Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-33713 | 1 Siemens | 1 Jt Utilities | 2021-07-20 | 2.1 LOW | 5.5 MEDIUM |
| A vulnerability has been identified in JT Utilities (All versions < V13.0.2.0). When parsing specially crafted JT files, a hash function is called with an incorrect argument leading the application to crash. An attacker could leverage this vulnerability to cause a Denial-of-Service condition in the application. | |||||
| CVE-2021-33715 | 1 Siemens | 1 Jt Utilities | 2021-07-20 | 2.1 LOW | 5.5 MEDIUM |
| A vulnerability has been identified in JT Utilities (All versions < V13.0.2.0). When parsing specially crafted JT files, a race condition could cause an object to be released before being operated on, leading to NULL pointer deference condition and causing the application to crash. An attacker could leverage this vulnerability to cause a Denial-of-Service condition in the application. | |||||
| CVE-2021-33714 | 1 Siemens | 1 Jt Utilities | 2021-07-20 | 2.1 LOW | 5.5 MEDIUM |
| A vulnerability has been identified in JT Utilities (All versions < V13.0.2.0). When parsing specially crafted JT files, a missing check for the validity of an iterator leads to NULL pointer deference condition, causing the application to crash. An attacker could leverage this vulnerability to cause a Denial-of-Service condition in the application. | |||||
| CVE-2017-13771 | 1 Lexmark | 1 Scan To Network | 2021-07-20 | 5.0 MEDIUM | 9.8 CRITICAL |
| Lexmark Scan To Network (SNF) 3.2.9 and earlier stores network configuration credentials in plaintext and transmits them in requests, which allows remote attackers to obtain sensitive information via requests to (1) cgi-bin/direct/printer/prtappauth/apps/snfDestServlet or (2) cgi-bin/direct/printer/prtappauth/apps/ImportExportServlet. | |||||
| CVE-2021-34827 | 1 Dlink | 2 Dap-1330, Dap-1330 Firmware | 2021-07-20 | 8.3 HIGH | 8.8 HIGH |
| This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 1.13B01 BETA routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the SOAPAction HTTP header. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-12029. | |||||
| CVE-2021-34828 | 1 Dlink | 2 Dap-1330, Dap-1330 Firmware | 2021-07-20 | 8.3 HIGH | 8.8 HIGH |
| This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 1.13B01 BETA routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the SOAPAction HTTP header. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-12066. | |||||
| CVE-2021-34829 | 1 Dlink | 2 Dap-1330, Dap-1330 Firmware | 2021-07-20 | 8.3 HIGH | 8.8 HIGH |
| This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 1.13B01 BETA routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the HNAP_AUTH HTTP header. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-12065. | |||||
| CVE-2021-34830 | 1 Dlink | 2 Dap-1330, Dap-1330 Firmware | 2021-07-20 | 8.3 HIGH | 8.8 HIGH |
| This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 1.13B01 BETA routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the Cookie HTTP header. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-12028. | |||||
| CVE-2021-27277 | 1 Solarwinds | 1 Orion Platform | 2021-07-20 | 7.2 HIGH | 7.8 HIGH |
| This vulnerability allows local attackers to escalate privileges on affected installations of SolarWinds Orion Virtual Infrastructure Monitor 2020.2. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the OneTimeJobSchedulerEventsService WCF service. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-11955. | |||||
| CVE-2018-14634 | 4 Canonical, Linux, Netapp and 1 more | 9 Ubuntu Linux, Linux Kernel, Active Iq Performance Analytics Services and 6 more | 2021-07-20 | 7.2 HIGH | 7.8 HIGH |
| An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable. | |||||
| CVE-2020-18664 | 1 Webport | 1 Web Port | 2021-07-20 | 3.5 LOW | 5.4 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in WebPort <=1.19.1via the connection name parameter in type-conn. | |||||
