Search
Total
46623 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-1038 | 1 Google | 1 Android | 2021-12-17 | 4.7 MEDIUM | 5.5 MEDIUM |
| In UserDetailsActivity of AndroidManifest.xml, there is a possible DoS due to a tapjacking/overlay attack. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-183411279 | |||||
| CVE-2021-41557 | 1 Sofico | 1 Miles Rich Internet Application | 2021-12-17 | 3.5 LOW | 5.4 MEDIUM |
| Sofico Miles RIA 2020.2 Build 127964T is affected by Stored Cross Site Scripting (XSS). An attacker with access to a user account of the RIA IT or the Fleet role can create a crafted work order in the damage reports section (or change existing work orders). The XSS payload is in the work order number. | |||||
| CVE-2021-43675 | 1 Lycheeorganisation | 1 Lychee | 2021-12-17 | 4.3 MEDIUM | 6.1 MEDIUM |
| Lychee-v3 3.2.16 is affected by a Cross Site Scripting (XSS) vulnerability in php/Access/Guest.php. The function exit will terminate the script and print the message to the user. The message will contain albumID which is controlled by the user. | |||||
| CVE-2021-1030 | 1 Google | 1 Android | 2021-12-17 | 2.1 LOW | 5.5 MEDIUM |
| In setNotificationsShownFromListener of NotificationManagerService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-194697001 | |||||
| CVE-2021-0996 | 1 Google | 1 Android | 2021-12-17 | 2.7 LOW | 4.5 MEDIUM |
| In nfaHciCallback of HciEventManager.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure over NFC with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-181346545 | |||||
| CVE-2021-0998 | 1 Google | 1 Android | 2021-12-17 | 2.1 LOW | 5.5 MEDIUM |
| In 'ih264e_find_bskip_params()' of ih264e_me.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-193442575 | |||||
| CVE-2021-0997 | 1 Google | 1 Android | 2021-12-17 | 2.1 LOW | 5.5 MEDIUM |
| In handleUpdateNetworkState of GnssNetworkConnectivityHandler.java , there is a possible APN disclosure due to log information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-191086488 | |||||
| CVE-2021-42022 | 1 Siemens | 1 Simatic Easie Pcs 7 Skill | 2021-12-17 | 3.5 LOW | 6.5 MEDIUM |
| A vulnerability has been identified in SIMATIC eaSie PCS 7 Skill Package (All versions < V21.00 SP3). When downloading files, the affected systems do not properly neutralize special elements within the pathname. An attacker could then cause the pathname to resolve to a location outside of the restricted directory on the server and read unexpected critical files. The affected file download function is disabled by default. | |||||
| CVE-2021-1026 | 1 Google | 1 Android | 2021-12-17 | 2.1 LOW | 5.5 MEDIUM |
| In startRanging of RttServiceImpl.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-194798757 | |||||
| CVE-2021-1024 | 1 Google | 1 Android | 2021-12-17 | 4.6 MEDIUM | 6.7 MEDIUM |
| In onEventReceived of EventResultPersister.java, there is a possible intent redirection due to a confused deputy. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-191283525 | |||||
| CVE-2021-1023 | 1 Google | 1 Android | 2021-12-17 | 1.9 LOW | 5.0 MEDIUM |
| In onCreate of RequestIgnoreBatteryOptimizations.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-195963373 | |||||
| CVE-2021-0979 | 1 Google | 1 Android | 2021-12-17 | 2.1 LOW | 5.5 MEDIUM |
| In isRequestPinItemSupported of ShortcutService.java, there is a possible cross-user leak of packages in which the default launcher supports requests to create pinned shortcuts due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-191772737 | |||||
| CVE-2021-0977 | 1 Google | 1 Android | 2021-12-17 | 4.6 MEDIUM | 6.7 MEDIUM |
| In phNxpNHal_DtaUpdate of phNxpNciHal_dta.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-183487770 | |||||
| CVE-2021-0976 | 1 Google | 1 Android | 2021-12-17 | 4.3 MEDIUM | 6.5 MEDIUM |
| In toBARK of floor0.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-199680600 | |||||
| CVE-2021-0973 | 1 Google | 1 Android | 2021-12-17 | 1.9 LOW | 5.0 MEDIUM |
| In isFileUri of UriUtil.java, there is a possible way to bypass ignoring file://URI attachment due to improper handling of case sensitivity. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-197328178 | |||||
| CVE-2021-0971 | 1 Google | 1 Android | 2021-12-17 | 4.3 MEDIUM | 6.5 MEDIUM |
| In MPEG4Source::read of MPEG4Extractor.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-188893559 | |||||
| CVE-2021-0969 | 1 Google | 1 Android | 2021-12-17 | 4.3 MEDIUM | 6.5 MEDIUM |
