آسیب‌پذیری‌های حیاتی هفته اول اردیبهشت‌ماه

این هفته آسیب‌پذیری‌های «حیاتی» و «پرخطر» بسیاری در محصولات مهم Oracle گزارش و وصله‌ها و به‌روزرسانی‌هایی به منظور رفع آن‌ها ارائه شد. همچنین در محصولات شرکت‌های Siemens، NVIDIA، VMware، Juniper، Solarwinds وکرنل لینوکس چندین آسیب‌پذیری «حیاتی» و «پرخطر» وجود داشت.

لیست این آسیب‌پذیری‌ها به‌همراه سطح خطر آن‌ها در جدول زیر آمده است.

شناسه آسیب‌پذیری	امتیاز مبنا	عنوان آسیب‌پذیری	ارزش روز صفر	رفع آسیب‌پذیری
CVE-2021-31547	۳.۵	AbuseFilter Extension AbuseFilterCheckMatch API information disclosure	$۰-$۱k	Official Fix
CVE-2021-31554	۵.۵	AbuseFilter Extension Account Block access control	$۱k-$2k	Official Fix
CVE-2021-31552	۵.۵	AbuseFilter Extension Account Creation access control	$۱k-$2k	Official Fix
CVE-2021-31549	۳.۵	AbuseFilter Extension examine information disclosure	$۰-$۱k	Official Fix
CVE-2021-31546	۳.۵	AbuseFilter Extension information disclosure	$۰-$۱k	Official Fix
CVE-2021-31545	۳.۵	AbuseFilter Extension page_recent_contributors information disclosure	$۰-$۱k	Official Fix
CVE-2021-31548	۵.۵	AbuseFilter Extension unknown vulnerability	$۲k-$5k	Official Fix
CVE-2021-21070	۷.۸	Adobe Robohelp uncontrolled search path	$۲k-$5k	Official Fix
CVE-2021-25680	۳.۵	ADTRAN Netvanta 7060/Netvanta 7100 cross site scripting	$۰-$۱k	Workaround
CVE-2021-25679	۳.۵	ADTRAN Netvanta 7060/Netvanta 7100 cross site scripting	$۰-$۱k	Workaround
CVE-2021-25681	۵.۵	ADTRAN Netvanta 7060/Netvanta 7100 DNS unknown vulnerability	$۲k-$5k	Workaround
CVE-2021-24232	۳.۵	Advanced Booking Calendar Plugin Settings Page cross site scripting	$۰-$۱k	Official Fix
CVE-2021-24241	۳.۵	Advanced Custom Fields Pro Plugin Update Settings Page cross site scripting	$۰-$۱k	Official Fix
CVE-2021-26291	۴.۶	Apache Maven Project Object Model unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2021-27028	۷.۰	Autodesk FBX Review DLL File memory corruption	$۲k-$5k	Not Defined
CVE-2021-27027	۷.۰	Autodesk FBX Review DLL File out-of-bounds write	$۲k-$5k	Not Defined
CVE-2021-27029	۴.۹	Autodesk FBX Review FBX File denial of service	$۰-$۱k	Not Defined
CVE-2021-27030	۶.۳	Autodesk FBX Review FBX File pathname traversal	$۱k-$2k	Not Defined
CVE-2021-27031	۶.۳	Autodesk FBX Review FBX File use after free	$۲k-$5k	Not Defined
CVE-2021-26908	۳.۳	Automox Agent log file	$۰-$۵k	Official Fix
CVE-2021-26909	۳.۷	Automox Agent S3 Bucket Endpoint access control	$۰-$۵k	Official Fix
CVE-2020-23907	۵.۵	Avast retdec ir_modifications.cpp canSplitFunctionOn out-of-bounds read	$۰-$۱k	Official Fix
CVE-2020-7035	۶.۳	Avaya Aura Orchestration Designer Web-based User Interface xml external entity reference	$۰-$۵k	Official Fix
CVE-2020-7036	۶.۳	Avaya Callback Assist xml external entity reference	$۰-$۵k	Official Fix
CVE-2020-7034	۷.۲	Avaya Session Border Controller for Enterprise Message os command injection	$۰-$۵k	Not Defined
CVE-2020-27568	۶.۳	Aviatrix Controller permission	$۲k-$5k	Not Defined
CVE-2020-27569	۵.۵	Aviatrix VPN Client VPN Service permission	$۱k-$2k	Not Defined
CVE-2021-21644	۴.۶	Config File Provider Plugin cross-site request forgery	$۰-$۱k	Not Defined
CVE-2021-21645	۳.۵	Config File Provider Plugin HTTP Endpoint authorization	$۱k-$2k	Not Defined
CVE-2021-21643	۳.۵	Config File Provider Plugin HTTP Endpoint authorization	$۱k-$2k	Not Defined
CVE-2021-21642	۵.۵	Config File Provider Plugin XML External Entity xml external entity reference	$۱k-$2k	Not Defined
CVE-2020-23914	۳.۵	cpp-peglib peglib.h optimize null pointer dereference	$۰-$۱k	Official Fix
CVE-2020-23915	۵.۵	cpp-peglib peglib.h resolve_escape_sequence heap-based overflow	$۲k-$5k	Official Fix
CVE-2021-22682	۵.۵	Cscape access control	$۰-$۵k	Official Fix
CVE-2021-22678	۵.۵	Cscape memory corruption	$۰-$۵k	Official Fix
CVE-2021-31523	۶.۳	Debian Xscreensaver Mesa 3D Graphics Library sonar Remote Privilege Escalation	$۱۰k-$25k	Not Defined
CVE-2020-26197	۵.۶	Dell EMC PowerScale OneFS LDAP inadequate encryption	$۵k-$10k	Not Defined
CVE-2021-21526	۶.۷	Dell EMC PowerScale OneFS SmartLock Compliance Mode os command injection	$۱۰k-$25k	Not Defined
CVE-2021-29466	۴.۳	discord-recon app.py path traversal	$۱k-$2k	Official Fix
CVE-2021-29461	۶.۳	discord-recon CommandInjection.py code injection	$۲k-$5k	Official Fix
CVE-2021-29465	۶.۳	discord-recon setting.py code injection	$۲k-$5k	Official Fix
CVE-2020-17542	۳.۵	dotCMS Task Detail workflow&amp cross site scripting	$۰-$۵k	Not Defined
CVE-2021-28167	۵.۵	Eclipse Openj9 jdk.internal.reflect.ConstantPool API missing initialization of resource	$۲k-$5k	Not Defined
CVE-2021-29457	۵.۵	Exiv2 Metadata heap-based overflow	$۲k-$5k	Official Fix
CVE-2021-29470	۳.۳	Exiv2 Metadata out-of-bounds read	$۰-$۵k	Official Fix
CVE-2021-29458	۳.۵	Exiv2 Metadata out-of-bounds read	$۰-$۱k	Official Fix
