Search
Total
49350 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-32466 | 2 Microsoft, Trendmicro | 2 Windows, Housecall For Home Networks | 2021-10-02 | 6.9 MEDIUM | 7.0 HIGH |
| An uncontrolled search path element privilege escalation vulnerability in Trend Micro HouseCall for Home Networks version 5.3.1225 and below could allow an attacker to escalate privileges by placing a custom crafted file in a specific directory to load a malicious library. Please note that an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability. | |||||
| CVE-2021-35028 | 1 Zyxel | 2 Zywall Vpn2s, Zywall Vpn2s Firmware | 2021-10-02 | 7.2 HIGH | 7.8 HIGH |
| A command injection vulnerability in the CGI program of the Zyxel VPN2S firmware version 1.12 could allow an authenticated, local user to execute arbitrary OS commands. | |||||
| CVE-2021-35027 | 1 Zyxel | 2 Zywall Vpn2s, Zywall Vpn2s Firmware | 2021-10-02 | 5.0 MEDIUM | 7.5 HIGH |
| A directory traversal vulnerability in the web server of the Zyxel VPN2S firmware version 1.12 could allow a remote attacker to gain access to sensitive information. | |||||
| CVE-2021-34636 | 1 Wpdevart | 1 Countdown And Countup\, Woocommerce Sales Timer | 2021-10-02 | 6.8 MEDIUM | 8.8 HIGH |
| The Countdown and CountUp, WooCommerce Sales Timers WordPress plugin is vulnerable to Cross-Site Request Forgery via the save_theme function found in the ~/includes/admin/coundown_theme_page.php file due to a missing nonce check which allows attackers to inject arbitrary web scripts, in versions up to and including 1.5.7. | |||||
| CVE-2021-31605 | 1 Openvpn-monitor Project | 1 Openvpn-monitor | 2021-10-02 | 7.8 HIGH | 7.5 HIGH |
| furlongm openvpn-monitor through 1.1.3 allows %0a command injection via the OpenVPN management interface socket. This can shut down the server via signal%20SIGTERM. | |||||
| CVE-2021-32273 | 1 Faad2 Project | 1 Faad2 | 2021-10-02 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in faad2 through 2.10.0. A stack-buffer-overflow exists in the function ftypin located in mp4read.c. It allows an attacker to cause Code Execution. | |||||
| CVE-2021-32281 | 1 Creolabs | 1 Gravity | 2021-10-02 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in gravity through 0.8.1. A heap-buffer-overflow exists in the function gnode_function_add_upvalue located in gravity_ast.c. It allows an attacker to cause code Execution. | |||||
| CVE-2021-32284 | 1 Creolabs | 1 Gravity | 2021-10-02 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in gravity through 0.8.1. A NULL pointer dereference exists in the function ircode_register_pop_context_protect() located in gravity_ircode.c. It allows an attacker to cause Denial of Service. | |||||
| CVE-2021-32287 | 1 Nokia | 1 Heif | 2021-10-02 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in heif through v3.6.2. A global-buffer-overflow exists in the function HevcDecoderConfigurationRecord::getPicWidth() located in hevcdecoderconfigrecord.cpp. It allows an attacker to cause code Execution. | |||||
| CVE-2021-32286 | 1 Hcxtools Project | 1 Hcxtoold | 2021-10-02 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in hcxtools through 6.1.6. A global-buffer-overflow exists in the function pcapngoptionwalk located in hcxpcapngtool.c. It allows an attacker to cause code Execution. | |||||
| CVE-2021-32288 | 1 Nokia | 1 Heif | 2021-10-02 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in heif through v3.6.2. A global-buffer-overflow exists in the function HevcDecoderConfigurationRecord::getPicHeight() located in hevcdecoderconfigrecord.cpp. It allows an attacker to cause code Execution. | |||||
| CVE-2021-39533 | 1 Juniper | 1 Libslax | 2021-10-02 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in libslax through v0.22.1. slaxLexer() in slaxlexer.c has a heap-based buffer overflow. | |||||
| CVE-2021-32272 | 1 Faad2 Project | 1 Faad2 | 2021-10-02 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in faad2 before 2.10.0. A heap-buffer-overflow exists in the function stszin located in mp4read.c. It allows an attacker to cause Code Execution. | |||||