| In getTitle of AccessPoint.java, there is a possible unhandled exception due to a missing null check. This could lead to remote denial of service if a proximal Wi-Fi AP provides invalid information with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11Android ID: A-199922685 | |||||
| CVE-2021-0904 | 1 Google | 1 Android | 2021-12-17 | 7.2 HIGH | 6.7 MEDIUM |
| In SRAMROM, there is a possible permission bypass due to an insecure permission setting. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06076938; Issue ID: ALPS06076938. | |||||
| CVE-2021-0952 | 1 Google | 1 Android | 2021-12-17 | 4.7 MEDIUM | 5.0 MEDIUM |
| In doCropPhoto of PhotoSelectionHandler.java, there is a possible permission bypass due to a confused deputy. This could lead to local information disclosure of user's contacts with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-195748381 | |||||
| CVE-2021-0919 | 1 Google | 1 Android | 2021-12-17 | 1.9 LOW | 5.0 MEDIUM |
| In getService of IServiceManager.cpp, there is a possible unhandled exception due to an integer overflow. This could lead to local denial of service making the lockscreen unusable with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9Android ID: A-197336441 | |||||
| CVE-2021-43398 | 1 Cryptopp | 1 Crypto\+\+ | 2021-12-17 | 5.0 MEDIUM | 5.3 MEDIUM |
| ** DISPUTED ** Crypto++ (aka Cryptopp) 8.6.0 and earlier contains a timing leakage in MakePublicKey(). There is a clear correlation between execution time and private key length, which may cause disclosure of the length information of the private key. This might allow attackers to conduct timing attacks. NOTE: this report is disputed by the vendor and multiple third parties. The execution-time differences are intentional. A user may make a choice of a longer key as a tradeoff between strength and performance. In making this choice, the amount of information leaked to an adversary is of infinitesimal value. | |||||
| CVE-2020-16155 | 1 Cpan\ | 1 \ | 2021-12-17 | 4.0 MEDIUM | 6.5 MEDIUM |
| The CPAN::Checksums package 2.12 for Perl does not uniquely define signed data. | |||||
| CVE-2021-0704 | 1 Google | 1 Android | 2021-12-17 | 4.9 MEDIUM | 5.5 MEDIUM |
| In createNoCredentialsPermissionNotification and related functions of AccountManagerService.java, there is a possible way to retrieve accounts from the device without permissions due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9Android ID: A-179338675 | |||||
| CVE-2021-4111 | 1 Yetiforce | 1 Yetiforce Customer Relationship Management | 2021-12-17 | 4.0 MEDIUM | 4.3 MEDIUM |
| yetiforcecrm is vulnerable to Business Logic Errors | |||||
| CVE-2021-4116 | 1 Yetiforce | 1 Yetiforce Customer Relationship Management | 2021-12-17 | 3.5 LOW | 5.4 MEDIUM |
| yetiforcecrm is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
| CVE-2021-4117 | 1 Yetiforce | 1 Yetiforce Customer Relationship Management | 2021-12-17 | 4.0 MEDIUM | 4.3 MEDIUM |
| yetiforcecrm is vulnerable to Business Logic Errors | |||||
| CVE-2021-41871 | 1 Socomec | 2 Remote View Pro, Remote View Pro Firmware | 2021-12-17 | 3.5 LOW | 5.4 MEDIUM |
| An issue was discovered in Socomec REMOTE VIEW PRO 2.0.41.4. Improper validation of input into the username field makes it possible to place a stored XSS payload. This is executed if an administrator views the System Event Log. | |||||
| CVE-2021-41836 | 1 Conva | 1 Fathom Analytics | 2021-12-17 | 3.5 LOW | 4.8 MEDIUM |
| The Fathom Analytics WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and escaping via the $site_id parameter found in the ~/fathom-analytics.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 3.0.4. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled. | |||||
| CVE-2021-42367 | 1 Variation Swatches For Woocommerce Project | 1 Variation Swatches For Woocommerce | 2021-12-17 | 3.5 LOW | 5.4 MEDIUM |
| The Variation Swatches for WooCommerce WordPress plugin is vulnerable to Stored Cross-Site Scripting via several parameters found in the ~/includes/class-menu-page.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.1.1. Due to missing authorization checks on the tawcvs_save_settings function, low-level authenticated users such as subscribers can exploit this vulnerability. | |||||
| CVE-2021-24955 | 1 Profilepress | 1 User Registration\, Login Form\, User Profile \& Membership | 2021-12-17 | 4.3 MEDIUM | 6.1 MEDIUM |
