A denial of service vulnerability exists in Wibu-Systems CodeMeter versions < 7.21a. An unauthenticated remote attacker can exploit this issue to crash... weiterlesen

There is a XSS vulnerability in the ticket overview screens. It's possible to collect various information by having an e-mail shown in the overview screen.... weiterlesen

... weiterlesen

Insecure storage of sensitive information has been reported to affect QNAP NAS running myQNAPcloud Link. If exploited, this vulnerability allows remote... weiterlesen

... weiterlesen

Use after free in Extensions in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially... weiterlesen

Use after free in Spell check in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially... weiterlesen

... weiterlesen

Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a... weiterlesen

Use after free in Network service in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted... weiterlesen

Rapid7 Nexpose is vulnerable to a non-persistent cross-site scripting vulnerability affecting the Security Console's Filtered Asset Search feature. A specific... weiterlesen

tEnvoy contains the PGP, NaCl, and PBKDF2 in node.js and the browser (hashing, random, encryption, decryption, signatures, conversions), used by TogaTech.org.... weiterlesen

Nextcloud Talk is a fully on-premises audio/video and chat communication service. Password protected shared chats in Talk before version 9.0.10, 10.0.8... weiterlesen

Opencast is a free and open source solution for automated video capture and distribution. Versions of Opencast prior to 9.6 are vulnerable to the billion... weiterlesen

D-Link DIR-2640-US 1.01B04 is affected by Insufficiently Protected Credentials. D-Link AC2600(DIR-2640) stores the device system account password in plain... weiterlesen

... weiterlesen

An issue was discovered in EXCELLENT INFOTEK CORPORATION (EIC) E-document System 3.0. A remote attacker can use kw/auth/bbs/asp/get_user_email_info_bbs.asp... weiterlesen

D-Link DIR-2640-US 1.01B04 is vulnerable to Incorrect Access Control. Router ac2600 (dir-2640-us), when setting PPPoE, will start quagga process in the... weiterlesen

Valine 1.4.14 allows remote attackers to cause a denial of service (application outage) by supplying a ua (aka User-Agent) value that only specifies the... weiterlesen

Matrix libolm before 3.2.3 allows a malicious Matrix homeserver to crash a client (while it is attempting to retrieve an Olm encrypted room key backup... weiterlesen

There are multiple out-of-bounds vulnerabilities in some processes of D-Link AC2600(DIR-2640) 1.01B04. Ordinary permissions can be elevated to administrator... weiterlesen

... weiterlesen

... weiterlesen

Use after free in Accessibility in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially... weiterlesen

Use after free in Extensions in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially... weiterlesen

Use after free in Network service in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted... weiterlesen

A use after free in hermes, while emitting certain error messages, prior to commit d86e185e485b6330216dee8e854455c694e3a36e allows attackers to potentially... weiterlesen

... weiterlesen

... weiterlesen

Use after free in Spell check in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially... weiterlesen

... weiterlesen

Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a... weiterlesen

Use after free in Autofill in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML... weiterlesen

Use after free in Extensions in Google Chrome prior to 91.0.4472.101 allowed a remote attacker who had compromised the renderer process to potentially... weiterlesen

TP-Link's TL-WPA4220 4.0.2 Build 20180308 Rel.37064 does not use SSL by default. Attacker on the local network can monitor traffic and capture the cookie... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1.4 and 11.5.5 is vulnerable to a denial of service as the server terminates abnormally... weiterlesen

IBM Security Identity Manager 6.0.2 is vulnerable to server-side request forgery (SSRF). By sending a specially crafted request, a remote authenticated... weiterlesen

IBM Resilient SOAR V38.0 could allow a local privileged attacker to obtain sensitive information due to improper or nonexisting encryption.IBM X-Force... weiterlesen

... weiterlesen

IBM Resilient SOAR V38.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force... weiterlesen

... weiterlesen

IBM Security Identity Manager 6.0.2 could allow an authenticated malicious user to change the passwords of other users in the Windows AD environment when... weiterlesen