queue HSTS information disclosurelow2.6---
169898IBM Security Verify Information Queue Cryptographic Key cleartext storagelow4.0---
169897IBM Security Verify Information Queue Source Code cleartext storagelow5.0---
169896IBM Security Verify Information Queue risky encryption [CVE-2021-20406]low2.6---
169895Apache Thrift Short Message denial of service [CVE-2020-13949]low2.3---
169894OpenZFS NFS Share access control [CVE-2013-20001]medium4.0---
169893Pelco Digital Sentry Server DSUtility.dll AppendToTextFile origin validationmedium6.0---
169892Telegram information disclosure [CVE-2021-27205]low4.0---
169891Telegram Passcode credentials storage [CVE-2021-27204]low4.0---
169890Sovremennye Delovye Tekhnologii FX Aggregator Terminal Client denial of servicelow3.3---
169889Sovremennye Delovye Tekhnologii FX Aggregator Terminal Client login.sav credentials storagelow4.0---
169888Elecom File Manager pathname traversal [CVE-2021-20651]medium6.5---
169887Elecom NCC-EWF100RMWH2 cross-site request forgery [CVE-2021-20650]low4.0---
169886Elecom WRC-300FEBK-S certificate validation [CVE-2021-20649]medium5.1---
169885Elecom WRC-300FEBK-S os command injection [CVE-2021-20648]medium4.7---
169884Elecom WRC-300FEBK-S cross-site request forgery [CVE-2021-20647]low4.0---
169883Elecom WRC-300FEBK-A cross-site request forgery [CVE-2021-20646]low4.0---
169882Elecom WRC-300FEBK-A cross site scripting [CVE-2021-20645]low4.0---
169881Elecom WRC-1467GHBK-A Web Setup Page cross site scripting [CVE-2021-20644]low4.0---
169880Elecom LD-PS-U1 access control [CVE-2021-20643]medium6.5---
169879Logitec LAN-W300N-RS URL denial of service [CVE-2021-20642]low3.5---
169878Logitec LAN-W300N-RS cross-site request forgery [CVE-2021-20641]low4.0---
169877Logitec LAN-W300N-PGRB buffer overflow [CVE-2021-20640]medium4.7---
169876Logitec LAN-W300N-PGRB os command injection [CVE-2021-20639]medium4.7---
169875Logitec LAN-W300N-PGRB os command injection [CVE-2021-20638]medium4.7---
169874Logitec LAN-W300N-PR5B URL denial of service [CVE-2021-20637]low3.5---
169873Logitec LAN-W300N-PR5B cross-site request forgery [CVE-2021-20636]low4.0---
169872Logitec LAN-WH450N-GR information disclosure [CVE-2021-20635]low1.7---
169871Joe Schofield get-ip-range package resource consumption [CVE-2021-27191]low3.5---
169870PEEL Shopping Cart change_params.php cross site scriptinglow4.0---
169869Pelco Digital Sentry Server XML External Entity out-of-bounds readlow2.3---
169868Teradici PCoIP Soft Client null pointer dereference [CVE-2021-25690]low2.3---
169867Teradici PCoIP Soft Client out-of-bounds write [CVE-2021-25689]medium6.5---
169866Teradici PCoIP Agent log file [CVE-2021-25688]low2.7---
169865Action Pack Host Authorization Middleware redirect [CVE-2021-22881]low4.9---
169864ActiveRecord PostgreSQL Adapter resource consumption [CVE-2021-22880]low2.3---
169863Advantech iView sql injection [CVE-2021-22658]medium5.2---
169862Advantech iView pathname traversal [CVE-2021-22656]low2.7---
169861Advantech iView sql injection [CVE-2021-22654]medium6.5---
169860Advantech iView Configuration missing authentication [CVE-2021-22652]medium5.8---
169859VMware vSphere Replication command injection [CVE-2021-21976]medium6.5---
169858Adminer adminer.php server-side request forgerymedium7.5---
169857next-auth Prisma Database Adapter authentication spoofing [CVE-2021-21310]low2.6---
169856Lucee Server Admin authorization [CVE-2021-21307]low5.0---
169855Wire Video Capture information disclosure [CVE-2021-21301]low2.1---
169854hyper Crate Transfer-Encoding request smuggling [CVE-2021-21299]medium5.1---
169853Adobe Acrobat Reader PDF File memory corruption [CVE-2021-21063]medium7.5---
169852Adobe Acrobat Reader PDF File memory corruption [CVE-2021-21062]medium7.5---
169851Adobe Acrobat PDF File use after free [CVE-2021-21061]low5.0---
169850Adobe Acrobat information disclosure [CVE-2021-21060]low5.0---
169849Adobe Acrobat Reader PDF File memory corruption [CVE-2021-21059]medium7.5---
169848Adobe Acrobat Reader PDF File memory corruption [CVE-2021-21058]medium7.5---
169847Adobe Acrobat Reader PDF File null pointer dereference [CVE-2021-21057]low5.0---
169846Adobe Dreamweaver untrusted search path [CVE-2021-21055]medium4.3---
169845Adobe Illustrator out-of-bounds write [CVE-2021-21054]medium7.5---
169844Adobe Illustrator out-of-bounds write [CVE-2021-21053]medium7.5---
169843Adobe Animate out-of-bounds write [CVE-2021-21052]medium7.5---
