Search
Total
46623 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-25664 | 2 Fedoraproject, Imagemagick | 2 Fedora, Imagemagick | 2021-12-16 | 5.8 MEDIUM | 6.1 MEDIUM |
| In WriteOnePNGImage() of the PNG coder at coders/png.c, an improper call to AcquireVirtualMemory() and memset() allows for an out-of-bounds write later when PopShortPixel() from MagickCore/quantum-private.h is called. The patch fixes the calls by adding 256 to rowbytes. An attacker who is able to supply a specially crafted image could affect availability with a low impact to data integrity. This flaw affects ImageMagick versions prior to 6.9.10-68 and 7.0.8-68. | |||||
| CVE-2020-17361 | 1 Readytalk | 1 Avian | 2021-12-16 | 4.3 MEDIUM | 5.5 MEDIUM |
| ** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in ReadyTalk Avian 1.2.0. The vm::arrayCopy method defined in classpath-common.h returns silently when a negative length is provided (instead of throwing an exception). This could result in data being lost during the copy, with varying consequences depending on the subsequent use of the destination buffer. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2021-28378 | 1 Gitea | 1 Gitea | 2021-12-16 | 3.5 LOW | 5.4 MEDIUM |
| Gitea 1.12.x and 1.13.x before 1.13.4 allows XSS via certain issue data in some situations. | |||||
| CVE-2021-24729 | 1 Infornweb | 1 Logo Showcase With Slick Slider | 2021-12-16 | 3.5 LOW | 5.4 MEDIUM |
| The Logo Showcase with Slick Slider WordPress plugin before 1.2.4 does not sanitise the Grid Settings, which could allow users with a role as low as Author to perform stored Cross-Site Scripting attacks via post metadata of Grid logo showcase. | |||||
| CVE-2021-44479 | 1 Nxp | 2 Kinetis K82, Kinetis K82 Firmware | 2021-12-16 | 2.1 LOW | 5.5 MEDIUM |
| NXP Kinetis K82 devices have a buffer over-read via a crafted wlength value in a GET Status-Other request during use of USB In-System Programming (ISP) mode. This discloses protected flash memory. | |||||
| CVE-2021-42547 | 1 Wpcloudplugins | 1 Out-of-the-box | 2021-12-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| Insufficient Input Validation in the search functionality of Wordpress plugin Out-of-the-Box prior to 1.20.3 allows unauthenticated user to craft a reflected Cross-Site Scripting attack. | |||||
| CVE-2021-42548 | 1 Wpcloudplugins | 1 Share-one-drive | 2021-12-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| Insufficient Input Validation in the search functionality of Wordpress plugin Share-one-Drive prior to 1.15.3 allows unauthenticated user to craft a reflected Cross-Site Scripting attack. | |||||
| CVE-2021-24855 | 1 Display Post Metadata Project | 1 Display Post Metadata | 2021-12-16 | 3.5 LOW | 5.4 MEDIUM |
| The Display Post Metadata WordPress plugin before 1.5.0 adds a shortcode to print out custom fields, however their content is not sanitised or escaped which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks | |||||
| CVE-2021-39048 | 4 Hp, Ibm, Linux and 1 more | 6 Hp-ux, Aix, Spectrum Protect Backup-archive Client and 3 more | 2021-12-16 | 2.1 LOW | 5.5 MEDIUM |
| IBM Spectrum Protect Client 7.1 and 8.1 is vulnerable to a stack based buffer overflow, caused by improper bounds checking. A local attacker could exploit this vulnerability and cause a denial of service. IBM X-Force ID: 214438. | |||||
| CVE-2021-24819 | 1 Page\/post Content Shortcode Project | 1 Page\/post Content Shortcode | 2021-12-16 | 4.0 MEDIUM | 4.3 MEDIUM |
| The Page/Post Content Shortcode WordPress plugin through 1.0 does not have proper authorisation in place, allowing users with a role as low as contributor to access draft/private/password protected/trashed posts/pages they should not be allowed to, including posts created by other users such as admins and editors. | |||||
| CVE-2021-42546 | 1 Wpcloudplugins | 1 Use-your-drive | 2021-12-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| Insufficient Input Validation in the search functionality of Wordpress plugin Use-Your-Drive prior to 1.18.3 allows unauthenticated user to craft a reflected Cross-Site Scripting attack. | |||||
| CVE-2021-24859 | 1 User Meta Shortcodes Project | 1 User Meta Shortcodes | 2021-12-16 | 4.0 MEDIUM | 4.3 MEDIUM |
| The User Meta Shortcodes WordPress plugin through 0.5 registers a shortcode that allows any user with a role as low as contributor to access other users metadata by specifying the user login as a parameter. This makes the WP instance vulnerable to data extrafiltration, including password hashes | |||||
