CVE-2021-24298

CVE-2021-24298 affects WordPress Simple Giveaways plugin versions before 2.36.2. The vulnerability is a reflected XSS in the Giveaway pages caused by unsanitized, unvalidated, and unescaped method and share GET parameters that are echoed back in the page output. Exploitation would allow an attack...

CVE-2021-3537

A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest...

CVE-2020-11294

Out of bound write in logger due to prefix size is not validated while prepended to logging string in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables...

Design/Logic Flaw

Out of bound write in logger due to prefix size is not validated while prepended to logging string in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables...

CVE-2021-21329 Multi Factor Authentication Token Improperly Validated On User Login

RATCF is an open-source framework for hosting Cyber-Security Capture the Flag events. In affected versions of RATCF users with multi factor authentication enabled are able to log in without a valid token. This is fixed in commit cebb67b...

CVE-2020-29443

ideatapicmdreplyend in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated...

Grammarly: Config override using non-validated query parameter allows at least reflected XSS by injecting configuration into state

Hi, First, I just want to say after spending a few days on your assets that I'm really impressed by the high security standard of the apps exposed. It has not been easy to find issues. I really like the way you've structured your API-routes in a way that almost eliminates a bunch of access issues...

Microsoft Office 代码问题漏洞

Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, etc.. Microsoft Office suffers from a code issue vulnerability that stems from the program not properly validatin...

fabric8-analytics-lsp-server (=0.3.0), graphql-validated-types (>=2.7.0 <=2.11.0) +1 more potentially affected by unknown CVE via semver-regex (>=3.0.0 <=3.1.1)

semver-regex NPM version =3.0.0, =2.7.0, =1.2.0, =1.2.3 Source cves: unknown CVE Source advisory: SNYK:JS-SEMVERREGEX-1047770...

[SECURITY] Fedora 32 Update: rpki-client-6.8p1-1.fc32

The OpenBSD rpki-client is a free, easy-to-use implementation of the Resource Public Key Infrastructure RPKI for Relying Parties RP to facilitate validation of the Route Origin of a BGP announcement. The program queries the RPKI repository system, downloads and validates Route Origin Authorisatio...

PT-2020-6171 · Ibm +9 · Aix +12

Name of the Vulnerable Software and Affected Versions: IBM Power9 AIX 7.1, 7.2, and VIOS 3.1 processors IBM Power9 processors Description: The issue is related to speculation on incompletely validated data, which could allow a local user to obtain sensitive information from the data in the L1 cac...

kernel: null-pointer dereference in drivers/net/fjes/fjes_main.c

A flaw was found in the Linux kernel. A NULL pointer dereference flaw was found in the FUJITSU Extended Socket Network driver. A call to the allocworkqueue return was not validated and causes a denial of service at the time of failure. The highest threat from this vulnerability is to system...

Code injection

eM Client before 7.2.33412.0 automatically imported S/MIME certificates and thereby silently replaced existing ones. This allowed a man-in-the-middle attacker to obtain an email-validated S/MIME certificate from a trusted CA and replace the public key of the entity to be impersonated. This enable...

CVE-2020-13941

A flaw was found in Solr. The Replication handler allows commands backup, restore, and delete backup that take non-validated allocation parameters which may result in the exfiltration of sensitive data such as OS user hashes NTLM/LMhashes. The highest threat from this vulnerability is to data...

CVE-2020-10780

Red Hat CloudForms 4.7 and 5 is affected by CSV Injection flaw, a crafted payload stays dormant till a victim export as CSV and opens the file with Excel. Once the victim opens the file, the formula executes, triggering any number of possible events. While this is strictly not an flaw that affect...

CVE-2020-13845

Sylabs Singularity 3.0 through 3.5 has Improper Validation of an Integrity Check Value. Image integrity is not validated when an ECL policy is enforced. The fingerprint required by the ECL is compared against the signature object descriptors in the SIF file, rather than to a cryptographically...

CVE-2020-13845

CVE-2020-13845 affects Sylabs Singularity 3.0–3.5. The vulnerability is improper validation of an integrity check value: image integrity is not validated when an ECL policy is enforced, because the fingerprint is compared against the SIF descriptor instead of a cryptographically validated signatu...

Cisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution (cisco-sa-20180620-fxnxos-dos)

According to its self-reported version, Cisco NX-OS Software is affected by a vulnerability in the Cisco Discovery Protocol due to insufficiently validated packet headers. An unauthenticated, adjacent attacker can exploit this, via a crafted Cisco Discovery Protocol packet, to execute arbitrary...

CVE-2020-12144 The certificate used to identify the Silver Peak Cloud Portal to EdgeConnect devices is not validated

The certificate used to identify the Silver Peak Cloud Portal to EdgeConnect devices is not validated. This makes it possible for someone to establish a TLS connection from EdgeConnect to an untrusted portal...

Authentication Bypass

Tomcat is vulnerable to authentication bypass vulnerability. This is because, when using an OCSP responder Apache Tomcat Native does not correctly handle invalid responses. Users could authenticate with revoked certificates when using mutual TLS as the revoked client certificates are improperly...