Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-45904 | 1 Openwrt | 1 Openwrt | 2022-01-03 | 3.5 LOW | 5.4 MEDIUM |
| OpenWrt 21.02.1 allows XSS via the Port Forwards Add Name screen. | |||||
| CVE-2020-20946 | 1 Qibosoft | 1 Qibosoft | 2022-01-03 | 3.5 LOW | 5.4 MEDIUM |
| Qibosoft v7 contains a stored cross-site scripting (XSS) vulnerability in the component /admin/index.php?lfj=friendlink&action=add. | |||||
| CVE-2021-45905 | 1 Openwrt | 1 Openwrt | 2022-01-03 | 3.5 LOW | 5.4 MEDIUM |
| OpenWrt 21.02.1 allows XSS via the Traffic Rules Name screen. | |||||
| CVE-2021-45906 | 1 Openwrt | 1 Openwrt | 2022-01-03 | 3.5 LOW | 5.4 MEDIUM |
| OpenWrt 21.02.1 allows XSS via the NAT Rules Name screen. | |||||
| CVE-2021-44541 | 1 Privoxy | 1 Privoxy | 2022-01-03 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability was found in Privoxy which was fixed in process_encrypted_request_headers() by freeing header memory when failing to get the request destination. | |||||
| CVE-2021-43842 | 1 Requarks | 1 Wiki.js | 2022-01-03 | 3.5 LOW | 5.4 MEDIUM |
| Wiki.js is a wiki app built on Node.js. Wiki.js versions 2.5.257 and earlier are vulnerable to stored cross-site scripting through a SVG file upload. By creating a crafted SVG file, a malicious Wiki.js user may stage a stored cross-site scripting attack. This allows the attacker to execute malicious JavaScript when the SVG is viewed directly by other users. Scripts do not execute when loaded inside a page via normal `<img>` tags. Commit 5d3e81496fba1f0fbd64eeb855f30f69a9040718 fixes this vulnerability by adding an optional (enabled by default) SVG sanitization step to all file uploads that match the SVG mime type. As a workaround, disable file upload for all non-trusted users. Wiki.js version 2.5.260 is the first production version to contain a patch. Version 2.5.258 is the first development build to contain a patch and is available only as a Docker image as requarks/wiki:canary-2.5.258. | |||||
| CVE-2021-3860 | 1 Jfrog | 1 Artifactory | 2022-01-03 | 6.5 MEDIUM | 8.8 HIGH |
| JFrog Artifactory before 7.25.4 (Enterprise+ deployments only), is vulnerable to Blind SQL Injection by a low privileged authenticated user due to incomplete validation when performing an SQL query. | |||||
| CVE-2021-44029 | 1 Quest | 1 Kace Desktop Authority | 2022-01-03 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Quest KACE Desktop Authority before 11.2. This vulnerability allows attackers to execute remote code through a deserialization exploitation in the RadAsyncUpload function of ASP.NET AJAX. An attacker can leverage this vulnerability when the encryption keys are known (due to the presence of CVE-2017-11317, CVE-2017-11357, or other means). A default setting for the type whitelisting feature in more current versions of ASP.NET AJAX prevents exploitation. | |||||
| CVE-2021-44028 | 1 Quest | 1 Kace Desktop Authority | 2022-01-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| XXE can occur in Quest KACE Desktop Authority before 11.2 because the log4net configuration file might be controlled by an attacker, a related issue to CVE-2018-1285. | |||||
| CVE-2021-4072 | 1 Elgg | 1 Elgg | 2022-01-03 | 3.5 LOW | 5.4 MEDIUM |
| elgg is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
| CVE-2021-41561 | 1 Apache | 1 Parquet-mr | 2022-01-03 | 5.0 MEDIUM | 7.5 HIGH |
| Improper Input Validation vulnerability in Parquet-MR of Apache Parquet allows an attacker to DoS by malicious Parquet files. This issue affects Apache Parquet-MR version 1.9.0 and later versions. | |||||
| CVE-2021-44675 | 1 Zohocorp | 1 Manageengine Servicedesk Plus Msp | 2022-01-03 | 7.5 HIGH | 9.8 CRITICAL |
