Search
Total
1247 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-15102 | 1 Prestashop | 1 Dashboard Products | 2021-10-07 | 4.0 MEDIUM | 6.5 MEDIUM |
| In PrestaShop Dashboard Productions before version 2.1.0, there is improper authorization which enables an attacker to change the configuration. The problem is fixed in 2.1.0. | |||||
| CVE-2021-33924 | 1 Confluent | 1 Ansible | 2021-10-07 | 7.5 HIGH | 9.8 CRITICAL |
| Confluent Ansible (cp-ansible) version 5.5.0, 5.5.1, 5.5.2 and 6.0.0 is vulnerable to Incorrect Access Control via its auxiliary component that allows remote attackers to access sensitive information. | |||||
| CVE-2021-37270 | 1 S-cms | 1 Cms Enterprise Website Construction System | 2021-10-06 | 10.0 HIGH | 9.8 CRITICAL |
| There is an unauthorized access vulnerability in the CMS Enterprise Website Construction System 5.0. Attackers can use this vulnerability to directly access the specified background path without logging in to the background to obtain the background administrator authority. | |||||
| CVE-2021-41077 | 1 Travis-ci | 1 Travis Ci | 2021-09-29 | 4.3 MEDIUM | 7.5 HIGH |
| The activation process in Travis CI, for certain 2021-09-03 through 2021-09-10 builds, causes secret data to have unexpected sharing that is not specified by the customer-controlled .travis.yml file. In particular, the desired behavior (if .travis.yml has been created locally by a customer, and added to git) is for a Travis service to perform builds in a way that prevents public access to customer-specific secret environment data such as signing keys, access credentials, and API tokens. However, during the stated 8-day interval, secret data could be revealed to an unauthorized actor who forked a public repository and printed files during a build process. | |||||
| CVE-2021-33704 | 1 Sap | 1 Business One | 2021-09-28 | 6.5 MEDIUM | 8.8 HIGH |
| The Service Layer of SAP Business One, version - 10.0, allows an authenticated attacker to invoke certain functions that would otherwise be restricted to specific users. For an attacker to discover the vulnerable function, no in-depth system knowledge is required. Once exploited via Network stack, the attacker may be able to read, modify or delete restricted data. The impact is that missing authorization can result of abuse of functionality usually restricted to specific users. | |||||
| CVE-2021-38164 | 1 Sap | 1 Erp Financial Accounting | 2021-09-24 | 5.5 MEDIUM | 5.4 MEDIUM |
| SAP ERP Financial Accounting (RFOPENPOSTING_FR) versions - SAP_APPL - 600, 602, 603, 604, 605, 606, 616, SAP_FIN - 617, 618, 700, 720, 730, SAPSCORE - 125, S4CORE, 100, 101, 102, 103, 104, 105, allows a registered attacker to invoke certain functions that would otherwise be restricted to specific users. These functions are normally exposed over the network and once exploited the attacker may be able to view and modify financial accounting data that only a specific user should have access to. | |||||
| CVE-2021-37535 | 1 Sap | 1 Netweaver Application Server Java | 2021-09-23 | 7.5 HIGH | 9.8 CRITICAL |
| SAP NetWeaver Application Server Java (JMS Connector Service) - versions 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not perform necessary authorization checks for user privileges. | |||||
| CVE-2021-21307 | 1 Lucee | 1 Lucee Server | 2021-09-21 | 7.5 HIGH | 9.8 CRITICAL |
| Lucee Server is a dynamic, Java based (JSR-223), tag and scripting language used for rapid web application development. In Lucee Admin before versions 5.3.7.47, 5.3.6.68 or 5.3.5.96 there is an unauthenticated remote code exploit. This is fixed in versions 5.3.7.47, 5.3.6.68 or 5.3.5.96. As a workaround, one can block access to the Lucee Administrator. | |||||
