Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-24263 | 1 Portainer | 1 Portainer | 2021-03-23 | 6.5 MEDIUM | 8.8 HIGH |
| Portainer 1.24.1 and earlier is affected by an insecure permissions vulnerability that may lead to remote arbitrary code execution. A non-admin user is allowed to spawn new containers with critical capabilities such as SYS_MODULE, which can be used to take over the Docker host. | |||||
| CVE-2021-20675 | 1 M-system | 10 Dl8-a, Dl8-a Firmware, Dl8-b and 7 more | 2021-03-23 | 6.8 MEDIUM | 6.5 MEDIUM |
| M-System DL8 series (type A (DL8-A) versions prior to Ver3.0, type B (DL8-B) versions prior to Ver3.0, type C (DL8-C) versions prior to Ver3.0, type D (DL8-D) versions prior to Ver3.0, and type E (DL8-E) versions prior to Ver3.0) allows remote authenticated attackers to cause a denial of service (DoS) condition via unspecified vectors. | |||||
| CVE-2021-20676 | 1 M-system | 10 Dl8-a, Dl8-a Firmware, Dl8-b and 7 more | 2021-03-23 | 4.0 MEDIUM | 4.3 MEDIUM |
| M-System DL8 series (type A (DL8-A) versions prior to Ver3.0, type B (DL8-B) versions prior to Ver3.0, type C (DL8-C) versions prior to Ver3.0, type D (DL8-D) versions prior to Ver3.0, and type E (DL8-E) versions prior to Ver3.0) allows remote authenticated attackers to bypass access restriction and conduct prohibited operations via unspecified vectors. | |||||
| CVE-2019-18231 | 1 Advantech | 2 Spectre Rt Ert351, Spectre Rt Ert351 Firmware | 2021-03-23 | 5.0 MEDIUM | 7.5 HIGH |
| Advantech Spectre RT ERT351 Versions 5.1.3 and prior logins and passwords are transmitted in clear text form, which may allow an attacker to intercept the request. | |||||
| CVE-2019-18233 | 1 Advantech | 2 Spectre Rt Ert351, Spectre Rt Ert351 Firmware | 2021-03-23 | 4.3 MEDIUM | 6.1 MEDIUM |
| In Advantech Spectre RT Industrial Routers ERT351 5.1.3 and prior, the affected product does not neutralize special characters in the error response, allowing attackers to use a reflected XSS attack. | |||||
| CVE-2019-18235 | 1 Advantech | 2 Spectre Rt Ert351, Spectre Rt Ert351 Firmware | 2021-03-23 | 7.5 HIGH | 9.8 CRITICAL |
| Advantech Spectre RT ERT351 Versions 5.1.3 and prior has insufficient login authentication parameters required for the web application may allow an attacker to gain full access using a brute-force password attack. | |||||
| CVE-2020-27861 | 1 Netgear | 71 Cbk40, Cbk40 Firmware, Cbk43 and 68 more | 2021-03-23 | 8.3 HIGH | 8.8 HIGH |
| This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Orbi 2.5.1.16 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UA_Parser utility. A crafted Host Name option in a DHCP request can trigger execution of a system call composed from a user-supplied string. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-11076. | |||||
| CVE-2020-24264 | 1 Portainer | 1 Portainer | 2021-03-23 | 10.0 HIGH | 9.8 CRITICAL |
| Portainer 1.24.1 and earlier is affected by incorrect access control that may lead to remote arbitrary code execution. The restriction checks for bind mounts are applied only on the client-side and not the server-side, which can lead to spawning a container with bind mount. Once such a container is spawned, it can be leveraged to break out of the container leading to complete Docker host machine takeover. | |||||
| CVE-2021-24123 | 1 Blubrry | 1 Powerpress | 2021-03-23 | 6.5 MEDIUM | 7.2 HIGH |
| Arbitrary file upload in the PowerPress WordPress plugin, versions before 8.3.8, did not verify some of the uploaded feed images (such as the ones from Podcast Artwork section), allowing high privilege accounts (admin+) being able to upload arbitrary files, such as php, leading to RCE. | |||||
