آسیب‌پذیری‌های حیاتی هفته سوم مردادماه

این هفته آسیب‌پذیری‌های «حیاتی» و «پرخطر» بسیاری در محصولات مهم Microsoft گزارش و وصله‌ها و به‌روزرسانی‌هایی به منظور رفع آن‌ها ارائه شد. همچنین در محصولات شرکت‌های NVIDIA، intel، Google، IBM، NVIDIA، افزونه‌های WordPress و کرنل لینوکس چندین آسیب‌پذیری «حیاتی» و «پرخطر» وجود داشت.

لیست این آسیب‌پذیری‌ها به‌همراه سطح خطر آن‌ها در جدول زیر آمده است.

شناسه آسیب‌پذیری	امتیاز مبنا	عنوان آسیب‌پذیری	ارزش روز صفر	رفع آسیب‌پذیری
CVE-2021-38086	۶.۳	Acronis Cyber Protect Agent access control	$۲k-$5k	Official Fix
CVE-2021-38088	۶.۳	Acronis Cyber Protect Binary access control	$۲k-$5k	Official Fix
CVE-2021-38087	۳.۵	Acronis Cyber Protect Login Page cross site scripting	$۰-$۱k	Official Fix
CVE-2021-22674	۵.۵	Advantech WebAccess/SCADA path traversal	$۱k-$2k	Official Fix
CVE-2021-32943	۶.۳	Advantech WebAccess/SCADA stack-based overflow	$۲k-$5k	Official Fix
CVE-2021-22676	۳.۵	Advantech WebAccess/SCADA UserExcelOut.asp cross site scripting	$۰-$۱k	Official Fix
CVE-2020-18462	۵.۵	AikCms Background File Management Office poster_edit.php unrestricted upload	$۱k-$2k	Not Defined
CVE-2020-18463	۳.۵	AikCms Video Messages video_list.php cross-site request forgery	$۰-$۱k	Not Defined
CVE-2020-18464	۳.۵	AikCms video_list.php cross-site request forgery	$۰-$۱k	Not Defined
CVE-2021-37425	۶.۳	Altova MobileTogether Server workflowmanagement xml external entity reference	$۱k-$2k	Official Fix
CVE-2021-38490	۵.۵	Altova MobileTogether Server xml external entity reference	$۱k-$2k	Official Fix
CVE-2020-36363	۳.۷	Amazon AWS CloudFront inadequate encryption	$۰-$۱k	Not Defined
CVE-2021-21501	۵.۵	Apache ServiceComb ServiceCenter Configuration path traversal	$۵k-$10k	Official Fix
CVE-2021-21814	۵.۵	AT&T Xmill Command Line HandleFileArg buffer overflow	$۰-$۵k	Not Defined
CVE-2021-21815	۵.۵	AT&T Xmill Command Line HandleFileArg stack-based overflow	$۰-$۵k	Not Defined
CVE-2021-21813	۵.۵	AT&T Xmill Command Line HandleFileArg stack-based overflow	$۰-$۵k	Not Defined
CVE-2021-21812	۵.۵	AT&T Xmill Command Line HandleFileArg stack-based overflow	$۰-$۵k	Not Defined
CVE-2021-21830	۶.۳	AT&T Xmill XML Decompression Load heap-based overflow	$۰-$۵k	Not Defined
CVE-2021-21829	۶.۳	AT&T Xmill XML Decompression UncompressItem heap-based overflow	$۰-$۵k	Not Defined
CVE-2021-26086	۴.۳	Atlassian JIRA Server/Data Center Endpoint web.xml path traversal	$۰-$۵k	Official Fix
CVE-2020-21066	۳.۵	Bento4 Ap4Dec3Atom.cpp AP4_Dec3Atom heap-based overflow	$۰-$۵k	Not Defined
CVE-2020-21064	۳.۵	Bento4 Ap4RtpAtom.cpp AP4_RtpAtom buffer overflow	$۰-$۵k	Not Defined
CVE-2021-27791	۶.۳	Brocade Fabric OS Authentication Header buffer overflow	$۲k-$5k	Official Fix
CVE-2021-27792	۵.۵	Brocade Fabric OS ipfilter stack-based overflow	$۲k-$5k	Official Fix
CVE-2021-27790	۸.۰	Brocade Fabric OS ipfilter stack-based overflow	$۲k-$5k	Official Fix
CVE-2021-27793	۵.۵	Brocade Fabric OS ntermittent improper authorization	$۱k-$2k	Official Fix
CVE-2021-27794	۶.۳	Brocade Fabric OS Telnet/SSH/REST missing authentication	$۱k-$2k	Official Fix
CVE-2020-18454	۳.۵	bycms 1.html cross-site request forgery	$۰-$۱k	Not Defined
CVE-2020-18457	۳.۵	bycms add.html cross-site request forgery	$۰-$۱k	Not Defined
CVE-2020-18455	۳.۵	bycms Parameter Document.php edit cross site scripting	$۰-$۱k	Not Defined
CVE-2021-37389	۳.۵	Chamilo LMS Parameter index.php cross site scripting	$۰-$۱k	Official Fix
CVE-2021-37390	۳.۵	Chamilo LMS Social Network Search search.php=q cross site scripting	$۰-$۱k	Official Fix
CVE-2021-37391	۳.۵	Chamilo LMS Social Network Send Invitation social.lib.php cross site scripting	$۰-$۱k	Official Fix
CVE-2021-32809	۶.۳	CKEditor Clipboard Package code injection	$۲k-$5k	Official Fix
CVE-2021-32808	۴.۳	CKEditor Clipboard Widget Plugin cross site scripting	$۰-$۱k	Official Fix
CVE-2021-37695	۴.۳	CKEditor cross site scripting	$۰-$۱k	Official Fix
CVE-2021-37627	۴.۱	Contao Backend Privilege Escalation	$۲k-$5k	Official Fix
CVE-2021-35955	۳.۵	Contao HTML Field cross site scripting	$۰-$۱k	Official Fix
CVE-2021-37626	۶.۳	Contao Tag code injection	$۲k-$5k	Official Fix
CVE-2021-38387	۳.۵	Contiki Disconnection infinite loop	$۰-$۱k	Not Defined
CVE-2021-38386	۴.۳	Contiki LS Command denial of service	$۰-$۱k	Not Defined
CVE-2021-38311	۵.۳	Contiki Telnet Service infinite loop	$۰-$۱k	Not Defined
CVE-2021-38586	۵.۵	cPanel cpan_config Privilege Escalation	$۲k-$5k	Official Fix
CVE-2021-38588	۳.۵	cPanel fix_cpanel_perl code download	$۰-$۱k	Official Fix
CVE-2021-38587	۵.۵	cPanel fix-cpanel-perl temp file	$۱k-$2k	Official Fix
CVE-2021-38589	۴.۶	cPanel fix-cpanel-perl unknown vulnerability	$۱k-$2k	Official Fix
CVE-2021-38590	۳.۵	cPanel information disclosure	$۰-$۱k	Official Fix
CVE-2021-38515	۶.۵	cPanel R6400v2/R6700v3/R7900/R8000 denial of service	$۰-$۱k	Official Fix
CVE-2021-38585	۵.۵	cPanel WHM Locale Upload deserialization	$۱k-$2k	Official Fix
CVE-2021-38584	۵.۵	cPanel WHM Locale Upload xml external entity reference	$۱k-$2k	Official Fix
CVE-2021-37365	۴.۸	CTparental Admin Panel bl_categires_help.php cross site scripting	$۰-$۱k	Official Fix
