CVE-2021-46486
Jsish v3.5.0 was discovered to contain a SEGV vulnerability via jsi_ArraySpliceCmd at src/jsiArray.c. This vulnerability can lead to a Denial of Service (DoS).
Source: CVE-2021-46486
[월:] 2022년 01월
CVE-2021-46427
CVE-2021-46427
An SQL Injection vulnerability exists in Sourcecodester Simple Chatbot Application 1.0 via the message parameter in Master.php.
Source: CVE-2021-46427
CVE-2021-46428
CVE-2021-46428
A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Simple Chatbot Application 1.0 ( and previous versions via the bot_avatar parameter in SystemSettings.php.
Source: CVE-2021-46428
CVE-2021-46377
CVE-2021-46377
There is a front-end sql injection vulnerability in cszcms 1.2.9 via cszcms/controllers/Member.php#viewUser
Source: CVE-2021-46377
CVE-2021-46097
CVE-2021-46097
Dolphinphp v1.5.0 contains a remote code execution vulnerability in /application/common.php#action_log
Source: CVE-2021-46097
CVE-2021-46102
CVE-2021-46102
From version 0.2.14 to 0.2.16 for Solana rBPF, function "relocate" in the file src/elf.rs has an integer overflow bug because the sym.st_value is read directly from ELF file without checking. If the sym.st_value is rather large, an integer overflow is triggered while calculating the variable "addr" via "addr = (sym.st_value + refd_pa) as u64";
Source: CVE-2021-46102
CVE-2021-46065
CVE-2021-46065
A Cross-site scripting (XSS) vulnerability in Secondary Email Field in Zoho ManageEngine ServiceDesk Plus 11.3 Build 11306 allows an attackers to inject arbitrary JavaScript code.
Source: CVE-2021-46065
CVE-2021-46088
CVE-2021-46088
Zabbix 4.0 LTS, 4.2, 4.4, and 5.0 LTS is vulnerable to Remote Code Execution (RCE). Any user with the "Zabbix Admin" role is able to run custom shell script on the application server in the context of the application user.
Source: CVE-2021-46088
CVE-2021-28096
CVE-2021-28096
An issue was discovered in Stormshield SNS before 4.2.3 (when the proxy is used). An attacker can saturate the proxy connection table. This would result in the proxy denying any new connections.
Source: CVE-2021-28096
CVE-2022-0348
CVE-2022-0348
Cross-site Scripting (XSS) – Stored in Packagist pimcore/pimcore prior to 10.2.
Source: CVE-2022-0348