Severity Medium Analysis Summary CVE-2021-22960  Node.js is vulnerable to HTTP request smuggling, caused by an error when parsing the body of chunked requests. A remote attacker […]

Severity High Analysis Summary CVE-2021-40500  SAP BusinessObjects Business Intelligence Platform could allow a remote attacker to obtain sensitive information, caused by improper handling of XML external […]

Severity High Analysis Summary Following samples of Lazarus group aka Guardians of Peace, a state-sponsored North Korean threat actor group targeting financial organizations for their gains […]

Severity High Analysis Summary CVE-2021-41355  Microsoft .NET Core and Visual Studio could allow a remote attacker to obtain sensitive information. By persuading a victim to open […]

Severity High Analysis Summary CVE-2021-40728  Adobe Acrobat and Adobe Reader could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free […]

Severity High Analysis Summary CVE-2021-40449  Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the […]

Severity Medium Analysis Summary CVE-2021-33727  Siemens SINEC NMS could allow a remote authenticated attacker to obtain sensitive information, caused by improper validation of user-supplied input. By […]

Severity Medium Analysis Summary CVE-2021-38431 An authenticated user can use API functions to disclose project names and paths from other users. Impact Unauthorized Access Affected Vendors […]

Severity High Analysis Summary CVE-2021-22802 The affected product is vulnerable to remote code execution, due to missing length check on user-supplied data, when a constructed message […]