Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of...
Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (without possession of the AuthValue used in the provisioning protocol) to determine the AuthValue via a brute-force attack (unless...
Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, able to conduct a successful brute-force attack on an insufficiently random AuthValue before the provisioning procedure times out, to...
Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the...
Project Worlds Online Examination System 1.0 is affected by Cross Site Scripting (XSS) via account.php. Date published : 2021-05-24 https://github.com/projectworldsofficial/online-examination-systen-in-php/archive/master.zip https://nikhilkumar01.medium.com/cve-2020-26006-31f847e16019
Projectworlds Online Examination System 1.0 is vulnerable to CSRF, which allows a remote attacker to delete the existing user. Date published : 2021-05-24 https://github.com/projectworldsofficial/online-examination-systen-in-php https://nikhilkumar01.medium.com/cve-2020-25411-a245bdf88fb5
Projectsworlds College Management System Php 1.0 is vulnerable to SQL injection issues over multiple parameters. Date published : 2021-05-24 https://github.com/olotieno/College-Management-System-Php/tree/master/College-Management-System%20in%20Php_5.5/College-Management-System%20in%20Php_5.5 https://nikhilkumar01.medium.com/cve-2020-25409-5ecbe735c004
A Cross-Site Request Forgery (CSRF) vulnerability exists in ProjectWorlds College Management System Php 1.0 that allows a remote attacker to modify, delete, or make a new entry of the student, faculty, teacher, subject, scores,...
Buffer Overflow vulnerability exists in FFmpeg 4.1 via apng_do_inverse_blend in libavcodec/pngenc.c, which could let a remote malicious user cause a Denial of Service Date published : 2021-05-24 https://trac.ffmpeg.org/ticket/7989 https://lists.debian.org/debian-lts-announce/2021/08/msg00018.html
MetInfo 7.0 beta is affected by a file modification vulnerability. Attackers can delete and modify ini files in app/system/language/admin/language_general.class.php and app/system/include/function/file.func.php. Date published : 2021-05-24 https://github.com/cby234/cve_request/issues/1 https://github.com/cby234/cve_request/issues/2
Ethereum 0xe933c0cd9784414d5f278c114904f5a84b396919#code.sol latest version is affected by a denial of service vulnerability in the affected payout function. Once the length of this array is too long, it will result in an exception. Attackers can...
Integer Overflow in memory allocating functions. Zephyr versions >= 1.14.2, >= 2.4.0 contain Integer Overflow or Wraparound (CWE-190). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-94vp-8gc2-rm45 Date published : 2021-05-24 http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-94vp-8gc2-rm45
Remote Denial of Service in LwM2M do_write_op_tlv. Zephyr versions >= 1.14.2, >= 2.2.0 contain Improper Input Validation (CWE-20), Loop with Unreachable Exit Condition (‘Infinite Loop’) (CWE-835). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-g9mg-fj58-6fqh Date published :...
Possible read out of bounds in dns read. Zephyr versions >= 1.14.2, >= 2.3.0 contain Out-of-bounds Read (CWE-125). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-mm57-9hqw-qh44 Date published : 2021-05-24 http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-mm57-9hqw-qh44