From DHS/US-CERT’s Nationwide Vulnerability Database
CVE-2020-28346
PUBLISHED: 2021-03-26
ACRN by 2.2 has a devicemodel/hw/pci/virtio/virtio.c NULL Pointer Dereference.
CVE-2020-23517
PUBLISHED: 2021-03-26
Cross Website Scripting (XSS) vulnerability in Aryanic HighMail (Excessive CMS) variations 2020 and earlier than permits distant attackers to inject arbitrary internet script or HTML, by way of ‘consumer’ to LoginForm.
CVE-2021-3027
PUBLISHED: 2021-03-26
app/views_mod/consumer/consumer.py in LibrIT PaSSHport by 2.5 is affected by LDAP Injection. There may be an info leak by the crafting of particular queries, escaping the supplied search filter as a result of consumer enter will get no sanitization.
CVE-2021-3153
PUBLISHED: 2021-03-26
HashiCorp Terraform Enterprise as much as v202102-2 did not implement an organization-level setting that required customers inside a corporation to have two-factor authentication enabled. Mounted in v202103-1.
CVE-2021-3119
PUBLISHED: 2021-03-25
Zetetic SQLCipher 4.x earlier than 4.4.3 has a NULL pointer dereferencing subject associated to sqlcipher_export in crypto.c and sqlite3StrICmp in sqlite3.c. This may increasingly enable an attacker to carry out a distant denial of service assault. For instance, an SQL injection can be utilized to execute the crafted SQL command seq…
