info[at]nsec.ir
(+۹۸)-۳۱-۳۳۹۱۵۳۳۶

آسیب‌پذیری‌های حیاتی هفته سوم شهریور‌ماه

 

این هفته آسیب‌پذیری‌های «حیاتی» و «پرخطر» بسیاری در محصولات مهم Cisco  گزارش و وصله‌ها و به‌روزرسانی‌هایی به منظور رفع آن‌ها ارائه شد.  همچنین در  محصولات شرکت‌های Fortinet، Nextcloud، Apple، QNAP،  Qualcomm و افزونه‌های WordPress چندین آسیب‌پذیری «حیاتی» و «پرخطر» وجود داشت.

لیست این آسیب‌پذیری‌ها به‌همراه سطح خطر آن‌ها در جدول زیر آمده است.

شناسه آسیب‌پذیری

امتیاز مبنا

عنوان آسیب‌پذیری

ارزش روز صفر

رفع آسیب‌پذیری

CVE-2020-24672

۹.۸

ABB Base Software for SoftControl insufficient verification of data authenticity

$۲k-$5k

Not Defined

CVE-2021-35526

۳.۳

ABB Power Grids System Data Manager DM600 Backup File cleartext storage

$۰-$۱k

Official Fix

CVE-2021-31785

۲.۱

Actions ATS2815/ATS2819 Bluetooth Classic BrakTooth deadlock

$۰-$۱k

Not Defined

CVE-2021-31786

۲.۱

Actions ATS2815/ATS2819 Bluetooth Classic BrakTooth deadlock

$۰-$۱k

Not Defined

CVE-2021-28567

۵.۰

Adobe Magento Customers Module improper authorization

$۵k-$10k

Official Fix

CVE-2021-38540

۷.۳

Apache Airflow Variable Import Endpoint privileges management

$۱۰k-$25k

Official Fix

CVE-2021-38555

۵.۵

Apache Any23 StreamUtils.java xml external entity reference

$۵k-$25k

Official Fix

CVE-2021-40146

۶.۳

Apache Any23 YAMLExtractor.java Privilege Escalation

$۵k-$25k

Official Fix

CVE-2021-37579

۵.۵

Apache Dubbo Configuration deserialization

$۱۰k-$25k

Official Fix

CVE-2021-36163

۵.۵

Apache Dubbo Hessian Protocol access control

$۱۰k-$25k

Official Fix

CVE-2021-36162

۶.۳

Apache Dubbo SnakeYAML Privilege Escalation

$۱۰k-$25k

Official Fix

CVE-2021-36161

۶.۳

Apache Dubbo toString format string

$۱۰k-$25k

Official Fix

CVE-2021-30675

۵.۳

Apple Boot Camp State Management memory corruption

$۵k-$10k

Official Fix

CVE-2021-30742

۶.۳

Apple iOS/iPadOS Audio File memory corruption

$۱۰۰k and more

Official Fix

CVE-2021-1833

۳.۳

Apple iOS/iPadOS denial of service

$۵k-$10k

Official Fix

CVE-2021-30703

۷.۸

Apple iOS/iPadOS double free

$۵۰k-$100k

Official Fix

CVE-2021-30664

۶.۳

Apple iOS/iPadOS File out-of-bounds write

$۱۰۰k and more

Official Fix

CVE-2021-30764

۶.۳

Apple iOS/iPadOS File Remote Code Execution

$۱۰۰k and more

Official Fix

CVE-2021-30662

۶.۳

Apple iOS/iPadOS File Remote Code Execution

$۱۰۰k and more

Official Fix

CVE-2021-30753

۴.۳

Apple iOS/iPadOS Font out-of-bounds read

$۲۵k-$50k

Official Fix

CVE-2021-30733

۴.۳

Apple iOS/iPadOS Font out-of-bounds read

$۲۵k-$50k

Official Fix

CVE-2021-30706

۴.۳

Apple iOS/iPadOS Image information disclosure

$۲۵k-$50k

Official Fix

CVE-2021-30752

۶.۳

Apple iOS/iPadOS Image out-of-bounds read

$۲۵k-$50k

Official Fix

CVE-2021-30743

۶.۳

Apple iOS/iPadOS Image out-of-bounds write

$۱۰۰k and more

Official Fix

CVE-2021-1838

۶.۳

Apple iOS/iPadOS Image Remote Code Execution

$۱۰۰k and more

Official Fix

CVE-2021-1812

۷.۸

Apple iOS/iPadOS Local Privilege Escalation

$۵۰k-$100k

Official Fix

CVE-2021-30756

۴.۰

Apple iOS/iPadOS Lock Screen information disclosure

$۱۰k-$25k

Official Fix

CVE-2021-1863

۴.۳

Apple iOS/iPadOS NFC Tag improper authentication

$۵k-$10k

Official Fix

CVE-2021-1862

۲.۴

Apple iOS/iPadOS Siri Search information disclosure

$۲k-$5k

Official Fix

CVE-2021-30750

۵.۳

Apple macOS Contact permission

$۵k-$10k

Official Fix

CVE-2021-30703

۷.۸

Apple macOS double free

$۱۰k-$25k

Official Fix

CVE-2021-30664

۶.۳

Apple macOS File out-of-bounds write

$۱۰k-$25k

Official Fix

CVE-2021-30755

۴.۳

Apple macOS Font out-of-bounds read

$۵k-$10k

Official Fix

CVE-2021-30753

۴.۳

Apple macOS Font out-of-bounds read

$۵k-$10k

Official Fix

CVE-2021-30733

۴.۳

Apple MacOS Font out-of-bounds read

$۵k-$10k

Official Fix

CVE-2021-30706

