| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2021-32020 |
|
|
|
2021-05-03 |
2021-05-04 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The kernel in Amazon Web Services FreeRTOS before 10.4.3 has insufficient bounds checking during management of heap memory. |
|
2 |
CVE-2021-31996 |
|
|
|
2021-05-03 |
2021-05-03 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
An issue was discovered in the algorithmica crate through 2021-03-07 for Rust. There is a double free in merge_sort::merge(). |
|
3 |
CVE-2021-31164 |
|
|
|
2021-05-04 |
2021-05-04 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Apache Unomi prior to version 1.5.5 allows CRLF log injection because of the lack of escaping in the log statements. |
|
4 |
CVE-2021-29478 |
190 |
|
Exec Code Overflow |
2021-05-04 |
2021-05-04 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis 6.2 before 6.2.3 could be exploited to corrupt the heap and potentially result with remote code execution. Redis 6.0 and earlier are not directly affected by this issue. The problem is fixed in version 6.2.3. An additional workaround to mitigate the problem without patching the `redis-server` executable is to prevent users from modifying the `set-max-intset-entries` configuration parameter. This can be done using ACL to restrict unprivileged users from using the `CONFIG SET` command. |
|
5 |
CVE-2021-29477 |
190 |
|
Exec Code Overflow |
2021-05-04 |
2021-05-04 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer could be exploited using the `STRALGO LCS` command to corrupt the heap and potentially result with remote code execution. The problem is fixed in version 6.2.3 and 6.0.13. An additional workaround to mitigate the problem without patching the redis-server executable is to use ACL configuration to prevent clients from using the `STRALGO LCS` command. |
|
6 |
CVE-2021-29369 |
|
|
Exec Code |
2021-05-03 |
2021-05-03 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The gnuplot package prior to version 0.1.0 for Node.js allows code execution via shell metacharacters in Gnuplot commands. |
|
7 |
CVE-2021-29242 |
|
|
|
2021-05-03 |
2021-05-03 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
CODESYS Control Runtime system before 3.5.17.0 has improper input validation. Attackers can send crafted communication packets to change the router's addressing scheme and may re-route, add, remove or change low level communication packages. |
|
8 |
CVE-2021-29241 |
|
|
DoS |
2021-05-03 |
2021-05-03 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
CODESYS Gateway 3 before 3.5.17.0 has a NULL pointer dereference that may result in a denial of service (DoS). |
|
9 |
CVE-2021-29240 |
|
|
|
2021-05-04 |
2021-05-04 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The Package Manager of CODESYS Development System 3 before 3.5.17.0 does not check the validity of packages before installation and may be used to install CODESYS packages with malicious content. |
|
10 |
CVE-2021-29239 |
|
|
Exec Code |
2021-05-03 |
2021-05-03 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
CODESYS Development System 3 before 3.5.17.0 displays or executes malicious documents or files embedded in libraries without first checking their validity. |
|
11 |
CVE-2021-29238 |
|
|
CSRF |
2021-05-03 |
2021-05-03 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
CODESYS Automation Server before 1.16.0 allows cross-site request forgery (CSRF). |
|
12 |
CVE-2021-28860 |
|
|
DoS |
2021-05-03 |
2021-05-03 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Node.js mixme 0.5.0, an attacker can add or alter properties of an object via '__proto__' through the mutate() and merge() functions. The polluted attribute will be directly assigned to every object in the program. This will put the availability of the program at risk causing a potential denial of service (DoS). |
|
13 |
CVE-2021-28359 |
|
|
XSS |
2021-05-02 |
2021-05-04 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The "origin" parameter passed to some of the endpoints like '/trigger' was vulnerable to XSS exploit. This issue affects Apache Airflow versions <1.10.15 in 1.x series and affects 2.0.0 and 2.0.1 and 2.x series. This is the same as CVE-2020-13944 & CVE-2020-17515 but the implemented fix did not fix the issue completely. Update to Airflow 1.10.15 or 2.0.2. Please also update your Python version to the latest available PATCH releases of the installed MINOR versions, example update to Python 3.6.13 if you are on Python 3.6. (Those contain the fix for CVE-2021-23336 https://nvd.nist.gov/vuln/detail/CVE-2021-23336). |
