4604 matches found
PT-2021-6503 · Unknown +1 · Tinyobjloader +1
Name of the Vulnerable Software and Affected Versions: tinyobjloader versions v2.0-rc1 through development commit 79d4421 Description: An improper array index validation issue exists in the LoadObj functionality, allowing a specially crafted file to potentially lead to code execution. An attacker...
PT-2021-3826 · Microsoft · Windows Bluetooth Driver +1
Name of the Vulnerable Software and Affected Versions: Windows Bluetooth Driver affected versions not specified Description: The issue is related to insufficient access control in the Windows Bluetooth Driver, which can be exploited to elevate privileges. This could allow an attacker to affect th...
PT-2021-4039 · Microsoft · Windows Digital Tv Tuner Device Registration Application +1
Name of the Vulnerable Software and Affected Versions: Windows Digital TV Tuner device registration application affected versions not specified Description: The issue is related to insufficient access restrictions in the Windows Digital TV Tuner device registration application, which can be...
PT-2021-3900 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Windows versions prior to the fixed version Description: The issue is related to the Windows User Profile Service and is associated with insufficient access restrictions. It allows an attacker to elevate their privileges. The vulnerability ca...
PT-2021-18161 · D Link · D-Link Dsl-2740E
Name of the Vulnerable Software and Affected Versions: D-Link DSL-2740R version UK 1.01 Description: A Null Pointer Dereference issue exists, which could allow a remote malicious user to cause a denial of service via the send hnap unauthorized function. This can be triggered by sending a crafted...
PT-2021-3865 · Typo3 · Typo3
Name of the Vulnerable Software and Affected Versions: TYPO3 versions 9.0.0 through 9.5.28 TYPO3 versions 10.0.0 through 10.4.17 TYPO3 versions 11.0.0 through 11.3.0 Description: The issue is related to the components QueryGenerator and QueryView in the TYPO3 content management system, which are...
Trend Micro InterScan Web Security Virtual Appliance (IWSVA) vulnerable to cross-site scripting
Overview Trend Micro Incorporated has released a security update for InterScan Web Security Virtual Appliance IWSVA. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solutions through JVN. Impact A user may be redirected to an arbitrary website due to the...
PT-2024-11336 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.13.0-rc7 Description: A vulnerability in the Linux kernel has been resolved, which involved a bad pointer dereference when the ehandler kthread is invalid. The issue occurred when the error handler thread fail...
CVE-2021-20221 affecting package qemu-kvm 4.2.0-48
CVE-2021-20221 affecting package qemu-kvm 4.2.0-48. A patched version of the package is available...
CVE-2007-2768 affecting package openssh 8.9p1-3
CVE-2007-2768 affecting package openssh 8.9p1-3. A patched version of the package is available...
CVE-2021-32730
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A cross-site request forgery vulnerability exists in versions prior to 12.10.5, and in versions 13.0 through 13.1. It's possible for forge an URL that, when accessed by an admin, will reset th...
PT-2021-10740 · Unknown · Phpgurukul Hospital Management System
Name of the Vulnerable Software and Affected Versions: PHPGurukul Hospital Management System in PHP version 4.0 Description: The issue concerns a SQL injection vulnerability located in the hmsadminbetweendates-detailsreports.php file. This vulnerability can be exploited by remote unauthenticated...
SAP Solution Manager 7.2 (ST 720) Open Redirection
Onapsis Security Advisory 2021-0005: SAP Solution Manager Open Redirect from Trace Analysis Impact on Business Under certain circumstances, an attacker might be able to steal a cookie from the application. It may impact the confidentiality of the service. Advisory Information - Public Release Dat...
PT-2021-15203
Name of the Vulnerable Software and Affected Versions PowerLogic EGX100 versions 3.0.0 and newer PowerLogic EGX300 all versions Description A CWE-20: Improper Input Validation issue exists that could cause denial of service or remote code execution via a specially crafted HTTP packet...
PT-2021-19360 · Opentext · Opentext Brava! Desktop
Name of the Vulnerable Software and Affected Versions: OpenText Brava! Desktop version 16.6.3.84 Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious file...
PT-2021-19379 · Opentext · Opentext Brava! Desktop
Name of the Vulnerable Software and Affected Versions: OpenText Brava! Desktop version 16.6.3.84 Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious file...
PT-2021-19365 · Opentext · Opentext Brava! Desktop
Name of the Vulnerable Software and Affected Versions: OpenText Brava! Desktop version 16.6.3.84 Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious file...
PT-2021-19378 · Opentext · Opentext Brava! Desktop
Name of the Vulnerable Software and Affected Versions: OpenText Brava! Desktop version 16.6.3.84 Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious file...
UBUNTU-CVE-2021-29507
GENIVI Diagnostic Log and Trace DLT provides a log and trace interface. In versions of GENIVI DLT between 2.10.0 and 2.18.6, a configuration file containing the special characters could cause a vulnerable component to crash. All the applications which are using the configuration file could fail t...
CVE-2021-29507
GENIVI Diagnostic Log and Trace (DLT) affects GENIVI DLT versions 2.10.0–2.18.6. The vulnerability arises when a configuration file contains special characters, causing a vulnerable component to crash and preventing applications from generating dlt logs. As documented, there was no patch at publi...