info[at]nsec.ir
(+۹۸)-۳۱-۳۳۹۱۵۳۳۶

آسیب‌پذیری‌های حیاتی هفته اول خردادماه

این هفته آسیب‌پذیری‌های «حیاتی» و «پرخطر» بسیاری در محصولات مهم  Apple و Cisco گزارش و وصله‌ها و به‌روزرسانی‌هایی به منظور رفع آن‌ها ارائه شد.  همچنین در  محصولات شرکت‌های Red Hat، HPE، Telegram، Siemens، IBM،  Foxit  و کرنل لینوکس چندین آسیب‌پذیری «حیاتی» و «پرخطر» وجود داشت.

لیست این آسیب‌پذیری‌ها به‌همراه سطح خطر آن‌ها در جدول زیر آمده است.

 

شناسه آسیب‌پذیری

امتیاز مبنا

عنوان آسیب‌پذیری

ارزش روز صفر

رفع آسیب‌پذیری

CVE-2020-9452

۶.۳

Acronis True Image anti_ransomware_service.exe permission

$۲k-$5k

Not Defined

CVE-2020-9451

۶.۳

Acronis True Image anti_ransomware_service.exe permission

$۲k-$5k

Not Defined

CVE-2020-9450

۵.۵

Acronis True Image REST API anti_ransomware_service.exe access control

$۱k-$2k

Not Defined

CVE-2020-10145

۶.۳

Adobe ColdFusion Installer access control

$۵k-$10k

Not Defined

CVE-2021-20178

۳.۵

Ansible bitbucket_pipeline_variable Module log file

$۰-$۱k

Official Fix

CVE-2021-20191

۳.۵

Ansible Console Log log file

$۰-$۱k

Official Fix

CVE-2020-10729

۳.۵

Ansible Engine Template Caching random values

$۰-$۱k

Official Fix

CVE-2020-14329

۳.۵

Ansible Tower Endpoint information disclosure

$۰-$۱k

Official Fix

CVE-2020-10698

۳.۵

Ansible Tower Job information disclosure

$۰-$۱k

Official Fix

CVE-2020-10709

۶.۳

Ansible Tower OAuth2 Authentication improper authentication

$۱k-$2k

Official Fix

CVE-2020-10697

۳.۵

Ansible Tower Openshift resource consumption

$۰-$۱k

Official Fix

CVE-2020-14328

۵.۵

Ansible Tower server-side request forgery

$۱k-$2k

Official Fix

CVE-2020-14327

۵.۵

Ansible Tower server-side request forgery

$۱k-$2k

Official Fix

CVE-2020-17514

۵.۰

Apache Fineract configureClient certificate validation

$۵k-$10k

Official Fix

CVE-2021-22160

۵.۰

Apache Pulsar JWT signature verification

$۵k-$10k

Not Defined

CVE-2021-23937

۳.۵

Apache Wicket WebClientInfo infinite loop

$۲k-$5k

Not Defined

CVE-2021-30693

۶.۳

Apple iOS/iPadOS Model I/O behavioral workflow

$۵۰k-$100k

Official Fix

CVE-2021-30709

۴.۳

Apple iOS/iPadOS Model I/O information disclosure

$۲۵k-$50k

Official Fix

CVE-2021-30708

۶.۳

Apple iOS/iPadOS Model I/O out-of-bounds read

$۲۵k-$50k

Official Fix

CVE-2021-30695

۴.۳

Apple iOS/iPadOS Model I/O out-of-bounds read

$۲۵k-$50k

Official Fix

CVE-2021-30699

۲.۴

Apple iOS/iPadOS Notes state issue

$۵k-$10k

Official Fix

CVE-2021-30737

۶.۳

Apple iOS/iPadOS Security memory corruption

$۱۰۰k and more

Official Fix

CVE-2021-30720

۶.۳

Apple iOS/iPadOS WebKit access control

$۵۰k-$100k

Official Fix

CVE-2021-30689

۴.۳

Apple iOS/iPadOS WebKit cross site scripting

$۲۵k-$50k

Official Fix

CVE-2021-30744

۴.۳

Apple iOS/iPadOS WebKit cross site scripting

$۲۵k-$50k

Official Fix

CVE-2021-30682

۳.۳

Apple iOS/iPadOS WebKit information disclosure

$۱۰k-$25k

Official Fix

CVE-2021-30734

۶.۳

Apple iOS/iPadOS WebKit memory corruption

$۱۰۰k and more

Official Fix

CVE-2021-30749

۶.۳

Apple iOS/iPadOS WebKit memory corruption

$۱۰۰k and more

Official Fix

CVE-2021-21779

۶.۳

Apple iOS/iPadOS WebKit use after free

$۱۰۰k and more

Official Fix

CVE-2021-30698

۴.۳

Apple iOS/iPadOS WebRTC null pointer dereference

$۲۵k-$50k

Official Fix

CVE-2021-23841

۵.۱

Apple iOS/iPadOS WebRTC null pointer dereference

$۲۵k-$50k

Official Fix

CVE-2021-30667

۳.۵

Apple iOS/iPadOS Wi-Fi inadequate encryption

$۱۰k-$25k

Official Fix

CVE-2021-30747

۸.۸

Apple M1 Register s3_5_c15_c10_1 M1RACLES access control

$۱۰k-$25k

Not Defined

CVE-2021-30676

۵.۳

Apple macOS AMD state issue

$۵k-$10k

Official Fix

CVE-2021-30678

۶.۳

Apple macOS AMD state issue

$۱۰k-$25k

Official Fix

CVE-2021-30688

۵.۳

Apple macOS App Store path traversal

$۵k-$10k

Official Fix

CVE-2021-30669

۵.۳

Apple macOS AppleScript state issue

$۵k-$10k

Official Fix

CVE-2021-30685

۴.۳

Apple macOS Audio information disclosure

$۵k-$10k

Official Fix

CVE-2021-30707

۶.۳

Apple macOS Audio Remote Code Execution

$۱۰k-$25k

Official Fix

CVE-2021-30681

۷.۸

Apple macOS Core Services symlink

$۱۰k-$25k

Official Fix

CVE-2021-30686

۴.۳

Apple macOS CoreAudio out-of-bounds read

$۵k-$10k

Official Fix

CVE-2021-30727

۴.۴

Apple macOS Crash Reporter state issue

$۵k-$10k

Official Fix

CVE-2021-30724

۵.۳

Apple macOS CVMS Local Privilege Escalation

$۵k-$10k

Official Fix

CVE-2021-30673

۳.۳

Apple macOS Dock access control

$۵k-$10k

Official Fix

CVE-2021-30735

۷.۸

Apple macOS Graphics Drivers out-of-bounds write

$۱۰k-$25k

Official Fix

CVE-2021-30684

۶.۳

Apple macOS Graphics Drivers state issue

$۱۰k-$25k

Official Fix

CVE-2021-30710

۵.۳

Apple macOS Heimdal memory corruption

$۵k-$10k

Official Fix

CVE-2021-30697

۳.۳

Apple macOS Heimdal state issue

$۵k-$10k

Official Fix

CVE-2021-30683

۵.۳

Apple macOS Heimdal use after free

$۵k-$10k

Official Fix

CVE-2021-30705

۴.۳

Apple macOS ImageIO information disclosure

$۵k-$10k

Official Fix

CVE-2021-30700

۴.۳

Apple macOS ImageIO information disclosure

$۵k-$10k

Official Fix

CVE-2021-30687

۴.۳

Apple macOS ImageIO out-of-bounds read

$۵k-$10k

Official Fix

CVE-2021-30701

۶.۳

Apple macOS ImageIO Remote Code Execution

$۱۰k-$25k

Official Fix

CVE-2021-30719

۵.۳

Apple macOS Intel Graphics Driver out-of-bounds read

$۲k-$5k

Official Fix

CVE-2021-30726

۷.۸

Apple macOS Intel Graphics Driver out-of-bounds write

$۱۰k-$25k

Official Fix

CVE-2021-30728

۷.۸

Apple macOS Intel Graphics Driver out-of-bounds write

$۱۰k-$25k

Official Fix

CVE-2021-30736

۷.۸

Apple macOS Kernel buffer overflow

$۱۰k-$25k

Official Fix

CVE-2021-30740

۷.۸

Apple macOS Kernel Local Privilege Escalation

$۱۰k-$25k

Official Fix

CVE-2021-30739

۵.۳

Apple macOS Kernel memory corruption

$۵k-$10k

Official Fix

CVE-2021-30715

۴.۳

Apple macOS Kernel state issue

$۱۰k-$25k

Official Fix

CVE-2021-30704

۷.۸

Apple macOS Kernel state issue

$۱۰k-$25k

Official Fix

CVE-2021-30680

۵.۳

Apple macOS Kext Management state issue

$۵k-$10k

Official Fix

CVE-2021-30677

۵.۳

Apple macOS LaunchServices sandbox

$۵k-$10k

Official Fix

CVE-2021-30702

۴.۳

Apple macOS Login Window state issue

$۲k-$5k

Official Fix

CVE-2021-30696

۵.۰

Apple macOS Mail state issue

$۱۰k-$25k

Official Fix

CVE-2021-30693

۶.۳

Apple macOS Model I/O behavioral workflow

$۱۰k-$25k

Official Fix

CVE-2021-30709

۴.۳

Apple macOS Model I/O information disclosure

$۵k-$10k

Official Fix

CVE-2021-30694

۴.۳

Apple macOS Model I/O information disclosure

$۵k-$10k

Official Fix

CVE-2021-30692

۴.۳

Apple macOS Model I/O information disclosure

$۵k-$10k

Official Fix

CVE-2021-30691

۴.۳

Apple macOS Model I/O information disclosure

$۵k-$10k

Official Fix

CVE-2021-30723

۴.۳

Apple macOS Model I/O information disclosure

$۵k-$10k

Official Fix

CVE-2021-30725

۶.۳

Apple macOS Model I/O memory corruption

$۱۰k-$25k

Official Fix

CVE-2021-30708

۶.۳

Apple macOS Model I/O out-of-bounds read

$۵k-$10k

Official Fix

CVE-2021-30695

۴.۳

Apple macOS Model I/O out-of-bounds read

$۵k-$10k

Official Fix

CVE-2021-30746

۴.۳

Apple macOS Model I/O out-of-bounds read

$۵k-$10k

Official Fix

CVE-2021-30679

۵.۳

Apple macOS NSOpenPanel Local Privilege Escalation

$۵k-$10k

Official Fix

CVE-2020-36229

۵.۹

Apple macOS OpenLDAP denial of service

$۲k-$5k

Official Fix

CVE-2020-36230

۵.۹

Apple macOS OpenLDAP denial of service

$۲k-$5k

Official Fix

CVE-2020-36222

۵.۹

Apple macOS OpenLDAP denial of service

$۲k-$5k

Official Fix

CVE-2020-36228

۵.۹

Apple macOS OpenLDAP denial of service

$۲k-$5k

Official Fix

CVE-2020-36221

۵.۹

Apple macOS OpenLDAP denial of service

$۲k-$5k

Official Fix

CVE-2020-36225

۵.۹

Apple macOS OpenLDAP denial of service

$۲k-$5k

Official Fix

CVE-2020-36224

۵.۹

Apple macOS OpenLDAP denial of service

$۲k-$5k

Official Fix

CVE-2020-36223

۵.۹

Apple macOS OpenLDAP denial of service

$۲k-$5k

Official Fix

CVE-2020-36227

۵.۹

Apple macOS OpenLDAP denial of service

$۲k-$5k

Official Fix

CVE-2020-36226

۵.۹

Apple macOS OpenLDAP denial of service

$۲k-$5k

Official Fix

CVE-2021-30738

۴.۴