| Zoho ManageEngine ServiceDesk Plus MSP before 10.5 Build 10534 is vulnerable to unauthenticated remote code execution due to a filter bypass in which authentication is not required. | |||||
| CVE-2021-42138 | 1 Thalesgroup | 1 Safenet Windows Logon Agent | 2022-01-03 | 3.5 LOW | 6.5 MEDIUM |
| A user of a machine protected by SafeNet Agent for Windows Logon may leverage weak entropy to access the encrypted credentials of any or all the users on that machine. | |||||
| CVE-2021-36887 | 1 Tarteaucitron.js - Cookies Legislation \& Gdpr Project | 1 Tarteaucitron.js - Cookies Legislation \& Gdpr | 2022-01-03 | 6.8 MEDIUM | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability leading to Cross-Site Scripting (XSS) discovered in tarteaucitron.js – Cookies legislation & GDPR WordPress plugin (versions <= 1.5.4), vulnerable parameters "tarteaucitronEmail" and "tarteaucitronPass". | |||||
| CVE-2021-35234 | 1 Solarwinds | 1 Orion Platform | 2022-01-03 | 6.5 MEDIUM | 8.8 HIGH |
| Numerous exposed dangerous functions within Orion Core has allows for read-only SQL injection leading to privileged escalation. An attacker with low-user privileges may steal password hashes and password salt information. | |||||
| CVE-2021-22056 | 2 Linux, Vmware | 4 Linux Kernel, Identity Manager, Vrealize Automation and 1 more | 2022-01-03 | 5.0 MEDIUM | 7.5 HIGH |
| VMware Workspace ONE Access 21.08, 20.10.0.1, and 20.10 and Identity Manager 3.3.5, 3.3.4, and 3.3.3 contain an SSRF vulnerability. A malicious actor with network access may be able to make HTTP requests to arbitrary origins and read the full response. | |||||
| CVE-2021-43847 | 1 Humhub | 1 Humhub | 2022-01-03 | 4.0 MEDIUM | 6.5 MEDIUM |
| HumHub is an open-source social network kit written in PHP. Prior to HumHub version 1.10.3 or 1.9.3, it could be possible for registered users to become unauthorized members of private Spaces. Versions 1.10.3 and 1.9.3 contain a patch for this issue. | |||||
| CVE-2021-43437 | 1 Engineers Online Portal Project | 1 Engineers Online Portal | 2022-01-03 | 6.8 MEDIUM | 8.8 HIGH |
| In sourcecodetester Engineers Online Portal as of 10-21-21, an attacker can manipulate the Host header as seen by the web application and cause the application to behave in unexpected ways. Very often multiple websites are hosted on the same IP address. This is where the Host Header comes in. This header specifies which website should process the HTTP request. The web server uses the value of this header to dispatch the request to the specified website. Each website hosted on the same IP address is called a virtual host. And It's possible to send requests with arbitrary Host Headers to the first virtual host. | |||||
| CVE-2020-8105 | 1 Goabode | 2 Iota All-in-one Security Kit, Iota All-in-one Security Kit Firmware | 2022-01-03 | 7.2 HIGH | 7.8 HIGH |
| OS Command Injection vulnerability in the wirelessConnect handler of Abode iota All-In-One Security Kit allows an attacker to inject commands and gain root access. This issue affects: Abode iota All-In-One Security Kit versions prior to 1.0.2.23_6.9V_dev_t2_homekit_RF_2.0.19_s2_kvsABODE oz. | |||||
| CVE-2021-44159 | 1 4mosan | 1 Gcb Doctor | 2022-01-03 | 10.0 HIGH | 9.8 CRITICAL |
| 4MOSAn GCB Doctor’s file upload function has improper user privilege control. A remote attacker can upload arbitrary files including webshell files without authentication and execute arbitrary code in order to perform arbitrary system operations or deny of service attack. | |||||
| CVE-2021-30940 | 1 Apple | 4 Ipados, Iphone Os, Mac Os X and 1 more | 2022-01-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.1, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2, Security Update 2021-008 Catalina. Processing a maliciously crafted USD file may disclose memory contents. | |||||
