CMSuno 1.7 Theme tgo cross site scripting
A vulnerability was found in CMSuno 1.7 and classified as problematic. Affected by this issue is an unknown function of the component Theme Handler. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
OpenPLC Webserver v3 Hardware Layer Code Box /hardware command injection
A vulnerability classified as critical has been found in OpenPLC Webserver v3 (Web Server). Affected is some unknown processing of the file /hardware of the component Hardware Layer Code Box. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
Poddycast up to 0.8.0 Episode os command injection
A vulnerability classified as critical was found in Poddycast up to 0.8.0. Affected by this vulnerability is an unknown function of the component Episode Handler. Upgrading to version 0.8.1 eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is ready for download at github.com. The best possible mitigation is suggested […]
node-tar up to 3.2.2/4.4.14/5.0.6/6.1.1 on npm Symbolic Links path traversal
A vulnerability, which was classified as critical, has been found in node-tar up to 3.2.2/4.4.14/5.0.6/6.1.1 on npm (NPM Package). Affected by this issue is an unknown functionality of the component Symbolic Links Handler. Upgrading to version 3.2.3, 4.4.15, 5.0.7 or 6.1.2 eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix […]
node-tar up to 3.2.1/3.3.1/4.4.13/5.0.5/6.1.0 on npm File Creation Creation/Overwrite path traversal
A vulnerability, which was classified as problematic, was found in node-tar up to 3.2.1/3.3.1/4.4.13/5.0.5/6.1.0 on npm (NPM Package). This affects some unknown functionality of the file Creation/Overwrite of the component File Creation Handler. Upgrading to version 3.2.2, 3.3.2, 4.4.14, 5.0.6 or 6.1.1 eliminates this vulnerability. Applying a patch is able to eliminate this problem. The […]
Skytable up to 0.5.0 path traversal [CVE-2021-32814]
A vulnerability has been found in Skytable up to 0.5.0 and classified as critical. This vulnerability affects an unknown part. Upgrading to version 0.5.1 eliminates this vulnerability. The upgrade is hosted for download at github.com. Applying a patch is able to eliminate this problem. The bugfix is ready for download at github.com. The best possible […]
Liferay Portal/DXP Forgot Password information disclosure [CVE-2021-33321]
A vulnerability was found in Liferay Portal and DXP (unknown version) and classified as problematic. This issue affects an unknown code of the component Forgot Password Handler. Upgrading eliminates this vulnerability.
Liferay Portal/DXP Password Reset Token password recovery [CVE-2021-33322]
A vulnerability was found in Liferay Portal and DXP (version unknown). It has been classified as problematic. Affected is an unknown code block of the component Password Reset Token Handler. Upgrading eliminates this vulnerability.
Liferay Portal/DXP Dynamic Data Mapping Module information disclosure
A vulnerability was found in Liferay Portal and DXP (affected version unknown). It has been declared as problematic. Affected by this vulnerability is some unknown processing of the component Dynamic Data Mapping Module. Upgrading eliminates this vulnerability.
Liferay Portal/DXP Layout Module permission [CVE-2021-33324]
A vulnerability was found in Liferay Portal and DXP (affected version not known). It has been rated as critical. Affected by this issue is an unknown function of the component Layout Module. Upgrading eliminates this vulnerability.
Liferay Portal/DXP Portlet Configuration Module permission [CVE-2021-33327]
A vulnerability classified as critical has been found in Liferay Portal and DXP (the affected version unknown). This affects an unknown functionality of the component Portlet Configuration Module. Upgrading eliminates this vulnerability.
Grafana Loki up to 2.2.1 Error Message X-Scope-OrgID pathname traversal
A vulnerability classified as problematic was found in Grafana Loki up to 2.2.1. This vulnerability affects some unknown functionality of the component Error Message Handler. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
Grafana Cortex up to 1.9.0 Error Message X-Scope-OrgID pathname traversal
A vulnerability, which was classified as problematic, has been found in Grafana Cortex up to 1.9.0. This issue affects an unknown part of the component Error Message Handler. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
Sourcecodester Phone Shop Sales Management System 1.0 unrestricted upload
A vulnerability, which was classified as critical, was found in Sourcecodester Phone Shop Sales Management System 1.0. Affected is an unknown code. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
Liferay Portal/DXP Notifications Module redirect
A vulnerability has been found in Liferay Portal and DXP (affected version unknown) and classified as problematic. Affected by this vulnerability is an unknown code block of the component Notifications Module. Upgrading eliminates this vulnerability.
Liferay Portal/DXP Portlet Configuration module cross site scripting
A vulnerability was found in Liferay Portal and DXP (affected version not known) and classified as problematic. Affected by this issue is some unknown processing of the component Portlet Configuration module. Upgrading eliminates this vulnerability.
Liferay Portal/DXP Portal Workflow Module permission [CVE-2021-33333]
A vulnerability was found in Liferay Portal and DXP (the affected version unknown). It has been classified as critical. This affects an unknown function of the component Portal Workflow Module. Upgrading eliminates this vulnerability.
Liferay Portal/DXP Dynamic Data Mapping Module permission [CVE-2021-33334]
A vulnerability was found in Liferay Portal and DXP (the affected version is unknown). It has been declared as critical. This vulnerability affects an unknown functionality of the component Dynamic Data Mapping Module. Upgrading eliminates this vulnerability.
Liferay Portal/DXP update/edit access control
A vulnerability was found in Liferay Portal and DXP (unknown version). It has been rated as critical. This issue affects some unknown functionality of the file update/edit. Upgrading eliminates this vulnerability.
Double Precision Incorporated Courier Mail Server up to 1.1.4 POP3 cryptographic issues
A vulnerability classified as problematic has been found in Double Precision Incorporated Courier Mail Server up to 1.1.4 (Mail Server Software). Affected is an unknown part of the component POP3. Upgrading to version 1.1.5 eliminates this vulnerability.
Dell EMC iDRAC9 prior 4.40.40.00 cross site scripting [CVE-2021-21576]
A vulnerability classified as problematic was found in Dell EMC iDRAC9. Affected by this vulnerability is an unknown code. Upgrading to version 4.40.40.00 eliminates this vulnerability.
Dell EMC iDRAC9 prior 4.40.40.00 cross site scripting [CVE-2021-21577]
A vulnerability, which was classified as problematic, has been found in Dell EMC iDRAC9. Affected by this issue is an unknown code block. Upgrading to version 4.40.40.00 eliminates this vulnerability.
Dell EMC iDRAC9 up to 4.x Link cross site scripting
A vulnerability, which was classified as problematic, was found in Dell EMC iDRAC9 up to 4.x. This affects some unknown processing of the component Link Handler. Upgrading to version 5.00.00.00 eliminates this vulnerability.
Huawei HarmonyOS Kernel memory leak [CVE-2021-22417]
A vulnerability has been found in Huawei HarmonyOS (the affected version is unknown) and classified as problematic. This vulnerability affects an unknown function of the component Kernel. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.