Insufficient control flow management in the kernel mode driver for some Intel(R) Graphics Drivers before version 15.36.39.5145 may allow an authenticated user to potentially enable escalation of privilege via local access. Date published :...
Improper access control in firmware for the Intel(R) Ethernet I210 Controller series of network adapters before version 3.30 may allow a privileged user to potentially enable denial of service via local access. Date published...
Improper default permissions in the firmware for the Intel(R) Ethernet I210 Controller series of network adapters before version 3.30 may allow an authenticated user to potentially enable denial of service via local access. Date...
Improper access control in the firmware for the Intel(R) Ethernet I210 Controller series of network adapters before version 3.30 may potentially allow a privileged user to enable a denial of service via local access....
Improper initialization in the firmware for the Intel(R) Ethernet I210 Controller series of network adapters before version 3.30 may allow a privileged user to potentially enable denial of service via local access. Date published...
Insufficient control flow management in some Intel(R) Graphics Drivers before version 15.45.32.5145 may allow an authenticated user to potentially enable escalation of privilege via local access. Date published : 2021-02-17 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html
Improper access control in the Intel(R) HD Graphics Control Panel before version 15.40.46.5144 and 15.36.39.5143 may allow an authenticated user to potentially enable denial of service via local access. Date published : 2021-02-17 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html
The admin panel in BlackCat CMS 1.3.6 allows stored XSS (by an admin) via the Display Name field to backend/preferences/ajax_save.php. Date published : 2021-02-16 https://github.com/BlackCatDevelopment/BlackCatCMS/commits/release-1.4/upload/backend/preferences/ajax_save.php https://github.com/BlackCatDevelopment/BlackCatCMS/compare/1.3.6…1.4Beta
The RTSPLive555.dll ActiveX control in Pelco Digital Sentry Server 7.18.72.11464 has a SetCameraConnectionParameter stack-based buffer overflow. This can be exploited by a remote attacker to potentially execute arbitrary attacker-supplied code. The victim would have...
In Dekart Private Disk 2.15, invalid use of the Type3 user buffer for IOCTL codes using METHOD_NEITHER results in arbitrary memory dereferencing. Date published : 2021-02-16 https://www.dekart.com/products/encryption/private_disk https://www.rootshellsecurity.net/rootshell-discover-denial-of-service-flaw-dekart-private-disk-encryption-software/
Accellion FTA 9_12_370 and earlier is affected by OS command execution via a crafted POST request to various admin endpoints. The fixed version is FTA_9_12_380 and later. Date published : 2021-02-16 https://github.com/accellion/CVEs/blob/main/CVE-2021-27104.txt https://www.accellion.com/products/fta/
Accellion FTA 9_12_411 and earlier is affected by SSRF via a crafted POST request to wmProgressstat.html. The fixed version is FTA_9_12_416 and later. Date published : 2021-02-16 https://github.com/accellion/CVEs/blob/main/CVE-2021-27103.txt https://www.accellion.com/products/fta/
Accellion FTA 9_12_411 and earlier is affected by OS command execution via a local web service call. The fixed version is FTA_9_12_416 and later. Date published : 2021-02-16 https://github.com/accellion/CVEs/blob/main/CVE-2021-27102.txt https://www.accellion.com/products/fta/
Accellion FTA 9_12_370 and earlier is affected by SQL injection via a crafted Host header in a request to document_root.html. The fixed version is FTA_9_12_380 and later. Date published : 2021-02-16 https://github.com/accellion/CVEs/blob/main/CVE-2021-27101.txt https://www.accellion.com/products/fta/