| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| When parsing internationalized domain names, high bits of the characters in the URLs were sometimes stripped, resulting in inconsistencies that could lead to user confusion or attacks such as phishing. This vulnerability affects Firefox < 94. |
| FOSCAM Camera FI9805E with firmware V4.02.R12.00018510.10012.143900.00000 contains a backdoor that opens Telnet port when special command is sent on port 9530. |
| A Remote Code Execution (RCE) vulnerability exists in The-Secretary 2.5 via install.php. |
| A vulnerability exists in Hoosk 1.8.0 in /install/index.php, due to a failure to check if config.php already exists in the root directory, which could let a malicious user reinstall the website. |
| A Remiote Code Execution (RCE) vulnerability exiss in Subrion CMS 4.2.1 via modified code in a background field; when the information is modified, the data in it will be executed through eval(). |
| An issue was discovered in GNU Hurd before 0.9 20210404-9. A single pager port is shared among everyone who mmaps a file, allowing anyone to modify any files that they can read. This can be trivially exploited to get full root access. |
| An issue was discovered in FusionPBX before 4.5.30. The log_viewer.php Log View page allows an authenticated user to choose an arbitrary filename for download (i.e., not necessarily freeswitch.log in the intended directory). |
| In iconvdata/iso-2022-jp-3.c in the GNU C Library (aka glibc) 2.34, remote attackers can force iconv() to emit a spurious '\0' character via crafted ISO-2022-JP-3 data that is accompanied by an internal state reset. This may affect data integrity in certain iconv() use cases. NOTE: the vendor states "the bug cannot be invoked through user input and requires iconv to be invoked with a NULL inbuf, which ought to require a separate application bug to do so unintentionally. Hence there's no security impact to the bug. |
| An issue was discovered on Renesas RX65 and RX65N devices. With a VCC glitch, an attacker can extract the security ID key from the device. Then, the protected firmware can be extracted. |
| Windows Digital Media Receiver Elevation of Privilege Vulnerability |
| Windows Hyper-V Denial of Service Vulnerability |
| Windows Digital TV Tuner Elevation of Privilege Vulnerability |
| Windows Kernel Information Disclosure Vulnerability |
| Microsoft SharePoint Server Spoofing Vulnerability |
| NTFS Set Short Name Elevation of Privilege Vulnerability |
| Windows Recovery Environment Agent Elevation of Privilege Vulnerability |
| Microsoft Message Queuing Information Disclosure Vulnerability |
| Storage Spaces Controller Information Disclosure Vulnerability |
| Windows Fax Service Remote Code Execution Vulnerability |
| Remote Desktop Client Remote Code Execution Vulnerability |
