Search
Total
27796 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-0398 | 1 Google | 1 Android | 2021-03-15 | 4.6 MEDIUM | 7.8 HIGH |
| In bindServiceLocked of ActiveServices.java, there is a possible foreground service launch due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-173516292 | |||||
| CVE-2019-25025 | 1 Rubyonrails | 1 Active Record Session Store | 2021-03-15 | 5.0 MEDIUM | 5.3 MEDIUM |
| The activerecord-session_store (aka Active Record Session Store) component through 1.1.3 for Ruby on Rails does not use a constant-time approach when delivering information about whether a guessed session ID is valid. Consequently, remote attackers can leverage timing discrepancies to achieve a correct guess in a relatively short amount of time. This is a related issue to CVE-2019-16782. | |||||
| CVE-2021-26567 | 1 Synology | 7 Diskstation Manager, Diskstation Manager Unified Controller, Skynas and 4 more | 2021-03-12 | 6.5 MEDIUM | 8.8 HIGH |
| Stack-based buffer overflow vulnerability in frontend/main.c in faad2 before 2.2.7.1 allow local attackers to execute arbitrary code via filename and pathname options. | |||||
| CVE-2013-0800 | 5 Canonical, Debian, Mozilla and 2 more | 11 Ubuntu Linux, Debian Linux, Firefox and 8 more | 2021-03-11 | 6.8 MEDIUM | N/A |
| Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a (1) negative box boundary or (2) negative box size, leading to an out-of-bounds write operation. | |||||
| CVE-2021-21331 | 1 Datadoghq | 1 Datadog-api-client-java | 2021-03-10 | 4.3 MEDIUM | 3.3 LOW |
| The Java client for the Datadog API before version 1.0.0-beta.9 has a local information disclosure of sensitive information downloaded via the API using the API Client. The Datadog API is executed on a unix-like system with multiple users. The API is used to download a file containing sensitive information. This sensitive information is exposed locally to other users. This vulnerability exists in the API Client for version 1 and 2. The method `prepareDownloadFilecreates` creates a temporary file with the permissions bits of `-rw-r--r--` on unix-like systems. On unix-like systems, the system temporary directory is shared between users. As such, the contents of the file downloaded via the `downloadFileFromResponse` method will be visible to all other users on the local system. Analysis of the finding determined that the affected code was unused, meaning that the exploitation likelihood is low. The unused code has been removed, effectively mitigating this issue. This issue has been patched in version 1.0.0-beta.9. As a workaround one may specify `java.io.tmpdir` when starting the JVM with the flag `-Djava.io.tmpdir`, specifying a path to a directory with `drw-------` permissions owned by `dd-agent`. | |||||
| CVE-2020-9963 | 1 Apple | 3 Ipados, Iphone Os, Mac Os X | 2021-03-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| The issue was addressed with improved handling of icon caches. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.0 and iPadOS 14.0. A malicious app may be able to determine the existence of files on the computer. | |||||
| CVE-2021-28032 | 1 Nano Arena Project | 1 Nano Arena | 2021-03-09 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the nano_arena crate before 0.5.2 for Rust. There is an aliasing violation in split_at because two mutable references can exist for the same element, if Borrow<Idx> behaves in certain ways. This can have a resultant out-of-bounds write or use-after-free. | |||||
| CVE-2021-23346 | 1 Html-parse-stringify Project | 1 Html-parse-stringify | 2021-03-09 | 5.0 MEDIUM | 5.3 MEDIUM |
