Search
Total
46623 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-16779 | 3 Debian, Excon Project, Opensuse | 4 Debian Linux, Excon, Backports Sle and 1 more | 2021-10-28 | 4.3 MEDIUM | 5.9 MEDIUM |
| In RubyGem excon before 0.71.0, there was a race condition around persistent connections, where a connection which is interrupted (such as by a timeout) would leave data on the socket. Subsequent requests would then read this data, returning content from the previous response. The race condition window appears to be short, and it would be difficult to purposefully exploit this. | |||||
| CVE-2019-10927 | 1 Siemens | 10 Scalance Xb-200, Scalance Xb-200 Firmware, Scalance Xc-200 and 7 more | 2021-10-28 | 4.0 MEDIUM | 6.5 MEDIUM |
| A vulnerability has been identified in SCALANCE SC-600 (V2.0), SCALANCE XB-200 (V4.1), SCALANCE XC-200 (V4.1), SCALANCE XF-200BA (V4.1), SCALANCE XP-200 (V4.1), SCALANCE XR-300WG (V4.1). An authenticated attacker with network access to to port 22/tcp of an affected device may cause a Denial-of-Service condition. The security vulnerability could be exploited by an authenticated attacker with network access to the affected device. No user interaction is required to exploit this vulnerability. The vulnerability impacts the availability of the affected device. | |||||
| CVE-2019-10963 | 1 Moxa | 2 Edr-810, Edr-810 Firmware | 2021-10-28 | 4.3 MEDIUM | 4.3 MEDIUM |
| Moxa EDR 810, all versions 5.1 and prior, allows an unauthenticated attacker to be able to retrieve some log files from the device, which may allow sensitive information disclosure. Log files must have previously been exported by a legitimate user. | |||||
| CVE-2019-16764 | 1 Powauth | 1 Powassent | 2021-10-28 | 2.1 LOW | 5.5 MEDIUM |
| The use of `String.to_atom/1` in PowAssent is susceptible to denial of service attacks. In `PowAssent.Phoenix.AuthorizationController` a value is fetched from the user provided params, and `String.to_atom/1` is used to convert the binary value to an atom so it can be used to fetch the provider configuration value. This is unsafe as it is user provided data, and can be used to fill up the whole atom table of ~1M which will cause the app to crash. | |||||
| CVE-2021-42556 | 1 Rasa | 1 Rasa X | 2021-10-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| Rasa X before 0.42.4 allows Directory Traversal during archive extraction. In the functionality that allows a user to load a trained model archive, an attacker has arbitrary write capability within specific directories via a crafted archive file. | |||||
| CVE-2019-10974 | 1 Nrel | 1 Energyplus | 2021-10-28 | 3.6 LOW | 5.5 MEDIUM |
| NREL EnergyPlus, Versions 8.6.0 and possibly prior versions, The application fails to prevent an exception handler from being overwritten with arbitrary code. | |||||
| CVE-2019-0042 | 1 Juniper | 1 Identity Management Service | 2021-10-28 | 1.9 LOW | 4.2 MEDIUM |
| Juniper Identity Management Service (JIMS) for Windows versions prior to 1.1.4 may send an incorrect message to associated SRX services gateways. This may allow an attacker with physical access to an existing domain connected Windows system to bypass SRX firewall policies, or trigger a Denial of Service (DoS) condition for the network. | |||||
| CVE-2021-35230 | 1 Solarwinds | 1 Kiwi Cattools | 2021-10-28 | 7.2 HIGH | 6.7 MEDIUM |
| As a result of an unquoted service path vulnerability present in the Kiwi CatTools Installation Wizard, a local attacker could gain escalated privileges by inserting an executable into the path of the affected service or uninstall entry. | |||||
| CVE-2021-21319 | 1 Galette | 1 Galette | 2021-10-28 | 3.5 LOW | 5.4 MEDIUM |
