Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-27817PUBLISHED: 2021-03-08** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA.
CVE-2021-27222PUBLISHED: 2021-03-08In the "Time in Status" app before 4.13.0 for Jira, remote authenticated attackers can cause Stored XSS.
CVE-2020-23967PUBLISHED: 2021-03-08Dr.Web Security Space versions 11 and 12 allow elevation of privilege for local users without administrative privileges to NT AUTHORITY\SYSTEM due to insufficient control during autoupdate.
CVE-2021-26788PUBLISHED: 2021-03-08
Oryx Embedded CycloneTCP 1.7.6 to 2.0.0, fixed in 2.0.2, is affected by incorrect input validation, which may cause a denial of service (DoS). To exploit the vulnerability, an attacker needs to have TCP connectivity to the target system. Receiving a maliciously crafted TCP packet from an unauthentic...
CVE-2021-23351PUBLISHED: 2021-03-08
The package github.com/pires/go-proxyproto before 0.5.0 are vulnerable to Denial of Service (DoS) via the parseVersion1() function. The reader in this package is a default bufio.Reader wrapping a net.Conn. It will read from the connection until it finds a newline. Since no limits are implemented in ...