Search
Total
17685 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-34684 | 1 Hitachi | 1 Vantara Pentaho | 2021-11-09 | 7.5 HIGH | 9.8 CRITICAL |
| Hitachi Vantara Pentaho Business Analytics through 9.1 allows an unauthenticated user to execute arbitrary SQL queries on any Pentaho data source and thus retrieve data from the related databases, as demonstrated by an api/repos/dashboards/editor URI. | |||||
| CVE-2021-42077 | 1 Kaysongroup | 1 Php Event Calendar | 2021-11-09 | 10.0 HIGH | 9.8 CRITICAL |
| PHP Event Calendar before 2021-09-03 allows SQL injection, as demonstrated by the /server/ajax/user_manager.php username parameter. This can be used to execute SQL statements directly on the database, allowing an adversary in some cases to completely compromise the database system. It can also be used to bypass the login form. | |||||
| CVE-2021-25508 | 1 Samsung | 1 Smartthings | 2021-11-09 | 7.5 HIGH | 9.8 CRITICAL |
| Improper privilege management vulnerability in API Key used in SmartThings prior to 1.7.73.22 allows an attacker to abuse the API key without limitation. | |||||
| CVE-2021-28023 | 1 Servicetonic | 1 Servicetonic | 2021-11-09 | 7.5 HIGH | 9.8 CRITICAL |
| Arbitrary file upload in Service import feature in ServiceTonic Helpdesk software version < 9.0.35937 allows a malicious user to execute JSP code by uploading a zip that extracts files in relative paths. | |||||
| CVE-2020-22223 | 1 Phpjabbers | 1 Fundraising Script | 2021-11-09 | 7.5 HIGH | 9.8 CRITICAL |
| Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionLoad function. | |||||
| CVE-2020-22225 | 1 Phpjabbers | 1 Fundraising Script | 2021-11-09 | 7.5 HIGH | 9.8 CRITICAL |
| Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionLoadForm function. | |||||
| CVE-2020-22226 | 1 Phpjabbers | 1 Fundraising Script | 2021-11-09 | 7.5 HIGH | 9.8 CRITICAL |
| Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionSetAmount function. | |||||
| CVE-2021-21697 | 1 Jenkins | 1 Jenkins | 2021-11-08 | 6.4 MEDIUM | 9.1 CRITICAL |
| Jenkins 2.318 and earlier, LTS 2.303.2 and earlier allows any agent to read and write the contents of any build directory stored in Jenkins with very few restrictions. | |||||
| CVE-2021-43400 | 1 Bluez | 1 Bluez | 2021-11-08 | 6.4 MEDIUM | 9.1 CRITICAL |
| An issue was discovered in gatt-database.c in BlueZ 5.61. A use-after-free can occur when a client disconnects during D-Bus processing of a WriteValue call. | |||||
| CVE-2020-25368 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2021-11-08 | 7.5 HIGH | 9.8 CRITICAL |
| A command injection vulnerability was discovered in the HNAP1 protocol in D-Link DIR-823G devices with firmware V1.0.2B05. An attacker is able to execute arbitrary web scripts via shell metacharacters in the PrivateLogin field to Login. | |||||
| CVE-2021-36623 | 1 Phone Shop Sales Management System Project | 1 Phone Shop Sales Management System | 2021-11-06 | 7.5 HIGH | 9.8 CRITICAL |
| Arbitrary File Upload in Sourcecodester Phone Shop Sales Management System 1.0 enables RCE. | |||||
| CVE-2021-36624 | 1 Phone Shop Sales Management System Project | 1 Phone Shop Sales Management System | 2021-11-06 | 7.5 HIGH | 9.8 CRITICAL |
| Sourcecodester Phone Shop Sales Managements System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass. | |||||
| CVE-2021-40113 | 1 Cisco | 10 Catalyst Pon Switch Cgp-ont-1p, Catalyst Pon Switch Cgp-ont-1p Firmware, Catalyst Pon Switch Cgp-ont-4p and 7 more | 2021-11-06 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple vulnerabilities in the web-based management interface of the Cisco Catalyst Passive Optical Network (PON) Series Switches Optical Network Terminal (ONT) could allow an unauthenticated, remote attacker to perform the following actions: Log in with a default credential if the Telnet protocol is enabled Perform command injection Modify the configuration For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2020-25366 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2021-11-06 | 8.5 HIGH | 9.1 CRITICAL |