| CVE-2021-30959 | 1 Apple | 2 Mac Os X, Macos | 2022-01-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. Parsing a maliciously crafted audio file may lead to disclosure of user information. | |||||
| CVE-2021-30961 | 1 Apple | 2 Mac Os X, Macos | 2022-01-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. Parsing a maliciously crafted audio file may lead to disclosure of user information. | |||||
| CVE-2021-30941 | 1 Apple | 4 Ipados, Iphone Os, Mac Os X and 1 more | 2022-01-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.1, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2, Security Update 2021-008 Catalina. Processing a maliciously crafted USD file may disclose memory contents. | |||||
| CVE-2021-30993 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2022-01-03 | 6.8 MEDIUM | 8.1 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. An attacker in a privileged network position may be able to execute arbitrary code. | |||||
| CVE-2021-30963 | 1 Apple | 2 Mac Os X, Macos | 2022-01-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. Parsing a maliciously crafted audio file may lead to disclosure of user information. | |||||
| CVE-2021-30958 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2022-01-03 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Playing a malicious audio file may lead to arbitrary code execution. | |||||
| CVE-2021-44233 | 1 Sap | 1 Access Control | 2022-01-03 | 6.5 MEDIUM | 8.8 HIGH |
| SAP GRC Access Control - versions V1100_700, V1100_731, V1200_750, does not perform necessary authorization checks for an authenticated user, which could lead to escalation of privileges. | |||||
| CVE-2021-30980 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2022-01-03 | 9.3 HIGH | 7.8 HIGH |
| A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2021-30965 | 1 Apple | 2 Mac Os X, Macos | 2022-01-03 | 7.1 HIGH | 6.5 MEDIUM |
| A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.1, Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. A malicious application may be able to cause a denial of service to Endpoint Security clients. | |||||
| CVE-2021-30969 | 1 Apple | 2 Mac Os X, Macos | 2022-01-03 | 9.3 HIGH | 7.8 HIGH |
| A path handling issue was addressed with improved validation. This issue is fixed in Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. Processing a maliciously crafted URL may cause unexpected JavaScript execution from a file on disk. | |||||
| CVE-2021-30971 | 1 Apple | 4 Ipados, Iphone Os, Mac Os X and 1 more | 2022-01-03 | 9.3 HIGH | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.1, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2, Security Update 2021-008 Catalina. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution. | |||||
| CVE-2021-30973 | 1 Apple | 4 Ipados, Iphone Os, Mac Os X and 1 more | 2022-01-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Monterey 12.1, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2, Security Update 2021-008 Catalina. Processing a maliciously crafted file may disclose user information. | |||||
| CVE-2021-43843 | 1 Jsx-slack Project | 1 Jsx-slack | 2022-01-03 | 5.0 MEDIUM | 7.5 HIGH |
| jsx-slack is a package for building JSON objects for Slack block kit surfaces from JSX. The maintainers found the patch for CVE-2021-43838 in jsx-slack v4.5.1 is insufficient tfor protection from a Regular Expression Denial of Service (ReDoS) attack. If an attacker can put a lot of JSX elements into `<blockquote>` tag _with including multibyte characters_, an internal regular expression for escaping characters may consume an excessive amount of computing resources. v4.5.1 passes the test against ASCII characters but misses the case of multibyte characters. jsx-slack v4.5.2 has updated regular expressions for escaping blockquote characters to prevent catastrophic backtracking. It is also including an updated test case to confirm rendering multiple tags in `<blockquote>` with multibyte characters. | |||||
