All Posts by: Virtual Patching

PHPFusion 9.03.110 File Manager unrestricted upload

A vulnerability was found in PHPFusion 9.03.110. It has been rated as critical. Affected by this issue is an unknown

HPE 3PAR StoreServ code injection [CVE-2021-26588]

A vulnerability classified as very critical has been found in HPE 3PAR StoreServ, Primera Storage and Alletra 9000 Storage (the

Common Vulnerabilities and Exposures

keypair prior 1.0.4 window.crypto.getRandomValues weak prng

A vulnerability classified as problematic was found in keypair. This vulnerability affects the function window.crypto.getRandomValues. Upgrading to version 1.0.4 eliminates

Common Vulnerabilities and Exposures

Telus Wi-FI Hub 3.00.20 Authentication tr69_cmd.cgi command injection

A vulnerability, which was classified as critical, has been found in Telus Wi-FI Hub 3.00.20. This issue affects an unknown

Common Vulnerabilities and Exposures

Google Android 9.0/10.0 Bluetooth improper restriction of rendered ui layers

A vulnerability, which was classified as problematic, was found in Google Android 9.0/10.0 (Smartphone Operating System). Affected is an unknown

Common Vulnerabilities and Exposures

NetApp Cloud Manager up to 3.9.9 information disclosure [CVE-2021-27002]

A vulnerability has been found in NetApp Cloud Manager up to 3.9.9 (Cloud Software) and classified as problematic. Affected by

Common Vulnerabilities and Exposures

Exacq exacqVision Configuration privileges management [CVE-2021-27664]

A vulnerability was found in Exacq exacqVision (affected version not known) and classified as critical. Affected by this issue is

Common Vulnerabilities and Exposures

Exacq exacqVision integer overflow [CVE-2021-27665]

A vulnerability was found in Exacq exacqVision (the affected version unknown). It has been classified as problematic. This affects an

Common Vulnerabilities and Exposures

Huawei Hero-CT060 prior 1.0.0.200 improper authentication [CVE-2021-37123]

A vulnerability was found in Huawei Hero-CT060. It has been declared as critical. This vulnerability affects an unknown functionality. Upgrading

Common Vulnerabilities and Exposures

Kubernetes Java Client YAML input validation [CVE-2021-25738]

A vulnerability was found in Kubernetes Java Client (Virtualization Software) (unknown version). It has been rated as critical. This issue

Common Vulnerabilities and Exposures

LibreOffice up to 7.0.5/7.1.1 ODF Document certificate validation

A vulnerability classified as problematic has been found in LibreOffice up to 7.0.5/7.1.1 (Office Suite Software). Affected is an unknown

Common Vulnerabilities and Exposures

Basic V 1.21 run_interpreter buffer overflow

A vulnerability classified as critical was found in Basic V 1.21. Affected by this vulnerability is the function run_interpreter. There

Common Vulnerabilities and Exposures

Miniftpd ftpproto.c do_retr buffer overflow

A vulnerability, which was classified as critical, has been found in Miniftpd (File Transfer Software) (affected version not known). Affected

Common Vulnerabilities and Exposures

config-handler Config File code injection [CVE-2021-23448]

A vulnerability, which was classified as critical, was found in config-handler (the affected version unknown). This affects some unknown processing

Common Vulnerabilities and Exposures

check_smart up to 6.9.0 Regular Expression /dev/bus access control

A vulnerability has been found in check_smart up to 6.9.0 and classified as critical. This vulnerability affects the function check_smart

Common Vulnerabilities and Exposures

Orchard CMS up to 1.0.0 Password Change session expiration

A vulnerability has been found in Orchard CMS up to 1.0.0 (Content Management System) and classified as critical. Affected by

Common Vulnerabilities and Exposures

F-Secure Anti-Virus Engine AVPACK Module denial of service [CVE-2021-33603]

A vulnerability classified as problematic was found in F-Secure Anti-Virus Engine (Anti-Malware Software) (affected version unknown). Affected by this vulnerability

Common Vulnerabilities and Exposures

F-Secure Anti-Virus Engine AVRDL Unpacking Module denial of service

A vulnerability, which was classified as problematic, has been found in F-Secure Anti-Virus Engine (Anti-Malware Software) (affected version not known).

Common Vulnerabilities and Exposures

Subrion CMS 4.2.1 Visual-Mode sql injection

A vulnerability, which was classified as critical, was found in Subrion CMS 4.2.1 (Content Management System). This affects an unknown

Common Vulnerabilities and Exposures

Digi RealPort up to 4.8.488.0 on Windows ADDP Discovery Response Message buffer overflow

A vulnerability has been found in Digi RealPort up to 4.8.488.0 on Windows and classified as critical. This vulnerability affects

Common Vulnerabilities and Exposures

Flatpak up to 1.10.3/1.11.x seccomp Filter /.flatpak-info input validation

A vulnerability was found in Flatpak up to 1.10.3/1.11.x and classified as critical. This issue affects some unknown functionality of

Common Vulnerabilities and Exposures

Digi RealPort up to 4.8.488.0 Encrypted Mode channel accessible

A vulnerability was found in Digi RealPort up to 4.8.488.0. It has been classified as critical. Affected is an unknown

Common Vulnerabilities and Exposures

Alkacon OpenCms 11.0/11.0.1/11.0.2 SVG Document xml external entity reference

A vulnerability was found in Alkacon OpenCms 11.0/11.0.1/11.0.2. It has been declared as problematic. Affected by this vulnerability is an

Common Vulnerabilities and Exposures

Digi RealPort up to 4.8.488.0 Challenge-Response hash without salt

A vulnerability was found in Digi RealPort up to 4.8.488.0. It has been rated as problematic. Affected by this issue