Apple macOS PackageKit unknown vulnerability

$۵k-$10k

Official Fix

CVE-2021-30737

۶.۳

Apple macOS Security memory corruption

$۱۰k-$25k

Official Fix

CVE-2021-30722

۳.۱

Apple macOS smbx information disclosure

$۵k-$10k

Official Fix

CVE-2021-30717

۵.۰

Apple macOS smbx memory corruption

$۱۰k-$25k

Official Fix

CVE-2021-30721

۳.۱

Apple macOS smbx path traversal

$۵k-$10k

Official Fix

CVE-2021-30712

۶.۳

Apple macOS smbx state issue

$۱۰k-$25k

Official Fix

CVE-2021-30716

۳.۱

Apple macOS smbx state issue

$۱۰k-$25k

Official Fix

CVE-2021-30668

۳.۹

Apple macOS Software Update access control

$۲k-$5k

Official Fix

CVE-2021-30718

۵.۴

Apple macOS SoftwareUpdate unknown vulnerability

$۱۰k-$25k

Official Fix

CVE-2021-30671

۵.۳

Apple macOS TCC behavioral workflow

$۵k-$10k

Official Fix

CVE-2021-30713

۵.۳

Apple macOS TCC permission

$۵k-$10k

Official Fix

CVE-2021-30689

۴.۳

Apple macOS WebKit cross site scripting

$۵k-$10k

Official Fix

CVE-2021-30744

۴.۳

Apple macOS WebKit cross site scripting

$۵k-$10k

Official Fix

CVE-2021-30682

۴.۳

Apple macOS WebKit information disclosure

$۵k-$10k

Official Fix

CVE-2021-30734

۶.۳

Apple macOS WebKit memory corruption

$۱۰k-$25k

Official Fix

CVE-2021-30749

۶.۳

Apple macOS WebKit memory corruption

$۱۰k-$25k

Official Fix

CVE-2021-30720

۶.۳

Apple macOS WebKit Remote Code Execution

$۱۰k-$25k

Official Fix

CVE-2021-21779

۶.۳

Apple macOS WebKit use after free

$۱۰k-$25k

Official Fix

CVE-2021-30698

۴.۳

Apple macOS WebRTC null pointer dereference

$۵k-$10k

Official Fix

CVE-2021-23841

۵.۱

Apple macOS WebRTC null pointer dereference

$۵k-$10k

Official Fix

CVE-2021-30689

۴.۳

Apple Safari WebKit cross site scripting

$۱۰k-$25k

Official Fix

CVE-2021-30744

۴.۳

Apple Safari WebKit cross site scripting

$۱۰k-$25k

Official Fix

CVE-2021-30682

۴.۳

Apple Safari WebKit information disclosure

$۱۰k-$25k

Official Fix

CVE-2021-30663

۶.۳

Apple Safari WebKit integer overflow

$۲۵k-$50k

Official Fix

CVE-2021-30734

۶.۳

Apple Safari WebKit memory corruption

$۲۵k-$50k

Official Fix

CVE-2021-30749

۶.۳

Apple Safari WebKit memory corruption

$۲۵k-$50k

Official Fix

CVE-2021-30720

۶.۳

Apple Safari WebKit Remote Code Execution

$۲۵k-$50k

Official Fix

CVE-2021-21779

۶.۳

Apple Safari WebKit use after free

$۲۵k-$50k

Official Fix

CVE-2021-30698

۴.۳

Apple Safari WebRTC null pointer dereference

$۱۰k-$25k

Official Fix

CVE-2021-23841

۵.۱

Apple Safari WebRTC null pointer dereference

$۱۰k-$25k

Official Fix

CVE-2021-30685

۴.۳

Apple tvOS Audio information disclosure

$۲k-$5k

Official Fix

CVE-2021-30707

۶.۳

Apple tvOS Audio Remote Code Execution

$۵k-$10k

Official Fix

CVE-2021-30686

۴.۳

Apple tvOS CoreAudio out-of-bounds read

$۲k-$5k

Official Fix

CVE-2021-30727

۴.۴

Apple tvOS Crash Reporter state issue

$۲k-$5k

Official Fix

CVE-2021-30724

۵.۳

Apple tvOS CVMS Local Privilege Escalation

$۲k-$5k

Official Fix

CVE-2021-30710

۵.۳

Apple tvOS Heimdal memory corruption

$۲k-$5k

Official Fix

CVE-2021-30697

۳.۳

Apple tvOS Heimdal state issue

$۲k-$5k

Official Fix

CVE-2021-30705

۴.۳

Apple tvOS ImageIO information disclosure

$۲k-$5k

Official Fix

CVE-2021-30700

۴.۳

Apple tvOS ImageIO information disclosure

$۲k-$5k

Official Fix

CVE-2021-30687

۴.۳

Apple tvOS ImageIO out-of-bounds read

$۲k-$5k

Official Fix

CVE-2021-30701

۶.۳

Apple tvOS ImageIO Remote Code Execution

$۵k-$10k

Official Fix

CVE-2021-30736

۷.۸

Apple tvOS Kernel buffer overflow

$۵k-$10k

Official Fix

CVE-2021-30740

۷.۸

Apple tvOS Kernel Local Privilege Escalation

$۵k-$10k

Official Fix

CVE-2021-30715

۴.۳

Apple tvOS Kernel state issue

$۵k-$10k

Official Fix

CVE-2021-30704

۷.۸

Apple tvOS Kernel state issue

$۵k-$10k

Official Fix

CVE-2021-30677

۵.۳

Apple tvOS LaunchServices sandbox

$۲k-$5k

Official Fix

CVE-2021-30737

۶.۳

Apple tvOS Security memory corruption

$۵k-$10k

Official Fix

CVE-2021-30689

۴.۳

Apple tvOS WebKit cross site scripting

$۲k-$5k

Official Fix

CVE-2021-30744

۴.۳

Apple tvOS WebKit cross site scripting

$۲k-$5k

Official Fix

CVE-2021-30682

۴.۳

Apple tvOS WebKit information disclosure

$۲k-$5k

Official Fix

CVE-2021-30663

۶.۳

Apple tvOS WebKit integer overflow

$۵k-$10k

Official Fix

CVE-2021-30734

۶.۳

Apple tvOS WebKit memory corruption

$۵k-$10k

Official Fix

CVE-2021-30749

۶.۳

Apple tvOS WebKit memory corruption

$۵k-$10k

Official Fix

CVE-2021-30665

۶.۳

Apple tvOS WebKit memory corruption

$۵k-$10k

Official Fix

CVE-2021-30720

۶.۳

Apple tvOS WebKit Remote Code Execution

$۵k-$10k

Official Fix

CVE-2021-21779

۶.۳

Apple tvOS WebKit use after free

$۵k-$10k

Official Fix

CVE-2021-30685

۴.۳

Apple watchOS Audio information disclosure

$۲k-$5k

Official Fix

CVE-2021-30707

۶.۳

Apple watchOS Audio Remote Code Execution

$۵k-$10k

Official Fix

CVE-2021-30681

۷.۸

Apple watchOS Core Services symlink

$۵k-$10k

Official Fix

CVE-2021-30686

۴.۳

Apple watchOS CoreAudio out-of-bounds read

$۲k-$5k

Official Fix

CVE-2021-30727

۴.۴

Apple watchOS Crash Reporter state issue

$۲k-$5k

Official Fix

CVE-2021-30724

۵.۳

Apple watchOS CVMS Local Privilege Escalation

$۲k-$5k

Official Fix

CVE-2021-30710

۵.۳

Apple watchOS Heimdal memory corruption

$۲k-$5k

Official Fix

CVE-2021-30697

۳.۳

Apple watchOS Heimdal state issue

$۲k-$5k

Official Fix

CVE-2021-30705

۴.۳

Apple watchOS ImageIO information disclosure

$۲k-$5k

Official Fix

CVE-2021-30700

۴.۳

Apple watchOS ImageIO information disclosure

$۲k-$5k

Official Fix

CVE-2021-30687

۴.۳

Apple watchOS ImageIO out-of-bounds read

$۲k-$5k

Official Fix

CVE-2021-30701

۶.۳

Apple watchOS ImageIO Remote Code Execution

$۵k-$10k

Official Fix

CVE-2021-30736

۷.۸

Apple watchOS Kernel buffer overflow

$۵k-$10k

Official Fix

CVE-2021-30715

۴.۳

Apple watchOS Kernel denial of service

$۲k-$5k

Official Fix

CVE-2021-30740

۷.۸

Apple watchOS Kernel Local Privilege Escalation

$۵k-$10k

Official Fix

CVE-2021-30704

۷.۸

Apple watchOS Kernel state issue

$۵k-$10k

Official Fix

CVE-2021-30677

۵.۳

Apple watchOS LaunchServices sandbox

$۲k-$5k

Official Fix

CVE-2021-30737

۶.۳

Apple watchOS Security memory corruption

$۵k-$10k

Official Fix

CVE-2021-30689

۴.۳

Apple watchOS WebKit cross site scripting

$۲k-$5k

Official Fix

CVE-2021-30744

۴.۳

Apple watchOS WebKit cross site scripting

$۲k-$5k

Official Fix

CVE-2021-30682

۳.۳

Apple watchOS WebKit information disclosure

$۱k-$2k

Official Fix

CVE-2021-30734

۶.۳

Apple watchOS WebKit memory corruption

$۵k-$10k

Official Fix

CVE-2021-30749

۶.۳

Apple watchOS WebKit memory corruption

$۵k-$10k

Official Fix

CVE-2021-30720

۶.۳

Apple watchOS WebKit Remote Code Execution

$۵k-$10k

Official Fix

CVE-2021-21779

۶.۳

Apple watchOS WebKit use after free

$۵k-$10k

Official Fix

CVE-2021-29256

۸.۰

ARM Mali GPU Kernel Driver memory corruption

$۲k-$5k

Official Fix

CVE-2021-27562

۵.۷

ARM Trusted Firmware-M NSPE Handler Mode denial of service

$۰-$۱k

Official Fix

CVE-2021-29415

۲.۶

ARM TrustZone CryptoCell 310 NordicSemiconductor nRF52840 information disclosure

$۰-$۱k

Not Defined

CVE-2021-32540

۳.۵

Baijia 101EIP System Announcement cross site scripting

$۰-$۱k

Not Defined

CVE-2021-32539

۳.۵

Baijia 101EIP System cross site scripting

$۰-$۱k

Not Defined

CVE-2020-15279

۴.۰

BitDefender Endpoint Security Tools Logging access control

$۲k-$5k

Official Fix

CVE-2021-3423

۷.۸

Bitdefender GravityZone Business Security DLL Loader uncontrolled search path

$۲k-$5k

Official Fix

CVE-2020-26558

۳.۱

Bluetooth Core LE/BR/EDR channel accessible

$۱k-$2k

Not Defined

CVE-2020-26555

۳.۱

Bluetooth Core Peer authentication spoofing

$۱k-$2k

Not Defined

CVE-2020-26560

۳.۱

Bluetooth Mesh Mesh Provisioning improper authentication

$۱k-$2k

Not Defined

CVE-2020-26556

۳.۷

Bluetooth Mesh Mesh Provisioning improper authentication

$۱k-$2k

Not Defined

CVE-2020-26557

۳.۱

Bluetooth Mesh Mesh Provisioning random values

$۰-$۱k

Not Defined

CVE-2020-26559

۳.۱

Bluetooth Mesh Public Key improper authentication

$۱k-$2k

Not Defined

CVE-2017-17677

۵.۵

