Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-45643 | 1 Netgear | 6 R6400v2, R6400v2 Firmware, R6700v3 and 3 more | 2022-01-05 | 3.3 LOW | 6.5 MEDIUM |
| Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, and XR1000 before 1.0.0.58. | |||||
| CVE-2021-45515 | 1 Netgear | 24 Ex7500, Ex7500 Firmware, Rbk752 and 21 more | 2022-01-05 | 3.3 LOW | 6.5 MEDIUM |
| Certain NETGEAR devices are affected by denial of service. This affects EX7500 before 1.0.0.72, RBS40V before 2.6.1.4, RBW30 before 2.6.1.4, RBRE960 before 6.0.3.68, RBSE960 before 6.0.3.68, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, and RBK852 before 3.2.17.12. | |||||
| CVE-2021-45717 | 1 Rusqlite Project | 1 Rusqlite | 2022-01-05 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. commit_hook has a use-after-free. | |||||
| CVE-2021-45718 | 1 Rusqlite Project | 1 Rusqlite | 2022-01-05 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. rollback_hook has a use-after-free. | |||||
| CVE-2021-45516 | 1 Netgear | 16 R6400, R6400 Firmware, R6900p and 13 more | 2022-01-05 | 2.7 LOW | 4.5 MEDIUM |
| Certain NETGEAR devices are affected by denial of service. This affects R6400 before 1.0.1.70, R7000 before 1.0.11.126, R6900P before 1.3.3.140, R7000P before 1.3.3.140, R8000 before 1.0.4.74, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11. | |||||
| CVE-2021-45719 | 1 Rusqlite Project | 1 Rusqlite | 2022-01-05 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. update_hook has a use-after-free. | |||||
| CVE-2021-36316 | 1 Dell | 1 Emc Avamar Server | 2022-01-05 | 6.5 MEDIUM | 7.2 HIGH |
| Dell EMC Avamar Server versions 18.2, 19.1, 19.2, 19.3, and 19.4 contain an improper privilege management vulnerability in AUI. A malicious user with high privileges could potentially exploit this vulnerability, leading to the disclosure of the AUI info and performing some unauthorized operation on the AUI. | |||||
| CVE-2021-45520 | 1 Netgear | 6 Rbk352, Rbk352 Firmware, Rbr350 and 3 more | 2022-01-05 | 5.8 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by a hardcoded password. This affects RBK352 before 4.4.0.10, RBR350 before 4.4.0.10, and RBS350 before 4.4.0.10. | |||||
| CVE-2021-45521 | 1 Netgear | 6 Rbk352, Rbk352 Firmware, Rbr350 and 3 more | 2022-01-05 | 3.3 LOW | 6.5 MEDIUM |
| Certain NETGEAR devices are affected by a hardcoded password. This affects RBK352 before 4.4.0.10, RBR350 before 4.4.0.10, and RBS350 before 4.4.0.10. | |||||
| CVE-2021-45533 | 1 Netgear | 18 Ex3700, Ex3700 Firmware, Ex3800 and 15 more | 2022-01-05 | 5.2 MEDIUM | 6.8 MEDIUM |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects EX6120 before 1.0.0.66, EX6130 before 1.0.0.46, EX7000 before 1.0.1.106, EX7500 before 1.0.1.76, EX3700 before 1.0.0.94, EX3800 before 1.0.0.94, RBR850 before 4.6.3.9, RBS850 before 4.6.3.9, and RBK852 before 4.6.3.9. | |||||
| CVE-2021-45536 | 1 Netgear | 16 Rax75, Rax75 Firmware, Rax80 and 13 more | 2022-01-05 | 5.2 MEDIUM | 6.8 MEDIUM |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RAX75 before 1.0.3.106, RAX80 before 1.0.3.106, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6. | |||||
| CVE-2018-25024 | 1 Actix | 1 Actix-web | 2022-01-05 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly coerce an immutable reference into a mutable reference, leading to memory corruption. | |||||
| CVE-2018-25025 | 1 Actix | 1 Actix-web | 2022-01-05 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly extend the lifetime of a string, leading to memory corruption. | |||||
