Search
Total
2136 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-17264 | 1 Liblnk Project | 1 Liblnk | 2021-07-21 | 2.1 LOW | 3.3 LOW |
| ** DISPUTED ** In libyal liblnk before 20191006, liblnk_location_information_read_data in liblnk_location_information.c has a heap-based buffer over-read because an incorrect variable name is used for a certain offset. NOTE: the vendor has disputed this as described in the GitHub issue. | |||||
| CVE-2019-17055 | 1 Linux | 1 Linux Kernel | 2021-07-21 | 2.1 LOW | 3.3 LOW |
| base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21. | |||||
| CVE-2019-9440 | 1 Google | 1 Android | 2021-07-21 | 2.1 LOW | 3.3 LOW |
| In AOSP Email, there is a possible information disclosure due to a confused deputy. This could lead to local disclosure of the Email app's protected files with User execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-37637796 | |||||
| CVE-2019-9438 | 1 Google | 1 Android | 2021-07-21 | 2.1 LOW | 3.3 LOW |
| In the Package Manager service, there is a possible information disclosure due to a confused deputy. This could lead to local disclosure of information about installed packages for other users with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-77821568 | |||||
| CVE-2019-9455 | 1 Google | 1 Android | 2021-07-21 | 2.1 LOW | 2.3 LOW |
| In the Android kernel in the video driver there is a kernel pointer leak due to a WARN_ON statement. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2019-14359 | 1 Real-sec | 2 Bc Vault, Bc Vault Firmware | 2021-07-21 | 2.1 LOW | 2.4 LOW |
| ** DISPUTED ** On BC Vault devices, a side channel for the row-based SSD1309 OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardware implant in the USB cable might be able to leverage this behavior to recover a data value. In other words, the side channel is relevant only if the attacker has enough control over the device's USB connection to make power-consumption measurements at a time when secret data is displayed. The side channel is not relevant in other circumstances, such as a stolen device that is not currently displaying secret data. NOTE: the vendor's position is that there is no security impact: the only potentially leaked information is the number of characters in the PIN. | |||||
| CVE-2019-14357 | 1 Mooltipass | 2 Mooltipass Mini, Mooltipass Mini Firmware | 2021-07-21 | 1.9 LOW | 2.4 LOW |
| ** DISPUTED ** On Mooltipass Mini devices, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardware implant in the USB cable might be able to leverage this behavior to recover confidential secrets such as the PIN. In other words, the side channel is relevant only if the attacker has enough control over the device's USB connection to make power-consumption measurements at a time when secret data is displayed. The side channel is not relevant in other circumstances, such as a stolen device that is not currently displaying secret data. NOTE: the vendor's position is that an attack is not "realistically implementable." | |||||
| CVE-2019-14355 | 1 Shapeshift | 2 Keepkey, Keepkey Firmware | 2021-07-21 | 1.9 LOW | 2.4 LOW |
| ** DISPUTED ** On ShapeShift KeepKey devices, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardware implant in the USB cable might be able to leverage this behavior to recover secret data shown on the display. In other words, the side channel is relevant only if the attacker has enough control over the device's USB connection to make power-consumption measurements at a time when secret data is displayed. The side channel is not relevant in other circumstances, such as a stolen device that is not currently displaying secret data. NOTE: the vendor's position is that there is "insignificant risk." | |||||
| CVE-2019-14354 | 1 Ledger | 4 Nano S, Nano S Firmware, Nano X and 1 more | 2021-07-21 | 1.9 LOW | 2.4 LOW |
