CVE-2017-20001 (aes_encryption)
The AES encryption project 7.x and 8.x for Drupal does not sufficiently prevent attackers from decrypting data, aka SA-CONTRIB-2017-027. NOTE: This project is not covered by Drupal's security [...]
CVE-2016-20001 (rest/json)
The REST/JSON project 7.x-1.x for Drupal allows node access bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy. ...
CVE-2020-10148 (orion_platform)
The SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands. This vulnerability could allow a remote attacker to bypass [...]
CVE-2020-13473 (express_accounts)
NCH Express Accounts 8.24 and earlier allows local users to discover the cleartext password by reading the configuration file. ...
CVE-2020-11093 (indy-node)
Hyperledger Indy Node is the server portion of a distributed ledger purpose-built for decentralized identity. In Hyperledger Indy before version 1.12.4, there is lack of signature verification on [...]
CVE-2018-1000891 (bitcoin_sv)
Bitcoin SV before 0.1.1 allows uncontrolled resource consumption when receiving messages with invalid checksums. ...
CVE-2018-15632 (odoo)
Improper input validation in database creation logic in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier, allows remote attackers to initialize an empty database on which they [...]
Security Updates Available for Adobe Acrobat and Reader (APSB20-75)
Adobe has published a security bulletin for Adobe Acrobat and Reader (APSB20-75). The updates referenced in the bulletin address a vulnerability rated Important, and Adobe recommends users update [...]