CVE-2021-31598	۵.۵	ezXML XML File Parser libezxml.a ezxml_decode heap-based overflow	$۰-$۵k	Not Defined
CVE-2020-17564	۵.۴	FeiFeiCMS HTTP Request DataAction.class.php path traversal	$۱k-$2k	Not Defined
CVE-2020-17563	۵.۴	FeiFeiCMS HTTP Request path traversal	$۱k-$2k	Not Defined
CVE-2021-20990	۷.۳	Fibaro Home Center/Home Center Lite Internal Management Service authorization	$۲k-$5k	Not Defined
CVE-2021-20991	۸.۸	Fibaro Home Center/Home Center Lite os command injection	$۲k-$5k	Not Defined
CVE-2021-20989	۵.۶	Fibaro Home Center/Home Center Lite SSH Connection authorization	$۲k-$5k	Not Defined
CVE-2021-20992	۳.۷	Fibaro Home Center/Home Center Lite Web-based Management Interface cleartext transmission	$۰-$۱k	Not Defined
CVE-2021-31572	۵.۵	FreeRTOS Kernel stream_buffer.c integer overflow	$۲k-$5k	Official Fix
CVE-2021-31571	۵.۵	FreeRTOS Queue queue.c integer overflow	$۲k-$5k	Official Fix
CVE-2021-22205	۶.۳	GitLab Community Edition/Enterprise Edition Image File Remote Privilege Escalation	$۰-$۵k	Not Defined
CVE-2021-22199	۳.۵	GitLab Scoped Label cross site scripting	$۰-$۱k	Not Defined
CVE-2021-30022	۴.۵	GPAC av_parsers.c gf_avc_read_pps_bs_internal integer overflow	$۱k-$2k	Official Fix
CVE-2021-30014	۴.۵	GPAC av_parsers.c hevc_parse_slice_segment integer overflow	$۱k-$2k	Official Fix
CVE-2020-23931	۶.۳	GPAC box_code_adobe.c abst_box_read heap-based overflow	$۲k-$5k	Official Fix
CVE-2020-23928	۵.۵	GPAC box_code_adobe.c abst_box_read heap-based overflow	$۲k-$5k	Official Fix
CVE-2020-35980	۵.۵	GPAC box_funcs.c gf_isom_box_del use after free	$۲k-$5k	Official Fix
CVE-2021-30020	۴.۵	GPAC File av_parsers.c gf_hevc_read_pps_bs_internal infinite loop	$۰-$۱k	Official Fix
CVE-2020-23932	۴.۵	GPAC filedump.c dump_isom_sdp null pointer dereference	$۰-$۱k	Official Fix
CVE-2021-30015	۴.۵	GPAC filter_pck.c av1dmx_parse_flush_sample null pointer dereference	$۰-$۱k	Official Fix
CVE-2021-29279	۶.۶	GPAC filter_props.c gf_props_assign_value integer overflow	$۲k-$5k	Official Fix
CVE-2020-35982	۳.۵	GPAC isom_hinter.c gf_hinter_track_finalize null pointer dereference	$۰-$۱k	Official Fix
CVE-2020-35981	۳.۵	GPAC isom_store.c SetupWriters null pointer dereference	$۰-$۱k	Official Fix
CVE-2021-30199	۴.۵	GPAC MP4 File reframe_latm.c gf_filter_pck_get_data null pointer dereference	$۰-$۱k	Official Fix
CVE-2021-31255	۶.۶	GPAC MP4Box abst_box_read buffer overflow	$۲k-$5k	Official Fix
CVE-2021-31262	۴.۵	GPAC MP4Box AV1_DuplicateConfig denial of service	$۰-$۱k	Official Fix
CVE-2021-31261	۴.۵	GPAC MP4Box gf_hinter_track_new information disclosure	$۰-$۱k	Official Fix
CVE-2021-31259	۴.۵	GPAC MP4Box gf_isom_cenc_get_default_info_internal denial of service	$۰-$۱k	Official Fix
CVE-2021-31258	۴.۵	GPAC MP4Box gf_isom_set_extraction_slc denial of service	$۰-$۱k	Official Fix
CVE-2021-31257	۴.۵	GPAC MP4Box HintFile denial of service	$۰-$۱k	Official Fix
CVE-2021-31260	۴.۵	GPAC MP4Box MergeTrack denial of service	$۰-$۱k	Official Fix
CVE-2021-31256	۴.۵	GPAC MP4Box stbl_GetSampleInfos memory leak	$۰-$۱k	Official Fix
CVE-2021-31254	۵.۶	GPAC MP4Box tenc_box_read denial of service	$۰-$۱k	Official Fix
CVE-2021-30019	۵.۵	GPAC reframe_adts.c adts_dmx_process heap-based overflow	$۲k-$5k	Official Fix
CVE-2020-35979	۵.۵	GPAC rtp_pck_mpeg4.c gp_rtp_builder_do_avc heap-based overflow	$۲k-$5k	Official Fix
CVE-2020-23930	۳.۵	GPAC write_nhml.c nhmldump_send_header denial of service	$۰-$۱k	Official Fix
CVE-2021-3497	۵.۵	GStreamer Matroska File use after free	$۲k-$5k	Official Fix
CVE-2021-3498	۵.۵	GStreamer Matroska heap-based overflow	$۲k-$5k	Official Fix
CVE-2021-28156	۴.۶	Hashicorp Consul Enterprise HTTP Event unknown vulnerability	$۱k-$2k	Official Fix
CVE-2020-25864	۳.۵	Hashicorp Consul/Consul Enterprise KV Raw Mode cross site scripting	$۰-$۱k	Official Fix
CVE-2021-30476	۵.۵	Hashicorp Terraform Vault Provider unknown vulnerability	$۲k-$5k	Official Fix
CVE-2021-29653	۶.۳	Hashicorp Vault/Vault Enterprise CRL certificate validation	$۱k-$2k	Official Fix
CVE-2021-27400	۵.۰	Hashicorp Vault/Vault Enterprise TLS Certificate certificate validation	$۱k-$2k	Official Fix
CVE-2021-20501	۵.۹	IBM i SMTP resource consumption	$۵k-$10k	Not Defined
CVE-2021-20527	۴.۷	IBM Resilient SOAR Remote Privilege Escalation	$۱۰k-$25k	Not Defined
CVE-2021-20454	۷.۳	IBM WebSphere Application Server XML Data xml external entity reference	$۱۰k-$25k	Not Defined
CVE-2021-20453	۷.۳	IBM WebSphere Application Server XML Data xml external entity reference	$۱۰k-$25k	Not Defined
CVE-2021-20086	۵.۵	jquery-bbq Prototype Object.prototype code injection	$۰-$۵k	Not Defined
CVE-2021-20087	۵.۵	jquery-deparam Prototype Object.prototype code injection	$۰-$۵k	Not Defined
CVE-2021-20083	۵.۵	jquery-plugin-query-object Prototype code injection	$۰-$۵k	Not Defined