| On Ledger Nano S and Nano X devices, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardware implant in the USB cable might be able to leverage this behavior to recover confidential secrets such as the PIN and BIP39 mnemonic. In other words, the side channel is relevant only if the attacker has enough control over the device's USB connection to make power-consumption measurements at a time when secret data is displayed. The side channel is not relevant in other circumstances, such as a stolen device that is not currently displaying secret data. | |||||
| CVE-2019-14671 | 1 Firefly-iii | 1 Firefly Iii | 2021-07-21 | 2.1 LOW | 3.3 LOW |
| Firefly III 4.7.17.3 is vulnerable to local file enumeration. An attacker can enumerate local files due to the lack of protocol scheme sanitization, such as for file:/// URLs. This is related to fints_url to import/job/configuration, and import/create/fints. | |||||
| CVE-2019-14407 | 1 Cpanel | 1 Cpanel | 2021-07-21 | 4.0 MEDIUM | 2.7 LOW |
| cPanel before 78.0.2 reveals internal data to OpenID providers (SEC-415). | |||||
| CVE-2019-14395 | 1 Cpanel | 1 Cpanel | 2021-07-21 | 2.1 LOW | 3.3 LOW |
| cPanel before 80.0.5 uses world-readable permissions for the Queueprocd log (SEC-494). | |||||
| CVE-2019-9171 | 1 Gitlab | 1 Gitlab | 2021-07-21 | 4.3 MEDIUM | 3.7 LOW |
| An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows Information Exposure (issue 1 of 5). | |||||
| CVE-2019-9942 | 1 Symfony | 1 Twig | 2021-07-21 | 4.3 MEDIUM | 3.7 LOW |
| A sandbox information disclosure exists in Twig before 1.38.0 and 2.x before 2.7.0 because, under some circumstances, it is possible to call the __toString() method on an object even if not allowed by the security policy in place. | |||||
| CVE-2019-8934 | 2 Opensuse, Qemu | 2 Leap, Qemu | 2021-07-21 | 2.1 LOW | 3.3 LOW |
| hw/ppc/spapr.c in QEMU through 3.1.0 allows Information Exposure because the hypervisor shares the /proc/device-tree/system-id and /proc/device-tree/model system attributes with a guest. | |||||
| CVE-2021-22890 | 5 Broadcom, Debian, Fedoraproject and 2 more | 7 Fabric Operating System, Debian Linux, Fedora and 4 more | 2021-07-20 | 4.3 MEDIUM | 3.7 LOW |
| curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3 session tickets. When using a HTTPS proxy and TLS 1.3, libcurl can confuse session tickets arriving from the HTTPS proxy but work as if they arrived from the remote server and then wrongly "short-cut" the host handshake. When confusing the tickets, a HTTPS proxy can trick libcurl to use the wrong session ticket resume for the host and thereby circumvent the server TLS certificate check and make a MITM attack to be possible to perform unnoticed. Note that such a malicious HTTPS proxy needs to provide a certificate that curl will accept for the MITMed server for an attack to work - unless curl has been told to ignore the server certificate check. | |||||
| CVE-2021-29480 | 1 Ratpack Project | 1 Ratpack | 2021-07-07 | 3.5 LOW | 3.1 LOW |
| Ratpack is a toolkit for creating web applications. In versions prior to 1.9.0, the client side session module uses the application startup time as the signing key by default. This means that if an attacker can determine this time, and if encryption is not also used (which is recommended, but is not on by default), the session data could be tampered with by someone with the ability to write cookies. The default configuration is unsuitable for production use as an application restart renders all sessions invalid and is not multi-host compatible, but its use is not actively prevented. As of Ratpack 1.9.0, the default value is a securely randomly generated value, generated at application startup time. As a workaround, supply an alternative signing key, as per the documentation's recommendation. | |||||
| CVE-2021-28587 | 2 Adobe, Microsoft | 2 After Effects, Windows | 2021-07-02 | 4.3 MEDIUM | 3.3 LOW |
| After Effects versions 18.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-33604 | 1 Vaadin | 2 Flow-server, Vaadin | 2021-07-01 | 1.2 LOW | 2.5 LOW |
| URL encoding error in development mode handler in com.vaadin:flow-server versions 2.0.0 through 2.6.1 (Vaadin 14.0.0 through 14.6.1), 3.0.0 through 6.0.9 (Vaadin 15.0.0 through 19.0.8) allows local user to execute arbitrary JavaScript code by opening crafted URL in browser. | |||||
