Here we list the vulnerabilities with references that we have found so far.
Critical Severity
| Software |
Version |
Impact |
CVE |
Reference |
| Moodle |
3.11.2 |
Admin Session Hijack |
CVE-2021-40691 |
Release Notes |
| Moodle |
3.11.1 |
Remote Code Execution |
CVE-2021-36394 |
Release Notes |
| ILIAS |
6.8 |
Command Injection |
CVE-2021-xxxxx |
Release Notes |
| Apache Tapestry |
5.7.0 |
Unauthenticated RCE |
CVE-2021-27850 |
ReadMe |
| ManageEngine OpManger |
< 12.5.233 |
Unauthenticated RCE |
CVE-2020-28653 |
ReadMe |
| OpenNMS |
25.2.1 |
Hibernate Injection |
CVE-2020-11886 |
ReadMe |
| dotCMS |
<= 5.1.5 |
CSRF to RCE |
CVE-2019-12872 |
SonarSource Blog |
| Netflix Genie |
4.0.0 |
RCE |
- |
- |
| LogicalDOC |
8.2.3 |
Hibernate Injection |
- |
SonarSource Blog |
| Moodle |
3.5.1 |
Object Injection to RCE |
CVE-2018-14630 |
SEC Consult Advisory |
| ILIAS |
5.3.10 |
Object Injection to RCE |
CVE-2018-25003 |
Github Commit |
High Severity
| Software |
Version |
Impact |
CVE |
Reference |
| Coming Soon |
? |
? |
CVE-2021-27098 |
NVD Details |
| OX App Suite |
<= 7.10.3 |
Denial of Service |
CVE-2020-8543 |
- |
| OX App Suite |
<= 7.10.3 |
Denial of Service |
CVE-2020-12645 |
- |
| LogicalDOC |
8.2 |
Path Traversal |
CVE-2019-9723 |
RIPS Blog |
Medium Severity
| Software |
Version |
Impact |
CVE |
Reference |
| Coming Soon |
? |
? |
CVE-2021-27099 |
NVD Details |
| OX App Suite |
<= 7.10.3 |
SSRF |
CVE-2020-12644 |
- |