۴.۳

Apple macOS Image information disclosure

$۵k-$10k

Official Fix

CVE-2021-30752

۶.۳

Apple macOS Image out-of-bounds read

$۵k-$10k

Official Fix

CVE-2021-30743

۶.۳

Apple macOS Image out-of-bounds write

$۱۰k-$25k

Official Fix

CVE-2021-30756

۴.۰

Apple macOS Lock Screen information disclosure

$۲k-$5k

Official Fix

CVE-2021-30751

۵.۳

Apple macOS Privacy Preferences Local Privilege Escalation

$۵k-$10k

Official Fix

CVE-2021-30672

۷.۸

Apple macOS State Management memory corruption

$۱۰k-$25k

Official Fix

CVE-2021-30731

۶.۳

Apple macOS USB Device Privilege Escalation

$۱۰k-$25k

Official Fix

CVE-2020-27940

۵.۵

Apple TV App File Privilege Escalation

$۱۰k-$25k

Official Fix

CVE-2021-30703

۷.۸

Apple tvOS double free

$۵k-$10k

Official Fix

CVE-2021-30664

۶.۳

Apple tvOS File out-of-bounds write

$۵k-$10k

Official Fix

CVE-2021-30764

۶.۳

Apple tvOS File Remote Code Execution

$۵k-$10k

Official Fix

CVE-2021-30755

۴.۳

Apple tvOS Font out-of-bounds read

$۲k-$5k

Official Fix

CVE-2021-30753

۴.۳

Apple tvOS Font out-of-bounds read

$۲k-$5k

Official Fix

CVE-2021-30733

۴.۳

Apple tvOS Font out-of-bounds read

$۲k-$5k

Official Fix

CVE-2021-30752

۶.۳

Apple tvOS Image out-of-bounds read

$۲k-$5k

Official Fix

CVE-2021-30743

۶.۳

Apple tvOS Image out-of-bounds write

$۵k-$10k

Official Fix

CVE-2021-30703

۷.۸

Apple watchOS double free

$۵k-$10k

Official Fix

CVE-2021-30664

۶.۳

Apple watchOS File out-of-bounds write

$۵k-$10k

Official Fix

CVE-2021-30764

۶.۳

Apple watchOS File Remote Code Execution

$۵k-$10k

Official Fix

CVE-2021-30755

۴.۳

Apple watchOS Font out-of-bounds read

$۲k-$5k

Official Fix

CVE-2021-30753

۴.۳

Apple watchOS Font out-of-bounds read

$۲k-$5k

Official Fix

CVE-2021-30733

۴.۳

Apple watchOS Font out-of-bounds read

$۲k-$5k

Official Fix

CVE-2021-30706

۴.۳

Apple watchOS Image information disclosure

$۲k-$5k

Official Fix

CVE-2021-30752

۶.۳

Apple watchOS Image out-of-bounds read

$۲k-$5k

Official Fix

CVE-2021-30743

۶.۳

Apple watchOS Image out-of-bounds write

$۵k-$10k

Official Fix

CVE-2021-28497

۵.۴

Arista Metamako Operating System Bash Shell access control

$۲k-$5k

Official Fix

CVE-2021-28499

۵.۳

Arista Metamako Operating System credentials management

$۲k-$5k

Not Defined

CVE-2021-28498

۸.۸

Arista Metamako Operating System credentials management

$۲k-$5k

Not Defined

CVE-2021-28493

۸.۶

Arista Metamako Operating System improper authentication

$۲k-$5k

Not Defined

CVE-2021-28495

۷.۳

Arista Metamako Operating System JSON-RPC APIs improper authentication

$۱k-$2k

Official Fix

CVE-2021-28494

۷.۹

Arista Metamako Operating System Web UI improper authentication

$۱k-$2k

Not Defined

CVE-2019-5318

۳.۵

Aruba Operating System Software cross-site request forgery

$۰-$۱k

Official Fix

CVE-2021-37728

۶.۳

Aruba Operating System Software path traversal

$۱k-$2k

Official Fix

CVE-2021-37724

۶.۳

Aruba Operating System Software Privilege Escalation

$۲k-$5k

Official Fix

CVE-2021-37733

۶.۳

Aruba SD-WAN Software and Gateways path traversal

$۱k-$2k

Official Fix

CVE-2021-37716

۶.۳

Aruba SD-WAN Software and Gateways/ArubaOS buffer overflow

$۲k-$5k

Official Fix

CVE-2021-37725

۳.۵

Aruba SD-WAN Software and Gateways/ArubaOS cross-site request forgery

$۰-$۱k

Official Fix

CVE-2021-37731

۵.۳

Aruba SD-WAN Software and Gateways/ArubaOS path traversal

$۰-$۱k

Official Fix

CVE-2021-37729

۶.۳

Aruba SD-WAN Software and Gateways/ArubaOS path traversal

$۱k-$2k

Official Fix

CVE-2021-37722

۶.۳

Aruba SD-WAN Software and Gateways/ArubaOS Privilege Escalation

$۲k-$5k

Official Fix

CVE-2021-37721

۶.۳

Aruba SD-WAN Software and Gateways/ArubaOS Privilege Escalation

$۲k-$5k

Official Fix

CVE-2021-37720

۶.۳