| CVE-2018-25026 | 1 Actix | 1 Actix-web | 2022-01-05 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can add the Send marker trait to an object that cannot be sent between threads safely, leading to memory corruption. | |||||
| CVE-2018-25027 | 1 Libpulse-binding Project | 1 Libpulse-binding | 2022-01-05 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the libpulse-binding crate before 1.2.1 for Rust. get_format_info can cause a use-after-free. | |||||
| CVE-2021-43839 | 1 Crypto | 3 Cronos, Ethermint, Evmos | 2022-01-05 | 5.0 MEDIUM | 7.5 HIGH |
| Cronos is a commercial implementation of a blockchain. In Cronos nodes running versions before v0.6.5, it is possible to take transaction fees from Cosmos SDK's FeeCollector for the current block by sending a custom crafted MsgEthereumTx. This problem has been patched in Cronos v0.6.5. There are no tested workarounds. All validator node operators are recommended to upgrade to Cronos v0.6.5 at their earliest possible convenience. | |||||
| CVE-2021-45673 | 1 Netgear | 16 R6900p, R6900p Firmware, R7000 and 13 more | 2022-01-05 | 3.5 LOW | 5.4 MEDIUM |
| Certain NETGEAR devices are affected by stored XSS. This affects R7000 before 1.0.11.110, R7900 before 1.0.4.30, R8000 before 1.0.4.62, RAX200 before 1.0.3.106, R7000P before 1.3.3.140, RAX80 before 1.0.3.106, R6900P before 1.3.3.140, and RAX75 before 1.0.3.106. | |||||
| CVE-2021-45674 | 1 Netgear | 16 R7000, R7000 Firmware, R7900 and 13 more | 2022-01-05 | 3.5 LOW | 4.8 MEDIUM |
| Certain NETGEAR devices are affected by stored XSS. This affects R7000 before 1.0.11.110, R7900 before 1.0.4.30, R8000 before 1.0.4.62, RAX15 before 1.0.2.82, RAX20 before 1.0.2.82, RAX200 before 1.0.3.106, RAX75 before 1.0.3.106, and RAX80 before 1.0.3.106. | |||||
| CVE-2021-36318 | 1 Dell | 1 Emc Avamar Server | 2022-01-05 | 4.6 MEDIUM | 6.7 MEDIUM |
| Dell EMC Avamar versions 18.2,19.1,19.2,19.3,19.4 contain a plain-text password storage vulnerability. A high privileged user could potentially exploit this vulnerability, leading to a complete outage. | |||||
| CVE-2018-25028 | 1 Libpulse-binding Project | 1 Libpulse-binding | 2022-01-05 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the libpulse-binding crate before 1.2.1 for Rust. get_context can cause a use-after-free. | |||||
| CVE-2021-43587 | 1 Dell | 1 Powerpath Management Appliance | 2022-01-05 | 7.2 HIGH | 6.7 MEDIUM |
| Dell PowerPath Management Appliance, versions 3.2, 3.1, 3.0 P01, 3.0, and 2.6, use hard-coded cryptographic key. A local high-privileged malicious user may potentially exploit this vulnerability to gain access to secrets and elevate to gain higher privileges. | |||||
| CVE-2021-36350 | 1 Dell | 1 Powerscale Onefs | 2022-01-05 | 5.0 MEDIUM | 7.5 HIGH |
| Dell PowerScale OneFS, versions 8.2.2-9.3.0.x, contain an authentication bypass by primary weakness in one of the authentication factors. A remote unauthenticated attacker may potentially exploit this vulnerability and bypass one of the factors of authentication. | |||||
| CVE-2021-1406 | 1 Cisco | 1 Unified Communications Manager | 2022-01-05 | 4.0 MEDIUM | 4.9 MEDIUM |
| A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability is due to improper inclusion of sensitive information in downloadable files. An attacker could exploit this vulnerability by authenticating to an affected device and issuing a specific set of commands. A successful exploit could allow the attacker to obtain hashed credentials of system users. To exploit this vulnerability an attacker would need to have valid user credentials with elevated privileges. | |||||
