Security Vulnerabilities - CVEs Published In November 2021
Buffer overflow vulnerability in Kodi xbmc up to 19.0, allows attackers to cause a denial of service due to improper length of values passed to istream.
CVSS Score
5.5
EPSS Score
0.003
Published
2021-11-01
SQL Injection vulnerability in pay.php in millken doyocms 2.3, allows attackers to execute arbitrary code, via the attribute parameter.
CVSS Score
9.8
EPSS Score
0.006
Published
2021-11-01
Arbitrary file upload vulnerability sysupload.php in millken doyocms 2.3 allows attackers to execute arbitrary code.
CVSS Score
9.8
EPSS Score
0.009
Published
2021-11-01
S-Cart v6.4.1 and below was discovered to contain an arbitrary file upload vulnerability in the Editor module on the Admin panel. This vulnerability allows attackers to execute arbitrary code via a crafted IMG file.
CVSS Score
8.8
EPSS Score
0.009
Published
2021-11-01
A SQL injection vulnerability in TopicMapper.xml of PybbsCMS v5.2.1 allows attackers to access sensitive database information.
CVSS Score
7.5
EPSS Score
0.003
Published
2021-11-01
Clustered Data ONTAP versions 9.6 and higher prior to 9.6P16, 9.7P16, 9.8P7 and 9.9.1P3 are susceptible to a vulnerability which could allow a remote attacker to cause a crash of the httpd server.
CVSS Score
7.5
EPSS Score
0.007
Published
2021-11-01
A remote unauthenticated directory traversal security vulnerability has been identified in HPE iLO Amplifier Pack versions 1.80, 1.81, 1.90 and 1.95. The vulnerability could be remotely exploited to allow an unauthenticated user to run arbitrary code leading complete impact to confidentiality, integrity, and availability of the iLO Amplifier Pack appliance.
CVSS Score
9.8
EPSS Score
0.155
Published
2021-11-01
A potential local bypass of security restrictions vulnerability has been identified in HPE ProLiant DL20 Gen10, HPE ProLiant ML30 Gen10, and HPE ProLiant MicroServer Gen10 Plus server's system ROMs prior to version 2.52. The vulnerability could be locally exploited to cause disclosure of sensitive information, denial of service (DoS), and/or compromise system integrity.
CVSS Score
6.7
EPSS Score
0.0
Published
2021-11-01
HP Print and Scan Doctor, an application within the HP Smart App for Windows, is potentially vulnerable to local elevation of privilege.
CVSS Score
7.8
EPSS Score
0.001
Published
2021-11-01
Potential security vulnerabilities have been discovered on a certain HP LaserJet Pro printer that may allow a Denial of Service on the device.
CVSS Score
7.5
EPSS Score
0.005
Published
2021-11-01