Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-4719 | 1 Ibm | 1 Cloud Application Performance Management | 2021-03-09 | 4.0 MEDIUM | 4.9 MEDIUM |
| The IBM Cloud APM 8.1.4 server will issue a DNS request to resolve any hostname specified in the Cloud Event Management Webhook URL configuration definition. This could enable an authenticated user with admin authorization to create DNS query strings that are not hostnames. IBM X-Force ID: 187861. | |||||
| CVE-2021-21321 | 1 Fastify-reply-from Project | 1 Fastify-reply-from | 2021-03-09 | 7.5 HIGH | 10.0 CRITICAL |
| fastify-reply-from is an npm package which is a fastify plugin to forward the current http request to another server. In fastify-reply-from before version 4.0.2, by crafting a specific URL, it is possible to escape the prefix of the proxied backend service. If the base url of the proxied server is "/pub/", a user expect that accessing "/priv" on the target service would not be possible. In affected versions, it is possible. This is fixed in version 4.0.2. | |||||
| CVE-2021-23345 | 1 Thecodingmachine | 1 Gotenberg | 2021-03-09 | 5.0 MEDIUM | 5.3 MEDIUM |
| All versions of package github.com/thecodingmachine/gotenberg are vulnerable to Server-side Request Forgery (SSRF) via the /convert/html endpoint when the src attribute of an HTML element refers to an internal system file, such as <iframe src='file:///etc/passwd'>. | |||||
| CVE-2021-20442 | 2 Ibm, Microsoft | 2 Security Verify Bridge, Windows | 2021-03-08 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Security Verify Bridge contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 196618. | |||||
| CVE-2021-20441 | 2 Ibm, Microsoft | 2 Security Verify Bridge, Windows | 2021-03-08 | 4.3 MEDIUM | 5.9 MEDIUM |
| IBM Security Verify Bridge uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 196617. | |||||
| CVE-2021-27318 | 1 Doctor Appointment System Project | 1 Doctor Appointment System | 2021-03-08 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in contactus.php in Doctor Appointment System 1.0 allows remote attackers to inject arbitrary web script or HTML via the lastname parameter. | |||||
| CVE-2021-27317 | 1 Doctor Appointment System Project | 1 Doctor Appointment System | 2021-03-08 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in contactus.php in Doctor Appointment System 1.0 allows remote attackers to inject arbitrary web script or HTML via the comment parameter. | |||||
| CVE-2020-11272 | 1 Qualcomm | 696 Apq8009, Apq8009 Firmware, Apq8009w and 693 more | 2021-03-08 | 10.0 HIGH | 9.8 CRITICAL |
| Before enqueuing a frame to the PE queue for further processing, an entry in a hash table can be deleted and using a stale version later can lead to use after free condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2020-11275 | 1 Qualcomm | 942 Apq8009, Apq8009 Firmware, Apq8017 and 939 more | 2021-03-08 | 9.4 HIGH | 9.1 CRITICAL |
| Possible buffer over-read while parsing quiet IE in Rx beacon frame due to improper check of IE length in received beacon in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2020-23518 | 1 Ultimatekode | 1 Neo Billing | 2021-03-08 | 3.5 LOW | 5.4 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in UltimateKode Neo Billing - Accounting, Invoicing And CRM Software up to version 3.5 which allows remote attackers to inject arbitrary web script or HTML. | |||||
| CVE-2020-4725 | 1 Ibm | 1 Cloud Application Performance Management | 2021-03-08 | 3.5 LOW | 3.5 LOW |
| IBM Monitoring (IBM Cloud APM 8.1.4 ) could allow an authenticated user to modify HTML content by sending a specially crafted HTTP request to the APM UI, which could mislead another user. IBM X-Force ID: 187974. | |||||
| CVE-2020-4726 | 1 Ibm | 1 Cloud Application Performance Management | 2021-03-08 | 2.1 LOW | 3.3 LOW |
| The IBM Application Performance Monitoring UI (IBM Cloud APM 8.1.4) allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 187975. | |||||
| CVE-2020-11269 | 1 Qualcomm | 1074 Apq8009, Apq8009 Firmware, Apq8009w and 1071 more | 2021-03-08 | 8.3 HIGH | 8.8 HIGH |
| Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-21515 | 1 Dell | 1 Emc Sourceone | 2021-03-08 | 3.5 LOW | 5.4 MEDIUM |
