Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-1520 | 1 Cisco | 8 Rv340, Rv340 Firmware, Rv340w and 5 more | 2021-05-14 | 7.2 HIGH | 6.7 MEDIUM |
| A vulnerability in the internal message processing of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, local attacker to run arbitrary commands with root privileges on the underlying operating system (OS). This vulnerability exists because an internal messaging service does not properly sanitize input. An attacker could exploit this vulnerability by first authenticating to the device and then sending a crafted request to the internal service. A successful exploit could allow the attacker to run arbitrary commands with root privileges on the underlying OS. To exploit this vulnerability, the attacker must have valid Administrator credentials for the device. | |||||
| CVE-2021-1365 | 1 Cisco | 1 Unified Communications Manager Im And Presence Service | 2021-05-14 | 5.5 MEDIUM | 8.1 HIGH |
| Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. These vulnerabilities are due to improper validation of user-submitted parameters. An attacker could exploit these vulnerabilities by authenticating to the application and sending malicious requests to an affected system. A successful exploit could allow the attacker to obtain data or modify data that is stored in the underlying database. | |||||
| CVE-2021-1363 | 1 Cisco | 1 Unified Communications Manager Im And Presence Service | 2021-05-14 | 5.5 MEDIUM | 8.1 HIGH |
| Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. These vulnerabilities are due to improper validation of user-submitted parameters. An attacker could exploit these vulnerabilities by authenticating to the application and sending malicious requests to an affected system. A successful exploit could allow the attacker to obtain data or modify data that is stored in the underlying database. | |||||
| CVE-2021-1532 | 1 Cisco | 2 Roomos, Telepresence Collaboration Endpoint | 2021-05-14 | 4.0 MEDIUM | 6.5 MEDIUM |
| A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an authenticated, remote attacker to read arbitrary files from the underlying operating system. This vulnerability is due to insufficient path validation of command arguments. An attacker could exploit this vulnerability by sending a crafted command request to the xAPI. A successful exploit could allow the attacker to read the contents of any file that is located on the device filesystem. | |||||
| CVE-2021-1530 | 1 Cisco | 1 Broadworks Messaging Server | 2021-05-14 | 5.5 MEDIUM | 7.1 HIGH |
| A vulnerability in the web-based management interface of Cisco BroadWorks Messaging Server Software could allow an authenticated, remote attacker to access sensitive information or cause a partial denial of service (DoS) condition on an affected system. This vulnerability is due to improper handling of XML External Entity (XXE) entries when parsing certain XML files. An attacker could exploit this vulnerability by uploading a crafted XML file that contains references to external entities. A successful exploit could allow the attacker to retrieve files from the local system, resulting in the disclosure of sensitive information, or cause the application to consume available resources, resulting in a partial DoS condition on an affected system. There are workarounds that address this vulnerability. | |||||
| CVE-2021-1478 | 1 Cisco | 2 Hosted Collaboration Mediation Fulfillment, Unified Communications Manager | 2021-05-14 | 6.8 MEDIUM | 6.5 MEDIUM |
| A vulnerability in the Java Management Extensions (JMX) component of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected system. This vulnerability is due to an unsecured TCP/IP port. An attacker could exploit this vulnerability by accessing the port and restarting the JMX process. A successful exploit could allow the attacker to cause a DoS condition on an affected system. | |||||
