CVE-2021-23005

On all 7.x and 6.x versions fixed in 8.0.0, when using a Quorum device for BIG-IQ high availability HA for automatic failover, BIG-IQ does not make use of Transport Layer Security TLS with the Corosync protocol. Note: Software versions which have reached End of Software Development EoSD are not...

CVE-2021-21479

In SCIMono before 0.0.19, it is possible for an attacker to inject and execute java expression compromising the availability and integrity of the system...

CVE-2021-21446

SAP NetWeaver AS ABAP, versions 740, 750, 751, 752, 753, 754, 755, allows an unauthenticated attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service, this has a high impact on the availability of the service...

CVE-2021-2134

Vulnerability in the Enterprise Manager for Fusion Middleware product of Oracle Enterprise Manager component: FMW Control Plugin. The supported version that is affected is 12.2.1.4. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Enterpri...

CVE-2021-46813

Vulnerability of residual files not being deleted after an update in the ChinaDRM module. Successful exploitation of this vulnerability may affect availability...

CVE-2021-46814

The video framework has an out-of-bounds memory read/write vulnerability. Successful exploitation of this vulnerability may affect system availability...

CVE-2021-46882

The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability...

CVE-2021-46886

The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability...

CVE-2021-46884

The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability...

CVE-2021-46881

The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability...

CVE-2021-3398

Stormshield Network Security SNS 3.x has an Integer Overflow in the high-availability component...

CVE-2021-24604

The Availability Calendar WordPress plugin before 1.2.2 does not sanitise or escape its Category Names before outputting them in page/post where the associated shortcode is embed, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...

CVE-2021-22491

There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability...

CVE-2021-22375

There is a Key Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality,availability and integrity...

CVE-2021-21488

Knowledge Management versions 7.01, 7.02, 7.30, 7.31, 7.40, 7.50 allows a remote attacker with basic privileges to deserialize user-controlled data without verification, leading to insecure deserialization which triggers the attacker’s code, therefore impacting Availability...

CVE-2020-14507

Advantech iView, versions 5.6 and prior, is vulnerable to multiple path traversal vulnerabilities that could allow an attacker to create/download arbitrary files, limit system availability, and remotely execute code...

CVE-2020-5885

On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1, BIG-IP systems set up for connection mirroring in a high availability HA pair transfer sensitive cryptographic objects over an insecure communications channel. This is a control plane issue which is exposed only o...

CVE-2020-9065

Huawei smart phone Taurus-AL00B with versions earlier than 10.0.0.203C00E201R7P2 have a use-after-free UAF vulnerability. An authenticated, local attacker may perform specific operations to exploit this vulnerability. Successful exploitation may tamper with the information to affect the...

CVE-2020-9103

HUAWEI Mate 20 smartphones with 9.0.0.205C00E205R2P1 have a logic error vulnerability. In a special scenario, the system does not properly process. As a result, attackers can perform a series of operations to successfully establish P2P connections that are rejected by the peer end. As a result, t...

CVE-2020-5860

On BIG-IP 15.0.0-15.1.0.2, 14.1.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5.1, and 11.5.2-11.6.5.1 and BIG-IQ 7.0.0, 6.0.0-6.1.0, and 5.2.0-5.4.0, in a High Availability HA network failover in Device Service Cluster DSC, the failover service does not require a strong form of authentication and HA...