Search
Total
46623 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-0353 | 1 Google | 1 Android | 2021-02-04 | 4.6 MEDIUM | 6.7 MEDIUM |
| In kisd, there is a possible memory corruption due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05425247. | |||||
| CVE-2021-0355 | 1 Google | 1 Android | 2021-02-04 | 4.6 MEDIUM | 6.7 MEDIUM |
| In kisd, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05425581. | |||||
| CVE-2021-0361 | 1 Google | 1 Android | 2021-02-04 | 4.6 MEDIUM | 6.7 MEDIUM |
| In kisd, there is a possible out of bounds read due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05449968. | |||||
| CVE-2021-0362 | 1 Google | 1 Android | 2021-02-04 | 4.6 MEDIUM | 6.7 MEDIUM |
| In aee, there is a possible memory corruption due to a stack buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05457070. | |||||
| CVE-2021-21283 | 1 Flarum | 1 Sticky | 2021-02-04 | 3.5 LOW | 5.4 MEDIUM |
| Flarum is an open source discussion platform for websites. The "Flarum Sticky" extension versions 0.1.0-beta.14 and 0.1.0-beta.15 has a cross-site scripting vulnerability. A change in release beta 14 of the Sticky extension caused the plain text content of the first post of a pinned discussion to be injected as HTML on the discussion list. The issue was discovered following an internal audit. Any HTML would be injected through the m.trust() helper. This resulted in an HTML injection where <script> tags would not be executed. However it was possible to run javascript from other HTML attributes, enabling a cross-site scripting (XSS) attack to be performed. Since the exploit only happens with the first post of a pinned discussion, an attacker would need the ability to pin their own discussion, or be able to edit a discussion that was previously pinned. On forums where all pinned posts are authored by your staff, you can be relatively certain the vulnerability has not been exploited. Forums where some user-created discussions were pinned can look at the first post edit date to find whether the vulnerability might have been exploited. Because Flarum doesn't store the post content history, you cannot be certain if a malicious edit was reverted. The fix will be available in version v0.1.0-beta.16 with Flarum beta 16. The fix has already been back-ported to Flarum beta 15 as version v0.1.0-beta.15.1 of the Sticky extension. Forum administrators can disable the Sticky extension until they are able to apply the update. The vulnerability cannot be exploited while the extension is disabled. | |||||
| CVE-2020-25594 | 1 Hashicorp | 1 Vault | 2021-02-04 | 5.0 MEDIUM | 5.3 MEDIUM |
| HashiCorp Vault and Vault Enterprise allowed for enumeration of Secrets Engine mount paths via unauthenticated HTTP requests. Fixed in 1.6.2 & 1.5.7. | |||||
| CVE-2021-3024 | 1 Hashicorp | 1 Vault | 2021-02-04 | 5.0 MEDIUM | 5.3 MEDIUM |
| HashiCorp Vault and Vault Enterprise disclosed the internal IP address of the Vault node when responding to some invalid, unauthenticated HTTP requests. Fixed in 1.6.2 & 1.5.7. | |||||
| CVE-2020-35474 | 2 Fedoraproject, Mediawiki | 2 Fedora, Mediawiki | 2021-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| In MediaWiki before 1.35.1, the combination of Html::rawElement and Message::text leads to XSS because the definition of MediaWiki:recentchanges-legend-watchlistexpiry can be changed onwiki so that the output is raw HTML. | |||||
| CVE-2017-15018 | 1 Lame Project | 1 Lame | 2021-02-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| LAME 3.99.5, 3.99.4, 3.99.3, 3.99.2, 3.99.1, 3.99, 3.98.4, 3.98.2 and 3.98 have a heap-based buffer over-read when handling a malformed file in k_34_4 in vbrquantize.c. | |||||