| CVE-2021-24817 | 1 Ultimate Nofollow Project | 1 Ultimate Nofollow | 2021-12-16 | 3.5 LOW | 5.4 MEDIUM |
| The Ultimate NoFollow WordPress plugin through 1.4.8 does not sanitise and escape the href attribute of its shortcodes, allowing users with a role as low as contributor to perform Cross-Site Scripting attacks | |||||
| CVE-2021-24972 | 1 Fatcatapps | 1 Pixel Cat | 2021-12-16 | 3.5 LOW | 4.8 MEDIUM |
| The Pixel Cat WordPress plugin before 2.6.3 does not escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed | |||||
| CVE-2021-24818 | 1 Wp Limits Project | 1 Wp Limits | 2021-12-16 | 4.3 MEDIUM | 4.3 MEDIUM |
| The WP Limits WordPress plugin through 1.0 does not have CSRF check when saving its settings, allowing attacker to make a logged in admin change them, which could make the blog unstable by setting low values | |||||
| CVE-2021-39319 | 1 Duogeek | 1 Duofaq-responsive-flat-simple-faq | 2021-12-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| The duoFAQ - Responsive, Flat, Simple FAQ WordPess plugin is vulnerable to Reflected Cross-Site Scripting via the msg parameter found in the ~/duogeek/duogeek-panel.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.4.8. | |||||
| CVE-2021-39318 | 1 H5p-css-editor Project | 1 H5p-css-editor | 2021-12-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| The H5P CSS Editor WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the h5p-css-file parameter found in the ~/h5p-css-editor.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0. | |||||
| CVE-2021-24954 | 1 Profilepress | 1 User Registration\, Login Form\, User Profile \& Membership | 2021-12-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| The User Registration, Login Form, User Profile & Membership WordPress plugin before 3.2.3 does not sanitise and escape the ppress_cc_data parameter before outputting it back in an attribute of an admin dashboard page, leading to a Reflected Cross-Site Scripting issue | |||||
| CVE-2021-39313 | 1 Duogeek | 1 Simple Image Gallery | 2021-12-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Simple Image Gallery WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the msg parameter found in the ~/simple-image-gallery.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0.6. | |||||
| CVE-2021-39311 | 1 Link-list-manager Project | 1 Link-list-manager | 2021-12-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| The link-list-manager WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the category parameter found in the ~/llm.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0. | |||||
| CVE-2021-3831 | 1 Gnuboard | 1 Gnuboard5 | 2021-12-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| gnuboard5 is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
| CVE-2020-19042 | 1 Zzcms | 1 Zzcms | 2021-12-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability exists in zzcms 2019 XSS via a modify action in user/adv.php. | |||||
| CVE-2021-43823 | 1 Sourcegraph | 1 Sourcegraph | 2021-12-16 | 4.0 MEDIUM | 6.5 MEDIUM |
| Sourcegraph is a code search and navigation engine. Sourcegraph prior to version 3.33.2 is vulnerable to a side-channel attack where strings in private source code could be guessed by an authenticated but unauthorized actor. This issue affects the Saved Searches and Code Monitoring features. A successful attack would require an authenticated bad actor to create many Saved Searches or Code Monitors to receive confirmation that a specific string exists. This could allow an attacker to guess formatted tokens in source code, such as API keys. This issue was patched in version 3.33.2 and any future versions of Sourcegraph. We strongly encourage upgrading to secure versions. If you are unable to, you may disable Saved Searches and Code Monitors. | |||||
| CVE-2021-24795 | 1 Phoeniixx | 1 Filter Portfolio Gallery | 2021-12-16 | 4.3 MEDIUM | 6.5 MEDIUM |
| The Filter Portfolio Gallery WordPress plugin through 1.5 is lacking Cross-Site Request Forgery (CSRF) check when deleting a Gallery, which could allow attackers to make a logged in admin delete arbitrary Gallery. | |||||
| CVE-2021-39315 | 1 Magic-post-voice Project | 1 Magic-post-voice | 2021-12-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Magic Post Voice WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the ids parameter found in the ~/inc/admin/main.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.2. | |||||
