Uncategorized CVEs — 2021 (Page 24/26)

CVEs without a recognized CWE (not present in the CWE map or marked as N/A).

CVSS ≥ 0.0

2021-02-04

Medium

CVE-2021-25232

An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about the SQL database.

CVSS: 5.3CWE: N/A

Medium

CVE-2021-25231

An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain informa…

CVSS: 5.3CWE: N/A

Medium

CVE-2021-25230

An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about the contents of a scan connec…

CVSS: 5.3CWE: N/A

Medium

CVE-2021-25229

An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about the database server.

CVSS: 5.3CWE: N/A

Medium

CVE-2021-25228

CVSS: 5.3CWE: N/A

High

CVE-2021-0351

In wlan driver, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not nee…

CVSS: 7.5CWE: N/A

Medium

CVE-2021-0344

In mtkpower, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not nee…

CVSS: 6.7CWE: N/A

High

CVE-2021-1313

Multiple vulnerabilities in the ingress packet processing function of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected…

CVSS: 8.6CWE: CWE-399

High

CVE-2021-1288

CVSS: 8.6CWE: CWE-399

Medium

CVE-2020-5032

IBM QRadar SIEM 7.3 and 7.4 in some configurations may be vulnerable to a temporary denial of service attack when sent particular payloads. IBM X-Force ID: 194178.

CVSS: 4.3CWE: N/A

High

CVE-2020-28450

This affects all versions of package decal. The vulnerability is in the extend function.

CVSS: 8.6CWE: N/A

High

CVE-2020-28449

This affects all versions of package decal. The vulnerability is in the set function.

CVSS: 8.6CWE: N/A

Critical

CVE-2021-26688

An issue was discovered on LG Wing mobile devices with Android OS 10 software. The biometric sensor has weak security properties. The LG ID is LVE-SMP-200030 (February 2021).

CVSS: 9.8CWE: N/A

Critical

CVE-2021-26687

An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. In preloaded applications, the HostnameVerified default is mishandled. The LG ID is LVE-SMP-200029 (Februa…

CVSS: 9.8CWE: N/A

2021-02-03

Medium

CVE-2021-23331

This affects all versions of package com.squareup:connect. The method prepareDownloadFilecreates creates a temporary file with the permissions bits of -rw-r--r-- on unix-like systems. On unix-like sy…

CVSS: 4.4CWE: N/A

Low

CVE-2020-8589

Clustered Data ONTAP versions prior to 9.3P20 and 9.5P15 are susceptible to a vulnerability which could allow unauthorized tenant users to discover the names of other Storage Virtual Machines (SVMs)…

CVSS: 3.5CWE: N/A

Low

CVE-2020-8588

Clustered Data ONTAP versions prior to 9.3P20 and 9.5P15 are susceptible to a vulnerability which could allow unauthorized tenant users to discover the existence of data on other Storage Virtual Mach…

CVSS: 3.5CWE: N/A

Medium

CVE-2021-25778

In JetBrains TeamCity before 2020.2.1, permissions during user deletion were checked improperly.

CVSS: 5.3CWE: N/A

Low

CVE-2021-25775

In JetBrains TeamCity before 2020.2.1, the server admin could create and see access tokens for any other users.

CVSS: 3.8CWE: N/A

Medium

CVE-2021-25772

In JetBrains TeamCity before 2020.2.2, TeamCity server DoS was possible via server integration.

CVSS: 5.3CWE: N/A

Medium

CVE-2021-25771

In JetBrains YouTrack before 2020.6.1099, project information could be potentially disclosed.

CVSS: 4.3CWE: N/A

High

CVE-2021-25769

In JetBrains YouTrack before 2020.4.6808, the YouTrack administrator wasn't able to access attachments.

CVSS: 7.5CWE: N/A

Medium

CVE-2021-25768

In JetBrains YouTrack before 2020.4.4701, permissions for attachments actions were checked improperly.

CVSS: 5.3CWE: N/A

Medium

CVE-2021-25767

In JetBrains YouTrack before 2020.6.1767, an issue's existence could be disclosed via YouTrack command execution.

CVSS: 5.3CWE: N/A

Medium

CVE-2021-25766

In JetBrains YouTrack before 2020.4.4701, improper resource access checks were made.

CVSS: 5.3CWE: N/A

Medium

CVE-2021-25760

In JetBrains Hub before 2020.1.12669, information disclosure via the public API was possible.

