Fresh IT Vulnerabilities @vulnbot@schleuss.online

#introductions This bot is posting IT vulnerabilities from all over the web - usually refreshes every few minutes with new stories. If you would like to see more sites included, write to the maintainer @emanuel - you might also be interested in @itsecbot

CVE-2020-12528 - An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions ... - https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-12528

CVE-2020-12527 - An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions ... - https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-12527

CVE-2020-12530 - An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions ... - https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-12530

CVE-2020-12529 - An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions ... - https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-12529

CVE-2020-27221 (openj9) - In Eclipse OpenJ9 up to and including version 0.23, there is potential for a stack-based buffer ov... - https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27221

CVE-2021-2036 (mysql, oncommand_insight, oncommand_workflow_automation, snapcenter) - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supporte... - https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-2036

CVE-2021-25177 (drawings_software_development_kit, jt2go, teamcenter_visualization) - An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A Type Confusion issu... - https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-25177

CVE-2018-6621 (debian_linux, ffmpeg) - The decode_frame function in libavcodec/utvideodec.c in FFmpeg through 3.2 allows remote attackers... - https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-6621

CVE-2021-21258 - GLPI is an open-source asset and IT management software package that provides ITIL Service Desk fe... - https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-21258

CVE-2021-21255 - GLPI is an open-source asset and IT management software package that provides ITIL Service Desk fe... - https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-21255

CVE-2021-27885 - usersettings.php in e107 through 2.3.0 lacks a certain e_TOKEN protection mechanism. - https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27885

CVE-2021-22294 - A component API of the HarmonyOS 2.0 has a permission bypass vulnerability. Local attackers may ex... - https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-22294

CVE-2021-22296 - A component of the HarmonyOS 2.0 has a DoS vulnerability. Local attackers may exploit this vulnera... - https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-22296

CVE-2021-22187 - An issue has been discovered in GitLab affecting all versions of Gitlab EE/CE before 12.6.7. A pot... - https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-22187

CVE-2020-28657 - In bPanel 2.0, the administrative ajax endpoints (aka ajax/aj_*.php) are accessible without authen... - https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-28657

CVE-2021-3384 - A vulnerability in Stormshield Network Security could allow an attacker to trigger a protection re... - https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3384

CVE-2021-25330 - Calling of non-existent provider in MobileWips application prior to SMR Feb-2021 Release 1 allows ... - https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-25330

CVE-2020-4726 - The IBM Application Performance Monitoring UI (IBM Cloud APM 8.1.4) allows web pages to be stored ... - https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-4726

CVE-2020-4719 - The IBM Cloud APM 8.1.4 server will issue a DNS request to resolve any hostname specified in the C... - https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-4719

CVE-2020-4725 - IBM Monitoring (IBM Cloud APM 8.1.4 ) could allow an authenticated user to modify HTML content by ... - https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-4725