Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-15363 | 1 Luracast | 1 Restler | 2021-04-21 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in public/examples/resources/getsource.php in Luracast Restler through 3.0.0, as used in the restler extension before 1.7.1 for TYPO3, allows remote attackers to read arbitrary files via the file parameter. | |||||
| CVE-2014-6309 | 1 Tenefit | 1 Kaazing Websocket Gateway | 2021-04-21 | 5.0 MEDIUM | 7.5 HIGH |
| The HTTP and WebSocket engine components in the server in Kaazing Gateway 4.0.2, 4.0.3, and 4.0.4 and Gateway - JMS Edition 4.0.2, 4.0.3, and 4.0.4 allow remote attackers to obtain sensitive information via vectors related to HTTP request handling. | |||||
| CVE-2021-31262 | 1 Gpac | 1 Gpac | 2021-04-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The AV1_DuplicateConfig function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||||
| CVE-2021-31414 | 1 Rpm Spec Project | 1 Rpm Spec | 2021-04-21 | 7.5 HIGH | 9.8 CRITICAL |
| The unofficial vscode-rpm-spec extension before 0.3.2 for Visual Studio Code allows remote code execution via a crafted workspace configuration. | |||||
| CVE-2021-28856 | 1 Entropymine | 1 Deark | 2021-04-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| In Deark before v1.5.8, a specially crafted input file can cause a division by zero in (src/fmtutil.c) because of the value of pixelsize. | |||||
| CVE-2021-30022 | 1 Gpac | 1 Gpac | 2021-04-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| There is a integer overflow in media_tools/av_parsers.c in the gf_avc_read_pps_bs_internal in GPAC 1.0.1. pps_id may be a negative number, so it will not return. However, avc->pps only has 255 unit, so there is an overflow, which results a crash. | |||||
| CVE-2021-30199 | 1 Gpac | 1 Gpac | 2021-04-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| In filters/reframe_latm.c in GPAC 1.0.1 there is a Null Pointer Dereference, when gf_filter_pck_get_data is called. The first arg pck may be null with a crafted mp4 file,which results in a crash. | |||||
| CVE-2021-30020 | 1 Gpac | 1 Gpac | 2021-04-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| In the function gf_hevc_read_pps_bs_internal function in media_tools/av_parsers.c in GPAC 1.0.1 there is a loop, which with crafted file, pps->num_tile_columns may be larger than sizeof(pps->column_width), which results in a heap overflow in the loop. | |||||
| CVE-2020-7924 | 1 Mongodb | 2 Database Tools, Mongomirror | 2021-04-21 | 6.4 MEDIUM | 6.5 MEDIUM |
| Usage of specific command line parameter in MongoDB Tools which was originally intended to just skip hostname checks, may result in MongoDB skipping all certificate validation. This may result in accepting invalid certificates.This issue affects: MongoDB Inc. MongoDB Database Tools 3.6 versions later than 3.6.5; 3.6 versions prior to 3.6.21; 4.0 versions prior to 4.0.21; 4.2 versions prior to 4.2.11; 100 versions prior to 100.2.0. MongoDB Inc. Mongomirror 0 versions later than 0.6.0. | |||||
| CVE-2021-30019 | 1 Gpac | 1 Gpac | 2021-04-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| In the adts_dmx_process function in filters/reframe_adts.c in GPAC 1.0.1, a crafted file may cause ctx->hdr.frame_size to be smaller than ctx->hdr.hdr_size, resulting in size to be a negative number and a heap overflow in the memcpy. | |||||
| CVE-2021-26812 | 1 Jitsi | 1 Meet | 2021-04-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) in the Jitsi Meet 2.7 through 2.8.3 plugin for Moodle via the "sessionpriv.php" module. This allows attackers to craft a malicious URL, which when clicked on by users, can inject javascript code to be run by the application. | |||||
| CVE-2021-28797 | 1 Qnap | 2 Nas, Surveillance Station | 2021-04-21 | 7.5 HIGH | 9.8 CRITICAL |