Aruba SD-WAN Software and Gateways/ArubaOS Privilege Escalation

$۲k-$5k

Official Fix

CVE-2021-37719

۶.۳

Aruba SD-WAN Software and Gateways/ArubaOS Privilege Escalation

$۲k-$5k

Official Fix

CVE-2021-37718

۶.۳

Aruba SD-WAN Software and Gateways/ArubaOS Privilege Escalation

$۲k-$5k

Official Fix

CVE-2021-37717

۶.۳

Aruba SD-WAN Software and Gateways/ArubaOS Privilege Escalation

$۲k-$5k

Official Fix

CVE-2021-39122

۴.۳

Atlassian JIRA Server Search Endpoint search information disclosure

$۱k-$2k

Official Fix

CVE-2021-39116

۴.۳

Atlassian JIRA Server/Data Center GIF Image Reader denial of service

$۰-$۱k

Official Fix

CVE-2021-39121

۴.۳

Atlassian JIRA Server/Data Center Private Project key information disclosure

$۱k-$2k

Official Fix

CVE-2021-28911

۳.۷

BAB eibPort BMX Interface tmp excessive authentication

$۱k-$2k

Not Defined

CVE-2021-28914

۳.۱

BAB eibPort Configuration weak password

$۱k-$2k

Not Defined

CVE-2021-28909

۳.۷

BAB eibPort SecurityModule excessive authentication

$۱k-$2k

Not Defined

CVE-2021-28910

۶.۳

BAB eibPort server-side request forgery

$۲k-$5k

Official Fix

CVE-2021-28913

۶.۳

BAB eibPort SSH SecurityModule improper authentication

$۱k-$2k

Not Defined

CVE-2021-31610

۲.۱

Bluetrum AB32VG1 Bluetooth Classic LMP_AU_rand BrakTooth denial of service

$۰-$۱k

Not Defined

CVE-2021-34150

۴.۳

Bluetrum AB5301A Bluetooth Classic BrakTooth denial of service

$۰-$۱k

Not Defined

CVE-2021-3768

۳.۵

BookStack Web Page Generation cross site scripting

$۰-$۱k

Official Fix

CVE-2021-3767

۳.۵

BookStack Web Page Generation cross site scripting

$۰-$۱k

Official Fix

CVE-2021-34786

۶.۵

Cisco BroadWorks CommPilot Application Software weak authentication

$۵k-$10k

Official Fix

CVE-2021-34785

۶.۵

Cisco BroadWorks CommPilot Application Software weak authentication

$۵k-$10k

Official Fix

CVE-2021-34771

۵.۵

Cisco IOS XR CLI insertion of sensitive information into sent data

$۲۵k-$50k

Official Fix

CVE-2021-34728

۷.۸

Cisco IOS XR CLI os command injection

$۲۵k-$50k

Official Fix

CVE-2021-34719

۷.۸

Cisco IOS XR CLI os command injection

$۲۵k-$50k

Official Fix

CVE-2021-34722

۶.۷

Cisco IOS XR CLI os command injection

$۲۵k-$50k

Official Fix

CVE-2021-34721

۶.۷

Cisco IOS XR CLI os command injection

$۲۵k-$50k

Official Fix

CVE-2021-34737

۵.۸

Cisco IOS XR DHCPv4 Server null pointer dereference

$۱۰k-$25k

Official Fix

CVE-2021-34713

۷.۴

Cisco IOS XR Ethernet Frame resource management

$۵k-$10k

Official Fix

CVE-2021-34709

۶.۰

Cisco IOS XR Image Verification signature verification

$۲۵k-$50k

Official Fix

CVE-2021-34720

۸.۶

Cisco IOS XR IP SLA/TWAMP resource consumption

$۱۰k-$25k

Official Fix

CVE-2021-34708

۶.۰

Cisco IOS XR NCS signature verification

$۲۵k-$50k

Official Fix

CVE-2021-34718

۸.۱

Cisco IOS XR SSH Server argument injection

$۲۵k-$50k

Official Fix

CVE-2021-38705

۳.۵

ClinicCases cross-site request forgery

$۰-$۱k

Not Defined

CVE-2021-38706

۵.۰

ClinicCases messages_load.php sql injection

$۱k-$2k

Not Defined

CVE-2021-38707

۳.۵

ClinicCases Session Token cross site scripting

$۰-$۱k

Not Defined

CVE-2021-38704

۴.۳

ClinicCases Session Token cross site scripting

$۰-$۱k

Not Defined

CVE-2021-40530

۲.۶

Crypto++ ElGamal Encryption inadequate encryption

$۰-$۱k

Not Defined

CVE-2021-38321

۵.۲

Custom Menu Plugin Plugin Parameter custom-menus.php cross site scripting

$۰-$۱k

Official Fix

CVE-2021-38347

۵.۲

Custom Website Data Plugin Parameter edit.php cross site scripting

$۰-$۱k

Official Fix

CVE-2021-34146

۲.۱

Cypress CYW920735Q60EVB Bluetooth Classic BrakTooth denial of service

$۰-$۱k

Not Defined

CVE-2021-34148

۲.۱

Cypress WICED BT Stack Bluetooth Classic BrakTooth denial of service

$۰-$۱k

Not Defined

CVE-2021-34145

