Search
Total
17685 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-36329 | 5 Apple, Debian, Netapp and 2 more | 6 Ipad Os, Iphone Os, Debian Linux and 3 more | 2021-12-01 | 7.5 HIGH | 9.8 CRITICAL |
| A flaw was found in libwebp in versions before 1.0.1. A use-after-free was found due to a thread being killed too early. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | |||||
| CVE-2021-3727 | 1 Planetargon | 1 Oh My Zsh | 2021-12-01 | 7.5 HIGH | 9.8 CRITICAL |
| # Vulnerability in `rand-quote` and `hitokoto` plugins **Description**: the `rand-quote` and `hitokoto` fetch quotes from quotationspage.com and hitokoto.cn respectively, do some process on them and then use `print -P` to print them. If these quotes contained the proper symbols, they could trigger command injection. Given that they're an external API, it's not possible to know if the quotes are safe to use. **Fixed in**: [72928432](https://github.com/ohmyzsh/ohmyzsh/commit/72928432). **Impacted areas**: - `rand-quote` plugin (`quote` function). - `hitokoto` plugin (`hitokoto` function). | |||||
| CVE-2020-27158 | 1 Westerndigital | 6 My Cloud Ex4100, My Cloud Expert Series Ex2, My Cloud Firmware and 3 more | 2021-12-01 | 10.0 HIGH | 9.8 CRITICAL |
| Addressed remote code execution vulnerability in cgi_api.php that allowed escalation of privileges in Western Digital My Cloud NAS devices prior to 5.04.114. | |||||
| CVE-2020-25765 | 1 Westerndigital | 6 My Cloud Ex4100, My Cloud Expert Series Ex2, My Cloud Firmware and 3 more | 2021-12-01 | 10.0 HIGH | 9.8 CRITICAL |
| Addressed remote code execution vulnerability in reg_device.php due to insufficient validation of user input.in Western Digital My Cloud Devices prior to 5.4.1140. | |||||
| CVE-2021-41511 | 1 Lodging Reservation Management System Project | 1 Lodging Reservation Management System | 2021-11-30 | 7.5 HIGH | 9.8 CRITICAL |
| The username and password field of login in Lodging Reservation Management System V1 can give access to any user by using SQL injection to bypass authentication. | |||||
| CVE-2018-25010 | 5 Apple, Debian, Netapp and 2 more | 6 Ipad Os, Iphone Os, Debian Linux and 3 more | 2021-11-30 | 6.4 MEDIUM | 9.1 CRITICAL |
| A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ApplyFilter. The highest threat from this vulnerability is to data confidentiality and to the service availability. | |||||
| CVE-2018-16402 | 5 Canonical, Debian, Elfutils Project and 2 more | 7 Ubuntu Linux, Debian Linux, Elfutils and 4 more | 2021-11-30 | 7.5 HIGH | 9.8 CRITICAL |
| libelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact because it tries to decompress twice. | |||||
| CVE-2019-19810 | 1 Eleveo | 1 Call Recording | 2021-11-30 | 10.0 HIGH | 10.0 CRITICAL |
| Zoom Call Recording 6.3.1 from Eleveo is vulnerable to Java Deserialization attacks targeting the inbuilt RMI service. A remote unauthenticated attacker can exploit this vulnerability by sending crafted RMI requests to execute arbitrary code on the target host. | |||||
| CVE-2018-16763 | 1 Thedaylightstudio | 1 Fuel Cms | 2021-11-30 | 7.5 HIGH | 9.8 CRITICAL |
| FUEL CMS 1.4.1 allows PHP Code Evaluation via the pages/select/ filter parameter or the preview/ data parameter. This can lead to Pre-Auth Remote Code Execution. | |||||
| CVE-2018-25014 | 5 Apple, Debian, Netapp and 2 more | 6 Ipados, Iphone Os, Debian Linux and 3 more | 2021-11-30 | 7.5 HIGH | 9.8 CRITICAL |
| A flaw was found in libwebp in versions before 1.0.1. An unitialized variable is used in function ReadSymbol. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | |||||
| CVE-2018-25011 | 5 Apple, Debian, Netapp and 2 more | 6 Ipados, Iphone Os, Debian Linux and 3 more | 2021-11-30 | 7.5 HIGH | 9.8 CRITICAL |
| A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow was found in PutLE16(). The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | |||||
| CVE-2018-25009 | 4 Debian, Netapp, Redhat and 1 more | 4 Debian Linux, Ontap Select Deploy Administration Utility, Enterprise Linux and 1 more | 2021-11-30 | 6.4 MEDIUM | 9.1 CRITICAL |
| A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function WebPMuxCreateInternal. The highest threat from this vulnerability is to data confidentiality and to the service availability. | |||||