| Dell EMC SourceOne, versions 7.2SP10 and prior, contain a Stored Cross-Site Scripting vulnerability. A remote low privileged attacker may potentially exploit this vulnerability, to hijack user sessions or to trick a victim application user to unknowingly send arbitrary requests to the server. | |||||
| CVE-2021-21320 | 1 Matrix-react-sdk Project | 1 Matrix-react-sdk | 2021-03-08 | 4.3 MEDIUM | 4.3 MEDIUM |
| matrix-react-sdk is an npm package which is a Matrix SDK for React Javascript. In matrix-react-sdk before version 3.15.0, the user content sandbox can be abused to trick users into opening unexpected documents. The content is opened with a `blob` origin that cannot access Matrix user data, so messages and secrets are not at risk. This has been fixed in version 3.15.0. | |||||
| CVE-2021-2138 | 1 Oracle | 1 Cloud Infrastructure Data Science | 2021-03-08 | 4.1 MEDIUM | 4.6 MEDIUM |
| Vulnerability in the Oracle Cloud Infrastructure Data Science Notebook Sessions. Easily exploitable vulnerability allows low privileged attacker with access to the physical communication segment attached to the hardware where the Oracle Cloud Infrastructure Data Science Notebook Sessions executes to compromise Oracle Cloud Infrastructure Data Science Notebook Sessions. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Cloud Infrastructure Data Science Notebook Sessions accessible data as well as unauthorized read access to a subset of Oracle Cloud Infrastructure Data Science Notebook Sessions accessible data. All affected customers were notified of CVE-2021-2138 by Oracle. CVSS 3.1 Base Score 4.6 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N) | |||||
| CVE-2021-21136 | 2 Google, Microsoft | 3 Android, Chrome, Edge Chromium | 2021-03-08 | 4.3 MEDIUM | 6.5 MEDIUM |
| Insufficient policy enforcement in WebView in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||||
| CVE-2021-21134 | 3 Apple, Google, Microsoft | 3 Iphone Os, Chrome, Edge Chromium | 2021-03-08 | 4.3 MEDIUM | 6.5 MEDIUM |
| Incorrect security UI in Page Info in Google Chrome on iOS prior to 88.0.4324.96 allowed a remote attacker to spoof security UI via a crafted HTML page. | |||||
| CVE-2021-21135 | 2 Google, Microsoft | 2 Chrome, Edge Chromium | 2021-03-08 | 4.3 MEDIUM | 6.5 MEDIUM |
| Inappropriate implementation in Performance API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||||
| CVE-2021-21132 | 2 Google, Microsoft | 2 Chrome, Edge Chromium | 2021-03-08 | 6.8 MEDIUM | 9.6 CRITICAL |
| Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted Chrome Extension. | |||||
| CVE-2021-21120 | 2 Google, Microsoft | 2 Chrome, Edge Chromium | 2021-03-08 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in WebSQL in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-21124 | 2 Google, Microsoft | 2 Chrome, Edge Chromium | 2021-03-08 | 6.8 MEDIUM | 9.6 CRITICAL |
| Potential user after free in Speech Recognizer in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | |||||
| CVE-2021-21121 | 2 Google, Microsoft | 2 Chrome, Edge Chromium | 2021-03-08 | 6.8 MEDIUM | 9.6 CRITICAL |
| Use after free in Omnibox in Google Chrome on Linux prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | |||||
| CVE-2021-21122 | 2 Google, Microsoft | 2 Chrome, Edge Chromium | 2021-03-08 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-21123 | 2 Google, Microsoft | 2 Chrome, Edge Chromium | 2021-03-08 | 4.3 MEDIUM | 6.5 MEDIUM |
| Insufficient data validation in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. | |||||
| CVE-2021-21119 | 2 Google, Microsoft | 2 Chrome, Edge Chromium | 2021-03-08 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Media in Google Chrome prior to 88.0.4324.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-21517 | 1 Dell | 1 Emc Srs Policy Manager | 2021-03-08 | 6.4 MEDIUM | 7.2 HIGH |
| SRS Policy Manager 6.X is affected by an XML External Entity Injection (XXE) vulnerability due to a misconfigured XML parser that processes user-supplied DTD input without sufficient validation. A remote unauthenticated attacker can potentially exploit this vulnerability to read system files as a non-root user and may be able to temporarily disrupt the ESRS service. | |||||
| CVE-2018-25004 | 1 Mongodb | 1 Mongodb | 2021-03-08 | 4.0 MEDIUM | 4.9 MEDIUM |
| A user authorized to performing a specific type of query may trigger a denial of service by issuing a generic explain command on a find query. This issue affects: MongoDB Inc. MongoDB Server v4.0 versions prior to 4.0.6; MongoDB Server v3.6 versions prior to 3.6.11. | |||||
