All Posts by: Virtual Patching

Zammad up to 4.1.0 Chat cross site scripting

A vulnerability, which was classified as problematic, was found in Zammad up to 4.1.0. This affects an unknown part of

Zammad up to 4.1.0 Article cross site scripting

A vulnerability has been found in Zammad up to 4.1.0 and classified as problematic. This vulnerability affects an unknown code

Common Vulnerabilities and Exposures

Node.js up to 12.22.3/14.17.3/16.5.x use after free [CVE-2021-22930]

A vulnerability was found in Node.js up to 12.22.3/14.17.3/16.5.x (JavaScript Library) and classified as critical. This issue affects an unknown

Common Vulnerabilities and Exposures

SilverStripe GraphQL Server up to 3.4.1 permission [CVE-2021-28661]

A vulnerability was found in SilverStripe GraphQL Server up to 3.4.1 (Content Management System). It has been classified as critical.

Common Vulnerabilities and Exposures

teddy Package up to 0.5.8 type confusion [CVE-2021-23447]

A vulnerability was found in teddy Package up to 0.5.8. It has been declared as critical. Affected by this vulnerability

Common Vulnerabilities and Exposures

Zoho ManageEngine ADManager Plus up to 7110 File Copy path traversal

A vulnerability was found in Zoho ManageEngine ADManager Plus up to 7110. It has been rated as critical. Affected by

Common Vulnerabilities and Exposures

Artica Integria IMS authorization [CVE-2021-3833]

A vulnerability classified as problematic has been found in Artica Integria IMS (the affected version unknown). This affects some unknown

Common Vulnerabilities and Exposures

Xshell prior 7.0.0.76 Title Bar denial of service

A vulnerability classified as problematic was found in Xshell. This vulnerability affects an unknown part of the component Title Bar

Common Vulnerabilities and Exposures

Concrete5 up to 8.5.4 IP Address server-side request forgery

A vulnerability, which was classified as critical, has been found in Concrete5 up to 8.5.4. This issue affects an unknown

Common Vulnerabilities and Exposures

SilverStripe up to 4.8.1 cross site scripting [CVE-2021-36150]

A vulnerability, which was classified as problematic, was found in SilverStripe up to 4.8.1 (Content Management System). Affected is an

Common Vulnerabilities and Exposures

Zoho ManageEngine ADManager Plus up to 7109 xml external entity reference

A vulnerability has been found in Zoho ManageEngine ADManager Plus up to 7109 and classified as problematic. Affected by this

Common Vulnerabilities and Exposures

Sophos HitmanPro.Alert prior Build 901 Privilege Escalation [CVE-2021-25270]

A vulnerability was found in Sophos HitmanPro.Alert and classified as very critical. Upgrading to version Build 901 eliminates this vulnerability.

Common Vulnerabilities and Exposures

Sophos HitmanPro prior Build 318 Privilege Escalation [CVE-2021-25271]

A vulnerability was found in Sophos HitmanPro. It has been classified as very critical. Upgrading to version Build 318 eliminates

Common Vulnerabilities and Exposures

JEECMS 1.1 /member-vipcenter.htm cross site scripting

A vulnerability was found in JEECMS 1.1. It has been declared as problematic. This vulnerability affects some unknown functionality of

Common Vulnerabilities and Exposures

Integria IMS 5.0.92 AsyncUpload unrestricted upload

A vulnerability was found in Integria IMS 5.0.92. It has been rated as critical. This issue affects the function AsyncUpload.

Common Vulnerabilities and Exposures

Meross MSG100 up to 3.2.2 Messages authentication replay

A vulnerability classified as critical has been found in Meross MSG100 up to 3.2.2. Affected is an unknown code of

Common Vulnerabilities and Exposures

Maianscriptworld Maian Cart 3.8 Elfinder Plugin access control

A vulnerability was found in Maianscriptworld Maian Cart 3.8. It has been declared as critical. Affected by this vulnerability is

Common Vulnerabilities and Exposures

Ping Identity PingFederate up to 10.3.0 XML File xml external entity reference

A vulnerability was found in Ping Identity PingFederate up to 10.3.0. It has been rated as problematic. Affected by this

Common Vulnerabilities and Exposures

Samsung CMFA Framework prior SMR Oct-2021 Release 1 cross site scripting

A vulnerability classified as problematic has been found in Samsung CMFA Framework. This affects an unknown part. Upgrading to version

Common Vulnerabilities and Exposures

Samsung livfivextractor prior SMR Oct-2021 Release 1 out-of-bounds read

A vulnerability classified as problematic was found in Samsung livfivextractor. This vulnerability affects an unknown code. Upgrading to version SMR

Common Vulnerabilities and Exposures

Samsung InputManagerService prior SMR Oct-2021 Release 1 Touch Event improper authentication

A vulnerability, which was classified as critical, has been found in Samsung InputManagerService. This issue affects an unknown code block

Common Vulnerabilities and Exposures

Samsung ipcdump prior SMR Oct-2021 Release 1 information disclosure

A vulnerability, which was classified as problematic, was found in Samsung ipcdump. Affected is some unknown processing. Upgrading to version

Common Vulnerabilities and Exposures

Samsung Modem Interface Driver prior SMR Oct-2021 Release 1 recv_data out-of-bounds read

A vulnerability has been found in Samsung Modem Interface Driver (Hardware Driver Software) and classified as problematic. Affected by this

Common Vulnerabilities and Exposures

Samsung keymaster prior SMR Oct-2021 Release 1 improper authentication

A vulnerability was found in Samsung keymaster and classified as problematic. Affected by this issue is an unknown functionality. Upgrading