| CVE-2021-29948 | 1 Mozilla | 1 Thunderbird | 2021-06-30 | 1.9 LOW | 2.5 LOW |
| Signatures are written to disk before and read during verification, which might be subject to a race condition when a malicious local process or user is replacing the file. This vulnerability affects Thunderbird < 78.10. | |||||
| CVE-2021-32823 | 2 Bindata Project, Gitlab | 2 Bindata, Gitlab | 2021-06-30 | 4.3 MEDIUM | 3.7 LOW |
| In the bindata RubyGem before version 2.4.10 there is a potential denial-of-service vulnerability. In affected versions it is very slow for certain classes in BinData to be created. For example BinData::Bit100000, BinData::Bit100001, BinData::Bit100002, BinData::Bit<N>. In combination with <user_input>.constantize there is a potential for a CPU-based DoS. In version 2.4.10 bindata improved the creation time of Bits and Integers. | |||||
| CVE-2021-34397 | 1 Nvidia | 9 Jetson Agx Xavier 16gb, Jetson Agx Xavier 32gb, Jetson Agx Xavier 8gb and 6 more | 2021-06-29 | 2.1 LOW | 2.3 LOW |
| Bootloader contains a vulnerability in NVIDIA MB2, which may cause free-the-wrong-heap, which may lead to limited denial of service. | |||||
| CVE-2021-22365 | 1 Huawei | 2 Ese620x Vess, Ese620x Vess Firmware | 2021-06-29 | 2.1 LOW | 3.3 LOW |
| There is an out of bounds read vulnerability in eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300. A local attacker can exploit this vulnerability by sending specific message to the target device. Due to insufficient validation of internal message, successful exploit may cause the process and the service abnormal. | |||||
| CVE-2021-3039 | 1 Paloaltonetworks | 1 Prisma Cloud | 2021-06-25 | 5.5 MEDIUM | 3.8 LOW |
| An information exposure through log file vulnerability exists in the Palo Alto Networks Prisma Cloud Compute Console where a secret used to authorize the role of the authenticated user is logged to a debug log file. Authenticated Operator role and Auditor role users with access to the debug log files can use this secret to gain Administrator role access for their active session in Prisma Cloud Compute. Prisma Cloud Compute SaaS versions were automatically upgraded to the fixed release. This issue impacts all Prisma Cloud Compute versions earlier than Prisma Cloud Compute 21.04.412. | |||||
| CVE-2021-32695 | 1 Nextcloud | 1 Nextcloud | 2021-06-23 | 4.3 MEDIUM | 3.3 LOW |
| Nextcloud Android app is the Android client for Nextcloud. In versions prior to 3.16.1, a malicious app on the same device could have gotten access to the shared preferences of the Nextcloud Android application. This required user-interaction as a victim had to initiate the sharing flow and choose the malicious app. The shared preferences contain some limited private data such as push tokens and the account name. The vulnerability is patched in version 3.16.1. | |||||
| CVE-2021-32556 | 1 Canonical | 1 Apport | 2021-06-23 | 2.1 LOW | 3.3 LOW |
| It was discovered that the get_modified_conffiles() function in backends/packaging-apt-dpkg.py allowed injecting modified package names in a manner that would confuse the dpkg(1) call. | |||||
| CVE-2021-34682 | 1 Gov | 1 Imposto De Renda Da Pessoa Fisica 2021 | 2021-06-23 | 4.3 MEDIUM | 3.7 LOW |
| Receita Federal IRPF 2021 1.7 allows a man-in-the-middle attack against the update feature. | |||||
| CVE-2021-33031 | 1 Labcup | 1 Labcup | 2021-06-22 | 3.5 LOW | 3.1 LOW |
| In LabCup before <v2_next_18022, it is possible to use the save API to perform unauthorized actions for users without access to user management in order to, after successful exploitation, gain access to a victim's account. A user without the user-management privilege can change another user's email address if the attacker knows details of the victim such as the exact roles and group roles, ID, and remote authentication ID settings. These must be sent in a modified save API request. It was fixed in 6.3.0.03. | |||||
| CVE-2021-2007 | 2 Fedoraproject, Oracle | 2 Fedora, Mysql | 2021-06-22 | 4.3 MEDIUM | 3.7 LOW |
| Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Client accessible data. CVSS 3.1 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N). | |||||
| CVE-2021-31498 | 1 Opentext | 1 Brava\! Desktop | 2021-06-21 | 4.3 MEDIUM | 3.3 LOW |
| This vulnerability allows remote attackers to disclose sensitive information on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated data structure. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-12744. | |||||
| CVE-2021-31501 | 1 Opentext | 1 Brava\! Desktop | 2021-06-21 | 4.3 MEDIUM | 3.3 LOW |
| This vulnerability allows remote attackers to disclose sensitive information on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated data structure. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-13310. | |||||
| CVE-2021-20396 | 1 Ibm | 1 Security Qradar Analyst Workflow | 2021-06-21 | 2.1 LOW | 3.3 LOW |
| IBM QRadar Analyst Workflow App 1.0 through 1.18.0 for IBM QRadar SIEM allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 196009. | |||||
| CVE-2021-25404 | 1 Samsung | 2 Smartthings, Smartthings Firmware | 2021-06-21 | 2.1 LOW | 3.3 LOW |
| Information Exposure vulnerability in SmartThings prior to version 1.7.64.21 allows attacker to access user information via log. | |||||
| CVE-2021-25402 | 1 Samsung | 1 Notes | 2021-06-21 | 2.1 LOW | 3.3 LOW |
| Information Exposure vulnerability in Samsung Notes prior to version 4.2.04.27 allows attacker to access s pen latency information. | |||||
| CVE-2021-3588 | 1 Bluez | 1 Bluez | 2021-06-21 | 2.1 LOW | 3.3 LOW |
| The cli_feat_read_cb() function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading. | |||||
| CVE-2020-35762 | 1 Bloofox | 1 Bloofoxcms | 2021-06-17 | 4.0 MEDIUM | 2.7 LOW |
| bloofoxCMS 0.5.2.1 is infected with Path traversal in the 'fileurl' parameter that allows attackers to read local files. | |||||
| CVE-2018-17177 | 1 Neatorobotics | 12 Botvac 85 Connected, Botvac 85 Firmware, Botvac D3 Connected and 9 more | 2021-06-17 | 2.1 LOW | 2.4 LOW |
| An issue was discovered on Neato Botvac Connected 2.2.0 and Botvac 85 1.2.1 devices. Static encryption is used for the copying of so-called "black box" logs (event logs and core dumps) to a USB stick. These logs are RC4-encrypted with a 9-character password of *^JEd4W!I that is obfuscated by hiding it within a custom /bin/rc4_crypt binary. | |||||
| CVE-2021-25398 | 1 Samsung | 1 Bixby Voice | 2021-06-16 | 2.1 LOW | 3.3 LOW |
| Intent redirection vulnerability in Bixby Voice prior to version 3.1.12 allows attacker to access contacts. | |||||
| CVE-2021-32653 | 1 Nextcloud | 1 Nextcloud Server | 2021-06-14 | 4.0 MEDIUM | 2.7 LOW |
| Nextcloud Server is a Nextcloud package that handles data storage. Nextcloud Server versions prior to 19.0.11, 20.0.10, or 21.0.2 send user IDs to the lookup server even if the user has no fields set to published. The vulnerability is patched in versions 19.0.11, 20.0.10, and 21.0.2; no workarounds outside the updates are known to exist. | |||||
| CVE-2021-32655 | 1 Nextcloud | 1 Nextcloud Server | 2021-06-11 | 3.5 LOW | 3.5 LOW |
| Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.11, 20.0.10, and 21.0.2, an attacker is able to convert a Files Drop link to a federated share. This causes an issue on the UI side of the sharing user. When the sharing user opens the sharing panel and tries to remove the "Create" privileges of this unexpected share, Nextcloud server would silently grant the share read privileges. The vulnerability is patched in versions 19.0.11, 20.0.10 and 21.0.2. No workarounds are known to exist. | |||||
| CVE-2020-1702 | 2 Containers-image Project, Redhat | 2 Containers-image, Enterprise Linux | 2021-06-10 | 4.3 MEDIUM | 3.3 LOW |
| A malicious container image can consume an unbounded amount of memory when being pulled to a container runtime host, such as Red Hat Enterprise Linux using podman, or OpenShift Container Platform. An attacker can use this flaw to trick a user, with privileges to pull container images, into crashing the process responsible for pulling the image. This flaw affects containers-image versions before 5.2.0. | |||||