BMC Remedy BIRT Template unknown vulnerability

$۲k-$5k

Official Fix

CVE-2017-17678

۳.۵

BMC Remedy Mid Tier Legacy Utility cross site scripting

$۰-$۱k

Official Fix

CVE-2017-17675

۷.۳

BMC Remedy Mid Tier Logging Remote Code Execution

$۲k-$5k

Official Fix

CVE-2017-17674

۶.۳

BMC Remedy Mid Tier unknown vulnerability

$۲k-$5k

Official Fix

CVE-2021-31324

۸.۸

CentOS Web Panel command injection

$۲k-$5k

Not Defined

CVE-2021-31316

۸.۸

CentOS Web Panel POST Parameter sql injection

$۲k-$5k

Not Defined

CVE-2020-18392

۴.۳

Cesanta MJS File parse_array stack-based overflow

$۰-$۵k

Not Defined

CVE-2020-36367

۴.۳

Cesanta MJS File parse_block stack-based overflow

$۰-$۵k

Not Defined

CVE-2020-36366

۴.۳

Cesanta MJS File parse_value stack-based overflow

$۰-$۵k

Not Defined

CVE-2020-36374

۴.۳

Cesanta MJS parse_comparison stack-based overflow

$۰-$۵k

Not Defined

CVE-2020-36375

۴.۳

Cesanta MJS parse_equality stack-based overflow

$۰-$۵k

Not Defined

CVE-2020-36371

۴.۳

Cesanta MJS parse_mul_div_rem stack-based overflow

$۰-$۵k

Not Defined

CVE-2020-36372

۴.۳

Cesanta MJS parse_plus_minus stack-based overflow

$۰-$۵k

Not Defined

CVE-2020-36373

۴.۳

Cesanta MJS parse_shifts stack-based overflow

$۰-$۵k

Not Defined

CVE-2020-36368

۴.۳

Cesanta MJS parse_statement stack-based overflow

$۰-$۵k

Not Defined

CVE-2020-36369

۴.۳

Cesanta MJS parse_statement_list stack-based overflow

$۰-$۵k

Not Defined

CVE-2020-36370

۴.۳

Cesanta MJS parse_unary stack-based overflow

$۰-$۵k

Not Defined

CVE-2021-1558

۶.۰

Cisco DNA Spaces Connector CLI os command injection

$۵k-$25k

Official Fix

CVE-2021-1557

۶.۰

Cisco DNA Spaces Connector CLI os command injection

$۵k-$25k

Official Fix

CVE-2021-1558

۶.۷

Cisco DNA Spaces Connector CLI os command injection

$۱۰k-$25k

Official Fix

CVE-2021-1557

۶.۷

Cisco DNA Spaces Connector CLI os command injection

$۱۰k-$25k

Official Fix

CVE-2021-1560

۶.۵

Cisco DNA Spaces Connector os command injection

$۵k-$25k

Official Fix

CVE-2021-1559

۶.۵

Cisco DNA Spaces Connector os command injection

$۵k-$25k

Official Fix

CVE-2021-1560

۷.۲

Cisco DNA Spaces Connector os command injection

$۱۰k-$25k

Official Fix

CVE-2021-1559

۷.۲

Cisco DNA Spaces Connector os command injection

$۱۰k-$25k

Official Fix

CVE-2021-1306

۴.۴

Cisco Evolved Programmable Network CLI file inclusion

$۵k-$25k

Official Fix

CVE-2021-1306

۳.۴

Cisco Evolved Programmable Network CLI file inclusion

$۵k-$10k

Official Fix

CVE-2021-1254

۴.۸

Cisco Finesse Web-based Management Interface cross site scripting

$۰-$۵k

Official Fix

CVE-2021-1254

۴.۸

Cisco Finesse Web-based Management Interface cross site scripting

$۲k-$5k

Official Fix

CVE-2021-1358

۴.۷

Cisco Finesse Web-based Management Interface redirect

$۵k-$25k

Official Fix

CVE-2021-1358

۶.۱

Cisco Finesse Web-based Management Interface redirect

$۱۰k-$25k

Official Fix

CVE-2021-1531

۸.۸

Cisco Modeling Labs HTTP Request argument injection

$۵k-$25k

Official Fix

CVE-2021-1531

۸.۸

Cisco Modeling Labs HTTP Request argument injection

$۱۰k-$25k

Official Fix

CVE-2021-1487

۸.۸

Cisco Prime Infrastructure Web-based Management Interface os command injection

$۵k-$25k

Official Fix

CVE-2021-1487

۸.۸

Cisco Prime Infrastructure Web-based Management Interface os command injection

$۱۰k-$25k

Official Fix

CVE-2021-1555

۴.۷

Cisco Small Business Web-based Management Interface command injection

$۵k-$25k

Official Fix

CVE-2021-1554

۴.۷

Cisco Small Business Web-based Management Interface command injection

$۵k-$25k

Official Fix

CVE-2021-1553

۴.۷

Cisco Small Business Web-based Management Interface command injection

$۵k-$25k

Official Fix

CVE-2021-1552

۴.۷

Cisco Small Business Web-based Management Interface command injection

$۵k-$25k

Official Fix

CVE-2021-1551

۴.۷

Cisco Small Business Web-based Management Interface command injection

$۵k-$25k

Official Fix

CVE-2021-1550

۴.۷

Cisco Small Business Web-based Management Interface command injection

$۵k-$25k

Official Fix

CVE-2021-1549

۴.۷

Cisco Small Business Web-based Management Interface command injection

$۵k-$25k

Official Fix

CVE-2021-1548

۴.۷

Cisco Small Business Web-based Management Interface command injection

$۵k-$25k

Official Fix

CVE-2021-1547

۴.۷

Cisco Small Business Web-based Management Interface command injection

$۵k-$25k

Official Fix

CVE-2021-1555

۷.۲

Cisco Small Business Web-based Management Interface command injection

$۱۰k-$25k

Official Fix

CVE-2021-1554

۷.۲

Cisco Small Business Web-based Management Interface command injection

$۱۰k-$25k

Official Fix

CVE-2021-1553

۷.۲

Cisco Small Business Web-based Management Interface command injection

$۱۰k-$25k

Official Fix

CVE-2021-1552

۷.۲

Cisco Small Business Web-based Management Interface command injection

$۱۰k-$25k

Official Fix

CVE-2021-1551

۷.۲

Cisco Small Business Web-based Management Interface command injection

$۱۰k-$25k

Official Fix

CVE-2021-1550

۷.۲

Cisco Small Business Web-based Management Interface command injection

$۱۰k-$25k

Official Fix

CVE-2021-1549

۷.۲

Cisco Small Business Web-based Management Interface command injection

$۱۰k-$25k

Official Fix

CVE-2021-1548

۷.۲

Cisco Small Business Web-based Management Interface command injection

$۱۰k-$25k

Official Fix

CVE-2021-1547

۷.۲

Cisco Small Business Web-based Management Interface command injection

$۱۰k-$25k

Official Fix

CVE-2021-22891

۷.۳

Citrix ShareFile Storage Zones Controller authorization

$۱۰k-$25k

Official Fix

CVE-2021-22907

۵.۵

Citrix Workspace App access control

$۱۰k-$25k

Official Fix

CVE-2020-24993

۳.۵

CmsWing Article Module cross site scripting

$۰-$۱k

Not Defined

CVE-2020-24992

۳.۵

CmsWing cross site scripting

$۰-$۱k

Not Defined

CVE-2021-30192

۷.۶

CODESYS authorization

$۱k-$2k

Official Fix

CVE-2021-30186

۶.۵

CODESYS heap-based overflow

$۲k-$5k

Official Fix

CVE-2021-30187

۵.۴

CODESYS os command injection

$۱k-$2k

Official Fix

CVE-2021-30195

۶.۵

CODESYS Runtime System input validation

$۱k-$2k

Official Fix

CVE-2021-30188

۷.۶

CODESYS stack-based overflow

$۲k-$5k

Official Fix

CVE-2021-30190

۷.۶

CODESYS Web Server access control

$۱k-$2k

Official Fix

CVE-2021-30191

۶.۵

CODESYS Web Server buffer overflow

$۲k-$5k

Official Fix

CVE-2021-30194

۶.۳

CODESYS Web Server out-of-bounds read

$۰-$۱k

Official Fix

CVE-2021-30193

۷.۶

CODESYS Web Server out-of-bounds write

$۲k-$5k

Official Fix

CVE-2021-30189

۷.۶

CODESYS Web-Server stack-based overflow

$۲k-$5k

Official Fix

CVE-2021-31158

۶.۳

Couchbase Server Common Table Expression Query permission

$۲k-$5k

Official Fix

CVE-2021-25644

۴.۳

Couchbase Server REST API debug.log log file

$۱k-$2k

Not Defined

CVE-2021-27924

۳.۱

Couchbase Server UI log file

$۰-$۱k

Not Defined

CVE-2021-27925

۲.۷

Couchbase Server View Engine/Auditing log file

$۰-$۱k

Not Defined

CVE-2021-21549

۴.۳

Dell EMC XtremIO XMS cross-site request forgery

$۵k-$25k

Official Fix

CVE-2021-21549

۸.۸

Dell EMC XtremIO XMS cross-site request forgery

$۵k-$10k

Official Fix

CVE-2021-21552

۵.۳

Dell Wyse Windows Embedded System authorization

$۵k-$25k

Not Defined

CVE-2021-21552

۵.۳

Dell Wyse Windows Embedded System authorization

$۵k-$10k

Not Defined

CVE-2021-22668

۶.۳

Delta Industrial Automation CNCSoft ScreenEditor Project File out-of-bounds read

$۱k-$2k

Official Fix

CVE-2021-27342

۳.۱

D-Link DIR-842 protection mechanism

$۱۰k-$25k

Not Defined

CVE-2021-32614

۵.۵

dmg2img fill_mishblk out-of-bounds read

$۰-$۱k

Not Defined

CVE-2021-3548

۵.۵

dmg2img memcpy out-of-bounds read

$۰-$۱k

Not Defined

CVE-2021-28112

۶.۳

Draeger X-Dock Debug Port access control

$۲k-$5k

Official Fix

CVE-2021-28111

۷.۳

Draeger X-Dock hard-coded credentials

$۱k-$2k

Official Fix

CVE-2021-27457

۳.۱

Emerson Rosemount X-STREAM Gas Analyzer inadequate encryption

$۰-$۱k

Not Defined

CVE-2021-27463

۴.۳

Emerson Rosemount X-STREAM Gas Analyzer Session Cookie information disclosure

$۱k-$2k

Not Defined

CVE-2021-27467

۴.۹

Emerson Rosemount X-STREAM Gas Analyzer Web Interface improper restriction of rendered ui layers

