Common Package JSON Web Token authentication spoofing [CVE-2021-32631]
A vulnerability has been found in Common Package (the affected version is unknown) and classified as critical. This vulnerability affects
MISP 2.4.146 Galaxy Cluster Fork add.ctp cross site scripting
A vulnerability was found in MISP 2.4.146 and classified as problematic. Affected by this issue is an unknown part of
url-parse URL redirect [CVE-2021-3664]
A vulnerability, which was classified as critical, has been found in url-parse (unknown version). This issue affects an unknown function
Firefly III excessive authentication [CVE-2021-3663]
A vulnerability has been found in Firefly III (affected version unknown) and classified as problematic. Affected by this vulnerability is
Omeka Classic up to 2.7 cross site scripting [CVE-2021-26799]
A vulnerability classified as problematic has been found in Omeka Classic up to 2.7. Affected is an unknown code block.
GNU C Library up to 2.33 posix/wordexp.c parse_param memory corruption
A vulnerability, which was classified as critical, has been found in GNU C Library up to 2.33 (Software Library). This
ManageIQ jansa-4/kasparov-2/lasker-1 MiqExpression injection
A vulnerability, which was classified as critical, has been found in ManageIQ jansa-4/kasparov-2/lasker-1. This issue affects some unknown processing of
Artifex MuPDF up to 1.18.1 Cached Color Converter out-of-bounds write
A vulnerability was found in Artifex MuPDF up to 1.18.1 (Document Reader Software) and classified as critical. This issue affects
Schneider Electric Easergy T300 up to 2.7.1 information disclosure
A vulnerability has been found in Schneider Electric Easergy T300 up to 2.7.1 (SCADA Software) and classified as problematic. Affected
Schneider Electric Easergy T300 up to 2.7.1 csv injection [CVE-2021-22771]
A vulnerability was found in Schneider Electric Easergy T300 up to 2.7.1 (SCADA Software) and classified as problematic. Affected by
msgpack Unpack deserialization [CVE-2021-23410]
A vulnerability classified as critical has been found in msgpack (version unknown). Affected is an unknown code block of the
tinyexr 0.9.5 tinyexr.h tinyexr::DecodePixelData integer overflow
A vulnerability classified as critical has been found in tinyexr 0.9.5. Affected is the function tinyexr::DecodePixelData of the file tinyexr.h.
sam2p 0.49.4 cgif.c memory corruption
A vulnerability classified as critical was found in sam2p 0.49.4. Affected by this vulnerability is an unknown part of the
sam2p 0.49.4 Exception memory corruption
A vulnerability, which was classified as critical, has been found in sam2p 0.49.4. Affected by this issue is an unknown
matio 1.5.17 mat5.c Mat_VarReadNextInfo5 integer overflow
A vulnerability, which was classified as problematic, was found in matio 1.5.17. This affects the function Mat_VarReadNextInfo5 of the file
libheif 1.4.0 Exception denial of service
A vulnerability has been found in libheif 1.4.0 and classified as problematic. This vulnerability affects some unknown processing of the
anchorme main cross site scripting
A vulnerability classified as problematic has been found in anchorme (the affected version unknown). This affects the function main. Applying
GPAC MP4Box 0.8.0 box_code_apple.c ilst_item_Read denial of service
A vulnerability classified as problematic was found in GPAC MP4Box 0.8.0. This vulnerability affects the function ilst_item_Read of the file
Schneider Electric C-Bus Toolkit up to 1.15.8 missing authentication
A vulnerability, which was classified as critical, was found in Schneider Electric C-Bus Toolkit up to 1.15.8 (SCADA Software). Affected
libheif 1.4.0 get_references memory corruption
A vulnerability was found in libheif 1.4.0 and classified as critical. Affected by this issue is the function heif::Box_iref::get_references. Applying
systemd up to 248 basic/unit-name.c strdupa/alloca allocation of resources
A vulnerability was found in systemd up to 248. It has been rated as critical. Affected by this issue is
gdal up to 3.0.4 netCDF nc4_get_att stack-based overflow
A vulnerability has been found in gdal up to 3.0.4 and classified as critical. This vulnerability affects the function nc4_get_att
QPDF up to 10.0.4 Pl_ASCII85Decoder::write heap-based overflow
A vulnerability was found in QPDF up to 10.0.4. It has been classified as critical. This affects the function Pl_ASCII85Decoder::write.
Unicorn Engine 1.0.2 tb_flush_armeb out-of-bounds write
A vulnerability was found in Unicorn Engine 1.0.2. It has been declared as critical. This vulnerability affects the function tb_flush_armeb.