| CVE-2020-14329 | 1 Redhat | 1 Ansible Tower | 2021-06-07 | 2.1 LOW | 3.3 LOW |
| A data exposure flaw was found in Ansible Tower in versions before 3.7.2, where sensitive data can be exposed from the /api/v2/labels/ endpoint. This flaw allows users from other organizations in the system to retrieve any label from the organization and also disclose organization names. The highest threat from this vulnerability is to confidentiality. | |||||
| CVE-2020-14328 | 1 Redhat | 1 Ansible Tower | 2021-06-07 | 2.1 LOW | 3.3 LOW |
| A flaw was found in Ansible Tower in versions before 3.7.2. A Server Side Request Forgery flaw can be abused by supplying a URL which could lead to the server processing it connecting to internal services or exposing additional internal services and more particularly retrieving full details in case of error. The highest threat from this vulnerability is to data confidentiality. | |||||
| CVE-2021-22743 | 1 Schneider-electric | 4 Tcm 4351b, Tcm 4351b Firmware, Triconex Model 3009 Mp and 1 more | 2021-06-07 | 2.1 LOW | 3.9 LOW |
| Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex TCM 4351B installed on Tricon V11.3.x systems that could cause module reset when TCM receives malformed TriStation packets while the write-protect keyswitch is in the program position. | |||||
| CVE-2021-22744 | 1 Schneider-electric | 4 Tcm 4351b, Tcm 4351b Firmware, Triconex Model 3009 Mp and 1 more | 2021-06-07 | 2.1 LOW | 3.9 LOW |
| Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex Model 3009 MP installed on Tricon V11.3.x systems that could cause module reset when TCM receives malformed TriStation packets while the write-protect keyswitch is in the program position. This CVE ID is unique from CVE-2021-22742, CVE-2021-22745, CVE-2021-22746, and CVE-2021-22747. | |||||
| CVE-2021-22742 | 1 Schneider-electric | 4 Tcm 4351b, Tcm 4351b Firmware, Triconex Model 3009 Mp and 1 more | 2021-06-07 | 2.1 LOW | 3.9 LOW |
| Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex Model 3009 MP installed on Tricon V11.3.x systems that could cause module reset when TCM receives malformed TriStation packets while the write-protect keyswitch is in the program position. | |||||
| CVE-2021-22745 | 1 Schneider-electric | 4 Tcm 4351b, Tcm 4351b Firmware, Triconex Model 3009 Mp and 1 more | 2021-06-07 | 2.1 LOW | 3.9 LOW |
| Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex Model 3009 MP installed on Tricon V11.3.x systems that could cause module reset when TCM receives malformed TriStation packets while the write-protect keyswitch is in the program position. This CVE ID is unique from CVE-2021-22742, CVE-2021-22744, CVE-2021-22746, and CVE-2021-22747. | |||||
| CVE-2021-22746 | 1 Schneider-electric | 4 Tcm 4351b, Tcm 4351b Firmware, Triconex Model 3009 Mp and 1 more | 2021-06-07 | 2.1 LOW | 3.9 LOW |
| Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex Model 3009 MP installed on Tricon V11.3.x systems that could cause module reset when TCM receives malformed TriStation packets while the write-protect keyswitch is in the program position. This CVE ID is unique from CVE-2021-22742, CVE-2021-22744, CVE-2021-22745, and CVE-2021-22747. | |||||
| CVE-2021-22747 | 1 Schneider-electric | 4 Tcm 4351b, Tcm 4351b Firmware, Triconex Model 3009 Mp and 1 more | 2021-06-07 | 2.1 LOW | 3.9 LOW |
| Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex Model 3009 MP installed on Tricon V11.3.x systems that could cause module reset when TCM receives malformed TriStation packets while the write-protect keyswitch is in the program position. This CVE ID is unique from CVE-2021-22742, CVE-2021-22744, CVE-2021-22745, and CVE-2021-22746. | |||||
| CVE-2021-20575 | 1 Ibm | 2 Application Gateway, Security Verify Access | 2021-06-07 | 2.1 LOW | 3.3 LOW |
| IBM Security Verify Access 20.07 allows web pages to be stored locally which can be read by another user on the system. X-Force ID: 199278. | |||||