| CVE-2021-23351 | 2 Fedoraproject, Go-proxyproto Project | 2 Fedora, Go-proxyproto | 2021-03-23 | 4.0 MEDIUM | 4.9 MEDIUM |
| The package github.com/pires/go-proxyproto before 0.5.0 are vulnerable to Denial of Service (DoS) via the parseVersion1() function. The reader in this package is a default bufio.Reader wrapping a net.Conn. It will read from the connection until it finds a newline. Since no limits are implemented in the code, a deliberately malformed V1 header could be used to exhaust memory in a server process using this code - and create a DoS. This can be exploited by sending a stream starting with PROXY and continuing to send data (which does not contain a newline) until the target stops acknowledging. The risk here is small, because only trusted sources should be allowed to send proxy protocol headers. | |||||
| CVE-2021-24124 | 1 Terryl | 1 Wp Shieldon | 2021-03-23 | 4.3 MEDIUM | 6.1 MEDIUM |
| Unvalidated input and lack of output encoding in the WP Shieldon WordPress plugin, version 1.6.3 and below, leads to Unauthenticated Reflected Cross-Site Scripting (XSS) when the CAPTCHA page is shown could lead to privileged escalation. | |||||
| CVE-2021-24148 | 1 Inspireui | 1 Mstore Api | 2021-03-23 | 10.0 HIGH | 9.8 CRITICAL |
| A business logic issue in the MStore API WordPress plugin, versions before 3.2.0, had an authentication bypass with Sign In With Apple allowing unauthenticated users to recover an authentication cookie with only an email address. | |||||
| CVE-2021-22651 | 2 Luxion, Siemens | 8 Keyshot, Keyshot Network Rendering, Keyshot Viewer and 5 more | 2021-03-23 | 6.8 MEDIUM | 7.8 HIGH |
| When loading a specially crafted file, Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are, while processing the extraction of temporary files, suffering from a directory traversal vulnerability, which allows an attacker to store arbitrary scripts into automatic startup folders. | |||||
| CVE-2021-24137 | 1 Adenion | 1 Blog2social | 2021-03-23 | 6.5 MEDIUM | 8.8 HIGH |
| Unvalidated input in the Blog2Social WordPress plugin, versions before 6.3.1, lead to SQL Injection in the Re-Share Posts feature, allowing authenticated users to inject arbitrary SQL commands. | |||||
| CVE-2021-22649 | 2 Luxion, Siemens | 8 Keyshot, Keyshot Network Rendering, Keyshot Viewer and 5 more | 2021-03-23 | 6.8 MEDIUM | 7.8 HIGH |
| Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 have multiple NULL pointer dereference issues while processing project files, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2021-22645 | 2 Luxion, Siemens | 8 Keyshot, Keyshot Network Rendering, Keyshot Viewer and 5 more | 2021-03-23 | 6.8 MEDIUM | 7.8 HIGH |
| Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are vulnerable to an attack because the .bip documents display a “load” command, which can be pointed to a .dll from a remote network share. As a result, the .dll entry point can be executed without sufficient UI warning. | |||||
| CVE-2021-24149 | 1 Webnus | 1 Modern Events Calendar Lite | 2021-03-23 | 6.5 MEDIUM | 8.8 HIGH |
| Unvalidated input in the Modern Events Calendar Lite WordPress plugin, versions before 5.16.6, did not sanitise the mec[post_id] POST parameter in the mec_fes_form AJAX action when logged in as an author+, leading to an authenticated SQL Injection issue. | |||||
| CVE-2021-27891 | 2 Microsoft, Ssh | 4 Windows, Tectia Client, Tectia Connectsecure and 1 more | 2021-03-23 | 6.5 MEDIUM | 8.8 HIGH |
| SSH Tectia Client and Server before 6.4.19 on Windows have weak key generation. ConnectSecure on Windows is affected. | |||||