CVE-2021-20084	۵.۵	jquery-sparkle Prototype Object.prototype code injection	$۰-$۵k	Not Defined
CVE-2021-0265	۸.۱	Juniper AppFormix REST API Remote Code Execution	$۲۵k-$50k	Official Fix
CVE-2021-0224	۶.۵	Juniper Junos OS Access Node Control Protocol Daemon allocation of resources	$۲k-$5k	Official Fix
CVE-2021-0216	۶.۵	Juniper Junos OS BFD Session denial of service	$۲k-$5k	Official Fix
CVE-2021-0238	۵.۵	Juniper Junos OS BNG resource consumption	$۱k-$2k	Official Fix
CVE-2021-0251	۸.۶	Juniper Junos OS cpcd null pointer dereference	$۵k-$10k	Official Fix
CVE-2021-0252	۷.۸	Juniper Junos OS Device Management Daemon command injection	$۱۰k-$25k	Official Fix
CVE-2021-0247	۵.۱	Juniper Junos OS dfwd race condition	$۲k-$5k	Official Fix
CVE-2021-0239	۶.۵	Juniper Junos OS Evo-aftmand denial of service	$۲k-$5k	Official Fix
CVE-2021-0250	۷.۵	Juniper Junos OS Evolved BGP UPDATE Message denial of service	$۵k-$10k	Official Fix
CVE-2021-0267	۷.۴	Juniper Junos OS Evolved DHCP Relay Agent denial of service	$۲k-$5k	Official Fix
CVE-2021-0264	۵.۹	Juniper Junos OS Evolved Firewall Filter denial of service	$۵k-$10k	Official Fix
CVE-2021-0273	۵.۳	Juniper Junos OS Evolved infinite loop	$۵k-$10k	Official Fix
CVE-2021-0226	۷.۱	Juniper Junos OS Evolved IPv6 Packet denial of service	$۲k-$5k	Official Fix
CVE-2021-0236	۶.۵	Juniper Junos OS Evolved Routing Protocol denial of service	$۲k-$5k	Official Fix
CVE-2021-0225	۵.۸	Juniper Junos OS Evolved Stateless Firewall unusual condition	$۱۰k-$25k	Official Fix
CVE-2021-0259	۷.۴	Juniper Junos OS Evolved VXLAN Configuration exceptional condition	$۱۰k-$25k	Official Fix
CVE-2021-0272	۶.۵	Juniper Junos OS Flexible PIC Concentrator memory leak	$۲k-$5k	Official Fix
CVE-2021-0233	۷.۵	Juniper Junos OS Forwarding Engine Board resource consumption	$۵k-$10k	Official Fix
CVE-2021-0245	۷.۸	Juniper Junos OS hard-coded credentials	$۵k-$10k	Official Fix
CVE-2021-0248	۱۰.۰	Juniper Junos OS hard-coded credentials	$۱۰k-$25k	Official Fix
CVE-2021-0266	۸.۱	Juniper Junos OS hard-coded key	$۵k-$10k	Official Fix
CVE-2021-0268	۸.۸	Juniper Junos OS HTTP Header response splitting	$۱۰k-$25k	Official Fix
CVE-2021-0227	۷.۵	Juniper Junos OS HTTP Packet memory corruption	$۱۰k-$25k	Official Fix
CVE-2021-0270	۷.۵	Juniper Junos OS inline-jflow use after free	$۱۰k-$25k	Official Fix
CVE-2021-0257	۶.۵	Juniper Junos OS IRB Interface memory leak	$۲k-$5k	Official Fix
CVE-2021-0241	۷.۴	Juniper Junos OS JDHCPD denial of service	$۲k-$5k	Official Fix
CVE-2021-0240	۷.۴	Juniper Junos OS JDHCPD denial of service	$۲k-$5k	Official Fix
CVE-2021-0253	۷.۸	Juniper Junos OS JDMD command injection	$۱۰k-$25k	Official Fix
CVE-2021-0275	۸.۸	Juniper Junos OS J-Web cross site scripting	$۵k-$10k	Official Fix
CVE-2021-0269	۸.۸	Juniper Junos OS J-Web input validation	$۱۰k-$25k	Official Fix
CVE-2021-0231	۶.۵	Juniper Junos OS J-web path traversal	$۵k-$10k	Official Fix
CVE-2021-0244	۷.۴	Juniper Junos OS L2ALD denial of service	$۵k-$10k	Official Fix
CVE-2021-0230	۷.۵	Juniper Junos OS Link Aggregation resource consumption	$۵k-$10k	Official Fix
CVE-2021-0256	۵.۵	Juniper Junos OS Mosquitto unnecessary privileges	$۵k-$10k	Official Fix
CVE-2021-0229	۵.۳	Juniper Junos OS MQTT Server resource consumption	$۵k-$10k	Official Fix
CVE-2021-0263	۵.۹	Juniper Junos OS Multi-Service Process rts_peer_cp_recv_timeout denial of service	$۵k-$10k	Official Fix
CVE-2021-0235	۷.۳	Juniper Junos OS Network Traffic default permission	$۲k-$5k	Official Fix
CVE-2021-0246	۷.۳	Juniper Junos OS Network Traffic SPC3 default permission	$۲k-$5k	Official Fix
CVE-2021-0254	۹.۸	Juniper Junos OS overlayd buffer overflow	$۱۰k-$25k	Official Fix
CVE-2021-0249	۸.۱	Juniper Junos OS Packet Forwarding Engine buffer overflow	$۲۵k-$50k	Official Fix
CVE-2021-0237	۶.۵	Juniper Junos OS Packet Forwarding Engine denial of service	$۲k-$5k	Official Fix
CVE-2021-0234	۵.۸	Juniper Junos OS Packet Forwarding Engine initialization	$۵k-$10k	Official Fix
CVE-2021-0262	۶.۵	Juniper Junos OS PFE Packet use after free	$۱۰k-$25k	Official Fix
CVE-2021-0243	۴.۷	Juniper Junos OS Policer Limit resource consumption	$۲k-$5k	Official Fix
CVE-2021-0214	۶.۵	Juniper Junos OS PPMD denial of service	$۲k-$5k	Official Fix
CVE-2021-0271	۶.۵	Juniper Junos OS sfid double free	$۱۰k-$25k	Official Fix
CVE-2021-0260	۷.۳	Juniper Junos OS snmpd improper authorization	$۱۰k-$25k	Official Fix
CVE-2021-0258	۵.۹	Juniper Junos OS TCPv6 Packet denial of service	$۵k-$10k	Official Fix
CVE-2021-0242	۶.۵	Juniper Junos OS Unicast Frame memory corruption	$۱۰k-$25k	Official Fix
CVE-2021-0255	۵.۵	Juniper Junos OS unnecessary privileges	$۱۰k-$25k	Official Fix
CVE-2021-0228	۶.۵	Juniper Junos OS VXLAN Configuration unusual condition	$۱۰k-$25k	Official Fix
CVE-2021-0261	۷.۵	Juniper Junos OS Web Service allocation of resources	$۵k-$10k	Official Fix