| CVE-2021-43693 | 1 Vestacp | 1 Vesta Control Panel | 2021-11-30 | 7.5 HIGH | 9.8 CRITICAL |
| vesta 0.9.8-24 is affected by a file inclusion vulnerability in file web/add/user/index.php. | |||||
| CVE-2021-3726 | 1 Planetargon | 1 Oh My Zsh | 2021-11-30 | 7.5 HIGH | 9.8 CRITICAL |
| # Vulnerability in `title` function **Description**: the `title` function defined in `lib/termsupport.zsh` uses `print` to set the terminal title to a user-supplied string. In Oh My Zsh, this function is always used securely, but custom user code could use the `title` function in a way that is unsafe. **Fixed in**: [a263cdac](https://github.com/ohmyzsh/ohmyzsh/commit/a263cdac). **Impacted areas**: - `title` function in `lib/termsupport.zsh`. - Custom user code using the `title` function. | |||||
| CVE-2021-40719 | 1 Adobe | 1 Connect | 2021-11-30 | 7.5 HIGH | 9.8 CRITICAL |
| Adobe Connect version 11.2.3 (and earlier) is affected by a Deserialization of Untrusted Data vulnerability to achieve arbitrary method invocation when AMF messages are deserialized on an Adobe Connect server. An attacker can leverage this to execute remote code execution on the server. | |||||
| CVE-2020-36330 | 5 Apple, Debian, Netapp and 2 more | 6 Ipados, Iphone Os, Debian Linux and 3 more | 2021-11-30 | 6.4 MEDIUM | 9.1 CRITICAL |
| A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkVerifyAndAssign. The highest threat from this vulnerability is to data confidentiality and to the service availability. | |||||
| CVE-2020-10188 | 5 Arista, Debian, Fedoraproject and 2 more | 5 Eos, Debian Linux, Fedora and 2 more | 2021-11-30 | 10.0 HIGH | 9.8 CRITICAL |
| utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions. | |||||
| CVE-2019-17455 | 5 Canonical, Debian, Fedoraproject and 2 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2021-11-30 | 7.5 HIGH | 9.8 CRITICAL |
| Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request. | |||||
| CVE-2021-42544 | 1 Businessdnasolutions | 1 Topease | 2021-11-30 | 7.5 HIGH | 9.8 CRITICAL |
| Missing Rate Limiting in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version <= 7.1.27 on the Login Form allows an unauthenticated remote attacker to perform multiple login attempts, which facilitates gaining privileges. | |||||
| CVE-2018-11058 | 1 Dell | 2 Bsafe, Bsafe Crypto-c | 2021-11-30 | 7.5 HIGH | 9.8 CRITICAL |
| RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition, version prior to 4.0.5.3 (in 4.0.x) contain a Buffer Over-Read vulnerability when parsing ASN.1 data. A remote attacker could use maliciously constructed ASN.1 data that would result in such issue. | |||||
| CVE-2021-41678 | 1 Os4ed | 1 Opensis | 2021-11-30 | 6.8 MEDIUM | 9.8 CRITICAL |
| A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as the application database. An attacker can then issue the SQL command through the /opensis/modules/users/Staff.php, staff{TITLE] parameter. | |||||
| CVE-2021-41679 | 1 Os4ed | 1 Opensis | 2021-11-30 | 6.8 MEDIUM | 9.8 CRITICAL |
| A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as the application database. An attacker can then issue the SQL command through the /opensis/modules/grades/InputFinalGrades.php, period parameter. | |||||
| CVE-2021-41677 | 1 Os4ed | 1 Opensis | 2021-11-30 | 6.8 MEDIUM | 9.8 CRITICAL |
| A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as the application database. An attacker can then issue the SQL command through the /opensis/functions/GetStuListFnc.php &Grade= parameter. | |||||
| CVE-2021-42115 | 1 Businessdnasolutions | 1 Topease | 2021-11-30 | 6.4 MEDIUM | 9.1 CRITICAL |
| Missing HTTPOnly flag in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version <= 7.1.27 allows an unauthenticated remote attacker to escalate privileges from unauthenticated to authenticated user via stealing and injecting the session- independent and static cookie UID. | |||||
| CVE-2021-44427 | 1 Rosariosis | 1 Rosariosis | 2021-11-30 | 7.5 HIGH | 9.8 CRITICAL |
| An unauthenticated SQL Injection vulnerability in Rosario Student Information System (aka rosariosis) before 8.1.1 allows remote attackers to execute PostgreSQL statements (e.g., SELECT, INSERT, UPDATE, and DELETE) through /Side.php via the syear parameter. | |||||
| CVE-2021-44223 | 1 Wordpress | 1 Wordpress | 2021-11-30 | 7.5 HIGH | 9.8 CRITICAL |
