Unknown · CVSS Not scored
When PgBouncer is configured to use "cert" authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of TLS certificate verification and encryption. This flaw affects PgBouncer versions prior to 1.16.1.
Published Nov 22, 2021 · Updated Nov 3, 2025
Medium · CVSS 5.5 · CISA KEV
Windows Installer Elevation of Privilege Vulnerability
Published Nov 10, 2021 · Updated Oct 21, 2025
High · CVSS 7.5 · CISA KEV
Active Directory Domain Services Elevation of Privilege Vulnerability
Published Nov 10, 2021 · Updated Oct 21, 2025
High · CVSS 7.8 · CISA KEV
Microsoft Excel Security Feature Bypass Vulnerability
Published Nov 10, 2021 · Updated Oct 21, 2025
High · CVSS 8.8 · CISA KEV
Microsoft Exchange Server Remote Code Execution Vulnerability
Published Nov 10, 2021 · Updated Oct 21, 2025
Critical · CVSS 10 · CISA KEV
Metabase is an open source data analytics platform. In affected versions a security issue has been discovered with the custom GeoJSON map (`admin->settings->maps->custom maps->add a map`) support and potential local file inclusion (including environment variables). URLs were not validated prior to being loaded. This issue is fixed in a new maintenance release (0.40.5 and 1.40.5), and any subsequent release after that. If you’re unable to upgrade immediately, you can mitigate this by including rules in your reverse proxy or load balancer or WAF to provide a validation filter before the application.
Published Nov 17, 2021 · Updated Oct 21, 2025
Critical · CVSS 9.8 · CISA KEV
Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to a potential SQL injection via search or search_params.
Published Nov 19, 2021 · Updated Oct 21, 2025
Medium · CVSS 6.1 · CISA KEV
Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0.4638.69 allowed a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page.
Published Nov 23, 2021 · Updated Oct 21, 2025
High · CVSS 8.8 · CISA KEV
Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Published Nov 23, 2021 · Updated Oct 21, 2025
Critical · CVSS 9.8 · CISA KEV
Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014 are vulnerable to unauthenticated remote code execution. This is related to /RestAPI URLs in a servlet, and ImportTechnicians in the Struts configuration.
Published Nov 29, 2021 · Updated Oct 21, 2025
Critical · CVSS 9.1
Barcode is a GLPI plugin for printing barcodes and QR codes. GLPI instances version 2.x prior to version 2.6.1 with the barcode plugin installed are vulnerable to a path traversal vulnerability. This issue was patched in version 2.6.1. As a workaround, delete the `front/send.php` file.
Published Nov 24, 2021 · Updated Sep 8, 2025
Medium · CVSS 4.4
IBM Security Guardium 10.5, 10.6, 11.0, 11.1, 11.2, 11.3, and 11.4 stores user credentials in plain clear text which can be read by a local privileged user. IBM X-Force ID: 215587.
Published Nov 3, 2022 · Updated Jul 23, 2025
Low · CVSS 3.5
A vulnerability classified as problematic has been found in Ortus Solutions ColdBox Elixir 3.1.6. This affects an unknown part of the file src/defaultConfig.js of the component ENV Variable Handler. The manipulation leads to information disclosure. Upgrading to version 3.1.7 is able to address this issue. The identifier of the patch is a3aa62daea2e44c76d08d1eac63768cd928cd69e. It is recommended to upgrade the affected component. The identifier VDB-244485 was assigned to this vulnerability.
Published Nov 6, 2023 · Updated Jun 12, 2025
Medium · CVSS 5.5
An issue was discovered in the RCDevs OpenOTP app 1.4.13 and 1.4.14 for iOS. If it is installed on a jailbroken device, it is possible to retrieve the PIN code used to access the application. The IOS app version 1.4.1631262629 resolves this issue by storing a hash PIN code.
Published Nov 10, 2021 · Updated May 30, 2025
Critical · CVSS 9.6
In uClibc and uClibc-ng before 1.0.39, incorrect handling of special characters in domain names returned by DNS servers via gethostbyname, getaddrinfo, gethostbyaddr, and getnameinfo can lead to output of wrong hostnames (leading to domain hijacking) or injection into applications (leading to remote code execution, XSS, applications crashes, etc.). In other words, a validation step, which is expected in any stub resolver, does not occur.
