Search
Total
46623 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-8703 | 1 Intel | 343 B150, B250, B360 and 340 more | 2021-08-10 | 4.6 MEDIUM | 6.7 MEDIUM |
| Improper buffer restrictions in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32 and 15.0.22 may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-8670 | 1 Intel | 539 Bios, Core I3-l13g4, Core I5-l16g7 and 536 more | 2021-08-10 | 4.4 MEDIUM | 6.4 MEDIUM |
| Race condition in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-24513 | 2 Debian, Intel | 65 Debian Linux, Atom C3308, Atom C3336 and 62 more | 2021-08-10 | 2.1 LOW | 6.5 MEDIUM |
| Domain-bypass transient execution vulnerability in some Intel Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2020-24507 | 1 Intel | 385 B150, B250, B360 and 382 more | 2021-08-10 | 2.1 LOW | 4.4 MEDIUM |
| Improper initialization in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32, 13.50.11 and 15.0.22 may allow a privileged user to potentially enable information disclosure via local access. | |||||
| CVE-2020-24506 | 1 Intel | 210 B360, B365, B460 and 207 more | 2021-08-10 | 2.1 LOW | 4.4 MEDIUM |
| Out of bound read in a subsystem in the Intel(R) CSME versions before 12.0.81, 13.0.47, 13.30.17, 14.1.53 and 14.5.32 may allow a privileged user to potentially enable information disclosure via local access. | |||||
| CVE-2020-24486 | 1 Intel | 539 Bios, Core I3-l13g4, Core I5-l16g7 and 536 more | 2021-08-10 | 2.1 LOW | 5.5 MEDIUM |
| Improper input validation in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2020-12358 | 1 Intel | 539 Bios, Core I3-l13g4, Core I5-l16g7 and 536 more | 2021-08-10 | 2.1 LOW | 4.4 MEDIUM |
| Out of bounds write in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local access. | |||||
| CVE-2020-12357 | 1 Intel | 539 Bios, Core I3-l13g4, Core I5-l16g7 and 536 more | 2021-08-10 | 4.6 MEDIUM | 6.7 MEDIUM |
| Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2017-8047 | 2 Cloudfoundry, Pivotal | 2 Cf-release, Routing-release | 2021-08-10 | 5.8 MEDIUM | 6.1 MEDIUM |
| In Cloud Foundry router routing-release all versions prior to v0.163.0 and cf-release all versions prior to v274, in some applications, it is possible to append a combination of characters to the URL that will allow for an open redirect. An attacker could exploit this as a phishing attack to gain access to user credentials or other sensitive data. NOTE: 274 resolves the vulnerability but has a serious bug that is fixed in 275. | |||||
| CVE-2021-24455 | 1 Themeum | 1 Tutor Lms | 2021-08-10 | 3.5 LOW | 5.4 MEDIUM |
| The Tutor LMS – eLearning and online course solution WordPress plugin before 1.9.2 did not escape the Summary field of Announcements (when outputting it in an attribute), which can be created by users as low as Tutor Instructor. This lead to a Stored Cross-Site Scripting issue, which is triggered when viewing the Announcements list, and could result in privilege escalation when viewed by an admin. | |||||
| CVE-2021-24448 | 1 Cozmoslabs | 1 Profile Builder | 2021-08-10 | 3.5 LOW | 4.8 MEDIUM |
| The User Registration & User Profile – Profile Builder WordPress plugin before 3.4.8 does not sanitise or escape its 'Modify default Redirect Delay timer' setting, allowing high privilege users to use JavaScript code in it, even when the unfiltered_html capability is disallowed, leading to an authenticated Stored Cross-Site Scripting issue | |||||
| CVE-2021-24443 | 1 Kainelabs | 1 Youzify | 2021-08-10 | 3.5 LOW | 5.4 MEDIUM |
| The About Me widget of the Youzify – BuddyPress Community, User Profile, Social Network & Membership WordPress plugin before 1.0.7 does not properly sanitise its Biography field, allowing any authenticated user to set Cross-Site Scripting payloads in it, which will be executed when viewing the affected user profile. This could allow a low privilege user to gain unauthorised access to the admin side of the blog by targeting an admin, inducing them to view their profile with a malicious payload adding a rogue account for example. | |||||
| CVE-2021-33617 | 1 Zohocorp | 1 Manageengine Password Manager Pro | 2021-08-10 | 5.0 MEDIUM | 5.3 MEDIUM |
| Zoho ManageEngine Password Manager Pro before 11.2 11200 allows login/AjaxResponse.jsp?RequestType=GetUserDomainName&userName= username enumeration, because the response (to a failed login request) is null only when the username is invalid. | |||||