| The User Registration, Login Form, User Profile & Membership WordPress plugin before 3.2.3 does not escape the data parameter of the pp_get_forms_by_builder_type AJAX action before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting issue | |||||
| CVE-2021-42549 | 1 Wpcloudplugins | 1 Lets-box | 2021-12-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| Insufficient Input Validation in the search functionality of Wordpress plugin Lets-Box prior to 1.15.3 allows unauthenticated user to craft a reflected Cross-Site Scripting attack. | |||||
| CVE-2021-24871 | 1 Get Custom Field Values Project | 1 Get Custom Field Values | 2021-12-16 | 3.5 LOW | 5.4 MEDIUM |
| The Get Custom Field Values WordPress plugin before 4.0.1 does not escape custom fields before outputting them in the page, which could allow users with a role as low as contributor to perform Cross-Site Scripting attacks | |||||
| CVE-2020-35508 | 3 Linux, Netapp, Redhat | 33 Linux Kernel, A700s, A700s Firmware and 30 more | 2021-12-16 | 4.4 MEDIUM | 4.5 MEDIUM |
| A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. A local attacker is able to abuse this flaw to bypass checks to send any signal to a privileged process. | |||||
| CVE-2021-39365 | 2 Debian, Gnome | 2 Debian Linux, Grilo | 2021-12-16 | 4.3 MEDIUM | 5.9 MEDIUM |
| In GNOME grilo though 0.3.13, grl-net-wc.c does not enable TLS certificate verification on the SoupSessionAsync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011. | |||||
| CVE-2021-28699 | 3 Debian, Fedoraproject, Xen | 3 Debian Linux, Fedora, Xen | 2021-12-16 | 4.9 MEDIUM | 5.5 MEDIUM |
| inadequate grant-v2 status frames array bounds check The v2 grant table interface separates grant attributes from grant status. That is, when operating in this mode, a guest has two tables. As a result, guests also need to be able to retrieve the addresses that the new status tracking table can be accessed through. For 32-bit guests on x86, translation of requests has to occur because the interface structure layouts commonly differ between 32- and 64-bit. The translation of the request to obtain the frame numbers of the grant status table involves translating the resulting array of frame numbers. Since the space used to carry out the translation is limited, the translation layer tells the core function the capacity of the array within translation space. Unfortunately the core function then only enforces array bounds to be below 8 times the specified value, and would write past the available space if enough frame numbers needed storing. | |||||
| CVE-2021-28698 | 3 Debian, Fedoraproject, Xen | 3 Debian Linux, Fedora, Xen | 2021-12-16 | 4.9 MEDIUM | 5.5 MEDIUM |
| long running loops in grant table handling In order to properly monitor resource use, Xen maintains information on the grant mappings a domain may create to map grants offered by other domains. In the process of carrying out certain actions, Xen would iterate over all such entries, including ones which aren't in use anymore and some which may have been created but never used. If the number of entries for a given domain is large enough, this iterating of the entire table may tie up a CPU for too long, starving other domains or causing issues in the hypervisor itself. Note that a domain may map its own grants, i.e. there is no need for multiple domains to be involved here. A pair of "cooperating" guests may, however, cause the effects to be more severe. | |||||
| CVE-2021-32728 | 2 Debian, Nextcloud | 2 Debian Linux, Nextcloud | 2021-12-16 | 4.0 MEDIUM | 6.5 MEDIUM |
| The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with a computer. Clients using the Nextcloud end-to-end encryption feature download the public and private key via an API endpoint. In versions prior to 3.3.0, the Nextcloud Desktop client fails to check if a private key belongs to previously downloaded public certificate. If the Nextcloud instance serves a malicious public key, the data would be encrypted for this key and thus could be accessible to a malicious actor. This issue is fixed in Nextcloud Desktop Client version 3.3.0. There are no known workarounds aside from upgrading. | |||||
| CVE-2021-29447 | 2 Debian, Wordpress | 2 Debian Linux, Wordpress | 2021-12-16 | 4.0 MEDIUM | 6.5 MEDIUM |
| Wordpress is an open source CMS. A user with the ability to upload files (like an Author) can exploit an XML parsing issue in the Media Library leading to XXE attacks. This requires WordPress installation to be using PHP 8. Access to internal files is possible in a successful XXE attack. This has been patched in WordPress version 5.7.1, along with the older affected versions via a minor release. We strongly recommend you keep auto-updates enabled. | |||||
