CVE-2021-30493
Multiple system services installed alongside the Razer Synapse 3 software suite perform privileged operations on entries within the ChromaBroadcast subkey. These privileged operations consist of file name concatenation of a runtime log file that is used to store runtime log information. In other words, an attacker can create a file in an unintended directory (with some limitations).
Source: CVE-2021-30493
CVE-2021-30494
Multiple system services installed alongside the Razer Synapse 3 software suite perform privileged operations on entries within the Razer Chroma SDK subkey. These privileged operations consist of file name concatenation of a runtime log file that is used to store runtime log information. In other words, an attacker can create a file in an unintended directory (with some limitations).
Source: CVE-2021-30494
CVE-2021-28098
An issue was discovered in Forescout CounterACT before 8.1.4. A local privilege escalation vulnerability is present in the logging function. SecureConnector runs with administrative privileges and writes logs entries to a file in %PROGRAMDATA%ForeScout SecureConnector that has full permissions for the Everyone group. Using a symbolic link allows an attacker to point the log file to a privileged location such as %WINDIR%System32. The resulting log file adopts the file permissions of the source of the symbolic link (in this case, the Everyone group). The log file in System32 can be replaced and renamed with a malicious DLL for DLL hijacking.
Source: CVE-2021-28098
CVE-2021-27130
Online Reviewer System 1.0 contains a SQL injection vulnerability through authentication bypass, which may lead to a reverse shell upload.
Source: CVE-2021-27130
CVE-2021-27705
Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"qosIndex "request. This occurs because the "formQOSRuleDel" function directly passes the parameter "qosIndex" to strcpy without limit.
Source: CVE-2021-27705
CVE-2021-27599
SAP NetWeaver ABAP Server and ABAP Platform (Process Integration – Integration Builder Framework), versions – 7.10, 7.30, 7.31, 7.40, 7.50, allows an attacker to access information under certain conditions, which would otherwise be restricted.
Source: CVE-2021-27599
CVE-2021-25314
A Creation of Temporary File With Insecure Permissions vulnerability in hawk2 of SUSE Linux Enterprise High Availability 12-SP3, SUSE Linux Enterprise High Availability 12-SP5, SUSE Linux Enterprise High Availability 15-SP2 allows local attackers to escalate to root.
This issue affects:
SUSE Linux Enterprise High Availability 12-SP3
hawk2 versions prior to 2.6.3+git.1614685906.812c31e9.
SUSE Linux Enterprise High Availability 12-SP5
hawk2 versions prior to 2.6.3+git.1614685906.812c31e9.
SUSE Linux Enterprise High Availability 15-SP2
hawk2 versions prior to 2.6.3+git.1614684118.af555ad9.
Source: CVE-2021-25314
CVE-2020-29592
An issue was discovered in Orchard before 1.10. A broken access control issue in Orchard components that use the TinyMCE HTML editor’s file upload allows an attacker to upload dangerous executables that bypass the file types allowed (regardless of the file types allowed list in Media settings).
Source: CVE-2020-29592
CVE-2020-29593
An issue was discovered in Orchard before 1.10. The Media Settings Allowed File Types list field allows an attacker to add a XSS payload that will execute when users attempt to upload a disallowed file type, causing the error to display.
Source: CVE-2020-29593
CVE-2021-27608
An unquoted service path in SAPSetup, version – 9.0, could lead to privilege escalation during the installation process that is performed when an executable file is registered. This could further lead to complete compromise of confidentiality, Integrity and Availability.
Source: CVE-2021-27608