| CVE-2020-18665 | 1 Webport | 1 Web Port | 2021-07-20 | 5.0 MEDIUM | 5.3 MEDIUM |
| Directory Traversal vulnerability in WebPort <=1.19.1 in tags of system settings. | |||||
| CVE-2013-7449 | 3 Canonical, Hexchat Project, Xchat | 4 Ubuntu Linux, Hexchat, Xchat and 1 more | 2021-07-20 | 5.8 MEDIUM | 6.5 MEDIUM |
| The ssl_do_connect function in common/server.c in HexChat before 2.10.2, XChat, and XChat-GNOME does not verify that the server hostname matches a domain name in the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | |||||
| CVE-2020-29157 | 1 Raonwiz | 1 Raon K Editor | 2021-07-20 | 6.9 MEDIUM | 7.8 HIGH |
| An issue in RAONWIZ K Editor v2018.0.0.10 allows attackers to perform a DLL hijacking attack when the service or system is restarted. | |||||
| CVE-2020-13637 | 1 Heinekingmedia | 1 Stashcat | 2021-07-20 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the stashcat app through 3.9.2 for macOS, Windows, Android, iOS, and possibly other platforms. It stores the client_key, the device_id, and the public key for end-to-end encryption in cleartext, enabling an attacker (by copying or having access to the local storage database file) to login to the system from any other computer, and get unlimited access to all data in the users's context. | |||||
| CVE-2018-12426 | 1 3cx | 1 Live Chat | 2021-07-20 | 7.5 HIGH | 9.8 CRITICAL |
| The WP Live Chat Support Pro plugin before 8.0.07 for WordPress is vulnerable to unauthenticated Remote Code Execution due to client-side validation of allowed file types, as demonstrated by a v1/remote_upload request with a .php filename and the image/jpeg content type. | |||||
| CVE-2021-0603 | 1 Google | 1 Android | 2021-07-16 | 4.4 MEDIUM | 7.8 HIGH |
| In onCreate of ContactSelectionActivity.java, there is a possible way to get access to contacts without permission due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-182809425 | |||||
| CVE-2020-20250 | 1 Mikrotik | 1 Routeros | 2021-07-15 | 4.0 MEDIUM | 6.5 MEDIUM |
| Mikrotik RouterOs before stable version 6.47 suffers from a memory corruption vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). NOTE: this is different from CVE-2020-20253 and CVE-2020-20254. All four vulnerabilities in the /nova/bin/lcdstat process are discussed in the CVE-2020-20250 github.com/cq674350529 reference. | |||||
| CVE-2020-20252 | 1 Mikrotik | 1 Routeros | 2021-07-15 | 4.0 MEDIUM | 6.5 MEDIUM |
| Mikrotik RouterOs before stable version 6.47 suffers from a memory corruption vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). | |||||
| CVE-2021-1890 | 1 Qualcomm | 316 Apq8017, Apq8017 Firmware, Apq8037 and 313 more | 2021-07-15 | 7.2 HIGH | 7.8 HIGH |
| Improper length check of public exponent in RSA import key function could cause memory corruption. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2021-20422 | 1 Ibm | 1 Cloud Pak For Applications | 2021-07-14 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Cloud Pak for Applications 4.3 could disclose sensitive information to a malicious attacker by accessing data stored in memory. IBM X-Force ID: 196304. | |||||
| CVE-2021-34612 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2021-07-12 | 6.5 MEDIUM | 6.3 MEDIUM |
| A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. | |||||
| CVE-2021-34615 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2021-07-12 | 6.5 MEDIUM | 6.3 MEDIUM |
| A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. | |||||
| CVE-2021-34613 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2021-07-12 | 6.5 MEDIUM | 6.3 MEDIUM |
| A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. | |||||
| CVE-2021-34616 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2021-07-12 | 6.5 MEDIUM | 6.3 MEDIUM |
| A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. | |||||
| CVE-2021-34614 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2021-07-12 | 6.5 MEDIUM | 6.3 MEDIUM |