| A stack-based buffer overflow vulnerability has been reported to affect QNAP NAS devices running Surveillance Station. If exploited, this vulnerability allows attackers to execute arbitrary code. QNAP have already fixed this vulnerability in the following versions: Surveillance Station 5.1.5.4.3 (and later) for ARM CPU NAS (64bit OS) and x86 CPU NAS (64bit OS) Surveillance Station 5.1.5.3.3 (and later) for ARM CPU NAS (32bit OS) and x86 CPU NAS (32bit OS) | |||||
| CVE-2021-25377 | 2 Google, Samsung | 2 Android, Experience Service | 2021-04-21 | 4.6 MEDIUM | 7.8 HIGH |
| Intent redirection in Samsung Experience Service versions 10.8.0.4 in Android P(9.0) below, and 12.2.0.5 in Android Q(10.0) above allows attacker to execute privileged action. | |||||
| CVE-2021-29357 | 1 Outsystems | 3 Lifetime Management Console, Outsystems, Platform Server | 2021-04-21 | 5.0 MEDIUM | 8.6 HIGH |
| The ECT Provider component in OutSystems Platform Server 10 before 10.0.1104.0 and 11 before 11.9.0 (and LifeTime management console before 11.7.0) allows SSRF for arbitrary outbound HTTP requests. | |||||
| CVE-2021-27990 | 1 Appspace | 1 Appspace | 2021-04-21 | 5.0 MEDIUM | 7.5 HIGH |
| Appspace 6.2.4 is vulnerable to a broken authentication mechanism where pages such as /medianet/mail.aspx can be called directly and the framework is exposed with layouts, menus and functionalities. | |||||
| CVE-2021-28300 | 1 Gpac | 1 Gpac | 2021-04-21 | 7.5 HIGH | 9.8 CRITICAL |
| NULL Pointer Dereference in the "isomedia/track.c" module's "MergeTrack()" function of GPAC v0.5.2 allows attackers to execute arbitrary code or cause a Denial-of-Service (DoS) by uploading a malicious MP4 file. | |||||
| CVE-2018-5382 | 2 Bouncycastle, Redhat | 3 Legion-of-the-bouncy-castle-java-crytography-api, Satellite, Satellite Capsule | 2021-04-21 | 7.5 HIGH | 9.8 CRITICAL |
| The default BKS keystore use an HMAC that is only 16 bits long, which can allow an attacker to compromise the integrity of a BKS keystore. Bouncy Castle release 1.47 changes the BKS format to a format which uses a 160 bit HMAC instead. This applies to any BKS keystore generated prior to BC 1.47. For situations where people need to create the files for legacy reasons a specific keystore type "BKS-V1" was introduced in 1.49. It should be noted that the use of "BKS-V1" is discouraged by the library authors and should only be used where it is otherwise safe to do so, as in where the use of a 16 bit checksum for the file integrity check is not going to cause a security issue in itself. | |||||
| CVE-2021-25373 | 2 Google, Samsung | 2 Android, Customization Service | 2021-04-21 | 4.6 MEDIUM | 7.8 HIGH |
| Using unsafe PendingIntent in Customization Service prior to version 2.2.02.1 in Android O(8.x), 2.4.03.0 in Android P(9.0), 2.7.02.1 in Android Q(10.0) and 2.9.01.1 in Android R(11.0) allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent. | |||||
| CVE-2021-28098 | 1 Forescout | 1 Counteract | 2021-04-21 | 4.4 MEDIUM | 7.8 HIGH |
| An issue was discovered in Forescout CounterACT before 8.1.4. A local privilege escalation vulnerability is present in the logging function. SecureConnector runs with administrative privileges and writes logs entries to a file in %PROGRAMDATA%\ForeScout SecureConnector\ that has full permissions for the Everyone group. Using a symbolic link allows an attacker to point the log file to a privileged location such as %WINDIR%\System32. The resulting log file adopts the file permissions of the source of the symbolic link (in this case, the Everyone group). The log file in System32 can be replaced and renamed with a malicious DLL for DLL hijacking. | |||||
