Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-20426 | 2 Ibm, Linux | 2 Security Guardium, Linux Kernel | 2021-05-25 | 7.5 HIGH | 9.8 CRITICAL |
| IBM Security Guardium 11.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 196313. | |||||
| CVE-2021-20419 | 2 Ibm, Linux | 2 Security Guardium, Linux Kernel | 2021-05-25 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Security Guardium 11.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 196280. | |||||
| CVE-2021-20389 | 2 Ibm, Linux | 2 Security Guardium, Linux Kernel | 2021-05-25 | 2.1 LOW | 7.8 HIGH |
| IBM Security Guardium 11.2 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 195770. | |||||
| CVE-2021-3531 | 2 Fedoraproject, Redhat | 3 Fedora, Ceph, Ceph Storage | 2021-05-25 | 5.0 MEDIUM | 5.3 MEDIUM |
| A flaw was found in the Red Hat Ceph Storage RGW in versions before 14.2.21. When processing a GET Request for a swift URL that ends with two slashes it can cause the rgw to crash, resulting in a denial of service. The greatest threat to the system is of availability. | |||||
| CVE-2021-22866 | 1 Github | 1 Enterprise Server | 2021-05-25 | 6.8 MEDIUM | 8.8 HIGH |
| A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed more permissions to be granted during a GitHub App's user-authorization web flow than was displayed to the user during approval. To exploit this vulnerability, an attacker would need to create a GitHub App on the instance and have a user authorize the application through the web authentication flow. All permissions being granted would properly be shown during the first authorization, but in certain circumstances, if the user revisits the authorization flow after the GitHub App has configured additional user-level permissions, those additional permissions may not be shown, leading to more permissions being granted than the user potentially intended. This vulnerability affected GitHub Enterprise Server 3.0.x prior to 3.0.7 and 2.22.x prior to 2.22.13. It was fixed in versions 3.0.7 and 2.22.13. This vulnerability was reported via the GitHub Bug Bounty program. | |||||
| CVE-2021-3423 | 1 Bitdefender | 1 Gravityzone Business Security | 2021-05-25 | 4.6 MEDIUM | 7.8 HIGH |
| Uncontrolled Search Path Element vulnerability in the openssl component as used in Bitdefender GravityZone Business Security allows an attacker to load a third party DLL to elevate privileges. This issue affects Bitdefender GravityZone Business Security versions prior to 6.6.23.329. | |||||
| CVE-2021-32238 | 1 Psyonix | 1 Rocket League | 2021-05-25 | 9.3 HIGH | 7.8 HIGH |
| Epic Games / Psyonix Rocket League <=1.95 is affected by Buffer Overflow. Stack-based buffer overflow occurs when Rocket League handles UPK object files that can result in code execution and denial of service scenario. | |||||
| CVE-2021-31827 | 1 Progress | 1 Moveit Transfer | 2021-05-25 | 6.5 MEDIUM | 8.8 HIGH |
| In Progress MOVEit Transfer before 2021.0 (13.0), a SQL injection vulnerability has been found in the MOVEit Transfer web app that could allow an authenticated attacker to gain unauthorized access to MOVEit Transfer's database. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker may be able to infer information about the structure and contents of the database in addition to executing SQL statements that alter or destroy database elements. This is in MOVEit.DMZ.WebApp in SILHuman.vb. | |||||
| CVE-2017-6444 | 1 Mikrotik | 2 Router Hap Lite, Routeros | 2021-05-25 | 7.8 HIGH | 7.5 HIGH |
| The MikroTik Router hAP Lite 6.25 has no protection mechanism for unsolicited TCP ACK packets in the case of a fast network connection, which allows remote attackers to cause a denial of service (CPU consumption) by sending many ACK packets. After the attacker stops the exploit, the CPU usage is 100% and the router requires a reboot for normal operation. | |||||