169842Adobe Photoshop Javascript File buffer overflow [CVE-2021-21051]medium7.5---
169841Adobe Photoshop out-of-bounds read [CVE-2021-21050]medium7.5---
169840Adobe Photoshop out-of-bounds read [CVE-2021-21049]medium7.5---
169839Adobe Photoshop memory corruption [CVE-2021-21048]medium7.5---
169838Adobe Photoshop out-of-bounds write [CVE-2021-21047]medium7.5---
169837Adobe Acrobat Reader memory corruption [CVE-2021-21046]medium7.5---
169836Adobe Acrobat Reader access control [CVE-2021-21045]medium7.5---
169835Adobe Acrobat Reader JPEG File out-of-bounds write [CVE-2021-21044]medium7.5---
169834Adobe Acrobat Reader out-of-bounds read [CVE-2021-21042]low5.0---
169833Adobe Acrobat Reader use after free [CVE-2021-21041]medium7.5---
169832Adobe Acrobat Reader use after free [CVE-2021-21040]medium7.5---
169831Adobe Acrobat Reader use after free [CVE-2021-21039]medium7.5---
169830Adobe Acrobat Reader JPEG File out-of-bounds write [CVE-2021-21038]medium7.5---
169829Adobe Acrobat Reader path traversal [CVE-2021-21037]medium4.3---
169828Adobe Acrobat Reader integer overflow [CVE-2021-21036]medium4.3---
169827Adobe Acrobat Reader use after free [CVE-2021-21035]medium7.5---
169826Adobe Acrobat Reader out-of-bounds read [CVE-2021-21034]low1.7---
169825Adobe Acrobat Reader use after free [CVE-2021-21033]medium7.5---
169824Magento session expiration [CVE-2021-21032]medium5.1---
169823Magento session expiration [CVE-2021-21031]medium5.1---
169822Magento Customer Address Upload cross site scripting [CVE-2021-21030]low5.0---
169821Magento Admin Console cross site scripting [CVE-2021-21029]low4.0---
169820Adobe Acrobat Reader use after free [CVE-2021-21028]medium7.5---
169819Magento GraphQL API cross-site request forgery [CVE-2021-21027]low5.0---
169818Magento Integrations Module improper authorization [CVE-2021-21026]medium4.6---
169817Magento Product Layout Update xml injection [CVE-2021-21025]medium5.8---
169816Magento Search Module sql injection [CVE-2021-21024]medium7.5---
169815Magento Admin Console cross site scripting [CVE-2021-21023]low3.3---
169814Magento Product Module resource injection [CVE-2021-21022]medium5.0---
169813Adobe Acrobat Reader use after free [CVE-2021-21021]medium7.5---
169812Magento Login as Customer Module access control [CVE-2021-21020]medium5.1---
169811Magento Widgets Module xml injection [CVE-2021-21019]medium5.8---
169810Magento Scheduled Operation Module os command injection [CVE-2021-21018]medium5.8---
169809Adobe Acrobat Reader heap-based overflow [CVE-2021-21017]medium7.5---
169808Magento WebAPI os command injection [CVE-2021-21016]medium4.3---
169807Magento Customer Attribute os command injection [CVE-2021-21015]medium4.3---
169806Magento unrestricted upload [CVE-2021-21014]medium5.8---
169805IBM Security Verify Information Queue encoding error [CVE-2021-20405]low2.6---
169804IBM Security Verify Information Queue Cookie denial of servicelow2.6---
169803IBM Security Verify Information Queue cross-site request forgerylow3.3---
169802IBM Security Verify Information Queue information exposure [CVE-2021-20402]low3.3---
169801podman Container authorization [CVE-2021-20188]medium5.2---
169800Hirschmann OS2/RSP/RSPE HSR Ring denial of service [CVE-2020-9307]low2.9---
169799SuSE Open Build Service Web Page Generation cross site scriptinglow4.0---
169798SuSE CaaS Platform temp file [CVE-2020-8030]medium3.5---
169797SuSE CaaS Platform permission assignment [CVE-2020-8029]low1.0---
169796SUSE Linux Enterprise Server/OpenSUSE temp file [CVE-2020-8027]medium4.3---
169795IBM Case Manager/Business Automation Workflow Web UI cross site scriptinglow2.1---
169794Open vSwitch Packet resource consumption [CVE-2020-35498]low5.2---
169793SolarWinds Network Performance Monitor WriteToFile sql injectionmedium6.5---
169792Qognify Ocularis EventCoordinator Endpoint deserialization [CVE-2020-27868]high10.0---
169791Netgear Nighthawk AC2400 mini_httpd command injection [CVE-2020-27867]medium8.3---
169790Netgear Nighthawk AC2400 mini_httpd authentication bypass [CVE-2020-27866]medium8.3---
169789D-Link DAP-1860 uhttpd authentication bypass [CVE-2020-27865]medium8.3---
169788D-Link DAP-1860 HNAP Service command injection [CVE-2020-27864]medium8.3---
169787D-Link DVA-2800/DSL-2888A dhttpd authentication bypass [CVE-2020-27863]medium5.8---
169786D-Link DVA-2800/DSL-2888A dhttpd command injection [CVE-2020-27862]medium8.3---
169785Netgear Orbi UA_Parser Utility os command injection [CVE-2020-27861]medium8.3---
