The 10Web Photo Gallery plugin through 1.5.69 for WordPress allows XSS via theme_id for bwg_frontend_data. NOTE: other parameters are covered by CVE-2021-24291, CVE-2021-25041, and CVE-2021-31693.
| CVE ID | Name | Status | References |
|---|---|---|---|
| CVE-2021-46889 | The 10Web Photo Gallery plugin through 1.5.69 for WordPress allows XSS via theme_id for bwg_frontend_data. NOTE: other parameters are covered by CVE-2021-24291, CVE-2021-25041, and CVE-2021-31693. |
Assigned (20230607) | MISC:https://packetstormsecurity.com/files/162227/WordPress-Photo-Gallery-1.5.69-Cross-Site-Scripting.html |
| CVE-2021-46888 | An issue was discovered in hledger before 1.23. A Stored Cross-Site Scripting (XSS) vulnerability exists in toBloodhoundJson that allows an attacker to execute JavaScript by encoding user-controlled values in a payload with base64 and parsing them with the atob function. |
Assigned (20230521) | MISC:https://github.com/simonmichael/hledger/issues/1525 | MISC:https://github.com/simonmichael/hledger/pull/1663 | MISC:https://github.com/simonmichael/hledger/releases/tag/1.23 | MISC:https://www.youtube.com/watch?v=QnRO-VkfIic |
| CVE-2021-46887 | Lack of length check vulnerability in the HW_KEYMASTER module. Successful exploitation of this vulnerability may cause out-of-bounds read. |
Assigned (20230426) | MISC:https://consumer.huawei.com/en/support/bulletin/2023/5/ | URL:https://consumer.huawei.com/en/support/bulletin/2023/5/ |
| CVE-2021-46886 | The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability. |
Assigned (20230426) | MISC:https://consumer.huawei.com/en/support/bulletin/2023/5/ | URL:https://consumer.huawei.com/en/support/bulletin/2023/5/ |
| CVE-2021-46885 | The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability. |
Assigned (20230426) | MISC:https://consumer.huawei.com/en/support/bulletin/2023/5/ | URL:https://consumer.huawei.com/en/support/bulletin/2023/5/ |
| CVE-2021-46884 | The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability. |
Assigned (20230426) | MISC:https://consumer.huawei.com/en/support/bulletin/2023/5/ | URL:https://consumer.huawei.com/en/support/bulletin/2023/5/ |
| CVE-2021-46883 | The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability. |
Assigned (20230426) | MISC:https://consumer.huawei.com/en/support/bulletin/2023/5/ | URL:https://consumer.huawei.com/en/support/bulletin/2023/5/ |
| CVE-2021-46882 | The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability. |
Assigned (20230426) | MISC:https://consumer.huawei.com/en/support/bulletin/2023/5/ | URL:https://consumer.huawei.com/en/support/bulletin/2023/5/ |
| CVE-2021-46881 | The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability. |
Assigned (20230426) | MISC:https://consumer.huawei.com/en/support/bulletin/2023/5/ | URL:https://consumer.huawei.com/en/support/bulletin/2023/5/ |
| CVE-2021-46880 | x509/x509_verify.c in LibreSSL before 3.4.2, and OpenBSD before 7.0 errata 006, allows authentication bypass because an error for an unverified certificate chain is sometimes discarded. |
Assigned (20230414) | CONFIRM:https://security.netapp.com/advisory/ntap-20230517-0006/ | MISC:https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.4.2-relnotes.txt | MISC:https://ftp.openbsd.org/pub/OpenBSD/patches/7.0/common/006_x509.patch.sig | MISC:https://github.com/openbsd/src/commit/3f851282810fa0ab4b90b3b1ecec2e8717ef16f8 |
Page created: