Day: August 26, 2021

DOYOCMS 2.3 admin.php orders[] sql injection

A vulnerability was found in DOYOCMS 2.3. It has been declared as critical. Affected by this vulnerability is some unknown

Common Vulnerabilities and Exposures

Movable Type Search Screen cross site scripting [CVE-2021-20808]

A vulnerability was found in Movable Type (affected version not known). It has been rated as problematic. Affected by this

Common Vulnerabilities and Exposures

Movable Type Create Screen cross site scripting [CVE-2021-20809]

A vulnerability classified as problematic has been found in Movable Type (the affected version unknown). This affects an unknown code

Common Vulnerabilities and Exposures

Cisco Nexus 9000 ACI Mode release of resource

A vulnerability was found in Cisco Nexus 9000 9000 and classified as problematic. This issue affects some unknown functionality of

Common Vulnerabilities and Exposures

BinderHub prior 0.2.0-n653 BinderHub.repo_providers code injection

A vulnerability was found in BinderHub. It has been classified as critical. Affected is the function BinderHub.repo_providers. Upgrading to version

Common Vulnerabilities and Exposures

GitLab Community Edition/Enterprise Edition Project Page denial of service

A vulnerability was found in GitLab Community Edition and Enterprise Edition (Bug Tracking Software) (affected version unknown). It has been

Common Vulnerabilities and Exposures

OpenEXR up to 3.0.4 rleUncompress out-of-bounds read

A vulnerability was found in OpenEXR up to 3.0.4. It has been rated as problematic. Affected by this issue is

Common Vulnerabilities and Exposures

QEMU up to 6.1.x UAS Device Emulator data3/status3 out-of-bounds write

A vulnerability classified as critical has been found in QEMU up to 6.1.x (Virtualization Software). This affects some unknown processing

Common Vulnerabilities and Exposures

baserCMS Management System cross site scripting [CVE-2021-39136]

A vulnerability classified as problematic was found in baserCMS (Content Management System) (the affected version is unknown). This vulnerability affects

Common Vulnerabilities and Exposures

nbgitpuller up to 0.10.1 code injection [CVE-2021-39160]

A vulnerability, which was classified as critical, has been found in nbgitpuller up to 0.10.1. This issue affects an unknown

Common Vulnerabilities and Exposures

PoDoFo 0.9.6 PdfDictionary.cpp stack-based overflow

A vulnerability, which was classified as problematic, was found in PoDoFo 0.9.6 (Document Reader Software). Affected is some unknown functionality

Common Vulnerabilities and Exposures

PoDoFo 0.9.6 src/base/PdfToenizer.cpp IsNextToken information disclosure

A vulnerability has been found in PoDoFo 0.9.6 (Document Reader Software) and classified as problematic. Affected by this vulnerability is

Common Vulnerabilities and Exposures

NASM Netwide Assembler 2.15.xx crc64 crc64i buffer overflow

A vulnerability was found in NASM Netwide Assembler 2.15.xx (Programming Tool Software) and classified as critical. Affected by this issue

Common Vulnerabilities and Exposures

tcpreplay 4.3.2 PCAP File checksum.c do_checksum buffer overflow

A vulnerability was found in tcpreplay 4.3.2. It has been classified as problematic. This affects the function do_checksum of the

Common Vulnerabilities and Exposures

MZ Automation lib60870.NET 2.2.0 Messages denial of service

A vulnerability was found in MZ Automation lib60870.NET 2.2.0 (Automation Software). It has been declared as problematic. This vulnerability affects

Common Vulnerabilities and Exposures

GPAC Advanced Content 1.0.1 MPEG-4 Decoding heap-based overflow

A vulnerability was found in GPAC Advanced Content 1.0.1. It has been declared as critical. Affected by this vulnerability is

Common Vulnerabilities and Exposures

CODESYS Development System 3.5.16/3.5.17 Engine Plugin deserialization

A vulnerability was found in CODESYS Development System 3.5.16/3.5.17. It has been rated as critical. Affected by this issue is

Common Vulnerabilities and Exposures

GitLab Community Edition/Enterprise Edition 14.1 OAuth Client ID handling Privilege Escalation

A vulnerability classified as critical has been found in GitLab Community Edition and Enterprise Edition 14.1 (Bug Tracking Software). This

Common Vulnerabilities and Exposures

GitLab Community Edition/Enterprise Edition up to 13.12.8/14.0.6/14.1.1 Impersonation Token access control

A vulnerability classified as problematic was found in GitLab Community Edition and Enterprise Edition up to 13.12.8/14.0.6/14.1.1 (Bug Tracking Software).

Common Vulnerabilities and Exposures

GitLab Community Edition/Enterprise Edition 7.10 Invite URL improper authentication

A vulnerability, which was classified as critical, has been found in GitLab Community Edition and Enterprise Edition 7.10 (Bug Tracking

Common Vulnerabilities and Exposures

GitLab Enterprise Edition 13.1 Vulnerability Report improper authorization

A vulnerability, which was classified as problematic, was found in GitLab Enterprise Edition 13.1 (Bug Tracking Software). Affected is some

Common Vulnerabilities and Exposures

GitLab Community Edition/Enterprise Edition 13.0 Private Project improper authorization

A vulnerability has been found in GitLab Community Edition and Enterprise Edition 13.0 (Bug Tracking Software) and classified as critical.

Common Vulnerabilities and Exposures

GitLab Community Edition/Enterprise Edition 13.3 Impersonation Token improper authorization

A vulnerability was found in GitLab Community Edition and Enterprise Edition 13.3 (Bug Tracking Software) and classified as critical. Affected

Common Vulnerabilities and Exposures

GitLab Community Edition/Enterprise Edition 12.6 Issue improper authorization

A vulnerability was found in GitLab Community Edition and Enterprise Edition 12.6 (Bug Tracking Software). It has been classified as