| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| A Reliance on Untrusted Inputs in a Security Decision vulnerability in Rancher allows users in the cluster to act as others users in the cluster by forging the "Impersonate-User" or "Impersonate-Group" headers. This issue affects: Rancher versions prior to 2.5.9. Rancher versions prior to 2.4.16. |
| A Incorrect Default Permissions vulnerability in the packaging of inn of SUSE Linux Enterprise Server 11-SP3; openSUSE Backports SLE-15-SP2, openSUSE Leap 15.2 allows local attackers to escalate their privileges from the news user to root. This issue affects: SUSE Linux Enterprise Server 11-SP3 inn version inn-2.4.2-170.21.3.1 and prior versions. openSUSE Backports SLE-15-SP2 inn versions prior to 2.6.2. openSUSE Leap 15.2 inn versions prior to 2.6.2. |
| A UNIX Symbolic Link (Symlink) Following vulnerability in python-postorius of openSUSE Leap 15.2, Factory allows local attackers to escalate from users postorius or postorius-admin to root. This issue affects: openSUSE Leap 15.2 python-postorius version 1.3.2-lp152.1.2 and prior versions. openSUSE Factory python-postorius version 1.3.4-2.1 and prior versions. |
| An issue was discovered in the algorithmica crate through 2021-03-07 for Rust. There is a double free in merge_sort::merge(). |
| A user with permission to log on to the machine hosting the AXIS Device Manager client could under certain conditions extract a memory dump from the built-in Windows Task Manager application. The memory dump may potentially contain credentials of connected Axis devices. |
| A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to add the Carriage Return and Line Feed (CRLF) control characters and include arbitrary SMTP headers in the generated test email. |
| A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to bypass blocked network recipients. |
| User controlled parameters related to SMTP notifications are not correctly validated. This can lead to a buffer overflow resulting in crashes and data leakage. |
| Microsoft Defender Remote Code Execution Vulnerability |
| Power BI Remote Code Execution Vulnerability |
| Microsoft Intune Management Extension Remote Code Execution Vulnerability |
| Microsoft Defender Denial of Service Vulnerability |
| Windows Hyper-V Denial of Service Vulnerability |
| Server for NFS Information Disclosure Vulnerability |
| Server for NFS Information Disclosure Vulnerability |
| Server for NFS Denial of Service Vulnerability |
| Windows GPSVC Elevation of Privilege Vulnerability |
| Event Tracing for Windows Information Disclosure Vulnerability |
| Windows HTML Platforms Security Feature Bypass Vulnerability |
| Windows TCP/IP Driver Security Feature Bypass Vulnerability |