| CVE-2021-32271 | 1 Gpac | 1 Gpac | 2021-10-02 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in gpac through 20200801. A stack-buffer-overflow exists in the function DumpRawUIConfig located in odf_dump.c. It allows an attacker to cause code Execution. | |||||
| CVE-2021-32294 | 1 Linuxsampler | 1 Libgig | 2021-10-02 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in libgig through 20200507. A heap-buffer-overflow exists in the function RIFF::List::GetSubList located in RIFF.cpp. It allows an attacker to cause code Execution. | |||||
| CVE-2021-32297 | 1 Lief-project | 1 Lief | 2021-10-02 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in LIEF through 0.11.4. A heap-buffer-overflow exists in the function main located in pe_reader.c. It allows an attacker to cause code Execution. | |||||
| CVE-2021-32299 | 1 Pbrt Project | 1 Pbrt | 2021-10-02 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in pbrt through 20200627. A stack-buffer-overflow exists in the function pbrt::ParamSet::ParamSet() located in paramset.h. It allows an attacker to cause code Execution. | |||||
| CVE-2021-32298 | 1 Libiff Project | 1 Libiff | 2021-10-02 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in libiff through 20190123. A global-buffer-overflow exists in the function IFF_errorId located in error.c. It allows an attacker to cause code Execution. | |||||
| CVE-2021-39531 | 1 Juniper | 1 Libslax | 2021-10-02 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in libslax through v0.22.1. slaxLexer() in slaxlexer.c has a stack-based buffer overflow. | |||||
| CVE-2021-39534 | 1 Juniper | 1 Libslax | 2021-10-02 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in libslax through v0.22.1. slaxIsCommentStart() in slaxlexer.c has a heap-based buffer overflow. | |||||
| CVE-2021-39536 | 1 Libxsmm Project | 1 Libxsmm | 2021-10-02 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in libxsmm through v1.16.1-93. The JIT code has a heap-based buffer overflow. | |||||
| CVE-2021-0612 | 2 Google, Mediatek | 54 Android, Mt6580, Mt6582 90 and 51 more | 2021-10-02 | 4.6 MEDIUM | 7.8 HIGH |
| In m4u, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05425834. | |||||
| CVE-2021-0611 | 2 Google, Mediatek | 54 Android, Mt6580, Mt6582 90 and 51 more | 2021-10-02 | 4.6 MEDIUM | 7.8 HIGH |
| In m4u, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05425810. | |||||
| CVE-2021-36218 | 1 Skale | 1 Sgxwallet | 2021-10-02 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in SKALE sgxwallet 1.58.3. sgx_disp_ippsAES_GCMEncrypt allows an out-of-bounds write, resulting in a segfault and compromised enclave. This issue describes a buffer overflow, which was resolved prior to v1.77.0 and not reproducible in latest sgxwallet v1.77.0 | |||||
| CVE-2021-40097 | 1 Concretecms | 1 Concrete Cms | 2021-10-01 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in Concrete CMS through 8.5.5. Authenticated path traversal leads to to remote code execution via uploaded PHP code, related to the bFilename parameter. | |||||
| CVE-2021-40103 | 1 Concretecms | 1 Concrete Cms | 2021-10-01 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Concrete CMS through 8.5.5. Path Traversal can lead to Arbitrary File Reading and SSRF. | |||||
| CVE-2021-40981 | 1 Asus | 1 Armoury Crate Lite Service | 2021-10-01 | 4.4 MEDIUM | 7.3 HIGH |
| ASUS ROG Armoury Crate Lite before 4.2.10 allows local users to gain privileges by placing a Trojan horse file in the publicly writable %PROGRAMDATA%\ASUS\GamingCenterLib directory. | |||||
| CVE-2021-0610 | 2 Google, Mediatek | 54 Android, Mt6580, Mt6582 90 and 51 more | 2021-10-01 | 4.6 MEDIUM | 7.8 HIGH |
| In memory management driver, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05411456. | |||||
| CVE-2021-32971 | 1 Aveva | 1 Suitelink | 2021-10-01 | 5.0 MEDIUM | 7.5 HIGH |
| Null pointer dereference in SuiteLink server while processing command 0x07 | |||||