CVE-2021-0232	۷.۴	Juniper Paragon Active Assurance Control Center access control	$۱۰k-$25k	Official Fix
CVE-2021-3506	۷.۱	Linux Kernel f2fs module node.c out-of-bounds read	$۵k-$10k	Official Fix
CVE-2021-23133	۶.۷	Linux Kernel SCTP Socket socket.c sctp_destroy_sock race condition	$۵k-$10k	Official Fix
CVE-2021-29155	۵.۵	Linux Kernel Spectre Mitigation verifier.c information disclosure	$۲k-$5k	Official Fix
CVE-2021-21426	۹.۸	Magento LTS deserialization	$۲k-$5k	Official Fix
CVE-2021-21427	۴.۷	Magento LTS sql injection	$۱k-$2k	Official Fix
CVE-2021-31780	۳.۵	MISP Event Edit MispObject.php information disclosure	$۰-$۵k	Official Fix
CVE-2021-20590	۷.۳	Mitsubishi Electric GOT2000/GOT Simple VNC Server improper authentication	$۱k-$2k	Not Defined
CVE-2021-1079	۷.۸	NVIDIA GeForce Experience GameStream Plugins access control	$۲k-$5k	Official Fix
CVE-2021-1076	۶.۶	NVIDIA GPU Display Driver Kernel Mode Layer nvlddmkm.sys Remote Privilege Escalation	$۲k-$5k	Not Defined
CVE-2021-1077	۶.۶	NVIDIA GPU Display Driver Reference denial of service	$۰-$۱k	Not Defined
CVE-2021-1074	۷.۵	NVIDIA Windows GPU Display Driver Installer Remote Privilege Escalation	$۲k-$5k	Not Defined
CVE-2021-1078	۵.۵	NVIDIA Windows GPU Display Driver Kernel Driver nvlddmkm.sys null pointer dereference	$۰-$۱k	Not Defined
CVE-2021-1075	۷.۳	NVIDIA Windows GPU Display Driver Kernel Mode Layer nvlddmkm.sys DxgkDdiEscape Remote Privilege Escalation	$۲k-$5k	Not Defined
CVE-2020-27241	۷.۳	OpenClinic GA getAssets.jsp sql injection	$۲k-$5k	Not Defined
CVE-2020-27240	۷.۳	OpenClinic GA getAssets.jsp sql injection	$۲k-$5k	Not Defined
CVE-2021-2253	۹.۱	Oracle Advanced Supply Chain Planning Core unknown vulnerability	$۱۰۰k and more	Official Fix
CVE-2019-10086	۷.۳	Oracle Agile PLM Security Remote Code Execution	$۱۰k-$25k	Official Fix
CVE-2019-10086	۷.۳	Oracle Agile Product Lifecycle Management Integration Pack for E-Business Suite Installer Remote Code Execution	$۱۰k-$25k	Official Fix
CVE-2019-10086	۷.۳	Oracle Agile Product Lifecycle Management Integration Pack for SAP: Design to Release Core Remote Code Execution	$۱۰k-$25k	Official Fix
CVE-2021-2317	۱۰.۰	Oracle Cloud Infrastructure Storage Gateway Management Console Remote Code Execution	$۱۰۰k and more	Official Fix
CVE-2021-2318	۹.۱	Oracle Cloud Infrastructure Storage Gateway Management Console Remote Privilege Escalation	$۵۰k-$100k	Official Fix
CVE-2021-2319	۹.۱	Oracle Cloud Infrastructure Storage Gateway Management Console Remote Privilege Escalation	$۵۰k-$100k	Official Fix
CVE-2021-2320	۹.۱	Oracle Cloud Infrastructure Storage Gateway Management Console Remote Privilege Escalation	$۵۰k-$100k	Official Fix
CVE-2021-2162	۴.۳	Oracle MySQL Server Audit Plug-in unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2021-2172	۶.۵	Oracle MySQL Server DML denial of service	$۲k-$5k	Official Fix
CVE-2021-2154	۴.۹	Oracle MySQL Server DML denial of service	$۲k-$5k	Official Fix
CVE-2021-2166	۴.۹	Oracle MySQL Server DML denial of service	$۲k-$5k	Official Fix
CVE-2021-2196	۴.۹	Oracle MySQL Server DML denial of service	$۲k-$5k	Official Fix
CVE-2021-2300	۴.۹	Oracle MySQL Server DML denial of service	$۲k-$5k	Official Fix
CVE-2021-2305	۴.۹	Oracle MySQL Server DML denial of service	$۲k-$5k	Official Fix
CVE-2020-28196	۷.۵	Oracle MySQL Server Encryption denial of service	$۵k-$10k	Official Fix
CVE-2021-23841	۷.۵	Oracle MySQL Server Encryption denial of service	$۵k-$10k	Official Fix
CVE-2021-2179	۴.۹	Oracle MySQL Server Group Replication Plugin denial of service	$۲k-$5k	Official Fix
CVE-2021-2232	۱.۹	Oracle MySQL Server Group Replication Plugin denial of service	$۰-$۱k	Official Fix
CVE-2021-2226	۴.۹	Oracle MySQL Server Information Schema information disclosure	$۵k-$10k	Official Fix
CVE-2021-2301	۲.۷	Oracle MySQL Server Information Schema information disclosure	$۵k-$10k	Official Fix
CVE-2021-2308	۲.۷	Oracle MySQL Server Information Schema information disclosure	$۵k-$10k	Official Fix
CVE-2021-2180	۴.۹	Oracle MySQL Server InnoDB denial of service	$۲k-$5k	Official Fix
CVE-2021-2194	۴.۹	Oracle MySQL Server InnoDB denial of service	$۲k-$5k	Official Fix
CVE-2021-2174	۴.۴	Oracle MySQL Server InnoDB denial of service	$۲k-$5k	Official Fix
CVE-2021-2298	۶.۵	Oracle MySQL Server Optimizer denial of service	$۲k-$5k	Official Fix
CVE-2021-2160	۴.۹	Oracle MySQL Server Optimizer denial of service	$۲k-$5k	Official Fix
CVE-2021-2164	۴.۹	Oracle MySQL Server Optimizer denial of service	$۲k-$5k	Official Fix
CVE-2021-2169	۴.۹	Oracle MySQL Server Optimizer denial of service	$۲k-$5k	Official Fix
CVE-2021-2170	۴.۹	Oracle MySQL Server Optimizer denial of service	$۲k-$5k	Official Fix
CVE-2021-2193	۴.۹	Oracle MySQL Server Optimizer denial of service	$۲k-$5k	Official Fix
