Security Vulnerabilities - CVEs Published In 2021
firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)
CVSS Score
5.4
EPSS Score
0.001
Published
2021-11-13
snipe-it is vulnerable to Cross-Site Request Forgery (CSRF)
CVSS Score
4.3
EPSS Score
0.001
Published
2021-11-13
A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running QmailAgent. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of QmailAgent: QmailAgent 3.0.2 ( 2021/08/25 ) and later
CVSS Score
6.9
EPSS Score
0.004
Published
2021-11-13
A stack buffer overflow vulnerability has been reported to affect QNAP NAS running Multimedia Console. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of Multimedia Console: Multimedia Console 1.4.3 ( 2021/10/05 ) and later Multimedia Console 1.5.3 ( 2021/10/05 ) and later
CVSS Score
8.1
EPSS Score
0.008
Published
2021-11-13
Dell EMC PowerScale OneFS versions 9.1.0, 9.2.0.x, 9.2.1.x contain an Exposure of Information through Directory Listing vulnerability. This vulnerability is triggered when upgrading from a previous versions.
CVSS Score
7.5
EPSS Score
0.003
Published
2021-11-12
Dell PowerScale OneFS contains an Unsynchronized Access to Shared Data in a Multithreaded Context in SMB CA handling. An authenticated user of SMB on a cluster with CA could potentially exploit this vulnerability, leading to a denial of service over SMB.
CVSS Score
6.5
EPSS Score
0.002
Published
2021-11-12
Dell EMC PowerScale Nodes contain a hardware design flaw. This may allow a local unauthenticated user to escalate privileges. This also affects Compliance mode and for Compliance mode clusters, is a critical vulnerability. Dell EMC recommends applying the workaround at your earliest opportunity.
CVSS Score
6.8
EPSS Score
0.0
Published
2021-11-12
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
CVSS Score
7.5
EPSS Score
0.0
Published
2021-11-12
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
CVSS Score
7.5
EPSS Score
0.0
Published
2021-11-12
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
CVSS Score
7.5
EPSS Score
0.0
Published
2021-11-12