| CVE-2021-45676 | 1 Netgear | 10 Rax15, Rax15 Firmware, Rax20 and 7 more | 2022-01-05 | 3.5 LOW | 4.8 MEDIUM |
| Certain NETGEAR devices are affected by stored XSS. This affects RAX200 before 1.0.5.126, RAX20 before 1.0.2.82, RAX80 before 1.0.5.126, RAX15 before 1.0.2.82, and RAX75 before 1.0.5.126. | |||||
| CVE-2021-45677 | 1 Netgear | 4 Gs108t, Gs108t Firmware, Gs110tp and 1 more | 2022-01-05 | 4.3 MEDIUM | 6.1 MEDIUM |
| Certain NETGEAR devices are affected by stored XSS. This affects GS108Tv2 before 5.4.2.36 and GS110TPv2 before 5.4.2.36. | |||||
| CVE-2021-45664 | 1 Netgear | 2 R7000, R7000 Firmware | 2022-01-05 | 3.5 LOW | 4.8 MEDIUM |
| NETGEAR R7000 devices before 1.0.11.126 are affected by stored XSS. | |||||
| CVE-2021-45678 | 1 Netgear | 2 Rax200, Rax200 Firmware | 2022-01-05 | 7.5 HIGH | 9.8 CRITICAL |
| NETGEAR RAX200 devices before 1.0.5.132 are affected by insecure code. | |||||
| CVE-2021-45514 | 1 Netgear | 2 Xr1000, Xr1000 Firmware | 2022-01-05 | 5.8 MEDIUM | 8.8 HIGH |
| NETGEAR XR1000 devices before 1.0.0.58 are affected by command injection by an unauthenticated attacker. | |||||
| CVE-2021-45538 | 1 Netgear | 16 Rax75, Rax75 Firmware, Rax80 and 13 more | 2022-01-04 | 5.2 MEDIUM | 6.8 MEDIUM |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RAX75 before 1.0.3.106, RAX80 before 1.0.3.106, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6. | |||||
| CVE-2021-45545 | 1 Netgear | 22 R7850, R7850 Firmware, R7900p and 19 more | 2022-01-04 | 5.2 MEDIUM | 6.8 MEDIUM |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7850 before 1.0.5.74, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, RAX200 before 1.0.4.120, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12. | |||||
| CVE-2021-45542 | 1 Netgear | 12 Rax200, Rax200 Firmware, Rax75 and 9 more | 2022-01-04 | 5.2 MEDIUM | 6.8 MEDIUM |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RAX200 before 1.0.4.120, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12. | |||||
| CVE-2021-45552 | 1 Netgear | 14 D7800, D7800 Firmware, R7500v2 and 11 more | 2022-01-04 | 6.5 MEDIUM | 7.2 HIGH |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.58, R7500v2 before 1.0.3.48, R7800 before 1.0.2.68, R8900 before 1.0.5.2, R9000 before 1.0.5.2, RAX120 before 1.0.1.108, and XR700 before 1.0.1.20. | |||||
| CVE-2021-45554 | 1 Netgear | 14 R6400, R6400 Firmware, R6400v2 and 11 more | 2022-01-04 | 5.2 MEDIUM | 6.8 MEDIUM |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R6400 before 1.0.1.74, R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R7000 before 1.0.11.126, R6900P before 1.3.3.140, R7000P before 1.3.3.140, and R8000 before 1.0.4.74. | |||||
| CVE-2021-45553 | 1 Netgear | 6 R6900p, R6900p Firmware, R7000 and 3 more | 2022-01-04 | 6.5 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7000 before 1.0.11.126, R6900P before 1.3.2.126, and R7000P before 1.3.2.126. | |||||
| CVE-2021-45653 | 1 Netgear | 6 Rbk352, Rbk352 Firmware, Rbr350 and 3 more | 2022-01-04 | 5.0 MEDIUM | 7.5 HIGH |
| Certain NETGEAR devices are affected by disclosure of sensitive information. This affects RBK352 before 4.4.0.10, RBR350 before 4.4.0.10, and RBS350 before 4.4.0.10. | |||||
| CVE-2021-45652 | 1 Netgear | 6 Rbk352, Rbk352 Firmware, Rbr350 and 3 more | 2022-01-04 | 5.0 MEDIUM | 7.5 HIGH |