| This affects the package html-parse-stringify before 2.0.1; all versions of package html-parse-stringify2. Sending certain input could cause one of the regular expressions that is used for parsing to backtrack, freezing the process. | |||||
| CVE-2020-4725 | 1 Ibm | 1 Cloud Application Performance Management | 2021-03-08 | 3.5 LOW | 3.5 LOW |
| IBM Monitoring (IBM Cloud APM 8.1.4 ) could allow an authenticated user to modify HTML content by sending a specially crafted HTTP request to the APM UI, which could mislead another user. IBM X-Force ID: 187974. | |||||
| CVE-2020-7929 | 1 Mongodb | 1 Mongodb | 2021-03-08 | 4.0 MEDIUM | 6.5 MEDIUM |
| A user authorized to perform database queries may trigger denial of service by issuing specially crafted query contain a type of regex. This issue affects: MongoDB Inc. MongoDB Server v3.6 versions prior to 3.6.21 and MongoDB Server v4.0 versions prior to 4.0.20. | |||||
| CVE-2021-25348 | 1 Samsung | 1 Internet | 2021-03-05 | 2.1 LOW | 2.4 LOW |
| Improper permission grant check in Samsung Internet prior to version 13.0.1.60 allows access to files in internal storage without authorized STORAGE permission. | |||||
| CVE-2021-22661 | 1 Prosoft-technology | 4 Icx35-hwc-a, Icx35-hwc-a Firmware, Icx35-hwc-e and 1 more | 2021-03-05 | 5.0 MEDIUM | 7.5 HIGH |
| Changing the password on the module webpage does not require the user to type in the current password first. Thus, the password could be changed by a user or external process without knowledge of the current password on the ICX35-HWC-A and ICX35-HWC-E (Versions 1.9.62 and prior). | |||||
| CVE-2021-1230 | 1 Cisco | 41 Nexus 9000v, Nexus 92160yc-x, Nexus 92300yc and 38 more | 2021-03-05 | 7.1 HIGH | 7.5 HIGH |
| A vulnerability with the Border Gateway Protocol (BGP) for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to cause a routing process to crash, which could lead to a denial of service (DoS) condition. This vulnerability is due to an issue with the installation of routes upon receipt of a BGP update. An attacker could exploit this vulnerability by sending a crafted BGP update to an affected device. A successful exploit could allow the attacker to cause the routing process to crash, which could cause the device to reload. This vulnerability applies to both Internal BGP (IBGP) and External BGP (EBGP). Note: The Cisco implementation of BGP accepts incoming BGP traffic from explicitly configured peers only. To exploit this vulnerability, an attacker would need to send a specific BGP update message over an established TCP connection that appears to come from a trusted BGP peer. | |||||
| CVE-2020-0518 | 1 Intel | 1 Graphics Drivers | 2021-03-04 | 2.1 LOW | 5.5 MEDIUM |
| Improper access control in the Intel(R) HD Graphics Control Panel before version 15.40.46.5144 and 15.36.39.5143 may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2019-19680 | 1 Proofpoint | 1 Enterprise Protection | 2021-03-04 | 6.8 MEDIUM | 8.8 HIGH |
| A file-extension filtering vulnerability in Proofpoint Enterprise Protection (PPS / PoD), in the unpatched versions of PPS through 8.9.22 and 8.14.2 respectively, allows attackers to bypass protection mechanisms (related to extensions, MIME types, virus detection, and journal entries for transmitted files) by sending malformed (not RFC compliant) multipart email. | |||||
| CVE-2011-4362 | 2 Debian, Lighttpd | 2 Debian Linux, Lighttpd | 2021-03-04 | 5.0 MEDIUM | N/A |
| Integer signedness error in the base64_decode function in the HTTP authentication functionality (http_auth.c) in lighttpd 1.4 before 1.4.30 and 1.5 before SVN revision 2806 allows remote attackers to cause a denial of service (segmentation fault) via crafted base64 input that triggers an out-of-bounds read with a negative index. | |||||