| CVE-2020-13408 | 1 Tufin | 1 Securetrack | 2021-03-08 | 2.3 LOW | 5.9 MEDIUM |
| Tufin SecureTrack < R20-2 GA contains reflected + stored XSS (as in, the value is reflected back to the user, but is also stored within the DB and can be later triggered again by the same victim, or also later by different users). Both stored, and reflected payloads are triggerable by admin, so malicious non-authenticated user could get admin level access. Even malicious low-privileged user can inject XSS, which can be executed by admin, potentially elevating privileges and obtaining admin access. (issue 2 of 3) | |||||
| CVE-2020-13409 | 1 Tufin | 1 Securetrack | 2021-03-08 | 2.3 LOW | 5.9 MEDIUM |
| Tufin SecureTrack < R20-2 GA contains reflected + stored XSS (as in, the value is reflected back to the user, but is also stored within the DB and can be later triggered again by the same victim, or also later by different users). Both stored, and reflected payloads are triggerable by admin, so malicious non-authenticated user could get admin level access. Even malicious low-privileged user can inject XSS, which can be executed by admin, potentially elevating privileges and obtaining admin access. (issue 3 of 3) | |||||
| CVE-2020-13407 | 1 Tufin | 1 Securetrack | 2021-03-08 | 2.3 LOW | 5.9 MEDIUM |
| Tufin SecureTrack < R20-2 GA contains reflected + stored XSS (as in, the value is reflected back to the user, but is also stored within the DB and can be later triggered again by the same victim, or also later by different users). Both stored, and reflected payloads are triggerable by admin, so malicious non-authenticated user could get admin level access. Even malicious low-privileged user can inject XSS, which can be executed by admin, potentially elevating privileges and obtaining admin access. (issue 1 of 3) | |||||
| CVE-2021-27904 | 1 Misp | 1 Misp | 2021-03-08 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered in app/Model/SharingGroupServer.php in MISP 2.4.139. In the implementation of Sharing Groups, the "all org" flag sometimes provided view access to unintended actors. | |||||
| CVE-2021-27901 | 1 Google | 1 Android | 2021-03-08 | 4.6 MEDIUM | 6.8 MEDIUM |
| An issue was discovered on LG mobile devices with Android OS 11 software. They mishandle fingerprint recognition because local high beam mode (LHBM) does not function properly during bright illumination. The LG ID is LVE-SMP-210001 (March 2021). | |||||
| CVE-2021-27876 | 1 Veritas | 1 Backup Exec | 2021-03-08 | 7.5 HIGH | 8.1 HIGH |
| An issue was discovered in Veritas Backup Exec before 21.2. The communication between a client and an Agent requires successful authentication, which is typically completed over a secure TLS communication. However, due to a vulnerability in the SHA Authentication scheme, an attacker is able to gain unauthorized access and complete the authentication process. Subsequently, the client can execute data management protocol commands on the authenticated connection. By using crafted input parameters in one of these commands, an attacker can access an arbitrary file on the system using System privileges. | |||||
| CVE-2021-27877 | 1 Veritas | 1 Backup Exec | 2021-03-08 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Veritas Backup Exec before 21.2. It supports multiple authentication schemes: SHA authentication is one of these. This authentication scheme is no longer used in current versions of the product, but hadn't yet been disabled. An attacker could remotely exploit this scheme to gain unauthorized access to an Agent and execute privileged commands. | |||||
| CVE-2021-21322 | 1 Fastify-http-proxy Project | 1 Fastify-http-proxy | 2021-03-08 | 7.5 HIGH | 9.8 CRITICAL |
| fastify-http-proxy is an npm package which is a fastify plugin for proxying your http requests to another server, with hooks. By crafting a specific URL, it is possible to escape the prefix of the proxied backend service. If the base url of the proxied server is `/pub/`, a user expect that accessing `/priv` on the target service would not be possible. In affected versions, it is possible. This is fixed in version 4.3.1. | |||||
| CVE-2021-27878 | 1 Veritas | 1 Backup Exec | 2021-03-08 | 9.0 HIGH | 8.8 HIGH |