| Certain NETGEAR devices are affected by disclosure of sensitive information. This affects RBK352 before 4.4.0.10, RBR350 before 4.4.0.10, and RBS350 before 4.4.0.10. | |||||
| CVE-2021-45651 | 1 Netgear | 6 Rbk50, Rbk50 Firmware, Rbr50 and 3 more | 2022-01-04 | 5.0 MEDIUM | 7.5 HIGH |
| Certain NETGEAR devices are affected by disclosure of sensitive information. This affects RBK50 before 2.7.3.22, RBR50 before 2.7.3.22, and RBS50 before 2.7.3.22. | |||||
| CVE-2021-45555 | 1 Netgear | 6 R7900p, R7900p Firmware, R7960p and 3 more | 2022-01-04 | 6.5 MEDIUM | 6.8 MEDIUM |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7900P before 1.4.2.84, R7960P before 1.4.2.84, and R8000P before 1.4.2.84. | |||||
| CVE-2021-45654 | 1 Netgear | 2 Xr1000, Xr1000 Firmware | 2022-01-04 | 5.0 MEDIUM | 7.5 HIGH |
| NETGEAR XR1000 devices before 1.0.0.58 are affected by disclosure of sensitive information. | |||||
| CVE-2021-45627 | 1 Netgear | 8 Cbr750, Cbr750 Firmware, Rbk852 and 5 more | 2022-01-04 | 7.5 HIGH | 9.8 CRITICAL |
| Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12. | |||||
| CVE-2021-45625 | 1 Netgear | 6 R6900p, R6900p Firmware, R7000p and 3 more | 2022-01-04 | 7.5 HIGH | 9.8 CRITICAL |
| Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects XR300 before 1.0.3.68, R7000P before 1.3.3.140, and R6900P before 1.3.3.140. | |||||
| CVE-2021-45600 | 1 Netgear | 8 Cbr750, Cbr750 Firmware, Rbk852 and 5 more | 2022-01-04 | 6.5 MEDIUM | 7.2 HIGH |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects CBR750 before 4.6.3.6, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12. | |||||
| CVE-2021-20050 | 1 Sonicwall | 12 Sma100, Sma200, Sma210 and 9 more | 2022-01-04 | 5.0 MEDIUM | 7.5 HIGH |
| An Improper Access Control Vulnerability in the SMA100 series leads to multiple restricted management APIs being accessible without a user login, potentially exposing configuration meta-data. | |||||
| CVE-2021-45522 | 1 Netgear | 2 Xr1000, Xr1000 Firmware | 2022-01-04 | 7.5 HIGH | 8.8 HIGH |
| NETGEAR XR1000 devices before 1.0.0.58 are affected by a hardcoded password. | |||||
| CVE-2021-45537 | 1 Netgear | 17 Rax200, Rax200 Firmware, Rax75 and 14 more | 2022-01-04 | 5.2 MEDIUM | 6.8 MEDIUM |
| Certain NETGEAR devices are affected by command injection by an authenticated user . This affects RAX200 before 1.0.3.106, RAX75 before 1.0.3.106, RAX80 before 1.0.3.106, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6. | |||||
| CVE-2021-45535 | 1 Netgear | 17 Rax200, Rax200 Firmware, Rax75 and 14 more | 2022-01-04 | 5.2 MEDIUM | 6.8 MEDIUM |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RAX200 before 1.0.3.106, RAX80 before 1.0.3.106, RAX75 before 1.0.3.106, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6. | |||||
| CVE-2021-45576 | 1 Netgear | 12 Rbk752, Rbk752 Firmware, Rbk852 and 9 more | 2022-01-04 | 5.2 MEDIUM | 6.8 MEDIUM |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6. | |||||
| CVE-2021-45575 | 1 Netgear | 12 Rbk752, Rbk752 Firmware, Rbk852 and 9 more | 2022-01-04 | 5.2 MEDIUM | 6.8 MEDIUM |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6. | |||||
| CVE-2021-45574 | 1 Netgear | 12 Rbk752, Rbk752 Firmware, Rbk852 and 9 more | 2022-01-04 | 5.2 MEDIUM | 6.8 MEDIUM |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6. | |||||
| CVE-2021-45577 | 1 Netgear | 12 Rbk752, Rbk752 Firmware, Rbk852 and 9 more | 2022-01-04 | 5.2 MEDIUM | 6.8 MEDIUM |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6. | |||||