| WordPress before 5.8 lacks support for the Update URI plugin header. This makes it easier for remote attackers to execute arbitrary code via a supply-chain attack against WordPress installations that use any plugin for which the slug satisfies the naming constraints of the WordPress.org Plugin Directory but is not yet present in that directory. | |||||
| CVE-2021-44219 | 1 Gin-vue-admin Project | 1 Gin-vue-admin | 2021-11-30 | 7.5 HIGH | 9.8 CRITICAL |
| Gin-Vue-Admin before 2.4.6 mishandles a SQL database. | |||||
| CVE-2021-22049 | 1 Vmware | 1 Vcenter Server | 2021-11-30 | 7.5 HIGH | 9.8 CRITICAL |
| The vSphere Web Client (FLEX/Flash) contains an SSRF (Server Side Request Forgery) vulnerability in the vSAN Web Client (vSAN UI) plug-in. A malicious actor with network access to port 443 on vCenter Server may exploit this issue by accessing a URL request outside of vCenter Server or accessing an internal service. | |||||
| CVE-2021-26611 | 1 Hej | 2 Hejhome Gkw-ic052, Hejhome Gkw-ic052 Firmware | 2021-11-30 | 7.5 HIGH | 9.8 CRITICAL |
| HejHome GKW-IC052 IP Camera contained a hard-coded credentials vulnerability. This issue allows remote attackers to operate the IP Camera.(reboot, factory reset, snapshot etc..) | |||||
| CVE-2021-37022 | 1 Huawei | 1 Harmonyos | 2021-11-29 | 10.0 HIGH | 9.8 CRITICAL |
| There is a Heap-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause root permission which can be escalated. | |||||
| CVE-2021-20850 | 1 Alfasado | 1 Powercms | 2021-11-29 | 7.5 HIGH | 9.8 CRITICAL |
| PowerCMS XMLRPC API of PowerCMS 5.19 and earlier, PowerCMS 4.49 and earlier, PowerCMS 3.295 and earlier, and PowerCMS 2 Series (End-of-Life, EOL) allows a remote attacker to execute an arbitrary OS command via unspecified vectors. | |||||
| CVE-2021-42669 | 1 Engineers Online Portal Project | 1 Engineers Online Portal | 2021-11-29 | 10.0 HIGH | 9.8 CRITICAL |
| A file upload vulnerability exists in Sourcecodester Engineers Online Portal in PHP via dashboard_teacher.php, which allows changing the avatar through teacher_avatar.php. Once an avatar gets uploaded it is getting uploaded to the /admin/uploads/ directory, and is accessible by all users. By uploading a php webshell containing "<?php system($_GET["cmd"]); ?>" the attacker can execute commands on the web server with - /admin/uploads/php-webshell?cmd=id. | |||||
| CVE-2021-37016 | 1 Huawei | 1 Harmonyos | 2021-11-29 | 8.5 HIGH | 9.1 CRITICAL |
| There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause Information Disclosure or Denial of Service. | |||||
| CVE-2021-44140 | 1 Apache | 1 Jspwiki | 2021-11-29 | 6.4 MEDIUM | 9.1 CRITICAL |
| Remote attackers may delete arbitrary files in a system hosting a JSPWiki instance, versions up to 2.11.0.M8, by using a carefuly crafted http request on logout, given that those files are reachable to the user running the JSPWiki instance. Apache JSPWiki users should upgrade to 2.11.0 or later. | |||||
| CVE-2021-44093 | 1 Zrlog | 1 Zrlog | 2021-11-29 | 7.5 HIGH | 9.8 CRITICAL |
| A Remote Command Execution vulnerability on the background in zrlog 2.2.2, at the upload avatar function, could bypass the original limit, upload the JSP file to get a WebShell | |||||
| CVE-2021-42785 | 1 Tightvnc | 1 Tightvnc | 2021-11-29 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer Overflow vulnerability in tvnviewer.exe of TightVNC Viewer allows a remote attacker to execute arbitrary instructions via a crafted FramebufferUpdate packet from a VNC server. | |||||
| CVE-2021-42784 | 1 Dlink | 2 Dwr-932c, Dwr-932c E1 Firmware | 2021-11-29 | 10.0 HIGH | 9.8 CRITICAL |
| OS Command Injection vulnerability in debug_fcgi of D-Link DWR-932C E1 firmware allows a remote attacker to perform command injection via a crafted HTTP request. | |||||
| CVE-2021-42783 | 1 Dlink | 2 Dwr-932c, Dwr-932c E1 Firmware | 2021-11-29 | 10.0 HIGH | 9.8 CRITICAL |
| Missing Authentication for Critical Function vulnerability in debug_post_set.cgi of D-Link DWR-932C E1 firmware allows an unauthenticated attacker to execute administrative actions. | |||||
| CVE-2021-42667 | 1 Online Event Booking And Reservation System Project | 1 Online Event Booking And Reservation System | 2021-11-28 | 7.5 HIGH | 9.8 CRITICAL |