| CVE-2020-13938 | 2 Apache, Microsoft | 2 Http Server, Windows | 2021-09-21 | 2.1 LOW | 5.5 MEDIUM |
| Apache HTTP Server versions 2.4.0 to 2.4.46 Unprivileged local users can stop httpd on Windows | |||||
| CVE-2021-1835 | 1 Apple | 2 Ipados, Iphone Os | 2021-09-15 | 2.1 LOW | 4.6 MEDIUM |
| This issue was addressed with improved checks. This issue is fixed in iOS 14.5 and iPadOS 14.5. A person with physical access to an iOS device may be able to access notes from the lock screen. | |||||
| CVE-2019-3399 | 1 Atlassian | 1 Jira | 2021-09-14 | 5.0 MEDIUM | 7.5 HIGH |
| The BrowseProjects.jspa resource in Jira before version 7.13.2, and from version 8.0.0 before version 8.0.2 allows remote attackers to see information for archived projects through a missing authorisation check. | |||||
| CVE-2018-8012 | 3 Apache, Debian, Oracle | 3 Zookeeper, Debian Linux, Goldengate Stream Analytics | 2021-09-14 | 5.0 MEDIUM | 7.5 HIGH |
| No authentication/authorization is enforced when a server attempts to join a quorum in Apache ZooKeeper before 3.4.10, and 3.5.0-alpha through 3.5.3-beta. As a result an arbitrary end point could join the cluster and begin propagating counterfeit changes to the leader. | |||||
| CVE-2021-40378 | 1 Comprotech | 8 Ip570, Ip570 Firmware, Ip60 and 5 more | 2021-09-10 | 8.5 HIGH | 8.1 HIGH |
| An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices. /cgi-bin/support/killps.cgi deletes all data from the device. | |||||
| CVE-2017-9036 | 1 Trendmicro | 1 Serverprotect | 2021-09-09 | 7.2 HIGH | 7.8 HIGH |
| Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows local users to gain privileges by leveraging an unrestricted quarantine directory. | |||||
| CVE-2018-2484 | 1 Sap | 4 Bank\/cfm, Ea-finserv, S4core and 1 more | 2021-09-09 | 6.5 MEDIUM | 8.8 HIGH |
| SAP Enterprise Financial Services (fixed in SAPSCORE 1.13, 1.14, 1.15; S4CORE 1.01, 1.02, 1.03; EA-FINSERV 1.10, 2.0, 5.0, 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0; Bank/CFM 4.63_20) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. | |||||
| CVE-2018-2503 | 1 Sap | 1 Netweaver Application Server Java | 2021-09-09 | 3.3 LOW | 7.4 HIGH |
| By default, the SAP NetWeaver AS Java keystore service does not sufficiently restrict the access to resources that should be protected. This has been fixed in SAP NetWeaver AS Java (ServerCore versions 7.11, 7.20, 7.30, 7.31, 7.40, 7.50). | |||||
| CVE-2019-13013 | 2 Apple, Obdev | 2 Macos, Little Snitch | 2021-09-08 | 4.9 MEDIUM | 5.5 MEDIUM |
| Little Snitch versions 4.3.0 to 4.3.2 have a local privilege escalation vulnerability in their privileged helper tool. The privileged helper tool implements an XPC interface which is available to any process and allows directory listings and copying files as root. | |||||
| CVE-2021-40088 | 1 Primekey | 1 Ejbca | 2021-09-07 | 4.9 MEDIUM | 5.4 MEDIUM |
| An issue was discovered in PrimeKey EJBCA before 7.6.0. CMP RA Mode can be configured to use a known client certificate to authenticate enrolling clients. The same RA client certificate is used for revocation requests as well. While enrollment enforces multi tenancy constraints (by verifying that the client certificate has access to the CA and Profiles being enrolled against), this check was not performed when authenticating revocation operations, allowing a known tenant to revoke a certificate belonging to another tenant. | |||||
| CVE-2020-18757 | 1 Dcce | 2 Mac1100 Plc, Mac1100 Plc Firmware | 2021-08-25 | 7.8 HIGH | 7.5 HIGH |
