HTTP Protocol Stack Remote Code Execution Vulnerability Date published : 2021-05-11 http://packetstormsecurity.com/files/162722/Microsoft-HTTP-Protocol-Stack-Remote-Code-Execution.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31166
Windows Container Manager Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31167, CVE-2021-31168, CVE-2021-31169, CVE-2021-31208. Date published : 2021-05-11 http://packetstormsecurity.com/files/162555/Windows-Container-Manager-Service-CmsRpcSrv_CreateContainer-Privilege-Escalation.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31165
In JetBrains IntelliJ IDEA before 2021.1, DoS was possible because of unbounded resource allocation. Date published : 2021-05-11 Home JetBrains Security Bulletin Q1 2021
In JetBrains UpSource before 2020.1.1883, application passwords were not revoked correctly Date published : 2021-05-11 Home JetBrains Security Bulletin Q1 2021
RiyaLab CloudISO event item is added, special characters in specific field of time management page are not properly filtered, which allow remote authenticated attackers can inject malicious JavaScript and carry out stored XSS (Stored...
In IntelliJ IDEA before 2020.3.3, XXE was possible, leading to information disclosure. Date published : 2021-05-11 Home JetBrains Security Bulletin Q1 2021
In JetBrains PyCharm before 2020.3.4, local code execution was possible because of insufficient checks when getting the project from VCS. Date published : 2021-05-11 https://security.gentoo.org/glsa/202107-45 Home
Puma is a concurrent HTTP 1.1 server for Ruby/Rack applications. The fix for CVE-2019-16770 was incomplete. The original fix only protected existing connections that had already been accepted from having their requests starved by...
Due to how Wire handles type information in its serialization format, malicious payloads can be passed to a deserializer. e.g. using a surrogate on the sender end, an attacker can pass information about a...
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.33.2 "Push rules" can specify conditions under...
In JetBrains IntelliJ IDEA 2020.3.3, local code execution was possible because of insufficient checks when getting the project from VCS. Date published : 2021-05-11 Home JetBrains Security Bulletin Q1 2021
Windows CSC Service Information Disclosure Vulnerability Date published : 2021-05-11 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28479
Microsoft SharePoint Spoofing Vulnerability This CVE ID is unique from CVE-2021-26418, CVE-2021-31172. Date published : 2021-05-11 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28478
Hyper-V Remote Code Execution Vulnerability Date published : 2021-05-11 http://packetstormsecurity.com/files/163497/Microsoft-Hyper-V-vmswitch.sys-Proof-Of-Concept.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28476