| CVE-2017-3139 | 1 Redhat | 3 Enterprise Linux Server Aus, Enterprise Linux Server Eus, Enterprise Linux Server Tus | 2021-05-14 | 5.0 MEDIUM | 7.5 HIGH |
| A denial of service flaw was found in the way BIND handled DNSSEC validation. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. | |||||
| CVE-2020-28198 | 1 Ibm | 1 Tivoli Storage Manager | 2021-05-14 | 4.4 MEDIUM | 7.0 HIGH |
| ** UNSUPPORTED WHEN ASSIGNED ** The 'id' parameter of IBM Tivoli Storage Manager Version 5 Release 2 (Command Line Administrative Interface, dsmadmc.exe) is vulnerable to an exploitable stack buffer overflow. Note: the vulnerability can be exploited when it is used in "interactive" mode while, cause of a max number characters limitation, it cannot be exploited in batch or command line usage (e.g. dsmadmc.exe -id=username -password=pwd). NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2021-1516 | 1 Cisco | 5 Asyncos, Content Security Management Appliance, Email Security Appliance and 2 more | 2021-05-14 | 4.0 MEDIUM | 6.5 MEDIUM |
| A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA), Cisco Email Security Appliance (ESA), and Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability exists because confidential information is included in HTTP requests that are exchanged between the user and the device. An attacker could exploit this vulnerability by looking at the raw HTTP requests that are sent to the interface. A successful exploit could allow the attacker to obtain some of the passwords that are configured throughout the interface. | |||||
| CVE-2021-1511 | 1 Cisco | 18 Vedge-100b, Vedge-100b Firmware, Vedge-cloud and 15 more | 2021-05-14 | 6.8 MEDIUM | 6.5 MEDIUM |
| Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2021-1510 | 1 Cisco | 18 Vedge-100b, Vedge-100b Firmware, Vedge-cloud and 15 more | 2021-05-14 | 5.0 MEDIUM | 7.5 HIGH |
| Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2021-1509 | 1 Cisco | 18 Vedge-100b, Vedge-100b Firmware, Vedge-cloud and 15 more | 2021-05-14 | 8.5 HIGH | 7.5 HIGH |
| Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2021-29448 | 1 Pi-hole | 3 Ftldns, Pi-hole, Web Interface | 2021-05-14 | 5.8 MEDIUM | 8.8 HIGH |
| Pi-hole is a Linux network-level advertisement and Internet tracker blocking application. The Stored XSS exists in the Pi-hole Admin portal, which can be exploited by the malicious actor with the network access to DNS server. See the referenced GitHub security advisory for patch details. | |||||
| CVE-2014-7208 | 1 Gparted | 1 Gparted | 2021-05-14 | 7.2 HIGH | N/A |
| GParted before 0.15.0 allows local users to execute arbitrary commands with root privileges via shell metacharacters in a crafted filesystem label. | |||||
| CVE-2021-29482 | 1 Xz Project | 1 Xz | 2021-05-14 | 5.0 MEDIUM | 7.5 HIGH |
| xz is a compression and decompression library focusing on the xz format completely written in Go. The function readUvarint used to read the xz container format may not terminate a loop provide malicous input. The problem has been fixed in release v0.5.8. As a workaround users can limit the size of the compressed file input to a reasonable size for their use case. The standard library had recently the same issue and got the CVE-2020-16845 allocated. | |||||
| CVE-2021-31905 | 1 Jetbrains | 1 Youtrack | 2021-05-14 | 5.0 MEDIUM | 7.5 HIGH |
| In JetBrains YouTrack before 2020.6.8801, information disclosure in an issue preview was possible. | |||||
| CVE-2021-30504 | 1 Jetbrains | 1 Intellij Idea | 2021-05-14 | 5.0 MEDIUM | 7.5 HIGH |