| An issue in Dut Computer Control Engineering Co.'s PLC MAC1100 allows attackers to cause persistent denial of service (DOS) via a crafted packet. | |||||
| CVE-2020-18753 | 1 Dcce | 2 Mac1100 Plc, Mac1100 Plc Firmware | 2021-08-25 | 7.5 HIGH | 9.8 CRITICAL |
| An issue in Dut Computer Control Engineering Co.'s PLC MAC1100 allows attackers to gain access to the system and escalate privileges via a crafted packet. | |||||
| CVE-2021-3707 | 1 D-link | 2 Dsl-2750u, Dsl-2750u Firmware | 2021-08-24 | 2.1 LOW | 5.5 MEDIUM |
| D-Link router DSL-2750U with firmware vME1.16 or prior versions is vulnerable to unauthorized configuration modification. An unauthenticated attacker on the local network may exploit this, with CVE-2021-3708, to execute any OS commands on the vulnerable device. | |||||
| CVE-2021-0642 | 1 Google | 1 Android | 2021-08-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| In onResume of VoicemailSettingsFragment.java, there is a possible way to retrieve a trackable identifier without permissions due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-185126149 | |||||
| CVE-2021-0641 | 1 Google | 1 Android | 2021-08-24 | 2.1 LOW | 5.5 MEDIUM |
| In getAvailableSubscriptionInfoList of SubscriptionController.java, there is a possible disclosure of unique identifiers due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-185235454 | |||||
| CVE-2020-27466 | 1 Rconfig | 1 Rconfig | 2021-08-24 | 6.8 MEDIUM | 7.8 HIGH |
| An arbitrary file write vulnerability in lib/AjaxHandlers/ajaxEditTemplate.php of rConfig 3.9.6 allows attackers to execute arbitrary code via a crafted file. | |||||
| CVE-2021-35936 | 1 Apache | 1 Airflow | 2021-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| If remote logging is not used, the worker (in the case of CeleryExecutor) or the scheduler (in the case of LocalExecutor) runs a Flask logging server and is listening on a specific port and also binds on 0.0.0.0 by default. This logging server had no authentication and allows reading log files of DAG jobs. This issue affects Apache Airflow < 2.1.2. | |||||
| CVE-2020-27464 | 1 Rconfig | 1 Rconfig | 2021-08-23 | 6.8 MEDIUM | 7.8 HIGH |
| An insecure update feature in the /updater.php component of rConfig 3.9.6 and below allows attackers to execute arbitrary code via a crafted ZIP file. | |||||
| CVE-2021-38755 | 1 Hospital Management System Project | 1 Hospital Management System | 2021-08-23 | 5.0 MEDIUM | 5.3 MEDIUM |
| Unauthenticated doctor entry deletion in Hospital Management System in admin-panel1.php. | |||||
| CVE-2021-24500 | 1 Amentotech | 1 Workreap | 2021-08-17 | 5.8 MEDIUM | 8.1 HIGH |
| Several AJAX actions available in the Workreap WordPress theme before 2.2.2 lacked CSRF protections, as well as allowing insecure direct object references that were not validated. This allows an attacker to trick a logged in user to submit a POST request to the vulnerable site, potentially modifying or deleting arbitrary objects on the target site. | |||||
| CVE-2021-24501 | 1 Amentotech | 1 Workreap | 2021-08-17 | 5.5 MEDIUM | 8.1 HIGH |
| The Workreap WordPress theme before 2.2.2 had several AJAX actions missing authorization checks to verify that a user was authorized to perform critical operations such as modifying or deleting objects. This allowed a logged in user to modify or delete objects belonging to other users on the site. | |||||
| CVE-2019-0201 | 2 Apache, Debian | 2 Zookeeper, Debian Linux | 2021-08-16 | 4.3 MEDIUM | 5.9 MEDIUM |
