CVE-2021-32786 22 Jul 2021
mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authentic... Read more ➔
CVE-2021-32785 22 Jul 2021
mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authentic... Read more ➔
CVE-2021-34268 22 Jul 2021
An issue in the USBH_ParseDevDesc() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below causes a denial of service (DOS) via a malfor... Read more ➔
CVE-2021-34267 22 Jul 2021
An in the USBH_MSC_InterfaceInit() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below causes a denial of service (DOS) when the syst... Read more ➔
CVE-2021-34262 22 Jul 2021
A buffer overflow vulnerability in the USBH_ParseEPDesc() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below allows attackers to exe... Read more ➔
CVE-2021-34261 22 Jul 2021
An issue in USBH_ParseCfgDesc() of STMicroelectronics STM32Cube Middleware v1.8.0 and below causes a denial of service due to the system hanging when... Read more ➔
CVE-2021-34260 22 Jul 2021
A buffer overflow vulnerability in the USBH_ParseInterfaceDesc() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below allows attackers... Read more ➔
CVE-2021-34259 22 Jul 2021
A buffer overflow vulnerability in the USBH_ParseCfgDesc() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below allows attackers to ex... Read more ➔
CVE-2021-25213 22 Jul 2021
SQL injection vulnerability in SourceCodester Travel Management System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the cati... Read more ➔
CVE-2021-25211 22 Jul 2021
Arbitrary file upload vulnerability in SourceCodester Ordering System v 1.0 allows attackers to execute arbitrary code, via the file upload to orderin... Read more ➔
CVE-2021-25209 22 Jul 2021
SQL injection vulnerability in SourceCodester Theme Park Ticketing System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the i... Read more ➔
CVE-2021-25205 22 Jul 2021
SQL injection vulnerability in SourceCodester E-Commerce Website V 1.0 allows remote attackers to execute arbitrary SQL statements, via the update par... Read more ➔
CVE-2020-22284 22 Jul 2021
A buffer overflow vulnerability in the zepif_linkoutput() function of Free Software Foundation lwIP git head version and version 2.1.2 allows attacker... Read more ➔
CVE-2020-22283 22 Jul 2021
A buffer overflow vulnerability in the icmp6_send_response_with_addrs_and_netif() function of Free Software Foundation lwIP version git head allows at... Read more ➔
CVE-2021-3540 22 Jul 2021
By abusing the 'install rpm info detail' command, an attacker can escape the restricted clish shell on affected versions of Ivanti MobileIron Core. Th... Read more ➔
CVE-2021-3198 22 Jul 2021
By abusing the 'install rpm url' command, an attacker can escape the restricted clish shell on affected versions of Ivanti MobileIron Core. This issue... Read more ➔
CVE-2021-3619 22 Jul 2021
Rapid7 Velociraptor 0.5.9 and prior is vulnerable to a post-authentication persistent cross-site scripting (XSS) issue, where an authenticated user co... Read more ➔
CVE-2021-31581 22 Jul 2021
The restricted shell provided by Akkadian Provisioning Manager Engine (PME) can be escaped by abusing the 'Edit MySQL Configuration' command. This com... Read more ➔
CVE-2021-31580 22 Jul 2021
The restricted shell provided by Akkadian Provisioning Manager Engine (PME) can be bypassed by switching the OpenSSH channel from `shell` to `exec` an... Read more ➔
CVE-2021-31579 22 Jul 2021
Akkadian Provisioning Manager Engine (PME) ships with a hard-coded credential, akkadianuser:haakkadianpassword. This issue was resolved in Akkadian OV... Read more ➔
CVE-2021-27332 22 Jul 2021
Cross-site scripting (XSS) vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to inject arbitrary web scr... Read more ➔
CVE-2021-26224 22 Jul 2021
Cross-site scripting (XSS) vulnerability in SourceCodester Fantastic-Blog-CMS V 1.0 allows remote attackers to inject arbitrary web script or HTML via... Read more ➔
CVE-2021-26223 22 Jul 2021
SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via... Read more ➔
CVE-2021-25212 22 Jul 2021
SQL injection vulnerability in SourceCodester Alumni Management System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id p... Read more ➔
CVE-2021-25210 22 Jul 2021
Arbitrary file upload vulnerability in SourceCodester Alumni Management System v 1.0 allows attackers to execute arbitrary code, via the file upload t... Read more ➔