Headline
CVE-2021-38613: Nascent RemKon Multiple CVEs
The assets/index.php Image Upload feature of the NASCENT RemKon Device Manager 4.0.0.0 allows attackers to upload any code to the target system and achieve remote code execution.
Related news
CVE-2021-36512: SynchroNet | Maximize Your Team's Productivity. Everywhere.
An issue was discovered in function scanallsubs in src/sbbs3/scansubs.cpp in Synchronet BBS, which may allow attackers to view sensitive information due to an uninitialized value.
CVE-2021-37412:
The TechRadar app 1.1 for Confluence Server allows XSS via the Title field of a Radar.