$۱k-$2k

Not Defined

CVE-2021-27465

۳.۵

Emerson Rosemount X-STREAM Gas Analyzer Webpage cross site scripting

$۰-$۱k

Not Defined

CVE-2021-27461

۵.۵

Emerson Rosemount X-STREAM Gas Analyzer Webserver path traversal

$۱k-$2k

Not Defined

CVE-2021-27459

۵.۵

Emerson Rosemount X-STREAM Gas Analyzer Webserver unrestricted upload

$۱k-$2k

Not Defined

CVE-2021-32634

۵.۰

Emissary REST Endpoint WorkSpaceClientEnqueueAction.java deserialization

$۲k-$5k

Official Fix

CVE-2021-29258

۶.۳

Envoy HTTP2 Metadata assertion

$۲k-$5k

Official Fix

CVE-2021-28682

۶.۳

Envoy integer overflow

$۲k-$5k

Official Fix

CVE-2021-28683

۴.۳

Envoy TLS null pointer dereference

$۰-$۱k

Not Defined

CVE-2008-2544

۴.۲

Fedora Linux chroot Command proc access control

$۲k-$5k

Not Defined

CVE-2020-23851

۴.۳

ffjpeg JPEG Image jfif.c jfif_decode denial of service

$۰-$۱k

Not Defined

CVE-2020-23852

۴.۳

ffjpeg JPEG Image jfif.c jfif_decode heap-based overflow

$۲k-$5k

Not Defined

CVE-2020-20446

۵.۴

FFmpeg aacpsy.c divide by zero

$۰-$۱k

Not Defined

CVE-2020-22030

۶.۳

FFmpeg af_afade.c crossfade_samples_fltp heap-based overflow

$۲k-$5k

Not Defined

CVE-2020-22026

۴.۳

FFmpeg af_tremolo.c config_input buffer overflow

$۲k-$5k

Not Defined

CVE-2020-20450

۵.۵

FFmpeg aviobuf.c null pointer dereference

$۰-$۱k

Not Defined

CVE-2020-20451

۴.۳

FFmpeg cmdutils.c denial of service

$۰-$۱k

Not Defined

CVE-2020-24020

۶.۳

FFmpeg dnn_backend_native_layer_pad.c dnn_execute_layer_pad buffer overflow

$۲k-$5k

Official Fix

CVE-2020-22017

۶.۳

FFmpeg drawutils.c ff_fill_rectangle heap-based overflow

$۲k-$5k

Not Defined

CVE-2020-20453

۵.۴

FFmpeg libavcodec/aaccoder divide by zero

$۰-$۱k

Not Defined

CVE-2020-20445

۵.۴

FFmpeg lpc.h denial of service

$۰-$۱k

Not Defined

CVE-2020-22016

۶.۳

FFmpeg MOV File get_bits.h heap-based overflow

$۲k-$5k

Not Defined

CVE-2020-22015

۶.۳

FFmpeg movenc.c mov_write_video_tag buffer overflow

$۲k-$5k

Not Defined

CVE-2020-21041

۴.۳

FFmpeg pngenc.c apng_do_inverse_blend buffer overflow

$۲k-$5k

Not Defined

CVE-2020-20448

۵.۴

FFmpeg ratecontrol.c divide by zero

$۰-$۱k

Not Defined

CVE-2020-22028

۴.۳

FFmpeg vf_avgblur.c filter_vertically_8 buffer overflow

$۲k-$5k

Not Defined

CVE-2020-22023

۶.۳

FFmpeg vf_bitplanenoise.c filter_frame heap-based overflow

$۲k-$5k

Not Defined

CVE-2020-22029

۶.۳

FFmpeg vf_colorconstancy.c: slice_get_derivative heap-based overflow

$۲k-$5k

Official Fix

CVE-2020-22025

۶.۳

FFmpeg vf_edgedetect.c gaussian_blur heap-based overflow

$۲k-$5k

Not Defined

CVE-2020-22032

۶.۳

FFmpeg vf_edgedetect.c gaussian_blur heap-based overflow

$۲k-$5k

Not Defined

CVE-2020-22020

۴.۳

FFmpeg vf_fieldmatch.c build_diff_map buffer overflow

$۲k-$5k

Official Fix

CVE-2020-22022

۶.۳

FFmpeg vf_fieldorder.c filter_frame heap-based overflow

$۲k-$5k

Not Defined

CVE-2020-22034

۶.۳

FFmpeg vf_floodfill.c heap-based overflow

$۲k-$5k

Not Defined

CVE-2020-22024

۴.۳

FFmpeg vf_lagfun.c lagfun_frame16 buffer overflow

$۲k-$5k

Not Defined

CVE-2020-22027

۶.۳

FFmpeg vf_neighbor.c deflate16 heap-based overflow

$۲k-$5k

Not Defined

CVE-2020-22019

۴.۳

FFmpeg vf_vmafmotion.c convolution_y_10bit buffer overflow

$۲k-$5k

Not Defined

CVE-2020-22033

۶.۳

FFmpeg vf_vmafmotion.c convolution_y_8bit heap-based overflow

$۲k-$5k

Not Defined

CVE-2020-22031

۶.۳

FFmpeg vf_w3fdif.c filter16_complex_low heap-based overflow

$۲k-$5k

Not Defined

CVE-2020-22021

۴.۳

FFmpeg vf_yadif.c filter_edges buffer overflow

$۲k-$5k

Not Defined

CVE-2021-31473

۷.۸

Foxit Reader browseForDoc out-of-bounds write

$۲k-$5k

Not Defined

CVE-2021-29629

۳.۵

FreeBSD libradius denial of service

$۲k-$5k

Official Fix

CVE-2021-29628

۵.۵

FreeBSD System Call unknown vulnerability

$۱۰k-$25k

Official Fix

CVE-2021-31702

۳.۵

Frontier ichris HTTP Host Header denial of service

$۰-$۵k

Not Defined

CVE-2021-31703

۵.۵

Frontier ichris unrestricted upload

$۰-$۵k

Not Defined

CVE-2020-21053

۳.۵

FusionPBX device_imports.php query_string cross site scripting

$۰-$۱k

Official Fix

CVE-2020-21055

۵.۵

FusionPBX filerename.php pathname traversal

$۱k-$2k

Official Fix

CVE-2020-21057

۶.۳

FusionPBX folderdelete.php pathname traversal

$۱k-$2k

Official Fix

CVE-2020-21056

۶.۳

FusionPBX foldernew.php pathname traversal

$۱k-$2k

Official Fix

CVE-2020-21054

۳.۵

FusionPBX vars_textarea.php cross site scripting

$۰-$۱k

Official Fix

CVE-2021-32638

۴.۴

GitHub CodeQL Action information disclosure

$۰-$۱k

Official Fix

CVE-2021-3486

۳.۵

GLPI Metadata cross site scripting

$۰-$۱k

Not Defined

CVE-2016-20011

۷.۳

GNOME libgrss SoupSessionSync certificate validation

$۱k-$2k

Not Defined

CVE-2021-3549

۵.۵

GNU Binutils objdump avr_elf32_load_records_from_section out-of-bounds read

$۰-$۱k

Not Defined

CVE-2021-33574

۵.۵

GNU C Library mq_notify use after free

$۲k-$5k

Not Defined

CVE-2020-23856

۳.۵

GNU cflow parser.c call use after free

$۱k-$2k

Not Defined

CVE-2020-21830

۵.۵

GNU LibreDWG bits.c bit_calc_CRC heap-based overflow

$۲k-$5k

Not Defined

CVE-2020-21841

۵.۵

GNU LibreDWG bits.c bit_read_B heap-based overflow

$۲k-$5k

Not Defined

CVE-2020-21843

۵.۵

GNU LibreDWG bits.c bit_read_RC heap-based overflow

$۲k-$5k

Not Defined

CVE-2020-21840

۵.۵

GNU LibreDWG bits.c bit_search_sentinel heap-based overflow

$۲k-$5k

Not Defined

CVE-2020-21839

۳.۵

GNU LibreDWG decode.c dwg_decode_eed memory leak

$۰-$۱k

Not Defined

CVE-2020-21832

۵.۵

GNU LibreDWG decode.c read_2004_compressed_section heap-based overflow

$۲k-$5k

Not Defined

CVE-2020-21827

۵.۵

GNU LibreDWG decode.c read_2004_compressed_section heap-based overflow

$۲k-$5k

Not Defined

CVE-2020-21835

۳.۵

GNU LibreDWG decode.c read_2004_compressed_section null pointer dereference

$۰-$۱k

Not Defined

CVE-2020-21838

۵.۵

GNU LibreDWG decode.c read_2004_section_appinfo heap-based overflow

$۲k-$5k

Not Defined

CVE-2020-21833

۵.۵

GNU LibreDWG decode.c read_2004_section_classes heap-based overflow

$۲k-$5k

Not Defined

CVE-2020-21831

۵.۵

GNU LibreDWG decode.c read_2004_section_handles heap-based overflow

$۲k-$5k

Not Defined

CVE-2020-21844

۶.۳

GNU LibreDWG decode.c read_2004_section_header memory corruption

$۲k-$5k

Not Defined

CVE-2020-21836

۵.۵

GNU LibreDWG decode.c read_2004_section_preview heap-based overflow

$۲k-$5k

Not Defined

CVE-2020-21842

۵.۵

GNU LibreDWG decode.c read_2004_section_revhistory heap-based overflow

$۲k-$5k

Not Defined

CVE-2020-23861

۴.۳

GNU LibreDWG DWG File decode_r2007.c read_system_page heap-based overflow

$۲k-$5k

Not Defined

CVE-2020-21813

۵.۵

GNU LibreDWG dwg2SVG.c output_TEXT heap-based overflow

$۲k-$5k

Not Defined

CVE-2020-21815

۳.۵

GNU LibreDWG dwg2SVG.c output_TEXT null pointer dereference

$۰-$۱k

Not Defined

CVE-2020-21834

۳.۵

GNU LibreDWG dwgbmp.c get_bmp null pointer dereference

$۰-$۱k

Not Defined

CVE-2020-21814

۵.۵

GNU LibreDWG escape.c heap-based overflow

$۲k-$5k

Not Defined

CVE-2020-21818

۵.۵

GNU LibreDWG escape.c htmlescape heap-based overflow

$۲k-$5k

Not Defined

CVE-2020-21816

۵.۵

GNU LibreDWG escape.c htmlescape heap-based overflow

$۲k-$5k

Not Defined

CVE-2020-21817

۳.۵

GNU LibreDWG escape.c htmlescape null pointer dereference

$۰-$۱k

Not Defined

CVE-2020-21819

۵.۵

GNU LibreDWG htmlescape escape.c heap-based overflow

$۲k-$5k

Not Defined

CVE-2021-33194

۳.۵

Google Go html ParseFragment infinite loop

$۲k-$5k

Not Defined

CVE-2021-31525

۳.۷

Google Go nethttp ReadResponse denial of service

$۵k-$10k

Official Fix

CVE-2021-32542

۴.۳

Harvest Information CTS Web Trading System cross site scripting

$۰-$۱k

Not Defined

CVE-2021-32541

۵.۳

Harvest Information CTS Web Trading System user session

$۲k-$5k

Official Fix

CVE-2021-32543

۶.۳

Harvest Information CTS Web Transaction System improper authentication

$۱k-$2k

Not Defined

CVE-2020-24396

۴.۳

homee Brain Cube Firmware Image cleartext storage

$۰-$۱k

Not Defined

CVE-2020-24395

۶.۶

homee Brain Cube USB Firmware Update Local Privilege Escalation

$۱k-$2k

Not Defined

CVE-2021-22733

۵.۵

homeLYnk/spaceLYnk privileges management

$۱k-$2k

Not Defined

CVE-2021-22732

۵.۵

homeLYnk/spaceLYnk Web Server privileges management

$۱k-$2k

Not Defined

CVE-2021-3438

۵.۵

HP LaserJet Software Driver buffer overflow

$۱۰k-$25k

Not Defined

CVE-2021-29202

۵.۳

HPE SimpliVity 325 buffer overflow

$۵k-$10k

Official Fix

CVE-2021-29211

۳.۵

HPE SimpliVity 325 cross site scripting

$۵k-$10k

Official Fix

CVE-2021-29210

۳.۵

HPE SimpliVity 325 cross site scripting

$۵k-$10k

Official Fix

CVE-2021-29209

۳.۵

HPE SimpliVity 325 cross site scripting

$۵k-$10k

Official Fix

CVE-2021-29208

۳.۵

HPE SimpliVity 325 cross site scripting

$۵k-$10k

Official Fix

CVE-2021-29207

۳.۵

HPE SimpliVity 325 cross site scripting

$۵k-$10k

Official Fix

CVE-2021-29206

۳.۵

HPE SimpliVity 325 cross site scripting

$۵k-$10k

Official Fix

CVE-2021-29205

۳.۵

HPE SimpliVity 325 cross site scripting

$۵k-$10k

Official Fix

CVE-2021-29204

۳.۵

HPE SimpliVity 325 cross site scripting

$۵k-$10k

Official Fix

CVE-2021-29201

۳.۵

HPE SimpliVity 325 cross site scripting

$۵k-$10k

Official Fix

CVE-2021-22362

۵.۵

Huawei CloudEngine 12800 out-of-bounds write

$۱۰k-$25k

Not Defined

CVE-2021-22358

۵.۵

Huawei FusionCompute input validation

$۱۰k-$25k

Not Defined

CVE-2021-22409

۲.۶

Huawei ManageOne Module denial of service

$۲k-$5k

Not Defined

CVE-2021-22339

۳.۵

Huawei ManageOne Verification denial of service

$۲k-$5k

Not Defined

CVE-2021-22364

۳.۵

Huawei Mate 30 denial of service

$۲k-$5k

Not Defined

CVE-2021-22359

۳.۵

Huawei S5700/S6700 Message denial of service

$۲k-$5k

Not Defined

CVE-2021-22411

۵.۵

Huawei Secospace USG9500 out-of-bounds write

$۱۰k-$25k

Not Defined

CVE-2021-22360

۵.۳

Huawei USG9500 resource consumption

$۵k-$10k

Not Defined

CVE-2021-20486

۵.۳

IBM Cloud Pak for Data Plugin information disclosure

$۵k-$10k

Not Defined

CVE-2020-4765

۳.۳

IBM Cloud Pak for Multicloud Management Web Page Storage information disclosure

$۲k-$5k

Official Fix

CVE-2021-20529

۵.۳

IBM Control Center Version Information information disclosure

$۵k-$10k

Not Defined

CVE-2021-20528

۳.۵

IBM Control Center Web UI cross site scripting

$۲k-$5k

Not Defined

CVE-2019-4588

۷.۴

IBM DB2 DLL uncontrolled search path

$۵k-$10k

Not Defined

CVE-2020-4839

۴.۹

IBM Host firmware for LC-class Systems Firmware stack-based overflow

$۱۰k-$25k

Not Defined

CVE-2021-29695

۴.۹

IBM Host firmware for LC-class Systems URL Request pathname traversal

$۱۰k-$25k

Not Defined

CVE-2021-29747

۵.۳

IBM InfoSphere Information Server Authentication Mechanism information disclosure