| CVE-2021-27181 | 1 Altn | 1 Mdaemon | 2021-04-21 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in MDaemon before 20.0.4. Remote Administration allows an attacker to perform a fixation of the anti-CSRF token. In order to exploit this issue, the user has to click on a malicious URL provided by the attacker and successfully authenticate into the application. Having the value of the anti-CSRF token, the attacker may trick the user into visiting his malicious page and performing any request with the privileges of attacked user. | |||||
| CVE-2021-27182 | 1 Altn | 1 Mdaemon | 2021-04-21 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in MDaemon before 20.0.4. There is an IFRAME injection vulnerability in Webmail (aka WorldClient). It can be exploited via an email message. It allows an attacker to perform any action with the privileges of the attacked user. | |||||
| CVE-2021-27183 | 1 Altn | 1 Mdaemon | 2021-04-21 | 6.5 MEDIUM | 7.2 HIGH |
| An issue was discovered in MDaemon before 20.0.4. Administrators can use Remote Administration to exploit an Arbitrary File Write vulnerability. An attacker is able to create new files in any location of the filesystem, or he may be able to modify existing files. This vulnerability may directly lead to Remote Code Execution. | |||||
| CVE-2021-25316 | 1 Suse | 2 Linux Enterprise Server, S390-tools | 2021-04-21 | 2.1 LOW | 3.3 LOW |
| A Insecure Temporary File vulnerability in s390-tools of SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-SP2 allows local attackers to prevent VM live migrations This issue affects: SUSE Linux Enterprise Server 12-SP5 s390-tools versions prior to 2.1.0-18.29.1. SUSE Linux Enterprise Server 15-SP2 s390-tools versions prior to 2.11.0-9.20.1. | |||||
| CVE-2018-13411 | 1 Zohocorp | 1 Manageengine Desktop Central | 2021-04-21 | 9.0 HIGH | 8.8 HIGH |
| An issue was discovered in Zoho ManageEngine Desktop Central before 10.0.282. A clickable company logo in a window running as SYSTEM can be abused to escalate privileges. In cloud, the issue is fixed in 10.0.470 agent version. | |||||
| CVE-2018-13412 | 1 Zohocorp | 1 Manageengine Desktop Central | 2021-04-21 | 7.2 HIGH | 7.8 HIGH |
| An issue was discovered in the Self Service Portal in Zoho ManageEngine Desktop Central before 10.0.282. A clickable company logo in a window running as SYSTEM can be abused to escalate privileges. In cloud, the issue is fixed in 10.0.470 agent version. | |||||
| CVE-2020-15803 | 1 Zabbix | 1 Zabbix | 2021-04-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget. | |||||
| CVE-2020-35846 | 1 Agentejo | 1 Cockpit | 2021-04-21 | 7.5 HIGH | 9.8 CRITICAL |
| Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php check function. | |||||
| CVE-2021-29302 | 1 Tp-link | 2 Tl-wr802n, Tl-wr802n Firmware | 2021-04-21 | 9.3 HIGH | 8.1 HIGH |
| TP-Link TL-WR802N(US), Archer_C50v5_US v4_200 <= 2020.06 contains a buffer overflow vulnerability in the httpd process in the body message. The attack vector is: The attacker can get shell of the router by sending a message through the network, which may lead to remote code execution. | |||||
| CVE-2021-27180 | 1 Altn | 1 Mdaemon | 2021-04-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in MDaemon before 20.0.4. There is Reflected XSS in Webmail (aka WorldClient). It can be exploited via a GET request. It allows performing any action with the privileges of the attacked user. | |||||
| CVE-2021-30031 | 2021-04-21 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | |||||
| CVE-2021-3125 | 1 Tp-link | 12 Tl-xdr1850, Tl-xdr1850 Firmware, Tl-xdr1860 and 9 more | 2021-04-21 | 4.3 MEDIUM | 7.5 HIGH |
| In TP-Link TL-XDR3230 < 1.0.12, TL-XDR1850 < 1.0.9, TL-XDR1860 < 1.0.14, TL-XDR3250 < 1.0.2, TL-XDR6060 Turbo < 1.1.8, TL-XDR5430 < 1.0.11, and possibly others, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set. | |||||