۲.۱

Cypress WICED BT Stack Bluetooth Classic BrakTooth denial of service

$۰-$۱k

Not Defined

CVE-2021-34147

۲.۱

Cypress WICED BT Stack Bluetooth Classic BrakTooth denial of service

$۰-$۱k

Not Defined

CVE-2021-33045

۸.۱

Dahua IPC-HX3XXX Data Packet improper authentication

$۰-$۵k

Official Fix

CVE-2021-33044

۸.۱

Dahua IPC-HX3XXX Data Packet improper authentication

$۰-$۵k

Official Fix

CVE-2021-36695

۳.۵

Deskpro Cloud/On-Premise Download File cross site scripting

$۰-$۱k

Official Fix

CVE-2021-36696

۳.۵

Deskpro Cloud/On-Premise User Profile cross site scripting

$۰-$۱k

Official Fix

CVE-2021-40284

۴.۳

D-Link DSL-3782 Web Interface Igmp.asp denial of service

$۲k-$5k

Not Defined

CVE-2020-19266

۳.۵

Dswjcms articleList cross site scripting

$۰-$۱k

Not Defined

CVE-2020-19265

۳.۵

Dswjcms links cross site scripting

$۰-$۱k

Not Defined

CVE-2020-19267

۶.۳

Dswjcms PHP File resources unrestricted upload

$۲k-$5k

Not Defined

CVE-2020-19268

۳.۵

Dswjcms tfAdd cross-site request forgery

$۰-$۱k

Not Defined

CVE-2021-32834

۵.۰

Eclipse Keti RESTfuls API code injection

$۲k-$5k

Not Defined

CVE-2021-32835

۷.۳

Eclipse Keti RESTfuls API sandbox

$۲k-$5k

Not Defined

CVE-2021-38616

۶.۳

Eigen NLP PATCH Request access control

$۲k-$5k

Not Defined

CVE-2021-38615

۵.۵

Eigen NLP SSO Configuration Endpoint access control

$۱k-$2k

Not Defined

CVE-2021-38617

۶.۳

Eigen NLP User Creation Endpoint access control

$۲k-$5k

Not Defined

CVE-2021-28135

۲.۱

Espressif ESP-IDF Bluetooth Classic BrakTooth denial of service

$۰-$۱k

Not Defined

CVE-2021-28139

۴.۱

Espressif ESP-IDF Bluetooth Classic BrakTooth Local Privilege Escalation

$۰-$۱k

Not Defined

CVE-2021-28136

۲.۱

Espressif ESP-IDF Bluetooth Classic BrakTooth memory corruption

$۰-$۱k

Not Defined

CVE-2021-39496

۳.۵

EyouCms cross site scripting

$۰-$۱k

Not Defined

CVE-2021-39501

۶.۳

EyouCms Logout redirect

$۱k-$2k

Not Defined

CVE-2021-39499

۳.۵

EyouCMS Parameter bind_email cross site scripting

$۰-$۱k

Not Defined

CVE-2021-39500

۵.۵

EyouCms path traversal

$۱k-$2k

Not Defined

CVE-2021-39497

۵.۰

EyouCms URL saveRemote server-side request forgery

$۲k-$5k

Not Defined

CVE-2021-24040

۶.۳

Facebook ParlAI YAML deserialization

$۵k-$25k

Official Fix

CVE-2021-39207

۶.۷

Facebook ParlAI YAML deserialization

$۵k-$25k

Official Fix

CVE-2021-33981

۴.۳

Fish Hunt FL App direct request

$۲k-$5k

Not Defined

CVE-2021-33982

۴.۳

Fish Hunt FL App session expiration

$۱k-$2k

Not Defined

CVE-2021-24006

۸.۸

Fortinet FortiManager SD-WAN Orchestrator Panel access control

$۱k-$2k

Official Fix

CVE-2020-15939

۴.۳

Fortinet FortiSandbox Recovery URL information disclosure

$۱k-$2k

Official Fix

CVE-2020-29012

۵.۶

Fortinet FortiSandbox User Session session expiration

$۱k-$2k

Official Fix

CVE-2021-36179

۸.۰

Fortinet FortiWeb CLI Command stack-based overflow

$۲k-$5k

Official Fix

CVE-2021-36182

۸.۸

Fortinet FortiWeb HTTP Request command injection

$۲k-$5k

Official Fix

CVE-2021-33599

۵.۵

F-Secure Anti-Virus Engine WIM Archive File infinite loop

$۵k-$10k

Not Defined

CVE-2021-38727

۶.۳

Fuel CMS items sql injection

$۱k-$2k

Not Defined

CVE-2021-38723

۶.۳

Fuel CMS items sql injection

$۱k-$2k

Not Defined

CVE-2021-38721

۳.۵

Fuel CMS login.php cross-site request forgery

$۰-$۱k

Official Fix

CVE-2021-38725

۳.۷

Fuel CMS Login.php excessive authentication

$۱k-$2k

Official Fix

CVE-2021-22239

۵.۲

GitHub Community Edition/Enterprise Edition Metadata unknown vulnerability

$۲k-$5k

Not Defined

CVE-2021-40347

۵.۵

GNU Mailman Postorius POST Request list.py access control

$۱k-$2k

Official Fix

CVE-2021-38354

۵.۲

GNU-Mailman Integration Plugin Parameter mailing-lists-page.php cross site scripting