| An issue is present in Apache ZooKeeper 1.0.0 to 3.4.13 and 3.5.0-alpha to 3.5.4-beta. ZooKeeper’s getACL() command doesn’t check any permission when retrieves the ACLs of the requested node and returns all information contained in the ACL Id field as plaintext string. DigestAuthenticationProvider overloads the Id field with the hash value that is used for user authentication. As a consequence, if Digest Authentication is in use, the unsalted hash value will be disclosed by getACL() request for unauthenticated or unprivileged users. | |||||
| CVE-2021-22891 | 1 Citrix | 1 Sharefile Storagezones Controller | 2021-08-12 | 7.5 HIGH | 9.8 CRITICAL |
| A missing authorization vulnerability exists in Citrix ShareFile Storage Zones Controller before 5.7.3, 5.8.3, 5.9.3, 5.10.1 and 5.11.18 may allow unauthenticated remote compromise of the Storage Zones Controller. | |||||
| CVE-2021-35327 | 1 Totolink | 2 A720r, A720r Firmware | 2021-08-12 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability in TOTOLINK A720R A720R_Firmware v4.1.5cu.470_B20200911 allows attackers to start the Telnet service, then login with the default credentials via a crafted POST request. | |||||
| CVE-2019-12498 | 1 3cx | 1 Live Chat | 2021-08-12 | 7.5 HIGH | 9.8 CRITICAL |
| The WP Live Chat Support plugin before 8.0.33 for WordPress accepts certain REST API calls without invoking the wplc_api_permission_check protection mechanism. | |||||
| CVE-2021-33197 | 1 Golang | 1 Go | 2021-08-11 | 4.3 MEDIUM | 5.3 MEDIUM |
| In Go before 1.15.13 and 1.16.x before 1.16.5, some configurations of ReverseProxy (from net/http/httputil) result in a situation where an attacker is able to drop arbitrary headers. | |||||
| CVE-2021-34629 | 1 Sendgrid | 1 Sendgrid | 2021-08-10 | 4.0 MEDIUM | 4.3 MEDIUM |
| The SendGrid WordPress plugin is vulnerable to authorization bypass via the get_ajax_statistics function found in the ~/lib/class-sendgrid-statistics.php file which allows authenticated users to export statistic for a WordPress multi-site main site, in versions up to and including 1.11.8. | |||||
| CVE-2021-32748 | 1 Nextcloud | 1 Richdocuments | 2021-08-09 | 4.0 MEDIUM | 4.3 MEDIUM |
| Nextcloud Richdocuments in an open source self hosted online office. Nextcloud uses the WOPI ("Web Application Open Platform Interface") protocol to communicate with the Collabora Editor, the communication between these two services was not protected by a credentials or IP check. Whilst this does not result in gaining access to data that the user has not yet access to, it can result in a bypass of any enforced watermark on documents as described on the [Nextcloud Virtual Data Room](https://nextcloud.com/virtual-data-room/) website and [our documentation](https://portal.nextcloud.com/article/nextcloud-and-virtual-data-room-configuration-59.html). The Nextcloud Richdocuments releases 3.8.3 and 4.2.0 add an additional admin settings for an allowlist of IP addresses that can access the WOPI API. We recommend upgrading and configuring the allowlist to a list of Collabora servers. There is no known workaround. Note that this primarily results a bypass of any configured watermark or download protection using File Access Control. If you do not require or rely on these as a security feature no immediate action is required on your end. | |||||
| CVE-2020-20698 | 1 S-cms | 1 S-cms | 2021-08-05 | 6.5 MEDIUM | 7.2 HIGH |
| A remote code execution (RCE) vulnerability in /1.com.php of S-CMS PHP v3.0 allows attackers to getshell via modification of a PHP file. | |||||
| CVE-2021-29770 | 3 Ibm, Linux, Microsoft | 3 I2 Analyze, Linux Kernel, Windows | 2021-08-03 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) could allow an authenticated user to perform unauthorized actions due to hazardous input validation. IBM X-Force ID: 202771. | |||||