$۵k-$10k

Not Defined

CVE-2021-29681

۳.۷

IBM InfoSphere Information Server Query injection

$۵k-$25k

Not Defined

CVE-2021-29681

۵.۳

IBM InfoSphere Information Server Query injection

$۱۰k-$25k

Not Defined

CVE-2021-20374

۴.۳

IBM Maximo Asset Management Web UI cross site scripting

$۵k-$10k

Not Defined

CVE-2020-4669

۷.۳

IBM Planning Analytics MongoDB Server improper authentication

$۱۰k-$25k

Not Defined

CVE-2020-4670

۷.۳

IBM Planning Analytics Redis Server improper authentication

$۱۰k-$25k

Not Defined

CVE-2021-20487

۸.۰

IBM Power9 Self Boot Engine Firmware signature verification

$۱۰k-$25k

Not Defined

CVE-2021-29686

۶.۳

IBM Security Identity Manager access control

$۱۰k-$25k

Not Defined

CVE-2021-29683

۳.۱

IBM Security Identity Manager cleartext storage

$۲k-$5k

Not Defined

CVE-2021-29692

۳.۷

IBM Security Identity Manager cleartext transmission

$۵k-$10k

Not Defined

CVE-2021-29682

۵.۳

IBM Security Identity Manager Error Message information exposure

$۵k-$10k

Not Defined

CVE-2021-29691

۳.۷

IBM Security Identity Manager hard-coded credentials

$۵k-$10k

Not Defined

CVE-2021-29688

۵.۳

IBM Security Identity Manager information exposure

$۵k-$10k

Not Defined

CVE-2021-29687

۳.۷

IBM Security Identity Manager information exposure

$۵k-$10k

Not Defined

CVE-2021-29708

۶.۷

IBM Spectrum Scale GUI Pod Container access control

$۲k-$5k

Not Defined

CVE-2020-4850

۴.۳

IBM Spectrum Scale Transparent Cloud Tiering information disclosure

$۵k-$10k

Not Defined

CVE-2020-4646

۴.۳

IBM Sterling B2B Integrator Standard Edition improper authorization

$۱۰k-$25k

Not Defined

CVE-2021-20492

۶.۵

IBM WebSphere Application Server XML Data xml external entity reference

$۱۰k-$25k

Not Defined

CVE-2021-32403

۳.۵

Intelbras RF 301K cross-site request forgery

$۰-$۱k

Not Defined

CVE-2021-32402

۳.۵

Intelbras RF 301K cross-site request forgery

$۰-$۱k

Not Defined

CVE-2021-29023

۲.۶

InvoicePlane Password Reset password recovery

$۱k-$2k

Not Defined

CVE-2021-29024

۴.۳

InvoicePlane Web Server information disclosure

$۱k-$2k

Workaround

CVE-2021-26033

۶.۵

Joomla CMS AJAX Reordering Endpoint cross-site request forgery

$۲k-$5k

Not Defined

CVE-2021-26032

۶.۱

Joomla CMS canUpload cross site scripting

$۲k-$5k

Not Defined

CVE-2021-26034

۶.۵

Joomla CMS Data Download Endpoint cross-site request forgery

$۲k-$5k

Not Defined

CVE-2020-27826

۴.۶

KeyCloak Account REST API unnecessary privileges

$۱k-$2k

Official Fix

CVE-2021-20195

۳.۵

Keycloak cross site scripting

$۰-$۱k

Official Fix

CVE-2021-20720

۶.۳

KonaWiki2 sql injection

$۱k-$2k

Official Fix

CVE-2021-20721

۶.۳

KonaWiki2 unrestricted upload

$۲k-$5k

Official Fix

CVE-2021-30498

۵.۵

libcaca export.c export_tga memory corruption

$۲k-$5k

Not Defined

CVE-2021-30499

۵.۵

libcaca export.c export_troff buffer overflow

$۲k-$5k

Not Defined

CVE-2020-10701

۵.۵

libvirt API authorization

$۱k-$2k

Official Fix

CVE-2020-14301

۳.۵

libvirt Cookie information disclosure

$۰-$۱k

Official Fix

CVE-2018-25010

۳.۵

libwebp ApplyFilter out-of-bounds read

$۰-$۵k

Official Fix

CVE-2018-25010

۳.۵

libwebp ApplyFilter out-of-bounds read

$۰-$۱k

Official Fix

CVE-2020-36331

۳.۵

libwebp ChunkAssignData out-of-bounds read

$۰-$۵k

Official Fix

CVE-2020-36331

۶.۳

libwebp ChunkAssignData out-of-bounds read

$۰-$۱k

Official Fix

CVE-2020-36330

۳.۵

libwebp ChunkVerifyAndAssign out-of-bounds read

$۰-$۵k

Official Fix

CVE-2020-36330

۶.۳

libwebp ChunkVerifyAndAssign out-of-bounds read

$۰-$۱k

Official Fix

CVE-2018-25011

۵.۵

libwebp PutLE16 heap-based overflow

$۰-$۵k

Official Fix

CVE-2018-25011

۵.۵

libwebp PutLE16 heap-based overflow

$۲k-$5k

Official Fix

CVE-2018-25014

۵.۵

libwebp ReadSymbol uninitialized resource

$۰-$۵k

Official Fix

CVE-2018-25014

۵.۵

libwebp ReadSymbol uninitialized resource

$۲k-$5k

Official Fix

CVE-2020-36332

۳.۵

libwebp resource consumption

$۰-$۵k

Official Fix

CVE-2020-36332

۵.۵

libwebp resource consumption

$۰-$۱k

Official Fix

CVE-2018-25013

۳.۵

libwebp ShiftBytes out-of-bounds read

$۰-$۵k

Official Fix

CVE-2018-25013

۳.۵

libwebp ShiftBytes out-of-bounds read

$۰-$۱k

Official Fix

CVE-2020-36329

۵.۵

libwebp Thread use after free

$۰-$۵k

Official Fix

CVE-2020-36329

۵.۵

libwebp Thread use after free

$۲k-$5k

Official Fix

CVE-2020-36328

۵.۵

libwebp WebPDecodeRGBInto heap-based overflow

$۰-$۵k

Official Fix

CVE-2020-36328

۵.۵

libwebp WebPDecodeRGBInto heap-based overflow

$۲k-$5k

Official Fix

CVE-2018-25012

۳.۵

libwebp WebPMuxCreateInternal out-of-bounds read

$۰-$۵k

Official Fix

CVE-2018-25009

۳.۵

libwebp WebPMuxCreateInternal out-of-bounds read

$۰-$۵k

Official Fix

CVE-2018-25012

۳.۵

libwebp WebPMuxCreateInternal out-of-bounds read

$۰-$۱k

Official Fix

CVE-2018-25009

۳.۵

libwebp WebPMuxCreateInternal out-of-bounds read

$۰-$۱k

Official Fix

CVE-2021-3541

۳.۵

libxml2 Entity Expansion denial of service

$۰-$۱k

Official Fix

CVE-2021-3518

۶.۳

libxml2 use after free

$۲k-$5k

Official Fix

CVE-2021-3517

۴.۳

libxml2 XML Entity Encoding out-of-bounds read

$۱k-$2k

Official Fix

CVE-2021-28904

۳.۵

libyang ext_get_plugin denial of service

$۰-$۱k

Not Defined

CVE-2021-28905

۵.۵

libyang lys_node_free assertion

$۲k-$5k

Not Defined

CVE-2021-28903

۳.۵

libyang lyxml_parse_mem denial of service

$۰-$۱k

Not Defined

CVE-2021-28902

۳.۵

libyang read_yin_container denial of service

$۰-$۱k

Not Defined

CVE-2021-28906

۳.۵

libyang read_yin_leaf denial of service

$۰-$۱k

Not Defined

CVE-2021-29041

۴.۳

Liferay DXP Multi-Factor Authentication Module denial of service

$۰-$۱k

Official Fix

CVE-2021-29039

۳.۵

Liferay Portal cross site scripting

$۰-$۱k

Not Defined

CVE-2021-29051

۳.۵

Liferay Portal/DXP Asset Module cross site scripting

$۰-$۱k

Official Fix

CVE-2021-29046

۳.۵

Liferay Portal/DXP Asset Module cross site scripting

$۰-$۱k

Official Fix

CVE-2021-29053

۶.۳

Liferay Portal/DXP CommerceChannelRelFinder.countByC_C sql injection

$۱k-$2k

Official Fix

CVE-2021-29052

۴.۳

Liferay Portal/DXP Data Engine Module permission

$۲k-$5k

Official Fix

CVE-2021-29040

۴.۳

Liferay Portal/DXP JSON Web Services information exposure

$۱k-$2k

Official Fix

CVE-2021-29048

۳.۵

Liferay Portal/DXP Layout Module cross site scripting

$۰-$۱k

Official Fix

CVE-2021-29044

۳.۵

Liferay Portal/DXP Membership Request Administration Page cross site scripting

$۰-$۱k

Official Fix

CVE-2021-29045

۳.۵

Liferay Portal/DXP Redirect module cross site scripting

$۰-$۱k

Official Fix

CVE-2021-29047

۳.۷

Liferay Portal/DXP SimpleCaptcha improper authentication

$۱k-$2k

Official Fix

CVE-2021-29043

۳.۷

Liferay Portal/DXP Store Module cleartext transmission

$۰-$۱k

Official Fix

CVE-2021-20239

۴.۳

Linux Kernel BPF information disclosure

$۵k-$10k

Official Fix

CVE-2021-31440

۸.۸

Linux Kernel eBPF calculation

$۲۵k-$50k

Official Fix

CVE-2020-25668

۵.۵

Linux Kernel Global Variable con_font_op use after free

$۱۰k-$25k

Official Fix

CVE-2020-27815

۷.۶

Linux Kernel JFS Filesystem memory corruption

$۱۰k-$25k

Official Fix

CVE-2021-22543

۷.۷

Linux Kernel KVM memory corruption

$۱۰k-$25k

Official Fix

CVE-2020-25670

۵.۵

Linux Kernel llcp_sock_bind use after free

$۱۰k-$25k

Not Defined

CVE-2020-25672

۷.۵

Linux Kernel llcp_sock_connect memory leak

$۲k-$5k

Official Fix

CVE-2020-25671

۵.۵

Linux Kernel llcp_sock_connect use after free

$۱۰k-$25k

Not Defined

CVE-2021-3483

۵.۵

Linux Kernel Nosy Driver use after free

$۱۰k-$25k

Official Fix

CVE-2021-20292

۷.۲

Linux Kernel Nouveau DRM Subsystem nouveau_sgdma.c nouveau_sgdma_create_ttm use after free