| CVE-2021-39314 | 1 Wanderlust-webdesign | 1 Woo-enviopack | 2021-12-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| The WooCommerce EnvioPack WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the dataid parameter found in the ~/includes/functions.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.2. | |||||
| CVE-2021-24792 | 1 Wpeden | 1 Shiny Buttons | 2021-12-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Shiny Buttons WordPress plugin through 1.1.0 does not have any authorisation and CSRF in place when saving a template (wpbtn_save_template function hooked to the init action), nor sanitise and escape them before outputting them in the admin dashboard, which allow unauthenticated users to add a malicious template and lead to Stored Cross-Site Scripting issues. | |||||
| CVE-2021-39310 | 1 Windyroad | 1 Real Wysiwyg | 2021-12-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Real WYSIWYG WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to the use of PHP_SELF in the ~/real-wysiwyg.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.0.2. | |||||
| CVE-2021-38361 | 1 Htaccess-redirect Project | 1 Htaccess-redirect | 2021-12-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| The .htaccess Redirect WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the link parameter found in the ~/htaccess-redirect.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.3.1. | |||||
| CVE-2021-39309 | 1 Dpsoft | 1 Parsian Bank Gateway For Woocommerce | 2021-12-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Parsian Bank Gateway for Woocommerce WordPress plugin is vulnerable to Reflected Cross-Site Scripting via and parameter due to a var_dump() on $_POST variables found in the ~/vendor/dpsoft/parsian-payment/sample/rollback-payment.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0. | |||||
| CVE-2021-24790 | 1 Contact Form Advanced Database Project | 1 Contact Form Advanced Database | 2021-12-16 | 4.0 MEDIUM | 4.3 MEDIUM |
| The Contact Form Advanced Database WordPress plugin through 1.0.8 does not have any authorisation as well as CSRF checks in its delete_cf7_data and export_cf7_data AJAX actions, available to any authenticated users, which could allow users with a role as low as subscriber to call them. The delete_cf7_data would lead to arbitrary metadata deletion, as well as PHP Object Injection if a suitable gadget chain is present in another plugin, as user data is passed to the maybe_unserialize() function without being first validated. | |||||
| CVE-2021-39308 | 1 Woo-myghpay-payment-gateway Project | 1 Woo-myghpay-payment-gateway | 2021-12-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| The WooCommerce myghpay Payment Gateway WordPess plugin is vulnerable to Reflected Cross-Site Scripting via the clientref parameter found in the ~/processresponse.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 3.0. | |||||
| CVE-2021-39930 | 1 Gitlab | 1 Gitlab | 2021-12-16 | 4.0 MEDIUM | 4.3 MEDIUM |
| Missing authorization in GitLab EE versions between 12.4 and 14.3.6, between 14.4.0 and 14.4.4, and between 14.5.0 and 14.5.2 allowed an attacker to access a user's custom project and group templates | |||||
| CVE-2021-39919 | 1 Gitlab | 1 Gitlab | 2021-12-16 | 2.1 LOW | 4.4 MEDIUM |
| In all versions of GitLab CE/EE starting version 14.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, the reset password token and new user email token are accidentally logged which may lead to information disclosure. | |||||
| CVE-2021-39918 | 1 Gitlab | 1 Gitlab | 2021-12-16 | 4.0 MEDIUM | 4.3 MEDIUM |
| Incorrect Authorization in GitLab EE affecting all versions starting from 11.1 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allows a user to add comments to a vulnerability which cannot be accessed. | |||||
| CVE-2021-39917 | 1 Gitlab | 1 Gitlab | 2021-12-16 | 4.0 MEDIUM | 6.5 MEDIUM |
| An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.9 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. A regular expression related to quick actions features was susceptible to catastrophic backtracking that could cause a DOS attack. | |||||
| CVE-2021-39915 | 1 Gitlab | 1 Gitlab | 2021-12-16 | 5.0 MEDIUM | 5.3 MEDIUM |
