| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Apache Superset up to and including 1.0.1 allowed for the creation of an external URL that could be malicious. By not checking user input for open redirects the URL shortener functionality would allow for a malicious user to create a short URL for a dashboard that could convince the user to click the link. |
| A man-in-the-middle vulnerability in Cohesity DataPlatform support channel in version 6.3 up to 6.3.1g, 6.4 up to 6.4.1c and 6.5.1 through 6.5.1b. Missing server authentication in impacted versions can allow an attacker to Man-in-the-middle (MITM) support channel UI session to Cohesity DataPlatform cluster. |
| Undocumented Default Cryptographic Key Vulnerability in Cohesity DataPlatform version 6.3 prior 6.3.1g, 6.4 up to 6.4.1c and 6.5.1 through 6.5.1b. The ssh key can provide an attacker access to the linux system in the affected version. |
| A request-validation issue was discovered in Open5GS 2.1.3 through 2.2.x before 2.2.1. The WebUI component allows an unauthenticated user to use a crafted HTTP API request to create, read, update, or delete entries in the subscriber database. For example, new administrative users can be added. The issue occurs because Express is not set up to require authentication. |
| Virtual Robots.txt before 1.10 does not block HTML tags in the robots.txt field. |
| Twinkle Tray (aka twinkle-tray) through 1.13.3 allows remote command execution. A remote attacker may send a crafted IPC message to the exposed vulnerable ipcRenderer IPC interface, which invokes the dangerous openExternal API. |
| libdiscover/backends/KNSBackend/KNSResource.cpp in KDE Discover before 5.21.3 automatically creates links to potentially dangerous URLs (that are neither https:// nor http://) based on the content of the store.kde.org web site. (5.18.7 is also a fixed version.) |
| Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data. This can be leveraged as part of a chain for remote code execution as nobody. |
| The OUGC Feedback plugin before 1.8.23 for MyBB allows XSS via the comment field of feedback during an edit operation. |
| Froala WYSIWYG Editor 3.2.6-1 is affected by XSS due to a namespace confusion during parsing. |
| A command injection vulnerability in the cookieDomain and relayDomain parameters of Okta Access Gateway before 2020.9.3 allows attackers (with admin access to the Okta Access Gateway UI) to execute OS commands as a privileged system account. |
| Draeger X-Dock Firmware before 03.00.13 has Active Debug Code on a debug port, leading to remote code execution by an authenticated attacker. |
| Draeger X-Dock Firmware before 03.00.13 has Hard-Coded Credentials, leading to remote code execution by an authenticated attacker. |
| /exec in TranzWare e-Commerce Payment Gateway (TWEC PG) before 3.1.27.5 had a vulnerability in its XML parser. |
| TranzWare (POI) FIMI before 4.2.20.4.2 allows login_tw.php reflected Cross-Site Scripting (XSS). |
| Priam uses File.createTempFile, which gives the permissions on that file -rw-r--r--. An attacker with read access to the local filesystem can read anything written there by the Priam process. |
| In Netflix OSS Hollow, since the Files.exists(parent) is run before creating the directories, an attacker can pre-create these directories with wide permissions. Additionally, since an insecure source of randomness is used, the file names to be created can be deterministically calculated. |
| An issue was discovered in Forescout CounterACT before 8.1.4. A local privilege escalation vulnerability is present in the logging function. SecureConnector runs with administrative privileges and writes logs entries to a file in %PROGRAMDATA%\ForeScout SecureConnector\ that has full permissions for the Everyone group. Using a symbolic link allows an attacker to point the log file to a privileged location such as %WINDIR%\System32. The resulting log file adopts the file permissions of the source of the symbolic link (in this case, the Everyone group). The log file in System32 can be replaced and renamed with a malicious DLL for DLL hijacking. |
| An issue was discovered in Stormshield SNS before 4.2.3 (when the proxy is used). An attacker can saturate the proxy connection table. This would result in the proxy denying any new connections. |
| OX Documents before 7.10.5-rev5 has Incorrect Access Control for documents that contain XML structures because hash collisions can occur, due to use of CRC32. |