| CVE-2020-11297 | 1 Qualcomm | 526 Apq8096au, Apq8096au Firmware, Aqt1000 and 523 more | 2021-03-02 | 7.8 HIGH | 7.5 HIGH |
| Denial of service in WLAN module due to improper check of subtypes in logic where excessive frames are dropped in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music | |||||
| CVE-2020-35577 | 1 Endalia | 1 Selection Portal | 2021-02-26 | 4.0 MEDIUM | 6.5 MEDIUM |
| In Endalia Selection Portal before 4.205.0, an Insecure Direct Object Reference (IDOR) allows any authenticated user to download every file uploaded to the platform by changing the value of the file identifier (aka CommonDownload identification number). | |||||
| CVE-2020-11177 | 1 Qualcomm | 814 Apq8009, Apq8009 Firmware, Apq8009w and 811 more | 2021-02-26 | 7.2 HIGH | 8.8 HIGH |
| User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device lock in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2020-36249 | 1 Owncloud | 1 File Firewall | 2021-02-25 | 5.0 MEDIUM | 7.5 HIGH |
| The File Firewall before 2.8.0 for ownCloud Server does not properly enforce file-type restrictions for public shares. | |||||
| CVE-2020-24908 | 1 Tribe29 | 1 Checkmk | 2021-02-25 | 7.2 HIGH | 7.8 HIGH |
| Checkmk before 1.6.0p17 allows local users to obtain SYSTEM privileges via a Trojan horse shell script in the %PROGRAMDATA%\checkmk\agent\local directory. | |||||
| CVE-2020-35737 | 1 Newgensoft | 1 Egov | 2021-02-24 | 5.0 MEDIUM | 7.5 HIGH |
| In Correspondence Management System (corms) in Newgen eGov 12.0, an attacker can modify other users' profile information by manipulating the unvalidated UserIndex parameter, aka Insecure Direct Object Reference. | |||||
| CVE-2003-0264 | 1 Seattle Lab Software | 1 Slmail | 2021-02-24 | 7.5 HIGH | N/A |
| Multiple buffer overflows in SLMail 5.1.0.4420 allows remote attackers to execute arbitrary code via (1) a long EHLO argument to slmail.exe, (2) a long XTRN argument to slmail.exe, (3) a long string to POPPASSWD, or (4) a long password to the POP3 server. | |||||
| CVE-2021-26712 | 1 Digium | 2 Asterisk, Certified Asterisk | 2021-02-24 | 5.0 MEDIUM | 7.5 HIGH |
| Incorrect access controls in res_srtp.c in Sangoma Asterisk 13.38.1, 16.16.0, 17.9.1, and 18.2.0 and Certified Asterisk 16.8-cert5 allow a remote unauthenticated attacker to prematurely terminate secure calls by replaying SRTP packets. | |||||
| CVE-2020-24481 | 1 Intel | 1 Quartus | 2021-02-23 | 4.6 MEDIUM | 7.8 HIGH |
| Insecure inherited permissions for the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-24448 | 1 Intel | 1 Graphics Drivers | 2021-02-23 | 2.1 LOW | 5.5 MEDIUM |
| Uncaught exception in some Intel(R) Graphics Drivers before version 15.33.51.5146 may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2020-12384 | 1 Intel | 1 Graphics Drivers | 2021-02-22 | 4.6 MEDIUM | 7.8 HIGH |
| Improper access control in some Intel(R) Graphics Drivers before version 26.20.100.8476 may allow an authenticated user to potentially enable an escalation of privilege via local access. | |||||
| CVE-2020-0544 | 1 Intel | 1 Graphics Drivers | 2021-02-22 | 4.6 MEDIUM | 7.8 HIGH |
| Insufficient control flow management in the kernel mode driver for some Intel(R) Graphics Drivers before version 15.36.39.5145 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-0521 | 1 Intel | 1 Graphics Drivers | 2021-02-22 | 4.6 MEDIUM | 7.8 HIGH |
