CWE-20

CVE-2021-33706

February 23, 2023 by

Due to improper input validation in InfraBox, logs can be modified by an authenticated user.

CVE-2021-33708

February 23, 2023 by

Due to insufficient input validation in Kyma, authenticated users can pass a Header of their choice and escalate privileges.

Squid before 4.15 and 5.x before 5.0.6 allows remote servers to cause a denial of service (affecting availability to all clients) via an HTTP response. The issue trigger is a header that can be expected to exist in HTTP traffic without any malicious intent by the server.

CVE-2021-33659

February 23, 2023 by

SAP 3D Visual Enterprise Viewer, version – 9, allows a user to open manipulated GIF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

CVE-2021-33660

February 23, 2023 by

SAP 3D Visual Enterprise Viewer, version – 9, allows a user to open manipulated FLI file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

CVE-2021-33661

February 23, 2023 by

SAP 3D Visual Enterprise Viewer, version – 9, allows a user to open manipulated PCX file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.