| In JetBrains IntelliJ IDEA before 2021.1, DoS was possible because of unbounded resource allocation. | |||||
| CVE-2021-31904 | 1 Jetbrains | 1 Teamcity | 2021-05-14 | 4.3 MEDIUM | 6.1 MEDIUM |
| In JetBrains TeamCity before 2020.2.2, XSS was potentially possible on the test history page. | |||||
| CVE-2021-31911 | 1 Jetbrains | 1 Teamcity | 2021-05-14 | 4.3 MEDIUM | 6.1 MEDIUM |
| In JetBrains TeamCity before 2020.2.3, reflected XSS was possible on several pages. | |||||
| CVE-2021-32100 | 1 Artica | 1 Pandora Fms | 2021-05-14 | 4.0 MEDIUM | 6.5 MEDIUM |
| A remote file inclusion vulnerability exists in Artica Pandora FMS 742, exploitable by the lowest privileged user. | |||||
| CVE-2021-32544 | 1 Igt\+ Project | 1 Igt\+ | 2021-05-14 | 3.5 LOW | 5.4 MEDIUM |
| Special characters of IGT search function in igt+ are not filtered in specific fields, which allow remote authenticated attackers can inject malicious JavaScript and carry out DOM-based XSS (Cross-site scripting) attacks. | |||||
| CVE-2021-31906 | 1 Jetbrains | 1 Teamcity | 2021-05-14 | 4.0 MEDIUM | 2.7 LOW |
| In JetBrains TeamCity before 2020.2.2, audit logs were not sufficient when an administrator uploaded a file. | |||||
| CVE-2021-31907 | 1 Jetbrains | 1 Teamcity | 2021-05-14 | 5.0 MEDIUM | 5.3 MEDIUM |
| In JetBrains TeamCity before 2020.2.2, permission checks for changing TeamCity plugins were implemented improperly. | |||||
| CVE-2021-1490 | 1 Cisco | 1 Web Security Appliance | 2021-05-14 | 4.3 MEDIUM | 6.1 MEDIUM |
| A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by persuading a user to retrieve a crafted file that contains malicious payload and upload it to the affected device. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. | |||||
| CVE-2021-31909 | 1 Jetbrains | 1 Teamcity | 2021-05-14 | 7.5 HIGH | 9.8 CRITICAL |
| In JetBrains TeamCity before 2020.2.3, argument injection leading to remote code execution was possible. | |||||
| CVE-2021-1447 | 1 Cisco | 1 Content Security Management Appliance | 2021-05-14 | 7.2 HIGH | 6.7 MEDIUM |
| A vulnerability in the user account management system of Cisco AsyncOS for Cisco Content Security Management Appliance (SMA) could allow an authenticated, local attacker to elevate their privileges to root. This vulnerability is due to a procedural flaw in the password generation algorithm. An attacker could exploit this vulnerability by enabling specific Administrator-only features and connecting to the appliance through the CLI with elevated privileges. A successful exploit could allow the attacker to execute arbitrary commands as root and access the underlying operating system. To exploit this vulnerability, the attacker must have valid Administrator credentials. | |||||
| CVE-2021-30214 | 1 Eng | 1 Knowage | 2021-05-14 | 3.5 LOW | 5.4 MEDIUM |
| Knowage Suite 7.3 is vulnerable to Stored Client-Side Template Injection in '/knowage/restful-services/signup/update' via the 'name' parameter. | |||||
| CVE-2021-30213 | 1 Eng | 1 Knowage | 2021-05-14 | 4.3 MEDIUM | 6.1 MEDIUM |
| Knowage Suite 7.3 is vulnerable to unauthenticated reflected cross-site scripting (XSS). An attacker can inject arbitrary web script in '/servlet/AdapterHTTP' via the 'targetService' parameter. | |||||
| CVE-2021-30212 | 1 Eng | 1 Knowage | 2021-05-14 | 3.5 LOW | 5.4 MEDIUM |
| Knowage Suite 7.3 is vulnerable to Stored Cross-Site Scripting (XSS). An attacker can inject arbitrary web script in '/knowage/restful-services/documentnotes/saveNote' via the 'nota' parameter. | |||||
| CVE-2021-30211 | 1 Eng | 1 Knowage | 2021-05-14 | 3.5 LOW | 5.4 MEDIUM |
| Knowage Suite 7.3 is vulnerable to Stored Cross-Site Scripting (XSS). An attacker can inject arbitrary web script in '/knowage/restful-services/signup/update' via the 'surname' parameter. | |||||