| CVE-2021-24425 | 1 Premio | 1 Mystickymenu | 2021-08-10 | 3.5 LOW | 4.8 MEDIUM |
| The Floating Notification Bar, Sticky Menu on Scroll, and Sticky Header for Any Theme – myStickymenu WordPress plugin before 2.5.2 does not sanitise or escape its Bar Text settings, allowing hight privilege users to use malicious JavaScript in it, leading to a Stored Cross-Site Scripting issue, which will be triggered in the plugin's setting, as well as all front-page of the blog (when the Welcome bar is active) | |||||
| CVE-2021-38149 | 1 Chikitsa | 1 Patient Management System | 2021-08-09 | 3.5 LOW | 5.4 MEDIUM |
| index.php/admin/add_user in Chikitsa Patient Management System 2.0.0 allows XSS. | |||||
| CVE-2020-21353 | 1 Get-simple | 1 Getsimplecms | 2021-08-09 | 3.5 LOW | 5.4 MEDIUM |
| A stored cross site scripting (XSS) vulnerability in /admin/snippets.php of GetSimple CMS 3.4.0a allows attackers to execute arbitrary web scripts or HTML via crafted payload in the Edit Snippets module. | |||||
| CVE-2021-32748 | 1 Nextcloud | 1 Richdocuments | 2021-08-09 | 4.0 MEDIUM | 4.3 MEDIUM |
| Nextcloud Richdocuments in an open source self hosted online office. Nextcloud uses the WOPI ("Web Application Open Platform Interface") protocol to communicate with the Collabora Editor, the communication between these two services was not protected by a credentials or IP check. Whilst this does not result in gaining access to data that the user has not yet access to, it can result in a bypass of any enforced watermark on documents as described on the [Nextcloud Virtual Data Room](https://nextcloud.com/virtual-data-room/) website and [our documentation](https://portal.nextcloud.com/article/nextcloud-and-virtual-data-room-configuration-59.html). The Nextcloud Richdocuments releases 3.8.3 and 4.2.0 add an additional admin settings for an allowlist of IP addresses that can access the WOPI API. We recommend upgrading and configuring the allowlist to a list of Collabora servers. There is no known workaround. Note that this primarily results a bypass of any configured watermark or download protection using File Access Control. If you do not require or rely on these as a security feature no immediate action is required on your end. | |||||
| CVE-2021-21577 | 1 Dell | 1 Emc Idrac9 Firmware | 2021-08-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| Dell EMC iDRAC9 versions prior to 4.40.40.00 contain a DOM-based cross-site scripting vulnerability. A remote attacker could potentially exploit this vulnerability to run malicious HTML or JavaScript in a victim’s browser by tricking a victim in to following a specially crafted link. | |||||
| CVE-2021-21578 | 1 Dell | 1 Emc Idrac9 Firmware | 2021-08-09 | 5.8 MEDIUM | 6.1 MEDIUM |
| Dell EMC iDRAC9 versions prior to 4.40.40.00 contain an open redirect vulnerability. A remote unauthenticated attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on maliciously crafted links. | |||||
| CVE-2021-21579 | 1 Dell | 1 Emc Idrac9 Firmware | 2021-08-09 | 5.8 MEDIUM | 6.1 MEDIUM |
| Dell EMC iDRAC9 versions prior to 4.40.40.00 contain an open redirect vulnerability. A remote unauthenticated attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on maliciously crafted links. | |||||
| CVE-2021-21580 | 1 Dell | 2 Emc Idrac8 Firmware, Emc Idrac9 Firmware | 2021-08-09 | 4.3 MEDIUM | 4.3 MEDIUM |
| Dell EMC iDRAC8 versions prior to 2.80.80.80 & Dell EMC iDRAC9 versions prior to 5.00.00.00 contain a Content spoofing / Text injection, where a malicious URL can inject text to present a customized message on the application that can phish users into believing that the message is legitimate. | |||||
| CVE-2021-21581 | 1 Dell | 1 Emc Idrac9 Firmware | 2021-08-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| Dell EMC iDRAC9 versions prior to 5.00.00.00 contain a cross-site scripting vulnerability. A remote attacker could potentially exploit this vulnerability to run malicious HTML or JavaScript in a victim’s browser by tricking a victim in to following a specially crafted link. | |||||
