Cleo LexiCom 5.5.0.0 AS2 Message pathname traversal
A vulnerability classified as critical was found in Cleo LexiCom 5.5.0.0. Affected by this vulnerability is an unknown part of
Cleo LexiCom 5.5.0.0 AS2 Message unknown vulnerability
A vulnerability, which was classified as problematic, has been found in Cleo LexiCom 5.5.0.0. Affected by this issue is an
ZZIPlib 0.13.69 unzzip_cat_file zzip_file_read infinite loop
A vulnerability, which was classified as problematic, was found in ZZIPlib 0.13.69. This affects the function unzzip_cat_file. There is no
Bosch B426-CN/B429-CN/B426-M prior 3.08 Configuration Web Page access control
A vulnerability has been found in Bosch B426-CN, B429-CN and B426-M and classified as critical. This vulnerability affects some unknown
VMware Tools up to 11.2.x on Windows VM3DMP Driver denial of service
Overview : A vulnerability classified as critical has been found in VMware Tools up to 11.2.x on Windows. Affected Product(s)
Synology Calendar prior 2.4.0-0761 hard-coded credentials
A vulnerability, which was classified as critical, was found in Synology Calendar (Calendar Software). Affected is an unknown part. Upgrading
Synology Media Server prior 1.8.3-2881 server-side request forgery
A vulnerability has been found in Synology Media Server and classified as critical. Affected by this vulnerability is an unknown
Synology Download Station prior 3.8.16-3566 server-side request forgery
A vulnerability was found in Synology Download Station and classified as critical. Affected by this issue is an unknown code
Sonatype Nexus Repository Manager up to 3.30.x GET Request information disclosure
A vulnerability was found in Sonatype Nexus Repository Manager up to 3.30.x. It has been classified as problematic. This affects
Synology Download Station prior 3.8.16-3566 Task Management command injection
A vulnerability was found in Synology Download Station. It has been declared as critical. This vulnerability affects an unknown function
Synology Download Station prior 3.8.16-3566 privileges management
A vulnerability was found in Synology Download Station. It has been rated as critical. This issue affects an unknown functionality.
MantisBT up to 2.25.1 manage_custom_field_edit_page.php return cross site scripting
A vulnerability, which was classified as problematic, has been found in MantisBT up to 2.25.1 (Bug Tracking Software). Affected by
Symfony 5.3.0/5.3.1 improper authentication
A vulnerability, which was classified as critical, was found in Symfony 5.3.0/5.3.1. This affects an unknown functionality. Upgrading to version
Nextcloud App up to 3.16.0 on Android information disclosure
A vulnerability has been found in Nextcloud App up to 3.16.0 on Android (Android App Software) and classified as problematic.
CiviCRM up to 5.21.2/5.24.2 PHAR Archive unrestricted upload
A vulnerability was found in CiviCRM up to 5.21.2/5.24.2 and classified as critical. This issue affects an unknown part of
HashiCorp Nomad/Nomad Enterprise up to 1.0.4 Bridge Networking Mode unknown vulnerability
A vulnerability was found in HashiCorp Nomad and Nomad Enterprise up to 1.0.4. It has been classified as problematic. Affected
TrendNet TW100-S4W1CA 2.3.32 Web Page cross-site request forgery
A vulnerability was found in TrendNet TW100-S4W1CA 2.3.32. It has been declared as problematic. Affected by this vulnerability is an
TrendNet TW100-S4W1CA 2.3.32 Web Interface cross site scripting
A vulnerability was found in TrendNet TW100-S4W1CA 2.3.32. It has been rated as problematic. Affected by this issue is some
CiviCRM up to 5.27.4 ESR/5.28.0 CKEditor Configuration cross-site request forgery
A vulnerability classified as problematic has been found in CiviCRM up to 5.27.4 ESR/5.28.0. This affects an unknown function of
Nextcloud App up to 3.15.0 on Android denial of service
A vulnerability classified as problematic was found in Nextcloud App up to 3.15.0 on Android (Android App Software). This vulnerability
Trojan-Dropper.Win32.Googite.b Service Port 10002 backdoor
A vulnerability, which was classified as critical, has been found in Trojan-Dropper.Win32.Googite.b (unknown version). This issue affects some unknown functionality
CVE-2021-34815
CheckSec Canopy before 3.5.2 allows XSS attacks against the login page via the LOGIN_PAGE_DISCLAIMER parameter. (CVSS:0.0) (Last Update:2021-06-18)
CVE-2021-32536
The login page in the MCUsystem does not filter with special characters, which allows remote attackers can inject JavaScript without
CVE-2021-33347
An issue was discovered in JPress v3.3.0 and below. There are XSS vulnerabilities in the template module and tag management