| Improper access control in the GraphQL API in GitLab CE/EE affecting all versions starting from 13.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allows an attacker to see the names of project access tokens on arbitrary projects | |||||
| CVE-2021-25526 | 1 Samsung | 1 Blockchain Wallet | 2021-12-16 | 2.1 LOW | 5.5 MEDIUM |
| Intent redirection vulnerability in Samsung Blockchain Wallet prior to version 1.3.02.8 allows attacker to execute privileged action. | |||||
| CVE-2021-36450 | 1 Verint | 1 Workforce Optimization | 2021-12-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| Verint Workforce Optimization (WFO) 15.2.8.10048 allows XSS via the control/my_notifications NEWUINAV parameter. | |||||
| CVE-2021-3836 | 1 Dbeaver | 1 Dbeaver | 2021-12-15 | 4.3 MEDIUM | 5.5 MEDIUM |
| dbeaver is vulnerable to Improper Restriction of XML External Entity Reference | |||||
| CVE-2021-42051 | 1 Abantecart | 1 Abantecart | 2021-12-15 | 3.5 LOW | 5.4 MEDIUM |
| An issue was discovered in AbanteCart before 1.3.2. Any low-privileged user with file-upload permissions can upload a malicious SVG document that contains an XSS payload. | |||||
| CVE-2021-26787 | 1 Genesys | 1 Workforce Management | 2021-12-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| A cross site scripting (XSS) vulnerability in Genesys Workforce Management 8.5.214.20 can occur (during record deletion) via the Time-off parameter. | |||||
| CVE-2021-42050 | 1 Abantecart | 1 Abantecart | 2021-12-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in AbanteCart before 1.3.2. It allows DOM Based XSS. | |||||
| CVE-2021-43817 | 1 Collabora | 1 Online | 2021-12-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| Collabora Online is a collaborative online office suite based on LibreOffice technology. In affected versions a reflected XSS vulnerability was found in Collabora Online. An attacker could inject unescaped HTML into a variable as they created the Collabora Online iframe, and execute scripts inside the context of the Collabora Online iframe. This would give access to a small set of user settings stored in the browser, as well as the session's authentication token which was also passed in at iframe creation time. Users should upgrade to Collabora Online 6.4.16 or higher or Collabora Online 4.2.20 or higher. Collabora Online Development Edition 21.11 is not affected. | |||||
| CVE-2021-38901 | 1 Ibm | 1 Spectrum Protect Operations Center | 2021-12-15 | 2.1 LOW | 5.5 MEDIUM |
| IBM Spectrum Protect Operations Center 7.1, under special configurations, could allow a local user to obtain highly sensitive information. IBM X-Force ID: 209610. | |||||
| CVE-2021-24780 | 1 Single Post Exporter Project | 1 Single Post Exporter | 2021-12-15 | 4.3 MEDIUM | 4.3 MEDIUM |
| The Single Post Exporter WordPress plugin through 1.1.1 does not have CSRF checks when saving its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and give access to the export feature to any role such as subscriber. Subscriber users would then be able to export an arbitrary post/page (such as private and password protected) via a direct URL | |||||
| CVE-2021-42220 | 1 Dolibarr | 1 Dolibarr | 2021-12-15 | 3.5 LOW | 5.4 MEDIUM |
| A Cross Site Scripting (XSS) vulnerability exists in Dolibarr before 14.0.3 via the ticket creation flow. Exploitation requires that an admin copies the payload into a box. | |||||
| CVE-2020-4496 | 2 Ibm, Linux | 2 Spectrum Protect Plus, Linux Kernel | 2021-12-15 | 4.3 MEDIUM | 5.9 MEDIUM |
| The IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x server connection to an IBM Spectrum Protect Plus workload agent is subject to a man-in-the-middle attack due to improper certificate validation. IBM X-Force ID: 182046. | |||||
| CVE-2021-24872 | 1 Get Custom Field Values Project | 1 Get Custom Field Values | 2021-12-15 | 4.0 MEDIUM | 6.5 MEDIUM |
| The Get Custom Field Values WordPress plugin before 4.0 allows users with a role as low as Contributor to access other posts metadata without validating the permissions. Eg. contributors can access admin posts metadata. | |||||
| CVE-2021-24932 | 1 Cm-wp | 1 Auto Featured Image | 2021-12-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Auto Featured Image (Auto Post Thumbnail) WordPress plugin before 3.9.3 does not sanitise and escape the post_id parameter before outputting back in an admin page within a JS block, leading to a Reflected Cross-Site Scripting issue. | |||||