| CVE-2021-21576 | 1 Dell | 1 Emc Idrac9 Firmware | 2021-08-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| Dell EMC iDRAC9 versions prior to 4.40.40.00 contain a DOM-based cross-site scripting vulnerability. A remote attacker could potentially exploit this vulnerability to run malicious HTML or JavaScript in a victim’s browser by tricking a victim in to following a specially crafted link. | |||||
| CVE-2021-3351 | 1 Openplcproject | 1 Openplc | 2021-08-09 | 3.5 LOW | 5.4 MEDIUM |
| OpenPLC runtime V3 through 2016-03-14 allows stored XSS via the Device Name to the web server's Add New Device page. | |||||
| CVE-2021-24428 | 1 Yandex | 1 Yandex Turbo | 2021-08-09 | 3.5 LOW | 4.8 MEDIUM |
| The RSS for Yandex Turbo WordPress plugin through 1.30 does not sanitise or escape some of its settings before saving and outputing them in the admin dashboard, leading to an Authenticated Stored Cross-Site Scripting issue even when the unfiltered_html capability is disallowed. | |||||
| CVE-2020-26564 | 1 Objectplanet | 1 Opinio | 2021-08-09 | 4.0 MEDIUM | 6.5 MEDIUM |
| ObjectPlanet Opinio before 7.15 allows XXE attacks via three steps: modify a .css file to have <!ENTITY content, create a .xml file for a generic survey template (containing a link to this .css file), and import this .xml file at the survey/admin/folderSurvey.do?action=viewImportSurvey['importFile'] URI. The XXE can then be triggered at a admin/preview.do?action=previewSurvey&surveyId= URI. | |||||
| CVE-2021-29297 | 1 Emerson | 1 Proficy Machine Edition | 2021-08-09 | 2.6 LOW | 5.3 MEDIUM |
| Buffer Overflow in Emerson GE Automation Proficy Machine Edition v8.0 allows an attacker to cause a denial of service and application crash via crafted traffic from a Man-in-the-Middle (MITM) attack to the component "FrameworX.exe" in the module "MSVCR100.dll". | |||||
| CVE-2021-29298 | 1 Emerson | 1 Proficy Machine Edition | 2021-08-09 | 2.6 LOW | 5.3 MEDIUM |
| Improper Input Validation in Emerson GE Automation Proficy Machine Edition v8.0 allows an attacker to cause a denial of service and application crash via crafted traffic from a Man-in-the-Middle (MITM) attack to the component "FrameworX.exe"in the module "fxVPStatcTcp.dll". | |||||
| CVE-2021-3636 | 1 Redhat | 1 Openshift | 2021-08-09 | 4.1 MEDIUM | 4.6 MEDIUM |
| It was found in OpenShift, before version 4.8, that the generated certificate for the in-cluster Service CA, incorrectly included additional certificates. The Service CA is automatically mounted into all pods, allowing them to safely connect to trusted in-cluster services that present certificates signed by the trusted Service CA. The incorrect inclusion of additional CAs in this certificate would allow an attacker that compromises any of the additional CAs to masquerade as a trusted in-cluster service. | |||||
| CVE-2021-37436 | 1 Amazon | 2 Echo Dot, Echo Dot Firmware | 2021-08-09 | 1.9 LOW | 4.2 MEDIUM |
| Amazon Echo Dot devices through 2021-07-02 sometimes allow attackers, who have physical access to a device after a factory reset, to obtain sensitive information via a series of complex hardware and software attacks. NOTE: reportedly, there were vendor marketing statements about safely removing personal content via a factory reset. Also, the vendor has reportedly indicated that they are working on mitigations. | |||||
| CVE-2021-20505 | 1 Ibm | 1 Powervm Hypervisor | 2021-08-09 | 3.5 LOW | 4.4 MEDIUM |
| The PowerVM Logical Partition Mobility(LPM) (PowerVM Hypervisor FW920, FW930, FW940, and FW950) encryption key exchange protocol can be compromised. If an attacker has the ability to capture encrypted LPM network traffic and is able to gain service access to the FSP they can use this information to perform a series of PowerVM service procedures to decrypt the captured migration traffic IBM X-Force ID: 198232 | |||||
| CVE-2020-7387 | 1 Sage | 3 Adxadmin, X3, X3 Hr \& Payroll | 2021-08-09 | 5.0 MEDIUM | 5.3 MEDIUM |
| Sage X3 Installation Pathname Disclosure. A specially crafted packet can elicit a response from the AdxDSrv.exe component that reveals the installation directory of the product. Note that this vulnerability can be combined with CVE-2020-7388 to achieve full RCE. This issue was fixed in AdxAdmin 93.2.53, which ships with updates for on-premises versions of Sage X3 Version 9 (components shipped with Syracuse 9.22.7.2 and later), Sage X3 HR & Payroll Version 9 (those components that ship with Syracuse 9.24.1.3), Version 11 (components shipped with Syracuse 11.25.2.6 and later), and Version 12 (components shipped with Syracuse 12.10.2.8 and later) of Sage X3. Other on-premises versions of Sage X3 are unsupported by the vendor. | |||||