| Galette is a membership management web application geared towards non profit organizations. In versions prior to 0.9.5, malicious javascript code can be stored to be displayed later on self subscription page. The self subscription feature can be disabled as a workaround (this is the default state). Malicious javascript code can be executed (not stored) on login and retrieve password pages. This issue is patched in version 0.9.5. | |||||
| CVE-2021-24885 | 1 Yop-poll | 1 Yop-poll | 2021-10-28 | 4.3 MEDIUM | 6.1 MEDIUM |
| The YOP Poll WordPress plugin before 6.1.2 does not escape the perpage parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting | |||||
| CVE-2020-20908 | 1 Akaunting | 1 Akaunting | 2021-10-28 | 3.5 LOW | 5.4 MEDIUM |
| Akaunting v1.3.17 was discovered to contain a stored cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Company Name input field. | |||||
| CVE-2021-41168 | 1 Reddit | 1 Snudown | 2021-10-28 | 4.0 MEDIUM | 6.5 MEDIUM |
| Snudown is a reddit-specific fork of the Sundown Markdown parser used by GitHub, with Python integration added. In affected versions snudown was found to be vulnerable to denial of service attacks to its reference table implementation. References written in markdown ` [reference_name]: https://www.example.com` are inserted into a hash table which was found to have a weak hash function, meaning that an attacker can reliably generate a large number of collisions for it. This makes the hash table vulnerable to a hash-collision DoS attack, a type of algorithmic complexity attack. Further the hash table allowed for duplicate entries resulting in long retrieval times. Proofs of concept and further discussion of the hash collision issue are discussed on the snudown GHSA(https://github.com/reddit/snudown/security/advisories/GHSA-6gvv-9q92-w5f6). Users are advised to update to version 1.7.0. | |||||
| CVE-2020-36490 | 1 Dedecms | 1 Dedecms | 2021-10-28 | 3.5 LOW | 5.4 MEDIUM |
| DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component file_manage_view.php via the `activepath`, `keyword`, `tag`, `fmdo=x&filename`, `CKEditor` and `CKEditorFuncNum` parameters. | |||||
| CVE-2020-36491 | 1 Dedecms | 1 Dedecms | 2021-10-28 | 3.5 LOW | 5.4 MEDIUM |
| DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component tags_main.php via the `activepath`, `keyword`, `tag`, `fmdo=x&filename`, `CKEditor` and `CKEditorFuncNum` parameters. | |||||
| CVE-2020-23054 | 1 User-agent Switcher And Manager Project | 1 User-agent Switcher And Manager | 2021-10-28 | 4.3 MEDIUM | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in NSK User Agent String Switcher Service v0.3.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the user agent input field. | |||||
| CVE-2020-23049 | 1 Fork-cms | 1 Fork Cms | 2021-10-28 | 3.5 LOW | 5.4 MEDIUM |
| Fork CMS Content Management System v5.8.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the `Displayname` field when using the `Add`, `Edit` or `Register' functions. This vulnerability allows attackers to execute arbitrary web scripts or HTML. | |||||
| CVE-2020-23046 | 1 Dedecms | 1 Dedecms | 2021-10-28 | 4.3 MEDIUM | 6.1 MEDIUM |
| DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component tpl.php via the `filename`, `mid`, `userid`, and `templet' parameters. | |||||
| CVE-2020-23044 | 1 Dedecms | 1 Dedecms | 2021-10-28 | 3.5 LOW | 5.4 MEDIUM |
| DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component file_pic_view.php via the `activepath`, `keyword`, `tag`, `fmdo=x&filename`, `CKEditor` and `CKEditorFuncNum` parameters. | |||||
| CVE-2020-23052 | 1 Catalyst | 1 Mahara | 2021-10-28 | 3.5 LOW | 5.4 MEDIUM |
| Catalyst IT Ltd Mahara CMS v19.10.2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component groupfiles.php via the Number (Nombre) and Description (Descripción) parameters. | |||||
| CVE-2021-39328 | 1 Presstigers | 1 Simple Job Board | 2021-10-27 | 3.5 LOW | 4.8 MEDIUM |