Published Nov 10, 2021 · Updated May 5, 2025
Medium · CVSS 4.9
OpenCart 3.0.3.7 allows users to obtain database information or read server files through SQL injection in the background.
Published Nov 3, 2022 · Updated May 5, 2025
Medium · CVSS 5.9
Alpine before 2.25 allows remote attackers to cause a denial of service (application crash) when LIST or LSUB is sent before STARTTLS.
Published Nov 3, 2022 · Updated May 5, 2025
High · CVSS 8.1
stb_image.h 2.27 has a heap-based buffer over in stbi__jpeg_load, leading to Information Disclosure or Denial of Service.
Published Nov 2, 2022 · Updated May 2, 2025
High · CVSS 7.7
Hitachi Vantara Pentaho Business Analytics Server versions before 9.3.0.0, 9.2.0.2 and
8.3.0.25 with the Data Lineage feature enabled transmits database passwords in clear text.
The transmission of sensitive data in clear text allows unauthorized actors with access to the
network to sniff and obtain sensitive information that can be later used to gain unauthorized
access.
Published Nov 2, 2022 · Updated May 2, 2025
Medium · CVSS 6.4
Cross Site Scripting vulnerability in Hewlett Packard Enterprise Integrated Lights-Out 5.
Published Nov 3, 2022 · Updated May 2, 2025
High · CVSS 7.8
jhead 3.06 is vulnerable to Buffer Overflow via exif.c in function Put16u.
Published Nov 4, 2022 · Updated May 2, 2025
Medium · CVSS 6.5
diplib v3.0.0 is vulnerable to Double Free.
Published Nov 4, 2022 · Updated May 2, 2025
Medium · CVSS 5.4
Saibamen HotelManager v1.2 is vulnerable to Cross Site Scripting (XSS) due to improper sanitization of comment and contact fields.
Published Nov 4, 2022 · Updated May 2, 2025
High · CVSS 8.4
Netskope client is impacted by a vulnerability where an authenticated, local attacker can view sensitive information stored in NSClient logs which should be restricted. The vulnerability exists because the sensitive information is not masked/scrubbed before writing in the logs. A malicious user can use the sensitive information to download data and impersonate another user.
Published Nov 3, 2022 · Updated May 2, 2025
Medium · CVSS 4.7
ELAN Miniport touchpad Windows driver before 24.21.51.2, as used in PC hardware from multiple manufacturers, allows local users to cause a system crash by sending a certain IOCTL request, because that request is handled twice.
Published Nov 7, 2022 · Updated May 2, 2025
Medium · CVSS 5
A vulnerability in
Hitachi Vantara Pentaho Business Analytics Server versions before 9.2.0.2 and
8.3.0.25 does not cascade the hidden property to the children of the Home folder. This directory listing provides an attacker with the complete index of all the resources located
inside the directory.
Published Nov 2, 2022 · Updated May 2, 2025
High · CVSS 7.1
Pentaho Business Analytics
Server versions before 9.2.0.2 and 8.3.0.25 using the Pentaho
Analyzer plugin exposes a service endpoint for templates which allows a
user-supplied path to access resources that are out of bounds.
The software uses external input to construct a pathname that is intended to identify a file or
directory that is located underneath a restricted parent directory, but the software does not
properly neutralize special elements within the pathname that can cause the pathname to
resolve to a location that is outside of the restricted directory. By using special elements such as
".." and "/" separators, attackers can escape outside of the restricted
location to access files or directories that are elsewhere on the
system.
Published Nov 2, 2022 · Updated May 2, 2025
Critical · CVSS 9.8
In WAGO I/O-Check Service in multiple products an attacker can send a specially crafted packet containing OS commands to crash the diagnostic tool and write memory.
Published Nov 9, 2022 · Updated May 1, 2025
Medium · CVSS 6.5
In the Kaden PICOFLUX AiR water meter an adversary can read the values through wireless M-Bus mode 5 with a hardcoded shared key while being adjacent to the device.
Published Nov 9, 2022 · Updated May 1, 2025
High · CVSS 7.5
xpdfreader 4.03 is vulnerable to Buffer Overflow.
Published Nov 10, 2022 · Updated May 1, 2025
Medium · CVSS 6.1
mm-wki v0.2.1 is vulnerable to Cross Site Scripting (XSS).
Published Nov 10, 2022 · Updated May 1, 2025
Critical · CVSS 9.8
The DRM module has a vulnerability in verifying the secure memory attributes. Successful exploitation of this vulnerability may cause abnormal video playback.