169784Shenzhen Yunding Oclean App hard-coded key [CVE-2020-25493]low2.6---
169783KeyCloak Email information exposure [CVE-2020-1717]low2.7---
169782Teradici Cloud Access Connector Web Form cross-site request forgerylow4.0---
169781Teradici Cloud Access Connector Web Application Pages authentication bypassmedium5.8---
169780Keycloak OIDC Logout Endpoint cross-site request forgery [CVE-2020-10734]low4.0---
169779AutoTrace Bitmap Image main.c use after freemedium4.9---
169778AutoTrace Bitmap Image input-bmp.c malloc integer overflowmedium4.9---
169777is-user-valid ldap injection [CVE-2021-23335]medium4.9---
169776static-eval FunctionExpressions code injectionmedium4.9---
169775MongoDB Ops Manager SSL cleartext transmission [CVE-2021-20335]low2.6---
169774Fluent Bit flb_avro.c flb_malloc null pointer dereferencelow2.3---
169773samba-client Package process.exec command injectionmedium5.2---
169772FiberHome HG6245D Telnet Daemon denial of service [CVE-2021-27179]low4.0---
169771FiberHome HG6245D NVRAM missing encryption [CVE-2021-27178]low1.4---
169770FiberHome HG6245D Telnet Server improper authentication [CVE-2021-27177]medium7.5---
169769FiberHome HG6245D wifictl_5g.cfg permissionmedium4.0---
169768FiberHome HG6245D wifictl_2g.cfg permissionmedium4.0---
169767FiberHome HG6245D wifi_custom.cfg permissionmedium4.0---
169766FiberHome HG6245D API improper authentication [CVE-2021-27173]medium5.8---
169765FiberHome HG6245D system-config.sh hard-coded passwordlow4.0---
169764FiberHome HG6245D CLI out-of-bounds write [CVE-2021-27171]medium7.4---
169763FiberHome HG6245D Firewall access control [CVE-2021-27170]medium7.5---
169762FiberHome AN5506-04-FA hard-coded password [CVE-2021-27169]medium4.9---
169761FiberHome HG6245D hard-coded credentials [CVE-2021-27168]medium5.8---
169760FiberHome HG6245D libci_adaptation_layer.so init_3bb_password hard-coded credentialsmedium4.9---
169759FiberHome HG6245D hard-coded password [CVE-2021-27166]medium4.9---
169758FiberHome HG6245D Telnet Daemon hard-coded credentials [CVE-2021-27165]medium7.5---
169757FiberHome HG6245D Web Daemon hard-coded credentials [CVE-2021-27164]medium7.5---
169756FiberHome HG6245D Web Daemon hard-coded credentials [CVE-2021-27163]medium7.5---
169755FiberHome HG6245D Web Daemon hard-coded credentials [CVE-2021-27162]medium7.5---
169754FiberHome HG6245D Web Daemon hard-coded credentials [CVE-2021-27161]medium7.5---
169753FiberHome HG6245D Web Daemon hard-coded credentials [CVE-2021-27160]medium7.5---
169752FiberHome HG6245D Web Daemon hard-coded credentials [CVE-2021-27159]medium7.5---
169751FiberHome HG6245D Web Daemon hard-coded credentials [CVE-2021-27158]medium7.5---
169750FiberHome HG6245D Web Daemon hard-coded credentials [CVE-2021-27157]medium7.5---
169749FiberHome HG6245D Web Daemon hard-coded credentials [CVE-2021-27156]medium7.5---
169748FiberHome HG6245D Web Daemon hard-coded credentials [CVE-2021-27155]medium7.5---
169747FiberHome HG6245D Web Daemon hard-coded credentials [CVE-2021-27154]medium7.5---
169746FiberHome HG6245D Web Daemon hard-coded credentials [CVE-2021-27153]medium7.5---
169745FiberHome HG6245D Web Daemon hard-coded credentials [CVE-2021-27152]medium7.5---
169744FiberHome HG6245D Web Daemon hard-coded credentials [CVE-2021-27151]medium7.5---
169743FiberHome HG6245D Web Daemon hard-coded credentials [CVE-2021-27150]medium7.5---
169742FiberHome HG6245D Web Daemon hard-coded credentials [CVE-2021-27149]medium7.5---
169741FiberHome HG6245D Web Daemon hard-coded credentials [CVE-2021-27148]medium7.5---
169740FiberHome HG6245D Web Daemon hard-coded credentials [CVE-2021-27147]medium7.5---
169739FiberHome HG6245D Web Daemon hard-coded credentials [CVE-2021-27146]medium7.5---
169738FiberHome HG6245D Web Daemon hard-coded credentials [CVE-2021-27145]medium7.5---
169737FiberHome HG6245D Web Daemon hard-coded password [CVE-2021-27144]medium5.8---
169736FiberHome HG6245D Web Daemon hard-coded password [CVE-2021-27143]medium5.8---
169735FiberHome HG6245D Private Key permission [CVE-2021-27142]medium5.2---
169734FiberHome HG6245D umconfig.txt hard-coded keylow4.0---
169733FiberHome HG6245D web.log log filelow3.3---
169732FiberHome HG6245D info.asp information disclosurelow3.3---
169731Trend Micro Security code injection [CVE-2021-25251]medium5.8---
169730Elastic APM Agent for Go HTTP Header log file [CVE-2021-22133]low2.3---
169729Fleet Request resource consumption [CVE-2021-21296]low2.6---
169728Lenovo XClarity Administrator FFDC Service Log cleartext transmissionlow3.3---