CVE-2021-2203	۴.۹	Oracle MySQL Server Optimizer denial of service	$۲k-$5k	Official Fix
CVE-2021-2212	۴.۹	Oracle MySQL Server Optimizer denial of service	$۲k-$5k	Official Fix
CVE-2021-2213	۴.۹	Oracle MySQL Server Optimizer denial of service	$۲k-$5k	Official Fix
CVE-2021-2278	۴.۹	Oracle MySQL Server Optimizer denial of service	$۲k-$5k	Official Fix
CVE-2021-2299	۴.۹	Oracle MySQL Server Optimizer denial of service	$۲k-$5k	Official Fix
CVE-2021-2230	۴.۹	Oracle MySQL Server Optimizer denial of service	$۲k-$5k	Official Fix
CVE-2021-2146	۴.۹	Oracle MySQL Server Options denial of service	$۲k-$5k	Official Fix
CVE-2021-2307	۶.۱	Oracle MySQL Server Packaging unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2021-2144	۷.۲	Oracle MySQL Server Parser Remote Privilege Escalation	$۱۰k-$25k	Official Fix
CVE-2021-2201	۴.۹	Oracle MySQL Server Partition denial of service	$۲k-$5k	Official Fix
CVE-2021-2208	۴.۹	Oracle MySQL Server Partition denial of service	$۲k-$5k	Official Fix
CVE-2021-2178	۶.۵	Oracle MySQL Server Replication denial of service	$۲k-$5k	Official Fix
CVE-2021-2202	۶.۵	Oracle MySQL Server Replication denial of service	$۲k-$5k	Official Fix
CVE-2021-2171	۴.۴	Oracle MySQL Server Replication denial of service	$۲k-$5k	Official Fix
CVE-2021-2215	۴.۹	Oracle MySQL Server Stored Procedure denial of service	$۲k-$5k	Official Fix
CVE-2021-2217	۴.۹	Oracle MySQL Server Stored Procedure denial of service	$۲k-$5k	Official Fix
CVE-2021-2293	۴.۹	Oracle MySQL Server Stored Procedure denial of service	$۲k-$5k	Official Fix
CVE-2021-2304	۵.۵	Oracle MySQL Server Stored Procedure unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2019-7317	۵.۳	Oracle MySQL Workbench denial of service	$۵k-$10k	Official Fix
CVE-2021-3450	۷.۴	Oracle MySQL Workbench unknown vulnerability	$۲۵k-$50k	Official Fix
CVE-2021-2303	۴.۹	Oracle OSS Support Tools Diagnostic Assistant information disclosure	$۵k-$10k	Official Fix
CVE-2021-2159	۳.۵	Oracle PeopleSoft Enterprise CS Campus Community Frameworks information disclosure	$۵k-$10k	Official Fix
CVE-2020-11022	۶.۱	Oracle PeopleSoft Enterprise FIN Common Application Objects Common Objects unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2020-11022	۶.۱	Oracle PeopleSoft Enterprise FIN Expenses unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2020-8286	۷.۵	Oracle PeopleSoft Enterprise PeopleTools File Processing unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2021-2216	۶.۱	Oracle PeopleSoft Enterprise PeopleTools Multichannel Framework unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2020-27193	۶.۱	Oracle PeopleSoft Enterprise PeopleTools Rich Text Editor unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2020-1971	۵.۹	Oracle PeopleSoft Enterprise PeopleTools Security denial of service	$۵k-$10k	Official Fix
CVE-2021-2151	۶.۷	Oracle PeopleSoft Enterprise PeopleTools Security Remote Privilege Escalation	$۱۰k-$25k	Official Fix
CVE-2021-2219	۷.۴	Oracle PeopleSoft Enterprise PeopleTools SQR Remote Privilege Escalation	$۱۰k-$25k	Official Fix
CVE-2020-28052	۸.۱	Oracle PeopleSoft Enterprise PeopleTools XML Messaging Remote Code Execution	$۲۵k-$50k	Official Fix
CVE-2017-1000061	۷.۱	Oracle PeopleSoft Enterprise PeopleTools XML Messaging unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2017-18640	۷.۵	Oracle PeopleSoft Enterprise PT PeopleTools Application Server denial of service	$۵k-$10k	Official Fix
CVE-2021-2218	۸.۳	Oracle PeopleSoft Enterprise PT PeopleTools Health Center Remote Code Execution	$۱۰k-$25k	Official Fix
CVE-2019-10086	۷.۳	Oracle PeopleSoft Enterprise PT PeopleTools Weblogic Remote Code Execution	$۱۰k-$25k	Official Fix
CVE-2020-11022	۶.۱	Oracle PeopleSoft Enterprise PT PeopleTools Weblogic unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2020-11022	۶.۱	Oracle PeopleSoft Enterprise SCM eProcurement Manage Requisition Status unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2021-2220	۵.۴	Oracle PeopleSoft Enterprise SCM eProcurement Manage Requisition Status unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2020-11022	۶.۱	Oracle PeopleSoft Enterprise SCM Purchasing unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2019-2904	۹.۸	Oracle Rapid Planning User interface Remote Code Execution	$۱۰۰k and more	Official Fix
CVE-2019-10086	۷.۳	Oracle Retail Advanced Inventory Planning Operations ‎/ Maintenance Remote Code Execution	$۱۰k-$25k	Official Fix
CVE-2020-11979	۷.۵	Oracle Retail Advanced Inventory Planning Operations ‎/ Maintenance unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2020-11979	۷.۵	Oracle Retail Assortment Planning Custom Workbooks unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2019-10086	۷.۳	Oracle Retail Back Office Pricing Remote Code Execution	$۱۰k-$25k	Official Fix