| CVE-2020-4535 | 1 Ibm | 1 Openpages Grc Platform | 2021-05-14 | 3.5 LOW | 5.4 MEDIUM |
| IBM OpenPages GRC Platform 8.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182906. | |||||
| CVE-2008-4539 | 4 Canonical, Debian, Kvm Qumranet and 1 more | 4 Ubuntu Linux, Debian Linux, Kvm and 1 more | 2021-05-14 | 7.2 HIGH | N/A |
| Heap-based buffer overflow in the Cirrus VGA implementation in (1) KVM before kvm-82 and (2) QEMU on Debian GNU/Linux and Ubuntu might allow local users to gain privileges by using the VNC console for a connection, aka the LGD-54XX "bitblt" heap overflow. NOTE: this issue exists because of an incorrect fix for CVE-2007-1320. | |||||
| CVE-2021-24254 | 1 College Publisher Import Project | 1 College Publisher Import | 2021-05-14 | 6.5 MEDIUM | 7.2 HIGH |
| The College publisher Import WordPress plugin through 0.1 does not check for the uploaded CSV file to import, allowing high privilege users to upload arbitrary files, such as PHP, leading to RCE. Due to the lack of CSRF check, the issue could also be exploited via a CSRF attack. | |||||
| CVE-2021-24253 | 1 Classyfrieds Project | 1 Classyfrieds | 2021-05-14 | 6.5 MEDIUM | 8.8 HIGH |
| The Classyfrieds WordPress plugin through 3.8 does not properly check the uploaded file when an authenticated user adds a listing, only checking the content-type in the request. This allows any authenticated user to upload arbitrary PHP files via the Add Listing feature of the plugin, leading to RCE. | |||||
| CVE-2020-13664 | 1 Drupal | 1 Drupal | 2021-05-14 | 9.3 HIGH | 8.8 HIGH |
| Arbitrary PHP code execution vulnerability in Drupal Core under certain circumstances. An attacker could trick an administrator into visiting a malicious site that could result in creating a carefully named directory on the file system. With this directory in place, an attacker could attempt to brute force a remote code execution vulnerability. Windows servers are most likely to be affected. This issue affects: Drupal Drupal Core 8.8.x versions prior to 8.8.8; 8.9.x versions prior to 8.9.1; 9.0.1 versions prior to 9.0.1. | |||||
| CVE-2021-28128 | 1 Strapi | 1 Strapi | 2021-05-14 | 5.5 MEDIUM | 8.1 HIGH |
| In Strapi through 3.6.0, the admin panel allows the changing of one's own password without entering the current password. An attacker who gains access to a valid session can use this to take over an account by changing the password. | |||||
| CVE-2021-29495 | 1 Nim-lang | 1 Nim | 2021-05-14 | 5.0 MEDIUM | 7.5 HIGH |
| Nim is a statically typed compiled systems programming language. In Nim standard library before 1.4.2, httpClient SSL/TLS certificate verification was disabled by default. Users can upgrade to version 1.4.2 to receive a patch or, as a workaround, set "verifyMode = CVerifyPeer" as documented. | |||||
| CVE-2021-30172 | 1 Junhetec | 1 Omnidirectional Communication System | 2021-05-14 | 3.5 LOW | 5.4 MEDIUM |
| Special characters of picture preview page in the Quan-Fang-Wei-Tong-Xun system are not filtered in users’ input, which allow remote authenticated attackers can inject malicious JavaScript and carry out Reflected XSS (Cross-site scripting) attacks, additionally access and manipulate customer’s information. | |||||
| CVE-2019-25043 | 1 Trustwave | 1 Modsecurity | 2021-05-14 | 5.0 MEDIUM | 5.3 MEDIUM |
| ModSecurity 3.x before 3.0.4 mishandles key-value pair parsing, as demonstrated by a "string index out of range" error and worker-process crash for a "Cookie: =abc" header. | |||||
| CVE-2021-31461 | 2 Foxitsoftware, Microsoft | 3 Phantompdf, Reader, Windows | 2021-05-14 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the the handling of app.media objects. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process Was ZDI-CAN-13333. | |||||