| CVE-2020-9349 | 1 Cacagoo | 2 Tv-288zd-2mp, Tv-288zd-2mp Firmware | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| The CACAGOO Cloud Storage Intelligent Camera TV-288ZD-2MP with firmware 3.4.2.0919 allows access to the RTSP service without a password. | |||||
| CVE-2020-8795 | 1 Gitlab | 1 Gitlab | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| In GitLab Enterprise Edition (EE) 12.5.0 through 12.7.5, sharing a group with a group could grant project access to unauthorized users. | |||||
| CVE-2020-7472 | 1 Sugarcrm | 1 Sugarcrm | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| An authorization bypass and PHP local-file-include vulnerability in the installation component of SugarCRM before 8.0, 8.0 before 8.0.7, 9.0 before 9.0.4, and 10.0 before 10.0.0 allows for unauthenticated remote code execution against a configured SugarCRM instance via crafted HTTP requests. (This is exploitable even after installation is completed.). | |||||
| CVE-2020-26824 | 1 Sap | 1 Solution Manager | 2021-07-21 | 6.4 MEDIUM | 10.0 CRITICAL |
| SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorization checks in the Upgrade Legacy Ports Service, this has an impact to the integrity and availability of the service. | |||||
| CVE-2020-14978 | 1 F-secure | 1 Safe | 2021-07-21 | 9.3 HIGH | 8.1 HIGH |
| An issue was discovered in F-Secure SAFE 17.7 on macOS. Due to incorrect client version verification, an attacker can connect to a privileged XPC service, and execute privileged commands on the system. NOTE: the attacker needs to execute code on an already compromised machine. | |||||
| CVE-2020-29561 | 1 Boom-core | 1 Risvc-boom | 2021-07-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in SonicBOOM riscv-boom 3.0.0. For LR, it does not avoid acquiring a reservation in the case where a load translates successfully but still generates an exception. | |||||
| CVE-2020-29043 | 1 Bigbluebutton | 1 Bigbluebutton | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in BigBlueButton through 2.2.29. When at attacker is able to view an account_activations/edit?token= URI, the attacker can create an approved user account associated with an email address that has an arbitrary domain name. | |||||
| CVE-2020-35236 | 1 Amazee | 1 Lagoon | 2021-07-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| The GitLab Webhook Handler in amazee.io Lagoon before 1.12.3 has incorrect access control associated with project deletion. | |||||
| CVE-2020-20183 | 1 Zyxel | 2 P1302-t10 V3, P1302-t10 V3 Firmware | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| Insecure direct object reference vulnerability in Zyxel’s P1302-T10 v3 with firmware version 2.00(ABBX.3) and earlier allows attackers to gain privileges and access certain admin pages. | |||||
| CVE-2020-29074 | 3 Debian, Fedoraproject, X11vnc Project | 3 Debian Linux, Fedora, X11vnc | 2021-07-21 | 6.5 MEDIUM | 8.8 HIGH |
| scan.c in x11vnc 0.9.16 uses IPC_CREAT|0777 in shmget calls, which allows access by actors other than the current user. | |||||
| CVE-2020-14190 | 1 Atlassian | 2 Crucible, Fisheye | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| Affected versions of Atlassian Fisheye/Crucible allow remote attackers to achieve Regex Denial of Service via user-supplied regex in EyeQL. The affected versions are before version 4.8.4. | |||||
| CVE-2020-26823 | 1 Sap | 1 Solution Manager | 2021-07-21 | 6.4 MEDIUM | 10.0 CRITICAL |
| SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorization checks in the Upgrade Diagnostics Agent Connection Service, this has an impact to the integrity and availability of the service. | |||||