CVE-2021-37367	۶.۶	CTparental Admin Panel bl_categories_help.php pathname traversal	$۱k-$2k	Official Fix
CVE-2021-37366	۶.۱	CTparental Admin Panel cross-site request forgery	$۰-$۱k	Official Fix
CVE-2020-18458	۳.۵	DamiCMS cross-site request forgery	$۰-$۱k	Not Defined
CVE-2020-18451	۳.۵	DamiCMS Parameter LabelAction.class.php doadd cross site scripting	$۰-$۱k	Not Defined
CVE-2021-36792	۵.۵	dated_news Extension access control	$۰-$۵k	Not Defined
CVE-2021-36791	۳.۵	dated_news Extension Application Registration information disclosure	$۰-$۵k	Not Defined
CVE-2021-36790	۳.۵	dated_news Extension cross site scripting	$۰-$۵k	Not Defined
CVE-2021-36789	۶.۳	dated_news Extension sql injection	$۰-$۵k	Not Defined
CVE-2021-36277	۶.۳	Dell Command Update/Update signature verification	$۵k-$10k	Official Fix
CVE-2021-36276	۵.۳	Dell DBUtilDrv2.sys Driver improper authorization	$۵k-$10k	Not Defined
CVE-2021-21601	۳.۳	Dell EMC Data Protection Search/IDPA log file	$۲k-$5k	Not Defined
CVE-2021-21600	۴.۳	Dell EMC NetWorker API Service release of resource	$۲k-$5k	Not Defined
CVE-2021-21564	۷.۳	Dell EMC OpenManage Enterprise improper authentication	$۱۰k-$25k	Official Fix
CVE-2021-21584	۴.۳	Dell EMC OpenManage Enterprise information disclosure	$۵k-$10k	Not Defined
CVE-2021-21596	۶.۳	Dell EMC OpenManage Enterprise information disclosure	$۵k-$10k	Not Defined
CVE-2021-21585	۶.۳	Dell EMC OpenManage Enterprise RACADM/IPMI os command injection	$۱۰k-$25k	Official Fix
CVE-2021-21567	۷.۸	Dell PowerScale OneFS permission assignment	$۱۰k-$25k	Not Defined
CVE-2021-21597	۲.۱	Dell Wyse ThinOS log file	$۰-$۱k	Not Defined
CVE-2021-21598	۲.۱	Dell Wyse ThinOS Smartcard log file	$۰-$۱k	Not Defined
CVE-2021-37633	۴.۳	Discourse d-popover Tooltip Renderer cross site scripting	$۰-$۱k	Official Fix
CVE-2021-37693	۵.۶	Discourse Email session expiration	$۰-$۵k	Official Fix
CVE-2021-37703	۴.۳	Discourse information disclosure	$۰-$۵k	Official Fix
CVE-2021-28839	۳.۵	D-Link DAP-3662 HTTP GET Request httpd upload_certificate null pointer dereference	$۲k-$5k	Not Defined
CVE-2021-28840	۳.۵	D-Link DAP-3662 HTTP GET Request httpd upload_config null pointer dereference	$۲k-$5k	Not Defined
CVE-2021-28838	۳.۵	D-Link DAP-3662 httpd atoi null pointer dereference	$۲k-$5k	Not Defined
CVE-2021-29296	۴.۳	D-Link DIR-825 HTTP Request vct_wan strchr memory corruption	$۱۰k-$25k	Not Defined
CVE-2021-29294	۳.۵	D-Link DSL-2740R POST Request send_hnap_unauthorized null pointer dereference	$۲k-$5k	Not Defined
CVE-2021-29295	۴.۳	D-Link DSP-W215 HTTP Request lighttpd null pointer dereference	$۲k-$5k	Not Defined
CVE-2021-37841	۵.۵	Docker Desktop access control	$۱k-$2k	Official Fix
CVE-2021-25955	۳.۵	Dolibarr ERP WYSIWYG Editor Module cross site scripting	$۰-$۵k	Official Fix
CVE-2021-25954	۶.۳	Dolibarr Private Note access control	$۲k-$5k	Official Fix
CVE-2020-20988	۳.۵	DomainMod cost-by-owner.php cross site scripting	$۰-$۱k	Not Defined
CVE-2020-20990	۳.۵	DomainMod edit.php cross site scripting	$۰-$۱k	Not Defined
CVE-2020-20989	۳.۵	DomainMod Log cross-site request forgery	$۰-$۱k	Not Defined
CVE-2020-18759	۳.۵	Dut Computer Control Engineering PLC MAC1100 EPA Protocol information disclosure	$۰-$۵k	Not Defined
CVE-2020-18756	۳.۵	Dut Computer Control Engineering PLC MAC1100 EPA Protocol memory corruption	$۰-$۵k	Not Defined
CVE-2020-18754	۳.۵	Dut Computer Control Engineering PLC MAC1100 information disclosure	$۰-$۵k	Not Defined
CVE-2020-18757	۳.۵	Dut Computer Control Engineering PLC MAC1100 Packet denial of service	$۰-$۵k	Not Defined
CVE-2020-18753	۵.۵	Dut Computer Control Engineering PLC MAC1100 Packet Privilege Escalation	$۰-$۵k	Not Defined
CVE-2020-18758	۵.۵	Dut Computer Control Engineering PLC MAC1100 Privilege Escalation	$۰-$۵k	Not Defined
CVE-2021-38371	۴.۶	Exim STARTTLS injection	$۱k-$2k	Not Defined
CVE-2021-37616	۴.۳	Exiv2 Command Line Option denial of service	$۰-$۱k	Official Fix
CVE-2021-37615	۳.۱	Exiv2 Command Line Option denial of service	$۰-$۱k	Official Fix
CVE-2021-34335	۳.۱	Exiv2 Command Line Option denial of service	$۰-$۱k	Official Fix
CVE-2021-37623	۴.۳	Exiv2 Command Line Option infinite loop	$۰-$۱k	Official Fix
CVE-2021-37622	۴.۳	Exiv2 Command Line Option infinite loop	$۰-$۱k	Official Fix
CVE-2021-37621	۴.۳	Exiv2 Command Line Option infinite loop	$۰-$۱k	Official Fix
CVE-2021-37618	۳.۱	Exiv2 Command Line Option out-of-bounds read	$۰-$۱k	Official Fix
CVE-2021-32815	۴.۳	Exiv2 Command-Line Argument denial of service	$۰-$۱k	Official Fix
CVE-2021-37619	۳.۱	Exiv2 Command-Line Argument out-of-bounds read	$۰-$۱k	Official Fix
CVE-2021-34334	۴.۳	Exiv2 Image File infinite loop	$۰-$۱k	Official Fix
CVE-2021-37620	۳.۱	Exiv2 Image File out-of-bounds read	$۱k-$2k	Official Fix
CVE-2020-21930	۳.۵	Eyoucms cross site scripting	$۰-$۱k	Not Defined
CVE-2020-21929	۳.۵	Eyoucms web_copyright cross site scripting	$۰-$۱k	Not Defined
CVE-2021-32939	۶.۳	Fatek FvDesigner Project File out-of-bounds write	$۲k-$5k	Not Defined
CVE-2021-32931	۶.۳	Fatek FvDesigner Project File uninitialized pointer	$۲k-$5k	Not Defined
CVE-2021-32947	۵.۵	Fatek FvDesigner stack-based overflow	$۲k-$5k	Not Defined
CVE-2020-21697	۴.۳	FFmpeg AVI File mpegenc.c mpeg_mux_write_packet use after free	$۲k-$5k	Not Defined