CVSS: 5.3CWE: N/A

Medium

CVE-2021-25759

In JetBrains Hub before 2020.1.12629, an authenticated user can delete 2FA settings of any other user.

CVSS: 6.5CWE: N/A

Medium

CVE-2021-25756

In JetBrains IntelliJ IDEA before 2020.2, HTTP links were used for several remote repositories instead of HTTPS.

CVSS: 5.3CWE: N/A

Low

CVE-2021-25755

In JetBrains Code With Me before 2020.3, an attacker on the local network, knowing a session ID, could get access to the encrypted traffic.

CVSS: 2.5CWE: N/A

Critical

CVE-2020-35481

SolarWinds Serv-U before 15.2.2 allows Unauthenticated Macro Injection.

CVSS: 9.8CWE: N/A

Critical

CVE-2020-28653

Zoho ManageEngine OpManager Stable build before 125203 (and Released build before 125233) allows Remote Code Execution via the Smart Update Manager (SUM) servlet.

CVSS: 9.8CWE: N/A

2021-02-02

Medium

CVE-2020-24490

Improper buffer restrictions in BlueZ may allow an unauthenticated user to potentially enable denial of service via adjacent access. This affects all Linux kernel versions that support BlueZ.

CVSS: 6.5CWE: N/A

High

CVE-2020-14255

HCL Digital Experience 9.5 containers include vulnerabilities that could expose sensitive data to unauthorized parties via crafted requests. These affect containers only. These do not affect traditio…

CVSS: 7.5CWE: N/A

Medium

CVE-2020-14221

HCL Digital Experience 8.5, 9.0, and 9.5 exposes information about the server to unauthorized users.

CVSS: 4.9CWE: N/A

High

CVE-2019-25018

In the rcp client in MIT krb5-appl through 1.0.3, malicious servers could bypass intended access restrictions via the filename of . or an empty filename, similar to CVE-2018-20685 and CVE-2019-7282.…

CVSS: 7.5CWE: N/A

High

CVE-2020-28495

This affects the package total.js before 3.4.7. The set function can be used to set a value into the object according to the path. However the keys of the path being set are not properly sanitized, l…

CVSS: 7.3CWE: N/A

Medium

CVE-2020-25035

UCOPIA Wi-Fi appliances 6.0.5 allow arbitrary code execution with root privileges using chroothole_client's PHP call, a related issue to CVE-2017-11322.

CVSS: 6.7CWE: N/A

2021-02-01

High

CVE-2021-3283

HashiCorp Nomad and Nomad Enterprise up to 0.12.9 exec and java task drivers can access processes associated with other tasks on the same node. Fixed in 0.12.10, and 1.0.3.

CVSS: 7.5CWE: N/A

Medium

CVE-2021-3024

HashiCorp Vault and Vault Enterprise disclosed the internal IP address of the Vault node when responding to some invalid, unauthenticated HTTP requests. Fixed in 1.6.2 & 1.5.7.

CVSS: 5.3CWE: N/A

Medium

CVE-2020-25594

HashiCorp Vault and Vault Enterprise allowed for enumeration of Secrets Engine mount paths via unauthenticated HTTP requests. Fixed in 1.6.2 & 1.5.7.

CVSS: 5.3CWE: N/A

Critical

CVE-2020-15836

An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.1.5-std devices. The authentication function passes untrusted data to the operating system without proper sanitization. A crafted request ca…

CVSS: 9.8CWE: N/A

High

CVE-2020-15832

An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.1.5-std devices. The poof.cgi script contains undocumented code that provides the ability to remotely reboot the device. An adversary with t…

CVSS: 7.5CWE: N/A

High

CVE-2020-13857

An issue was discovered on Mofi Network MOFI4500-4GXeLTE 3.6.1-std and 4.0.8-std devices. They can be rebooted by sending an unauthenticated poof.cgi HTTP GET request.

CVSS: 7.5CWE: N/A

2021-01-29

High

CVE-2021-25646

Apache Druid includes the ability to execute user-provided JavaScript code embedded in various types of requests. This functionality is intended for use in high-trust environments, and is disabled by…

CVSS: 8.8CWE: N/A

Critical

CVE-2021-3346

Foris before 101.1.1, as used in Turris OS, lacks certain HTML escaping in the login template.