| CVE-2021-22647 | 2 Luxion, Siemens | 8 Keyshot, Keyshot Network Rendering, Keyshot Viewer and 5 more | 2021-03-23 | 6.8 MEDIUM | 7.8 HIGH |
| Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are vulnerable to multiple out-of-bounds write issues while processing project files, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2021-22643 | 2 Luxion, Siemens | 8 Keyshot, Keyshot Network Rendering, Keyshot Viewer and 5 more | 2021-03-23 | 6.8 MEDIUM | 7.8 HIGH |
| Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are vulnerable to an out-of-bounds read while processing project files, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2020-35801 | 1 Netgear | 8 Gs116e, Gs116e Firmware, Jgs516pe and 5 more | 2021-03-23 | 5.5 MEDIUM | 7.3 HIGH |
| Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects JGS516PE before 2.6.0.48, JGS524Ev2 before 2.6.0.48, JGS524PE before 2.6.0.48, and GS116Ev2 before 2.6.0.48. A TFTP server was found to be active by default. It allows remote authenticated users to update the switch firmware. | |||||
| CVE-2020-35783 | 1 Netgear | 8 Gs116e, Gs116e Firmware, Jgs516pe and 5 more | 2021-03-23 | 5.0 MEDIUM | 6.5 MEDIUM |
| Certain NETGEAR devices are affected by lack of access control at the function level. This affects JGS516PE before 2.6.0.48, GS116Ev2 before 2.6.0.48, JGS524Ev2 before 2.6.0.48, and JGS524PE before 2.6.0.48. The NSDP protocol version allows unauthenticated remote attackers to obtain all the switch configuration parameters by sending the corresponding read requests. | |||||
| CVE-2021-21367 | 2 Elementary, Fedoraproject | 2 Switchboard Bluetooth Plug, Fedora | 2021-03-23 | 4.3 MEDIUM | 8.1 HIGH |
| Switchboard Bluetooth Plug for elementary OS from version 2.3.0 and before version version 2.3.5 has an incorrect authorization vulnerability. When the Bluetooth plug is running (in discoverable mode), Bluetooth service requests and pairing requests are automatically accepted, allowing physically proximate attackers to pair with a device running an affected version of switchboard-plug-bluetooth without the active consent of the user. By default, elementary OS doesn't expose any services via Bluetooth that allow information to be extracted by paired Bluetooth devices. However, if such services (i.e. contact list sharing software) have been installed, it's possible that attackers have been able to extract data from such services without authorization. If no such services have been installed, attackers are only able to pair with a device running an affected version without authorization and then play audio out of the device or possibly present a HID device (keyboard, mouse, etc...) to control the device. As such, users should check the list of trusted/paired devices and remove any that are not 100% confirmed to be genuine. This is fixed in version 2.3.5. To reduce the likelihood of this vulnerability on an unpatched version, only open the Bluetooth plug for short intervals when absolutely necessary and preferably not in crowded public areas. To mitigate the risk entirely with unpatched versions, do not open the Bluetooth plug within switchboard at all, and use a different method for pairing devices if necessary (e.g. `bluetoothctl` CLI). | |||||
| CVE-2021-24029 | 1 Facebook | 2 Mvfst, Proxygen | 2021-03-23 | 5.0 MEDIUM | 7.5 HIGH |
| A packet of death scenario is possible in mvfst via a specially crafted message during a QUIC session, which causes a crash via a failed assertion. Per QUIC specification, this particular message should be treated as a connection error. This issue affects mvfst versions prior to commit a67083ff4b8dcbb7ee2839da6338032030d712b0 and proxygen versions prior to v2021.03.15.00. | |||||
