CVE-2020-28702
Summary: A SQL injection vulnerability in TopicMapper.xml of PybbsCMS v5.2.1 allows attackers to access sensitive database information. Reference Links(if available):...
CVE
CVE-2021-42557
Summary: In Jeedom through 4.1.19, a bug allows a remote attacker to bypass API access and retrieve users credentials. Reference...
CVE-2021-32762
Summary: Redis is an open source, in-memory database that persists on disk. The redis-cli command line tool and redis-sentinel service...
CVE-2019-7548
Summary: SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled. Reference Links(if available): https://github.com/no-security/sqlalchemy_test https://github.com/sqlalchemy/sqlalchemy/issues/4481#issuecomment-461204518 https://lists.debian.org/debian-lts-announce/2019/03/msg00020.html https://access.redhat.com/errata/RHSA-2019:0984...
CVE-2021-30846
Summary: A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS...
CVE-2021-30851
Summary: A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS...
CVE-2021-41103
Summary: containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug was found...
CVE-2021-38420
Summary: Delta Electronics DIALink versions 1.2.4.0 and prior default permissions give extensive permissions to low-privileged user accounts, which may allow...
CVE-2021-38422
Summary: Delta Electronics DIALink versions 1.2.4.0 and prior stores sensitive information in cleartext, which may allow an attacker to have...
CVE-2020-18263
Summary: PHP-CMS v1.0 was discovered to contain a SQL injection vulnerability in the component search.php via the search parameter. This...
CVE-2021-38416
Summary: Delta Electronics DIALink versions 1.2.4.0 and prior insecurely loads libraries, which may allow an attacker to use DLL hijacking...
CVE-2021-33800
Summary: In Druid 1.2.3, visiting the path with parameter in a certain function can lead to directory traversal. Reference Links(if...
CVE-2021-37984
Summary: Heap buffer overflow in PDFium in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap...
CVE-2021-43266
Summary: In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, exporting collections via PDF export could lead to code execution via...
CVE-2021-34595
Summary: A crafted request with invalid offsets may cause an out-of-bounds read or write access in CODESYS V2 Runtime Toolkit...
CVE-2021-34593
Summary: In CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56 unauthenticated crafted invalid requests may...
CVE-2018-6122
Summary: Type confusion in WebAssembly in Google Chrome prior to 66.0.3359.139 allowed a remote attacker to potentially exploit heap corruption...
CVE-2021-31849
Summary: SQL injection vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.7.100 allows a remote attacker logged...
CVE-2015-20067
Summary: The WP Attachment Export WordPress plugin before 0.2.4 does not have proper access controls, allowing unauthenticated users to download...
CVE-2018-25019
Summary: The LearnDash LMS WordPress plugin before 2.5.4 does not have any authorisation and validation of the file to be...
CVE-2021-29875
Summary: IBM InfoSphere Information Server 11.7 could allow an attacker to obtain sensitive information due to a insecure third party...
CVE-2020-18438
Summary: Directory traversal vulnerability in qinggan phpok 5.1, allows attackers to disclose sensitive information, via the title parameter to admin.php....
CVE-2020-9897
Summary: An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 14.2 and iPadOS 14.2,...
CVE-2020-23546
Summary: IrfanView 4.54 allows attackers to cause a denial of service or possibly other unspecified impacts via a crafted XBM...