| A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. | |||||
| CVE-2021-34611 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2021-07-12 | 9.0 HIGH | 7.2 HIGH |
| A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. | |||||
| CVE-2021-34610 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2021-07-12 | 9.0 HIGH | 7.2 HIGH |
| A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. | |||||
| CVE-2021-20296 | 1 Openexr | 1 Openexr | 2021-07-11 | 5.0 MEDIUM | 5.3 MEDIUM |
| A flaw was found in OpenEXR in versions before 3.0.0-beta. A crafted input file supplied by an attacker, that is processed by the Dwa decompression functionality of OpenEXR's IlmImf library, could cause a NULL pointer dereference. The highest threat from this vulnerability is to system availability. | |||||
| CVE-2020-15306 | 1 Openexr | 1 Openexr | 2021-07-11 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered in OpenEXR before v2.5.2. Invalid chunkCount attributes could cause a heap buffer overflow in getChunkOffsetTableSize() in IlmImf/ImfMisc.cpp. | |||||
| CVE-2020-15305 | 1 Openexr | 1 Openexr | 2021-07-11 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered in OpenEXR before 2.5.2. Invalid input could cause a use-after-free in DeepScanLineInputFile::DeepScanLineInputFile() in IlmImf/ImfDeepScanLineInputFile.cpp. | |||||
| CVE-2020-15304 | 1 Openexr | 1 Openexr | 2021-07-11 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered in OpenEXR before 2.5.2. An invalid tiled input file could cause invalid memory access in TiledInputFile::TiledInputFile() in IlmImf/ImfTiledInputFile.cpp, as demonstrated by a NULL pointer dereference. | |||||
| CVE-2020-11764 | 1 Openexr | 1 Openexr | 2021-07-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp. | |||||
| CVE-2020-11763 | 1 Openexr | 1 Openexr | 2021-07-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in OpenEXR before 2.4.1. There is an std::vector out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp. | |||||
| CVE-2020-11762 | 1 Openexr | 1 Openexr | 2021-07-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read and write in DwaCompressor::uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case. | |||||
| CVE-2020-11761 | 1 Openexr | 1 Openexr | 2021-07-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during Huffman uncompression, as demonstrated by FastHufDecoder::refill in ImfFastHuf.cpp. | |||||
| CVE-2020-11760 | 1 Openexr | 1 Openexr | 2021-07-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during RLE uncompression in rleUncompress in ImfRle.cpp. | |||||
| CVE-2020-11759 | 1 Openexr | 1 Openexr | 2021-07-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in OpenEXR before 2.4.1. Because of integer overflows in CompositeDeepScanLine::Data::handleDeepFrameBuffer and readSampleCountForLineBlock, an attacker can write to an out-of-bounds pointer. | |||||
| CVE-2021-34620 | 1 Fluentforms | 1 Contact Form | 2021-07-10 | 6.8 MEDIUM | 8.8 HIGH |
| The WP Fluent Forms plugin < 3.6.67 for WordPress is vulnerable to Cross-Site Request Forgery leading to stored Cross-Site Scripting and limited Privilege Escalation due to a missing nonce check in the access control function for administrative AJAX actions | |||||
| CVE-2020-24142 | 1 Ninjateam | 1 Video Downloader For Tiktok | 2021-07-10 | 7.5 HIGH | 9.8 CRITICAL |
| Server-side request forgery in the Video Downloader for TikTok (aka downloader-tiktok) plugin 1.3 for WordPress lets an attacker send crafted requests from the back-end server of a vulnerable web application via the njt-tk-download-video parameter. It can help identify open ports, local network hosts and execute command on services | |||||
| CVE-2021-32538 | 1 Artware Cms Project | 1 Artware Cms | 2021-07-10 | 7.5 HIGH | 9.8 CRITICAL |
| ARTWARE CMS parameter of image upload function does not filter the type of upload files which allows remote attackers can upload arbitrary files without logging in, and further execute code unrestrictedly. | |||||