| The Simple Job Board WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping on the $job_board_privacy_policy_label variable echo'd out via the ~/admin/settings/class-simple-job-board-settings-privacy.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 2.9.4. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled. | |||||
| CVE-2021-39348 | 1 Thimpress | 1 Learnpress | 2021-10-27 | 3.5 LOW | 4.8 MEDIUM |
| The LearnPress WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping on the $custom_profile parameter found in the ~/inc/admin/views/backend-user-profile.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 4.1.3.1. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled. Please note that this is seperate from CVE-2021-24702. | |||||
| CVE-2021-39354 | 1 Sandhillsdev | 1 Easy Digital Downloads | 2021-10-27 | 3.5 LOW | 4.8 MEDIUM |
| The Easy Digital Downloads WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the $start_date and $end_date parameters found in the ~/includes/admin/payments/class-payments-table.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.11.2. | |||||
| CVE-2021-39356 | 1 Content Staging Project | 1 Content Staging | 2021-10-27 | 3.5 LOW | 4.8 MEDIUM |
| The Content Staging WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and escaping via several parameters that are echo'd out via the ~/templates/settings.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 2.0.1. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled. | |||||
| CVE-2021-34855 | 1 Parallels | 1 Parallels Desktop | 2021-10-27 | 2.1 LOW | 6.5 MEDIUM |
| This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 16.1.3 (49160). An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-13592. | |||||
| CVE-2021-41308 | 1 Atlassian | 2 Jira, Jira Software Data Center | 2021-10-27 | 4.0 MEDIUM | 6.5 MEDIUM |
| Affected versions of Atlassian Jira Server and Data Center allow authenticated yet non-administrator remote attackers to edit the File Replication settings via a Broken Access Control vulnerability in the `ReplicationSettings!default.jspa` endpoint. The affected versions are before version 8.6.0, from version 8.7.0 before 8.13.12, and from version 8.14.0 before 8.20.1. | |||||
| CVE-2021-41172 | 1 Antsword Redis Project | 1 Antsword Redis | 2021-10-27 | 3.5 LOW | 5.4 MEDIUM |
| AS_Redis is an AntSword plugin for Redis. The Redis Manage plugin for AntSword prior to version 0.5 is vulnerable to Self-XSS due to due to insufficient input validation and sanitization via redis server configuration. Self-XSS in the plugin configuration leads to code execution. This issue is patched in version 0.5. | |||||
| CVE-2021-41792 | 1 Alfresco | 2 Alfresco Content Services, Alfresco Transform Services | 2021-10-27 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in Hyland org.alfresco:alfresco-content-services through 6.2.2.18 and org.alfresco:alfresco-transform-services through 1.3. A crafted HTML file, once uploaded, could trigger an unexpected request by the transformation engine. The response to the request is not available to the attacker, i.e., this is blind SSRF. | |||||
| CVE-2020-23042 | 1 Dropouts | 1 Super Backup | 2021-10-27 | 4.3 MEDIUM | 6.1 MEDIUM |
| Dropouts Technologies LLP Super Backup v2.0.5 was discovered to contain a cross-site scripting (XSS) vulnerability in the path parameter of the `list` and `download` module. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted GET request. | |||||
| CVE-2021-41791 | 1 Alfresco | 2 Community Share, Share | 2021-10-27 | 3.5 LOW | 5.4 MEDIUM |
| An issue was discovered in Hyland org.alfresco:share through 7.0.0.2 and org.alfresco:community-share through 7.0. An evasion of the XSS filter for HTML input validation in the Alfresco Share User Interface leads to stored XSS that could be exploited by an attacker (given that he has privileges on the content collaboration features). | |||||