CVE-2021-38291	۶.۳	FFmpeg mathematics.c assertion	$۲k-$5k	Not Defined
CVE-2020-21688	۶.۳	FFmpeg mem.c av_freep use after free	$۲k-$5k	Not Defined
CVE-2020-21690	۴.۳	FFmpeg OGG File cmdutils.c grow_array memory leak	$۰-$۱k	Not Defined
CVE-2020-21681	۳.۵	fig2dev ge File genge.c set_color buffer overflow	$۱k-$2k	Not Defined
CVE-2020-21678	۳.۵	fig2dev genmp_writefontmacro_latex genmp.c buffer overflow	$۱k-$2k	Not Defined
CVE-2020-21675	۴.۵	fig2dev genptk_text genptk.c stack-based overflow	$۱k-$2k	Not Defined
CVE-2020-21680	۳.۵	fig2dev pict2e File genpict2e.c put_arrow stack-based overflow	$۱k-$2k	Not Defined
CVE-2020-21684	۳.۵	fig2dev pict2e File genpict2e.c put_font buffer overflow	$۱k-$2k	Not Defined
CVE-2020-21682	۳.۵	fig2dev xfig File genge.c set_fill buffer overflow	$۱k-$2k	Not Defined
CVE-2020-21676	۳.۵	fig2dev xfig File genpstricks.c genpstrx_text stack-based overflow	$۱k-$2k	Not Defined
CVE-2020-21683	۳.۵	fig2dev xfig File genpstricks.c shade_or_tint_name_after_declare_color buffer overflow	$۱k-$2k	Not Defined
CVE-2021-37211	۳.۵	Flygo cross site scripting	$۰-$۱k	Not Defined
CVE-2021-37215	۶.۳	Flygo resource injection	$۲k-$5k	Not Defined
CVE-2021-37214	۶.۳	Flygo resource injection	$۲k-$5k	Not Defined
CVE-2021-37213	۶.۳	Flygo resource injection	$۲k-$5k	Not Defined
CVE-2021-37212	۶.۳	Flygo resource injection	$۲k-$5k	Not Defined
CVE-2021-38567	۴.۳	Foxit PDF Reader/PDF Editor Dictionary Entry null pointer dereference	$۰-$۱k	Official Fix
CVE-2021-38563	۶.۳	Foxit PDF Reader/PDF Editor out-of-bounds write	$۲k-$5k	Official Fix
CVE-2021-38565	۴.۶	Foxit PDF Reader/PDF Editor submitForm unknown vulnerability	$۲k-$5k	Official Fix
CVE-2021-38564	۴.۳	Foxit PDF Reader/PDF Editor util.scand out-of-bounds read	$۱k-$2k	Official Fix
CVE-2021-38566	۴.۳	Foxit PDF Reader/PDF Editor XML Node infinite loop	$۰-$۱k	Official Fix
CVE-2021-38570	۵.۴	Foxit PhantomPDF/Reader Installation symlink	$۲k-$5k	Official Fix
CVE-2021-38568	۶.۳	Foxit PhantomPDF/Reader PDF Document memory corruption	$۲k-$5k	Official Fix
CVE-2021-38569	۴.۳	Foxit PhantomPDF/Reader XFA Form infinite loop	$۰-$۱k	Official Fix
CVE-2021-33793	۶.۳	Foxit Reader/PhantomPDF Office Document out-of-bounds write	$۲k-$5k	Official Fix
CVE-2021-38573	۶.۳	Foxit Reader/PhantomPDF Pathname CombineFiles Remote Code Execution	$۲k-$5k	Official Fix
CVE-2021-38572	۵.۴	Foxit Reader/PhantomPDF Pathname extractPages unknown vulnerability	$۲k-$5k	Official Fix
CVE-2021-38574	۶.۳	Foxit Reader/PhantomPDF sql injection	$۲k-$5k	Official Fix
CVE-2021-38571	۶.۳	Foxit Reader/PhantomPDF uncontrolled search path	$۲k-$5k	Official Fix
CVE-2021-33794	۶.۳	Foxit Reader/PhantomPDF XFA Form Remote Code Execution	$۲k-$5k	Official Fix
CVE-2021-33595	۴.۳	F-Secure Safe Browser Address Bar clickjacking	$۲k-$5k	Not Defined
CVE-2021-33594	۴.۳	F-Secure Safe Browser Address Bar clickjacking	$۲k-$5k	Not Defined
CVE-2021-37642	۴.۳	Google TensorFlow Binary tf.raw_ops.ResourceScatterDiv divide by zero	$۵k-$10k	Official Fix
CVE-2021-37636	۴.۳	Google TensorFlow Binary tf.raw_ops.SparseDenseCwiseDiv divide by zero	$۵k-$10k	Official Fix
CVE-2021-37661	۴.۳	Google TensorFlow boosted_trees_create_quantile_stream_resource numeric conversion	$۵k-$10k	Official Fix
CVE-2021-37662	۶.۳	Google TensorFlow BoostedTreesCalculateBestFeatureSplitV2 uninitialized pointer	$۱۰k-$25k	Official Fix
CVE-2021-37675	۴.۳	Google TensorFlow divide by zero	$۵k-$10k	Official Fix
CVE-2021-37660	۴.۳	Google TensorFlow divide by zero	$۵k-$10k	Official Fix
CVE-2021-37685	۴.۳	Google TensorFlow expand_dims.cc out-of-bounds read	$۵k-$10k	Official Fix
CVE-2021-37692	۶.۳	Google TensorFlow Garbage Collection C.TF_TString_Dealloc memory corruption	$۱۰k-$25k	Official Fix
CVE-2021-37687	۶.۳	Google TensorFlow heap-based overflow	$۱۰k-$25k	Official Fix
CVE-2021-37686	۴.۳	Google TensorFlow infinite loop	$۵k-$10k	Official Fix
CVE-2021-37678	۶.۳	Google TensorFlow Keras Model deserialization	$۱۰k-$25k	Official Fix
CVE-2021-37690	۶.۳	Google TensorFlow MutableHashTableShape use after free	$۱۰k-$25k	Official Fix
CVE-2021-37681	۴.۳	Google TensorFlow null pointer dereference	$۵k-$10k	Official Fix
CVE-2021-37639	۶.۳	Google TensorFlow null pointer dereference	$۵k-$10k	Official Fix
CVE-2021-37665	۶.۳	Google TensorFlow null pointer dereference	$۵k-$10k	Official Fix
CVE-2021-37659	۶.۳	Google TensorFlow null pointer dereference	$۵k-$10k	Official Fix
CVE-2021-37664	۶.۳	Google TensorFlow out-of-bounds read	$۵k-$10k	Official Fix
CVE-2021-37638	۴.۳	Google TensorFlow row_partition_types null pointer dereference	$۵k-$10k	Official Fix
CVE-2021-37635	۴.۳	Google TensorFlow sparse_reduce_op.cc#L217-L228 out-of-bounds read	$۵k-$10k	Official Fix
CVE-2021-37679	۶.۳	Google TensorFlow tf.map_fn out-of-bounds read	$۵k-$10k	Official Fix
CVE-2021-37652	۶.۳	Google TensorFlow tf.raw_ops.BoostedTreesCreateEnsemble use after free	$۱۰k-$25k	Official Fix
CVE-2021-37637	۶.۳	Google TensorFlow tf.raw_ops.CompressElement null pointer dereference	$۵k-$10k	Official Fix
CVE-2021-37650	۶.۳	Google TensorFlow tf.raw_ops.DatasetToTFRecord buffer overflow	$۱۰k-$25k	Official Fix