169727Elasticsearch Audit Logging log file [CVE-2020-7021]low2.3---
169726Prusa Research PrusaSlicer OBJ File objparse buffer overflowmedium5.2---
169725Prusa Research PrusaSlicer OBJ File Obj.cpp load_obj out-of-bounds writemedium5.2---
169724Tencent WeChat WXAM Decoder memory corruption [CVE-2020-27874]medium7.5---
169723SolarWinds Orion Platform VulnerabilitySettings.aspx improper authenticationmedium9.0---
169722SolarWinds Orion Platform ExportToPDF.aspx information disclosurelow5.0---
169721SoftMaker Office PlanMaker Document Parser heap-based overflowmedium7.5---
169720SDG Technologies Plug and Play SCADA cross site scripting [CVE-2020-24842]low4.0---
169719Linux Kernel User Namespace ovl_path_open privileges assignmentlow2.1---
169718AccuSoft ImageGear PSD Header out-of-bounds write [CVE-2020-13585]medium7.5---
169717Micrium uC-HTTP HTTP Request denial of service [CVE-2020-13583]low2.3---
169716SoftMaker Office PlanMaker Document heap-based overflow [CVE-2020-13581]medium5.2---
169715Genivia gSOAP WS-Security Plugin denial of service [CVE-2020-13578]low2.3---
169714Genivia gSOAP WS-Security Plugin denial of service [CVE-2020-13577]low2.3---
169713Genivia gSOAP WS-Addressing Plugin integer overflow [CVE-2020-13576]medium6.0---
169712Genivia gSOAP WS-Addressing Plugin denial of service [CVE-2020-13575]low2.3---
169711Genivia gSOAP SOAP Request denial of service [CVE-2020-13574]low2.3---
169710AccuSoft ImageGear GIF Parser heap-based overflow [CVE-2020-13572]medium7.5---
169709AccuSoft ImageGear SGI RLE Decompression out-of-bounds writemedium7.5---
169708phpGACL/OpenEMR HTTP Request return_page redirectmedium4.9---
169707AccuSoft ImageGear TIFF Parser out-of-bounds write [CVE-2020-13561]medium5.2---
169706Backdoor.Win32.BackAttack.18 Service Port 80 improper authenticationmedium7.5---
169705Palo Alto Prisma Cloud Compute SAML Authentication signature verificationmedium5.1---
169704xterm UTF-8 Character memory corruption [CVE-2021-27135]medium6.5---
169703henriquedornas phpMyAdmin SQL information disclosure [CVE-2021-26939]low2.3---
169702henriquedornas Online Live Chat cross site scripting [CVE-2021-26938]low4.0---
169701ReplaySorcery access control [CVE-2021-26936]medium9.0---
169700IBM WebSphere Application Server xml external entity referencemedium6.0---
169699Google Android OkHostnameVerifier.java verifyHostName certificate validationmedium5.1---
169698Google Android IsoInterface.java parseNextBox information disclosurelow5.0---
169697Google Android WindowContainer.java loadAnimation unusual conditionlow4.3---
169696Google Android SystemSettingsValidators denial of servicelow1.7---
169695Google Android Metadata FileSystemProvider.java moveInMediaStore cleartext storagelow4.3---
169694Google Android BluetoothPermissionRequest.java onReceive permissionmedium4.3---
169693Google Android C2SoftHevcDec.cpp process out-of-bounds writemedium5.0---
169692Google Android ResolverActivity.java onTargetSelected permission assignmentlow4.3---
169691Google Android Bluetooth BluetoothPermissionActivity.java onCreate permissionmedium4.3---
169690Google Android SurfaceFlinger.cpp bootFinished use after freemedium4.3---
169689Google Android Notification NotificationAccessConfirmationActivity.java onCreate improper restriction of rendered ui layerslow4.3---
169688Google Android storaged.cpp remove_user_ce use after freemedium4.3---
169687Google Android Bluetooth AdvertiseManager.java out-of-bounds writemedium4.3---
169686Google Android Bluetooth Scan GattService.java deliverBatchScan permissionmedium4.6---
169685Google Android ActivityManagerService.java getContentProviderImpl permissionmedium4.3---
169684Google Android WiFi-Direct p2p.c p2p_copy_client_info out-of-bounds writemedium7.5---
169683Google Android ih264d_parse_pslice.c ih264d_parse_pslice out-of-bounds writemedium7.5---
169682Google Android UninstallerActivity onCreate improper restriction of rendered ui layersmedium4.6---
169681Google Android PackageInstaller permission [CVE-2021-0305]medium4.3---
169680Google Android PackageInstaller permission [CVE-2021-0302]medium4.3---
169679IBM Spectrum Protect Plus resource consumption [CVE-2020-5023]low5.0---
169678Tips and Tricks HQ All In One WP Security & Firewall wp-security-blacklist-menu.php cross site scriptinglow4.0---
169677ftp-srv Command pathname traversal [CVE-2020-26299]medium6.5---
169676Issuer integer overflow [CVE-2020-24838]medium4.9---
