Headline
CVE-2021-41075: Read me | OpManager Help
The NetFlow Analyzer in Zoho ManageEngine OpManger before 125455 is vulnerable to SQL Injection in the Attacks Module API.
Related news
This advisory contains mitigations for a Heap-based Buffer Overflow vulnerability in Siemens SINUMERIK controllers.
Zoho ManageEngine OpManager before 125437 is vulnerable to SQL Injection in the support diagnostics module. This occurs via the pollingObject parameter of the getDataCollectionFailureReason API.
Verint Workforce Optimization (WFO) 15.2.5.1033 allows HTML injection via the /wfo/control/signin username parameter.
Zoho ManageEngine OpManager version 125466 and below is vulnerable to SQL Injection in the getReportData API.
btrfs in the Linux kernel before 5.13.4 allows attackers to cause a denial of service (deadlock) via processes that trigger allocation of new system chunks during times when there is a shortage of free space in the system space_info.