| CVE-2017-15046 | 1 Lame Project | 1 Lame | 2021-02-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| LAME 3.99.5, 3.99.4, 3.98.4, 3.98.2, 3.98 and 3.97 have a stack-based buffer overflow in unpack_read_samples in frontend/get_audio.c, a different vulnerability than CVE-2017-9412. | |||||
| CVE-2019-9947 | 1 Python | 1 Python | 2021-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in the path component of a URL that lacks a ? character) followed by an HTTP header or a Redis command. This is similar to the CVE-2019-9740 query string issue. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9. | |||||
| CVE-2018-8975 | 1 Netpbm Project | 1 Netpbm | 2021-02-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| The pm_mallocarray2 function in lib/util/mallocvar.c in Netpbm through 10.81.03 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file, as demonstrated by pbmmask. | |||||
| CVE-2021-3285 | 1 Ti | 1 Code Composer Studio Intgrated Development Environment | 2021-02-03 | 4.3 MEDIUM | 5.3 MEDIUM |
| jxbrowser in TI Code Composer Studio IDE 8.x through 10.x before 10.1.1 does not verify X.509 certificates for HTTPS. | |||||
| CVE-2020-29535 | 1 Rsa | 1 Archer | 2021-02-03 | 3.5 LOW | 5.4 MEDIUM |
| Archer before 6.8 P4 (6.8.0.4) contains a stored XSS vulnerability. A remote authenticated malicious Archer user could potentially exploit this vulnerability to store malicious HTML or JavaScript code in a trusted application data store. When application users access the corrupted data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application. | |||||
| CVE-2020-29536 | 1 Rsa | 1 Archer | 2021-02-03 | 4.0 MEDIUM | 4.3 MEDIUM |
| Archer before 6.8 P2 (6.8.0.2) is affected by a path exposure vulnerability. A remote authenticated malicious attacker with access to service files may obtain sensitive information to use it in further attacks. | |||||
| CVE-2020-29537 | 1 Rsa | 1 Archer | 2021-02-03 | 4.9 MEDIUM | 5.4 MEDIUM |
| Archer before 6.8 P2 (6.8.0.2) is affected by an open redirect vulnerability. A remote privileged attacker may potentially redirect legitimate users to arbitrary web sites and conduct phishing attacks. The attacker could then steal the victims' credentials and silently authenticate them to the Archer application without the victims realizing an attack occurred. | |||||
| CVE-2021-23272 | 1 Tibco | 2 Bpm Enterprise, Bpm Enterprise Distribution For Silver Fabric | 2021-02-03 | 3.5 LOW | 5.4 MEDIUM |
| The Application Development Clients component of TIBCO Software Inc.'s TIBCO BPM Enterprise and TIBCO BPM Enterprise Distribution for TIBCO Silver Fabric contains a vulnerability that theoretically allows a low privileged attacker with network access to execute a Cross Site Scripting (XSS) attack on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO BPM Enterprise: versions 4.3.0 and below and TIBCO BPM Enterprise Distribution for TIBCO Silver Fabric: versions 4.3.0 and below. | |||||
| CVE-2019-25014 | 2 Istio, Redhat | 2 Istio, Openshift Service Mesh | 2021-02-03 | 4.0 MEDIUM | 6.5 MEDIUM |
| A NULL pointer dereference was found in pkg/proxy/envoy/v2/debug.go getResourceVersion in Istio pilot before 1.5.0-alpha.0. If a particular HTTP GET request is made to the pilot API endpoint, it is possible to cause the Go runtime to panic (resulting in a denial of service to the istio-pilot application). | |||||
| CVE-2020-8585 | 1 Netapp | 1 Oncommand Unified Manager | 2021-02-03 | 2.1 LOW | 5.5 MEDIUM |
| OnCommand Unified Manager Core Package versions prior to 5.2.5 may disclose sensitive account information to unauthorized users via the use of PuTTY Link (plink). | |||||