| CVE-2019-1797 | 1 Cisco | 1 Wireless Lan Controller Software | 2021-04-21 | 6.8 MEDIUM | 8.8 HIGH |
| A vulnerability in the web-based management interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on the device with the privileges of the user, including modifying the device configuration. The vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading an interface user to follow a crafted link. A successful exploit could allow the attacker to perform arbitrary actions on the device with the privileges of the user. Software versions prior to 8.3.150.0, 8.5.135.0, and 8.8.100.0 are affected. | |||||
| CVE-2021-27710 | 1 Totolink | 4 A720r, A720r Firmware, X5000r and 1 more | 2021-04-21 | 10.0 HIGH | 9.8 CRITICAL |
| Command Injection in TOTOLINK X5000R router with firmware v9.1.0u.6118_B20201102, and TOTOLINK A720R router with firmware v4.1.5cu.470_B20200911 allows remote attackers to execute arbitrary OS commands by sending a modified HTTP request. This occurs because the function executes glibc's system function with untrusted input. In the function, "ip" parameter is directly passed to the attacker, allowing them to control the "ip" field to attack the OS. | |||||
| CVE-2021-24028 | 1 Facebook | 1 Thrift | 2021-04-21 | 7.5 HIGH | 9.8 CRITICAL |
| An invalid free in Thrift's table-based serialization can cause the application to crash or potentially result in code execution or other undesirable effects. This issue affects Facebook Thrift prior to v2021.02.22.00. | |||||
| CVE-2021-27708 | 1 Totolink | 4 A720r, A720r Firmware, X5000r and 1 more | 2021-04-21 | 10.0 HIGH | 9.8 CRITICAL |
| Command Injection in TOTOLINK X5000R router with firmware v9.1.0u.6118_B20201102, and TOTOLINK A720R router with firmware v4.1.5cu.470_B20200911 allows remote attackers to execute arbitrary OS commands by sending a modified HTTP request. This occurs because the function executes glibc's system function with untrusted input. In the function, "command" parameter is directly passed to the attacker, allowing them to control the "command" field to attack the OS. | |||||
| CVE-2021-20491 | 1 Ibm | 1 Spectrum Protect | 2021-04-21 | 2.1 LOW | 4.4 MEDIUM |
| IBM Spectrum Protect Server 7.1 and 8.1 is subject to a stack-based buffer overflow caused by improper bounds checking during the parsing of commands. By issuing such a command with an improper parameter, an authorized administrator could overflow a buffer and cause the server to crash. IBM X-Force ID: 197792. | |||||
| CVE-2021-26827 | 1 Tp-link | 2 Tl-wr2041\+, Tl-wr2041\+ Firmware | 2021-04-21 | 7.8 HIGH | 7.5 HIGH |
| Buffer Overflow in TP-Link WR2041 v1 firmware for the TL-WR2041+ router allows remote attackers to cause a Denial-of-Service (DoS) by sending an HTTP request with a very long "ssid" parameter to the "/userRpm/popupSiteSurveyRpm.html" webpage, which crashes the router. | |||||
| CVE-2021-23276 | 1 Eaton | 3 Intelligent Power Manager, Intelligent Power Manager Virtual Appliance, Intelligent Power Protector | 2021-04-21 | 6.5 MEDIUM | 8.8 HIGH |
| Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to authenticated SQL injection. A malicious user can send a specially crafted packet to exploit the vulnerability. Successful exploitation of this vulnerability can allow attackers to add users in the data base. | |||||
| CVE-2021-23277 | 1 Eaton | 3 Intelligent Power Manager, Intelligent Power Manager Virtual Appliance, Intelligent Power Protector | 2021-04-21 | 7.5 HIGH | 10.0 CRITICAL |
| Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to unauthenticated eval injection vulnerability. The software does not neutralize code syntax from users before using in the dynamic evaluation call in loadUserFile function under scripts/libs/utils.js. Successful exploitation can allow attackers to control the input to the function and execute attacker controlled commands. | |||||