| CVE-2021-37596 | 1 Telegram | 1 Web K Alpha | 2021-08-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| Telegram Web K Alpha 0.6.1 allows XSS via a document name. | |||||
| CVE-2016-1249 | 1 Dbd-mysql Project | 1 Dbd-mysql | 2021-08-09 | 4.3 MEDIUM | 5.9 MEDIUM |
| The DBD::mysql module before 4.039 for Perl, when using server-side prepared statement support, allows attackers to cause a denial of service (out-of-bounds read) via vectors involving an unaligned number of placeholders in WHERE condition and output fields in SELECT expression. | |||||
| CVE-2020-26558 | 2 Bluetooth, Fedoraproject | 2 Bluetooth Core Specification, Fedora | 2021-08-07 | 4.3 MEDIUM | 4.2 MEDIUM |
| Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. The attack methodology determines the Passkey value one bit at a time. | |||||
| CVE-2020-14332 | 1 Redhat | 1 Ansible Engine | 2021-08-07 | 2.1 LOW | 5.5 MEDIUM |
| A flaw was found in the Ansible Engine when using module_args. Tasks executed with check mode (--check-mode) do not properly neutralize sensitive data exposed in the event data. This flaw allows unauthorized users to read this data. The highest threat from this vulnerability is to confidentiality. | |||||
| CVE-2020-1740 | 1 Redhat | 4 Ansible, Ansible Tower, Cloudforms Management Engine and 1 more | 2021-08-07 | 1.9 LOW | 4.7 MEDIUM |
| A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. When a user executes "ansible-vault edit", another user on the same computer can read the old and new secret, as it is created in a temporary file with mkstemp and the returned file descriptor is closed and the method write_data is called to write the existing secret in the file. This method will delete the file before recreating it insecurely. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable. | |||||
| CVE-2020-1735 | 1 Redhat | 4 Ansible, Ansible Tower, Cloudforms Management Engine and 1 more | 2021-08-07 | 3.6 LOW | 4.6 MEDIUM |
| A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destination path on the controller node. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable. | |||||
| CVE-2020-1753 | 1 Redhat | 2 Ansible Engine, Ansible Tower | 2021-08-07 | 2.1 LOW | 5.5 MEDIUM |
| A security flaw was found in Ansible Engine, all Ansible 2.7.x versions prior to 2.7.17, all Ansible 2.8.x versions prior to 2.8.11 and all Ansible 2.9.x versions prior to 2.9.7, when managing kubernetes using the k8s module. Sensitive parameters such as passwords and tokens are passed to kubectl from the command line, not using an environment variable or an input configuration file. This will disclose passwords and tokens from process list and no_log directive from debug module would not have any effect making these secrets being disclosed on stdout and log files. | |||||
| CVE-2019-14864 | 1 Redhat | 5 Ansible, Ansible Tower, Ceph Storage and 2 more | 2021-08-07 | 4.0 MEDIUM | 6.5 MEDIUM |
| Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, is not respecting the flag no_log set it to True when Sumologic and Splunk callback plugins are used send tasks results events to collectors. This would discloses and collects any sensitive data. | |||||
| CVE-2019-10156 | 2 Debian, Redhat | 3 Debian Linux, Ansible, Openstack | 2021-08-07 | 5.5 MEDIUM | 5.4 MEDIUM |
| A flaw was discovered in the way Ansible templating was implemented in versions before 2.6.18, 2.7.12 and 2.8.2, causing the possibility of information disclosure through unexpected variable substitution. By taking advantage of unintended variable substitution the content of any variable may be disclosed. | |||||
| CVE-2021-31878 | 1 Digium | 1 Asterisk | 2021-08-07 | 4.0 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in PJSIP in Asterisk before 16.19.1 and before 18.5.1. To exploit, a re-INVITE without SDP must be received after Asterisk has sent a BYE request. | |||||
| CVE-2021-20786 | 1 Groupsession | 3 Groupsession, Groupsession Bycloud, Groupsession Zion | 2021-08-06 | 4.3 MEDIUM | 4.3 MEDIUM |