|
14 |
CVE-2021-26804 |
|
|
Bypass |
2021-05-04 |
2021-05-04 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Insecure Permissions in Centreon Web versions 19.10.18, 20.04.8, and 20.10.2 allows remote attackers to bypass validation by changing any file extension to ".gif", then uploading it in the "Administration/ Parameters/ Images" section of the application. |
|
15 |
CVE-2021-25631 |
|
|
|
2021-05-03 |
2021-05-03 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the 7-0 series in versions prior to 7.0.5, the denylist can be circumvented by manipulating the link so it doesn't match the denylist but results in ShellExecute attempting to launch an executable type. |
|
16 |
CVE-2021-25179 |
|
|
XSS |
2021-05-05 |
2021-05-05 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
SolarWinds Serv-U before 15.2 is affected by Cross Site Scripting (XSS) via the HTTP Host header. |
|
17 |
CVE-2021-23383 |
|
|
|
2021-05-04 |
2021-05-04 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The package handlebars before 4.7.7 are vulnerable to Prototype Pollution when selecting certain compiling options to compile templates coming from an untrusted source. |
|
18 |
CVE-2021-23343 |
|
|
DoS |
2021-05-04 |
2021-05-04 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
All versions of package path-parse are vulnerable to Regular Expression Denial of Service (ReDoS) via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity. |
|
19 |
CVE-2021-22547 |
|
|
|
2021-05-04 |
2021-05-04 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
In IoT Devices SDK, there is an implementation of calloc() that doesn't have a length check. An attacker could pass in memory objects larger than the buffer and wrap around to have a smaller buffer than required, allowing the attacker access to the other parts of the heap. We recommend upgrading the Google Cloud IoT Device SDK for Embedded C used to 1.0.3 or greater. |
|
20 |
CVE-2021-21551 |
|
|
DoS |
2021-05-04 |
2021-05-04 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required. |
|
21 |
CVE-2021-21264 |
862 |
|
Exec Code Bypass |
2021-05-03 |
2021-05-03 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. A bypass of CVE-2020-26231 (fixed in 1.0.470/471 and 1.1.1) was discovered that has the same impact as CVE-2020-26231 & CVE-2020-15247. An authenticated backend user with the `cms.manage_pages`, `cms.manage_layouts`, or `cms.manage_partials` permissions who would **normally** not be permitted to provide PHP code to be executed by the CMS due to `cms.enableSafeMode` being enabled is able to write specific Twig code to escape the Twig sandbox and execute arbitrary PHP. This is not a problem for anyone that trusts their users with those permissions to normally write & manage PHP within the CMS by not having `cms.enableSafeMode` enabled, but would be a problem for anyone relying on `cms.enableSafeMode` to ensure that users with those permissions in production do not have access to write & execute arbitrary PHP. Issue has been patched in Build 472 (v1.0.472) and v1.1.2. As a workaround, apply https://github.com/octobercms/october/commit/f63519ff1e8d375df30deba63156a2fc97aa9ee7 to your installation manually if unable to upgrade to Build 472 or v1.1.2. |
|
22 |
CVE-2021-3154 |
|
|
|
2021-05-04 |
2021-05-04 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
An issue was discovered in SolarWinds Serv-U before 15.2.2. Unauthenticated attackers can retrieve cleartext passwords via macro Injection. NOTE: this had a distinct fix relative to CVE-2020-35481. |
|
23 |
CVE-2020-36334 |
|
|
CSRF |
2021-05-05 |
2021-05-05 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
themegrill-demo-importer before 1.6.3 allows CSRF, as demonstrated by wiping the database. |
|
24 |
CVE-2020-36333 |
|
|
|
2021-05-05 |
2021-05-05 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
themegrill-demo-importer before 1.6.2 does not require authentication for wiping the database, because of a reset_wizard_actions hook. |
|
25 |
CVE-2020-35758 |
|
|
Bypass |
2021-05-03 |
2021-05-04 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices. There is a Authentication Bypass in the Web Interface. This interface does not properly restrict access to internal functionality. Despite presenting a password login page on first access, authentication is not required to access privileged functionality. As such, it's possible to directly access APIs that should not be exposed to an unauthenticated user. |