| An issue in the component /cgi-bin/upload_firmware.cgi of D-Link DIR-823G REVA1 1.02B05 allows attackers to cause a denial of service (DoS) via unspecified vectors. | |||||
| CVE-2021-41649 | 1 Online-shopping-system-advanced Project | 1 Online-shopping-system-advanced | 2021-11-05 | 7.5 HIGH | 9.8 CRITICAL |
| An un-authenticated SQL Injection exists in PuneethReddyHC online-shopping-system-advanced through the /homeaction.php cat_id parameter. Using a post request does not sanitize the user input. | |||||
| CVE-2021-23509 | 1 Json-ptr Project | 1 Json-ptr | 2021-11-05 | 7.5 HIGH | 9.8 CRITICAL |
| This affects the package json-ptr before 3.0.0. A type confusion vulnerability can lead to a bypass of CVE-2020-7766 when the user-provided keys used in the pointer parameter are arrays. | |||||
| CVE-2021-23624 | 1 Dotty Project | 1 Dotty | 2021-11-05 | 7.5 HIGH | 9.8 CRITICAL |
| This affects the package dotty before 0.1.2. A type confusion vulnerability can lead to a bypass of CVE-2021-25912 when the user-provided keys used in the path parameter are arrays. | |||||
| CVE-2021-38833 | 1 Apartment Visitors Management System Project | 1 Apartment Visitors Management System | 2021-11-05 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in PHPGurukul Apartment Visitors Management System (AVMS) v. 1.0 allows attackers to execute arbitrary SQL statements and to gain RCE. | |||||
| CVE-2021-23807 | 1 Jsonpointer Project | 1 Jsonpointer | 2021-11-05 | 7.5 HIGH | 9.8 CRITICAL |
| This affects the package jsonpointer before 5.0.0. A type confusion vulnerability can lead to a bypass of a previous Prototype Pollution fix when the pointer components are arrays. | |||||
| CVE-2021-23820 | 1 Jsonpointer Project | 1 Jsonpointer | 2021-11-05 | 7.5 HIGH | 9.8 CRITICAL |
| This affects all versions of package json-pointer. A type confusion vulnerability can lead to a bypass of CVE-2020-7709 when the pointer components are arrays. | |||||
| CVE-2021-35458 | 1 Online Pet Shop We App Project | 1 Online Pet Shop We App | 2021-11-05 | 7.5 HIGH | 9.8 CRITICAL |
| Online Pet Shop We App 1.0 is vulnerable to Union SQL Injection in products.php (aka p=products) via the c or s parameter. | |||||
| CVE-2021-43082 | 1 Apache | 1 Traffic Server | 2021-11-05 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in the stats-over-http plugin of Apache Traffic Server allows an attacker to overwrite memory. This issue affects Apache Traffic Server 9.1.0. | |||||
| CVE-2020-23679 | 1 Linux Network Project | 1 Linux Network Project | 2021-11-05 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer overflow vulnerability in Renleilei1992 Linux_Network_Project 1.0, allows attackers to execute arbitrary code, via the password field. | |||||
| CVE-2020-25367 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2021-11-05 | 7.5 HIGH | 9.8 CRITICAL |
| A command injection vulnerability was discovered in the HNAP1 protocol in D-Link DIR-823G devices with firmware V1.0.2B05. An attacker is able to execute arbitrary web scripts via shell metacharacters in the Captcha field to Login. | |||||
| CVE-2020-18262 | 1 Ed01-cms Project | 1 Ed01-cms | 2021-11-05 | 7.5 HIGH | 9.8 CRITICAL |
| ED01-CMS v1.0 was discovered to contain a SQL injection in the component cposts.php via the cid parameter. | |||||
| CVE-2020-18261 | 1 Ed01-cms Project | 1 Ed01-cms | 2021-11-05 | 7.5 HIGH | 9.8 CRITICAL |
| An arbitrary file upload vulnerability in the image upload function of ED01-CMS v1.0 allows attackers to execute arbitrary commands. | |||||
| CVE-2020-24743 | 1 Zohocorp | 1 Manageengine Applications Manager | 2021-11-05 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was found in /showReports.do Zoho ManageEngine Applications Manager up to 14550, allows attackers to gain escalated privileges via the resourceid parameter. | |||||
| CVE-2021-40849 | 1 Mahara | 1 Mahara | 2021-11-05 | 7.5 HIGH | 9.8 CRITICAL |