| Cross-site request forgery (CSRF) vulnerability in GroupSession (GroupSession Free edition from ver2.2.0 to the version prior to ver5.1.0, GroupSession byCloud from ver3.0.3 to the version prior to ver5.1.0, and GroupSession ZION from ver3.0.3 to the version prior to ver5.1.0) allows a remote attacker to hijack the authentication of administrators via a specially crafted URL. | |||||
| CVE-2020-3471 | 1 Cisco | 1 Webex Meetings Server | 2021-08-06 | 5.0 MEDIUM | 6.5 MEDIUM |
| A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to maintain bidirectional audio despite being expelled from an active Webex session. The vulnerability is due to a synchronization issue between meeting and media services on a vulnerable Webex site. An attacker could exploit this vulnerability by sending crafted requests to a vulnerable Cisco Webex Meetings or Cisco Webex Meetings Server site. A successful exploit could allow the attacker to maintain the audio connection of a Webex session despite being expelled. | |||||
| CVE-2020-3465 | 1 Cisco | 19 1100-4p, 1100-8p, 1100 Terminal Services Gateways and 16 more | 2021-08-06 | 6.1 MEDIUM | 6.5 MEDIUM |
| A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a device to reload. The vulnerability is due to incorrect handling of certain valid, but not typical, Ethernet frames. An attacker could exploit this vulnerability by sending the Ethernet frames onto the Ethernet segment. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition. | |||||
| CVE-2020-3453 | 1 Cisco | 8 Rv340, Rv340 Firmware, Rv340w and 5 more | 2021-08-06 | 7.7 HIGH | 6.8 MEDIUM |
| Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV340 Series Routers could allow an authenticated, remote attacker with administrative credentials to execute arbitrary commands on the underlying operating system (OS) as a restricted user. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2020-3477 | 1 Cisco | 9 2610xm, 2611xm, 2612 and 6 more | 2021-08-06 | 2.1 LOW | 5.5 MEDIUM |
| A vulnerability in the CLI parser of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker to access files from the flash: filesystem. The vulnerability is due to insufficient application of restrictions during the execution of a specific command. An attacker could exploit this vulnerability by using a specific command at the command line. A successful exploit could allow the attacker to obtain read-only access to files that are located on the flash: filesystem that otherwise might not have been accessible. | |||||
| CVE-2020-3472 | 1 Cisco | 1 Webex Meetings Online | 2021-08-06 | 4.0 MEDIUM | 5.0 MEDIUM |
| A vulnerability in the contacts feature of Cisco Webex Meetings could allow an authenticated, remote attacker with a legitimate user account to access sensitive information. The vulnerability is due to improper access restrictions on users who are added within user contacts. An attacker on one Webex Meetings site could exploit this vulnerability by sending specially crafted requests to the Webex Meetings site. A successful exploit could allow the attacker to view the details of users on another Webex site, including user names and email addresses. | |||||
| CVE-2020-3429 | 1 Cisco | 8 Catalyst 9300, Catalyst 9400, Catalyst 9500 and 5 more | 2021-08-06 | 5.7 MEDIUM | 6.5 MEDIUM |
| A vulnerability in the WPA2 and WPA3 security implementation of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect packet processing during the WPA2 and WPA3 authentication handshake when configured for dot1x or pre-shared key (PSK) authentication key management (AKM) with 802.11r BSS Fast Transition (FT) enabled. An attacker could exploit this vulnerability by sending a crafted authentication packet to an affected device. A successful exploit could cause an affected device to reload, resulting in a DoS condition. | |||||
| CVE-2020-3435 | 1 Cisco | 1 Anyconnect Secure Mobility Client | 2021-08-06 | 2.1 LOW | 5.5 MEDIUM |
| A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to overwrite VPN profiles on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted IPC message to the AnyConnect process on an affected device. A successful exploit could allow the attacker to modify VPN profile files. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. | |||||