IS Security CERT Global

    • CVE-2021-21280
      Gravedad: NonePublicado: 18/06/2021Last revised: 18/06/2021Descripción: *** Pendiente de traducción *** Contiki-NG is an open-source, cross-platform operating system for internet of things devices. It is possible to cause an out-of-bounds write ... read more
    • CVE-2021-21281
      Gravedad: NonePublicado: 18/06/2021Last revised: 18/06/2021Descripción: *** Pendiente de traducción *** Contiki-NG is an open-source, cross-platform operating system for internet of things devices. A buffer overflow vulnerability exists in Contiki-NG versions ... read more
    • CVE-2021-31661
      Gravedad: NonePublicado: 18/06/2021Last revised: 18/06/2021Descripción: *** Pendiente de traducción *** RIOT-OS 2021.01 before commit 609c9ada34da5546cffb632a98b7ba157c112658 contains a buffer overflow that could allow attackers to obtain sensitive information. ... read more
    • CVE-2021-31664
      Gravedad: NonePublicado: 18/06/2021Last revised: 18/06/2021Descripción: *** Pendiente de traducción *** RIOT-OS 2021.01 before commit 44741ff99f7a71df45420635b238b9c22093647a contains a buffer overflow which could allow attackers to obtain sensitive information. ... read more
    • CVE-2021-33186
      Gravedad: NonePublicado: 18/06/2021Last revised: 18/06/2021Descripción: *** Pendiente de traducción *** SerenityOS in test-crypto.cpp contains a stack buffer overflow which could allow attackers to obtain sensitive information. ... read more
    • CVE-2021-31660
      Gravedad: NonePublicado: 18/06/2021Last revised: 18/06/2021Descripción: *** Pendiente de traducción *** RIOT-OS 2021.01 before commit 85da504d2dc30188b89f44c3276fc5a25b31251f contains a buffer overflow which could allow attackers to obtain sensitive information. ... read more
    • CVE-2021-31662
      Gravedad: NonePublicado: 18/06/2021Last revised: 18/06/2021Descripción: *** Pendiente de traducción *** RIOT-OS 2021.01 before commit 07f1254d8537497552e7dce80364aaead9266bbe contains a buffer overflow which could allow attackers to obtain sensitive information. ... read more
    • CVE-2021-31663
      Gravedad: NonePublicado: 18/06/2021Last revised: 18/06/2021Descripción: *** Pendiente de traducción *** RIOT-OS 2021.01 before commit bc59d60be60dfc0a05def57d74985371e4f22d79 contains a buffer overflow which could allow attackers to obtain sensitive information. ... read more
    • CVE-2021-33185
      Gravedad: NonePublicado: 18/06/2021Last revised: 18/06/2021Descripción: *** Pendiente de traducción *** SerenityOS contains a buffer overflow in the set_range test in TestBitmap which could allow attackers to obtain sensitive information. ... read more
    • CVE-2021-31272
      Gravedad: NonePublicado: 18/06/2021Last revised: 18/06/2021Descripción: *** Pendiente de traducción *** SerenityOS before commit 3844e8569689dd476064a0759d704bc64fb3ca2c contains a directory traversal vulnerability in tar/unzip that may lead to command execution or privilege escalation. ... read more
    • CVE-2020-18442
      Gravedad: NonePublicado: 18/06/2021Last revised: 18/06/2021Descripción: *** Pendiente de traducción *** Infinite Loop in zziplib v0.13.69 allows remote attackers to cause a denial of service via the return value "zzip_file_read" in ... read more
    • CVE-2021-23846
      Gravedad: NonePublicado: 18/06/2021Last revised: 18/06/2021Descripción: *** Pendiente de traducción *** When using http protocol, the user password is transmitted as a clear text parameter for which it is possible to ... read more
    • CVE-2021-23845
      Gravedad: NonePublicado: 18/06/2021Last revised: 18/06/2021Descripción: *** Pendiente de traducción *** This vulnerability could allow an attacker to hijack a session while a user is logged in the configuration web page. ... read more
    • CVE-2021-33818
      Gravedad: NonePublicado: 18/06/2021Last revised: 18/06/2021Descripción: *** Pendiente de traducción *** An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67. Attackers can use slowhttptest tool to send incomplete ... read more
    • CVE-2021-33820
      Gravedad: NonePublicado: 18/06/2021Last revised: 18/06/2021Descripción: *** Pendiente de traducción *** An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67.Attacker could send a huge amount of TCP SYN ... read more
    • CVE-2021-32954
      Gravedad: NonePublicado: 18/06/2021Last revised: 18/06/2021Descripción: *** Pendiente de traducción *** Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to a directory traversal, which may allow an attacker to remotely read ... read more
    • CVE-2021-32956
      Gravedad: NonePublicado: 18/06/2021Last revised: 18/06/2021Descripción: *** Pendiente de traducción *** Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to redirection, which may allow an attacker to send a maliciously crafted ... read more
    • CVE-2021-33822
      Gravedad: NonePublicado: 18/06/2021Last revised: 18/06/2021Descripción: *** Pendiente de traducción *** An issue was discovered on 4GEE ROUTER HH70VB Version HH70_E1_02.00_22. Attackers can use slowhttptest tool to send incomplete HTTP request, ... read more
    • CVE-2005-2795
      Gravedad: NonePublicado: 18/06/2021Last revised: 18/06/2021Descripción: *** Pendiente de traducción *** ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: ... read more
    • CVE-2021-3604
      Gravedad: NonePublicado: 18/06/2021Last revised: 18/06/2021Descripción: *** Pendiente de traducción *** Secure 8 (Evalos) does not validate user input data correctly, allowing a remote attacker to perform a Blind SQL Injection. ... read more
    • CVE-2021-31662
      RIOT-OS 2021.01 before commit 07f1254d8537497552e7dce80364aaead9266bbe contains a buffer overflow which could allow attackers to obtain sensitive information. ... read more
    • CVE-2021-31660
      RIOT-OS 2021.01 before commit 85da504d2dc30188b89f44c3276fc5a25b31251f contains a buffer overflow which could allow attackers to obtain sensitive information. ... read more