CVSS: 9.8CWE: N/A

Medium

CVE-2021-23328

This affects all versions of package iniparserjs. This vulnerability relates when ini_parser.js is concentrating arrays. Depending on if user input is provided, an attacker can overwrite and pollute…

CVSS: 5.6CWE: N/A

High

CVE-2021-20586

Resource management errors vulnerability in a robot controller of MELFA FR Series(controller "CR800-*V*D" of RV-*FR***-D-* all versions, controller "CR800-*HD" of RH-*FRH***-D-* all versions, control…

CVSS: 7.5CWE: N/A

Medium

CVE-2020-35652

An issue was discovered in res_pjsip_diversion.c in Sangoma Asterisk before 13.38.0, 14.x through 16.x before 16.15.0, 17.x before 17.9.0, and 18.x before 18.1.0. A crash can occur when a SIP message…

CVSS: 6.5CWE: N/A

Critical

CVE-2020-35547

A library index page in NuPoint Messenger in Mitel MiCollab before 9.2 FP1 could allow an unauthenticated attacker to gain access (view and modify) to user data.

CVSS: 9.1CWE: N/A

Medium

CVE-2020-29538

Archer before 6.9 P1 (6.9.0.1) contains an improper access control vulnerability in an API. A remote authenticated malicious administrative user can potentially exploit this vulnerability to gather i…

CVSS: 4.9CWE: N/A

Medium

CVE-2020-28406

An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an unauthorized user to access details about jobs he should not have access to via the Audi…

CVSS: 6.5CWE: N/A

High

CVE-2020-28405

An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an unauthorized user to change the privileges of any user of the application. This can be u…

CVSS: 8.8CWE: N/A

Medium

CVE-2020-28404

An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an unauthorized user to access the Billing page without the appropriate privileges.

CVSS: 6.5CWE: N/A

Medium

CVE-2020-28402

An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an unauthorized user to access Launcher Configuration Panel.

CVSS: 5.4CWE: N/A

Medium

CVE-2020-28401

An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an unauthorized user to access WIP details about jobs he should not have access to.

CVSS: 6.5CWE: N/A

High

CVE-2021-26308

An issue was discovered in the marc crate before 2.0.0 for Rust. A user-provided Read implementation can gain access to the old contents of newly allocated memory, violating soundness.

CVSS: 7.5CWE: N/A

Medium

CVE-2021-26307

An issue was discovered in the raw-cpuid crate before 9.0.0 for Rust. It allows __cpuid_count() calls even if the processor does not support the CPUID instruction, which is unsound and causes a deter…

CVSS: 5.5CWE: N/A

High

CVE-2021-26306

An issue was discovered in the raw-cpuid crate before 9.0.0 for Rust. It has unsound transmute calls within as_string() methods.

CVSS: 7.5CWE: N/A

2021-01-27

Critical

CVE-2021-3331

WinSCP before 5.17.10 allows remote attackers to execute arbitrary programs when the URL handler encounters a crafted URL that loads session settings. (For example, this is exploitable in a default i…

CVSS: 9.8CWE: N/A

Critical

CVE-2021-3325

Monitorix 3.13.0 allows remote attackers to bypass Basic Authentication in a default installation (i.e., an installation without a hosts_deny option). This issue occurred because a new access-control…

CVSS: 9.8CWE: N/A

High

CVE-2020-4952

IBM Security Guardium 11.2 could allow an authenticated user to gain root access due to improper access control. IBM X-Force ID: 192028.

CVSS: 8.8CWE: N/A

Critical

CVE-2020-23361

phpList 3.5.3 allows type juggling for login bypass because == is used instead of === for password hashes, which mishandles hashes that begin with 0e followed by exclusively numerical characters.

CVSS: 9.8CWE: N/A

High

CVE-2020-23356

dmin/kernel/api/login.class.phpin in nibbleblog v3.7.1c allows type juggling for login bypass because == is used instead of === for password hashes, which mishandles hashes that begin with 0e followe…

CVSS: 7.5CWE: N/A

High

CVE-2020-23355

** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Codiad 2.8.4 /componetns/user/class.user.php:Authenticate() is vulnerable in magic hash authentication bypass. If encrypted or hash value for the passwords f…

CVSS: 7.5CWE: N/A

High

CVE-2020-23352

Z-BlogPHP 1.6.0 Valyria is affected by incorrect access control. PHP loose comparison and a magic hash can be used to bypass authentication. zb_user/plugin/passwordvisit/include.php:passwordvisit_inp…

CVSS: 7.5CWE: N/A

2021-01-26

Medium

CVE-2021-1071

NVIDIA Tegra kernel in Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano and Nano 2GB, all L4T versions prior to r32.5, contains a vulnerability in the INA3221 driver in which improper acces…

