WordPress Compact WP Audio Player plugin <= 1.9.6 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability discovered by apple502j in WordPress Compact WP Audio Player plugin versions = 1.9.6. Solution Update the WordPress Compact WP Audio Player plugin to the latest available version at least 1.9.7...

WordPress Compact WP Audio Player plugin <= 1.9.6 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by apple502j in WordPress Compact WP Audio Player plugin versions = 1.9.6. Solution Update the WordPress Compact WP Audio Player plugin to the latest available version at least 1.9.7...

Siemens Desigo CC Series CCOM Communication Component Deserialization Vulnerability

Cerberus DMS is a hazard management station that helps users manage fire safety and security incidents.Desigo CC is an integrated building management platform for managing high-performance buildings.Desigo CC Compact expands the portfolio with solutions tailored for small and medium-sized...

CVE-2021-37181

A vulnerability has been identified in Cerberus DMS V4.0 All versions, Cerberus DMS V4.1 All versions, Cerberus DMS V4.2 All versions, Cerberus DMS V5.0 All versions v5.0 QU1, Desigo CC Compact V4.0 All versions, Desigo CC Compact V4.1 All versions, Desigo CC Compact V4.2 All versions, Desigo CC...

CVE-2021-27391

A vulnerability has been identified in APOGEE MBC PPC P2 Ethernet All versions = V2.6.3, APOGEE MEC PPC P2 Ethernet All versions = V2.6.3, APOGEE PXC Compact BACnet All versions = V2.8, APOGEE PXC Modular BACnet All versions = V2.8, TALON TC Compact BACnet All versions V3.5.3, TALON TC Modular...

Deserialization of untrusted data

A vulnerability has been identified in Cerberus DMS V4.0 All versions, Cerberus DMS V4.1 All versions, Cerberus DMS V4.2 All versions, Cerberus DMS V5.0 All versions v5.0 QU1, Desigo CC Compact V4.0 All versions, Desigo CC Compact V4.1 All versions, Desigo CC Compact V4.2 All versions, Desigo CC...

CVE-2021-27391

Summary: CVE-2021-27391 affects Siemens APOGEE and TALON devices. The vulnerability is a buffer overflow in the web server caused by improper bounds checking when parsing the Host header in HTTP requests. The issue affects multiple products/versions: APOGEE MBC (PPC) and APOGEE MEC (PPC) with ver...

多款 Siemens 产品代码问题漏洞

Cerberus DMS is a hazard management station that helps users manage fire safety and security incidents.Desigo CC is an integrated building management platform for managing high-performance buildings.Desigo CC Compact expands the portfolio with solutions tailored for small and medium-sized...

GHSA-4WJ3-P7HJ-CVX8 Double free in ordnung

An issue was discovered in the ordnung crate through version 0.0.1 for Rust. compact::Vec violates memory safety via a remove double free...

GHSA-QRWC-JXF5-G8X6 Out of bounds read in ordnung

An issue was discovered in the ordnung crate through version 0.0.1 for Rust. compact::Vec violates memory safety via out-of-bounds access for large capacity...

CVE-2021-35521

A path traversal in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows remote authenticated attackers to achieve denial of services and information disclosure via TCP/IP packets...

CVE-2021-35521

A path traversal in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows remote authenticated attackers to achieve denial of services and information disclosure via TCP/IP packets...

Buffer overflow

A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2, Sigma devices before 4.9.4, and MA VP MD devices before 4.9.7 allows remote attackers to achieve code execution, denial of services, and information disclosure via TCP/IP packets...

Path traversal

A path traversal in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows remote authenticated attackers to achieve denial of services and information disclosure via TCP/IP packets...

CVE-2021-35522

A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2, Sigma devices before 4.9.4, and MA VP MD devices before 4.9.7 allows remote attackers to achieve code execution, denial of services, and information disclosure via TCP/IP packets...

CVE-2021-35522

CVE-2021-35522 affects IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2, Sigma devices before 4.9.4, and MA VP MD devices before 4.9.7. A buffer overflow in the Thrift command handlers allows remote attackers to cause code execution, denial of service, and information disclosure via...

CVE-2021-35521

A path traversal in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows remote authenticated attackers to achieve denial of services and information disclosure via TCP/IP packets...

CVE-2021-35521

CVE-2021-35521 affects IDEMIA Morpho Wave Compact and VisionPass devices prior to version 2.6.2. A path traversal in the Thrift command handlers allows remote authenticated attackers to cause denial of service and information disclosure over TCP/IP packets. The vulnerability is exploitable by aut...

CVE-2021-35520

CVE-2021-35520 describes a buffer overflow in the Thrift command handlers of IDEMIA Morpho Wave Compact and VisionPass devices prior to version 2.6.2. The flaw allows physically proximate, authenticated attackers to achieve code execution , denial of service , and information disclosure via the s...

IDEMIA Morpho Wave Compact 缓冲区错误漏洞

IDEMIA Morpho Wave Compact is an industrial control device from idemia. Contactless fingerprint scanner. A security vulnerability exists in IDEMIA Morpho Wave Compact and VisionPass devices prior to version 2.6.2, which originates from a buffer overflow in the Thrift command handler in the device...