CVE-2021-26120

Smarty before 3.1.39 allows code injection via an unexpected function name after a {function name= substring.

Source: CVE-2021-26120

CVE-2021-24115

In Botan before 2.17.3, constant-time computations are not used for certain decoding and encoding operations (base32, base58, base64, and hex).

Source: CVE-2021-24115

CVE-2021-26119

Smarty before 3.1.39 allows a Sandbox Escape because $smarty.template_object can be accessed in sandbox mode.

Source: CVE-2021-26119

CVE-2021-3149

On Netshield NANO 25 10.2.18 devices, /usr/local/webmin/System/manual_ping.cgi allows OS command injection (after authentication by the attacker) because the system C library function is used unsafely.

Source: CVE-2021-3149

CVE-2021-27513

The module admin_ITSM in EyesOfNetwork 5.3-10 allows remote authenticated users to upload arbitrary .xml.php files because it relies on "le filtre userside."

Source: CVE-2021-27513

CVE-2021-27516

URI.js (aka urijs) before 1.19.6 mishandles certain uses of backslash such as http:/ and interprets the URI as a relative path.

Source: CVE-2021-27516

CVE-2021-27514

EyesOfNetwork 5.3-10 uses an integer of between 8 and 10 digits for the session ID, which might be leveraged for brute-force authentication bypass (such as in CVE-2021-27513 exploitation).

Source: CVE-2021-27514

CVE-2021-27515

url-parse before 1.5.0 mishandles certain uses of backslash such as http:/ and interprets the URI as a relative path.

Source: CVE-2021-27515

CVE-2021-26716

Modules/input/Views/schedule.php in Emoncms through 10.2.7 allows XSS via the node parameter.

Source: CVE-2021-26716

CVE-2021-26544

Livy server version 0.7.0-incubating (only) is vulnerable to a cross site scripting issue in the session name. A malicious user could use this flaw to access logs and results of other users’ sessions and run jobs with their privileges. This issue is fixed in Livy 0.7.1-incubating.

Source: CVE-2021-26544