CVE Notify
19.2K subscribers
4 photos
185K links
Alert on the latest CVEs

Partner channel: @malwr
Download Telegram
๐Ÿšจ CVE-2021-27358
The snapshot feature in Grafana before 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of Service via a remote API call if a commonly used configuration is set.

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2021-27221
** DISPUTED ** MikroTik RouterOS 6.47.9 allows remote authenticated ftp users to create or overwrite arbitrary .rsc files via the /export command. NOTE: the vendor's position is that this is intended behavior because of how user policies work.

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2021-28109
TranzWare (POI) FIMI before 4.2.20.4.2 allows login_tw.php reflected Cross-Site Scripting (XSS).

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2021-27928
A remote code execution issue was discovered in MariaDB 10.2 before 10.2.37, 10.3 before 10.3.28, 10.4 before 10.4.18, and 10.5 before 10.5.9; Percona Server through 2021-03-03; and the wsrep patch through 2021-03-03 for MySQL. An untrusted search path leads to eval injection, in which a database SUPER user can execute OS commands after modifying wsrep_provider and wsrep_notify_cmd. NOTE: this does not affect an Oracle product.

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2021-3327
Ovation Dynamic Content 1.10.1 for Elementor allows XSS via the post_title parameter.

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2021-28126
index.jsp in TranzWare e-Commerce Payment Gateway (TWEC PG) before 3.1.27.5 had a Stored cross-site scripting (XSS) vulnerability

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2020-6578
Zen Cart 1.5.6d allows reflected XSS via the main_page parameter to includes/templates/template_default/common/tpl_main_page.php or includes/templates/responsive_classic/common/tpl_main_page.php.

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2021-25289
An issue was discovered in Pillow before 8.1.1. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. NOTE: this issue exists because of an incomplete fix for CVE-2020-35654.

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2021-25292
An issue was discovered in Pillow before 8.1.1. The PDF parser allows a regular expression DoS (ReDoS) attack via a crafted PDF file because of a catastrophic backtracking regex.

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2021-25293
An issue was discovered in Pillow before 8.1.1. There is an out-of-bounds read in SGIRleDecode.c.

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2021-25291
An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is an out-of-bounds read in TiffreadRGBATile via invalid tile boundaries.

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2021-28122
A request-validation issue was discovered in Open5GS 2.1.3 through 2.2.x before 2.2.1. The WebUI component allows an unauthenticated user to use a crafted HTTP API request to create, read, update, or delete entries in the subscriber database. For example, new administrative users can be added. The issue occurs because Express is not set up to require authentication.

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2020-25097
An issue was discovered in Squid through 4.13 and 5.x through 5.0.4. Due to improper input validation, it allows a trusted client to perform HTTP Request Smuggling and access services otherwise forbidden by the security controls. This occurs for certain uri_whitespace configuration settings.

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2021-28831
decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data.

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2021-28834
Kramdown before 2.3.1 does not restrict Rouge formatters to the Rouge::Formatters namespace, and thus arbitrary classes can be instantiated.

๐ŸŽ–@cveNotify
๐Ÿšจ CVE-2020-7021
Elasticsearch versions before 7.10.0 and 6.8.14 have an information disclosure issue when audit logging and the emit_request_body option is enabled. The Elasticsearch audit log could contain sensitive information such as password hashes or authentication tokens. This could allow an Elasticsearch administrator to view these details.

๐ŸŽ–@cveNotify