| In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, the account associated with a web services token is vulnerable to being exploited and logged into, resulting in information disclosure (at a minimum) and often escalation of privileges. | |||||
| CVE-2021-39238 | 1 Hp | 3 Futuresmart 3, Futuresmart 4, Futuresmart 5 | 2021-11-04 | 7.5 HIGH | 9.8 CRITICAL |
| Certain HP Enterprise LaserJet, HP LaserJet Managed, HP Enterprise PageWide, HP PageWide Managed products may be vulnerable to potential buffer overflow. | |||||
| CVE-2021-41232 | 1 Thunderdome | 1 Planning Poker | 2021-11-04 | 7.5 HIGH | 9.8 CRITICAL |
| Thunderdome is an open source agile planning poker tool in the theme of Battling for points. In affected versions there is an LDAP injection vulnerability which affects instances with LDAP authentication enabled. The provided username is not properly escaped. This issue has been patched in version 1.16.3. If users are unable to update they should disable the LDAP feature if in use. | |||||
| CVE-2020-20982 | 1 Wdja | 1 Wdja Cms | 2021-11-04 | 6.8 MEDIUM | 9.6 CRITICAL |
| Cross Site Scripting (XSS) vulnerability in shadoweb wdja v1.5.1, allows attackers to execute arbitrary code and gain escalated privileges, via the backurl parameter to /php/passport/index.php. | |||||
| CVE-2020-24000 | 1 Eyoucms | 1 Eyoucms | 2021-11-04 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection vulnerability in eyoucms cms v1.4.7, allows attackers to execute arbitrary code and disclose sensitive information, via the tid parameter to index.php. | |||||
| CVE-2021-41036 | 1 Eclipse | 1 Paho Mqtt C\/c\+\+ Client | 2021-11-04 | 7.5 HIGH | 9.8 CRITICAL |
| In versions prior to 1.1 of the Eclipse Paho MQTT C Client, the client does not check rem_len size in readpacket. | |||||
| CVE-2020-14509 | 1 Wibu | 1 Codemeter | 2021-11-04 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple memory corruption vulnerabilities exist in CodeMeter (All versions prior to 7.10) where the packet parser mechanism does not verify length fields. An attacker could send specially crafted packets to exploit these vulnerabilities. | |||||
| CVE-2020-14494 | 1 Openclinic Ga Project | 1 Openclinic Ga | 2021-11-04 | 5.0 MEDIUM | 9.8 CRITICAL |
| OpenClinic GA versions 5.09.02 and 5.89.05b contain an authentication mechanism within the system that does not provide sufficient complexity to protect against brute force attacks, which may allow unauthorized users to access the system after no more than a fixed maximum number of attempts. | |||||
| CVE-2020-14510 | 1 Secomea | 2 Gatemanager 8250, Gatemanager 8250 Firmware | 2021-11-04 | 10.0 HIGH | 9.8 CRITICAL |
| GateManager versions prior to 9.2c, The affected product contains a hard-coded credential for telnet, allowing an unprivileged attacker to execute commands as root. | |||||
| CVE-2020-14517 | 1 Wibu | 1 Codemeter | 2021-11-04 | 7.5 HIGH | 9.8 CRITICAL |
| Protocol encryption can be easily broken for CodeMeter (All versions prior to 6.90 are affected, including Version 6.90 or newer only if CodeMeter Runtime is running as server) and the server accepts external connections, which may allow an attacker to remotely communicate with the CodeMeter API. | |||||
| CVE-2020-12001 | 1 Rockwellautomation | 2 Factorytalk Linx, Rslinx Classic | 2021-11-04 | 7.5 HIGH | 9.8 CRITICAL |
| FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx CommDTM: Version 1 and later, Studio 5000 Launcher: Version 31 and later Stud, 5000 Logix Designer software: Version 32 and prior is vulnerable. The parsing mechanism that processes certain file types does not provide input sanitation. This may allow an attacker to use specially crafted files to traverse the file system and modify or expose sensitive data or execute arbitrary code. | |||||
| CVE-2020-12013 | 2 Iconics, Mitsubishielectric | 11 Bizviz, Energy Analytix, Facility Analytix and 8 more | 2021-11-04 | 6.4 MEDIUM | 9.1 CRITICAL |