    • CVE-2021-31272
      SerenityOS before commit 3844e8569689dd476064a0759d704bc64fb3ca2c contains a directory traversal vulnerability in tar/unzip that may lead to command execution or privilege escalation. ... read more
    • CVE-2021-33185
      SerenityOS contains a buffer overflow in the set_range test in TestBitmap which could allow attackers to obtain sensitive information. ... read more
    • CVE-2021-31664
      RIOT-OS 2021.01 before commit 44741ff99f7a71df45420635b238b9c22093647a contains a buffer overflow which could allow attackers to obtain sensitive information. ... read more
    • CVE-2021-33186
      SerenityOS in test-crypto.cpp contains a stack buffer overflow which could allow attackers to obtain sensitive information. ... read more
    • CVE-2021-31661
      RIOT-OS 2021.01 before commit 609c9ada34da5546cffb632a98b7ba157c112658 contains a buffer overflow that could allow attackers to obtain sensitive information. ... read more
    • CVE-2021-31663
      RIOT-OS 2021.01 before commit bc59d60be60dfc0a05def57d74985371e4f22d79 contains a buffer overflow which could allow attackers to obtain sensitive information. ... read more
    • CVE-2021-32696
      The npm package "striptags" is an implementation of PHP's strip_tags in Typescript. In striptags before version 3.2.0, a type-confusion vulnerability can cause `striptags` to concatenate unsanitized strings when an array-like ... read more
    • CVE-2021-21257
      Contiki-NG is an open-source, cross-platform operating system for internet of things devices. The RPL-Classic and RPL-Lite implementations in the Contiki-NG operating system versions prior to 4.6 do not validate the ... read more
    • CVE-2021-21280
      Contiki-NG is an open-source, cross-platform operating system for internet of things devices. It is possible to cause an out-of-bounds write in versions of Contiki-NG prior to 4.6 when transmitting a ... read more
    • CVE-2021-21279
      Contiki-NG is an open-source, cross-platform operating system for internet of things devices. In verions prior to 4.6, an attacker can perform a denial-of-service attack by triggering an infinite loop in ... read more
    • CVE-2021-21281
      Contiki-NG is an open-source, cross-platform operating system for internet of things devices. A buffer overflow vulnerability exists in Contiki-NG versions prior to 4.6. After establishing a TCP socket using the ... read more
    • CVE-2021-21410
      Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An out-of-bounds read can be triggered by 6LoWPAN packets sent to devices running Contiki-NG 4.6 and prior. The IPv6 ... read more
    • CVE-2021-33823
      An issue was discovered on MOXA Mgate MB3180 Version 2.1 Build 18113012. Attacker could send a huge amount of TCP SYN packet to make web service's resource exhausted. Then the ... read more
    • CVE-2021-21282
      Contiki-NG is an open-source, cross-platform operating system for internet of things devices. In versions prior to 4.5, buffer overflow can be triggered by an input packet when using either of ... read more
    • CVE-2021-33824
      An issue was discovered on MOXA Mgate MB3180 Version 2.1 Build 18113012. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the ... read more
    • CVE-2021-33822
      An issue was discovered on 4GEE ROUTER HH70VB Version HH70_E1_02.00_22. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet to ... read more
    • CVE-2021-33820
      An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67.Attacker could send a huge amount of TCP SYN packet to make web service's resource exhausted. Then the web ... read more
    • CVE-2021-33818
      An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the ... read more
    • CVE-2018-14639
      ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none. ... read more
    • CVE-2020-18442
      Infinite Loop in zziplib v0.13.69 allows remote attackers to cause a denial of service via the return value "zzip_file_read" in the function "unzzip_cat_file". ... read more
    • CVE-2021-3604
      Secure 8 (Evalos) does not validate user input data correctly, allowing a remote attacker to perform a Blind SQL Injection. An attacker could exploit this vulnerability in order to extract ... read more
    • CVE-2005-2795
      ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none. ... read more
    • CVE-2021-32956
      Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to redirection, which may allow an attacker to send a maliciously crafted URL that could result in redirecting a user to a ... read more
    • CVE-2021-32954
      Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to a directory traversal, which may allow an attacker to remotely read arbitrary files on the file system. ... read more
    • CVE-2021-23846
      When using http protocol, the user password is transmitted as a clear text parameter for which it is possible to be obtained by an attacker through a MITM attack. This ... read more
    • CVE-2021-23845
      This vulnerability could allow an attacker to hijack a session while a user is logged in the configuration web page. This vulnerability was discovered by a security researcher in B426 ... read more
    • Google Releases Security Updates for Chrome
    • El Ministerio de Trabajo y Economía Social sufre otro ciberataque
      Fecha de publicación: 09/06/2021 El Ministerio de Trabajo y Economía Social (MITRAMISS) del Gobierno de España ha confirmado haber sido víctima de un ciberataque que ha afectado a algunos ... read more
Title Category Tag

Building Innovative Public-Private-Partnerships for Effective and Equitable WSS Services – Project Financing

InfrastructurePPPProjectFinance epcm governments infrastructure

Accelerating Action CDP Global Water Report 2015 – Project Financing

InfrastructureProjectFinanceWater governments infrastructure water

A Review of the Use of Output-Based Aid Approaches – Project Financing

EPCMPPPProjectFinance data sharing governments infrastructure