CVE-2021-27029
The user may be tricked into opening a malicious FBX file which may exploit a Null Pointer Dereference vulnerability in FBX’s Review causing the application to crash leading to a denial of service.
Source: CVE-2021-27029
[월:] 2021년 04월
CVE-2021-27028
CVE-2021-27028
A Memory Corruption Vulnerability in Autodesk FBX Review version 1.4.0 may lead to remote code execution through maliciously crafted DLL files.
Source: CVE-2021-27028
CVE-2021-27031
CVE-2021-27031
A user may be tricked into opening a malicious FBX file which may exploit a use-after-free vulnerability in FBX’s Review causing the application to reference a memory location controlled by an unauthorized third party, thereby running arbitrary code on the system.
Source: CVE-2021-27031
CVE-2021-27030
CVE-2021-27030
A user may be tricked into opening a malicious FBX file which may exploit a Directory Traversal Remote Code Execution vulnerability in FBX’s Review causing it to run arbitrary code on the system.
Source: CVE-2021-27030
CVE-2021-27027
CVE-2021-27027
A Out-Of-Bounds Read/Write Vulnerability in Autodesk FBX Review version 1.4.0 may lead to remote code execution through maliciously crafted DLL files or information disclosure.
Source: CVE-2021-27027
CVE-2020-28141
CVE-2020-28141
The messaging subsystem in the Online Discussion Forum 1.0 is vulnerable to XSS in the message body. An authenticated user can send messages to arbitrary users on the system that include javascript that will execute when viewing the messages page.
Source: CVE-2020-28141
CVE-2021-21981
CVE-2021-21981
VMware NSX-T contains a privilege escalation vulnerability due to an issue with RBAC (Role based access control) role assignment. Successful exploitation of this issue may allow attackers with local guest user account to assign privileges higher than their own permission level.
Source: CVE-2021-21981
CVE-2021-20992
CVE-2021-20992
In Fibaro Home Center 2 and Lite devices in all versions provide a web based management interface over unencrypted HTTP protocol. Communication between the user and the device can be eavesdropped to hijack sessions, tokens and passwords.
Source: CVE-2021-20992
CVE-2021-20991
CVE-2021-20991
In Fibaro Home Center 2 and Lite devices with firmware version 4.540 and older an authenticated user can run commands as root user using a command injection vulnerability.
Source: CVE-2021-20991
CVE-2021-20990
CVE-2021-20990
In Fibaro Home Center 2 and Lite devices with firmware version 4.600 and older an internal management service is accessible on port 8000 and some API endpoints could be accessed without authentication to trigger a shutdown, a reboot or a reboot into recovery mode.
Source: CVE-2021-20990