deleteaccount.php in the Delete Account plugin 1.4 for MyBB allows XSS via the deletereason parameter.
CVE-2021-3349PUBLISHED: 2021-02-01** DISPUTED ** GNOME Evolution through 3.38.3 produces a "Valid signature" message for an unknown identifier on a previously trusted key because Evolution does not retrieve enough information from the GnuPG API. NOTE: third parties dispute the significance of this issue, and dispute whethe...
CVE-2021-3348PUBLISHED: 2021-02-01nbd_add_socket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndb_queue_rq use-after-free that could be triggered by local attackers (with access to the nbd device) via an I/O request at a certain point during device setup, aka CID-b98e762e3d71.
CVE-2020-15834PUBLISHED: 2021-02-01An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.1.5-std devices. The wireless network password is exposed in a QR encoded picture that an unauthenticated adversary can download via the web-management interface.
CVE-2020-15835PUBLISHED: 2021-02-01An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.1.5-std devices. The authentication function contains undocumented code that provides the ability to authenticate as root without knowing the actual root password. An adversary with the private key can ..
Support the originator by clicking the read the rest link below.
