OWASP 2021 Detailed Report: See What’s Changed!
Everyone knowing about OWASP must be curious about what’s modified withinside the Top 10 for 2021. Here’s What’s New in
Contact Form Email Plugin up to 1.3.24 on WordPress cp-admin-int-list.inc.php name cross site scripting
A vulnerability was found in Contact Form Email Plugin up to 1.3.24 on WordPress (WordPress Plugin). It has been rated
Pterodactyl up to 1.6.5 cross-site request forgery [CVE-2021-41273]
A vulnerability classified as problematic has been found in Pterodactyl up to 1.6.5. Affected is some unknown processing. Upgrading to
spree_auth_devise up to 4.2.0/4.4.0 config/application.rb cross-site request forgery
A vulnerability classified as problematic was found in spree_auth_devise up to 4.2.0/4.4.0. Affected by this vulnerability is an unknown function
Metabase up to 0.40.4/1.40.4 Custom GeoJSON Map file inclusion
A vulnerability, which was classified as critical, has been found in Metabase up to 0.40.4/1.40.4. Affected by this issue is
Intel HAXM up to 7.6.5 information disclosure [CVE-2021-0182]
A vulnerability, which was classified as problematic, was found in Intel HAXM up to 7.6.5. This affects some unknown functionality.
CKEditor4 up to 4.16.x Advanced Content Filter cross site scripting
A vulnerability has been found in CKEditor4 up to 4.16.x and classified as problematic. This vulnerability affects an unknown part
CKEditor4 up to 4.16.x HTML Processing Module cross site scripting
A vulnerability was found in CKEditor4 up to 4.16.x and classified as problematic. This issue affects an unknown code of
Intel PROSet/Wireless WiFi/Killer WiFi Firmware Initialization information disclosure
A vulnerability was found in Intel PROSet, Wireless WiFi and Killer WiFi (Wireless LAN Software) (version unknown). It has been
Intel PROSet/Wireless WiFi/Killer WiFi input validation [CVE-2021-0078]
A vulnerability was found in Intel PROSet, Wireless WiFi and Killer WiFi (Wireless LAN Software) (affected version not known). It
OCI Distribution Spec up to 1.0.0 Content-Type Header mediaType type confusion
A vulnerability classified as problematic has been found in OCI Distribution Spec up to 1.0.0. This affects an unknown functionality
Amazon FreeRTOS up to 10.4.2-LTS/10.4.5 on ARMv7-M/ARMv8-M xPortRaisePrivilege/vPortResetPrivilege access control
A vulnerability classified as critical was found in Amazon FreeRTOS up to 10.4.2-LTS/10.4.5 on ARMv7-M/ARMv8-M. This vulnerability affects the function
Intel PROSet/Wireless WiFi/Killer WiFi Firmware out-of-bounds write
A vulnerability, which was classified as critical, has been found in Intel PROSet, Wireless WiFi and Killer WiFi (Wireless LAN
Intel SSD DC Log File information disclosure [CVE-2021-0148]
A vulnerability, which was classified as problematic, was found in Intel SSD DC (version unknown). Affected is an unknown code
Intel HAXM up to 7.6.5 access control [CVE-2021-0180]
A vulnerability has been found in Intel HAXM up to 7.6.5 and classified as critical. Affected by this vulnerability is
Intel OpenVINO Toolkit prior 2021.4 resource consumption [CVE-2021-33073]
A vulnerability was found in Intel OpenVINO Toolkit and classified as problematic. Affected by this issue is some unknown processing.
Intel Ethernet ixgbe Driver prior 3.17.3 on Linux denial of service
A vulnerability was found in Intel Ethernet ixgbe Driver on Linux (Hardware Driver Software). It has been classified as problematic.
Styra Open Policy Agent Gatekeeper up to 3.7.0 Data Replication access control [Disputed]
A vulnerability was found in Styra Open Policy Agent Gatekeeper up to 3.7.0. It has been declared as critical. This
ArangoDB up to 3.8.3 Password Change session expiration
A vulnerability was found in ArangoDB up to 3.8.3. It has been rated as problematic. This issue affects some unknown
AMD Platform Security Processor Image insufficient verification of data authenticity
A vulnerability classified as critical has been found in AMD Platform Security Processor (version unknown). Affected is an unknown part
AMD EPYC Private Key key management [CVE-2021-26322]
A vulnerability classified as problematic was found in AMD EPYC (affected version unknown). Affected by this vulnerability is an unknown
AMD EPYC SNP memory corruption [CVE-2021-26323]
A vulnerability, which was classified as critical, has been found in AMD EPYC (affected version not known). Affected by this
AMD EPYC SNP_GUEST_REQUEST Command denial of service [CVE-2021-26325]
A vulnerability, which was classified as problematic, was found in AMD EPYC (the affected version unknown). This affects some unknown
AMD EPYC SNP_INIT VM_HSAVE_PA initialization
A vulnerability has been found in AMD EPYC (the affected version is unknown) and classified as problematic. Upgrading eliminates this