$۱۰k-$25k

Official Fix

CVE-2021-20177

۵.۷

Linux Kernel Packet out-of-bounds read

$۵k-$10k

Official Fix

CVE-2020-25673

۴.۸

Linux Kernel Sockets llcp_sock_connect resource consumption

$۲k-$5k

Not Defined

CVE-2020-25669

۵.۵

Linux Kernel sunkbd_reinit use after free

$۱۰k-$25k

Official Fix

CVE-2020-10774

۴.۳

Linux Kernel sysctl Subsystem rh_features uninitialized pointer

$۵k-$10k

Official Fix

CVE-2021-33200

۸.۸

Linux Kernel verifier.c alu_limit out-of-bounds write

$۲۵k-$50k

Not Defined

CVE-2021-31727

۶.۳

MalwareFox AntiMalware zam64.sys access control

$۲k-$5k

Not Defined

CVE-2021-31728

۸.۸

MalwareFox AntiMalware zam64.sys access control

$۲k-$5k

Not Defined

CVE-2020-15180

۶.۳

MariaDB mysql-wsrep wsrep_sst_method command injection

$۲k-$5k

Official Fix

CVE-2021-22519

۶.۳

Micro Focus SiteScope Remote Privilege Escalation

$۰-$۵k

Not Defined

CVE-2020-20220

۴.۳

MikroTik RouterOS bfd null pointer dereference

$۰-$۱k

Official Fix

CVE-2020-20227

۴.۳

MikroTik RouterOS diskd memory corruption

$۲k-$5k

Not Defined

CVE-2020-20266

۴.۳

MikroTik RouterOS dot1x null pointer dereference

$۰-$۱k

Official Fix

CVE-2020-20253

۶.۵

MikroTik RouterOS lcdstat divide by zero

$۰-$۱k

Official Fix

CVE-2020-20254

۶.۵

MikroTik RouterOS lcdstat null pointer dereference

$۰-$۱k

Official Fix

CVE-2020-20245

۴.۳

MikroTik RouterOS Log Process memory corruption

$۲k-$5k

Not Defined

CVE-2020-20246

۴.۳

MikroTik RouterOS memory corruption

$۲k-$5k

Not Defined

CVE-2020-20264

۴.۳

MikroTik RouterOS netwatch divide by zero

$۰-$۱k

Official Fix

CVE-2020-20214

۶.۵

MikroTik RouterOS Packet denial of service

$۰-$۱k

Workaround

CVE-2020-20237

۴.۳

MikroTik RouterOS sniffer memory corruption

$۲k-$5k

Not Defined

CVE-2020-20236

۴.۳

MikroTik RouterOS sniffer memory corruption

$۲k-$5k

Not Defined

CVE-2020-20222

۴.۳

MikroTik RouterOS sniffer null pointer dereference

$۰-$۱k

Not Defined

CVE-2021-20589

۵.۳

Mitsubishi Electric GOT2000 Packet buffer overflow

$۲k-$5k

Official Fix

CVE-2007-5967

۶.۳

Mozilla GTK Widget Certificate EmbedCertificates.cpp certificate validation

$۵k-$10k

Not Defined

CVE-2020-12403

۳.۵

Mozilla Network Security Services CHACHA20-POLY1305 out-of-bounds read

$۲k-$5k

Official Fix

CVE-2021-33514

۸.۸

Netgear GC108P setup.cgi os command injection

$۵k-$25k

Official Fix

CVE-2021-33514

۹.۸

Netgear GC108P setup.cgi os command injection

$۱۰k-$25k

Official Fix

CVE-2021-27434

۵.۵

OPC Foundation OPC UA Client/Server SDK Bundle Recursion stack-based overflow

$۲k-$5k

Not Defined

CVE-2021-27432

۵.۵

OPC Foundation UA .NET Standard/UA .NET Legacy Recursion stack-based overflow

$۲k-$5k

Official Fix

CVE-2020-25710

۴.۳

OpenLDAP Packet csnNormalize23 assertion

$۰-$۱k

Official Fix

CVE-2020-20178

۳.۵

OpenLDAP slapd assertion

$۰-$۱k

Not Defined

CVE-2021-25935

۳.۵

OpenNMS Horizon/Meridian add cross site scripting

$۰-$۱k

Official Fix

CVE-2021-25934

۳.۵

OpenNMS Horizon/Meridian createRequisitionedNode cross site scripting

$۰-$۱k

Official Fix

CVE-2021-25929

۳.۵

OpenNMS Horizon/OpenNMS Meridian cross site scripting

$۰-$۱k

Official Fix

CVE-2021-25930

۳.۵

OpenNMS Horizon/OpenNMS Meridian cross-site request forgery

$۰-$۱k

Official Fix

CVE-2021-25931

۳.۵

OpenNMS Horizon/OpenNMS Meridian updateUser cross-site request forgery

$۰-$۱k

Official Fix

CVE-2021-25933

۳.۵

OpenNMS Horizon/OpenNMS Meridian validateFormInput cross site scripting

$۰-$۱k

Official Fix

CVE-2021-33425

۳.۵

OpenWRT LuCI Hostname cross site scripting

$۰-$۱k

Not Defined

CVE-2021-27821

۳.۵

OpenWRT LuCI Web Interface cross site scripting

$۰-$۱k

Not Defined

CVE-2021-33470

۶.۳

PHPGurukul COVID19 Testing Management System Admin Panel sql injection

$۱k-$2k

Not Defined

CVE-2021-33469

۳.۵

PHPGurukul COVID19 Testing Management System Parameter cross site scripting

$۰-$۱k

Not Defined

CVE-2020-18230

۳.۵

PHPMyWind web_config.php&amp cross site scripting

$۰-$۱k

Not Defined

CVE-2020-18229

۳.۵

PHPMyWind web_config.php&amp cross site scripting

$۰-$۱k

Not Defined

CVE-2021-33508

۳.۵

Plone Content Item cross site scripting

$۰-$۵k

Not Defined

CVE-2021-33508

۴.۴

Plone Content Item cross site scripting

$۰-$۱k

Not Defined

CVE-2021-33510

۴.۳

Plone Event ical URL server-side request forgery

$۰-$۵k

Not Defined

CVE-2021-33510

۴.۳

Plone Event ical URL server-side request forgery

$۲k-$5k

Not Defined

CVE-2021-33511

۵.۵

Plone lxml Parser server-side request forgery

$۰-$۵k

Not Defined

CVE-2021-33511

۶.۵

Plone lxml Parser server-side request forgery

$۱k-$2k

Not Defined

CVE-2021-33513

۳.۵

Plone Products.CMFDiffTool inline_diff cross site scripting

$۰-$۵k

Not Defined

CVE-2021-33513

۴.۴

Plone Products.CMFDiffTool inline_diff cross site scripting

$۰-$۱k

Not Defined

CVE-2021-33509

۶.۳

Plone Python Script Remote Privilege Escalation

$۰-$۵k

Official Fix

CVE-2021-33509

۶.۳

Plone Python Script Remote Privilege Escalation

$۲k-$5k

Official Fix

CVE-2021-33512

۳.۵

Plone Upload cross site scripting

$۰-$۵k

Not Defined

CVE-2021-33512

۴.۴

Plone Upload cross site scripting

$۰-$۱k

Not Defined

CVE-2020-20951

۶.۳

Pluck Admin Background unrestricted upload

$۲k-$5k

Not Defined

CVE-2020-18198

۳.۵

Pluck CMS cross-site request forgery

$۰-$۱k

Not Defined

CVE-2020-18195

۳.۵

Pluck CMS cross-site request forgery

$۰-$۱k

Not Defined

CVE-2020-24740

۳.۵

Pluck cross-site request forgery

$۰-$۱k

Not Defined

CVE-2021-30469

۴.۳

PoDoFo PDF File Clear use after free

$۲k-$5k

Not Defined

CVE-2021-30472

۶.۳

PoDoFo PdfEncrypt.cpp ComputeOwnerKey stack-based overflow

$۲k-$5k

Not Defined

CVE-2021-30471

۶.۳

PoDoFo PdfNamesTree.cpp AddToDictionary stack-based overflow

$۲k-$5k

Not Defined

CVE-2021-30470

۶.۳

PoDoFo ReadDataType stack-based overflow

$۲k-$5k

Not Defined

CVE-2021-22900

۴.۷

Pulse Secure Pulse Connect Secure Administrator Web Interface unrestricted upload

$۱k-$2k

Official Fix

CVE-2021-22908

۸.۸

Pulse Secure Pulse Connect Secure File Resource Profiles buffer overflow

$۲k-$5k

Official Fix

CVE-2021-22894

۸.۸

Pulse Secure Pulse Connect Secure Meeting Room buffer overflow

$۲k-$5k

Official Fix

CVE-2021-22899

۶.۳

Pulse Secure Pulse Connect Secure Windows Resource Profiles Feature command injection

