Day: August 14, 2021

Sunhillo SureLine up to 8.7.0.1.0 /cgi/networkDiag.cgi ipAddr/dnsAddr os command injection

A vulnerability was found in Sunhillo SureLine up to 8.7.0.1.0. It has been rated as critical. This issue affects an

Huawei HG8045Q Command-Line Interface command injection [CVE-2021-37028]

A vulnerability classified as critical has been found in Huawei HG8045Q (version unknown). Affected is some unknown functionality of the

Common Vulnerabilities and Exposures

Hashicorp Vault/Vault Enterprise up to 1.7.3 default permission

A vulnerability classified as critical was found in Hashicorp Vault and Vault Enterprise up to 1.7.3. Affected by this vulnerability

Common Vulnerabilities and Exposures

Hashicorp Vault/Vault Enterprise up to 1.6.5/1.7.3 UI information disclosure

A vulnerability, which was classified as problematic, has been found in Hashicorp Vault and Vault Enterprise up to 1.6.5/1.7.3. Affected

Common Vulnerabilities and Exposures

ON24 ScreenShare up to 1.x on macOS Built-In HTTP server DesktopScreenShare.app information disclosure

A vulnerability, which was classified as problematic, was found in ON24 ScreenShare up to 1.x on macOS. This affects an

Common Vulnerabilities and Exposures

dated_news Extension up to 5.1.1 on TYPO3 Application Registration information disclosure

A vulnerability classified as problematic was found in dated_news Extension up to 5.1.1 on TYPO3. This vulnerability affects an unknown

Common Vulnerabilities and Exposures

Extbase Yaml Routes Extension up to 2.1.0 on TYPO3 CsrfTokenViewHelper information disclosure

A vulnerability, which was classified as problematic, has been found in Extbase Yaml Routes Extension up to 2.1.0 on TYPO3.

Common Vulnerabilities and Exposures

miniorange_saml Extension up to 1.4.2 on TYPO3 API Credential information disclosure

A vulnerability, which was classified as problematic, was found in miniorange_saml Extension up to 1.4.2 on TYPO3. Affected is some

Common Vulnerabilities and Exposures

dated_news Extension up to 5.1.1 on TYPO3 sql injection [CVE-2021-36789]

A vulnerability has been found in dated_news Extension up to 5.1.1 on TYPO3 and classified as critical. Affected by this

Common Vulnerabilities and Exposures

dated_news Extension up to 5.1.1 on TYPO3 access control [CVE-2021-36792]

A vulnerability was found in dated_news Extension up to 5.1.1 on TYPO3 and classified as critical. Affected by this issue

Common Vulnerabilities and Exposures

deferred_image_processing Extension up to 1.0.1 on TYPO3 FAL API /var/transient denial of service

A vulnerability was found in deferred_image_processing Extension up to 1.0.1 on TYPO3. It has been declared as problematic. This vulnerability

Common Vulnerabilities and Exposures

miniorange_saml Extension up to 1.4.2 on TYPO3 cross site scripting

A vulnerability was found in miniorange_saml Extension up to 1.4.2 on TYPO3. It has been rated as problematic. This issue

Common Vulnerabilities and Exposures

femanager Extension up to 5.5.0/6.3.0 on TYPO3 SVG Document cross site scripting

A vulnerability classified as problematic has been found in femanager Extension up to 5.5.0/6.3.0 on TYPO3. Affected is an unknown

Common Vulnerabilities and Exposures

yoast_seo Extension up to 7.2.2 on TYPO3 cross site scripting

A vulnerability classified as problematic was found in yoast_seo Extension up to 7.2.2 on TYPO3. Affected by this vulnerability is

Common Vulnerabilities and Exposures

dated_news Extension up to 5.1.1 on TYPO3 cross site scripting

A vulnerability, which was classified as problematic, has been found in dated_news Extension up to 5.1.1 on TYPO3. Affected by

Common Vulnerabilities and Exposures

OneFuzz up to 2.30.x API improper authorization

A vulnerability has been found in OneFuzz up to 2.30.x and classified as critical. This vulnerability affects an unknown code

Common Vulnerabilities and Exposures

AT&T Xmill 0.7 XML Decompression UncompressItem heap-based overflow

A vulnerability was found in AT&T Xmill 0.7 and classified as critical. This issue affects the function EnumerationUncompressor::UncompressItem of the

Common Vulnerabilities and Exposures

AT&T Xmill 0.7 XML Decompression LabelDict::Load heap-based overflow

A vulnerability was found in AT&T Xmill 0.7. It has been classified as critical. Affected is the function LabelDict::Load of

Common Vulnerabilities and Exposures

Discourse up to 2.7.7/2.8.0.beta3 Email session expiration

A vulnerability was found in Discourse up to 2.7.7/2.8.0.beta3. It has been declared as problematic. Affected by this vulnerability is

Common Vulnerabilities and Exposures

Discourse up to 2.7.7/2.8.0.beta4 information disclosure [CVE-2021-37703]

A vulnerability was found in Discourse up to 2.7.7/2.8.0.beta4. It has been rated as problematic. Affected by this issue is

Common Vulnerabilities and Exposures

Dut Computer Control Engineering PLC MAC1100 information disclosure

A vulnerability classified as problematic has been found in Dut Computer Control Engineering PLC MAC1100 (the affected version unknown). This

Common Vulnerabilities and Exposures

Dut Computer Control Engineering PLC MAC1100 EPA Protocol information disclosure

A vulnerability classified as problematic was found in Dut Computer Control Engineering PLC MAC1100 (the affected version is unknown). This

Common Vulnerabilities and Exposures

Bento4 1.5.1.0 Ap4Dec3Atom.cpp AP4_Dec3Atom heap-based overflow

A vulnerability, which was classified as problematic, has been found in Bento4 1.5.1.0 (Multimedia Player Software). This issue affects the