| CVE-2021-23278 | 1 Eaton | 3 Intelligent Power Manager, Intelligent Power Manager Virtual Appliance, Intelligent Power Protector | 2021-04-21 | 5.5 MEDIUM | 9.6 CRITICAL |
| Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to authenticated arbitrary file delete vulnerability induced due to improper input validation at server/maps_srv.js with action removeBackground and server/node_upgrade_srv.js with action removeFirmware. An attacker can send specially crafted packets to delete the files on the system where IPM software is installed. | |||||
| CVE-2021-0488 | 1 Google | 1 Android | 2021-04-21 | 7.2 HIGH | 6.7 MEDIUM |
| In pb_write of pb_encode.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-178754781 | |||||
| CVE-2007-5187 | 1 Php-fusion | 1 Expanded Calendar Module | 2021-04-21 | 7.5 HIGH | N/A |
| SQL injection vulnerability in infusions/calendar_events_panel/show_single.php in the Expanded Calendar 2.x module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the sel parameter. | |||||
| CVE-2008-2576 | 1 Oracle | 1 Weblogic Server | 2021-04-21 | 4.4 MEDIUM | N/A |
| Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 9.2, 9.1, 9.0, and 8.1 SP6 has unknown impact and local attack vectors. | |||||
| CVE-2021-23279 | 1 Eaton | 3 Intelligent Power Manager, Intelligent Power Manager Virtual Appliance, Intelligent Power Protector | 2021-04-21 | 6.4 MEDIUM | 10.0 CRITICAL |
| Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to unauthenticated arbitrary file delete vulnerability induced due to improper input validation in meta_driver_srv.js class with saveDriverData action using invalidated driverID. An attacker can send specially crafted packets to delete the files on the system where IPM software is installed. | |||||
| CVE-2021-30459 | 1 Jazzband | 1 Django Debug Toolbar | 2021-04-21 | 7.5 HIGH | 9.8 CRITICAL |
| A SQL Injection issue in the SQL Panel in Jazzband Django Debug Toolbar before 1.11.1, 2.x before 2.2.1, and 3.x before 3.2.1 allows attackers to execute SQL statements by changing the raw_sql input field of the SQL explain, analyze, or select form. | |||||
| CVE-2010-0073 | 1 Oracle | 1 Weblogic Server | 2021-04-21 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the WebLogic Server in Oracle WebLogic Server 7.0 SP7, 8.1 SP6, 9.0, 9.1, 9.2 MP3, 10.0 MP2, and 10.3.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2010-4931 | 1 Php-fusion | 1 Php-fusion | 2021-04-21 | 10.0 HIGH | N/A |
| ** DISPUTED ** Directory traversal vulnerability in maincore.php in PHP-Fusion allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the folder_level parameter. NOTE: this issue has been disputed by a reliable third party. | |||||
| CVE-2008-5197 | 1 Php-fusion | 1 Php-fusion | 2021-04-21 | 7.5 HIGH | N/A |
| SQL injection vulnerability in classifieds.php in PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the lid parameter in a detail_adverts action. | |||||
| CVE-2021-28048 | 1 Devolutions | 1 Devolutions Server | 2021-04-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An overly permissive CORS policy in Devolutions Server before 2021.1 and Devolutions Server LTS before 2020.3.18 allows a remote attacker to leak cross-origin data via a crafted HTML page. | |||||
| CVE-2021-28157 | 1 Devolutions | 1 Devolutions Server | 2021-04-21 | 6.5 MEDIUM | 7.2 HIGH |
| An SQL Injection issue in Devolutions Server before 2021.1 and Devolutions Server LTS before 2020.3.18 allows an administrative user to execute arbitrary SQL commands via a username in api/security/userinfo/delete. | |||||