Search
Total
46623 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-9476 | 2 Cisco, Commscope | 4 Dpc3939, Dpc3939 Firmware, Arris Tg1682g and 1 more | 2021-09-13 | 3.3 LOW | 6.5 MEDIUM |
| The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST); Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST); and Arris TG1682G (eMTA&DOCSIS version 10.0.132.SIP.PC20.CT, software version TG1682_2.2p7s2_PROD_sey) devices makes it easy for remote attackers to determine the hidden SSID and passphrase for a Home Security Wi-Fi network. | |||||
| CVE-2018-0381 | 1 Cisco | 1 Aironet Access Points | 2021-09-13 | 5.5 MEDIUM | 6.8 MEDIUM |
| A vulnerability in the Cisco Aironet Series Access Points (APs) software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to a deadlock condition that may occur when an affected AP attempts to dequeue aggregated traffic that is destined to an attacker-controlled wireless client. An attacker who can successfully transition between multiple Service Set Identifiers (SSIDs) hosted on the same AP while replicating the required traffic patterns could trigger the deadlock condition. A watchdog timer that detects the condition will trigger a reload of the device, resulting in a DoS condition while the device restarts. | |||||
| CVE-2019-15367 | 1 Haier | 2 P10, P10 Firmware | 2021-09-13 | 2.1 LOW | 5.5 MEDIUM |
| The Haier P10 Android device with a build fingerprint of Haier/P10/P10:8.1.0/O11019/1532662449:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization. | |||||
| CVE-2019-13603 | 1 Hidglobal | 2 Digital Persona U.are.u 4500, Digital Persona U.are.u 4500 Driver Firmware | 2021-09-13 | 4.3 MEDIUM | 5.9 MEDIUM |
| An issue was discovered in the HID Global DigitalPersona (formerly Crossmatch) U.are.U 4500 Fingerprint Reader Windows Biometric Framework driver 5.0.0.5. It has a statically coded initialization vector to encrypt a user's fingerprint image, resulting in weak encryption of that. This, in combination with retrieving an encrypted fingerprint image and encryption key (through another vulnerability), allows an attacker to obtain a user's fingerprint image. | |||||
| CVE-2018-18070 | 1 Mercedes-benz | 2 C-class, Comand | 2021-09-13 | 7.1 HIGH | 5.9 MEDIUM |
| An issue was discovered in Daimler Mercedes-Benz COMAND 17/13.0 50.12 on Mercedes-Benz C-Class 2018 vehicles. Defining or receiving a specific navigation route might cause the system to freeze and reboot after a few transmissions. When the system next starts, it tries to re-calculate the route, which will cause a boot loop. (Under certain circumstances, it is possible to quickly overwrite the malicious route to regain the stability of the system.) | |||||
| CVE-2015-6027 | 1 Castlerock | 1 Snmpc | 2021-09-13 | 4.3 MEDIUM | 6.1 MEDIUM |
| Castle Rock Computing SNMPc before 2015-12-17 has XSS via SNMP. | |||||
| CVE-2021-30171 | 1 Junhetec | 1 Enterprise Resource Planning Point Of Sale System | 2021-09-13 | 3.5 LOW | 5.4 MEDIUM |
| Special characters of ERP POS news page are not filtered in users’ input, which allow remote authenticated attackers can inject malicious JavaScript and carry out stored XSS (Stored Cross-site scripting) attacks, additionally access and manipulate customer’s information. | |||||
| CVE-2021-30170 | 1 Junhetec | 1 Enterprise Resource Planning Point Of Sale System | 2021-09-13 | 3.5 LOW | 5.4 MEDIUM |
| Special characters of ERP POS customer profile page are not filtered in users’ input, which allow remote authenticated attackers can inject malicious JavaScript and carry out stored XSS (Stored Cross-site scripting) attacks, additionally access and manipulate customer’s information. | |||||
| CVE-2016-1160 | 1 Wp Favorite Posts Project | 1 Wp Favorite Posts | 2021-09-13 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in the WP Favorite Posts plugin before 1.6.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2021-25204 | 1 E-commerce Website Project | 1 E-commerce Website | 2021-09-13 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting (XSS) vulnerability in SourceCodester E-Commerce Website v 1.0 allows remote attackers to inject arbitrary web script or HTM via the subject field to feedback_process.php. | |||||
