All Posts by: Virtual Patching

Apple macOS XNU Kernel type confusion [CVE-2021-30869]

A vulnerability has been found in Apple macOS (Operating System) (the affected version is unknown) and classified as critical. This

Common Vulnerabilities and Exposures

Oracle Linux 7/8 OSwatcher Privilege Escalation

A vulnerability was found in Oracle Linux 7/8 and classified as very critical. This issue affects an unknown code block

Common Vulnerabilities and Exposures

Concrete CMS up to 8.5.5 Phar Deserialization is_dir deserialization

A vulnerability was found in Concrete CMS up to 8.5.5 (Content Management System) and classified as critical. Affected by this

Common Vulnerabilities and Exposures

Concrete CMS up to 8.5.5 Update JSON Scheme Privilege Escalation

A vulnerability was found in Concrete CMS up to 8.5.5 (Content Management System). It has been classified as critical. This

Common Vulnerabilities and Exposures

Apache Druid 0.21.0/0.21.1 HTTP InputSource information disclosure

A vulnerability was found in Apache Druid 0.21.0/0.21.1. It has been rated as problematic. This issue affects some unknown processing

Common Vulnerabilities and Exposures

Concrete CMS up to 8.5.5 Conversation cross site scripting

A vulnerability classified as problematic has been found in Concrete CMS up to 8.5.5 (Content Management System). Affected is an

Common Vulnerabilities and Exposures

Gradle Enterprise prior 2021.1.3 server-side request forgery

A vulnerability classified as critical was found in Gradle Enterprise. Affected by this vulnerability is an unknown functionality. Upgrading to

Common Vulnerabilities and Exposures

Gradle Enterprise prior 2021.1.3 Java Object deserialization

A vulnerability, which was classified as critical, has been found in Gradle Enterprise. Affected by this issue is some unknown

Common Vulnerabilities and Exposures

Apple iOS up to 12.5.4 XNU Kernel type confusion

A vulnerability, which was classified as critical, was found in Apple iOS up to 12.5.4 (Smartphone Operating System). This affects

Common Vulnerabilities and Exposures

Absolutely Glamorous Custom Admin Plugin up to 6.8 on WordPress Settings cross site scripting

A vulnerability classified as problematic was found in Absolutely Glamorous Custom Admin Plugin up to 6.8 on WordPress (WordPress Plugin).

Common Vulnerabilities and Exposures

iQ Block Country Plugin up to 1.2.11 on WordPress Parameter blockcountry_blockmessage cross site scripting

A vulnerability, which was classified as problematic, was found in iQ Block Country Plugin up to 1.2.11 on WordPress (WordPress

Common Vulnerabilities and Exposures

Discourse 2.3.2/2.6 Email server-side request forgery

A vulnerability has been found in Discourse 2.3.2/2.6 and classified as critical. Affected by this vulnerability is an unknown code

Common Vulnerabilities and Exposures

D-Link DIR-3040 1.13B03 WiFi Smart Mesh information disclosure

A vulnerability was found in D-Link DIR-3040 1.13B03 (Router Operating System) and classified as problematic. Affected by this issue is

Common Vulnerabilities and Exposures

UniFi Talk Application up to 1.12.3 code injection [CVE-2021-22952]

A vulnerability was found in UniFi Talk Application up to 1.12.3. It has been classified as critical. This affects an

Common Vulnerabilities and Exposures

OpenVPN Access Server up to 2.9.4 Web Login Page injection

A vulnerability was found in OpenVPN Access Server up to 2.9.4 (Network Encryption Software). It has been declared as problematic.

Common Vulnerabilities and Exposures

Concrete CMS up to 8.5.5 Conversation cross-site request forgery

A vulnerability was found in Concrete CMS up to 8.5.5 (Content Management System). It has been rated as problematic. This

Common Vulnerabilities and Exposures

Elvish up to 0.13.x Web UI Backend exposure of resource

A vulnerability classified as critical has been found in Elvish up to 0.13.x. Affected is an unknown part of the

Common Vulnerabilities and Exposures

ABB free@home System Access Point Firewall signature verification

A vulnerability classified as problematic was found in ABB free@home System Access Point (affected version unknown). Affected by this vulnerability

Common Vulnerabilities and Exposures

libcurl up to 7.73.0/7.78.0 MQTT double free

A vulnerability, which was classified as problematic, has been found in libcurl up to 7.73.0/7.78.0 (Network Utility Software). Affected by

Common Vulnerabilities and Exposures

Concrete CMS up to 8.5.5 Disk Space cross-site request forgery

A vulnerability, which was classified as problematic, was found in Concrete CMS up to 8.5.5 (Content Management System). This affects

Common Vulnerabilities and Exposures

Concrete CMS up to 8.5.5 cross-site request forgery [CVE-2021-22953]

A vulnerability has been found in Concrete CMS up to 8.5.5 (Content Management System) and classified as problematic. This vulnerability

Common Vulnerabilities and Exposures

Panda Adaptive Defense 360 up to 8.0.17 Agent access control

A vulnerability was found in Panda Adaptive Defense 360 up to 8.0.17 and classified as critical. This issue affects an

Common Vulnerabilities and Exposures

Payara Micro Community up to 5.2021.6 pathname traversal [CVE-2021-41381]

A vulnerability was found in Payara Micro Community up to 5.2021.6. It has been classified as critical. Affected is some