Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-41825: My first CVE! CVE-2021–41825: Verint Workforce Optimization-HTML Injection

Verint Workforce Optimization (WFO) 15.2.5.1033 allows HTML injection via the /wfo/control/signin username parameter.

CVE

Related news

Siemens SINUMERIK

This advisory contains mitigations for a Heap-based Buffer Overflow vulnerability in Siemens SINUMERIK controllers.

CVE-2021-41075: Read me | OpManager Help

The NetFlow Analyzer in Zoho ManageEngine OpManger before 125455 is vulnerable to SQL Injection in the Attacks Module API.

CVE-2021-40493: Security Updates - CVE-2021-40493 | ManageEngine OpManager

Zoho ManageEngine OpManager before 125437 is vulnerable to SQL Injection in the support diagnostics module. This occurs via the pollingObject parameter of the getDataCollectionFailureReason API.

CVE-2021-41288: Read me | OpManager Help

Zoho ManageEngine OpManager version 125466 and below is vulnerable to SQL Injection in the getReportData API.

CVE-2021-38203

btrfs in the Linux kernel before 5.13.4 allows attackers to cause a denial of service (deadlock) via processes that trigger allocation of new system chunks during times when there is a shortage of free space in the system space_info.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907