CVE-2020-11987	۷.۵	Oracle Retail Back Office Pricing unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2020-11979	۷.۵	Oracle Retail Category Management Planning & Optimization ODI Integration unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2019-10086	۷.۳	Oracle Retail Central Office Commerce Anywhere Remote Code Execution	$۱۰k-$25k	Official Fix
CVE-2020-11987	۷.۵	Oracle Retail Central Office Pricing unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2020-9488	۳.۷	Oracle Retail EFTLink Unified Payments information disclosure	$۵k-$10k	Official Fix
CVE-2020-11979	۷.۵	Oracle Retail EFTLink Unified Payments unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2020-27218	۴.۸	Oracle Retail EFTLink Unified Payments unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2020-9488	۳.۷	Oracle Retail Insights Cloud Service Suite OBIEE - Metadata information disclosure	$۵k-$10k	Official Fix
CVE-2020-11979	۷.۵	Oracle Retail Item Planning AAI Framework unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2020-11979	۷.۵	Oracle Retail Macro Space Optimization ODI Integration unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2020-11979	۷.۵	Oracle Retail Merchandise Financial Planning Merchandising Insights unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2020-11979	۷.۵	Oracle Retail Merchandising System Financials unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2020-17521	۵.۵	Oracle Retail Merchandising System Foundation information disclosure	$۲k-$5k	Official Fix
CVE-2020-11987	۷.۵	Oracle Retail Point-of-Service Mobile POS unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2019-10086	۷.۳	Oracle Retail Point-of-Service Pricing Remote Code Execution	$۱۰k-$25k	Official Fix
CVE-2019-10086	۷.۳	Oracle Retail Predictive Application Server RPAS Fusion Client Remote Code Execution	$۱۰k-$25k	Official Fix
CVE-2020-5421	۸.۸	Oracle Retail Predictive Application Server RPAS Fusion Client Remote Privilege Escalation	$۲۵k-$50k	Official Fix
CVE-2020-11979	۷.۵	Oracle Retail Predictive Application Server RPAS Fusion Client unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2019-3740	۶.۵	Oracle Retail Predictive Application Server RPAS Server information disclosure	$۵k-$10k	Official Fix
CVE-2020-11979	۷.۵	Oracle Retail Regular Price Optimization Operations ‎/ Maintenance unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2020-11979	۷.۵	Oracle Retail Replenishment Optimization AAI Framework unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2019-10086	۷.۳	Oracle Retail Returns Management Main Dashboard Remote Code Execution	$۱۰k-$25k	Official Fix
CVE-2020-11987	۷.۵	Oracle Retail Returns Management Main Dashboard unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2017-12626	۷.۵	Oracle Retail Sales Audit Sales Audit Maintenance denial of service	$۵k-$10k	Official Fix
CVE-2020-11979	۷.۵	Oracle Retail Size Profile Optimization Solver unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2020-17521	۵.۵	Oracle Retail Store Inventory Management SIM Integration information disclosure	$۲k-$5k	Official Fix
CVE-2020-9488	۳.۷	Oracle Retail Xstore Point of Service Xenvironment information disclosure	$۵k-$10k	Official Fix
CVE-2020-10683	۹.۸	Oracle Retail Xstore Point of Service Xenvironment Remote Code Execution	$۱۰۰k and more	Official Fix
CVE-2020-5421	۸.۸	Oracle Retail Xstore Point of Service Xenvironment Remote Privilege Escalation	$۲۵k-$50k	Official Fix
CVE-2020-11979	۷.۵	Oracle Retail Xstore Point of Service Xenvironment unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2019-0228	۹.۸	Oracle Retail Xstore Point of Service Xstore Office Remote Code Execution	$۱۰۰k and more	Official Fix
CVE-2021-2221	۹.۶	Oracle Secure Global Desktop Client Remote Code Execution	$۱۰۰k and more	Official Fix
CVE-2021-2177	۱۰.۰	Oracle Secure Global Desktop Gateway Remote Code Execution	$۱۰۰k and more	Official Fix
CVE-2021-3450	۷.۴	Oracle Secure Global Desktop OpenSSL unknown vulnerability	$۲۵k-$50k	Official Fix
CVE-2021-2248	۱۰.۰	Oracle Secure Global Desktop Server Remote Code Execution	$۱۰۰k and more	Official Fix
CVE-2020-9281	۶.۱	Oracle Siebel Apps Customizable Prod/Configurator unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2020-5398	۷.۵	Oracle Siebel Engineering Siebel Approval Manager Remote Code Execution	$۲۵k-$50k	Official Fix
CVE-2019-10080	۶.۵	Oracle Siebel UI Framework EAI information disclosure	$۵k-$10k	Official Fix
CVE-2020-9488	۳.۷	Oracle Siebel UI Framework EAI information disclosure	$۵k-$10k	Official Fix
CVE-2020-14195	۸.۱	Oracle Siebel UI Framework EAI Remote Code Execution	$۲۵k-$50k	Official Fix