169675ZCFees Transaction integer underflow [CVE-2020-24837]medium4.9---
169674SoftMaker Office TextMaker Document Parser heap-based overflowmedium7.5---
169673McAfee Endpoint Security ePO Extension cross site scripting [CVE-2021-23881]low3.3---
169672McAfee Total Protection Remote Procedure Call privileges managementmedium6.0---
169671McAfee Total Protection MTP Self-Defense privileges managementmedium4.3---
169670McAfee Total Protection privileges management [CVE-2021-23873]medium6.8---
169669McAfee Endpoint Security null pointer dereference [CVE-2021-23883]low4.3---
169668McAfee Endpoint Security ENS File privileges management [CVE-2021-23882]medium4.0---
169667McAfee Endpoint Security privileges management [CVE-2021-23880]medium4.0---
169666McAfee Endpoint Security cleartext storage [CVE-2021-23878]low1.7---
169665Wekan Fieldbleed cross site scripting [CVE-2021-20654]low4.0---
169664GENIVI Diagnostic Log and Trace dlt_common.c dlt_buffer_write_block heap-based overflowmedium5.2---
169663Monitorr upload.php unrestricted uploadmedium6.0---
169662InoERP json_fp.php input validationlow4.9---
169661Backdoor.Win32.Aphexdoor.LiteSock Service Port 113 moo buffer overflowmedium7.5---
169660Backdoor.Win32.NetTerrorist Service Port 785 improper authenticationmedium7.5---
169659Trojan.Win32.Cafelom.bu DNF-II.exe heap-based overflowmedium6.5---
169658Backdoor.Win32.Wollf.15 Service Port 7614 improper authenticationmedium7.5---
169657Trojan-Spy.Win32.WinSpy.vwl Service Port 443 permissionmedium6.5---
169656Trojan-Spy.Win32.WebCenter.a Service Port 80 web.exe information disclosurelow5.0---
169655Trojan-Spy.Win32.SpyEyes.awow $Recycle$ permissionmedium6.5---
169654Trojan-Spy.Win32.SpyEyes.auwl cleansweep.exe permissionmedium6.5---
169653Trojan-Spy.Win32.SpyEyes.auqj wedfsadeex.exe permissionmedium6.5---
169652Trojan.Win32.Gentee.h Paltalk permissionmedium6.5---
169651Trojan.Win32.Gentee.b WINNT permissionmedium6.5---
169650Trojan.Win32.Delf.uq downsoft permissionmedium6.5---
169649Email-Worm.Win32.Sircam.eb winupdate.exe permissionmedium6.5---
169648Trojan.Win32.Cospet.abg Service Port 2185 dir permissionmedium6.5---
169647Trojan.Win32.Comei.pgo dir permissionmedium6.5---
169646Backdoor.Win32.RemoteManipulator.brr permissionmedium6.5---
169645Backdoor.Win32.NetBull.11.b Service Port 23456 mfc42.dll buffer overflowmedium7.5---
169644Backdoor.Win32.Xyligan.blp FengYun.dll permissionmedium6.5---
169643HPE T0986H01 Idelji Web ViewPoint Suite access control [CVE-2021-3191]medium6.5---
169642Hyper Crate Transfer-Encoding request smuggling [CVE-2021-26959]medium4.9---
169641xcb Crate cast_event return valuemedium4.9---
169640xcb Crate change_property out-of-bounds readlow2.3---
169639xcb Crate value unknown vulnerabilitymedium4.9---
169638xcb Crate name return valuemedium4.9---
169637qwutils Crate Clone insert_slice_clone double freelow4.9---
169636postscript Crate uninitialized pointer [CVE-2021-26953]low2.3---
169635ms3d Crate read uninitialized pointerlow4.9---
169634calamine Crate set_len heap-based overflowmedium5.2---
169633GNU Screen UTF-8 Encoding encoding.c denial of servicelow3.5---
169632SmartFoxServer Console Module javashell.py protection mechanismmedium4.9---
169631SmartFoxServer Password server.xml missing encryptionlow2.3---
169630SmartFoxServer AdminTool Console cross site scripting [CVE-2021-26549]low4.0---
169629Siemens SCALANCE W740/SCALANCE W780 ARP allocation of resourceslow3.3---
169628HPE 3500/6200/8200 Management Interface denial of service [CVE-2021-25141]low2.3---
169627HPE Moonshot Provisioning Manager khuploadfile.cgi pathname traversalmedium7.5---
169626HPE Moonshot Provisioning Manager khuploadfile.cgi stack-based overflowmedium7.5---
169625Cscape Project File Parser out-of-bounds read [CVE-2021-22663]low5.0---
169624HPE T0662H01 Idelji Web ViewPoint Suite authentication replaymedium7.5---
169623Dell EMC PowerScale OneFS privileges management [CVE-2021-21502]medium7.5---
169622SAP SCIMono Java Expression injection [CVE-2021-21479]medium7.5---
169621SAP Web Dynpro ABAP redirect [CVE-2021-21478]medium7.5---
169620SAP Commerce Cloud Drools Rule injection [CVE-2021-21477]medium6.5---
169619SAP UI5 redirect [CVE-2021-21476]medium7.5---
169618SAP Master Data Management File API pathname traversal [CVE-2021-21475]medium5.1---
169617SAP HANA Database SAML Token signature verification [CVE-2021-21474]low4.3---
169616SAP Software Provisioning Manager missing authentication [CVE-2021-21472]medium5.1---