| A SQL Injection vulnerability exists in Sourcecodester Online Event Booking and Reservation System in PHP in event-management/views. An attacker can leverage this vulnerability in order to manipulate the sql query performed. As a result he can extract sensitive data from the web server and in some cases he can use this vulnerability in order to get a remote code execution on the remote web server. | |||||
| CVE-2021-3520 | 3 Lz4 Project, Netapp, Oracle | 4 Lz4, Active Iq Unified Manager, Ontap Select Deploy Administration Utility and 1 more | 2021-11-28 | 7.5 HIGH | 9.8 CRITICAL |
| There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability, with some potential impact to confidentiality and integrity as well. | |||||
| CVE-2021-38727 | 1 Thedaylightstudio | 1 Fuel Cms | 2021-11-28 | 7.5 HIGH | 9.8 CRITICAL |
| FUEL CMS 1.5.0 allows SQL Injection via parameter 'col' in /fuel/index.php/fuel/logs/items | |||||
| CVE-2021-38840 | 1 Simple Water Refilling Station Management System Project | 1 Simple Water Refilling Station Management System | 2021-11-28 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection can occur in Simple Water Refilling Station Management System 1.0 via the water_refilling/classes/Login.php username parameter. | |||||
| CVE-2021-28960 | 1 Manageengine | 1 Desktop Central | 2021-11-28 | 7.5 HIGH | 9.8 CRITICAL |
| Zoho ManageEngine Desktop Central before build 10.0.683 allows unauthenticated command injection due to improper handling of an input command in on-demand operations. | |||||
| CVE-2021-22945 | 4 Fedoraproject, Haxx, Netapp and 1 more | 20 Fedora, Libcurl, Clustered Data Ontap and 17 more | 2021-11-28 | 5.8 MEDIUM | 9.1 CRITICAL |
| When sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it *again*. | |||||
| CVE-2021-20837 | 1 Sixapart | 1 Movable Type | 2021-11-28 | 7.5 HIGH | 9.8 CRITICAL |
| Movable Type 7 r.5002 and earlier (Movable Type 7 Series), Movable Type 6.8.2 and earlier (Movable Type 6 Series), Movable Type Advanced 7 r.5002 and earlier (Movable Type Advanced 7 Series), Movable Type Advanced 6.8.2 and earlier (Movable Type Advanced 6 Series), Movable Type Premium 1.46 and earlier, and Movable Type Premium Advanced 1.46 and earlier allow remote attackers to execute arbitrary OS commands via unspecified vectors. Note that all versions of Movable Type 4.0 or later including unsupported (End-of-Life, EOL) versions are also affected by this vulnerability. | |||||
| CVE-2021-37334 | 1 Umbraco | 1 Forms | 2021-11-28 | 9.3 HIGH | 9.8 CRITICAL |
| Umbraco Forms version 4.0.0 up to and including 8.7.5 and below are vulnerable to a security flaw that could lead to a remote code execution attack and/or arbitrary file deletion. A vulnerability occurs because validation of the file extension is performed after the file has been stored in a temporary directory. By default, files are stored within the application directory structure at %BASEDIR%/APP_DATA/TEMP/FileUploads/. Whilst access to this directory is restricted by the root web.config file, it is possible to override this restriction by uploading another specially crafted web.config file to the temporary directory. It is possible to exploit this flaw to upload a malicious script file to execute arbitrary code and system commands on the server. | |||||
| CVE-2021-36314 | 1 Dell | 1 Emc Cloud Link | 2021-11-27 | 7.5 HIGH | 9.8 CRITICAL |
| Dell EMC CloudLink 7.1 and all prior versions contain an Arbitrary File Creation Vulnerability. A remote unauthenticated attacker, may potentially exploit this vulnerability, leading to the execution of arbitrary files on the end user system. | |||||
| CVE-2021-41674 | 1 E-negosyo System Project | 1 E-negosyo System | 2021-11-26 | 7.5 HIGH | 9.8 CRITICAL |
| An SQL Injection vulnerability exists in Sourcecodester E-Negosyo System 1.0 via the user_email parameter in /admin/login.php. | |||||
| CVE-2021-41676 | 1 Pharmacy Point Of Sale System Project | 1 Pharmacy Point Of Sale System | 2021-11-26 | 7.5 HIGH | 9.8 CRITICAL |
| An SQL Injection vulnerabilty exists in the oretnom23 Pharmacy Point of Sale System 1.0 in the login function in actions.php. | |||||
| CVE-2021-42325 | 1 Froxlor | 1 Froxlor | 2021-11-26 | 7.5 HIGH | 9.8 CRITICAL |
| Froxlor through 0.10.29.1 allows SQL injection in Database/Manager/DbManagerMySQL.php via a custom DB name. | |||||