| CVE-2020-23051 | 1 User Registration \& Login And User Management System With Admin Panel Project | 1 User Registration \& Login And User Management System With Admin Panel | 2021-10-27 | 4.3 MEDIUM | 6.1 MEDIUM |
| Phpgurukul User Registration & User Management System v2.0 was discovered to contain multiple stored cross-site scripting (XSS) vulnerabilities via the firstname and lastname parameters of the registration form & loginsystem input fields. | |||||
| CVE-2021-24744 | 1 Cimatti | 1 Contact Forms | 2021-10-27 | 3.5 LOW | 4.8 MEDIUM |
| The WordPress Contact Forms by Cimatti WordPress plugin before 1.4.12 does not sanitise and escape the Form Title before outputting it in some admin pages. which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed. | |||||
| CVE-2021-41185 | 1 Mycodo Project | 1 Mycodo | 2021-10-27 | 4.0 MEDIUM | 6.5 MEDIUM |
| Mycodo is an environmental monitoring and regulation system. An exploit in versions prior to 8.12.7 allows anyone with access to endpoints to download files outside the intended directory. A patch has been applied and a release made. Users should upgrade to version 8.12.7. As a workaround, users may manually apply the changes from the fix commit. | |||||
| CVE-2020-23041 | 1 Dropouts | 1 Air Share | 2021-10-27 | 4.3 MEDIUM | 6.1 MEDIUM |
| Dropouts Technologies LLP Air Share v1.2 was discovered to contain a cross-site scripting (XSS) vulnerability in the path parameter of the `list` and `download` exception-handling. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted GET request. | |||||
| CVE-2020-23048 | 1 Seeddms | 1 Seeddms | 2021-10-27 | 4.3 MEDIUM | 6.1 MEDIUM |
| SeedDMS Content Management System v6.0.7 contains a persistent cross-site scripting (XSS) vulnerability in the component AddEvent.php via the name and comment parameters. | |||||
| CVE-2020-23047 | 1 Macs Cms Project | 1 Macs Cms | 2021-10-27 | 4.3 MEDIUM | 6.1 MEDIUM |
| Macrob7 Macs Framework Content Management System - 1.14f was discovered to contain a cross-site scripting (XSS) vulnerability in the search input field of the search module. | |||||
| CVE-2020-23039 | 1 Newsoftwares | 1 Folder Lock | 2021-10-27 | 3.5 LOW | 5.4 MEDIUM |
| Folder Lock v3.4.5 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Create Folder function under the 'create' module. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload as a path or folder name. | |||||
| CVE-2021-24653 | 1 Cookie-bar Project | 1 Cookie-bar | 2021-10-27 | 3.5 LOW | 4.8 MEDIUM |
| The Cookie Bar WordPress plugin through 1.8.8 doesn't properly sanitise the Cookie Bar Message setting, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed | |||||
| CVE-2021-24608 | 1 Strategy11 | 1 Formidable Form Builder | 2021-10-27 | 3.5 LOW | 4.8 MEDIUM |
| The Formidable Form Builder – Contact Form, Survey & Quiz Forms Plugin for WordPress plugin before 5.0.07 does not sanitise and escape its Form's Labels, allowing high privileged users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed | |||||
| CVE-2021-24699 | 1 Easy Media Download Project | 1 Easy Media Download | 2021-10-27 | 3.5 LOW | 5.4 MEDIUM |
| The Easy Media Download WordPress plugin before 1.1.7 does not escape the text argument of its shortcode, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks. | |||||
| CVE-2021-24785 | 1 Great-quotes Project | 1 Great-quotes | 2021-10-27 | 3.5 LOW | 4.8 MEDIUM |
| The Great Quotes WordPress plugin through 1.0.0 does not sanitise and escape the Quote and Author fields of its Quotes, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed. | |||||
| CVE-2021-34860 | 1 D-link | 2 Dap-2020, Dap-2020 Firmware | 2021-10-27 | 3.3 LOW | 6.5 MEDIUM |
| This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the getpage parameter provided to the webproc endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of root. Was ZDI-CAN-12103. | |||||