| CVE-2020-12526 | 1 Beckhoff | 3 Ipc Diagnostics Ua Server, Tf6100, Twincat Opc Ua Server | 2021-05-25 | 5.0 MEDIUM | 5.3 MEDIUM |
| TwinCAT OPC UA Server in versions up to 2.3.0.12 and IPC Diagnostics UA Server in versions up to 3.1.0.1 from Beckhoff Automation GmbH & Co. KG are vulnerable to denial of service attacks. The attacker needs to send several specifically crafted requests to the running OPC UA server. After some of these requests the OPC UA server is no longer responsive to any client. This is without effect to the real-time functionality of IPCs. | |||||
| CVE-2020-12967 | 1 Amd | 65 Epyc 7232p, Epyc 7251, Epyc 7252 and 62 more | 2021-05-25 | 9.0 HIGH | 7.2 HIGH |
| The lack of nested page table protection in the AMD SEV/SEV-ES feature could potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor. | |||||
| CVE-2021-26311 | 1 Amd | 65 Epyc 7232p, Epyc 7251, Epyc 7252 and 62 more | 2021-05-25 | 9.0 HIGH | 7.2 HIGH |
| In the AMD SEV/SEV-ES feature, memory can be rearranged in the guest address space that is not detected by the attestation mechanism which could be used by a malicious hypervisor to potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor. | |||||
| CVE-2021-24288 | 1 Acymailing | 1 Acymailing | 2021-05-25 | 5.8 MEDIUM | 6.1 MEDIUM |
| When subscribing using AcyMailing, the 'redirect' parameter isn't properly sanitized. Turning the request from POST to GET, an attacker can craft a link containing a potentially malicious landing page and send it to the victim. | |||||
| CVE-2021-23384 | 1 Koa-remove-trailing-slashes Project | 1 Koa-remove-trailing-slashes | 2021-05-25 | 5.8 MEDIUM | 5.4 MEDIUM |
| The package koa-remove-trailing-slashes before 2.0.2 are vulnerable to Open Redirect via the use of trailing double slashes in the URL when accessing the vulnerable endpoint (such as https://example.com//attacker.example/). The vulnerable code is in index.js::removeTrailingSlashes(), as the web server uses relative URLs instead of absolute URLs. | |||||
| CVE-2021-20386 | 1 Ibm | 1 Security Guardium | 2021-05-25 | 4.3 MEDIUM | 6.1 MEDIUM |
| IBM Security Guardium 11.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 195767. | |||||
| CVE-2021-20385 | 1 Ibm | 1 Security Guardium | 2021-05-25 | 9.0 HIGH | 7.2 HIGH |
| IBM Security Guardium 11.2 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 195766. | |||||
| CVE-2021-22117 | 2 Microsoft, Vmware | 2 Windows, Rabbitmq | 2021-05-25 | 4.6 MEDIUM | 7.8 HIGH |
| RabbitMQ installers on Windows prior to version 3.8.16 do not harden plugin directory permissions, potentially allowing attackers with sufficient local filesystem permissions to add arbitrary plugins. | |||||
| CVE-2021-31930 | 1 Concerto-signage | 1 Concerto | 2021-05-25 | 4.3 MEDIUM | 6.1 MEDIUM |
| Persistent cross-site scripting (XSS) in the web interface of Concerto through 2.3.6 allows an unauthenticated remote attacker to introduce arbitrary JavaScript by injecting an XSS payload into the First Name or Last Name parameter upon registration. When a privileged user attempts to delete the account, the XSS payload will be executed. | |||||
| CVE-2021-27737 | 1 Apache | 1 Traffic Server | 2021-05-25 | 5.0 MEDIUM | 7.5 HIGH |
| Apache Traffic Server 9.0.0 is vulnerable to a remote DOS attack on the experimental Slicer plugin. | |||||
| CVE-2021-29510 | 2 Fedoraproject, Pydantic Project | 2 Fedora, Pydantic | 2021-05-25 | 5.0 MEDIUM | 7.5 HIGH |