Published Nov 9, 2022 · Updated May 1, 2025
High · CVSS 7.5
The memory management module has the logic bypass vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
Published Nov 9, 2022 · Updated May 1, 2025
High · CVSS 7.8
In MMU_UnmapPages of the PowerVR kernel driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-243825200
Published Nov 8, 2022 · Updated May 1, 2025
High · CVSS 7.8
In _PMRLogicalOffsetToPhysicalOffset of the PowerVR kernel driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-246824784
Published Nov 8, 2022 · Updated May 1, 2025
Medium · CVSS 5.4
perfex crm 1.10 is vulnerable to Cross Site Scripting (XSS) via /clients/profile.
Published Nov 8, 2022 · Updated May 1, 2025
Critical · CVSS 9.1
In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to crash the iocheck process and write memory resulting in loss of integrity and DoS.
Published Nov 9, 2022 · Updated May 1, 2025
High · CVSS 8.2
In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to provoke a denial of service and an limited out-of-bounds read.
Published Nov 9, 2022 · Updated May 1, 2025
High · CVSS 7.5
In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to provoke a denial of service.
Published Nov 9, 2022 · Updated May 1, 2025
High · CVSS 7.8
Insufficient verification of multiple header signatures while loading a Trusted Application (TA) may allow an attacker with privileges to gain code execution in that TA or the OS/kernel.
Published Nov 9, 2022 · Updated May 1, 2025
High · CVSS 7.8
An attacker with local access to the system can make unauthorized modifications of the security configuration of the SOC registers. This could allow potential corruption of AMD secure processor’s encrypted memory contents which may lead to arbitrary code execution in ASP.
Published Nov 9, 2022 · Updated May 1, 2025
Unknown · CVSS Not scored
The parse function in llhttp < 2.1.4 and < 6.0.6. ignores chunk extensions when parsing the body of chunked requests. This leads to HTTP Request Smuggling (HRS) under certain conditions.
Published Nov 3, 2021 · Updated Apr 30, 2025
Unknown · CVSS Not scored
The parser in accepts requests with a space (SP) right after the header name before the colon. This can lead to HTTP Request Smuggling (HRS) in llhttp < v2.1.4 and < v6.0.6.
Published Nov 15, 2021 · Updated Apr 30, 2025
High · CVSS 7.5
Xiongmai Camera XM-JPR2-LX V4.02.R12.A6420987.10002.147502.00000 is vulnerable to account takeover.
Published Nov 14, 2022 · Updated Apr 30, 2025
Medium · CVSS 5.3
Xiongmai Camera XM-JPR2-LX V4.02.R12.A6420987.10002.147502.00000 is vulnerable to plain-text traffic sniffing.
Published Nov 14, 2022 · Updated Apr 30, 2025
Medium · CVSS 6.1
OP5 Monitor 8.3.1, 8.3.2, and OP5 8.3.3 are vulnerable to Cross Site Scripting (XSS).
Published Nov 14, 2022 · Updated Apr 30, 2025
Medium · CVSS 6.5
In Publify, 9.0.0.pre1 to 9.2.4 are vulnerable to Improper Access Control. “guest” role users can self-register even when the admin does not allow. This happens due to front-end restriction only.
Published Nov 2, 2021 · Updated Apr 30, 2025
Medium · CVSS 5.4
Apostrophe CMS versions between 2.63.0 to 3.3.1 are vulnerable to Stored XSS where an editor uploads an SVG file that contains malicious JavaScript onto the Images module, which triggers XSS once viewed.
Published Nov 7, 2021 · Updated Apr 30, 2025
Critical · CVSS 9.8
Apostrophe CMS versions prior to 3.3.1 did not invalidate existing login sessions when disabling a user account or changing the password, creating a situation in which a device compromised by a third party could not be locked out by those means. As a mitigation for older releases the user account in question can be archived (3.x) or moved to the trash (2.x and earlier) which does disable the existing session.
Published Nov 8, 2021 · Updated Apr 30, 2025
Medium · CVSS 5.4
In Publify, versions v8.0 to v9.2.4 are vulnerable to stored XSS. A user with a “publisher” role is able to inject and execute arbitrary JavaScript code while creating a page/article.
Published Nov 10, 2021 · Updated Apr 30, 2025