Security Vulnerabilities - CVEs Published In 2021
yetiforcecrm is vulnerable to Cross-Site Request Forgery (CSRF)
CVSS Score
4.3
EPSS Score
0.001
Published
2021-12-11
OpenOlat is a web-basedlearning management system. A path traversal vulnerability exists in OpenOlat prior to versions 15.5.12 and 16.0.5. By providing a filename that contains a relative path as a parameter in some REST methods, it is possible to create directory structures and write files anywhere on the target system. The attack could be used to write files anywhere in the web root folder or outside, depending on the configuration of the system and the properly configured permission of the application server user. The attack requires an OpenOlat user account, an enabled REST API and the rights on a business object to call the vulnerable REST calls. The problem is fixed in version 15.5.12 and 16.0.5. There is a workaround available. The vulnerability requires the REST module to be enabled. Disabling the REST module or limiting the REST module via some firewall or web-server access rules to be accessed only be trusted systems will mitigate the risk.
CVSS Score
8.1
EPSS Score
0.008
Published
2021-12-10
A malicious hypervisor in conjunction with an unprivileged attacker process inside an SEV/SEV-ES guest VM may fail to flush the Translation Lookaside Buffer (TLB) resulting in unexpected behavior inside the virtual machine (VM).
CVSS Score
8.4
EPSS Score
0.001
Published
2021-12-10
Improper handling of pointers in the System Management Mode (SMM) handling code may allow for a privileged attacker with physical or administrative access to potentially manipulate the AMD Generic Encapsulated Software Architecture (AGESA) to execute arbitrary code undetected by the operating system.
CVSS Score
6.7
EPSS Score
0.0
Published
2021-12-10
Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 has a directory traversal for arbitrary .csv files. It only affects instances that have the developer testing tool called TestData DB data source enabled and configured. The vulnerability is limited in scope, and only allows access to files with the extension .csv to authenticated users only. Grafana Cloud instances have not been affected by the vulnerability. Versions 8.3.2 and 7.5.12 contain a patch for this issue. There is a workaround available for users who cannot upgrade. Running a reverse proxy in front of Grafana that normalizes the PATH of the request will mitigate the vulnerability. The proxy will have to also be able to handle url encoded paths.
CVSS Score
4.3
EPSS Score
0.005
Published
2021-12-10
All versions of package comb are vulnerable to Prototype Pollution via the deepMerge() function.
CVSS Score
6.5
EPSS Score
0.005
Published
2021-12-10
The package md-to-pdf before 5.0.0 are vulnerable to Remote Code Execution (RCE) due to utilizing the library gray-matter to parse front matter content, without disabling the JS engine.
CVSS Score
9.8
EPSS Score
0.16
Published
2021-12-10
All versions of package sey are vulnerable to Prototype Pollution via the deepmerge() function.
CVSS Score
6.5
EPSS Score
0.005
Published
2021-12-10
All versions of package merge-deep2 are vulnerable to Prototype Pollution via the mergeDeep() function.
CVSS Score
6.5
EPSS Score
0.005
Published
2021-12-10
snipe-it is vulnerable to Improper Access Control
CVSS Score
4.3
EPSS Score
0.002
Published
2021-12-10