169615SAP Business Objects BI Platform X-Frame-Options Header clickjackinglow5.0---
169614NextGEN Gallery cross-site request forgery [CVE-2020-35943]low4.0---
169613NextGEN Gallery cross-site request forgery [CVE-2020-35942]low4.0---
169612Adminer cross site scripting [CVE-2020-35572]low4.0---
169611Mautic cross site scripting [CVE-2020-35125]low4.0---
169610ownCloud input validation [CVE-2020-28645]low4.0---
169609ownCloud API Endpoint core cross-site request forgerylow4.0---
169608Siemens JT2Go/Teamcenter Visualization RAS File out-of-bounds readlow2.7---
169607Siemens SIMARIS Configuration Folder default permission [CVE-2020-28392]medium6.5---
169606Siemens Nucleus NET/Nucleus ReadyStart ISN predictable valuelow2.6---
169605Foxit Studio Photo NEF File out-of-bounds write [CVE-2020-27857]medium7.5---
169604Foxit Studio Photo CR2 File out-of-bounds read [CVE-2020-27856]low5.0---
169603Foxit Studio Photo SR2 File out-of-bounds read [CVE-2020-27855]low5.0---
169602Siemens JT2Go/Teamcenter Visualization PLT File out-of-bounds readlow2.7---
169601Siemens JT2Go/Teamcenter Visualization HPG File out-of-bounds readlow2.7---
169600Siemens JT2Go/Teamcenter Visualization PCT File memory corruptionmedium5.2---
169599Siemens JT2Go/Teamcenter Visualization TGA File out-of-bounds writemedium5.2---
169598Siemens JT2Go/Teamcenter Visualization CGM File out-of-bounds readlow2.7---
169597Siemens JT2Go/Teamcenter Visualization TIFF File null pointer dereferencelow3.5---
169596Siemens JT2Go/Teamcenter Visualization PAR File out-of-bounds readlow2.7---
169595Siemens JT2Go/Teamcenter Visualization PAR File stack-based overflowmedium5.2---
169594Siemens JT2Go/Teamcenter Visualization BMP File memory corruptionmedium5.2---
169593Siemens JT2Go/Teamcenter Visualization PAR File out-of-bounds readlow2.7---
169592Siemens JT2Go/Teamcenter Visualization PAR File out-of-bounds readlow2.7---
169591Dell EMC PowerScale OneFS File System permission assignment [CVE-2020-26196]low1.7---
169590Dell EMC PowerScale OneFS Directory insufficient permissions or privilegeslow5.0---
169589Dell EMC PowerScale OneFS permission assignment [CVE-2020-26194]medium3.5---
169588Dell EMC PowerScale OneFS os command injection [CVE-2020-26193]medium4.3---
169587Dell EMC PowerScale OneFS missing authentication [CVE-2020-26192]medium4.3---
169586Dell EMC PowerScale OneFS Job privileges management [CVE-2020-26191]medium4.3---
169585Siemens DIGSI 4 default permission [CVE-2020-25245]medium6.8---
169584Siemens PCS neo/TIA Portal access control [CVE-2020-25238]medium6.8---
169583Siemens SINEC NMS/SINEMA Server ZIP File path traversal [CVE-2020-25237]medium5.2---
169582b2evolution evoadm.php cross site scriptinglow4.0---
169581PHPSHE admin.php sql injectionmedium6.5---
169580Foxit Studio Photo CMP File out-of-bounds read [CVE-2020-17436]low5.0---
169579Foxit Studio Photo CR2 File out-of-bounds read [CVE-2020-17435]low5.0---
169578Foxit Studio Photo ARW File out-of-bounds read [CVE-2020-17434]low5.0---
169577Foxit Studio Photo CMP File out-of-bounds read [CVE-2020-17433]low5.0---
169576Foxit Studio Photo CR2 File out-of-bounds read [CVE-2020-17432]low5.0---
169575Foxit Studio Photo CR2 File out-of-bounds write [CVE-2020-17431]medium7.5---
169574Foxit Studio Photo CR2 File out-of-bounds write [CVE-2020-17430]medium7.5---
169573Foxit Studio Photo CMP File out-of-bounds read [CVE-2020-17429]low5.0---
169572Foxit Studio Photo CMP File out-of-bounds read [CVE-2020-17428]low5.0---
169571Foxit Studio Photo NEF File out-of-bounds read [CVE-2020-17427]low5.0---
169570Foxit Studio Photo CR2 File memory corruption [CVE-2020-17426]medium7.5---
169569Foxit Studio Photo EPS File out-of-bounds write [CVE-2020-17425]medium7.5---
169568Foxit Studio Photo EZI File out-of-bounds write [CVE-2020-17424]medium7.5---
169567Foxit Studio Photo ARW File heap-based overflow [CVE-2020-17423]medium7.5---
169566Foxit Studio Photo EPS File out-of-bounds read [CVE-2020-17422]low5.0---
169565Foxit Studio Photo NEF File out-of-bounds write [CVE-2020-17421]medium7.5---
169564Foxit Studio Photo NEF File out-of-bounds read [CVE-2020-17420]low5.0---
169563Foxit Studio Photo NEF File out-of-bounds write [CVE-2020-17419]medium7.5---
169562Foxit Studio Photo EZIX File buffer overflow [CVE-2020-17418]medium7.5---
169561ownCloud File Store files_antivirus permissionmedium4.0---
169560Siemens SIMATIC HMI Comfort Panel Telnet Service missing authenticationmedium10.0---
