» 2021 » 6월

CVE-2021-25387

Posted on 2021년 6월 12일2021년 6월 12일 by admin

CVE-2021-25387

An improper input validation vulnerability in sflacfd_get_frm() in libsflacextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process.

Source: CVE-2021-25387

CVE-2021-25391

Posted on 2021년 6월 12일2021년 6월 12일 by admin

CVE-2021-25391

Intent redirection vulnerability in Secure Folder prior to SMR MAY-2021 Release 1 allows attackers to execute privileged action.

Source: CVE-2021-25391

CVE-2021-25385

Posted on 2021년 6월 12일2021년 6월 12일 by admin

CVE-2021-25385

An improper input validation vulnerability in sdfffd_parse_chunk_PROP() in libsdffextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process.

Source: CVE-2021-25385

CVE-2020-5003

Posted on 2021년 6월 12일2021년 6월 12일 by admin

CVE-2020-5003

IBM Financial Transaction Manager 3.2.4 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 192956.

Source: CVE-2020-5003

CVE-2021-20396

Posted on 2021년 6월 12일2021년 6월 12일 by admin

CVE-2021-20396

IBM QRadar Analyst Workflow App 1.0 through 1.18.0 for IBM QRadar SIEM allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 196009.

Source: CVE-2021-20396

CVE-2020-13688

Posted on 2021년 6월 12일2021년 6월 12일 by admin

CVE-2020-13688

Cross-site scripting vulnerability in l Drupal Core allows an attacker could leverage the way that HTML is rendered for affected forms in order to exploit the vulnerability.
This issue affects:
Drupal Core
8.8.X versions prior to 8.8.10;
8.9.X versions prior to 8.9.6;
9.0.X versions prior to 9.0.6.

Source: CVE-2020-13688

CVE-2021-26995

Posted on 2021년 6월 11일2021년 6월 12일 by admin

CVE-2021-26995

E-Series SANtricity OS Controller Software 11.x versions prior to 11.70.1 are susceptible to a vulnerability which when successfully exploited could allow privileged attackers to execute arbitrary code.

Source: CVE-2021-26995

CVE-2021-26993

Posted on 2021년 6월 11일2021년 6월 12일 by admin

CVE-2021-26993

E-Series SANtricity OS Controller Software 11.x versions prior to 11.70.1 are susceptible to a vulnerability which when successfully exploited could allow a remote attacker to cause a partial Denial of Service (DoS) to the web server.

Source: CVE-2021-26993

CVE-2021-26996

Posted on 2021년 6월 11일2021년 6월 12일 by admin

CVE-2021-26996

E-Series SANtricity OS Controller Software 11.x versions prior to 11.70.1 are susceptible to a vulnerability which when successfully exploited could allow a remote attacker to discover system configuration and application information which may aid in crafting more complex attacks.

Source: CVE-2021-26996

CVE-2021-26997

Posted on 2021년 6월 11일2021년 6월 11일 by admin

CVE-2021-26997

E-Series SANtricity OS Controller Software 11.x versions prior to 11.70.1 are susceptible to a vulnerability which when successfully exploited could allow a remote attacker to discover information via error messaging which may aid in crafting more complex attacks.

Source: CVE-2021-26997