CVE-2019-0227	۷.۵	Oracle Siebel UI Framework SWSE Server unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2016-7103	۶.۱	Oracle Siebel UI Framework UIF Open UI unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2019-11358	۶.۱	Oracle Siebel UI Framework UIF Open UI unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2021-2167	۷.۸	Oracle Solaris Common Desktop Environment Local Privilege Escalation	$۱۰k-$25k	Official Fix
CVE-2021-2192	۶.۱	Oracle Solaris Kernel unknown vulnerability	$۵k-$10k	Official Fix
CVE-2021-2257	۴.۱	Oracle Storage Cloud Software Appliance Management Console information disclosure	$۵k-$10k	Official Fix
CVE-2021-2256	۱۰.۰	Oracle Storage Cloud Software Appliance Management Console Remote Code Execution	$۱۰۰k and more	Official Fix
CVE-2019-17495	۹.۸	Oracle Utilities Framework General Remote Code Execution	$۱۰۰k and more	Official Fix
CVE-2019-10086	۷.۳	Oracle Utilities Framework General Remote Code Execution	$۱۰k-$25k	Official Fix
CVE-2020-11979	۷.۵	Oracle Utilities Framework General unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2020-25649	۷.۵	Oracle Utilities Framework General unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2020-28052	۹.۸	Oracle Utilities Framework Securty Remote Code Execution	$۱۰۰k and more	Official Fix
CVE-2021-2312	۴.۴	Oracle VM VirtualBox Core denial of service	$۱k-$2k	Official Fix
CVE-2021-2280	۷.۱	Oracle VM VirtualBox Core information disclosure	$۵k-$10k	Official Fix
CVE-2021-2282	۷.۱	Oracle VM VirtualBox Core information disclosure	$۵k-$10k	Official Fix
CVE-2021-2283	۷.۱	Oracle VM VirtualBox Core information disclosure	$۵k-$10k	Official Fix
CVE-2021-2285	۷.۱	Oracle VM VirtualBox Core information disclosure	$۵k-$10k	Official Fix
CVE-2021-2287	۷.۱	Oracle VM VirtualBox Core information disclosure	$۵k-$10k	Official Fix
CVE-2021-2306	۶.۰	Oracle VM VirtualBox Core information disclosure	$۲k-$5k	Official Fix
CVE-2021-2266	۶.۰	Oracle VM VirtualBox Core information disclosure	$۲k-$5k	Official Fix
CVE-2021-2296	۵.۳	Oracle VM VirtualBox Core information disclosure	$۲k-$5k	Official Fix
CVE-2021-2297	۵.۳	Oracle VM VirtualBox Core information disclosure	$۲k-$5k	Official Fix
CVE-2021-2291	۴.۷	Oracle VM VirtualBox Core information disclosure	$۲k-$5k	Official Fix
CVE-2021-2250	۸.۲	Oracle VM VirtualBox Core Local Privilege Escalation	$۱۰k-$25k	Official Fix
CVE-2021-2309	۷.۵	Oracle VM VirtualBox Core Local Privilege Escalation	$۱۰k-$25k	Official Fix
CVE-2021-2145	۷.۵	Oracle VM VirtualBox Core Local Privilege Escalation	$۱۰k-$25k	Official Fix
CVE-2021-2310	۷.۵	Oracle VM VirtualBox Core Local Privilege Escalation	$۱۰k-$25k	Official Fix
CVE-2021-2279	۸.۱	Oracle VM VirtualBox Core Remote Code Execution	$۲۵k-$50k	Official Fix
CVE-2021-2264	۸.۴	Oracle VM VirtualBox Core unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2021-2281	۷.۱	Oracle VM VirtualBox Core unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2021-2284	۷.۱	Oracle VM VirtualBox Core unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2021-2286	۷.۱	Oracle VM VirtualBox Core unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2021-2149	۲.۵	Oracle ZFS Storage Appliance Kit Core unknown vulnerability	$۵k-$10k	Official Fix
CVE-2021-2147	۱.۸	Oracle ZFS Storage Appliance Kit Installation unknown vulnerability	$۱k-$2k	Official Fix
CVE-2020-1472	۱۰.۰	Oracle ZFS Storage Appliance Kit Operating System Image Remote Code Execution	$۱۰۰k and more	Official Fix
CVE-2021-3038	۵.۵	Palo Alto GlobalProtect App denial of service	$۰-$۱k	Official Fix
CVE-2021-3037	۲.۷	Palo Alto PAN-OS Scheduled Configuration Export debug log file	$۰-$۱k	Not Defined
CVE-2021-3036	۲.۷	Palo Alto PAN-OS XML API Request log file	$۰-$۱k	Not Defined
CVE-2020-7385	۸.۱	Rapid7 Metasploit Framework drb_remote_codeexec Exploit deserialization	$۰-$۵k	Official Fix
CVE-2021-24238	۴.۶	Realteo Plugin access control	$۱k-$2k	Official Fix
CVE-2021-24237	۴.۳	Realteo Plugin Properties Page cross site scripting	$۰-$۱k	Official Fix
CVE-2021-31327	۴.۴	Remote Clinic medicines cross site scripting	$۰-$۱k	Not Defined
CVE-2021-31329	۴.۴	Remote Clinic register.php cross site scripting	$۰-$۱k	Not Defined
CVE-2021-25382	۶.۲	Samsung Secure Folder Debugging Command improper authorization	$۰-$۱k	Official Fix
CVE-2020-25244	۵.۳	Siemens LOGO!‎ Soft Comfort DLL uncontrolled search path	$۵k-$10k	Official Fix
CVE-2020-25243	۶.۳	Siemens LOGO!‎ Soft Comfort Project File path traversal	$۱۰k-$25k	Official Fix
CVE-2021-25663	۴.۳	Siemens Nucleus IPv6 Header infinite loop	$۲k-$5k	Official Fix
CVE-2021-25664	۴.۳	Siemens Nucleus IPv6 Packet infinite loop	$۲k-$5k	Official Fix
CVE-2021-27393	۵.۰	Siemens Nucleus NET DNS Module random values	$۵k-$10k	Official Fix
CVE-2020-27009	۵.۰	Siemens Nucleus NET/Nucleus RTOS/VSTAR DNS Module buffer overflow	$۱۰k-$25k	Official Fix