$۲k-$5k

Official Fix

CVE-2021-3426

۳.۵

Python pydoc information disclosure

$۰-$۱k

Official Fix

CVE-2020-35506

۵.۵

QEMU am53c974 SCSI Host Bus Adapter Emulation CMD_TI denial of service

$۲k-$5k

Official Fix

CVE-2020-35505

۳.۵

QEMU am53c974 SCSI Host Bus Adapter Emulation denial of service

$۲k-$5k

Official Fix

CVE-2021-20196

۳.۵

QEMU Floppy Drive Emulator null pointer dereference

$۲k-$5k

Not Defined

CVE-2020-35504

۳.۵

QEMU SCSI Emulation Support null pointer dereference

$۲k-$5k

Official Fix

CVE-2021-3527

۳.۵

QEMU USB Redirector Device allocation of resources

$۲k-$5k

Official Fix

CVE-2021-28798

۶.۳

QNAP QTS/QuTS Hero path traversal

$۱k-$2k

Official Fix

CVE-2020-25634

۴.۳

Red Hat 3scale API Docs URL information disclosure

$۵k-$10k

Official Fix

CVE-2021-3509

۳.۵

Red Hat Ceph Storage Dashboard cross site scripting

$۲k-$5k

Official Fix

CVE-2021-3524

۵.۵

Red Hat Ceph Storage RadosGW CORS ExposeHeader Tag injection

$۱۰k-$25k

Official Fix

CVE-2021-3531

۳.۵

Red Hat Ceph Storage RGW GET Request denial of service

$۲k-$5k

Official Fix

CVE-2020-1702

۳.۵

Red Hat containers-image resource consumption

$۲k-$5k

Official Fix

CVE-2021-20297

۳.۵

Red Hat NetworkManager Settings denial of service

$۲k-$5k

Official Fix

CVE-2020-27831

۵.۵

Red Hat Quay Authorization Token access control

$۱۰k-$25k

Not Defined

CVE-2020-27832

۳.۵

Red Hat Quay Notification cross site scripting

$۲k-$5k

Not Defined

CVE-2018-10866

۵.۴

Red Hat redhat-certification authorization

$۱۰k-$25k

Not Defined

CVE-2018-10867

۵.۴

Red Hat redhat-certification results file access

$۱۰k-$25k

Not Defined

CVE-2018-10863

۳.۵

Red Hat redhat-certification rhcert-transfer file access

$۵k-$10k

Not Defined

CVE-2018-10865

۴.۳

Red Hat redhat-certification Service Port 8009 authorization

$۱۰k-$25k

Not Defined

CVE-2018-10868

۴.۳

Red Hat redhat-certification XML Document xml entity expansion

$۱۰k-$25k

Not Defined

CVE-2020-10695

۶.۳

Red Hat redhat-sso-7 passwd privileges assignment

$۱۰k-$25k

Not Defined

CVE-2021-3421

۵.۰

Red Hat RPM RPM Package signature verification

$۵k-$10k

Official Fix

CVE-2021-3536

۳.۵

Red Hat WildFly Domain Mode cross site scripting

$۲k-$5k

Official Fix

CVE-2020-25724

۳.۵

RESTEasy information disclosure

$۰-$۱k

Official Fix

CVE-2020-10688

۳.۵

RESTEasy RESTEASY003870 Exception cross site scripting

$۰-$۱k

Official Fix

CVE-2021-22892

۳.۵

Rocket.Chat Server Email Address information disclosure

$۰-$۱k

Official Fix

CVE-2021-22911

۷.۳

Rocket.Chat Server NoSQL sql injection

$۲k-$5k

Not Defined

CVE-2021-29252

۳.۵

RSA Archer cross site scripting

$۲k-$5k

Official Fix

CVE-2021-29253

۲.۹

RSA Archer Tableau cleartext storage

$۲k-$5k

Not Defined

CVE-2021-22741

۲.۶

Schneider Electric EcoStruxure Geo SCADA Expert 2020 unknown vulnerability

$۰-$۱k

Not Defined

CVE-2021-22740

۳.۵

Schneider Electric homeLYnk/spaceLYnk File Upload information disclosure

$۰-$۱k

Not Defined

CVE-2021-22739

۳.۵

Schneider Electric homeLYnk/spaceLYnk information disclosure

$۰-$۱k

Not Defined

CVE-2021-22737

۳.۱

Schneider Electric homeLYnk/spaceLYnk insufficiently protected credentials

$۱k-$2k

Not Defined

CVE-2021-22736

۵.۵

Schneider Electric homeLYnk/spaceLYnk path traversal

$۱k-$2k

Not Defined

CVE-2021-22738

۳.۱

Schneider Electric homeLYnk/spaceLYnk risky encryption

$۰-$۱k

Not Defined

CVE-2021-22735

۶.۳

Schneider Electric homeLYnk/spaceLYnk signature verification

$۱k-$2k

Not Defined

CVE-2021-22734

۶.۳

Schneider Electric homeLYnk/spaceLYnk signature verification

$۱k-$2k

Not Defined

CVE-2021-22699

۳.۵

Schneider Electric Modicon M241/Modicon M251 HTTP denial of service

$۰-$۱k

Official Fix

CVE-2021-22731

۶.۳

Schneider Electric Modicon Managed Switch MCSESM password recovery

$۲k-$5k

Not Defined

CVE-2021-22747

۵.۵

Schneider Electric Triconex Model 3009 MP TriStation Packet unusual condition

$۱k-$2k

Not Defined

CVE-2021-22746

۵.۵

Schneider Electric Triconex Model 3009 MP TriStation Packet unusual condition

$۱k-$2k

Not Defined

CVE-2021-22745

۵.۵

Schneider Electric Triconex Model 3009 MP TriStation Packet unusual condition

$۱k-$2k

Not Defined

CVE-2021-22744

۵.۵

Schneider Electric Triconex Model 3009 MP TriStation Packet unusual condition

$۱k-$2k

Not Defined

CVE-2021-22742

۵.۵

Schneider Electric Triconex Model 3009 MP unusual condition

$۱k-$2k

Not Defined

CVE-2021-22743

۵.۵

Schneider Electric Triconex TCM 4351B unusual condition

$۱k-$2k

Not Defined

CVE-2021-33562

۳.۵

Shopizer insert-product-name-here.html cross site scripting

$۰-$۱k

Official Fix

CVE-2021-33561

۳.۵

Shopizer list.html cross site scripting

$۰-$۱k

Official Fix

CVE-2021-27492

۴.۳

Siemens Luxion KeyShot 3DXML File Parser xml external entity reference

$۵k-$10k

Not Defined

CVE-2021-27488

۵.۵

Siemens Luxion KeyShot CATPart File Parser out-of-bounds write

$۱۰k-$25k

Not Defined

CVE-2021-27490

۵.۵

Siemens Luxion KeyShot Datakit Software Libraries out-of-bounds read

$۵k-$10k

Not Defined

CVE-2021-27496

۴.۳

Siemens Luxion KeyShot PRT File Parser null pointer dereference

$۲k-$5k

Not Defined

CVE-2021-27494

۵.۵

Siemens Luxion KeyShot STP File Parser stack-based overflow

$۱۰k-$25k

Not Defined

CVE-2020-15782

۷.۳

Siemens SIMATIC Drive Controller Service Port 102 memory corruption

$۵k-$25k

Workaround

CVE-2021-32456

۳.۱

SITEL CAP/PRX cleartext transmission

$۰-$۱k

Not Defined

CVE-2021-32453

۴.۳

SITEL CAP/PRX Configuration Database information disclosure

$۱k-$2k

Not Defined

CVE-2021-32454

۶.۳

SITEL CAP/PRX hard-coded credentials

$۱k-$2k

Not Defined

CVE-2021-32455

۳.۵

SITEL CAP/PRX HTTP Request resource consumption

$۰-$۱k

Not Defined

CVE-2020-36364

۵.۵

Smartstore ImportController.cs ImportController.Create path traversal

$۱k-$2k

Official Fix

CVE-2020-36365

۶.۳

SmartStoreNET ScheduleTaskController.Edit redirect

$۱k-$2k

Official Fix

CVE-2021-31474

۹.۸

SolarWinds Network Performance Monitor deserialization

$۲k-$5k

Official Fix

CVE-2021-31475

۸.۸

SolarWinds Orion Job Scheduler JobRouterService WCF Service permission assignment