| CVE-2010-2497 | 3 Apple, Debian, Freetype | 3 Mac Os X, Debian Linux, Freetype | 2021-03-23 | 6.8 MEDIUM | N/A |
| Integer underflow in glyph handling in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. | |||||
| CVE-2010-2500 | 4 Apple, Canonical, Debian and 1 more | 4 Mac Os X, Ubuntu Linux, Debian Linux and 1 more | 2021-03-23 | 6.8 MEDIUM | N/A |
| Integer overflow in the gray_render_span function in smooth/ftgrays.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. | |||||
| CVE-2010-2519 | 4 Apple, Canonical, Debian and 1 more | 4 Mac Os X, Ubuntu Linux, Debian Linux and 1 more | 2021-03-23 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted length value in a POST fragment header in a font file. | |||||
| CVE-2010-2520 | 4 Apple, Canonical, Debian and 1 more | 4 Mac Os X, Ubuntu Linux, Debian Linux and 1 more | 2021-03-23 | 5.1 MEDIUM | N/A |
| Heap-based buffer overflow in the Ins_IUP function in truetype/ttinterp.c in FreeType before 2.4.0, when TrueType bytecode support is enabled, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. | |||||
| CVE-2021-22848 | 1 Hgiga | 4 Msr45 Isherlock-antispam, Msr45 Isherlock-user, Ssr45 Isherlock-antispam and 1 more | 2021-03-23 | 7.5 HIGH | 9.8 CRITICAL |
| HGiga MailSherlock contains a SQL Injection. Remote attackers can inject SQL syntax and execute SQL commands in a URL parameter of email pages without privilege. | |||||
| CVE-2021-22859 | 1 Eic | 1 E-document System | 2021-03-23 | 7.5 HIGH | 9.8 CRITICAL |
| The users’ data querying function of EIC e-document system does not filter the special characters which resulted in remote attackers can inject SQL syntax and execute arbitrary commands without privilege. | |||||
| CVE-2021-22860 | 1 Eic | 1 E-document System | 2021-03-23 | 7.5 HIGH | 9.8 CRITICAL |
| EIC e-document system does not perform completed identity verification for sorting and filtering personnel data. The vulnerability allows remote attacker to obtain users’ credential information without logging in the system, and further acquire the privileged permissions and execute arbitrary commends. | |||||
| CVE-2020-11192 | 1 Qualcomm | 738 Apq8009, Apq8009 Firmware, Apq8009w and 735 more | 2021-03-23 | 10.0 HIGH | 9.8 CRITICAL |
| Out of bound write while parsing SDP string due to missing check on null termination in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2021-26992 | 1 Netapp | 1 Cloud Manager | 2021-03-23 | 5.0 MEDIUM | 7.5 HIGH |
| Cloud Manager versions prior to 3.9.4 are susceptible to a vulnerability which could allow a remote attacker to cause a Denial of Service (DoS). | |||||
| CVE-2021-26991 | 1 Netapp | 1 Cloud Manager | 2021-03-23 | 5.0 MEDIUM | 7.5 HIGH |
| Cloud Manager versions prior to 3.9.4 contain an insecure Cross-Origin Resource Sharing (CORS) policy which could allow a remote attacker to interact with Cloud Manager. | |||||
| CVE-2021-26990 | 1 Netapp | 1 Cloud Manager | 2021-03-23 | 9.4 HIGH | 9.1 CRITICAL |
| Cloud Manager versions prior to 3.9.4 are susceptible to a vulnerability that could allow a remote attacker to overwrite arbitrary system files. | |||||
| CVE-2021-20628 | 2 Cybozu, Mozilla | 2 Office, Firefox | 2021-03-23 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting vulnerability in Address Book of Cybozu Office 10.0.0 to 10.8.4 allows remote attackers to inject an arbitrary script via unspecified vectors. Note that this vulnerability occurs only when using Mozilla Firefox. | |||||
