Alert News 2021

Published	Public	Updated	VU#	Title
2021-12-22	2021-12-22	2022-02-02	VU#692873	Saviynt Enterprise Identity Cloud vulnerable to local user enumeration and authentication bypass
2021-12-15	2021-12-15	2022-02-07	VU#930724	Apache Log4j allows insecure JNDI lookups
2021-11-09	2021-11-09	2021-11-09	VU#999008	Compilers permit Unicode control and homoglyph characters
2021-10-04	2021-10-04	2021-10-05	VU#883754	Salesforce DX command line interface (CLI) does not adequately protect sfdxurl credentials
2021-08-10	2021-08-10	2021-08-10	VU#608209	NicheStack embedded TCP/IP has vulnerabilities
2021-08-06	2021-08-06	2021-08-06	VU#357312	HTTP Request Smuggling in Web Proxies
2021-08-02	2021-08-02	2021-08-04	VU#405600	Microsoft Windows Active Directory Certificate Services can allow for AD compromise via PetitPotam NTLM relay attacks
2021-07-20	2021-07-20	2021-07-20	VU#914124	Arcadyan-based routers and modems vulnerable to authentication bypass
2021-07-20	2021-07-20	2021-07-21	VU#506989	Microsoft Windows 10 gives unprivileged user access to system32\config files
2021-07-18	2021-07-18	2021-07-19	VU#131152	Microsoft Windows Print Spooler Point and Print allows installation of arbitrary queue-specific files
2021-06-30	2021-06-30	2021-06-30	VU#383432	Microsoft Windows Print Spooler RpcAddPrinterDriverEx() function allows for RCE
2021-05-25	2021-05-25	2021-05-25	VU#706695	Checkbox Survey insecurely deserializes ASP.NET View State data
2021-05-24	2021-05-24	2021-05-26	VU#667933	Pulse Connect Secure Samba buffer overflow
2021-05-24	2021-05-24	2021-05-27	VU#799380	Devices supporting Bluetooth Core and Mesh Specifications are vulnerable to impersonation attacks and AuthValue disclosure
2021-04-20	2021-04-20	2021-04-22	VU#567764	MySQL for Windows is vulnerable to privilege escalation due to OPENSSLDIR location
2021-04-20	2021-04-20	2021-05-06	VU#213092	Pulse Connect Secure contains multiple use-after-free vulnerabilities
2021-02-18	2021-02-18	2021-02-18	VU#240785	Atlassian Bitbucket on Windows is vulnerable to privilege escalation due to weak ACLs
2021-02-09	2021-02-09	2021-02-09	VU#466044	Siemens Totally Integrated Automation Portal vulnerable to privilege escalation due to Node.js paths
2021-02-04	2021-01-26	2021-02-04	VU#794544	Heap-Based Buffer Overflow in Sudo
2021-02-01	2021-02-01	2021-02-01	VU#125331	Adobe ColdFusion is vulnerable to privilege escalation due to weak ACLs
2021-01-19	2021-01-19	2021-01-20	VU#434904	Dnsmasq is vulnerable to memory corruption and cache poisoning