| CVE-2018-8434 | 1 Microsoft | 6 Windows 10, Windows 7, Windows 8.1 and 3 more | 2021-09-13 | 5.2 MEDIUM | 5.4 MEDIUM |
| An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. | |||||
| CVE-2021-24599 | 1 Wp-webhooks | 1 Email Encoder | 2021-09-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Email Encoder – Protect Email Addresses WordPress plugin before 2.1.2 has an endpoint that requires no authentication and will render a user supplied value in the HTML response without escaping or sanitizing the data. | |||||
| CVE-2021-32782 | 1 Nextcloud | 1 Circles | 2021-09-10 | 3.5 LOW | 5.4 MEDIUM |
| Nextcloud Circles is an open source social network built for the nextcloud ecosystem. In affected versions the Nextcloud Circles application is vulnerable to a stored Cross-Site Scripting (XSS) vulnerability. Due the strict Content-Security-Policy shipped with Nextcloud, this issue is not exploitable on modern browsers supporting Content-Security-Policy. It is recommended that the Nextcloud Circles application is upgraded to 0.21.3, 0.20.10 or 0.19.14 to resolve this issue. As a workaround users may use a browser that has support for Content-Security-Policy. A notable exemption is Internet Explorer which does not support CSP properly. | |||||
| CVE-2021-24590 | 1 Gdprinfo | 1 Cookie Notice \& Consent Banner For Gdpr \& Ccpa Compliance | 2021-09-10 | 3.5 LOW | 5.4 MEDIUM |
| The Cookie Notice & Consent Banner for GDPR & CCPA Compliance WordPress plugin before 1.7.2 does not properly sanitize inputs to prevent injection of arbitrary HTML within the plugin's design customization options. | |||||
| CVE-2021-38707 | 1 Cliniccases | 1 Cliniccases | 2021-09-10 | 3.5 LOW | 5.4 MEDIUM |
| Persistent cross-site scripting (XSS) vulnerabilities in ClinicCases 7.3.3 allow low-privileged attackers to introduce arbitrary JavaScript to account parameters. The XSS payloads will execute in the browser of any user who views the relevant content. This can result in account takeover via session token theft. | |||||
| CVE-2021-23439 | 1 File-upload-with-preview Project | 1 File-upload-with-preview | 2021-09-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| This affects the package file-upload-with-preview before 4.2.0. A file containing malicious JavaScript code in the name can be uploaded (a user needs to be tricked into uploading such a file). | |||||
| CVE-2021-39499 | 1 Eyoucms | 1 Eyoucms | 2021-09-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| A Cross-site scripting (XSS) vulnerability in Users in Qiong ICP EyouCMS 1.5.4 allows remote attackers to inject arbitrary web script or HTML via the `title` parameter in bind_email function. | |||||
| CVE-2021-39501 | 1 Eyoucms | 1 Eyoucms | 2021-09-10 | 5.8 MEDIUM | 6.1 MEDIUM |
| EyouCMS 1.5.4 is vulnerable to Open Redirect. An attacker can redirect a user to a malicious url via the Logout function. | |||||
| CVE-2021-39186 | 1 Miraheze | 1 Globalnewfiles | 2021-09-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| GlobalNewFiles is a MediaWiki extension maintained by Miraheze. Prior to commit number cee254e1b158cdb0ddbea716b1d3edc31fa4fb5d, the username column of the GlobalNewFiles special page is vulnerable to a stored XSS. Commit number cee254e1b158cdb0ddbea716b1d3edc31fa4fb5d contains a patch. As a workaround, one may disallow <,> (or other characters required to insert html/js) from being used in account names so an XSS is not possible. | |||||
| CVE-2021-39193 | 1 Parity | 1 Frontier | 2021-09-10 | 5.0 MEDIUM | 5.3 MEDIUM |
| Frontier is Substrate's Ethereum compatibility layer. Prior to commit number 0b962f218f0cdd796dadfe26c3f09e68f7861b26, a bug in `pallet-ethereum` can cause invalid transactions to be included in the Ethereum block state in `pallet-ethereum` due to not validating the input data size. Any invalid transactions included this way have no possibility to alter the internal Ethereum or Substrate state. The transaction will appear to have be included, but is of no effect as it is rejected by the EVM engine. The impact is further limited by Substrate extrinsic size constraints. A patch is available in commit number 0b962f218f0cdd796dadfe26c3f09e68f7861b26. There are no workarounds aside from applying the patch. | |||||
