| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The distributed data service component has a vulnerability in data access control. Successful exploitation of this vulnerability may affect data confidentiality. |
| The cellular module has a vulnerability in permission management. Successful exploitation of this vulnerability may affect data confidentiality. |
| HwPCAssistant has a path traversal vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. |
| The Bluetooth module has an out-of-bounds write vulnerability. Successful exploitation of this vulnerability may result in malicious command execution at the remote end. |
| The CaasKit module has a path traversal vulnerability. Successful exploitation of this vulnerability may cause the MeeTime application to be unavailable. |
| The Bluetooth module has an out-of-bounds write vulnerability. Successful exploitation of this vulnerability may result in malicious command execution at the remote end. |
| A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp. |
| A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows a local user on a vulnerable system to unmount other users' filesystems that are either world-writable themselves (like /tmp) or mounted in a world-writable directory. An attacker may use this flaw to cause a denial of service to applications that use the affected filesystems. |
| A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows an unprivileged local attacker to unmount FUSE filesystems that belong to certain other users who have a UID that is a prefix of the UID of the attacker in its string form. An attacker may use this flaw to cause a denial of service to applications that use the affected filesystems. |
| django-helpdesk is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') |
| showdoc is vulnerable to Cross-Site Request Forgery (CSRF) |
| kimai2 is vulnerable to Improper Access Control |
| showdoc is vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) |
| showdoc is vulnerable to URL Redirection to Untrusted Site |
| kimai2 is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') |
| vim is vulnerable to Heap-based Buffer Overflow |
| kimai2 is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') |
| Linux distributions using CAP_SYS_NICE for gnome-shell may be exposed to a privilege escalation issue. An attacker, with low privilege permissions, may take advantage of the way CAP_SYS_NICE is currently implemented and eventually load code to increase its process scheduler priority leading to possible DoS of other services running in the same machine. |
| elgg is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor |
| invoiceninja is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') |