CVE-2021-37677	۴.۳	Google TensorFlow tf.raw_ops.Dequantize denial of service	$۵k-$10k	Official Fix
CVE-2021-37651	۶.۳	Google TensorFlow tf.raw_ops.FractionalAvgPoolGrad out-of-bounds read	$۵k-$10k	Official Fix
CVE-2021-37673	۴.۳	Google TensorFlow tf.raw_ops.MapStage denial of service	$۵k-$10k	Official Fix
CVE-2021-37643	۴.۳	Google TensorFlow tf.raw_ops.MatrixDiagPartOp null pointer dereference	$۵k-$10k	Official Fix
CVE-2021-37657	۶.۳	Google TensorFlow tf.raw_ops.MatrixDiagV null pointer dereference	$۵k-$10k	Official Fix
CVE-2021-37658	۶.۳	Google TensorFlow tf.raw_ops.MatrixSetDiagV uninitialized pointer	$۱۰k-$25k	Official Fix
CVE-2021-37674	۴.۳	Google TensorFlow tf.raw_ops.MaxPoolGrad denial of service	$۵k-$10k	Official Fix
CVE-2021-37669	۴.۳	Google TensorFlow tf.raw_ops.NonMaxSuppressionV5 numeric conversion	$۵k-$10k	Official Fix
CVE-2021-37671	۴.۳	Google TensorFlow tf.raw_ops.OrderedMap null pointer dereference	$۵k-$10k	Official Fix
CVE-2021-37645	۴.۳	Google TensorFlow tf.raw_ops.QuantizeAndDequantizeV4Grad numeric conversion	$۵k-$10k	Official Fix
CVE-2021-37663	۶.۳	Google TensorFlow tf.raw_ops.QuantizeV2 null pointer dereference	$۵k-$10k	Official Fix
CVE-2021-37641	۴.۳	Google TensorFlow tf.raw_ops.RaggedGather out-of-bounds read	$۵k-$10k	Official Fix
CVE-2021-37656	۶.۳	Google TensorFlow tf.raw_ops.RaggedTensorToSparse null pointer dereference	$۵k-$10k	Official Fix
CVE-2021-37666	۶.۳	Google TensorFlow tf.raw_ops.RaggedTensorToVariant uninitialized pointer	$۱۰k-$25k	Official Fix
CVE-2021-37653	۴.۳	Google TensorFlow tf.raw_ops.ResourceGather divide by zero	$۵k-$10k	Official Fix
CVE-2021-37654	۶.۳	Google TensorFlow tf.raw_ops.ResourceGather out-of-bounds read	$۵k-$10k	Official Fix
CVE-2021-37655	۶.۳	Google TensorFlow tf.raw_ops.ResourceScatterUpdate out-of-bounds read	$۵k-$10k	Official Fix
CVE-2021-37648	۶.۳	Google TensorFlow tf.raw_ops.SaveV2 null pointer dereference	$۵k-$10k	Official Fix
CVE-2021-37672	۴.۳	Google TensorFlow tf.raw_ops.SdcaOptimizerV2 out-of-bounds read	$۵k-$10k	Official Fix
CVE-2021-37676	۶.۳	Google TensorFlow tf.raw_ops.SparseFillEmptyRows uninitialized pointer	$۱۰k-$25k	Official Fix
CVE-2021-37640	۴.۳	Google TensorFlow tf.raw_ops.SparseReshape divide by zero	$۵k-$10k	Official Fix
CVE-2021-37647	۴.۳	Google TensorFlow tf.raw_ops.SparseTensorSliceDataset null pointer dereference	$۵k-$10k	Official Fix
CVE-2021-37646	۴.۳	Google TensorFlow tf.raw_ops.StringNGrams numeric conversion	$۵k-$10k	Official Fix
CVE-2021-37644	۴.۳	Google TensorFlow tf.raw_ops.TensorListReserve assertion	$۵k-$10k	Official Fix
CVE-2021-37649	۴.۳	Google TensorFlow tf.raw_ops.UncompressElement null pointer dereference	$۵k-$10k	Official Fix
CVE-2021-37667	۶.۳	Google TensorFlow tf.raw_ops.UnicodeEncode uninitialized pointer	$۱۰k-$25k	Official Fix
CVE-2021-37668	۴.۳	Google TensorFlow tf.raw_ops.UnravelIndex divide by zero	$۵k-$10k	Official Fix
CVE-2021-37670	۴.۳	Google TensorFlow tf.raw_ops.UpperBound out-of-bounds read	$۵k-$10k	Official Fix
CVE-2021-37684	۴.۳	Google TensorFlow TFLite divide by zero	$۵k-$10k	Official Fix
CVE-2021-37680	۴.۳	Google TensorFlow TFLite divide by zero	$۵k-$10k	Official Fix
CVE-2021-37683	۴.۳	Google TensorFlow TFLite divide by zero	$۵k-$10k	Official Fix
CVE-2021-37691	۴.۳	Google TensorFlow TFLite Model divide by zero	$۵k-$10k	Official Fix
CVE-2021-37689	۶.۳	Google TensorFlow TFLite Model null pointer dereference	$۵k-$10k	Official Fix
CVE-2021-37688	۶.۳	Google TensorFlow TFLite Model null pointer dereference	$۵k-$10k	Official Fix
CVE-2021-37682	۶.۳	Google TensorFlow TFLite Operator uninitialized resource	$۱۰k-$25k	Official Fix
CVE-2021-32437	۳.۵	GPAC gf_hinter_finalize denial of service	$۰-$۱k	Official Fix
CVE-2021-32438	۳.۵	GPAC gf_media_export_filters denial of service	$۰-$۱k	Official Fix
CVE-2021-32440	۳.۵	GPAC Media_RewriteODFrame null pointer dereference	$۰-$۱k	Official Fix
CVE-2021-32439	۵.۵	GPAC stbl_AppendSize buffer overflow	$۲k-$5k	Official Fix
CVE-2021-38553	۵.۵	Hashicorp Vault/Vault Enterprise default permission	$۰-$۵k	Official Fix
CVE-2021-38554	۳.۵	Hashicorp Vault/Vault Enterprise UI information disclosure	$۰-$۵k	Official Fix
CVE-2021-27741	۵.۵	HCL Commerce Management Center xml external entity reference	$۰-$۵k	Not Defined
CVE-2021-37028	۴.۶	Huawei HG8045Q Command-Line Interface command injection	$۵k-$25k	Not Defined
CVE-2021-22385	۵.۳	Huawei Smartphone Configuration Setting Local Privilege Escalation	$۵k-$10k	Official Fix
CVE-2021-22386	۷.۸	Huawei Smartphone double free	$۱۰k-$25k	Official Fix
CVE-2021-29714	۴.۳	IBM Content Navigator denial of service	$۲k-$5k	Official Fix
CVE-2021-20509	۷.۵	IBM Maximo Asset Management csv injection	$۱۰k-$25k	Official Fix
CVE-2021-29739	۲.۷	IBM Planning Analytics Stack Trace information exposure	$۵k-$10k	Official Fix
CVE-2021-29880	۳.۱	IBM QRadar SIEM information disclosure	$۵k-$25k	Official Fix
CVE-2021-20427	۳.۷	IBM Security Guardium excessive authentication	$۵k-$10k	Official Fix
CVE-2021-20420	۴.۳	IBM Security Guardium information disclosure	$۵k-$10k	Official Fix
CVE-2021-20418	۳.۷	IBM Security Guardium weak password	$۵k-$10k	Official Fix