| CVE-2021-38704 | 1 Cliniccases | 1 Cliniccases | 2021-09-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| Multiple reflected cross-site scripting (XSS) vulnerabilities in ClinicCases 7.3.3 allow unauthenticated attackers to introduce arbitrary JavaScript by crafting a malicious URL. This can result in account takeover via session token theft. | |||||
| CVE-2020-19855 | 1 Phpwcms | 1 Phpwcms | 2021-09-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| phpwcms v1.9 contains a cross-site scripting (XSS) vulnerability in /image_zoom.php. | |||||
| CVE-2021-38312 | 1 Redux | 1 Gutenberg Template Library \& Redux Framework | 2021-09-10 | 4.0 MEDIUM | 6.5 MEDIUM |
| The Gutenberg Template Library & Redux Framework plugin <= 4.2.11 for WordPress used an incorrect authorization check in the REST API endpoints registered under the “redux/v1/templates/” REST Route in “redux-templates/classes/class-api.php”. The `permissions_callback` used in this file only checked for the `edit_posts` capability which is granted to lower-privileged users such as contributors, allowing such users to install arbitrary plugins from the WordPress repository and edit arbitrary posts. | |||||
| CVE-2021-38314 | 1 Redux | 1 Gutenberg Template Library \& Redux Framework | 2021-09-10 | 5.0 MEDIUM | 5.3 MEDIUM |
| The Gutenberg Template Library & Redux Framework plugin <= 4.2.11 for WordPress registered several AJAX actions available to unauthenticated users in the `includes` function in `redux-core/class-redux-core.php` that were unique to a given site but deterministic and predictable given that they were based on an md5 hash of the site URL with a known salt value of '-redux' and an md5 hash of the previous hash with a known salt value of '-support'. These AJAX actions could be used to retrieve a list of active plugins and their versions, the site's PHP version, and an unsalted md5 hash of site’s `AUTH_KEY` concatenated with the `SECURE_AUTH_KEY`. | |||||
| CVE-2021-40491 | 1 Gnu | 1 Inetutils | 2021-09-10 | 4.3 MEDIUM | 6.5 MEDIUM |
| The ftp client in GNU Inetutils before 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they match the server address. This is similar to CVE-2020-8284 for curl. | |||||
| CVE-2019-6146 | 1 Forcepoint | 1 Web Security | 2021-09-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| It has been reported that cross-site scripting (XSS) is possible in Forcepoint Web Security, version 8.x, via host header injection. CVSSv3.0: 5.3 (Medium) (/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) | |||||
| CVE-2019-6144 | 1 Forcepoint | 1 One Endpoint | 2021-09-10 | 4.0 MEDIUM | 6.5 MEDIUM |
| This vulnerability allows a normal (non-admin) user to disable the Forcepoint One Endpoint (versions 19.04 through 19.08) and bypass DLP and Web protection. | |||||
| CVE-2019-6145 | 1 Forcepoint | 1 Vpn Client | 2021-09-10 | 7.2 HIGH | 6.7 MEDIUM |
| Forcepoint VPN Client for Windows versions lower than 6.6.1 have an unquoted search path vulnerability. This enables local privilege escalation to SYSTEM user. By default, only local administrators can write executables to the vulnerable directories. Forcepoint thanks Peleg Hadar of SafeBreach Labs for finding this vulnerability and for reporting it to us. | |||||
| CVE-2021-3758 | 1 Bookstackapp | 1 Bookstack | 2021-09-10 | 4.0 MEDIUM | 6.5 MEDIUM |
| bookstack is vulnerable to Server-Side Request Forgery (SSRF) | |||||
| CVE-2021-34759 | 1 Cisco | 1 Identity Services Engine | 2021-09-10 | 3.5 LOW | 4.8 MEDIUM |
| A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. To exploit this vulnerability, an attacker would need valid administrative credentials. | |||||
| CVE-2021-34733 | 1 Cisco | 2 Evolved Programmable Network Manager, Prime Infrastructure | 2021-09-10 | 2.1 LOW | 5.5 MEDIUM |