$۲k-$5k

Official Fix

CVE-2021-28652

۳.۷

Squid Web Proxy Cache Manager API memory leak

$۵k-$10k

Official Fix

CVE-2021-33620

۳.۷

Squid Web Proxy HTTP Response denial of service

$۵k-$25k

Official Fix

CVE-2021-31808

۵.۳

Squid Web Proxy Range Request denial of service

$۵k-$10k

Official Fix

CVE-2021-31806

۵.۳

Squid Web Proxy Range Request denial of service

$۵k-$10k

Official Fix

CVE-2021-28662

۳.۷

Squid Web Proxy Response Header denial of service

$۵k-$10k

Official Fix

CVE-2021-28651

۵.۳

Squid Web Proxy urn Scheme memory allocation

$۵k-$10k

Official Fix

CVE-2021-29414

۳.۸

STMicroelectronics STM32L4 access control

$۰-$۱k

Not Defined

CVE-2020-27212

۲.۶

STMicroelectronics STM32L4 RDP Level injection

$۱k-$2k

Not Defined

CVE-2021-24290

۴.۳

Store Locator Plus Plugin Endpoint cross site scripting

$۰-$۱k

Not Defined

CVE-2021-24289

۵.۵

Store Locator Plus Plugin Meta Data privileges management

$۱k-$2k

Not Defined

CVE-2021-31439

۶.۳

Synology DiskStation Manager Netatalk heap-based overflow

$۲k-$5k

Official Fix

CVE-2021-31322

۶.۳

Telegram App populate heap-based overflow

$۲k-$5k

Official Fix

CVE-2021-31320

۶.۳

Telegram App rlottie Library generateGradientColorTable heap-based overflow

$۲k-$5k

Official Fix

CVE-2021-31321

۶.۳

Telegram App rlottie Library gray_split_cubic out-of-bounds read

$۱k-$2k

Official Fix

CVE-2021-31318

۶.۳

Telegram App rlottie Library LOTCompLayerItem type confusion

$۲k-$5k

Official Fix

CVE-2021-31315

۶.۳

Telegram App rlottie Library out-of-bounds read

$۱k-$2k

Official Fix

CVE-2021-31323

۵.۵

Telegram App rlottie Library parseDashProperty heap-based overflow

$۲k-$5k

Official Fix

CVE-2021-31319

۶.۳

Telegram App rlottie Library populate integer overflow

$۲k-$5k

Official Fix

CVE-2021-31317

۶.۳

Telegram App rlottie Library type confusion

$۲k-$5k

Official Fix

CVE-2021-32458

۵.۵

Trend Micro Home Network Security IOCTL tdts.ko chrdev_ioctl_handle access control

$۱۰k-$25k

Not Defined

CVE-2021-32459

۴.۳

Trend Micro Home Network Security SFTP Log Collection Server hard-coded password

$۵k-$10k

Not Defined

CVE-2021-32457

۵.۵

Trend Micro Home Network Security tdts.ko chrdev_ioctl_handle access control

$۱۰k-$25k

Not Defined

CVE-2021-30501

۳.۵

UPX mem.cpp alloc denial of service

$۰-$۱k

Official Fix

CVE-2021-30500

۳.۵

UPX p_lx_elf.cpp canUnpack null pointer dereference

$۰-$۱k

Official Fix

CVE-2018-16497

۸.۰

Versa Analytics Cron Job privileges management

$۲k-$5k

Not Defined

CVE-2018-16498

۳.۵

Versa Director Backup cleartext storage

$۰-$۱k

Not Defined

CVE-2019-25029

۵.۵

Versa Director command injection

$۱k-$2k

Not Defined

CVE-2018-16496

۶.۳

Versa Director improper authentication

$۱k-$2k

Not Defined

CVE-2019-25030

۲.۶

Versa Director/Analytics/VOS Password unknown vulnerability

$۰-$۱k

Not Defined

CVE-2018-16499

۳.۷

Versa VOS inadequate encryption

$۰-$۱k

Not Defined

CVE-2018-16495

۴.۳

Versa VOS session fixiation

$۱k-$2k

Not Defined

CVE-2018-16494

۶.۳

Versa VOS temp file

$۲k-$5k

Not Defined

CVE-2020-26677

۶.۳

vFairs API sql injection

$۱k-$2k

Not Defined

CVE-2020-26679

۵.۶

vFairs Identification Number permission

$۲k-$5k

Not Defined

CVE-2020-26678

۶.۳

vFairs Profile Picture unrestricted upload

$۲k-$5k

Not Defined

CVE-2020-26680

۳.۵

vFairs User Profile cross site scripting

$۰-$۱k

Not Defined

CVE-2021-22117

۵.۵

VMware RabbitMQ Installer permission

$۱۰k-$25k

Official Fix

CVE-2021-21986

۷.۳

VMware vCenter Server SAN Health Check improper authentication

$۱۰k-$25k

Official Fix

CVE-2021-21985

۷.۳

VMware vCenter Server Virtual SAN Health Check Plug-In improper authentication

$۱۰k-$25k

Official Fix

CVE-2020-25697

۶.۳

X.org X11 Server Client Authentication missing authentication

$۱k-$2k

Not Defined

CVE-2021-31535

۶.۳

X.org X11 Server/libX11 LookupCol.c XLookupColor buffer overflow

$۲k-$5k

Official Fix

CVE-2021-29505

۶.۳

XStream deserialization

$۰-$۵k

Official Fix

CVE-2021-32635

۶.۳

XStream Remote Code Execution

$۰-$۵k

Official Fix

CVE-2021-32621

۶.۳

XWiki Dashboard code injection

$۰-$۵k

Official Fix

CVE-2021-32620

۷.۳

XWiki Verification improper authorization

$۰-$۵k

Not Defined

CVE-2021-3320

۶.۷

Zephyr 802154 ACK Frames null pointer dereference

$۰-$۱k

Not Defined

CVE-2020-10069

۵.۰

Zephyr Bluetooth denial of service

$۰-$۱k

Official Fix

CVE-2020-10066

۴.۱

Zephyr Bluetooth HCI Core null pointer dereference

$۰-$۱k

Not Defined

CVE-2020-10065

۳.۹

Zephyr Bluetooth HCI over SPI memory corruption

$۰-$۱k

Not Defined

CVE-2020-13601

۷.۷

Zephyr DNS out-of-bounds read

$۱k-$2k

Not Defined

CVE-2020-13600

۶.۴

Zephyr eswifi heap-based overflow

$۱k-$2k

Not Defined

CVE-2020-13598

۵.۳

Zephyr Filename fs_stat stack-based overflow

$۱k-$2k

Not Defined

CVE-2020-10064

۷.۳

Zephyr ieee802154 heap-based overflow

$۲k-$5k

Not Defined

CVE-2020-10072

۵.۳

Zephyr insufficient permissions or privileges

$۱k-$2k

Not Defined

CVE-2020-13603

۵.۸

Zephyr integer overflow

$۰-$۱k

Not Defined

CVE-2020-13599

۳.۳

Zephyr littlefs default permission

$۰-$۱k

Not Defined

CVE-2020-13602

۴.۴

Zephyr LwM2M do_write_op_tlv infinite loop

$۰-$۱k

Not Defined

CVE-2021-20237

۵.۳

ZeroMQ PUB Message xpub.cpp resource consumption

$۰-$۱k

Official Fix

CVE-2021-20236

۵.۵

ZeroMQ Topic Subscription stack-based overflow

$۲k-$5k

Official Fix

CVE-2021-27956

۳.۵

Zoho ManageEngine ADSelfService Plus directory-search cross site scripting

$۰-$۱k

Official Fix

CVE-2021-32633

۵.۰

Zope Module path traversal

$۱k-$2k

Official Fix

CVE-2021-33507

۳.۵

Zope Products.CMFCore/Products.PluggableAuthService cross site scripting

$۰-$۵k

Official Fix

CVE-2021-33507

۳.۵

Zope Products.CMFCore/Products.PluggableAuthService cross site scripting

$۰-$۱k

Official Fix

CVE-2021-21732

۳.۵

ZTE Mobile Phone access control

$۱k-$2k

Official Fix

CVE-2021-21734

۳.۵

ZTE ZXA10 F832V2 cleartext storage

$۰-$۵k

Not Defined

CVE-2021-21733

۳.۵

ZTE ZXCDN Management System information disclosure

$۰-$۱k

Not Defined