CVE-2021-20349	۶.۳	IBM Tivoli Workload Scheduler buffer overflow	$۱۰k-$25k	Official Fix
CVE-2021-0004	۴.۳	Intel Ethernet Adapter 800 Controller Firmware buffer overflow	$۱۰k-$25k	Official Fix
CVE-2021-0007	۴.۳	Intel Ethernet Adapter 800 Controller Firmware denial of service	$۲k-$5k	Official Fix
CVE-2021-0006	۴.۳	Intel Ethernet Adapter 800 Controller Firmware denial of service	$۲k-$5k	Official Fix
CVE-2021-0005	۴.۳	Intel Ethernet Adapter 800 Controller Firmware denial of service	$۲k-$5k	Official Fix
CVE-2021-0008	۴.۳	Intel Ethernet Adapter 800 Controller Firmware resource consumption	$۲k-$5k	Official Fix
CVE-2021-0009	۴.۳	Intel Ethernet Adapter 800 Firmware out-of-bounds read	$۵k-$10k	Official Fix
CVE-2021-0003	۴.۳	Intel Ethernet Controller 800 Driver information disclosure	$۵k-$10k	Official Fix
CVE-2021-0002	۶.۳	Intel Ethernet Controller 800 Driver Privilege Escalation	$۱۰k-$25k	Official Fix
CVE-2021-0084	۶.۳	Intel Ethernet Controller X722/Ethernet Controller 800 RMDA Driver input validation	$۱۰k-$25k	Official Fix
CVE-2021-0012	۳.۵	Intel Graphics Driver denial of service	$۲k-$5k	Official Fix
CVE-2021-0061	۶.۳	Intel Graphics Driver initialization	$۱۰k-$25k	Official Fix
CVE-2021-0062	۶.۳	Intel Graphics Drivers input validation	$۱۰k-$25k	Official Fix
CVE-2021-0196	۶.۳	Intel NUC 9 Extreme Laptop Kit Kernel Mode Driver access control	$۱۰k-$25k	Official Fix
CVE-2021-0160	۶.۳	Intel NUC Pro Chassis Element AverMedia Capture Card uncontrolled search path	$۱۰k-$25k	Official Fix
CVE-2021-0083	۴.۳	Intel Optane PMem denial of service	$۲k-$5k	Official Fix
CVE-2021-32798	۴.۳	Jupyter Notebook cross site scripting	$۰-$۱k	Official Fix
CVE-2021-32797	۴.۳	JupyterLab Notebook cross site scripting	$۰-$۱k	Official Fix
CVE-2021-38373	۳.۷	KDE KMail SMTP STARTTLS cleartext transmission	$۰-$۱k	Not Defined
CVE-2021-38372	۵.۶	KDE Trojita IMAP Server injection	$۲k-$5k	Not Defined
CVE-2021-38591	۵.۵	LG Mobile Device Debug Command Privilege Escalation	$۱۰k-$25k	Not Defined
CVE-2020-21677	۳.۵	libsixel PNG File encoder.c sixel_encoder_output_without_macro heap-based overflow	$۱k-$2k	Not Defined
CVE-2021-20314	۵.۵	libspf2 SPF Macro stack-based overflow	$۲k-$5k	Official Fix
CVE-2021-3573	۸.۸	Linux Kernel HCI Subsystem hci_sock_bound_ioctl use after free	$۲۵k-$50k	Official Fix
CVE-2021-3635	۴.۹	Linux Kernel netfilter memory corruption	$۱۰k-$25k	Official Fix
CVE-2021-38382	۳.۵	Live555 Matroska use after free	$۱k-$2k	Not Defined
CVE-2021-38380	۳.۵	Live555 MP3 Stream stack-based overflow	$۱k-$2k	Not Defined
CVE-2021-38381	۳.۵	Live555 MPEG File use after free	$۱k-$2k	Not Defined
CVE-2020-21362	۳.۵	Magicblack Maccms10 Background Search cross site scripting	$۰-$۱k	Not Defined
CVE-2020-21359	۵.۵	Magicblack Maccms10 Template Upload unrestricted upload	$۱k-$2k	Not Defined
CVE-2020-21363	۴.۶	Magicblack Maccms10 unknown vulnerability	$۱k-$2k	Not Defined
CVE-2021-34485	۴.۶	Microsoft .NET Core/.NET Framework information disclosure	$۵k-$10k	Official Fix
CVE-2021-26423	۶.۴	Microsoft .NET Core/Visual Studio denial of service	$۵k-$10k	Official Fix
CVE-2021-34532	۴.۹	Microsoft ASP.NET Core/Visual Studio information disclosure	$۱۰k-$25k	Official Fix
CVE-2021-36949	۷.۱	Microsoft Azure Active Directory Connect improper authentication	$۱۰k-$25k	Official Fix
CVE-2021-36943	۴.۰	Microsoft Azure CycleCloud information disclosure	$۲k-$5k	Official Fix
CVE-2021-33762	۷.۰	Microsoft Azure CycleCloud Local Privilege Escalation	$۱۰k-$25k	Official Fix
CVE-2021-26430	۴.۶	Microsoft Azure Sphere denial of service	$۱k-$2k	Official Fix
CVE-2021-26428	۳.۳	Microsoft Azure Sphere information disclosure	$۱k-$2k	Official Fix
CVE-2021-26429	۶.۵	Microsoft Azure Sphere Local Privilege Escalation	$۵k-$10k	Official Fix
CVE-2021-36950	۵.۴	Microsoft Dynamics 365 cross site scripting	$۵k-$10k	Official Fix
CVE-2021-34524	۸.۵	Microsoft Dynamics 365 Privilege Escalation	$۲۵k-$50k	Official Fix
CVE-2021-36946	۵.۴	Microsoft Dynamics NAV/Dynamics 365 Business Central cross site scripting	$۵k-$10k	Official Fix
CVE-2021-34471	۸.۳	Microsoft Malware Protection Engine Defender Privilege Escalation	$۲۵k-$50k	Official Fix
CVE-2021-34478	۷.۰	Microsoft Office Remote Code Execution	$۱۰k-$25k	Official Fix
CVE-2021-36941	۷.۰	Microsoft Office Word Remote Code Execution	$۱۰k-$25k	Official Fix
CVE-2021-36940	۶.۵	Microsoft SharePoint Server unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2021-34537	۸.۳	Microsoft Windows Bluetooth Driver Privilege Escalation	$۱۰۰k and more	Official Fix
CVE-2021-36938	۴.۹	Microsoft Windows Cryptographic Primitives Library information disclosure	$۲۵k-$50k	Official Fix
CVE-2021-36927	۸.۳	Microsoft Windows Digital TV Tuner Device Registration Application Privilege Escalation	$۱۰۰k and more	Official Fix
CVE-2021-34487	۷.۳	Microsoft Windows Event Tracing Privilege Escalation	$۵۰k-$100k	Official Fix
CVE-2021-34486	۸.۳	Microsoft Windows Event Tracing Privilege Escalation	$۱۰۰k and more	Official Fix
CVE-2021-26425	۸.۳	Microsoft Windows Event Tracing Privilege Escalation	$۱۰۰k and more	Official Fix
CVE-2021-34533	۷.۰	Microsoft Windows Graphics Remote Code Execution	$۵۰k-$100k	Official Fix