| CVE-2021-38455 | 1 Auvesy | 1 Versiondog | 2021-10-27 | 4.0 MEDIUM | 6.5 MEDIUM |
| The affected product’s OS Service does not verify any given parameter. A user can supply any type of parameter that will be passed to inner calls without checking the type of the parameter or the value. | |||||
| CVE-2021-42536 | 1 Emerson | 6 Wireless 1410 Gateway, Wireless 1410 Gateway Firmware, Wireless 1410d Gateway and 3 more | 2021-10-27 | 4.0 MEDIUM | 6.5 MEDIUM |
| The affected product is vulnerable to a disclosure of peer username and password by allowing all users access to read global variables. | |||||
| CVE-2021-42534 | 1 Trane | 2 Tracer Sc, Tracer Sc Firmware | 2021-10-27 | 4.3 MEDIUM | 6.1 MEDIUM |
| The affected product’s web application does not properly neutralize the input during webpage generation, which could allow an attacker to inject code in the input forms. | |||||
| CVE-2021-41169 | 1 Sulu | 1 Sulu | 2021-10-27 | 3.5 LOW | 4.8 MEDIUM |
| Sulu is an open-source PHP content management system based on the Symfony framework. In versions before 1.6.43 are subject to stored cross site scripting attacks. HTML input into Tag names is not properly sanitized. Only admin users are allowed to create tags. Users are advised to upgrade. | |||||
| CVE-2021-38465 | 1 Auvesy | 1 Versiondog | 2021-10-27 | 4.0 MEDIUM | 6.5 MEDIUM |
| The webinstaller is a Golang web server executable that enables the generation of an Auvesy image agent. Resource consumption can be achieved by generating large amounts of installations, which are then saved without limitation in the temp folder of the webinstaller executable. | |||||
| CVE-2021-39221 | 1 Nextcloud | 1 Contacts | 2021-10-27 | 3.5 LOW | 5.4 MEDIUM |
| Nextcloud is an open-source, self-hosted productivity platform. The Nextcloud Contacts application prior to version 4.0.3 was vulnerable to a stored Cross-Site Scripting (XSS) vulnerability. For exploitation, a user would need to right-click on a malicious file and open the file in a new tab. Due the strict Content-Security-Policy shipped with Nextcloud, this issue is not exploitable on modern browsers supporting Content-Security-Policy. It is recommended that the Nextcloud Contacts application is upgraded to 4.0.3. As a workaround, one may use a browser that has support for Content-Security-Policy. | |||||
| CVE-2021-38451 | 1 Auvesy | 1 Versiondog | 2021-10-27 | 3.5 LOW | 5.7 MEDIUM |
| The affected product’s proprietary protocol CSC allows for calling numerous function codes. In order to call those function codes, the user must supply parameters. There is no sanitation on the value of the offset, which allows the client to specify any offset and read out-of-bounds data. | |||||
| CVE-2021-31373 | 1 Juniper | 28 Junos, Srx100, Srx110 and 25 more | 2021-10-27 | 3.5 LOW | 5.4 MEDIUM |
| A persistent Cross-Site Scripting (XSS) vulnerability in Juniper Networks Junos OS on SRX Series, J-Web interface may allow a remote authenticated user to inject persistent and malicious scripts. An attacker can exploit this vulnerability to steal sensitive data and credentials from a web administration session, or hijack another user's active session to perform administrative actions. This issue affects: Juniper Networks Junos OS on SRX Series: 18.2 versions prior to 18.2R3-S8; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R3-S8; 19.1 versions prior to 19.1R3-S5; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R3-S1; 20.3 versions prior to 20.3R2-S1, 20.3R3. | |||||
| CVE-2021-24420 | 1 Emarketdesign | 1 Request A Quote | 2021-10-27 | 3.5 LOW | 5.4 MEDIUM |
| The Request a Quote WordPress plugin before 2.3.4 did not sanitise and escape some of its quote fields when adding/editing a quote as admin, leading to Stored Cross-Site scripting issues when the quote is output in the 'All Quotes" table. | |||||