| Insufficient control flow management in some Intel(R) Graphics Drivers before version 15.45.32.5145 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-8678 | 1 Intel | 1 Graphics Drivers | 2021-02-22 | 4.6 MEDIUM | 7.8 HIGH |
| Improper access control for Intel(R) Graphics Drivers before version 15.45.33.5164 and 27.20.100.8280 may allow an authenticated user to potentially enable an escalation of privilege via local access. | |||||
| CVE-2020-12339 | 1 Intel | 1 Collaboration Suite | 2021-02-22 | 6.5 MEDIUM | 8.8 HIGH |
| Insufficient control flow management in the API for the Intel(R) Collaboration Suite for WebRTC before version 4.3.1 may allow an authenticated user to potentially enable escalation of privilege via network access. | |||||
| CVE-2021-25141 | 2 Arubanetworks, Hpe | 30 Aruba 2530ya, Aruba 2530ya Firmware, Aruba 2530yb and 27 more | 2021-02-16 | 4.9 MEDIUM | 4.4 MEDIUM |
| A security vulnerability has been identified in in certain HPE and Aruba L2/L3 switch firmware. A data processing error due to improper handling of an unexpected data type in user supplied information to the switch's management interface has been identified. The data processing error could be exploited to cause a crash or reboot in the switch management interface and/or possibly the switch itself leading to local denial of service (DoS). The user must have administrator privileges to exploit this vulnerability. | |||||
| CVE-2012-2751 | 4 Debian, Opensuse, Oracle and 1 more | 4 Debian Linux, Opensuse, Http Server and 1 more | 2021-02-12 | 4.3 MEDIUM | N/A |
| ModSecurity before 2.6.6, when used with PHP, does not properly handle single quotes not at the beginning of a request parameter value in the Content-Disposition field of a request with a multipart/form-data Content-Type header, which allows remote attackers to bypass filtering rules and perform other attacks such as cross-site scripting (XSS) attacks. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-5031. | |||||
| CVE-2020-27259 | 1 Omron | 4 Cx-one, Cx-position, Cx-protocol and 1 more | 2021-02-11 | 6.8 MEDIUM | 8.8 HIGH |
| The Omron CX-One Version 4.60 and prior may allow an attacker to supply a pointer to arbitrary memory locations, which may allow an attacker to remotely execute arbitrary code. | |||||
| CVE-2020-4996 | 1 Ibm | 1 Security Identity Governance And Intelligence | 2021-02-11 | 2.1 LOW | 5.5 MEDIUM |
| IBM Security Identity Governance and Intelligence 5.2.6 could allow a local user to obtain sensitive information via the capturing of screenshots of authentication credentials. IBM X-Force ID: 192913. | |||||
| CVE-2020-27904 | 1 Apple | 1 Macos | 2021-02-10 | 9.3 HIGH | 7.8 HIGH |
| A logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2020-27222 | 1 Eclipse | 1 Californium | 2021-02-09 | 5.0 MEDIUM | 7.5 HIGH |
| In Eclipse Californium version 2.3.0 to 2.6.0, the certificate based (x509 and RPK) DTLS handshakes accidentally fails, because the DTLS server side sticks to a wrong internal state. That wrong internal state is set by a previous certificate based DTLS handshake failure with TLS parameter mismatch. The DTLS server side must be restarted to recover this. This allow clients to force a DoS. | |||||
| CVE-2020-8807 | 1 Electriccoin | 1 Zcashd | 2021-02-08 | 5.0 MEDIUM | 5.3 MEDIUM |
| In Electric Coin Company Zcashd before 2.1.1-1, the time offset between messages could be leveraged to obtain sensitive information about the relationship between a suspected victim's address and an IP address, aka a timing side channel. | |||||
| CVE-2020-28449 | 1 Decal Project | 1 Decal | 2021-02-08 | 7.5 HIGH | 8.6 HIGH |
| This affects all versions of package decal. The vulnerability is in the set function. | |||||