| Pydantic is a data validation and settings management using Python type hinting. In affected versions passing either `'infinity'`, `'inf'` or `float('inf')` (or their negatives) to `datetime` or `date` fields causes validation to run forever with 100% CPU usage (on one CPU). Pydantic has been patched with fixes available in the following versions: v1.8.2, v1.7.4, v1.6.2. All these versions are available on pypi(https://pypi.org/project/pydantic/#history), and will be available on conda-forge(https://anaconda.org/conda-forge/pydantic) soon. See the changelog(https://pydantic-docs.helpmanual.io/) for details. If you absolutely can't upgrade, you can work around this risk using a validator(https://pydantic-docs.helpmanual.io/usage/validators/) to catch these values. This is not an ideal solution (in particular you'll need a slightly different function for datetimes), instead of a hack like this you should upgrade pydantic. If you are not using v1.8.x, v1.7.x or v1.6.x and are unable to upgrade to a fixed version of pydantic, please create an issue at https://github.com/samuelcolvin/pydantic/issues requesting a back-port, and we will endeavour to release a patch for earlier versions of pydantic. | |||||
| CVE-2020-4990 | 1 Ibm | 1 Security Guardium | 2021-05-25 | 6.5 MEDIUM | 8.8 HIGH |
| IBM Security Guardium 11.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 192710. | |||||
| CVE-2021-33041 | 1 Vmd Project | 1 Vmd | 2021-05-25 | 4.3 MEDIUM | 6.1 MEDIUM |
| vmd through 1.34.0 allows 'div class="markdown-body"' XSS, as demonstrated by Electron remote code execution via require('child_process').execSync('calc.exe') on Windows and a similar attack on macOS. | |||||
| CVE-2021-32402 | 1 Intelbras | 2 Rf 301k, Rf 301k Firmware | 2021-05-25 | 6.8 MEDIUM | 8.8 HIGH |
| Intelbras Router RF 301K Firmware 1.1.2 is vulnerable to Cross Site Request Forgery (CSRF) due to lack of validation and insecure configurations in inputs and modules. | |||||
| CVE-2021-23906 | 1 Mercedes-benz | 8 A 220, A 220 4matic, E 350 and 5 more | 2021-05-25 | 2.1 LOW | 6.8 MEDIUM |
| An issue was discovered in the Headunit NTG6 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. A Message Length is not checked in the HiQnet Protocol, leading to remote code execution. | |||||
| CVE-2021-29051 | 1 Liferay | 2 Dxp, Liferay Portal | 2021-05-25 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in the Asset module's Asset Publisher app in Liferay Portal 7.2.1 through 7.3.5, and Liferay DXP 7.1 before fix pack 21, 7.2 before fix pack 10 and 7.3 before fix pack 1 allows remote attackers to inject arbitrary web script or HTML via the _com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_XXXXXXXXXXXX_assetEntryId parameter. | |||||
| CVE-2021-29048 | 1 Liferay | 2 Dxp, Liferay Portal | 2021-05-25 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in the Layout module's page administration page in Liferay Portal 7.3.4, 7.3.5 and Liferay DXP 7.2 before fix pack 11 and 7.3 before fix pack 1 allows remote attackers to inject arbitrary web script or HTML via the _com_liferay_layout_admin_web_portlet_GroupPagesPortlet_name parameter. | |||||
| CVE-2020-20266 | 1 Mikrotik | 1 Routeros | 2021-05-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/dot1x process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). | |||||
| CVE-2020-20253 | 1 Mikrotik | 1 Routeros | 2021-05-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| Mikrotik RouterOs before 6.47 (stable tree) suffers from a divison by zero vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service due to a divide by zero error. | |||||
| CVE-2018-1190 | 2 Cloudfoundry, Pivotal | 3 Cf-release, Uaa, Uaa Bosh | 2021-05-25 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in these Pivotal Cloud Foundry products: all versions prior to cf-release v270, UAA v3.x prior to v3.20.2, and UAA bosh v30.x versions prior to v30.8 and all other versions prior to v45.0. A cross-site scripting (XSS) attack is possible in the clientId parameter of a request to the UAA OpenID Connect check session iframe endpoint used for single logout session management. | |||||
| CVE-2021-29053 | 1 Liferay | 2 Dxp, Liferay Portal | 2021-05-24 | 6.5 MEDIUM | 8.8 HIGH |