CVE-2021-34530	۷.۰	Microsoft Windows Graphics Remote Code Execution	$۵۰k-$100k	Official Fix
CVE-2021-36942	۶.۴	Microsoft Windows LSA information disclosure	$۲۵k-$50k	Official Fix
CVE-2021-36937	۸.۳	Microsoft Windows Media MPEG-4 Video Decoder Remote Code Execution	$۱۰۰k and more	Official Fix
CVE-2021-34534	۵.۹	Microsoft Windows MSHTML Platform Remote Code Execution	$۵۰k-$100k	Official Fix
CVE-2021-36947	۸.۸	Microsoft Windows Print Spooler Privilege Escalation	$۱۰۰k and more	Official Fix
CVE-2021-36936	۸.۸	Microsoft Windows Print Spooler Privilege Escalation	$۱۰۰k and more	Official Fix
CVE-2021-34483	۸.۳	Microsoft Windows Print Spooler Privilege Escalation	$۱۰۰k and more	Official Fix
CVE-2021-36958	۸.۱	Microsoft Windows Print Spooler Remote Code Execution	$۱۰۰k and more	Workaround
CVE-2021-26431	۸.۳	Microsoft Windows Recovery Environment Agent Privilege Escalation	$۱۰۰k and more	Official Fix
CVE-2021-34535	۸.۸	Microsoft Windows Remote Desktop Client Remote Code Execution	$۱۰۰k and more	Official Fix
CVE-2021-34480	۵.۹	Microsoft Windows Scripting Engine Remote Code Execution	$۵۰k-$100k	Official Fix
CVE-2021-36933	۶.۴	Microsoft Windows Services for NFS ONCRPC XDR Driver information disclosure	$۲۵k-$50k	Official Fix
CVE-2021-36932	۶.۴	Microsoft Windows Services for NFS ONCRPC XDR Driver information disclosure	$۲۵k-$50k	Official Fix
CVE-2021-36926	۶.۴	Microsoft Windows Services for NFS ONCRPC XDR Driver information disclosure	$۲۵k-$50k	Official Fix
CVE-2021-26433	۶.۴	Microsoft Windows Services for NFS ONCRPC XDR Driver information disclosure	$۲۵k-$50k	Official Fix
CVE-2021-26432	۹.۸	Microsoft Windows Services for NFS ONCRPC XDR Driver Remote Code Execution	$۱۰۰k and more	Official Fix
CVE-2021-34536	۷.۸	Microsoft Windows Storage Spaces Controller Local Privilege Escalation	$۵۰k-$100k	Official Fix
CVE-2021-26424	۹.۹	Microsoft Windows TCP/IP Stack Privilege Escalation	$۱۰۰k and more	Official Fix
CVE-2021-36945	۸.۱	Microsoft Windows Update Assistant Privilege Escalation	$۱۰۰k and more	Official Fix
CVE-2021-36948	۸.۳	Microsoft Windows Update Medic Service Privilege Escalation	$۱۰۰k and more	Official Fix
CVE-2021-26426	۷.۳	Microsoft Windows User Account Profile Picture Privilege Escalation	$۵۰k-$100k	Official Fix
CVE-2021-34484	۸.۳	Microsoft Windows User Profile Service Privilege Escalation	$۱۰۰k and more	Official Fix
CVE-2021-36786	۳.۵	miniorange_saml Extension API Credential information disclosure	$۰-$۵k	Official Fix
CVE-2021-36785	۳.۵	miniorange_saml Extension cross site scripting	$۰-$۵k	Official Fix
CVE-2021-37586	۲.۴	Mitel Interaction Recording Multitenancy System PowerPlay Web information disclosure	$۰-$۵k	Official Fix
CVE-2021-32069	۲.۶	Mitel MiCollab AWV channel accessible	$۰-$۵k	Official Fix
CVE-2021-32068	۲.۶	Mitel MiCollab AWV/Client Service channel accessible	$۰-$۵k	Official Fix
CVE-2021-32070	۳.۵	Mitel MiCollab Client Service clickjacking	$۰-$۵k	Official Fix
CVE-2021-32067	۳.۵	Mitel MiCollab Client Service information disclosure	$۰-$۵k	Official Fix
CVE-2021-32072	۴.۳	Mitel MiCollab Client Service information disclosure	$۰-$۵k	Official Fix
CVE-2021-32071	۶.۳	Mitel MiCollab Client Service Remote Code Execution	$۰-$۵k	Official Fix
CVE-2021-27402	۶.۳	Mitel MiCollab SAS Admin Portal pathname traversal	$۰-$۵k	Official Fix
CVE-2021-27401	۳.۵	Mitel MiCollab Web Client Join Meeting Page cross site scripting	$۰-$۵k	Official Fix
CVE-2021-3352	۶.۳	Mitel MiContact Center Business Software Development Kit improper authorization	$۰-$۵k	Not Defined
CVE-2021-36982	۵.۵	MONITORAPP AIMANAGER HTTP Request os command injection	$۱k-$2k	Official Fix
CVE-2021-36921	۶.۳	MONITORAPP AIMANAGER improper authentication	$۱k-$2k	Not Defined
CVE-2021-37343	۶.۳	Nagios XI AutoDiscovery path traversal	$۱k-$2k	Official Fix
CVE-2021-37350	۶.۳	Nagios XI Bulk Modifications Tool sql injection	$۱k-$2k	Official Fix
CVE-2021-37349	۶.۳	Nagios XI cleaner.php access control	$۲k-$5k	Official Fix
CVE-2021-37353	۵.۵	Nagios XI Docker Wizard table_population.php server-side request forgery	$۱k-$2k	Official Fix
CVE-2021-37347	۵.۳	Nagios XI getprofile.sh access control	$۱k-$2k	Official Fix
CVE-2021-37351	۶.۳	Nagios XI HTTP Request permission	$۲k-$5k	Official Fix
CVE-2021-37348	۵.۵	Nagios XI index.php file inclusion	$۱k-$2k	Official Fix
CVE-2021-37352	۵.۵	Nagios XI redirect	$۱k-$2k	Official Fix
CVE-2021-37344	۶.۳	Nagios XI Switch Wizard os command injection	$۲k-$5k	Official Fix
CVE-2021-37346	۶.۳	Nagios XI WatchGuard Wizard os command injection	$۲k-$5k	Official Fix
CVE-2021-37345	۶.۳	Nagios XI xi-sys.cfg access control	$۲k-$5k	Official Fix
CVE-2021-38518	۶.۸	Netgea RAX200/RAX75/RAX80/RBK852/RBR850/RBS850 command injection	$۲k-$5k	Official Fix
CVE-2021-38531	۴.۱	Netgear AC2400 config	$۱۰k-$25k	Official Fix
CVE-2021-38529	۶.۳	Netgear D7800/R7800/R8900/R9000 command injection	$۱۰k-$25k	Official Fix
CVE-2021-38528	۸.۸	Netgear D8500/R6900P/R7000P/R7100LG/WNDR3400v3/XR300 command injection	$۱۰k-$25k	Official Fix
CVE-2021-32122	۴.۳	Netgear EX3700/EX3800/EX6120/EX6130 cross-site request forgery	$۵k-$10k	Official Fix
CVE-2021-38523	۴.۳	Netgear R6400 stack-based overflow	$۱۰k-$25k	Official Fix