| A vulnerability in the CLI of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, local attacker to access sensitive information stored on the underlying file system of an affected system. This vulnerability exists because sensitive information is not sufficiently secured when it is stored. An attacker could exploit this vulnerability by gaining unauthorized access to sensitive information on an affected system. A successful exploit could allow the attacker to create forged authentication requests and gain unauthorized access to the affected system. | |||||
| CVE-2021-34732 | 1 Cisco | 1 Prime Collaboration Provisioning | 2021-09-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. | |||||
| CVE-2021-34150 | 1 Bluetrum | 2 Ab5301a, Ab5301a Firmware | 2021-09-10 | 3.3 LOW | 6.5 MEDIUM |
| The Bluetooth Classic implementation on Bluetrum AB5301A devices with unknown firmware versions does not properly handle the reception of oversized DM1 LMP packets while no other BT connections are active, allowing attackers in radio range to prevent new BT connections (disabling the AB5301A inquiry and page scan procedures) via a crafted LMP packet. The user needs to manually perform a power cycle (restart) of the device to restore BT connectivity. | |||||
| CVE-2021-27911 | 1 Acquia | 1 Mautic | 2021-09-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| Mautic versions before 3.3.4/4.0.0 are vulnerable to an inline JS XSS attack through the contact's first or last name and triggered when viewing a contact's details page then clicking on the action drop down and hovering over the Campaigns button. Contact first and last name can be populated from different sources such as UI, API, 3rd party syncing, forms, etc. | |||||
| CVE-2021-27910 | 1 Acquia | 1 Mautic | 2021-09-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| Insufficient sanitization / filtering allows for arbitrary JavaScript Injection in Mautic using the bounce management callback function. The values submitted in the "error" and "error_related_to" parameters of the POST request of the bounce management callback will be permanently stored and executed once the details page of an affected lead is opened by a Mautic user. An attacker with access to the bounce management callback function (identified with the Mailjet webhook, but it is assumed this will work uniformly across all kinds of webhooks) can inject arbitrary JavaScript Code into the "error" and "error_related_to" parameters of the POST request (POST /mailer/<product / webhook>/callback). It is noted that there is no authentication needed to access this function. The JavaScript Code is stored permanently in the web application and executed every time an authenticated user views the details page of a single contact / lead in Mautic. This means, arbitrary code can be executed to, e.g., steal or tamper with information. | |||||
| CVE-2021-22929 | 1 Brave | 1 Brave | 2021-09-10 | 3.6 LOW | 6.1 MEDIUM |
| An information disclosure exists in Brave Browser Desktop prior to version 1.28.62, where logged warning messages that included timestamps of connections to V2 onion domains in tor.log. | |||||
| CVE-2021-27909 | 1 Acquia | 1 Mautic | 2021-09-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| For Mautic versions prior to 3.3.4/4.0.0, there is an XSS vulnerability on Mautic's password reset page where a vulnerable parameter, "bundle," in the URL could allow an attacker to execute Javascript code. The attacker would be required to convince or trick the target into clicking a password reset URL with the vulnerable parameter utilized. | |||||
| CVE-2017-17933 | 1 Netwin | 1 Surgeftp | 2021-09-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| cgi/surgeftpmgr.cgi (aka the Web Manager interface on TCP port 7021 or 9021) in NetWin SurgeFTP version 23f2 has XSS via the classid, domainid, or username parameter. | |||||
| CVE-2021-39285 | 1 Versa-networks | 1 Versa Director | 2021-09-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| A XSS vulnerability exists in Versa Director Release: 16.1R2 Build: S8. An attacker can use the administration web interface URL to create a XSS based attack. | |||||