| Multiple SQL injection vulnerabilities in Liferay Portal 7.3.5 and Liferay DXP 7.3 before fix pack 1 allow remote authenticated users to execute arbitrary SQL commands via the classPKField parameter to (1) CommerceChannelRelFinder.countByC_C, or (2) CommerceChannelRelFinder.findByC_C. | |||||
| CVE-2021-29043 | 1 Liferay | 2 Dxp, Liferay Portal | 2021-05-24 | 4.3 MEDIUM | 5.9 MEDIUM |
| The Portal Store module in Liferay Portal 7.0.0 through 7.3.5, and Liferay DXP 7.0 before fix pack 97, 7.1 before fix pack 21, 7.2 before fix pack 10 and 7.3 before fix pack 1 does not obfuscate the S3 store's proxy password, which allows attackers to steal the proxy password via man-in-the-middle attacks or shoulder surfing. | |||||
| CVE-2021-29047 | 1 Liferay | 2 Dxp, Liferay Portal | 2021-05-24 | 5.0 MEDIUM | 7.5 HIGH |
| The SimpleCaptcha implementation in Liferay Portal 7.3.4, 7.3.5 and Liferay DXP 7.3 before fix pack 1 does not invalidate CAPTCHA answers after it is used, which allows remote attackers to repeatedly perform actions protected by a CAPTCHA challenge by reusing the same CAPTCHA answer. | |||||
| CVE-2021-29691 | 4 Ibm, Linux, Microsoft and 1 more | 5 Aix, Security Identity Manager, Linux Kernel and 2 more | 2021-05-24 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Security Identity Manager 7.0.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 200252. | |||||
| CVE-2020-24740 | 1 Pluck-cms | 1 Pluck | 2021-05-24 | 4.3 MEDIUM | 4.3 MEDIUM |
| An issue was discovered in Pluck 4.7.10-dev2. There is a CSRF vulnerability that can editpage via a /admin.php?action=editpage | |||||
| CVE-2021-29692 | 4 Ibm, Linux, Microsoft and 1 more | 5 Aix, Security Identity Manager, Linux Kernel and 2 more | 2021-05-24 | 4.3 MEDIUM | 5.9 MEDIUM |
| IBM Security Identity Manager 7.0.2 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 200253. | |||||
| CVE-2021-29688 | 4 Ibm, Linux, Microsoft and 1 more | 5 Aix, Security Identity Manager, Linux Kernel and 2 more | 2021-05-24 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Security Identity Manager 7.0.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 200102. | |||||
| CVE-2021-29046 | 1 Liferay | 2 Dxp, Liferay Portal | 2021-05-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in the Asset module's category selector input field in Liferay Portal 7.3.5 and Liferay DXP 7.3 before fix pack 1, allows remote attackers to inject arbitrary web script or HTML via the _com_liferay_asset_categories_admin_web_portlet_AssetCategoriesAdminPortlet_title parameter. | |||||
| CVE-2021-29045 | 1 Liferay | 2 Dxp, Liferay Portal | 2021-05-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in the Redirect module's redirection administration page in Liferay Portal 7.3.2 through 7.3.5, and Liferay DXP 7.3 before fix pack 1 allows remote attackers to inject arbitrary web script or HTML via the _com_liferay_redirect_web_internal_portlet_RedirectPortlet_destinationURL parameter. | |||||
| CVE-2021-29044 | 1 Liferay | 2 Dxp, Liferay Portal | 2021-05-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in the Site module's membership request administration pages in Liferay Portal 7.0.0 through 7.3.5, and Liferay DXP 7.0 before fix pack 97, 7.1 before fix pack 21, 7.2 before fix pack 10 and 7.3 before fix pack 1 allows remote attackers to inject arbitrary web script or HTML via the _com_liferay_site_my_sites_web_portlet_MySitesPortlet_comments parameter. | |||||
| CVE-2021-31324 | 1 Centos-webpanel | 1 Centos Web Panel | 2021-05-24 | 10.0 HIGH | 9.8 CRITICAL |
| The unprivileged user portal part of CentOS Web Panel is affected by a Command Injection vulnerability leading to root Remote Code Execution. | |||||
| CVE-2021-31316 | 1 Centos-webpanel | 1 Centos Web Panel | 2021-05-24 | 10.0 HIGH | 9.8 CRITICAL |
| The unprivileged user portal part of CentOS Web Panel is affected by a SQL Injection via the 'idsession' HTTP POST parameter. | |||||