$۰-$۱k

Official Fix

CVE-2021-30605

۶.۳

Google ChromeOS Readiness Tool Installer access control

$۱۰k-$25k

Official Fix

CVE-2020-19750

۵.۵

GPAC box_code_base.c strdup heap-based overflow

$۲k-$5k

Not Defined

CVE-2020-19751

۵.۵

GPAC odf_code.c gf_odf_del_ipmp_tool heap-based overflow

$۲k-$5k

Not Defined

CVE-2021-37219

۵.۵

HashiCorp Consul/Consul Enterprise Raft RPC Layer Privilege Escalation

$۲k-$5k

Official Fix

CVE-2021-38698

۵.۵

HashiCorp Consul/Consul Enterprise Txn.Apply endpoint authorization

$۱k-$2k

Official Fix

CVE-2021-37218

۵.۵

HashiCorp Nomad/Nomad Enterprise Raft RPC Layer Privilege Escalation

$۲k-$5k

Official Fix

CVE-2021-37101

۴.۱

Huawei AIS-BW50-00 improper authorization

$۰-$۱k

Not Defined

CVE-2020-19285

۳.۵

Jeesns apply cross site scripting

$۰-$۱k

Not Defined

CVE-2020-19293

۳.۵

Jeesns Article add cross site scripting

$۰-$۱k

Not Defined

CVE-2020-19284

۳.۵

Jeesns comment cross site scripting

$۰-$۱k

Not Defined

CVE-2020-19294

۳.۵

Jeesns Comments comment cross site scripting

$۰-$۱k

Not Defined

CVE-2020-19280

۳.۵

Jeesns cross-site request forgery

$۰-$۱k

Not Defined

CVE-2020-19286

۳.۵

Jeesns Editor detail cross site scripting

$۰-$۱k

Not Defined

CVE-2020-19282

۳.۵

Jeesns Error Message cross site scripting

$۰-$۱k

Not Defined

CVE-2020-19281

۳.۵

Jeesns loginusername cross site scripting

$۰-$۱k

Not Defined

CVE-2020-19289

۳.۵

Jeesns New Album Tab album cross site scripting

$۰-$۱k

Not Defined

CVE-2020-19283

۳.۵

Jeesns newVersion cross site scripting

$۰-$۱k

Not Defined

CVE-2020-19287

۳.۵

Jeesns post cross site scripting

$۰-$۱k

Not Defined

CVE-2020-19288

۳.۵

Jeesns Private Message u cross site scripting

$۰-$۱k

Not Defined

CVE-2020-19291

۳.۵

Jeesns publishdata cross site scripting

$۰-$۱k

Not Defined

CVE-2020-19292

۳.۵

Jeesns Question ask cross site scripting

$۰-$۱k

Not Defined

CVE-2020-19295

۳.۵

Jeesns topic cross site scripting

$۰-$۱k

Not Defined

CVE-2020-19290

۳.۵

Jeesns Weibo Comment comment cross site scripting

$۰-$۱k

Not Defined

CVE-2021-25735

۴.۱

Kubernetes kube-apiserver state issue

$۱k-$2k

Not Defined

CVE-2021-25737

۲.۷

Kubernetes Pod Traffic incomplete blacklist

$۱k-$2k

Not Defined

CVE-2020-19143

۳.۵

LibTIFF tif_dir.c TIFFVGetField buffer overflow

$۱k-$2k

Not Defined

CVE-2020-19144

۳.۵

LibTIFF tif_unix.c _TIFFmemcpy buffer overflow

$۱k-$2k

Not Defined

CVE-2020-19131

۴.۳

LibTIFF tiffcrop invertImage buffer overflow

$۲k-$5k

Not Defined

CVE-2021-36215

۳.۵

LINE Address clickjacking

$۱k-$2k

Not Defined

CVE-2021-36216

۶.۳

LINE uncontrolled search path

$۲k-$5k

Not Defined

CVE-2021-32487

۷.۵

MediaTek Modem 2G RRM denial of service

$۰-$۱k

Official Fix

CVE-2021-32486

۴.۳

MediaTek Modem 2G RRM denial of service

$۰-$۱k

Official Fix

CVE-2021-32485

۴.۳

MediaTek Modem 2G RRM denial of service

$۰-$۱k

Official Fix

CVE-2021-32484

۶.۳

MediaTek Modem 2G RRM heap-based overflow

$۲k-$5k

Official Fix

CVE-2021-38123

۶.۳

Micro Focus Network Automation improper authentication

$۱k-$2k

Not Defined

CVE-2021-40444

۸.۸

Microsoft Windows MSHTML Remote Code Execution

$۱۰۰k and more

Workaround

CVE-2020-19264

۳.۵

MipCMS cross-site request forgery

$۰-$۱k

Not Defined

CVE-2020-19263

۳.۵

MipCMS cross-site request forgery

$۰-$۱k

Not Defined

CVE-2021-39278

۳.۵

Moxa WAC-2004 Config Import Menu cross site scripting

$۰-$۱k

Not Defined

CVE-2021-39279

۵.۵

Moxa WAC-2004 web_importTFTP command injection

$۲k-$5k

Not Defined

CVE-2021-37630

۶.۵

Nextcloud Circle Secret Circle authorization

$۲k-$5k

Official Fix

CVE-2021-32782

۵.۴

Nextcloud Circles cross site scripting

$۰-$۱k

Official Fix

CVE-2021-37631

۶.۵

Nextcloud Deck Circle Membership authorization

$۲k-$5k

Official Fix

CVE-2021-37628

۷.۵

Nextcloud Richdocuments File Drop authorization

$۲k-$5k

Official Fix

CVE-2021-37629

۵.۳

Nextcloud Richdocuments OCS endpoint information disclosure

$۱k-$2k

Official Fix

CVE-2021-32801

۵.۵

Nextcloud Server Encryption-at-Rest log file

$۱k-$2k

Official Fix

CVE-2021-32802

۹.۳

Nextcloud Server Image Preview config.php unknown vulnerability