| CVE-2021-32963 | 1 Aveva | 1 Suitelink | 2021-10-01 | 5.0 MEDIUM | 7.5 HIGH |
| Null pointer dereference in SuiteLink server while processing commands 0x03/0x10 | |||||
| CVE-2021-32979 | 1 Aveva | 1 Suitelink | 2021-10-01 | 5.0 MEDIUM | 7.5 HIGH |
| Null pointer dereference in SuiteLink server while processing commands 0x04/0x0a | |||||
| CVE-2021-32987 | 1 Aveva | 1 Suitelink | 2021-10-01 | 5.0 MEDIUM | 7.5 HIGH |
| Null pointer dereference in SuiteLink server while processing command 0x0b | |||||
| CVE-2021-32999 | 1 Aveva | 1 Suitelink | 2021-10-01 | 5.0 MEDIUM | 7.5 HIGH |
| Improper handling of exceptional conditions in SuiteLink server while processing command 0x01 | |||||
| CVE-2021-24663 | 1 Simple Schools Staff Directory Project | 1 Simple Schools Staff Directory | 2021-10-01 | 6.5 MEDIUM | 7.2 HIGH |
| The Simple Schools Staff Directory WordPress plugin through 1.1 does not validate uploaded logo pictures to ensure that are indeed images, allowing high privilege users such as admin to upload arbitrary file like PHP, leading to RCE | |||||
| CVE-2021-24636 | 1 Print My Blog Project | 1 Print My Blog | 2021-10-01 | 5.8 MEDIUM | 8.1 HIGH |
| The Print My Blog WordPress Plugin before 3.4.2 does not enforce nonce (CSRF) checks, which allows attackers to make logged in administrators deactivate the Print My Blog plugin and delete all saved data for that plugin by tricking them to open a malicious link | |||||
| CVE-2021-41088 | 1 Elv | 1 Elvish | 2021-10-01 | 9.3 HIGH | 8.8 HIGH |
| Elvish is a programming language and interactive shell, combined into one package. In versions prior to 0.14.0 Elvish's web UI backend (started by `elvish -web`) hosts an endpoint that allows executing the code sent from the web UI. The backend does not check the origin of requests correctly. As a result, if the user has the web UI backend open and visits a compromised or malicious website, the website can send arbitrary code to the endpoint in localhost. All Elvish releases from 0.14.0 onward no longer include the the web UI, although it is still possible for the user to build a version from source that includes the web UI. The issue can be patched for previous versions by removing the web UI (found in web, pkg/web or pkg/prog/web, depending on the exact version). | |||||
| CVE-2021-41083 | 1 Dadamailproject | 1 Dada Mail | 2021-10-01 | 6.8 MEDIUM | 8.8 HIGH |
| Dada Mail is a web-based e-mail list management system. In affected versions a bad actor could give someone a carefully crafted web page via email, SMS, etc, that - when visited, allows them control of the list control panel as if the bad actor was logged in themselves. This includes changing any mailing list password, as well as the Dada Mail Root Password - which could effectively shut out actual list owners of the mailing list and allow the bad actor complete and unfettered control of your mailing list. This vulnerability also affects profile logins. For this vulnerability to work, the target of the bad actor would need to be logged into the list control panel themselves. This CSRF vulnerability in Dada Mail affects all versions of Dada Mail v11.15.1 and below. Although we know of no known CSRF exploits that have happened in the wild, this vulnerability has been confirmed by our testing, and by a third party. Users are advised to update to version 11.16.0. | |||||
| CVE-2020-19551 | 1 Wuzhicms | 1 Wuzhicms | 2021-10-01 | 6.5 MEDIUM | 8.8 HIGH |
| Blacklist bypass issue exists in WUZHI CMS up to and including 4.1.0 in common.func.php, which when uploaded can cause remote code executiong. | |||||
| CVE-2021-24606 | 1 Offshorewebmaster | 1 Availability Calendar | 2021-10-01 | 6.5 MEDIUM | 8.8 HIGH |
| The Availability Calendar WordPress plugin before 1.2.1 does not escape the category attribute from its shortcode before using it in a SQL statement, leading to a SQL Injection issue, which can be exploited by any user able to add shortcode to posts/pages, such as contributor+ | |||||