CVE-2021-38522	۶.۸	Netgear R6400 stack-based overflow	$۱۰k-$25k	Official Fix
CVE-2021-38520	۶.۶	Netgear R6400/R6400v2/R6700v3/R6700v2/R6900v2/R7000P command injection	$۱۰k-$25k	Official Fix
CVE-2021-38521	۴.۷	Netgear R6400/R7900P/R8000P/RAX75/RAX80 command injection	$۱۰k-$25k	Official Fix
CVE-2021-38517	۴.۳	Netgear R6400/RAX75/RAX80/XR300 out-of-bounds write	$۱۰k-$25k	Official Fix
CVE-2021-38539	۵.۵	Netgear R8500 access control	$۱۰k-$25k	Official Fix
CVE-2021-38526	۴.۳	Netgear RAX35/RAX38/RAX40 buffer overflow	$۱۰k-$25k	Official Fix
CVE-2021-38537	۲.۴	Netgear RAX40 cross site scripting	$۲k-$5k	Official Fix
CVE-2021-38536	۲.۴	Netgear RAX40 cross site scripting	$۲k-$5k	Official Fix
CVE-2021-38535	۲.۴	Netgear RAX40 cross site scripting	$۲k-$5k	Official Fix
CVE-2021-38533	۳.۵	Netgear RAX40 cross site scripting	$۲k-$5k	Official Fix
CVE-2021-38519	۴.۷	Netgear RAX80 command injection	$۱۰k-$25k	Official Fix
CVE-2021-38530	۸.۸	Netgear RBK40 command injection	$۱۰k-$25k	Official Fix
CVE-2021-38513	۶.۳	Netgear RBS750 improper authentication	$۵k-$10k	Official Fix
CVE-2021-38524	۴.۵	Netgear RBS750 stack-based overflow	$۵k-$10k	Official Fix
CVE-2021-38532	۶.۸	Netgear WAC104 config	$۱۰k-$25k	Official Fix
CVE-2021-38516	۹.۸	Netgear XR500 access control	$۲۵k-$50k	Official Fix
CVE-2021-38527	۶.۳	Netgear XR500 command injection	$۱۰k-$25k	Official Fix
CVE-2021-38538	۴.۳	Netgear XR500 cross site scripting	$۵k-$10k	Official Fix
CVE-2021-38534	۲.۴	Netgear XR500 cross site scripting	$۵k-$10k	Official Fix
CVE-2021-38514	۴.۳	Netgear XR500 improper authentication	$۱۰k-$25k	Official Fix
CVE-2021-38525	۶.۸	Netgear XR500 stack-based overflow	$۱۰k-$25k	Official Fix
CVE-2021-34398	۸.۰	NVIDIA DCGM DIAG Module uncontrolled search path	$۰-$۵k	Official Fix
CVE-2021-1113	۵.۵	NVIDIA Jetson AGX Xavier Camera Firmware access control	$۱k-$2k	Official Fix
CVE-2021-1109	۴.۶	NVIDIA Jetson AGX Xavier Camera Firmware access control	$۱k-$2k	Official Fix
CVE-2021-1108	۵.۵	NVIDIA Jetson AGX Xavier FuSa Capture ISP integer underflow	$۲k-$5k	Official Fix
CVE-2021-1114	۵.۷	NVIDIA Jetson AGX Xavier Kernel Crypto Node use after free	$۱k-$2k	Official Fix
CVE-2021-1111	۶.۸	NVIDIA Jetson AGX Xavier NV3P Server buffer overflow	$۱k-$2k	Official Fix
CVE-2021-1107	۸.۰	NVIDIA Jetson AGX Xavier nvmap access control	$۲k-$5k	Official Fix
CVE-2021-1106	۵.۵	NVIDIA Jetson AGX Xavier nvmap access control	$۱k-$2k	Official Fix
CVE-2021-1112	۵.۷	NVIDIA Jetson AGX Xavier nvmap null pointer dereference	$۰-$۱k	Official Fix
CVE-2021-1110	۸.۰	NVIDIA KernelJetson AGX Xavier/Jetson Xavier NX Camera Firmware toctou	$۱k-$2k	Official Fix
CVE-2021-31556	۵.۵	Oauth Extension RSA Key MWOAuthConsumerSubmitControl.php Privilege Escalation	$۲k-$5k	Official Fix
CVE-2021-38708	۳.۵	ocProducts Composr CMS Comcode cross site scripting	$۰-$۵k	Official Fix
CVE-2021-38709	۳.۵	ocProducts Composr CMS staff_messaging System cross site scripting	$۰-$۵k	Official Fix
CVE-2021-38583	۳.۵	openBaraza HCM subscription.jsp cross site scripting	$۰-$۵k	Not Defined
CVE-2021-38619	۴.۳	openBaraza HCM subscription.jsp cross site scripting	$۰-$۵k	Not Defined
CVE-2013-4718	۳.۵	OTRS Open Ticket Request System cross site scripting	$۰-$۱k	Official Fix
CVE-2013-4717	۶.۳	OTRS Open Ticket Request System PreferencesCustomQueue.pm sql injection	$۱k-$2k	Official Fix
CVE-2021-3045	۲.۷	Palo Alto PAN-OS argument injection	$۱k-$2k	Official Fix
CVE-2021-3046	۵.۶	Palo Alto PAN-OS SAML Authentication improper authentication	$۱k-$2k	Official Fix
CVE-2021-3050	۷.۲	Palo Alto PAN-OS Web Interface os command injection	$۲k-$5k	Not Defined
CVE-2021-3047	۳.۶	Palo Alto PAN-OS Web Interface weak prng	$۰-$۱k	Official Fix
CVE-2021-3048	۳.۷	Palo-Alto PAN-OS devsrvr denial of service	$۰-$۱k	Official Fix
CVE-2021-37704	۴.۳	PhpFastCache vendor phpinfo information disclosure	$۱k-$2k	Official Fix
CVE-2021-38602	۳.۵	Pluxml Articles cross site scripting	$۰-$۱k	Not Defined
CVE-2021-38603	۳.۵	PluXML profil.php cross site scripting	$۰-$۱k	Not Defined
CVE-2021-38593	۵.۵	Qt convertPath out-of-bounds write	$۲k-$5k	Official Fix
CVE-2020-24741	۶.۶	Qt Plugin Loader Privilege Escalation	$۲k-$5k	Official Fix
CVE-2020-24742	۶.۶	Qt QPluginLoader Privilege Escalation	$۲k-$5k	Official Fix
CVE-2020-23149	۶.۹	rConfig ajaxDbInstall.php sql injection	$۱k-$2k	Official Fix
CVE-2020-23150	۶.۹	rConfig config.inc.php sql injection	$۱k-$2k	Official Fix
CVE-2020-23151	۷.۶	rConfig GET Request ajaxArchiveFiles.php os command injection	$۱k-$2k	Official Fix
CVE-2020-23148	۶.۵	rConfig POST Request login.php ldap injection	$۱k-$2k	Official Fix
CVE-2014-9320	۴.۳	SAP Businessobjects Edge Token information disclosure	$۵k-$10k	Not Defined
CVE-2015-2074	۶.۳	SAP BussinessObjects Edge FRS CORBA Listener pathname traversal	$۱۰k-$25k	Not Defined
CVE-2015-2073	۴.۳	SAP BussinessObjects Edge FRS CORBA Listener pathname traversal	$۵k-$10k	Not Defined
CVE-2021-33699	۵.۳	SAP Fiori Tasks AndroidManifest.xml access control	$۵k-$10k	Official Fix
CVE-2021-33706	۶.۳	SAP InfraBox input validation	$۱۰k-$25k	Not Defined
CVE-2015-7731	۳.۵	SAP Mobile Platform ClientHub information disclosure	$۲k-$5k	Not Defined