| An issue was discovered in Veritas Backup Exec before 21.2. The communication between a client and an Agent requires successful authentication, which is typically completed over a secure TLS communication. However, due to a vulnerability in the SHA Authentication scheme, an attacker is able to gain unauthorized access and complete the authentication process. Subsequently, the client can execute data management protocol commands on the authenticated connection. The attacker could use one of these commands to execute an arbitrary command on the system using system privileges. | |||||
| CVE-2021-27884 | 1 Ymfe | 1 Yapi | 2021-03-08 | 3.6 LOW | 5.1 MEDIUM |
| Weak JSON Web Token (JWT) signing secret generation in YMFE YApi through 1.9.2 allows recreation of other users' JWT tokens. This occurs because Math.random in Node.js is used. | |||||
| CVE-2020-0465 | 1 Google | 1 Android | 2021-03-08 | 7.2 HIGH | 6.8 MEDIUM |
| In various methods of hid-multitouch.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-162844689References: Upstream kernel | |||||
| CVE-2020-27817 | 2021-03-08 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. | |||||
| CVE-2020-9479 | 1 Apache | 1 Asterixdb | 2021-03-08 | 4.3 MEDIUM | 5.5 MEDIUM |
| When loading a UDF, a specially crafted zip file could allow files to be placed outside of the UDF deployment directory. This issue affected Apache AsterixDB unreleased builds between commits 580b81aa5e8888b8e1b0620521a1c9680e54df73 and 28c0ee84f1387ab5d0659e9e822f4e3923ddc22d. Note: this CVE may be REJECTed as the issue did not affect any released versions of Apache AsterixDB | |||||
| CVE-2021-25306 | 1 Gigaset | 2 Dx600a, Dx600a Firmware | 2021-03-08 | 7.8 HIGH | 7.5 HIGH |
| A buffer overflow vulnerability in the AT command interface of Gigaset DX600A v41.00-175 devices allows remote attackers to force a device reboot by sending relatively long AT commands. | |||||
| CVE-2020-7929 | 1 Mongodb | 1 Mongodb | 2021-03-08 | 4.0 MEDIUM | 6.5 MEDIUM |
| A user authorized to perform database queries may trigger denial of service by issuing specially crafted query contain a type of regex. This issue affects: MongoDB Inc. MongoDB Server v3.6 versions prior to 3.6.21 and MongoDB Server v4.0 versions prior to 4.0.20. | |||||
| CVE-2021-3195 | 1 Bitcoin | 1 Bitcoin Core | 2021-03-08 | 5.0 MEDIUM | 7.5 HIGH |
| ** DISPUTED ** bitcoind in Bitcoin Core through 0.21.0 can create a new file in an arbitrary directory (e.g., outside the ~/.bitcoin directory) via a dumpwallet RPC call. NOTE: this reportedly does not violate the security model of Bitcoin Core, but can violate the security model of a fork that has implemented dumpwallet restrictions. | |||||
| CVE-2020-29529 | 1 Hashicorp | 1 Go-slug | 2021-03-08 | 5.0 MEDIUM | 7.5 HIGH |
| HashiCorp go-slug up to 0.4.3 did not fully protect against directory traversal while unpacking tar archives, and protections could be bypassed with specific constructions of multiple symlinks. Fixed in 0.5.0. | |||||
| CVE-2020-13848 | 2 Debian, Libupnp Project | 2 Debian Linux, Libupnp | 2021-03-08 | 5.0 MEDIUM | 7.5 HIGH |
| Portable UPnP SDK (aka libupnp) 1.12.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath and FindServiceEventURLPath in genlib/service_table/service_table.c. | |||||
| CVE-2019-25008 | 2021-03-07 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-25574. Reason: This candidate is a duplicate of CVE-2020-25574. Notes: All CVE users should reference CVE-2020-25574 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
| CVE-2021-27731 | 1 Accellion | 1 Fta | 2021-03-05 | 4.3 MEDIUM | 6.1 MEDIUM |
| Accellion FTA 9_12_432 and earlier is affected by stored XSS via a crafted POST request to a user endpoint. The fixed version is FTA_9_12_444 and later. | |||||
| CVE-2021-23127 | 1 Joomla | 1 Joomla\! | 2021-03-05 | 6.4 MEDIUM | 9.1 CRITICAL |
| An issue was discovered in Joomla! 3.2.0 through 3.9.24. Usage of an insufficient length for the 2FA secret accoring to RFC 4226 of 10 bytes vs 20 bytes. | |||||
| CVE-2021-23128 | 1 Joomla | 1 Joomla\! | 2021-03-05 | 6.4 MEDIUM | 9.1 CRITICAL |
| An issue was discovered in Joomla! 3.2.0 through 3.9.24. The core shipped but unused randval implementation within FOF (FOFEncryptRandval) used an potential insecure implemetation. That has now been replaced with a call to 'random_bytes()' and its backport that is shipped within random_compat. | |||||