$۲k-$5k

Official Fix

CVE-2021-32800

۸.۱

Nextcloud Server Two Factor Authentication improper authentication

$۱k-$2k

Official Fix

CVE-2021-32766

۵.۳

Nextcloud Text information exposure

$۱k-$2k

Official Fix

CVE-2021-33483

۳.۵

OnyakTech Comments Pro JSON Request CommentsService.ashx cross site scripting

$۰-$۱k

Not Defined

CVE-2021-33484

۲.۶

OnyakTech Comments Pro POST Request CommentsService.ashx inadequate encryption

$۰-$۱k

Not Defined

CVE-2021-36094

۳.۵

OTRS Community Edition Appointment Edit Screen cross site scripting

$۰-$۱k

Not Defined

CVE-2021-36093

۵.۳

OTRS Community Edition Email denial of service

$۰-$۱k

Not Defined

CVE-2021-36096

۲.۷

OTRS Community Edition Folder information disclosure

$۰-$۱k

Not Defined

CVE-2021-36095

۳.۷

OTRS Community Edition Lost Password information disclosure

$۱k-$2k

Not Defined

CVE-2021-35946

۵.۵

ownCloud Federated Share permission

$۱k-$2k

Official Fix

CVE-2021-35948

۶.۳

ownCloud Server Password Protected Public Links session fixiation

$۱k-$2k

Official Fix

CVE-2021-35947

۵.۳

ownCloud Server Public Share Controller information disclosure

$۱k-$2k

Official Fix

CVE-2021-35949

۵.۵

ownCloud Server Shareinfo Controller permission

$۱k-$2k

Official Fix

CVE-2021-40537

۵.۵

ownCloud user_ldap server-side request forgery

$۱k-$2k

Official Fix

CVE-2021-3049

۳.۱

Palo Alto Cortex XSOAR improper authorization

$۱k-$2k

Official Fix

CVE-2021-39503

۶.۳

PHPMyWind config.cache.php WriteConfig code injection

$۲k-$5k

Not Defined

CVE-2020-19855

۳.۵

phpwcms image_zoom.php cross site scripting

$۰-$۱k

Not Defined

CVE-2021-39206

۷.۹

Pomerium authorization

$۲k-$5k

Official Fix

CVE-2021-39162

۶.۹

Pomerium SETTINGS Frame unusual condition

$۲k-$5k

Official Fix

CVE-2021-39204

۶.۴

Pomerium Stream Reset iteration

$۰-$۱k

Official Fix

CVE-2021-32028

۴.۳

PostgreSQL CONFLICT information disclosure

$۱k-$2k

Official Fix

CVE-2021-32029

۴.۳

PostgreSQL UPDATE information disclosure

$۱k-$2k

Official Fix

CVE-2021-34346

۹.۸

QNAP NVR Storage Expansion stack-based overflow

$۲k-$5k

Official Fix

CVE-2021-34345

۹.۸

QNAP NVR Storage Expansion stack-based overflow

$۲k-$5k

Official Fix

CVE-2021-34344

۹.۸

QNAP QTS/QuTS Hero/QUSBCam2 stack-based overflow

$۲k-$5k

Official Fix

CVE-2018-19957

۶.۳

QNAP QTS/QuTS Hero/QuTScloud improper restriction of rendered ui layers

$۲k-$5k

Official Fix

CVE-2021-34343

۵.۳

QNAP QTS/QuTS Hero/QuTScloud stack-based overflow

$۲k-$5k

Official Fix

CVE-2021-28816

۷.۴

QNAP QTS/QuTS Hero/QuTScloud stack-based overflow

$۲k-$5k

Official Fix

CVE-2021-28813

۷.۹

QNAP QuNetSwitch insufficiently protected credentials

$۱k-$2k

Official Fix

CVE-2021-1957

۶.۵

Qualcomm Snapdragon Auto ACL Link Encryption access control

$۱۰k-$25k

Official Fix

CVE-2021-1934

۸.۴

Qualcomm Snapdragon Auto Application Loader Object memory corruption

$۱۰k-$25k

Official Fix

CVE-2021-1960

۶.۵

Qualcomm Snapdragon Auto ASB-C Broadcast Packet resource consumption

$۵k-$10k

Official Fix

CVE-2021-1956

۶.۵

Qualcomm Snapdragon Auto ASB-U Packet denial of service

$۵k-$10k

Official Fix

CVE-2021-1948

۷.۵

Qualcomm Snapdragon Auto Beacon out-of-bounds read

$۵k-$10k

Official Fix

CVE-2021-1929

۴.۳

Qualcomm Snapdragon Auto Bootmode information disclosure

$۵k-$10k

Official Fix

CVE-2021-1961

۶.۷

Qualcomm Snapdragon Auto buffer overflow

$۱۰k-$25k

Official Fix

CVE-2021-1909

۵.۹

Qualcomm Snapdragon Auto buffer overflow

$۱۰k-$25k

Official Fix

CVE-2021-1916

۹.۸

Qualcomm Snapdragon Auto buffer overflow

$۲۵k-$50k

Official Fix

CVE-2021-1904

۴.۳

Qualcomm Snapdragon Auto Child Process information disclosure

$۵k-$10k

Official Fix

CVE-2021-1958

۷.۲

Qualcomm Snapdragon Auto fastrpc Kernel Driver use after free

$۱۰k-$25k

Official Fix

CVE-2020-11264

۷.۳

Qualcomm Snapdragon Auto Handshake improper authentication

$۱۰k-$25k

Official Fix

CVE-2021-30295

۸.۱

Qualcomm Snapdragon Auto heap-based overflow

$۱۰k-$25k

Official Fix

CVE-2021-1914

۷.۵

Qualcomm Snapdragon Auto infinite loop

$۵k-$10k

Official Fix

CVE-2021-1962

۶.۷

Qualcomm Snapdragon Auto IOCTL buffer overflow