CVSS: 5.6CWE: N/A

High

CVE-2021-1070

NVIDIA Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano and Nano 2GB, L4T versions prior to 32.5, contains a vulnerability in the apply_binaries.sh script used to install NVIDIA components…

CVSS: 7.1CWE: N/A

Medium

CVE-2021-3308

An issue was discovered in Xen 4.12.3 through 4.12.4 and 4.13.1 through 4.14.x. An x86 HVM guest with PCI pass through devices can force the allocation of all IDT vectors on the system by rebooting i…

CVSS: 5.5CWE: N/A

Critical

CVE-2021-3193

Improper access and command validation in the Nagios Docker Config Wizard before 1.1.2, as used in Nagios XI through 5.7, allows an unauthenticated attacker to execute remote code as the apache user.

CVSS: 9.8CWE: N/A

High

CVE-2021-26267

cPanel before 92.0.9 allows a MySQL user (who has an old-style password hash) to bypass suspension (SEC-579).

CVSS: 7.5CWE: N/A

High

CVE-2021-26266

cPanel before 92.0.9 allows a Reseller to bypass the suspension lock (SEC-578).

CVSS: 7.5CWE: N/A

High

CVE-2021-25906

An issue was discovered in the basic_dsp_matrix crate before 0.9.2 for Rust. When a TransformContent panic occurs, a double drop can be performed.

CVSS: 7.5CWE: N/A

High

CVE-2021-25902

An issue was discovered in the glsl-layout crate before 0.4.0 for Rust. When a panic occurs, map_array can perform a double drop.

CVSS: 7.5CWE: N/A

High

CVE-2020-36226

A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch->bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service.

CVSS: 7.5CWE: N/A

Medium

CVE-2020-36219

An issue was discovered in the atomic-option crate through 2020-10-31 for Rust. Because AtomicOption<T> implements Sync unconditionally, a data race can occur.

CVSS: 5.9CWE: N/A

Medium

CVE-2020-36218

An issue was discovered in the buttplug crate before 1.0.4 for Rust. ButtplugFutureStateShared does not properly consider (!Send|!Sync) objects, leading to a data race.

CVSS: 5.9CWE: N/A

Medium

CVE-2020-36214

An issue was discovered in the multiqueue2 crate before 0.1.7 for Rust. Because a non-Send type can be sent to a different thread, a data race can occur.

CVSS: 5.9CWE: N/A

High

CVE-2020-36213

An issue was discovered in the abi_stable crate before 0.9.1 for Rust. A retain call can create an invalid UTF-8 string, violating soundness.

CVSS: 7.5CWE: N/A

High

CVE-2020-36212

An issue was discovered in the abi_stable crate before 0.9.1 for Rust. DrainFilter lacks soundness because of a double drop.

CVSS: 7.5CWE: N/A

High

CVE-2020-36209

An issue was discovered in the late-static crate before 0.4.0 for Rust. Because Sync is implemented for LateStatic with T: Send, a data race can occur.

CVSS: 7.0CWE: N/A

Medium

CVE-2020-36204

An issue was discovered in the im crate through 2020-11-09 for Rust. Because TreeFocus does not have bounds on its Send trait or Sync trait, a data race can occur.

CVSS: 4.7CWE: N/A

High

CVE-2020-29000

An issue was discovered on Geeni GNC-CW013 doorbell 1.8.1 devices. A vulnerability exists in the RTSP service that allows a remote attacker to take full control of the device with a high-privileged a…

CVSS: 7.2CWE: N/A

Medium

CVE-2020-27098

In checkGrantUriPermission of UriGrantsManagerService.java, there is a possible way to access contacts due to a permissions bypass. This could lead to local information disclosure with no additional…

CVSS: 5.5CWE: N/A

Medium

CVE-2020-27097

In checkGrantUriPermission of UriGrantsManagerService.java, there is a possible permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. Use…

CVSS: 5.5CWE: N/A

High

CVE-2020-25737

An elevation of privilege vulnerability exists in Hackolade versions prior 4.2.0 on Windows has an issue in specific deployment scenarios that could allow local users to gain elevated privileges duri…

CVSS: 7.8CWE: N/A

High

CVE-2020-23160

Remote code execution in Pyrescom Termod4 time management devices before 10.04k allows authenticated remote attackers to arbitrary commands as root on the devices.

CVSS: 8.8CWE: N/A

Critical

CVE-2020-20269

A specially crafted Markdown document could cause the execution of malicious JavaScript code in Caret Editor before 4.0.0-rc22.

