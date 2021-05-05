Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-28588PUBLISHED: 2021-05-10
An information disclosure vulnerability exists in the /proc/pid/syscall functionality of Linux Kernel 5.1 Stable and 5.4.66. More specifically, this issue has been introduced in v5.1-rc4 (commit 631b7abacd02b88f4b0795c08b54ad4fc3e7c7c0) and is still present in v5.10-rc4, so itâ€™s l...
CVE-2021-21428PUBLISHED: 2021-05-10
Openapi generator is a java tool which allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec. openapi-generator-online creates insecure temporary folders with File.createTempFile during the code generation proces...
CVE-2021-29022PUBLISHED: 2021-05-10
In InvoicePlane 1.5.11, the upload feature discloses the full path of the file upload directory.
CVE-2020-27226PUBLISHED: 2021-05-10
An exploitable SQL injection vulnerability exists in â€˜quickFile.jspâ€™ page of OpenClinic GA 5.173.3. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability.
CVE-2020-27229PUBLISHED: 2021-05-10
A number of exploitable SQL injection vulnerabilities exists in â€˜patientslist.doâ€™ page of OpenClinic GA 5.173.3 application. The findPersonID parameter in â€˜â€˜patientslist.doâ€™ page is vulnerable to authentic...