| CVE-2020-36219 | 1 Atomic-option Project | 1 Atomic-option | 2021-02-03 | 4.3 MEDIUM | 5.9 MEDIUM |
| An issue was discovered in the atomic-option crate through 2020-10-31 for Rust. Because AtomicOption<T> implements Sync unconditionally, a data race can occur. | |||||
| CVE-2018-5785 | 3 Canonical, Debian, Uclouvain | 3 Ubuntu Linux, Debian Linux, Openjpeg | 2021-02-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| In OpenJPEG 2.3.0, there is an integer overflow caused by an out-of-bounds left shift in the opj_j2k_setup_encoder function (openjp2/j2k.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. | |||||
| CVE-2018-6616 | 4 Canonical, Debian, Oracle and 1 more | 4 Ubuntu Linux, Debian Linux, Georaster and 1 more | 2021-02-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| In OpenJPEG 2.3.0, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. | |||||
| CVE-2020-36214 | 1 Multiqueue2 Project | 1 Multiqueue2 | 2021-02-03 | 4.3 MEDIUM | 5.9 MEDIUM |
| An issue was discovered in the multiqueue2 crate before 0.1.7 for Rust. Because a non-Send type can be sent to a different thread, a data race can occur. | |||||
| CVE-2020-36218 | 1 Nonpolynomial | 1 Buttplug | 2021-02-03 | 4.3 MEDIUM | 5.9 MEDIUM |
| An issue was discovered in the buttplug crate before 1.0.4 for Rust. ButtplugFutureStateShared does not properly consider (!Send|!Sync) objects, leading to a data race. | |||||
| CVE-2020-5428 | 1 Vmware | 1 Spring Cloud Task | 2021-02-03 | 6.5 MEDIUM | 6.0 MEDIUM |
| In applications using Spring Cloud Task 2.2.4.RELEASE and below, may be vulnerable to SQL injection when exercising certain lookup queries in the TaskExplorer. | |||||
| CVE-2021-25647 | 1 Testes-codigo | 1 Testes De Codigo | 2021-02-03 | 3.5 LOW | 5.4 MEDIUM |
| Mobile application "Testes de Codigo" v11.3 and prior allows stored XSS by injecting a payload in the "feedback" message field causing it to be stored in the remote database and leading to its execution on client devices when loading the "feedback list", either by accessing the website directly or using the mobile application. | |||||
| CVE-2020-0431 | 2 Google, Opensuse | 2 Android, Leap | 2021-02-03 | 4.6 MEDIUM | 6.7 MEDIUM |
| In kbd_keycode of keyboard.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-144161459 | |||||
| CVE-2019-19941 | 1 Swisscom | 2 Centro Grande, Centro Grande Firmware | 2021-02-03 | 3.5 LOW | 5.4 MEDIUM |
| Missing hostname validation in Swisscom Centro Grande before 6.16.12 allows a remote attacker to inject its local IP address as a domain entry in the DNS service of the router via crafted hostnames in DHCP requests, causing XSS. | |||||
| CVE-2020-36115 | 2 Egavilanmedia, Microsoft | 2 Phpcrud, Windows | 2021-02-03 | 3.5 LOW | 5.4 MEDIUM |
| Stored Cross Site Scripting (XSS) vulnerability in EGavilan Media CRUD Operation with PHP, MySQL, Bootstrap, and Dompdf via First Name or Last Name parameter in the 'Add New Record Feature'. | |||||
| CVE-2017-14132 | 2 Debian, Jasper Project | 2 Debian Linux, Jasper | 2021-02-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15, 2.0.16 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted image, related to the jas_image_ishomosamp function in libjasper/base/jas_image.c. | |||||
| CVE-2020-36204 | 1 Im Project | 1 Im | 2021-02-03 | 1.9 LOW | 4.7 MEDIUM |
| An issue was discovered in the im crate through 2020-11-09 for Rust. Because TreeFocus does not have bounds on its Send trait or Sync trait, a data race can occur. | |||||
| CVE-2020-36202 | 1 Rust-lang | 1 Async-h1 | 2021-02-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in the async-h1 crate before 2.3.0 for Rust. Request smuggling can occur when used behind a reverse proxy. | |||||