| CVE-2021-39496 | 1 Eyoucms | 1 Eyoucms | 2021-09-09 | 3.5 LOW | 5.4 MEDIUM |
| Eyoucms 1.5.4 lacks sanitization of input data, allowing an attacker to inject malicious code into `filename` param to trigger Reflected XSS. | |||||
| CVE-2021-28136 | 1 Espressif | 2 Esp-idf, Esp32 | 2021-09-09 | 3.3 LOW | 6.5 MEDIUM |
| The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly handle the reception of multiple LMP IO Capability Request packets during the pairing process, allowing attackers in radio range to trigger memory corruption (and consequently a crash) in ESP32 via a replayed (duplicated) LMP packet. | |||||
| CVE-2021-39278 | 1 Moxa | 24 Oncell G3470a-lte-eu, Oncell G3470a-lte-eu-t, Oncell G3470a-lte-eu-t Firmware and 21 more | 2021-09-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| Certain MOXA devices allow reflected XSS via the Config Import menu. This affects WAC-2004 1.7, WAC-1001 2.1, WAC-1001-T 2.1, OnCell G3470A-LTE-EU 1.7, OnCell G3470A-LTE-EU-T 1.7, TAP-323-EU-CT-T 1.3, TAP-323-US-CT-T 1.3, TAP-323-JP-CT-T 1.3, WDR-3124A-EU 2.3, WDR-3124A-EU-T 2.3, WDR-3124A-US 2.3, and WDR-3124A-US-T 2.3. | |||||
| CVE-2021-34144 | 1 Zh-jieli | 15 Ac6936, Ac6951, Ac6952 and 12 more | 2021-09-09 | 3.3 LOW | 6.5 MEDIUM |
| The Bluetooth Classic implementation in the Zhuhai Jieli AC6366C BT SDK through 0.9.1 does not properly handle the reception of truncated LMP_SCO_Link_Request packets while no other BT connections are active, allowing attackers in radio range to prevent new BT connections (disabling the AB5301A inquiry and page scan procedures) via a crafted LMP packet. The user needs to manually perform a power cycle (restart) of the device to restore BT connectivity. | |||||
| CVE-2021-34149 | 1 Ti | 2 Cc256xcqfn-em, Cc256xcqfn-em Firmware | 2021-09-09 | 3.3 LOW | 6.5 MEDIUM |
| The Bluetooth Classic implementation on the Texas Instruments CC256XCQFN-EM does not properly handle the reception of continuous LMP_AU_Rand packets, allowing attackers in radio range to trigger a denial of service (deadlock) of the device by flooding it with LMP_AU_Rand packets after the paging procedure. | |||||
| CVE-2021-28155 | 1 Jbl | 2 Tune500bt, Tune500bt Firmware | 2021-09-09 | 6.1 MEDIUM | 6.5 MEDIUM |
| The Bluetooth Classic implementation on JBL TUNE500BT devices does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a denial of service and shutdown a device by flooding the target device with LMP Feature Response data. | |||||
| CVE-2021-31613 | 1 Zh-jieli | 10 Ac6901, Ac6901 Firmware, Ac6921 and 7 more | 2021-09-09 | 3.3 LOW | 6.5 MEDIUM |
| The Bluetooth Classic implementation on Zhuhai Jieli AC690X and AC692X devices does not properly handle the reception of a truncated LMP packet during the LMP auto rate procedure, allowing attackers in radio range to immediately crash (and restart) a device via a crafted LMP packet. | |||||
| CVE-2021-35238 | 1 Solarwinds | 1 Orion Platform | 2021-09-09 | 3.5 LOW | 4.8 MEDIUM |
| User with Orion Platform Admin Rights could store XSS through URL POST parameter in CreateExternalWebsite website. | |||||
| CVE-2021-36093 | 1 Otrs | 1 Otrs | 2021-09-09 | 5.0 MEDIUM | 5.3 MEDIUM |
| It's possible to create an email which can be stuck while being processed by PostMaster filters, causing DoS. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.28 and prior versions; 8.0.x version 8.0.15 and prior versions. | |||||
| CVE-2021-36094 | 1 Otrs | 1 Otrs | 2021-09-09 | 3.5 LOW | 5.4 MEDIUM |
| It's possible to craft a request for appointment edit screen, which could lead to the XSS attack. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.28 and prior versions. | |||||
| CVE-2021-36095 | 1 Otrs | 1 Otrs | 2021-09-09 | 5.0 MEDIUM | 5.3 MEDIUM |
| Malicious attacker is able to find out valid user logins by using the "lost password" feature. This issue affects: OTRS AG ((OTRS)) Community Edition version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.28 and prior versions. | |||||