CVE-2021-28127
An issue was discovered in Stormshield SNS through 4.2.1. A brute-force attack can occur.
Source: CVE-2021-28127
[월:] 2021년 07월
CVE-2021-35337
CVE-2021-35337
Sourcecodester Phone Shop Sales Managements System 1.0 is vulnerable to Insecure Direct Object Reference (IDOR). Any attacker will be able to see the invoices of different users by changing the id parameter.
Source: CVE-2021-35337
CVE-2021-27660
CVE-2021-27660
An insecure client auto update feature in C-CURE 9000 can allow remote execution of lower privileged Windows programs.
Source: CVE-2021-27660
CVE-2021-27661
CVE-2021-27661
Successful exploitation of this vulnerability could give an authenticated Facility Explorer SNC Series Supervisory Controller (F4-SNC) user an unintended level of access to the controller’s file system, allowing them to access or modify system files by sending specifically crafted web messages to the F4-SNC.
Source: CVE-2021-27661
CVE-2021-35336
CVE-2021-35336
Tieline IP Audio Gateway 2.6.4.8 and below is affected by Incorrect Access Control. A vulnerability in the Tieline Web Administrative Interface could allow an unauthenticated user to access a sensitive part of the system with a high privileged account.
Source: CVE-2021-35336
CVE-2021-27477
CVE-2021-27477
When JTEKT Corporation TOYOPUC PLC versions PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET,PC10PE, PC10PE-16/16P, PC10E, FL/ET-T-V2H, PC10B,PC10B-P, Nano CPU, PC10P, and PC10GE receive an invalid frame, the outside area of a receive buffer for FL-net are overwritten. As a result, the PLC CPU detects a system error, and the affected products stop.
Source: CVE-2021-27477
CVE-2021-31813
CVE-2021-31813
Zoho ManageEngine Applications Manager before 15130 is vulnerable to Stored XSS while importing malicious user details (e.g., a crafted user name) from AD.
Source: CVE-2021-31813
CVE-2020-9158
CVE-2020-9158
There is a Missing Cryptographic Step vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause DoS of Samgr.
Source: CVE-2020-9158
CVE-2021-22344
CVE-2021-22344
There is an Improper Access Control vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause temporary DoS.
Source: CVE-2021-22344
CVE-2021-22343
CVE-2021-22343
There is a Configuration Defect vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service integrity and availability.
Source: CVE-2021-22343