| CVE-2020-36205 | 1 Xcb Project | 1 Xcb | 2021-02-03 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered in the xcb crate through 2020-12-10 for Rust. base::Error does not have soundness. Because of the public ptr field, a use-after-free or double-free can occur. | |||||
| CVE-2020-6780 | 1 Bosch | 4 Fsm-2500, Fsm-2500 Firmware, Fsm-5000 and 1 more | 2021-02-03 | 4.0 MEDIUM | 4.9 MEDIUM |
| Use of Password Hash With Insufficient Computational Effort in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows a remote attacker with admin privileges to dump the credentials of other users and possibly recover their plain-text passwords by brute-forcing the MD5 hash. | |||||
| CVE-2021-22872 | 1 Revive-adserver | 1 Revive Adserver | 2021-02-02 | 4.3 MEDIUM | 6.1 MEDIUM |
| Revive Adserver before 5.1.0 is vulnerable to a reflected cross-site scripting (XSS) vulnerability via the publicly accessible afr.php delivery script. While this issue was previously addressed in modern browsers as CVE-2020-8115, some older browsers (e.g., IE10) that do not automatically URL encode parameters were still vulnerable. | |||||
| CVE-2017-12982 | 1 Uclouvain | 1 Openjpeg | 2021-02-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| The bmp_read_info_header function in bin/jp2/convertbmp.c in OpenJPEG 2.2.0 does not reject headers with a zero biBitCount, which allows remote attackers to cause a denial of service (memory allocation failure) in the opj_image_create function in lib/openjp2/image.c, related to the opj_aligned_alloc_n function in opj_malloc.c. | |||||
| CVE-2021-25901 | 1 Lazy-init Project | 1 Lazy-init | 2021-02-02 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in the lazy-init crate through 2021-01-17 for Rust. Lazy lacks a Send bound, leading to a data race. | |||||
| CVE-2020-35513 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2021-02-02 | 4.0 MEDIUM | 4.9 MEDIUM |
| A flaw incorrect umask during file or directory modification in the Linux kernel NFS (network file system) functionality was found in the way user create and delete object using NFSv4.2 or newer if both simultaneously accessing the NFS by the other process that is not using new NFSv4.2. A user with access to the NFS could use this flaw to starve the resources causing denial of service. | |||||
| CVE-2020-36200 | 1 Kaspersky | 1 Tinycheck | 2021-02-02 | 4.0 MEDIUM | 6.5 MEDIUM |
| TinyCheck before commits 9fd360d and ea53de8 allowed an authenticated attacker to send an HTTP GET request to the crafted URLs. | |||||
| CVE-2015-8629 | 5 Debian, Mit, Opensuse and 2 more | 12 Debian Linux, Kerberos 5, Leap and 9 more | 2021-02-02 | 2.1 LOW | 5.3 MEDIUM |
| The xdr_nullstring function in lib/kadm5/kadm_rpc_xdr.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 does not verify whether '\0' characters exist as expected, which allows remote authenticated users to obtain sensitive information or cause a denial of service (out-of-bounds read) via a crafted string. | |||||
| CVE-2015-8631 | 5 Debian, Mit, Opensuse and 2 more | 11 Debian Linux, Kerberos 5, Leap and 8 more | 2021-02-02 | 4.0 MEDIUM | 6.5 MEDIUM |
| Multiple memory leaks in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 allow remote authenticated users to cause a denial of service (memory consumption) via a request specifying a NULL principal name. | |||||
| CVE-2020-27298 | 1 Philips | 5 Coronary Tools, Dynamic Coronary Roadmap, Interventional Workspot and 2 more | 2021-02-02 | 3.3 LOW | 6.5 MEDIUM |