169559PyYAML YAML File full_load input validationlow4.9---
169558WAVLINK WN575A4/WN579X3 Login command injection [CVE-2020-13117]medium7.5---
169557Siemens SIMATIC PCS 7/SIMATIC WinCC authentication bypass [CVE-2020-10048]medium5.8---
169556libzip ZIP Archive zip_dirent.c _zip_dirent_read use after freemedium7.5---
169555Millennium Millewin access control [CVE-2021-3394]medium4.3---
169554Argo CD Token sessionmanager.go user sessionlow4.0---
169553Gradle gradle-enterprise-test-distribution-agent Registration pathname traversalmedium5.2---
169552ConnMan gdhcp information disclosure [CVE-2021-26676]low2.7---
169551ConnMan dnsproxy stack-based overflow [CVE-2021-26675]medium5.2---
169550Google Chrome Skia clickjacking [CVE-2021-21147]low5.0---
169549Google Chrome Navigation use after free [CVE-2021-21146]medium7.5---
169548Google Chrome Font use after free [CVE-2021-21145]medium7.5---
169547Google Chrome Tab Group heap-based overflow [CVE-2021-21144]medium5.1---
169546Google Chrome Extension heap-based overflow [CVE-2021-21143]medium7.5---
169545Google Chrome Payment use after free [CVE-2021-21142]medium7.5---
169544Google Chrome File System API improper authentication [CVE-2021-21141]medium7.5---
169543Google Chrome USB Device uninitialized pointer [CVE-2021-21140]low4.3---
169542Google Chrome iFrame Sandbox access control [CVE-2021-21139]medium7.5---
169541Google Chrome DevTools use after free [CVE-2021-21138]medium4.3---
169540Google Chrome DevTools information disclosure [CVE-2021-21137]low5.0---
169539Google Chrome WebView unknown vulnerability [CVE-2021-21136]medium5.0---
169538Google Chrome Performance API unknown vulnerability [CVE-2021-21135]medium5.0---
169537Google Chrome Page Info authentication spoofing [CVE-2021-21134]medium7.5---
169536Google Chrome Download improper authentication [CVE-2021-21133]medium7.5---
169535Google Chrome DevTools sandbox [CVE-2021-21132]medium7.5---
169534Google Chrome File System API improper authentication [CVE-2021-21131]medium7.5---
169533Google Chrome File System API improper authentication [CVE-2021-21130]medium7.5---
169532Google Chrome File System API improper authentication [CVE-2021-21129]medium7.5---
169531Google Chrome Blink heap-based overflow [CVE-2021-21128]medium7.5---
169530Microsoft Windows Trust Verification API denial of service [CVE-2021-24080]medium7.8---
169529Microsoft Windows TCP/IP Remote Code Execution [CVE-2021-24094]high10.0---
169528Microsoft Windows TCP/IP Remote Code Execution [CVE-2021-24074]high10.0---
169527Microsoft Windows TCP/IP denial of service [CVE-2021-24086]medium7.8---
169526Microsoft Windows Remote Procedure Call information disclosuremedium7.8---
169525Microsoft Windows Local Spooler Remote Privilege Escalation [CVE-2021-24088]medium9.0---
169524Microsoft Windows Microsoft.PowerShell.Utility Module protection mechanismlow4.0---
169523Microsoft Windows PKU2U Local Privilege Escalation [CVE-2021-25195]medium6.8---
169522Microsoft Windows PFX Encryption Security protection mechanismlow2.1---
169521Microsoft Windows Network File System denial of service [CVE-2021-24075]medium6.8---
169520Microsoft Windows Mobile Device Management information disclosurelow4.6---
169519Microsoft Windows Win32 Win32k Local Privilege Escalationmedium6.8---
169518Microsoft Windows Win32k Local Privilege Escalation [CVE-2021-1732]medium6.8---
169517Microsoft Windows Kernel Local Privilege Escalation [CVE-2021-24096]medium6.8---
169516Microsoft Windows Installer Local Privilege Escalation [CVE-2021-1727]medium6.8---
169515Microsoft Windows Event Tracing Local Privilege Escalation [CVE-2021-24103]medium6.8---
169514Microsoft Windows Event Tracing Local Privilege Escalation [CVE-2021-24102]medium6.8---
169513Microsoft Windows DirectX information disclosure [CVE-2021-24106]low1.7---
169512Microsoft Windows Defender Local Privilege Escalation [CVE-2021-24092]medium6.8---
169511Microsoft Windows Console Driver denial of service [CVE-2021-24098]low4.9---
169510Microsoft Windows Backup Engine information disclosure [CVE-2021-24079]low4.6---
169509Microsoft Windows Address Book Remote Code Execution [CVE-2021-24083]medium7.5---
169508Microsoft Visual Studio Code npm-script Extension Remote Code Executionmedium7.5---
169507Microsoft Visual Studio Remote Code Execution [CVE-2021-1639]low5.1---
169506Microsoft System Center Operations Manager Remote Privilege Escalationmedium9.0---
169505Microsoft Sysinternals PsExec Local Privilege Escalation [CVE-2021-1733]medium6.8---