CVE-2021-33702	۴.۳	SAP Netweaver Enterprise Portal Report Data cross site scripting	$۵k-$10k	Official Fix
CVE-2021-33703	۴.۳	SAP Netweaver Enterprise Portal URL Parameter cross site scripting	$۵k-$10k	Official Fix
CVE-2021-33707	۶.۳	SAP NetWeaver Knowledge Management redirect	$۱۰k-$25k	Official Fix
CVE-2017-16631	۵.۵	SapphireIMS Account Password Reset resource injection	$۱k-$2k	Not Defined
CVE-2020-25561	۶.۳	SapphireIMS Config File ServerConf.config hard-coded credentials	$۱k-$2k	Not Defined
CVE-2020-25562	۳.۵	SapphireIMS cross-site request forgery	$۰-$۱k	Not Defined
CVE-2017-16629	۴.۳	SapphireIMS information exposure	$۱k-$2k	Not Defined
CVE-2017-16632	۲.۶	SapphireIMS insufficiently protected credentials	$۰-$۱k	Not Defined
CVE-2020-25565	۶.۳	SapphireIMS Portal hard-coded credentials	$۱k-$2k	Not Defined
CVE-2020-25560	۶.۳	SapphireIMS Portal hard-coded credentials	$۱k-$2k	Not Defined
CVE-2020-25564	۵.۵	SapphireIMS Privilege Escalation	$۲k-$5k	Not Defined
CVE-2020-25563	۵.۵	SapphireIMS RemoteMgmtTaskSave Privilege Escalation	$۲k-$5k	Not Defined
CVE-2017-16630	۵.۵	SapphireIMS resource injection	$۱k-$2k	Not Defined
CVE-2020-25566	۶.۳	SapphireIMS Save_Password Remote Code Execution	$۲k-$5k	Not Defined
CVE-2021-25659	۳.۵	Siemens Automation License Manager Service Port 4410 resource consumption	$۲k-$5k	Official Fix
CVE-2021-33717	۳.۵	Siemens JT2Go/Teamcenter Visualization CGM File null pointer dereference	$۲k-$5k	Official Fix
CVE-2021-33738	۳.۵	Siemens JT2Go/Teamcenter Visualization PAR File Parser plmxmlAdapterSE70.dll out-of-bounds read	$۲k-$5k	Official Fix
CVE-2020-28397	۳.۵	Siemens SIMATIC Drive Controller Service Port 102 authorization	$۱۰k-$25k	Official Fix
CVE-2021-37172	۶.۳	Siemens SIMATIC S7-1200 CPU TIA Portal improper authentication	$۵k-$10k	Not Defined
CVE-2021-33721	۴.۷	Siemens SINEC NMS Batch Operation os command injection	$۱۰k-$25k	Official Fix
CVE-2021-37179	۵.۵	Siemens Solid Edge SE2021 OBJ File Parser PSKERNEL.dll use after free	$۱۰k-$25k	Official Fix
CVE-2021-37180	۵.۵	Siemens Solid Edge SE2021 OBJ File PSKERNEL.dll uninitialized pointer	$۱۰k-$25k	Official Fix
CVE-2021-37178	۶.۳	Siemens Solid Edge SE2021 XML File xml external entity reference	$۵k-$10k	Official Fix
CVE-2021-20032	۶.۳	SonicWALL Analytics On-Prem Java Debug Wire Protocol Interface config	$۲k-$5k	Not Defined
CVE-2021-37696	۴.۳	tmerc-cogs MassDM Message missing authentication	$۱k-$2k	Official Fix
CVE-2021-37697	۶.۳	tmerc-cogs Membership Event Message missing authentication	$۱k-$2k	Official Fix
CVE-2021-38543	۲.۰	TP-LINK UE330 LED Glowworm information exposure	$۰-$۱k	Not Defined
CVE-2021-28844	۳.۵	TRENDnet TEW-755AP/TEW-755AP2KAC/TEW-821DAP2KAC/TEW-825DAP POST Request apply_cgi do_graph_auth null pointer dereference	$۰-$۱k	Not Defined
CVE-2021-28842	۴.۳	TRENDnet TEW-755AP/TEW-755AP2KAC/TEW-821DAP2KAC/TEW-825DAP POST Request apply_cgi do_graph_auth null pointer dereference	$۰-$۱k	Not Defined
CVE-2021-28846	۴.۳	TRENDnet TEW-755AP/TEW-755AP2KAC/TEW-821DAP2KAC/TEW-825DAP POST Request apply_cgi fprintf format string	$۲k-$5k	Not Defined
CVE-2021-28845	۵.۹	TRENDnet TEW-755AP/TEW-755AP2KAC/TEW-821DAP2KAC/TEW-825DAP POST Request apply_cgi lang null pointer dereference	$۰-$۱k	Not Defined
CVE-2021-28843	۳.۵	TRENDnet TEW-755AP/TEW-755AP2KAC/TEW-821DAP2KAC/TEW-825DAP POST Request apply_cgi null pointer dereference	$۰-$۱k	Not Defined
CVE-2021-28841	۴.۳	TRENDnet TEW-755AP/TEW-755AP2KAC/TEW-821DAP2KAC/TEW-825DAP POST Request apply_cgi ping_test null pointer dereference	$۰-$۱k	Not Defined
CVE-2021-31655	۳.۵	TRENDnet TV-IP110WN GET Request view.cgi cross site scripting	$۰-$۱k	Not Defined
CVE-2021-38597	۶.۳	wolfSSL NoCheck Extension Privilege Escalation	$۲k-$5k	Official Fix
CVE-2021-24501	۵.۵	Workreap Theme AJAX Action authorization	$۱k-$2k	Official Fix
CVE-2021-24500	۳.۵	Workreap Theme POST Request cross-site request forgery	$۰-$۱k	Official Fix
CVE-2021-24499	۶.۳	Workreap Theme workreap-temp workreap_temp_file_uploader unrestricted upload	$۲k-$5k	Official Fix
CVE-2021-34661	۳.۵	WP Fusion Lite Plugin class-log-handler.php show_logs_section cross-site request forgery	$۰-$۱k	Official Fix
CVE-2021-34660	۳.۵	WP Fusion Lite Plugin Parameter class-log-table-list.php cross site scripting	$۰-$۱k	Official Fix
CVE-2021-24502	۳.۵	WP Google Map Plugin Map Title cross site scripting	$۰-$۱k	Official Fix
CVE-2021-3692	۳.۷	yii2 entropy	$۰-$۱k	Official Fix
CVE-2021-3689	۳.۷	yii2 entropy	$۰-$۱k	Official Fix
CVE-2020-18445	۳.۵	yunucms Page.php upurl cross site scripting	$۰-$۱k	Not Defined
CVE-2020-18446	۳.۵	yunucms Parameter ContentModel.php cross site scripting	$۰-$۱k	Not Defined
CVE-2020-20977	۳.۵	yxcmf UKcms Comments Section 6.html cross site scripting	$۰-$۱k	Not Defined
CVE-2020-18449	۳.۵	yxcmf UKcms Single.php index cross site scripting	$۰-$۱k	Not Defined
CVE-2021-33256	۶.۳	Zoho ManageEngine ADSelfService Plus Login Panel csv injection	$۲k-$5k	Not Defined
CVE-2021-21740	۳.۵	ZTE Gateway Digital Media Player information disclosure	$۰-$۱k	Not Defined

خدمات آپا

سایر آسیب پذیری ها

آسیب‌پذیری‌های حیاتی هفته سوم مردادماه