| CVE-2021-27342 | 1 Dlink | 2 Dir-842e, Dir-842e Firmware | 2021-05-24 | 4.3 MEDIUM | 5.9 MEDIUM |
| An authentication brute-force protection mechanism bypass in telnetd in D-Link Router model DIR-842 firmware version 3.0.2 allows a remote attacker to circumvent the anti-brute-force cool-down delay period via a timing-based side-channel attack | |||||
| CVE-2020-24026 | 1 Tinyshop Project | 1 Tinyshop | 2021-05-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| TinyShop, a free and open source mall based on RageFrame2, has a stored XSS vulnerability that affects version 1.2.0. TinyShop allows XSS via the explain_first and again_explain parameters of the /evaluate/index.php page. The vulnerability may be exploited remotely, resulting in cross-site scripting (XSS) or information disclosure. | |||||
| CVE-2020-23861 | 1 Gnu | 1 Libredwg | 2021-05-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| A heap-based buffer overflow vulnerability exists in LibreDWG 0.10.1 via the read_system_page function at libredwg-0.10.1/src/decode_r2007.c:666:5, which causes a denial of service by submitting a dwg file. | |||||
| CVE-2021-29506 | 1 Graphhopper | 1 Graphhopper | 2021-05-24 | 4.0 MEDIUM | 6.5 MEDIUM |
| GraphHopper is an open-source Java routing engine. In GrassHopper from version 2.0 and before version 2.4, there is a regular expression injection vulnerability that may lead to Denial of Service. This has been patched in 2.4 and 3.0 See this pull request for the fix: https://github.com/graphhopper/graphhopper/pull/2304 | |||||
| CVE-2020-21813 | 1 Gnu | 1 Libredwg | 2021-05-24 | 6.8 MEDIUM | 7.8 HIGH |
| A heap based buffer overflow issue exists in GNU LibreDWG 0.10.2641 via output_TEXT ../../programs/dwg2SVG.c:114. | |||||
| CVE-2021-22668 | 1 Deltaww | 1 Cncsoft Screeneditor | 2021-05-24 | 7.5 HIGH | 9.8 CRITICAL |
| Delta Industrial Automation CNCSoft ScreenEditor Versions 1.01.28 (with ScreenEditor Version 1.01.2) and prior are vulnerable to an out-of-bounds read while processing project files, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2020-15279 | 1 Bitdefender | 1 Endpoint Security Tools | 2021-05-24 | 2.1 LOW | 3.3 LOW |
| An Improper Access Control vulnerability in the logging component of Bitdefender Endpoint Security Tools for Windows versions prior to 6.6.23.320 allows a regular user to learn the scanning exclusion paths. This issue was discovered during external security research. | |||||
| CVE-2021-29509 | 1 Puma | 1 Puma | 2021-05-24 | 5.0 MEDIUM | 7.5 HIGH |
| Puma is a concurrent HTTP 1.1 server for Ruby/Rack applications. The fix for CVE-2019-16770 was incomplete. The original fix only protected existing connections that had already been accepted from having their requests starved by greedy persistent-connections saturating all threads in the same process. However, new connections may still be starved by greedy persistent-connections saturating all threads in all processes in the cluster. A `puma` server which received more concurrent `keep-alive` connections than the server had threads in its threadpool would service only a subset of connections, denying service to the unserved connections. This problem has been fixed in `puma` 4.3.8 and 5.3.1. Setting `queue_requests false` also fixes the issue. This is not advised when using `puma` without a reverse proxy, such as `nginx` or `apache`, because you will open yourself to slow client attacks (e.g. slowloris). The fix is very small and a git patch is available for those using unsupported versions of Puma. | |||||
| CVE-2021-29039 | 1 Liferay | 1 Liferay Portal | 2021-05-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in the Asset module's categories administration page in Liferay Portal 7.3.4 allows remote attackers to inject arbitrary web script or HTML via the site name. | |||||