| CVE-2020-28450 | 1 Decal Project | 1 Decal | 2021-02-08 | 7.5 HIGH | 8.6 HIGH |
| This affects all versions of package decal. The vulnerability is in the extend function. | |||||
| CVE-2020-35481 | 1 Solarwinds | 1 Serv-u | 2021-02-05 | 7.5 HIGH | 9.8 CRITICAL |
| SolarWinds Serv-U before 15.2.2 allows Unauthenticated Macro Injection. | |||||
| CVE-2020-28495 | 1 Totaljs | 1 Total.js | 2021-02-05 | 7.5 HIGH | 7.3 HIGH |
| This affects the package total.js before 3.4.7. The set function can be used to set a value into the object according to the path. However the keys of the path being set are not properly sanitized, leading to a prototype pollution vulnerability. The impact depends on the application. In some cases it is possible to achieve Denial of service (DoS), Remote Code Execution or Property Injection. | |||||
| CVE-2021-23328 | 1 Iniparserjs Project | 1 Iniparserjs | 2021-02-04 | 6.8 MEDIUM | 5.6 MEDIUM |
| This affects all versions of package iniparserjs. This vulnerability relates when ini_parser.js is concentrating arrays. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program. | |||||
| CVE-2021-1070 | 1 Nvidia | 7 Jetson Agx Xavier, Jetson Nano, Jetson Nano 2gb and 4 more | 2021-02-04 | 3.6 LOW | 7.1 HIGH |
| NVIDIA Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano and Nano 2GB, L4T versions prior to 32.5, contains a vulnerability in the apply_binaries.sh script used to install NVIDIA components into the root file system image, in which improper access control is applied, which may lead to an unprivileged user being able to modify system device tree files, leading to denial of service. | |||||
| CVE-2021-1071 | 1 Nvidia | 7 Jetson Agx Xavier, Jetson Nano, Jetson Nano 2gb and 4 more | 2021-02-04 | 2.1 LOW | 5.5 MEDIUM |
| NVIDIA Tegra kernel in Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano and Nano 2GB, all L4T versions prior to r32.5, contains a vulnerability in the INA3221 driver in which improper access control may lead to unauthorized users gaining access to system power usage data, which may lead to information disclosure. | |||||
| CVE-2021-3331 | 1 Winscp | 1 Winscp | 2021-02-04 | 10.0 HIGH | 9.8 CRITICAL |
| WinSCP before 5.17.10 allows remote attackers to execute arbitrary programs when the URL handler encounters a crafted URL that loads session settings. (For example, this is exploitable in a default installation in which WinSCP is the handler for sftp:// URLs.) | |||||
| CVE-2020-23352 | 1 Zblogcn | 1 Z-blogphp | 2021-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| Z-BlogPHP 1.6.0 Valyria is affected by incorrect access control. PHP loose comparison and a magic hash can be used to bypass authentication. zb_user/plugin/passwordvisit/include.php:passwordvisit_input_password() uses loose comparison to authenticate, which can be bypassed via magic hash values. | |||||
| CVE-2021-26266 | 1 Cpanel | 1 Cpanel | 2021-02-03 | 5.0 MEDIUM | 7.5 HIGH |
| cPanel before 92.0.9 allows a Reseller to bypass the suspension lock (SEC-578). | |||||
| CVE-2016-9396 | 1 Jasper Project | 1 Jasper | 2021-02-03 | 5.0 MEDIUM | 7.5 HIGH |
| The JPC_NOMINALGAIN function in jpc/jpc_t1cod.c in JasPer through 2.0.12 allows remote attackers to cause a denial of service (JPC_COX_RFT assertion failure) via unspecified vectors. | |||||
| CVE-2007-2443 | 3 Canonical, Debian, Mit | 3 Ubuntu Linux, Debian Linux, Kerberos 5 | 2021-02-02 | 8.3 HIGH | N/A |
| Integer signedness error in the gssrpc__svcauth_unix function in svc_auth_unix.c in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a negative length value. | |||||