Latest CVE Feed
-
7.5
HIGHCVE-2021-28857
TP-Link's TL-WPA4220 4.0.2 Build 20180308 Rel.37064 username and password are sent via the cookie.... Read more
- EPSS Score: %0.32
- Published: Jun. 15, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-28856
In Deark before v1.5.8, a specially crafted input file can cause a division by zero in (src/fmtutil.c) because of the value of pixelsize.... Read more
Affected Products : deark- EPSS Score: %0.16
- Published: Apr. 14, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-28855
In Deark before 1.5.8, a specially crafted input file can cause a NULL pointer dereference in the dbuf_write function (src/deark-dbuf.c).... Read more
Affected Products : deark- EPSS Score: %0.16
- Published: Apr. 14, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-28848
Mintty before 3.4.5 allows remote servers to cause a denial of service (Windows GUI hang) by telling the Mintty window to change its title repeatedly at high speed, which results in many SetWindowTextA or SetWindowTextW calls. In other words, it does not ... Read more
Affected Products : mintty- EPSS Score: %0.56
- Published: Jun. 03, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-28847
MobaXterm before 21.0 allows remote servers to cause a denial of service (Windows GUI hang) via tab title change requests that are sent repeatedly at high speed, which results in many SetWindowTextA or SetWindowTextW calls.... Read more
Affected Products : mobaxterm- EPSS Score: %0.47
- Published: Jun. 03, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-28846
A Format String vulnerablity exists in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW-821DAP2KAC 1.11B03, and TEW-825DAP 1.11B03, which could let a remote malicious user cause a denial of service due to a logic bug at address 0x40dcd0 when calling... Read more
- EPSS Score: %0.31
- Published: Aug. 10, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-28845
Null Pointer Dereference vulnerability exists in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW-821DAP2KAC 1.11B03, and TEW-825DAP 1.11B03, which could let a remote malicious user cause a denial of service by sending the POST request to apply_cgi ... Read more
- EPSS Score: %0.34
- Published: Aug. 10, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-28844
Null Pointer Dereference vulnerability exists in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW-821DAP2KAC 1.11B03, and TEW-825DAP 1.11B03 by sending the POST request to apply_cgi via a do_graph_auth action without a session_id key.... Read more
- EPSS Score: %0.34
- Published: Aug. 10, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-28843
Null Pointer Dereference vulnerability exists in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW-821DAP2KAC 1.11B03, and TEW-825DAP 1.11B03 by sending the POST request to apply_cgi with an unknown action name.... Read more
- EPSS Score: %0.34
- Published: Aug. 10, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-28842
Null Pointer Deference vulnerability exists in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW-821DAP2KAC 1.11B03, and TEW-825DAP 1.11B03, which could let a remote malicious user cause a denial os service by sending the POST request to apply_cgi vi... Read more
- EPSS Score: %0.34
- Published: Aug. 10, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-28841
Null Pointer Dereference vulnerability in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW-821DAP2KAC 1.11B03, and TEW-825DAP 1.11B03, which could let a remote malicious user cause a denial of service by sending a POST request to apply_cgi via an ac... Read more
- EPSS Score: %0.34
- Published: Aug. 10, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-28840
Null Pointer Dereference vulnerability exists in D-Link DAP-2310 2.07.RC031, DAP-2330 1.07.RC028, DAP-2360 2.07.RC043, DAP-2553 3.06.RC027, DAP-2660 1.13.RC074, DAP-2690 3.16.RC100, DAP-2695 1.17.RC063, DAP-3320 1.01.RC014 and DAP-3662 1.01.RC022 in the u... Read more
Affected Products : dap-3662_firmware dap-2310_firmware dap-2330_firmware dap-2360_firmware dap-2553_firmware dap-2660_firmware dap-2690_firmware dap-2695_firmware dap-3320_firmware dap-3662 +8 more products- EPSS Score: %1.04
- Published: Aug. 10, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-28839
Null Pointer Dereference vulnerability exists in D-Link DAP-2310 2.07.RC031, DAP-2330 1.07.RC028, DAP-2360 2.07.RC043, DAP-2553 3.06.RC027, DAP-2660 1.13.RC074, DAP-2690 3.16.RC100, DAP-2695 1.17.RC063, DAP-3320 1.01.RC014 and DAP-3662 1.01.RC022 in the u... Read more
Affected Products : dap-3662_firmware dap-2310_firmware dap-2330_firmware dap-2360_firmware dap-2553_firmware dap-2660_firmware dap-2690_firmware dap-2695_firmware dap-3320_firmware dap-3662 +8 more products- EPSS Score: %0.56
- Published: Aug. 10, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-28838
Null pointer dereference vulnerability in D-Link DAP-2310 2,10RC039, DAP-2330 1.10RC036 BETA, DAP-2360 2.10RC055, DAP-2553 3.10rc039 BETA, DAP-2660 1.15rc131b, DAP-2690 3.20RC115 BETA, DAP-2695 1.20RC093, DAP-3320 1.05RC027 BETA and DAP-3662 1.05rc069 in ... Read more
Affected Products : dap-3662_firmware dap-2310_firmware dap-2330_firmware dap-2360_firmware dap-2553_firmware dap-2660_firmware dap-2690_firmware dap-2695_firmware dap-3320_firmware dap-3662 +8 more products- EPSS Score: %1.04
- Published: Aug. 10, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-28835
Buffer Overflow vulnerability in XNView before 2.50, allows local attackers to execute arbitrary code via crafted GEM bitmap file.... Read more
Affected Products : xnview- EPSS Score: %0.02
- Published: Aug. 11, 2023
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-28834
Kramdown before 2.3.1 does not restrict Rouge formatters to the Rouge::Formatters namespace, and thus arbitrary classes can be instantiated.... Read more
- EPSS Score: %1.50
- Published: Mar. 19, 2021
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-28833
Increments Qiita::Markdown before 0.34.0 allows XSS via a crafted gist link, a different vulnerability than CVE-2021-28796.... Read more
Affected Products : qiita\- EPSS Score: %0.24
- Published: Jun. 21, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-28832
VSCodeVim before 1.19.0 allows attackers to execute arbitrary code via a crafted workspace configuration.... Read more
Affected Products : vim- EPSS Score: %0.33
- Published: Apr. 05, 2021
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2021-28830
The TIBCO Spotfire Server and TIBCO Enterprise Runtime for R components of TIBCO Software Inc.'s TIBCO Enterprise Runtime for R - Server Edition, TIBCO Enterprise Runtime for R - Server Edition, TIBCO Enterprise Runtime for R - Server Edition, TIBCO Spotf... Read more
- EPSS Score: %0.03
- Published: Jun. 29, 2021
- Modified: Nov. 21, 2024
-
8.0
HIGHCVE-2021-28829
The Administration GUI component of TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric, TIBCO Administrator - Enterprise E... Read more
Affected Products : administrator- EPSS Score: %0.28
- Published: Apr. 20, 2021
- Modified: Nov. 21, 2024