| A specially crafted WCF client that interfaces to the may allow the execution of certain arbitrary SQL commands remotely. This affects: Mitsubishi Electric MC Works64 Version 4.02C (10.95.208.31) and earlier, all versions; Mitsubishi Electric MC Works32 Version 3.00A (9.50.255.02); ICONICS GenBroker64, Platform Services, Workbench, FrameWorX Server v10.96 and prior; ICONICS GenBroker32 v9.5 and prior. | |||||
| CVE-2020-12032 | 1 Baxter | 4 Em1200, Em1200 Firmware, Em2400 and 1 more | 2021-11-04 | 6.4 MEDIUM | 9.1 CRITICAL |
| Baxter ExactaMix EM 2400 Versions 1.10, 1.11 and ExactaMix EM1200 Versions 1.1, 1.2 systems store device data with sensitive information in an unencrypted database. This could allow an attacker with network access to view or modify sensitive data including PHI. | |||||
| CVE-2020-12493 | 1 Swarco | 1 Cpu Ls4000 Firmware | 2021-11-04 | 10.0 HIGH | 10.0 CRITICAL |
| An open port used for debugging in SWARCOs CPU LS4000 Series with versions starting with G4... grants root access to the device without access control via network. A malicious user could use this vulnerability to get access to the device and disturb operations with connected devices. | |||||
| CVE-2021-36186 | 1 Fortinet | 1 Fortiweb | 2021-11-04 | 7.5 HIGH | 9.8 CRITICAL |
| A stack-based buffer overflow in Fortinet FortiWeb version 6.4.0, version 6.3.15 and below, 6.2.5 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests | |||||
| CVE-2021-36794 | 1 Siren | 1 Investigate | 2021-11-04 | 6.8 MEDIUM | 9.8 CRITICAL |
| In Siren Investigate before 11.1.4, when enabling the cluster feature of the Siren Alert application, TLS verifications are disabled globally in the Siren Investigate main process. | |||||
| CVE-2021-42139 | 1 Deno | 1 Deno Standard Modules | 2021-11-04 | 6.8 MEDIUM | 9.8 CRITICAL |
| Deno Standard Modules before 0.107.0 allows Code Injection via an untrusted YAML file in certain configurations. | |||||
| CVE-2021-23449 | 1 Vm2 Project | 1 Vm2 | 2021-11-04 | 7.5 HIGH | 10.0 CRITICAL |
| This affects the package vm2 before 3.9.4 via a Prototype Pollution attack vector, which can lead to execution of arbitrary code on the host machine. | |||||
| CVE-2020-11079 | 1 Node-dns-sync Project | 1 Node-dns-sync | 2021-11-03 | 7.5 HIGH | 9.8 CRITICAL |
| node-dns-sync (npm module dns-sync) through 0.2.0 allows execution of arbitrary commands . This issue may lead to remote code execution if a client of the library calls the vulnerable method with untrusted input. This has been fixed in 0.2.1. | |||||
| CVE-2019-1804 | 1 Cisco | 26 Nexus 93108tc-ex, Nexus 93108tc-ex Firmware, Nexus 93120tx and 23 more | 2021-11-03 | 10.0 HIGH | 9.8 CRITICAL |
| A vulnerability in the SSH key management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote attacker to connect to the affected system with the privileges of the root user. The vulnerability is due to the presence of a default SSH key pair that is present in all devices. An attacker could exploit this vulnerability by opening an SSH connection via IPv6 to a targeted device using the extracted key materials. An exploit could allow the attacker to access the system with the privileges of the root user. This vulnerability is only exploitable over IPv6; IPv4 is not vulnerable. | |||||
| CVE-2020-23718 | 1 Zibbs Project | 1 Zibbs | 2021-11-03 | 6.8 MEDIUM | 9.6 CRITICAL |
| Cross site scripting (XSS) vulnerability in xujinliang zibbs 1.0, allows attackers to execute arbitrary code via the route parameter to index.php. | |||||
| CVE-2019-9141 | 1 Imgtech | 1 Zoneplayer | 2021-11-03 | 7.5 HIGH | 9.8 CRITICAL |
| ZInsVX.dll ActiveX Control 2018.02 and earlier in Zoneplayer contains a vulnerability that could allow remote attackers to execute arbitrary files by setting the arguments to the ActiveX method. This can be leveraged for remote code execution. | |||||
| CVE-2019-6742 | 1 Samsung | 2 Galaxy S9, Galaxy S9 Firmware | 2021-11-03 | 7.5 HIGH | 9.8 CRITICAL |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S9 prior to 1.4.20.2. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the GameServiceReceiver update mechanism. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7477. | |||||