$۱۰k-$25k

Official Fix

CVE-2021-1974

۷.۵

Qualcomm Snapdragon Auto IPA SMMU/WLAN SMMU buffer overflow

$۱۰k-$25k

Official Fix

CVE-2021-30294

۸.۱

Qualcomm Snapdragon Auto KGSL GPU Auxiliary Command null pointer dereference

$۵k-$10k

Official Fix

CVE-2021-1935

۵.۵

Qualcomm Snapdragon Auto null pointer dereference

$۲k-$5k

Official Fix

CVE-2021-1930

۴.۳

Qualcomm Snapdragon Auto out-of-bounds read

$۵k-$10k

Official Fix

CVE-2021-1972

۹.۸

Qualcomm Snapdragon Auto P2P Search buffer overflow

$۲۵k-$50k

Official Fix

CVE-2021-1971

۷.۵

Qualcomm Snapdragon Auto Physical Layer State assertion

$۵k-$10k

Official Fix

CVE-2021-1952

۷.۸

Qualcomm Snapdragon Auto Request Buffer buffer overflow

$۱۰k-$25k

Official Fix

CVE-2021-1919

۹.۸

Qualcomm Snapdragon Auto RTCP integer underflow

$۲۵k-$50k

Official Fix

CVE-2021-1920

۹.۸

Qualcomm Snapdragon Auto RTCP Packet integer underflow

$۲۵k-$50k

Official Fix

CVE-2021-1933

۹.۸

Qualcomm Snapdragon Auto SDP Body assertion

$۲۵k-$50k

Official Fix

CVE-2021-1946

۹.۸

Qualcomm Snapdragon Auto SDP Body null pointer dereference

$۵k-$10k

Official Fix

CVE-2021-30290

۸.۱

Qualcomm Snapdragon Auto Time Fence null pointer dereference

$۵k-$10k

Official Fix

CVE-2021-1923

۸.۸

Qualcomm Snapdragon Auto Trusted Application memory corruption

$۲۵k-$50k

Official Fix

CVE-2021-1941

۷.۵

Qualcomm Snapdragon Auto WPA IE String buffer overflow

$۱۰k-$25k

Official Fix

CVE-2021-1963

۶.۷

Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables IPA Driver use after free

$۱۰k-$25k

Official Fix

CVE-2021-1928

۴.۶

Qualcomm Snapdragon Connectivity EMMC Device buffer overflow

$۱k-$2k

Official Fix

CVE-2021-40223

۳.۵

Rittal CMC PU III Configuration cross site scripting

$۰-$۱k

Not Defined

CVE-2021-40222

۸.۸

Rittal CMC PU III Web Management command injection

$۲k-$5k

Official Fix

CVE-2021-25461

۴.۳

Samsung APAService stack-based overflow

$۱k-$2k

Official Fix

CVE-2021-25460

۳.۶

Samsung BlockchainTZService sspExit improper authorization

$۰-$۱k

Official Fix

CVE-2021-25459

۴.۷

Samsung BlockchainTZService sspInit improper authorization

$۱k-$2k

Official Fix

CVE-2021-25453

۴.۲

Samsung Bluetooth API information disclosure

$۰-$۱k

Official Fix

CVE-2021-25452

۵.۵

Samsung DSP driver path traversal

$۰-$۱k

Official Fix

CVE-2021-25466

۵.۴

Samsung Internet Account Token improper authentication

$۱k-$2k

Official Fix

CVE-2021-25458

۴.۳

Samsung ION driver null pointer dereference

$۰-$۱k

Official Fix

CVE-2021-25449

۶.۰

Samsung libsapeextractor heap-based overflow

$۲k-$5k

Official Fix

CVE-2021-25455

۴.۳

Samsung libsaviextractor.so Library AVI File out-of-bounds read

$۰-$۱k

Official Fix

CVE-2021-25456

۵.۴

Samsung libswmfextractor WMF File out-of-bounds read

$۰-$۱k

Official Fix

CVE-2021-25451

۳.۳

Samsung NetworkPolicyManagerService Pendingetent improper authentication

$۰-$۱k

Official Fix

CVE-2021-25462

۴.۳

Samsung NPU Driver null pointer dereference

$۰-$۱k

Official Fix

CVE-2021-25463

۴.۷

Samsung PENUP Webview access control

$۱k-$2k

Official Fix

CVE-2021-25464

۳.۳

Samsung SamsungCapture File Management information disclosure

$۰-$۱k

Official Fix

CVE-2021-25465

۴.۳

Samsung Themes Scheme input validation

$۱k-$2k

Official Fix

CVE-2021-38339

۵.۲

Simple Matted Thumbnails Plugin simple-matted-thumbnail.php cross site scripting

$۰-$۱k

Official Fix

CVE-2021-38340

۵.۲

Simple Shop Plugin Parameter add_product.php cross site scripting

$۰-$۱k

Official Fix

CVE-2021-38320

۵.۲

simpleSAMLphp Authentication Plugin simplesamlphp-authentication.php cross site scripting

$۰-$۱k

Official Fix

CVE-2021-24588

۳.۵

SMS Alert Order Notifications Plugin Setting Page cross site scripting

$۰-$۱k

Official Fix

CVE-2021-38357

۵.۲

SMS OVH Plugin Parameter sms-ovh-sent.php cross site scripting

$۰-$۱k

Official Fix

CVE-2021-38840

۶.۳

SourceCodester Simple Water Refilling Station Management System Login.php sql injection

$۱k-$2k

Not Defined

CVE-2021-38841

۶.۳

SourceCodester Simple Water Refilling Station Management System system_info SystemSettings.php update_settings Privilege Escalation