| CVE-2020-11268 | 1 Qualcomm | 86 Apq8009, Apq8016, Apq8074 and 83 more | 2021-05-14 | 5.0 MEDIUM | 7.5 HIGH |
| Potential UE reset while decoding a crafted Sib1 or SIB1 that schedules unsupported SIBs and can lead to denial of service in Snapdragon Auto, Snapdragon Mobile | |||||
| CVE-2018-12536 | 2 Eclipse, Oracle | 2 Jetty, Retail Xstore Point Of Service | 2021-05-14 | 5.0 MEDIUM | 5.3 MEDIUM |
| In Eclipse Jetty Server, all 9.x versions, on webapps deployed using default Error Handling, when an intentionally bad query arrives that doesn't match a dynamic url-pattern, and is eventually handled by the DefaultServlet's static file serving, the bad characters can trigger a java.nio.file.InvalidPathException which includes the full path to the base resource directory that the DefaultServlet and/or webapp is using. If this InvalidPathException is then handled by the default Error Handler, the InvalidPathException message is included in the error response, revealing the full server path to the requesting system. | |||||
| CVE-2020-11254 | 1 Qualcomm | 121 Pm6150a, Pm6150l, Pm6350 and 118 more | 2021-05-14 | 2.1 LOW | 5.5 MEDIUM |
| Memory corruption during buffer allocation due to dereferencing session ctx pointer without checking if pointer is valid in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile | |||||
| CVE-2021-21527 | 1 Dell | 1 Emc Powerscale Onefs | 2021-05-14 | 7.2 HIGH | 6.7 MEDIUM |
| Dell PowerScale OneFS 8.1.0-9.1.0 contain an improper neutralization of special elements used in an OS command vulnerability. This vulnerability may allow an authenticated user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE privileges to escalate privileges. | |||||
| CVE-2021-21550 | 1 Dell | 1 Emc Powerscale Onefs | 2021-05-14 | 7.2 HIGH | 6.7 MEDIUM |
| Dell EMC PowerScale OneFS 8.1.0-9.1.0 contain an improper neutralization of special elements used in an OS command vulnerability. This vulnerability can allow an authenticated user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE privileges to escalate privileges. | |||||
| CVE-2015-0997 | 2 Aveva, Schneider-electric | 2 Aveva Edge, Wonderware Intouch 2014 | 2021-05-14 | 5.0 MEDIUM | N/A |
| Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 provide an HMI user interface that lists all valid usernames, which makes it easier for remote attackers to obtain access via a brute-force password-guessing attack. | |||||
| CVE-2015-0996 | 2 Aveva, Schneider-electric | 2 Aveva Edge, Wonderware Intouch 2014 | 2021-05-14 | 2.1 LOW | N/A |
| Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 rely on a hardcoded cleartext password to control read access to Project files and Project Configuration files, which makes it easier for local users to obtain sensitive information by discovering this password. | |||||
| CVE-2015-0998 | 2 Aveva, Schneider-electric | 2 Aveva Edge, Wonderware Intouch 2014 | 2021-05-14 | 3.3 LOW | N/A |
| Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 transmit cleartext credentials, which allows remote attackers to obtain sensitive information by sniffing the network. | |||||
| CVE-2015-0999 | 2 Aveva, Schneider-electric | 2 Aveva Edge, Wonderware Intouch 2014 | 2021-05-14 | 2.1 LOW | N/A |
| Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 store cleartext OPC User credentials in a configuration file, which allows local users to obtain sensitive information by reading this file. | |||||
| CVE-2016-1180 | 2 Cyber-will, Ec-cube | 2 Social-button Premium, Ec-cube | 2021-05-14 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in the Cyber-Will Social-button Premium plugin before 1.1 for EC-CUBE 2.13.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||