| CVE-2021-40882 | 1 Piwigo | 1 Piwigo | 2021-12-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| A Cross Site Scripting (XSS) vulnerability exists in Piwigo 11.5.0 via the system album name and description of the location. | |||||
| CVE-2021-42061 | 1 Sap | 1 Businessobjects Business Intelligence Platform | 2021-12-16 | 3.5 LOW | 5.4 MEDIUM |
| SAP BusinessObjects Business Intelligence Platform (Web Intelligence) - version 420, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. This allows a low privileged attacker to retrieve some data from the victim but will never be able to modify the document and publish these modifications to the server. It impacts the "Quick Prompt" workflow. | |||||
| CVE-2018-12193 | 1 Intel | 1 Quickassist Technology | 2021-12-16 | 2.1 LOW | 5.5 MEDIUM |
| Insufficient access control in driver stack for Intel QuickAssist Technology for Linux before version 4.2 may allow an unprivileged user to potentially disclose information via local access. | |||||
| CVE-2018-11070 | 1 Dell | 2 Bsafe Crypto-j, Rsa Bsafe Ssl-j | 2021-12-16 | 4.3 MEDIUM | 5.9 MEDIUM |
| RSA BSAFE Crypto-J versions prior to 6.2.4 and RSA BSAFE SSL-J versions prior to 6.2.4 contain a Covert Timing Channel vulnerability during PKCS #1 unpadding operations, also known as a Bleichenbacher attack. A remote attacker may be able to recover a RSA key. | |||||
| CVE-2017-17760 | 2 Debian, Opencv | 2 Debian Linux, Opencv | 2021-12-16 | 4.3 MEDIUM | 6.5 MEDIUM |
| OpenCV 3.3.1 has a Buffer Overflow in the cv::PxMDecoder::readData function in grfmt_pxm.cpp, because an incorrect size value is used. | |||||
| CVE-2017-6655 | 1 Cisco | 5 Mds 9000 Nx-os, Nx-os, Nx-os For Nexus 5500 Platform Switches and 2 more | 2021-12-16 | 3.3 LOW | 6.5 MEDIUM |
| A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol implementation in Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition when an FCoE-related process unexpectedly reloads. This vulnerability affects Cisco NX-OS Software on the following Cisco devices when they are configured for FCoE: Multilayer Director Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches. More Information: CSCvc91729. Known Affected Releases: 8.3(0)CV(0.833). Known Fixed Releases: 8.3(0)ISH(0.62) 8.3(0)CV(0.944) 8.1(1) 8.1(0.8)S0 7.3(2)D1(0.47). | |||||
| CVE-2017-9525 | 3 Canonical, Cron Project, Debian | 3 Ubuntu Linux, Cron, Debian Linux | 2021-12-16 | 6.9 MEDIUM | 6.7 MEDIUM |
| In the cron package through 3.0pl1-128 on Debian, and through 3.0pl1-128ubuntu2 on Ubuntu, the postinst maintainer script allows for group-crontab-to-root privilege escalation via symlink attacks against unsafe usage of the chown and chmod programs. | |||||
| CVE-2016-0747 | 5 Apple, Canonical, Debian and 2 more | 5 Xcode, Ubuntu Linux, Debian Linux and 2 more | 2021-12-16 | 5.0 MEDIUM | 5.3 MEDIUM |
| The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 does not properly limit CNAME resolution, which allows remote attackers to cause a denial of service (worker process resource consumption) via vectors related to arbitrary name resolution. | |||||
| CVE-2021-44025 | 3 Debian, Fedoraproject, Roundcube | 3 Debian Linux, Fedora, Webmail | 2021-12-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to XSS in handling an attachment's filename extension when displaying a MIME type warning message. | |||||
| CVE-2021-24851 | 1 Insert Pages Project | 1 Insert Pages | 2021-12-16 | 4.0 MEDIUM | 4.3 MEDIUM |
| The Insert Pages WordPress plugin before 3.7.0 allows users with a role as low as Contributor to access content and metadata from arbitrary posts/pages regardless of their author and status (ie private), using a shortcode. Password protected posts/pages are not affected by such issue. | |||||
| CVE-2021-24815 | 1 Wpplugin | 1 Accept Donations With Paypal | 2021-12-16 | 3.5 LOW | 4.8 MEDIUM |
| The Accept Donations with PayPal WordPress plugin before 1.3.2 does not escape the Amount Menu Name field of created Buttons, which could allow a high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. | |||||
| CVE-2021-25273 | 1 Sophos | 1 Unified Threat Management | 2021-12-16 | 3.5 LOW | 4.8 MEDIUM |
| Stored XSS can execute as administrator in quarantined email detail view in Sophos UTM before version 9.706. | |||||