|
26 |
CVE-2020-35757 |
|
|
+Priv |
2021-05-03 |
2021-05-04 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices. There is Unauthenticated Root ADB Access Over TCP. The LS9 web interface provides functionality to access ADB over TCP. This is not enabled by default, but can be enabled by sending a crafted request to a web management interface endpoint. Requests made to this endpoint do not require authentication. As such, any unauthenticated user who is able to access the web interface will be able to gain root privileges on the LS9 module. |
|
27 |
CVE-2020-35756 |
|
|
+Info |
2021-05-03 |
2021-05-04 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices. There is a luci_service GETPASS Configuration Password Information Leak. The luci_service daemon running on port 7777 does not require authentication to return the device configuration password in cleartext when using the GETPASS command. As such, any unauthenticated person with access to port 7777 on the device will be able to leak the user's personal device configuration password by issuing the GETPASS command. |
|
28 |
CVE-2020-35755 |
|
|
+Info |
2021-05-03 |
2021-05-04 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices. There is a luci_service Read_ NVRAM Direct Access Information Leak. The luci_service deamon running on port 7777 provides a sub-category of commands for which Read_ is prepended. Commands in this category are able to directly read the contents of the device configuration NVRAM. The NVRAM contains sensitive information, such as the Wi-Fi password (in cleartext), as well as connected account tokens for services such as Spotify. |
|
29 |
CVE-2020-28945 |
|
|
XSS |
2021-05-03 |
2021-05-04 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
OX App Suite 7.10.4 and earlier allows XSS via crafted content to reach an undocumented feature, such as ![](http://onerror=Function.constructor, in a Notes item. |
|
30 |
CVE-2020-27518 |
|
|
Exec Code |
2021-05-04 |
2021-05-04 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
All versions of Windscribe VPN for Mac and Windows <= v2.02.10 contain a local privilege escalation vulnerability in the WindscribeService component. A low privilege user could leverage several openvpn options to execute code as root/SYSTEM. |
|
31 |
CVE-2020-23083 |
|
|
Exec Code +Priv |
2021-05-03 |
2021-05-04 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Unrestricted File Upload in JEECG v4.0 and earlier allows remote attackers to execute arbitrary code or gain privileges by uploading a crafted file to the component "jeecgFormDemoController.do?commonUpload". |
|
32 |
CVE-2020-23015 |
|
|
|
2021-05-03 |
2021-05-04 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
An open redirect issue was discovered in OPNsense through 20.1.5. The redirect parameter "url" in login page was not filtered and can redirect user to any website. |
|
33 |
CVE-2020-22428 |
|
|
XSS |
2021-05-05 |
2021-05-05 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
SolarWinds Serv-U before 15.1.6 Hotfix 3 is affected by Cross Site Scripting (XSS) via a directory name (entered by an admin) containing a JavaScript payload. |
|
34 |
CVE-2020-21999 |
|
|
Exec Code |
2021-05-04 |
2021-05-04 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
iWT Ltd FaceSentry Access Control System 6.4.8 suffers from an authenticated OS command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user via the 'strInIP' POST parameter in pingTest PHP script. |
|
35 |
CVE-2020-20247 |
|
|
DoS Mem. Corr. |
2021-05-03 |
2021-05-03 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Mikrotik RouterOs before 6.46.5 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/traceroute process. An authenticated remote attacker can cause a Denial of Service due via the loop counter variable. |
|
36 |
CVE-2020-20218 |
|
|
DoS Mem. Corr. |
2021-05-03 |
2021-05-03 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/traceroute process. An authenticated remote attacker can cause a Denial of Service due via the loop counter variable. |
|
37 |
CVE-2020-4987 |
|
|
XSS |
2021-05-04 |
2021-05-04 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
IBM FlashSystem 900 1.5.2.9 and 1.6.1.3 user management GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 192702. |