CVSS: 9.8CWE: N/A

Low

CVE-2020-4889

IBM Spectrum Scale 5.0.0 through 5.0.5.4 and 5.1.0 could allow a local user to poison log files which could impact support and development efforts. IBM X-Force ID: 190971.

CVSS: 3.3CWE: N/A

2021-01-20

Medium

CVE-2021-1067

NVIDIA SHIELD TV, all versions prior to 8.2.2, contains a vulnerability in the implementation of the RPMB command status, in which an attacker can write to the Write Protect Configuration Block, whic…

CVSS: 6.8CWE: N/A

Medium

CVE-2021-3130

Within the Open-AudIT up to version 3.5.3 application, the web interface hides SSH secrets, Windows passwords, and SNMP strings from users using HTML 'password field' obfuscation. By using Developer…

CVSS: 5.9CWE: N/A

Medium

CVE-2021-2131

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.18. Easily exploitable vulnerability allows high p…

CVSS: 6.0CWE: N/A

Medium

CVE-2021-2130

CVSS: 4.4CWE: N/A

High

CVE-2021-2129

CVSS: 7.9CWE: N/A

Medium

CVE-2021-2128

CVSS: 6.5CWE: N/A

Medium

CVE-2021-2127

CVSS: 4.4CWE: N/A

Medium

CVE-2021-2126

CVSS: 6.0CWE: N/A

Medium

CVE-2021-2125

CVSS: 4.6CWE: N/A

Medium

CVE-2021-2124

CVSS: 6.0CWE: N/A

Low

CVE-2021-2123

CVSS: 3.2CWE: N/A

Medium

CVE-2021-2122

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privileged…

CVSS: 4.9CWE: N/A

Medium

CVE-2021-2121

CVSS: 6.0CWE: N/A

Medium

CVE-2021-2120

CVSS: 6.0CWE: N/A

Medium

CVE-2021-2119

CVSS: 6.0CWE: N/A

High

CVE-2021-2118

Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily explo…

CVSS: 8.2CWE: N/A

Medium

CVE-2021-2117

Vulnerability in the Oracle Application Express Survey Builder component of Oracle Database Server. The supported version that is affected is Prior to 20.2. Easily exploitable vulnerability allows lo…

CVSS: 5.4CWE: N/A

Medium

CVE-2021-2116

Vulnerability in the Oracle Application Express Opportunity Tracker component of Oracle Database Server. The supported version that is affected is Prior to 20.2. Easily exploitable vulnerability allo…

CVSS: 5.4CWE: N/A

High

CVE-2021-2115

Vulnerability in the Oracle Common Applications Calendar product of Oracle E-Business Suite (component: Tasks). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily explo…

CVSS: 7.6CWE: N/A

High

CVE-2021-2114

Vulnerability in the Oracle Common Applications Calendar product of Oracle E-Business Suite (component: Applications Calendar). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.…

CVSS: 8.2CWE: N/A

Medium

CVE-2021-2113

Vulnerability in the Oracle Financial Services Revenue Management and Billing product of Oracle Financial Services Applications (component: On Demand Billing). Supported versions that are affected ar…

CVSS: 4.3CWE: N/A

Medium

CVE-2021-2112

CVSS: 6.0CWE: N/A

Medium

CVE-2021-2111

CVSS: 6.0CWE: N/A

Medium

CVE-2021-2110

Vulnerability in the Oracle Argus Safety product of Oracle Health Sciences Applications (component: Letters). The supported version that is affected is 8.2.2. Easily exploitable vulnerability allows…

CVSS: 5.0CWE: N/A

High

CVE-2021-2109

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.…

CVSS: 7.2CWE: N/A

Critical

CVE-2021-2108

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core Components). The supported version that is affected is 12.1.3.0.0. Easily exploitable vulnerability al…

CVSS: 9.8CWE: N/A

High

CVE-2021-2107

Vulnerability in the Oracle Customer Interaction History product of Oracle E-Business Suite (component: Outcome-Result). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Eas…

CVSS: 8.2CWE: N/A

High

CVE-2021-2106

CVSS: 8.2CWE: N/A

High

CVE-2021-2105

CVSS: 8.2CWE: N/A

High

CVE-2021-2104

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply Chain (component: Dialog Box). Supported versions that are affected are 11.5.10, 12.1 and 12.2. Easily e…

CVSS: 8.2CWE: N/A

High

CVE-2021-2103

CVSS: 8.2CWE: N/A

High

CVE-2021-2102

CVSS: 8.2CWE: N/A