CVE-2021-31900
In JetBrains Code With Me bundled to the compatible IDE versions before 2021.1, a client could open a browser on a host. Date published : 2021-05-11 Home JetBrains Security Bulletin Q1 2021
Monthly Archive: May 2021
CVE-2021-31899
In JetBrains Code With Me bundled to the compatible IDEs before version 2021.1, the client could execute code in read-only mode. Date published : 2021-05-11 Home JetBrains Security Bulletin Q1 2021
CVE-2021-31898
In JetBrains WebStorm before 2021.1, HTTP requests were used instead of HTTPS. Date published : 2021-05-11 Home JetBrains Security Bulletin Q1 2021
CVE-2021-31897
In JetBrains WebStorm before 2021.1, code execution without user confirmation was possible for untrusted projects. Date published : 2021-05-11 Home JetBrains Security Bulletin Q1 2021
CVE-2021-31537
SIS SIS-REWE Go before 7.7 SP17 allows XSS: rewe/prod/web/index.php (affected parameters are config, version, win, db, pwd, and user) and /rewe/prod/web/rewe_go_check.php (version and all other parameters). Date published : 2021-05-11 http://packetstormsecurity.com/files/162530/SIS-REWE-GO-7.5.0-12C-Cross-Site-Scripting.html http://seclists.org/fulldisclosure/2021/May/20
CVE-2021-31214
Visual Studio Code Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31211. Date published : 2021-05-11 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31214
CVE-2021-31213
Visual Studio Code Remote Containers Extension Remote Code Execution Vulnerability Date published : 2021-05-11 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31213
CVE-2021-31211
Visual Studio Code Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31214. Date published : 2021-05-11 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31211
CVE-2021-31209
Microsoft Exchange Server Spoofing Vulnerability Date published : 2021-05-11 https://www.zerodayinitiative.com/advisories/ZDI-21-615/ https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31209
CVE-2021-31208
Windows Container Manager Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31165, CVE-2021-31167, CVE-2021-31168, CVE-2021-31169. Date published : 2021-05-11 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31208
CVE-2021-31207
Microsoft Exchange Server Security Feature Bypass Vulnerability Date published : 2021-05-11 http://packetstormsecurity.com/files/163895/Microsoft-Exchange-ProxyShell-Remote-Code-Execution.html https://www.zerodayinitiative.com/advisories/ZDI-21-819/
CVE-2021-31205
Windows SMB Client Security Feature Bypass Vulnerability Date published : 2021-05-11 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31205
CVE-2021-31204
.NET and Visual Studio Elevation of Privilege Vulnerability Date published : 2021-05-11 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6M7KL3KTHJVQNRA3CWFUTESQJARQEHSZ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4F3VM3RMPE7PNNLLI3BPCSAXITQZCFCA/
CVE-2021-31200
Common Utilities Remote Code Execution Vulnerability Date published : 2021-05-11 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31200