| CVE-2020-24144 | 1 Media File Organizer Project | 1 Media File Organizer | 2021-07-10 | 5.0 MEDIUM | 8.6 HIGH |
| Directory traversal in the Media File Organizer (aka media-file-organizer) plugin 1.0.1 for WordPress lets an attacker get access to files that are stored outside the web root folder via the items[] parameter in a move operation. | |||||
| CVE-2020-24148 | 1 Mooveagency | 1 Import Xml And Rss Feeds | 2021-07-10 | 6.4 MEDIUM | 9.1 CRITICAL |
| Server-side request forgery (SSRF) in the Import XML and RSS Feeds (import-xml-feed) plugin 2.0.1 for WordPress via the data parameter in a moove_read_xml action. | |||||
| CVE-2020-25868 | 1 Pexip | 1 Pexip Infinity | 2021-07-10 | 5.0 MEDIUM | 7.5 HIGH |
| Pexip Infinity 22.x through 24.x before 24.2 has Improper Input Validation for call setup. An unauthenticated remote attacker can trigger a software abort (temporary loss of service). | |||||
| CVE-2021-36371 | 2021-07-10 | N/A | N/A | ||
| Emissary-Ingress (formerly Ambassador API Gateway) through 1.13.9 allows attackers to bypass client certificate requirements (i.e., mTLS cert_required) on backend upstreams when more than one TLSContext is defined and at least one configuration exists that does not require client certificate authentication. The attacker must send an SNI specifying an unprotected backend and an HTTP Host header specifying a protected backend. | |||||
| CVE-2021-32753 | 2021-07-10 | N/A | N/A | ||
| EdgeX Foundry is an open source project for building a common open framework for internet-of-things edge computing. A vulnerability exists in the Edinburgh, Fuji, Geneva, and Hanoi versions of the software. When the EdgeX API gateway is configured for OAuth2 authentication and a proxy user is created, the client_id and client_secret required to obtain an OAuth2 authentication token are set to the username of the proxy user. A remote network attacker can then perform a dictionary-based password attack on the OAuth2 token endpoint of the API gateway to obtain an OAuth2 authentication token and use that token to make authenticated calls to EdgeX microservices from an untrusted network. OAuth2 is the default authentication method in EdgeX Edinburgh release. The default authentication method was changed to JWT in Fuji and later releases. Users should upgrade to the EdgeX Ireland release to obtain the fix. The OAuth2 authentication method is disabled in Ireland release. If unable to upgrade and OAuth2 authentication is required, users should create OAuth2 users directly using the Kong admin API and forgo the use of the `security-proxy-setup` tool to create OAuth2 users. | |||||
| CVE-2021-26106 | 2021-07-10 | N/A | N/A | ||
| An improper neutralization of special elements used in an OS Command vulnerability in FortiAP's console 6.4.1 through 6.4.5 and 6.2.4 through 6.2.5 may allow an authenticated attacker to execute unauthorized commands by running the kdbg CLI command with specifically crafted arguments. | |||||
| CVE-2021-24007 | 2021-07-10 | N/A | N/A | ||
| Multiple improper neutralization of special elements of SQL commands vulnerabilities in FortiMail before 6.4.4 may allow a non-authenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests. | |||||
| CVE-2021-22129 | 2021-07-10 | N/A | N/A | ||
| Multiple instances of incorrect calculation of buffer size in the Webmail and Administrative interface of FortiMail before 6.4.5 may allow an authenticated attacker with regular webmail access to trigger a buffer overflow and to possibly execute unauthorized code or commands via specifically crafted HTTP requests. | |||||
| CVE-2020-29014 | 2021-07-10 | N/A | N/A | ||
| A concurrent execution using shared resource with improper synchronization ('race condition') in the command shell of FortiSandbox before 3.2.2 may allow an authenticated attacker to bring the system into an unresponsive state via specifically orchestrated sequences of commands. | |||||