| Philips Interventional Workspot (Release 1.3.2, 1.4.0, 1.4.1, 1.4.3, 1.4.5), Coronary Tools/Dynamic Coronary Roadmap/Stentboost Live (Release 1.0), ViewForum (Release 6.3V1L10). The software constructs all or part of an OS command using externally influenced input from an upstream component but does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when sent to a downstream component. | |||||
| CVE-2020-27735 | 1 Wftpserver | 1 Wing Ftp Server | 2021-02-02 | 4.3 MEDIUM | 6.1 MEDIUM |
| An XSS issue was discovered in Wing FTP 6.4.4. An arbitrary IFRAME element can be included in the help pages via a crafted link, leading to the execution of (sandboxed) arbitrary HTML and JavaScript in the user's browser. | |||||
| CVE-2021-1350 | 1 Cisco | 1 Umbrella | 2021-02-02 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability in the web UI of Cisco Umbrella could allow an unauthenticated, remote attacker to negatively affect the performance of this service. The vulnerability exists due to insufficient rate limiting controls in the web UI. An attacker could exploit this vulnerability by sending crafted HTTPS packets at a high and sustained rate. A successful exploit could allow the attacker to negatively affect the performance of the web UI. Cisco has addressed this vulnerability. | |||||
| CVE-2020-26941 | 1 Eset | 8 Endpoint Antivirus, Endpoint Security, File Security and 5 more | 2021-02-02 | 3.6 LOW | 5.5 MEDIUM |
| A local (authenticated) low-privileged user can exploit a behavior in an ESET installer to achieve arbitrary file overwrite (deletion) of any file via a symlink, due to insecure permissions. The possibility of exploiting this vulnerability is limited and can only take place during the installation phase of ESET products. Furthermore, exploitation can only succeed when Self-Defense is disabled. Affected products are: ESET NOD32 Antivirus, ESET Internet Security, ESET Smart Security, ESET Smart Security Premium versions 13.2 and lower; ESET Endpoint Antivirus, ESET Endpoint Security, ESET NOD32 Antivirus Business Edition, ESET Smart Security Business Edition versions 7.3 and lower; ESET File Security for Microsoft Windows Server, ESET Mail Security for Microsoft Exchange Server, ESET Mail Security for IBM Domino, ESET Security for Kerio, ESET Security for Microsoft SharePoint Server versions 7.2 and lower. | |||||
| CVE-2017-16816 | 1 Wisc | 1 Htcondor | 2021-02-02 | 4.0 MEDIUM | 6.5 MEDIUM |
| The condor_schedd component in HTCondor before 8.6.8 and 8.7.x before 8.7.5 allows remote authenticated users to cause a denial of service (daemon crash) by leveraging use of GSI and VOMS extensions. | |||||
| CVE-2020-35687 | 1 Php-fusion | 1 Phpfusion | 2021-02-02 | 4.3 MEDIUM | 4.3 MEDIUM |
| PHPFusion version 9.03.90 is vulnerable to CSRF attack which leads to deletion of all shoutbox messages by the attacker on behalf of the logged in victim. | |||||
| CVE-2020-8293 | 1 Nextcloud | 1 Nextcloud | 2021-02-02 | 4.0 MEDIUM | 6.5 MEDIUM |
| A missing input validation in Nextcloud Server before 20.0.2, 19.0.5, 18.0.11 allows users to store unlimited data in workflow rules causing load and potential DDoS on later interactions and usage with those rules. | |||||
| CVE-2020-4789 | 1 Ibm | 1 Qradar Security Information And Event Manager | 2021-02-02 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM QRadar SIEM 7.4.2 GA to 7.4.2 Patch 1, 7.4.0 to 7.4.1 Patch 1, and 7.3.0 to 7.3.3 Patch 5 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 189302. | |||||
| CVE-2020-4786 | 1 Ibm | 1 Qradar Security Information And Event Manager | 2021-02-02 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM QRadar SIEM 7.4.2 GA to 7.4.2 Patch 1, 7.4.0 to 7.4.1 Patch 1, and 7.3.0 to 7.3.3 Patch 5 is vulnerable to server side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 189221. | |||||