CVE-2020-27736	۴.۳	Siemens Nucleus NET/Nucleus RTOS/VSTAR DNS Module null termination	$۱۰k-$25k	Official Fix
CVE-2020-27737	۶.۳	Siemens Nucleus NET/Nucleus RTOS/VSTAR DNS Module out-of-bounds read	$۵k-$10k	Official Fix
CVE-2020-27738	۶.۳	Siemens Nucleus NET/Nucleus RTOS/VSTAR DNS Module out-of-bounds write	$۱۰k-$25k	Official Fix
CVE-2020-15795	۵.۰	Siemens Nucleus NET/Nucleus RTOS/VSTAR DNS Module out-of-bounds write	$۱۰k-$25k	Official Fix
CVE-2021-27389	۳.۵	Siemens Opcenter Quality/QMS Automotive Sign Key hard-coded key	$۲k-$5k	Official Fix
CVE-2021-25668	۶.۳	Siemens SCALANCE XF208 POST Request heap-based overflow	$۱۰k-$25k	Official Fix
CVE-2021-25669	۶.۳	Siemens SCALANCE XF208 Web Server stack-based overflow	$۱۰k-$25k	Official Fix
CVE-2021-25677	۵.۰	Siemens SIMOTICS CONNECT 400 DNS Module random values	$۵k-$10k	Official Fix
CVE-2021-27392	۴.۳	Siemens Siveillance Video Open Network Bridge ONVIF hard-coded key	$۵k-$10k	Official Fix
CVE-2020-26997	۴.۳	Siemens Solid Edge SE2020/Solid Edge SE2021 null pointer dereference	$۲k-$5k	Official Fix
CVE-2021-25678	۶.۳	Siemens Solid Edge SE2020/Solid Edge SE2021 PAR File Parser out-of-bounds write	$۱۰k-$25k	Official Fix
CVE-2021-27382	۶.۳	Siemens Solid Edge SE2020/Solid Edge SE2021 PAR File Parser stack-based overflow	$۱۰k-$25k	Not Defined
CVE-2021-25670	۶.۳	Siemens Tecnomatix RobotExpert CELL File out-of-bounds write	$۱۰k-$25k	Official Fix
CVE-2021-31584	۲.۴	Sipwise C5 NGCP CSC cross-site request forgery	$۰-$۵k	Not Defined
CVE-2021-31583	۳.۵	Sipwise C5 NGCP CSC save cross site scripting	$۰-$۵k	Not Defined
CVE-2021-27277	۷.۸	SolarWinds Orion Virtual Infrastructure Monitor OneTimeJobSchedulerEventsService WCF Service deserialization	$۲k-$5k	Official Fix
CVE-2021-20023	۴.۳	SonicWall Email Security path traversal	$۱k-$2k	Not Defined
CVE-2021-30496	۳.۵	Telegram App MtProtoKitFramework denial of service	$۰-$۱k	Not Defined
CVE-2021-28829	۵.۵	TIBCO Administrator Administration GUI csv injection	$۲k-$5k	Not Defined
CVE-2021-28828	۶.۳	TIBCO Administrator Administration GUI sql injection	$۱k-$2k	Not Defined
CVE-2021-28827	۴.۳	TIBCO Administrator/Runtime Agent Administration GUI cross site scripting	$۰-$۱k	Not Defined
CVE-2021-31408	۴.۵	Vaadin Authentication.logout session expiration	$۰-$۵k	Official Fix
CVE-2021-31407	۵.۳	Vaadin com.vaadin:flow-server information disclosure	$۰-$۵k	Official Fix
CVE-2020-36321	۴.۸	Vaadin com.vaadin:flow-server path traversal	$۰-$۵k	Official Fix
CVE-2020-36319	۳.۱	Vaadin com.vaadin:flow-server RestController information disclosure	$۰-$۵k	Official Fix
CVE-2019-25027	۴.۳	Vaadin com.vaadin:flow-server RouteNotFoundError cross site scripting	$۰-$۵k	Official Fix
CVE-2021-31406	۲.۵	Vaadin com.vaadin:flow-server timing discrepancy	$۰-$۵k	Official Fix
CVE-2021-31405	۵.۳	Vaadin com.vaadin:vaadin-text-field-flow resource consumption	$۰-$۵k	Official Fix
CVE-2021-31410	۵.۳	Vaadin Designer Frontend Configuration information disclosure	$۰-$۵k	Not Defined
CVE-2020-36320	۴.۳	Vaadin EmailValidator resource consumption	$۰-$۵k	Official Fix
CVE-2019-25028	۳.۷	Vaadin Grid cross site scripting	$۰-$۵k	Official Fix
CVE-2021-31404	۲.۵	Vaadin UIDL Request timing discrepancy	$۰-$۵k	Official Fix
CVE-2021-31403	۲.۵	Vaadin UIDL Request timing discrepancy	$۰-$۵k	Official Fix
CVE-2018-25007	۳.۱	Vaadin UIDL Request unusual condition	$۰-$۵k	Official Fix
CVE-2021-21981	۷.۸	VMware NSX-T Role Based Access Control access control	$۵k-$10k	Not Defined
CVE-2021-25898	۴.۳	Void Aural Rec Monitor svc-login.php source code	$۰-$۵k	Not Defined
CVE-2021-25899	۷.۳	Void Aural Rec Monitor svc-login.php sql injection	$۰-$۵k	Not Defined
CVE-2021-30502	۵.۰	vscode-ghc-simple Workspace Configuration injection	$۰-$۵k	Official Fix
CVE-2021-28793	۵.۰	vscode-restructuredtext Workspace Configuration injection	$۲k-$5k	Official Fix
CVE-2020-36324	۳.۵	Wikimedia analytics-quarry-web Content Type app.py cross site scripting	$۰-$۱k	Official Fix
CVE-2021-22207	۵.۵	Wireshark MS-WSP Dissector memory allocation	$۰-$۵k	Not Defined
CVE-2020-35313	۶.۳	WonderCMS Plugin Installer index.php addCustomThemePluginRepository server-side request forgery	$۲k-$5k	Not Defined
CVE-2020-35314	۶.۳	WonderCMS Plugin Installer index.php installUpdateThemePluginAction os command injection	$۲k-$5k	Not Defined
CVE-2021-31540	۵.۳	Wowza Straming Engine permission	$۰-$۵k	Not Defined
CVE-2021-31539	۳.۳	Wowza Streaming Engine Password File admin.password cleartext storage	$۰-$۵k	Not Defined
CVE-2021-29467	۳.۵	wrongthink Fingerprint cross site scriting	$۰-$۱k	Official Fix
CVE-2020-14105	۳.۵	Xiaomi 10 SNO Information information disclosure	$۰-$۱k	Official Fix
CVE-2021-3287	۷.۳	Zoho ManageEngine ManageEngine OpManager deserialization	$۲k-$5k	Official Fix

خدمات آپا

سایر آسیب پذیری ها

آسیب‌پذیری‌های حیاتی هفته اول اردیبهشت‌ماه