CVE-2021-36923
Summary: RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve unauthorized access...
Vulnerabilities
CVE-2021-36924
Summary: RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve a pool...
CVE-2021-36925
Summary: RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve an arbitrary...
CVE-2020-28702
Summary: A SQL injection vulnerability in TopicMapper.xml of PybbsCMS v5.2.1 allows attackers to access sensitive database information. Reference Links(if available):...
CVE-2021-42557
Summary: In Jeedom through 4.1.19, a bug allows a remote attacker to bypass API access and retrieve users credentials. Reference...
CVE-2021-32762
Summary: Redis is an open source, in-memory database that persists on disk. The redis-cli command line tool and redis-sentinel service...
CVE-2019-7548
Summary: SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled. Reference Links(if available): https://github.com/no-security/sqlalchemy_test https://github.com/sqlalchemy/sqlalchemy/issues/4481#issuecomment-461204518 https://lists.debian.org/debian-lts-announce/2019/03/msg00020.html https://access.redhat.com/errata/RHSA-2019:0984...
CVE-2021-30846
Summary: A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS...
CVE-2021-30851
Summary: A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS...
CVE-2021-41103
Summary: containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug was found...
CVE-2021-38420
Summary: Delta Electronics DIALink versions 1.2.4.0 and prior default permissions give extensive permissions to low-privileged user accounts, which may allow...
CVE-2021-38422
Summary: Delta Electronics DIALink versions 1.2.4.0 and prior stores sensitive information in cleartext, which may allow an attacker to have...
CVE-2020-18263
Summary: PHP-CMS v1.0 was discovered to contain a SQL injection vulnerability in the component search.php via the search parameter. This...
CVE-2021-38416
Summary: Delta Electronics DIALink versions 1.2.4.0 and prior insecurely loads libraries, which may allow an attacker to use DLL hijacking...
CVE-2021-33800
Summary: In Druid 1.2.3, visiting the path with parameter in a certain function can lead to directory traversal. Reference Links(if...
CVE-2021-36260 – Hikvision / Multiple – Command Injection
Summary: CVE-2021-36260 is a command injection vulnerability impacting multiple Hikvision products. An exploit was observed in open source and a...
CVE-2021-1048 – Google / Android – Use after free
Summary: CVE-2021-1048 is a use after free vulnerability impacting Google Android. A proof of concept (PoC) was not observed publicly...
CVE-2021-37984
Summary: Heap buffer overflow in PDFium in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap...
CVE-2021-43266
Summary: In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, exporting collections via PDF export could lead to code execution via...
CVE-2021-34595
Summary: A crafted request with invalid offsets may cause an out-of-bounds read or write access in CODESYS V2 Runtime Toolkit...
CVE-2021-34593
Summary: In CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56 unauthenticated crafted invalid requests may...
CVE-2018-6122
Summary: Type confusion in WebAssembly in Google Chrome prior to 66.0.3359.139 allowed a remote attacker to potentially exploit heap corruption...
CVE-2021-31849
Summary: SQL injection vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.7.100 allows a remote attacker logged...
CVE-2015-20067
Summary: The WP Attachment Export WordPress plugin before 0.2.4 does not have proper access controls, allowing unauthenticated users to download...
