Microfocus NetIQ Access Manager up to 4.5.3/5.0.0 cross site scripting

A vulnerability was found in Microfocus NetIQ Access Manager up to 4.5.3/5.0.0 (Access Management Software). It has been rated as

Common Vulnerabilities and Exposures

Nitro Pro PDF prior 13.31.0.605/13.33.2.645 PDF File use after free

A vulnerability classified as critical has been found in Nitro Pro PDF. Affected is an unknown code block of the

Common Vulnerabilities and Exposures

Netgear GC108P NSDP Packet /sqfs/bin/sccd improper authentication

A vulnerability was found in Netgear GC108P, GC108PP, GS108Tv3, GS110TPP, GS110TPv3, GS110TUP, GS308T, GS310TP, GS710TUP, GS716TP, GS716TPP, GS724TPP, GS724TPv2, GS728TPPv2,

Common Vulnerabilities and Exposures

Netgear GC108P HTTP Authentication improper authentication [CVE-2021-40867]

A vulnerability was found in Netgear GC108P, GC108PP, GS108Tv3, GS110TPP, GS110TPv3, GS110TUP, GS308T, GS310TP, GS710TUP, GS716TP, GS716TPP, GS724TPP, GS724TPv2, GS728TPPv2,

Common Vulnerabilities and Exposures

Aviatrix Controller prior 6.5-1804.1922 pathname traversal [CVE-2021-40870]

A vulnerability classified as critical has been found in Aviatrix Controller. This affects an unknown part. Upgrading to version 6.5-1804.1922

Common Vulnerabilities and Exposures

clearance up to 2.4.x Session return_to redirect

A vulnerability was found in clearance up to 2.4.x. It has been classified as critical. Affected is an unknown function

Common Vulnerabilities and Exposures

set-value up to 4.0.0 Parameter path type confusion

A vulnerability was found in set-value up to 4.0.0 and classified as critical. This issue affects some unknown processing of

Common Vulnerabilities and Exposures

Apache Any23 up to 2.4 YAMLExtractor.java Privilege Escalation

A vulnerability, which was classified as critical, was found in Apache Any23 up to 2.4. This affects an unknown code

Common Vulnerabilities and Exposures

Apache Any23 up to 2.4 StreamUtils.java xml external entity reference

A vulnerability has been found in Apache Any23 up to 2.4 and classified as problematic. This vulnerability affects an unknown

Common Vulnerabilities and Exposures

Dahua IPC-HX3XXX Data Packet improper authentication [CVE-2021-33044]

A vulnerability classified as critical was found in Dahua IPC-HX3XXX, HX5XXX, HUM7XXX, VTO75X95X, VTO65XXX, VTH542XH, SD1A1, SD22, SD49, SD50, SD52C,

Common Vulnerabilities and Exposures

Dahua IPC-HX3XXX Data Packet improper authentication [CVE-2021-33045]

A vulnerability, which was classified as critical, has been found in Dahua IPC-HX3XXX, HX5XXX, HUM7XXX, VTO75X95X, VTO65XXX, VTH542XH, NVR1XXX, NVR2XXX,

Common Vulnerabilities and Exposures

Facebook ParlAI up to 1.1.0 YAML deserialization

A vulnerability was found in Facebook ParlAI up to 1.1.0 (Social Network Software). It has been declared as critical. This

Common Vulnerabilities and Exposures

Facebook ParlAI up to 1.0.x YAML deserialization

A vulnerability was found in Facebook ParlAI up to 1.0.x (Social Network Software). It has been rated as critical. This

Common Vulnerabilities and Exposures

Translate Plugin up to 6.3.0.71 on ONLYOFFICE msg.data/text Privilege Escalation

A vulnerability classified as critical has been found in Translate Plugin up to 6.3.0.71 on ONLYOFFICE. Upgrading to version 6.3.0.72

Common Vulnerabilities and Exposures

GNU Mailman Postorius up to 1.3.4 POST Request views/list.py access control

A vulnerability has been found in GNU Mailman Postorius up to 1.3.4 (Mail Client Software) and classified as critical. Affected

Common Vulnerabilities and Exposures

Ionic Identity Vault up to 4 on Android improper authentication

A vulnerability was found in Ionic Identity Vault up to 4 on Android (Android App Software) and classified as critical.

Common Vulnerabilities and Exposures

btcpayserver Web Page Generation cross site scripting [CVE-2021-3646]

A vulnerability was found in btcpayserver (the affected version unknown). It has been classified as problematic. This affects an unknown

Common Vulnerabilities and Exposures

Zoho ManageEngine ADSelfService Plus up to 6111 Database Linking sql injection

A vulnerability, which was classified as critical, was found in Zoho ManageEngine ADSelfService Plus up to 6111. Affected is some

Common Vulnerabilities and Exposures

Custom Website Data Plugin up to 2.2 on WordPress Parameter ~/views/edit.php id cross site scripting

A vulnerability was found in Custom Website Data Plugin up to 2.2 on WordPress (WordPress Plugin). It has been rated

Common Vulnerabilities and Exposures

Advance Search Plugin up to 1.1.2 on WordPress Parameter html-advance-search-admin-options.php wpas_id cross site scripting

A vulnerability classified as problematic has been found in Advance Search Plugin up to 1.1.2 on WordPress (WordPress Plugin). Affected

Common Vulnerabilities and Exposures

spideranalyse Plugin up to 0.0.1 on WordPress Parameter ~/analyse/index.php date cross site scripting

A vulnerability classified as problematic was found in spideranalyse Plugin up to 0.0.1 on WordPress (WordPress Plugin). Affected by this

Common Vulnerabilities and Exposures

OSD Subscribe Plugin up to 1.2.3 on WordPress Parameter osd_subscribe_options_subscribers.php osd_subscribe_message cross site scripting

A vulnerability, which was classified as problematic, has been found in OSD Subscribe Plugin up to 1.2.3 on WordPress (WordPress

Common Vulnerabilities and Exposures

Web Push Notifications Plugin up to 2.1.8 on WordPress Parameter ~/includes/base.php feedify_msg cross site scripting

A vulnerability, which was classified as problematic, was found in Web Push Notifications Plugin up to 2.1.8 on WordPress (WordPress

Common Vulnerabilities and Exposures

Dropdown and Scrollable Text Plugin up to 2.0 on WordPress Parameter ~/index.php content cross site scripting

A vulnerability has been found in Dropdown and Scrollable Text Plugin up to 2.0 on WordPress (WordPress Plugin) and classified

Microfocus NetIQ Access Manager up to 4.5.3/5.0.0 cross site scripting