| CVE-2020-11166 | 1 Qualcomm | 816 Apq8009, Apq8009 Firmware, Apq8009w and 813 more | 2021-03-23 | 6.4 MEDIUM | 9.1 CRITICAL |
| Potential out of bound read exception when UE receives unusually large number of padding octets in the beginning of ROHC header in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2021-20627 | 1 Cybozu | 1 Office | 2021-03-23 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting vulnerability in Address Book of Cybozu Office 10.0.0 to 10.8.4 allows remote attackers to inject an arbitrary script via unspecified vectors. | |||||
| CVE-2021-20632 | 1 Cybozu | 1 Office | 2021-03-23 | 4.0 MEDIUM | 4.3 MEDIUM |
| Improper access control vulnerability in Bulletin Board of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attackers to bypass access restriction and obtain the data of Bulletin Board via unspecified vectors. | |||||
| CVE-2021-20631 | 1 Cybozu | 1 Office | 2021-03-23 | 4.0 MEDIUM | 6.5 MEDIUM |
| Improper input validation vulnerability in Custom App of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attacker to alter the data of Custom App via unspecified vectors. | |||||
| CVE-2020-11171 | 1 Qualcomm | 770 Apq8009, Apq8009 Firmware, Apq8009w and 767 more | 2021-03-23 | 6.4 MEDIUM | 9.1 CRITICAL |
| Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2021-20630 | 1 Cybozu | 1 Office | 2021-03-23 | 4.0 MEDIUM | 4.3 MEDIUM |
| Improper access control vulnerability in Phone Messages of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attackers to bypass access restriction and obtain the data of Phone Messages via unspecified vectors. | |||||
| CVE-2021-20629 | 1 Cybozu | 1 Office | 2021-03-23 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting vulnerability in E-mail of Cybozu Office 10.0.0 to 10.8.4 allows remote attackers to inject an arbitrary script via unspecified vectors. | |||||
| CVE-2021-20634 | 1 Cybozu | 1 Office | 2021-03-23 | 4.0 MEDIUM | 4.3 MEDIUM |
| Improper access control vulnerability in Custom App of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attackers to bypass access restriction and obtain the date of Custom App via unspecified vectors. | |||||
| CVE-2020-11186 | 1 Qualcomm | 226 Csrb31024, Csrb31024 Firmware, Pm3003a and 223 more | 2021-03-23 | 2.1 LOW | 5.5 MEDIUM |
| Modem will enter into busy mode in an infinite loop while parsing histogram dimension due to improper validation of input received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile | |||||
| CVE-2020-13924 | 1 Apache | 1 Ambari | 2021-03-23 | 5.0 MEDIUM | 7.5 HIGH |
| In Apache Ambari versions 2.6.2.2 and earlier, malicious users can construct file names for directory traversal and traverse to other directories to download files. | |||||
| CVE-2021-3406 | 2 Fedoraproject, Keylime | 2 Fedora, Keylime | 2021-03-23 | 7.5 HIGH | 9.8 CRITICAL |
| A flaw was found in keylime 5.8.1 and older. The issue in the Keylime agent and registrar code invalidates the cryptographic chain of trust from the Endorsement Key certificate to agent attestations. | |||||
| CVE-2019-12457 | 1 Afian | 1 Filerun | 2021-03-23 | 5.0 MEDIUM | 5.3 MEDIUM |
| FileRun 2019.05.21 allows images/extjs Directory Listing. This issue has been fixed in FileRun 2019.06.01. | |||||
| CVE-2019-12458 | 1 Afian | 1 Filerun | 2021-03-23 | 5.0 MEDIUM | 5.3 MEDIUM |
| FileRun 2019.05.21 allows css/ext-ux Directory Listing. This issue has been fixed in FileRun 2019.06.01. | |||||
| CVE-2019-12459 | 1 Afian | 1 Filerun | 2021-03-23 | 5.0 MEDIUM | 5.3 MEDIUM |
| FileRun 2019.05.21 allows customizables/plugins/audio_player Directory Listing. This issue has been fixed in FileRun 2019.06.01. | |||||