$۲k-$5k

Not Defined

CVE-2021-40532

۵.۵

Telegram Web K Alpha Document Extension Privilege Escalation

$۲k-$5k

Official Fix

CVE-2021-20118

۴.۷

Tenable Nessus Agent access control

$۱k-$2k

Not Defined

CVE-2021-20117

۴.۷

Tenable Nessus Agent access control

$۱k-$2k

Not Defined

CVE-2021-36744

۶.۳

Trend Micro Security Privilege Escalation

$۱۰k-$25k

Not Defined

CVE-2021-35268

۴.۱

Tuxera ntfs-3g Inode Loader ntfs_inode_real_open heap-based overflow

$۰-$۱k

Official Fix

CVE-2021-33289

۴.۱

Tuxera ntfs-3g MFT Section heap-based overflow

$۰-$۱k

Official Fix

CVE-2021-33287

۴.۱

Tuxera ntfs-3g NTFS Attribute ntfs_attr_pread_i heap-based overflow

$۰-$۱k

Official Fix

CVE-2021-35269

۴.۱

Tuxera ntfs-3g NTFS Attribute ntfs_attr_setup_flag heap-based overflow

$۰-$۱k

Official Fix

CVE-2021-33285

۴.۱

Tuxera ntfs-3g NTFS Attribute ntfs_get_attribute_value heap-based overflow

$۰-$۱k

Official Fix

CVE-2021-39255

۲.۱

Tuxera ntfs-3g NTFS Image ntfs_attr_find_in_attrdef out-of-bounds read

$۰-$۱k

Official Fix

CVE-2021-39257

۲.۱

Tuxera ntfs-3g NTFS Image ntfs_attr_pwrite infinite loop

$۰-$۱k

Official Fix

CVE-2021-39254

۴.۱

Tuxera ntfs-3g NTFS Image ntfs_attr_record_resize integer overflow

$۰-$۱k

Official Fix

CVE-2021-39261

۴.۱

Tuxera ntfs-3g NTFS Image ntfs_compressed_pwrite heap-based overflow

$۰-$۱k

Official Fix

CVE-2021-39262

۲.۱

Tuxera ntfs-3g NTFS Image ntfs_decompress out-of-bounds read

$۰-$۱k

Official Fix

CVE-2021-39251

۱.۹

Tuxera ntfs-3g NTFS Image ntfs_extent_inode_open null pointer dereference

$۰-$۱k

Official Fix

CVE-2021-39258

۲.۱

Tuxera ntfs-3g NTFS Image ntfs_external_attr_find out-of-bounds read

$۰-$۱k

Official Fix

CVE-2021-39263

۴.۱

Tuxera ntfs-3g NTFS Image ntfs_get_attribute_value heap-based overflow

$۰-$۱k

Official Fix

CVE-2021-39252

۲.۱

Tuxera ntfs-3g NTFS Image ntfs_ie_lookup out-of-bounds read

$۰-$۱k

Official Fix

CVE-2021-39256

۴.۱

Tuxera ntfs-3g NTFS Image ntfs_inode_lookup_by_name heap-based overflow

$۰-$۱k

Official Fix

CVE-2021-39259

۲.۱

Tuxera ntfs-3g NTFS Image ntfs_inode_lookup_by_name out-of-bounds read

$۰-$۱k

Official Fix

CVE-2021-39260

۲.۱

Tuxera ntfs-3g NTFS Image ntfs_inode_sync_standard_information out-of-bounds read

$۰-$۱k

Official Fix

CVE-2021-39253

۲.۱

Tuxera ntfs-3g NTFS Image ntfs_runlists_merge_i out-of-bounds read

$۰-$۱k

Official Fix

CVE-2021-35266

۴.۱

Tuxera ntfs-3g NTFS Inode Pathname heap-based overflow

$۰-$۱k

Official Fix

CVE-2021-35267

۴.۱

Tuxera ntfs-3g stack-based overflow

$۰-$۱k

Official Fix

CVE-2021-33286

۴.۱

Tuxera ntfs-3g Unicode String heap-based overflow

$۰-$۱k

Official Fix

CVE-2021-38355

۶.۱

WordPress Bug Library Plugin Parameter bug-library.php cross site scripting

$۰-$۱k

Official Fix

CVE-2021-39201

۵.۵

WordPress Editor cross site scripting

$۲k-$5k

Official Fix

CVE-2021-39203

۴.۹

WordPress Private Post information disclosure

$۵k-$10k

Official Fix

CVE-2021-38325

۵.۲

WordPress User Activation Email Plugin user-activation-email.php cross site scripting

$۰-$۱k

Official Fix

CVE-2021-39202

۵.۵

WordPress Widget Editor cross site scripting

$۲k-$5k

Official Fix

CVE-2021-39200

۴.۵

WordPress wp_die information disclosure

$۵k-$10k

Official Fix

CVE-2021-38360

۸.۳

WordPress wp-publications Plugin Archive bibtexbrowser.php path traversal

$۲k-$5k

Official Fix

CVE-2021-38316

۵.۲

WP Academic People List Plugin Parameter admin-panel.php cross site scripting

$۰-$۱k

Official Fix

CVE-2021-38334

۵.۲

WP Design Maps & Places Plugin Parameter wpdmp-admin.php cross site scripting

$۰-$۱k

Official Fix

CVE-2021-36870

۳.۹

WP Google Maps Plugin cross site scripting

$۰-$۱k

Not Defined

CVE-2021-36871

۳.۹

WP Google Maps Pro Premium Plugin cross site scripting

$۰-$۱k

Not Defined

CVE-2021-38333

۵.۲

WP Scrippets Plugin wp-scrippets.php cross site scripting

$۰-$۱k

Official Fix

CVE-2021-24601

۲.۴

WPFront Notification Bar Plugin cross site scripting

$۰-$۱k

Official Fix

CVE-2021-34143

۲.۱

Zhuhai Jieli AC6366C Bluetooth Classic deadlock

$۰-$۱k

Not Defined

CVE-2021-34144

۴.۳

Zhuhai Jieli AC6366C BT SDK Bluetooth Classic BrakTooth denial of service

$۰-$۱k

Not Defined

CVE-2021-31612

۲.۱

Zhuhai Jieli AC690X Bluetooth Classic BrakTooth deadlock

$۰-$۱k

Not Defined

CVE-2021-31611

۴.۳

Zhuhai Jieli AC690X/AC692X Bluetooth Classic BrakTooth deadlock

$۰-$۱k

Not Defined

CVE-2021-31613

۲.۱

Zhuhai Jieli AC690X/AC692X Bluetooth Classic BrakTooth denial of service

$۰-$۱k

Not Defined

CVE-2021-37422

۶.۳

Zoho ManageEngine ADSelfService Plus Database Linking sql injection

$۱k-$2k

Official Fix

CVE-2021-37423

۵.۵

Zoho ManageEngine ADSelfService Plus Linked Application Privilege Escalation

$۲k-$5k

Official Fix

CVE-2021-40539

۷.۳

Zoho ManageEngine ADSelfService Plus REST API improper authentication

$۱k-$2k

Not Defined

CVE-2021-37414

۶.۳

Zoho ManageEngine DesktopCentral API Key improper authentication

$۱k-$2k

Not Defined