169504Microsoft Lync Server/Skype for Business Server denial of servicemedium6.8---
169503Microsoft Lync Server/Skype for Business Server unknown vulnerabilitymedium5.6---
169502Microsoft Windows Fax Service Remote Code Execution [CVE-2021-1722]medium7.6---
169501Microsoft Windows Fax Service Remote Code Execution [CVE-2021-24077]high10.0---
169500Microsoft Windows VMSwitch information disclosure [CVE-2021-24076]low4.6---
169499Microsoft Windows DNS Server Remote Code Execution [CVE-2021-24078]high10.0---
169498Microsoft Windows Remote Code Execution [CVE-2021-24091]medium10.0---
169497Microsoft Windows Codecs Library Remote Code Execution [CVE-2021-24081]medium10.0---
169496Microsoft Teams information disclosure [CVE-2021-24114]low6.8---
169495Microsoft SharePoint Remote Privilege Escalation [CVE-2021-24072]medium9.0---
169494Microsoft SharePoint Remote Privilege Escalation [CVE-2021-24066]medium9.0---
169493Microsoft SharePoint Remote Privilege Escalation [CVE-2021-1726]medium9.0---
169492Microsoft SharePoint information disclosure [CVE-2021-24071]low2.1---
169491Microsoft Office Remote Code Execution [CVE-2021-24070]medium7.5---
169490Microsoft Office Remote Code Execution [CVE-2021-24069]medium7.5---
169489Microsoft Office Remote Code Execution [CVE-2021-24068]medium7.5---
169488Microsoft Office Remote Code Execution [CVE-2021-24067]medium7.5---
169487Microsoft Windows Graphics Remote Code Execution [CVE-2021-24093]medium10.0---
169486Microsoft Exchange Server unknown vulnerability [CVE-2021-1730]low6.4---
169485Microsoft Exchange Server Remote Privilege Escalation [CVE-2021-24085]medium6.5---
169484Microsoft Edge information disclosure [CVE-2021-24100]low1.7---
169483Microsoft Dynamics NAV/Dynamics 365 Business Central cross site scriptinglow2.7---
169482Microsoft Dynamics 365 information disclosure [CVE-2021-24101]medium6.8---
169481Microsoft Azure Kubernetes Service Remote Privilege Escalationmedium8.3---
169480Microsoft Package Manager Configurations Local Privilege Escalationmedium7.2---
169479Microsoft Azure IoT CLI Extension Local Privilege Escalationmedium6.0---
169478Microsoft .NET Framework denial of service [CVE-2021-24111]medium7.8---
169477Microsoft .NET Core/Visual Studio denial of service [CVE-2021-1721]medium7.8---
169476Microsoft .NET Core Remote Code Execution [CVE-2021-24112]medium7.6---
169475Microsoft .NET Core Remote Code Execution [CVE-2021-26701]medium7.6---
169474Google Chrome Extension access control [CVE-2021-21127]medium7.5---
169473Google Chrome Policy Enforcement access control [CVE-2021-21126]medium7.5---
169472Google Chrome File System API improper authentication [CVE-2021-21125]medium7.5---
169470Google Chrome File System API input validation [CVE-2021-21123]medium7.5---
169469Google Chrome Blink use after free [CVE-2021-21122]medium7.5---
169468Google Chrome Omnibox use after free [CVE-2021-21121]medium7.5---
169467Google Chrome WebSQL use after free [CVE-2021-21120]medium7.5---
169466Google Chrome Media use after free [CVE-2021-21119]medium7.5---
169465Google Chrome V8 out-of-bounds read [CVE-2021-21118]medium7.5---
169464Google Chrome Cryptohome access control [CVE-2021-21117]medium4.3---
169463IBM Security Identity Governance and Intelligence Authentication information disclosurelow4.0---
169462IBM Security Identity Governance and Intelligence session expirationlow2.6---
169461IBM Security Identity Governance and Intelligence HTTP Request information disclosurelow3.5---
169460IBM Security Identity Governance and Intelligence certificate validationlow2.6---
169459IBM Security Identity Governance and Intelligence URL denial of servicelow1.8---
169458Omron CX-One stack-based overflow [CVE-2020-27261]medium6.5---
169457Omron CX-One memory corruption [CVE-2020-27259]medium6.5---
169456Omron CX-One type confusion [CVE-2020-27257]low4.3---
169455b2evolution Plugin Module cross site scripting [CVE-2020-22841]low4.0---
169454b2evolution email_passthrough.php redirectmedium6.0---
169453Google Chrome SCTP Packet use after free [CVE-2020-16044]medium7.5---
169452RoundCube CSS cross site scripting [CVE-2021-26925]low4.0---
169451apexcharts Graph Legend Field cross site scripting [CVE-2021-23327]low5.0---
169450Tufin SecureChange resource injection [CVE-2020-13462]medium4.9---
169449ProBot Send Image unrestricted upload [CVE-2021-26918]medium4.9---
169448ABB AC500 V2 PLC memory allocation [CVE-2020-24685]medium7.8-