Videos

10/05/2021
YT
FiberHome PTCL HG150-Ub improper authentication [CVE-2021-35296]

A vulnerability has been found in FiberHome PTCL HG150-Ub 3.0 and classified as critical. Affected by this vulnerability is an unknown code block. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
Updated: 10/09/2021

10/05/2021
YT
Linux Kernel 6pack.c decode_data out-of-bounds write

A vulnerability was found in Linux Kernel up to 5.13.12 (Operating System). It has been declared as critical. This vulnerability affects the function decode_data of the file drivers/net/hamradio/6pack.c. Upgrading to version 5.13.13 eliminates this vulnerability. The upgrade is hosted for download at cdn.kernel.org. Applying the patch 19d1532a187669ce86d5a2696eb7275310070793 is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.
Updated: 10/08/2021

09/29/2021
YT
OS4Ed OpenSIS Community Modules.php file inclusion

A vulnerability was found in OS4Ed OpenSIS Community 8.0. It has been rated as problematic. This issue affects an unknown functionality of the file Modules.php. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
Updated: 10/03/2021

09/25/2021
YT
OpenSIS Community Edition Parameter TakeAttendance.php cross site scripting

A vulnerability classified as problematic has been found in OpenSIS Community Edition 8.0. This affects some unknown functionality of the file TakeAttendance.php of the component Parameter Handler. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
Updated: 10/02/2021

09/24/2021
YT
Absolutely Glamorous Custom Admin Plugin Settings cross site scripting

A vulnerability classified as problematic was found in Absolutely Glamorous Custom Admin Plugin up to 6.8 on WordPress (WordPress Plugin). This vulnerability affects some unknown functionality of the component Settings. Upgrading eliminates this vulnerability. The upgrade is hosted for download at plugins.svn.wordpress.org.
Updated: 10/02/2021

09/16/2021
YT
Microsoft Windows Command Line cmd.exe stack-based overflow

A vulnerability, which was classified as critical, has been found in Microsoft Windows (Operating System) (affected version not known). Affected by this issue is an unknown part of the file cmd.exe of the component Command Line. The best possible mitigation is suggested to be disabling the affected component.
Updated: 09/19/2021

08/04/2021
YT
OpenPLC Webserver Hardware Layer Code Box hardware command injection

A vulnerability classified as critical has been found in OpenPLC Webserver v3 (Web Server). Affected is some unknown processing of the file /hardware of the component Hardware Layer Code Box. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
Updated: 08/07/2021

08/02/2021
YT
OpenPLC Runtime Add New Device Page cross site scripting [CVE-2021-3351]

A vulnerability was found in OpenPLC Runtime (affected version not known). It has been rated as problematic. Affected by this issue is some unknown functionality of the component Add New Device Page. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
Updated: 08/06/2021

07/19/2021
YT
sz.chat Messages Box cross site scriting [CVE-2021-3279]

A vulnerability, which was classified as problematic, was found in sz.chat 4 (Chat Software). This affects an unknown code block of the component Messages Box Handler. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
Updated: 07/22/2021

07/09/2021
YT
Cisco Adaptive Security Device Manager Signature Verification code injection

A vulnerability classified as critical was found in Cisco Adaptive Security Device Manager (the affected version is unknown). This vulnerability affects some unknown functionality of the component Signature Verification Handler. Upgrading eliminates this vulnerability.
Updated: 07/11/2021

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!