| CVE-2021-36286 | 1 Dell | 1 Supportassist Client Consumer | 2021-10-01 | 3.6 LOW | 7.1 HIGH |
| Dell SupportAssist Client Consumer versions 3.9.13.0 and any versions prior to 3.9.13.0 contain an arbitrary file deletion vulnerability that can be exploited by using the Windows feature of NTFS called Symbolic links. Symbolic links can be created by any(non-privileged) user under some object directories, but by themselves are not sufficient to successfully escalate privileges. However, combining them with a different object, such as the NTFS junction point allows for the exploitation. Support assist clean files functionality do not distinguish junction points from the physical folder and proceeds to clean the target of the junction that allows nonprivileged users to create junction points and delete arbitrary files on the system which can be accessed only by the admin. | |||||
| CVE-2021-41540 | 1 Siemens | 1 Solid Edge | 2021-10-01 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in Solid Edge SE2021 (All versions < SE2021MP8). The affected application contains a use-after-free vulnerability while parsing OBJ files. An attacker could leverage this vulnerability to execute code in the context of the current process (ZDI-CAN-13776). | |||||
| CVE-2021-41539 | 1 Siemens | 1 Solid Edge | 2021-10-01 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in Solid Edge SE2021 (All versions < SE2021MP8). The affected application contains a use-after-free vulnerability while parsing OBJ files. An attacker could leverage this vulnerability to execute code in the context of the current process (ZDI-CAN-13773). | |||||
| CVE-2021-41537 | 1 Siemens | 1 Solid Edge | 2021-10-01 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in Solid Edge SE2021 (All versions < SE2021MP8). The affected application contains a use-after-free vulnerability while parsing OBJ files. An attacker could leverage this vulnerability to execute code in the context of the current process (ZDI-CAN-13789). | |||||
| CVE-2021-41536 | 1 Siemens | 1 Solid Edge | 2021-10-01 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in Solid Edge SE2021 (All versions < SE2021MP8). The affected application contains a use-after-free vulnerability while parsing OBJ files. An attacker could leverage this vulnerability to execute code in the context of the current process (ZDI-CAN-13778). | |||||
| CVE-2020-20514 | 1 Maccms | 1 Maccms | 2021-10-01 | 4.9 MEDIUM | 8.1 HIGH |
| A Cross-Site Request Forgery (CSRF) in Maccms v10 via admin.php/admin/admin/del/ids/<id>.html allows authenticated attackers to delete all users. | |||||
| CVE-2020-20693 | 1 Gilacms | 1 Gila Cms | 2021-10-01 | 6.8 MEDIUM | 8.8 HIGH |
| A Cross-Site Request Forgery (CSRF) in GilaCMS v1.11.4 allows authenticated attackers to arbitrarily add administrator accounts. | |||||
| CVE-2020-20692 | 1 Gilacms | 1 Gila Cms | 2021-10-01 | 6.5 MEDIUM | 7.2 HIGH |
| GilaCMS v1.11.4 was discovered to contain a SQL injection vulnerability via the $_GET parameter in /src/core/controllers/cm.php. | |||||
| CVE-2021-41588 | 1 Gradle | 1 Gradle | 2021-10-01 | 6.8 MEDIUM | 8.1 HIGH |
| In Gradle Enterprise before 2021.1.3, a crafted request can trigger deserialization of arbitrary unsafe Java objects. The attacker must have the encryption and signing keys. | |||||
| CVE-2021-40709 | 3 Adobe, Apple, Microsoft | 4 Photoshop 2020, Photoshop 2021, Macos and 1 more | 2021-10-01 | 9.3 HIGH | 7.8 HIGH |
| Adobe Photoshop versions 21.2.11 (and earlier) and 22.5 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted SVG file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-39826 | 2 Adobe, Apple | 2 Digital Editions, Macos | 2021-10-01 | 9.3 HIGH | 8.6 HIGH |
| Adobe Digital Editions 4.5.11.187646 (and earlier) are affected by an arbitrary command execution vulnerability. An authenticated attacker could leverage this vulnerability to execute arbitrary commands. User interaction is required to abuse this vulnerability in that a user must open a maliciously crafted .epub file. | |||||