| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| An issue was discovered in write_tpt_entry in drivers/infiniband/hw/cxgb4/mem.c in the Linux kernel through 5.3.2. The cxgb4 driver is directly calling dma_map_single (a DMA function) from a stack variable. This could allow an attacker to trigger a Denial of Service, exploitable if this driver is used on an architecture for which this stack/DMA interaction has security relevance. |
| An issue was discovered in XunRuiCMS 4.3.1. There is a stored XSS in the module_category area. |
| emlog through 6.0.0beta allows remote authenticated users to delete arbitrary files via admin/template.php?action=del&tpl=../ directory traversal. |
| The new-contact-form-widget (aka Contact Form Widget - Contact Query, Form Maker) plugin 1.0.9 for WordPress has SQL Injection via all-query-page.php. |
| The client-dash (aka Client Dash) plugin 2.1.4 for WordPress allows XSS. |
| The liquid-speech-balloon (aka LIQUID SPEECH BALLOON) plugin before 1.0.7 for WordPress allows XSS with Internet Explorer. |
| PuTTY before 0.73 might allow remote SSH-1 servers to cause a denial of service by accessing freed memory locations via an SSH1_MSG_DISCONNECT message. |
| PuTTY before 0.73 mishandles the "bracketed paste mode" protection mechanism, which may allow a session to be affected by malicious clipboard content. |
| PuTTY before 0.73 on Windows improperly opens port-forwarding listening sockets, which allows attackers to listen on the same port to steal an incoming connection. |
| In Ivanti WorkSpace Control before 10.4.40.0, a user can elevate rights on the system by hijacking certain user registries. This is possible because pwrgrid.exe first checks the Current User registry hives (HKCU) when starting an application with elevated rights. |
| Catalog.cc in Xpdf 4.02 has a NULL pointer dereference because Catalog.pageLabels is initialized too late in the Catalog constructor. |
| In Snowtide PDFxStream before 3.7.1 (for Java), a crafted PDF file can trigger an extremely long running computation because of page-tree mishandling. |
| An issue was discovered in OXID eShop 6.x before 6.0.6 and 6.1.x before 6.1.5, OXID eShop Enterprise Edition Version 5.2.x-5.3.x, OXID eShop Professional Edition Version 4.9.x-4.10.x and OXID eShop Community Edition Version: 4.9.x-4.10.x. By using a specially crafted URL, users with administrative rights could unintentionally grant unauthorized users access to the admin panel via session fixation. |
| The Bluetooth Low Energy (BLE) stack implementation on Cypress PSoC 4 through 3.62 devices does not properly restrict the BLE Link Layer header and executes certain memory contents upon receiving a packet with a Link Layer ID (LLID) equal to zero. This allows attackers within radio range to cause deadlocks, cause anomalous behavior in the BLE state machine, or trigger a buffer overflow via a crafted BLE Link Layer frame. |
| The Bluetooth Low Energy (BLE) stack implementation on the NXP KW41Z (based on the MCUXpresso SDK with Bluetooth Low Energy Driver 2.2.1 and earlier) does not properly restrict the BLE Link Layer header and executes certain memory contents upon receiving a packet with a Link Layer ID (LLID) equal to zero. This allows attackers within radio range to cause deadlocks, cause anomalous behavior in the BLE state machine, or trigger a buffer overflow via a crafted BLE Link Layer frame. |
| A shell injection vulnerability on the Sophos Cyberoam firewall appliance with CyberoamOS before 10.6.6 MR-6 allows remote attackers to execute arbitrary commands via the Web Admin and SSL VPN consoles. |
| Footy Tipping Software AFL Web Edition 2019 allows arbitrary file upload and resultant remote code execution because a whitelist can be bypassed by an Administrator who uploads a crafted upload.dat file. |
| Footy Tipping Software AFL Web Edition 2019 allows XSS. |
| llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176. |
| base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21. |
