Security Vulnerabilities - CVEs Published In July 2021
Path traversal vulnerability in share_link in QSAN Storage Manager allows remote attackers to download arbitrary files. The referred vulnerability has been solved with the updated version of QSAN Storage Manager v3.3.3.
CVSS Score
7.5
EPSS Score
0.003
Published
2021-07-07
Improper access control vulnerability in share_link in QSAN Storage Manager allows remote attackers to download arbitrary files using particular parameter in download function. The referred vulnerability has been solved with the updated version of QSAN Storage Manager v3.3.3.
CVSS Score
7.5
EPSS Score
0.002
Published
2021-07-07
A vulnerability in share_link in QSAN Storage Manager allows remote attackers to create a symbolic link then access arbitrary files. The referred vulnerability has been solved with the updated version of QSAN Storage Manager v3.3.3.
CVSS Score
7.5
EPSS Score
0.003
Published
2021-07-07
Mikrotik RouterOs 6.44.5 (long-term tree) suffers from an assertion failure vulnerability in the /nova/bin/console process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet.
CVSS Score
6.5
EPSS Score
0.002
Published
2021-07-07
Mikrotik RouterOs 6.44.5 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/console process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).
CVSS Score
6.5
EPSS Score
0.01
Published
2021-07-07
Mikrotik RouterOs 6.44.5 (long-term tree) suffers from an stack exhaustion vulnerability in the /nova/bin/net process. An authenticated remote attacker can cause a Denial of Service due to overloading the systems CPU.
CVSS Score
6.5
EPSS Score
0.01
Published
2021-07-07
Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/diskd process. An authenticated remote attacker can cause a Denial of Service due to invalid memory access.
CVSS Score
6.5
EPSS Score
0.008
Published
2021-07-07
Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/graphing process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).
CVSS Score
6.5
EPSS Score
0.008
Published
2021-07-07
Mikrotik RouterOs before 6.47 (stable tree) suffers from an assertion failure vulnerability in the /nova/bin/user process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet.
CVSS Score
6.5
EPSS Score
0.002
Published
2021-07-07
myFax version 229 logs sensitive information in the export log module which allows any user to access critical information.
CVSS Score
6.5
EPSS Score
0.003
Published
2021-07-07