| CVE-2021-43838 | 1 Jsx-slack Project | 1 Jsx-slack | 2022-01-03 | 5.0 MEDIUM | 7.5 HIGH |
| jsx-slack is a library for building JSON objects for Slack Block Kit surfaces from JSX. In versions prior to 4.5.1 users are vulnerable to a regular expression denial-of-service (ReDoS) attack. If attacker can put a lot of JSX elements into `<blockquote>` tag, an internal regular expression for escaping characters may consume an excessive amount of computing resources. jsx-slack v4.5.1 has patched to a regex for escaping blockquote characters. Users are advised to upgrade as soon as possible. | |||||
| CVE-2021-40835 | 1 F-secure | 1 Safe | 2022-01-03 | 4.3 MEDIUM | 4.3 MEDIUM |
| An URL Address bar spoofing vulnerability was discovered in Safe Browser for iOS. When user clicks on a specially crafted a malicious URL, if user does not carefully pay attention to url, user may be tricked to think content may be coming from a valid domain, while it comes from another. This is performed by using a very long username part of the url so that user cannot see the domain name. A remote attacker can leverage this to perform url address bar spoofing attack. The fix is, browser no longer shows the user name part in address bar. | |||||
| CVE-2021-24917 | 1 Wpserveur | 1 Wps Hide Login | 2022-01-03 | 5.0 MEDIUM | 7.5 HIGH |
| The WPS Hide Login WordPress plugin before 1.9.1 has a bug which allows to get the secret login page by setting a random referer string and making a request to /wp-admin/options.php as an unauthenticated user. | |||||
| CVE-2021-45959 | 2022-01-03 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | |||||
| CVE-2019-15021 | 1 Zingbox | 1 Inspector | 2022-01-01 | 5.0 MEDIUM | 5.3 MEDIUM |
| A security vulnerability exists in the Zingbox Inspector versions 1.294 and earlier, that can allow an attacker to easily identify instances of Zingbox Inspectors in a local area network. | |||||
| CVE-2019-4378 | 1 Ibm | 1 Mq | 2022-01-01 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM MQ 7.5.0.0 - 7.5.0.9, 7.1.0.0 - 7.1.0.9, 8.0.0.0 - 8.0.0.12, 9.0.0.0 - 9.0.0.6, 9.1.0.0 - 9.1.0.2, and 9.1.0 - 9.1.2 command server is vulnerable to a denial of service attack caused by an authenticated and authorized user using specially crafted PCF messages. IBM X-Force ID: 162084. | |||||
| CVE-2019-16712 | 2 Imagemagick, Opensuse | 2 Imagemagick, Leap | 2022-01-01 | 4.3 MEDIUM | 6.5 MEDIUM |
| ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image. | |||||
| CVE-2019-16709 | 3 Canonical, Imagemagick, Opensuse | 4 Ubuntu Linux, Imagemagick, Backports and 1 more | 2022-01-01 | 4.3 MEDIUM | 6.5 MEDIUM |
| ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage. | |||||
| CVE-2019-15138 | 1 Html-pdf Project | 1 Html-pdf | 2022-01-01 | 5.0 MEDIUM | 7.5 HIGH |
| The html-pdf package 2.2.0 for Node.js has an arbitrary file read vulnerability via an HTML file that uses XMLHttpRequest to access a file:/// URL. | |||||
| CVE-2019-9719 | 1 Libav | 1 Libav | 2022-01-01 | 6.8 MEDIUM | 8.8 HIGH |
| ** DISPUTED ** A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows attackers to corrupt the stack via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c misuses snprintf. NOTE: Third parties dispute that this is a vulnerability because “no evidence of a vulnerability is provided” and only “a generic warning from a static code analysis” is provided. | |||||
| CVE-2019-9009 | 1 Codesys | 14 Control For Beaglebone, Control For Empc-a\/imx6, Control For Iot2000 and 11 more | 2022-01-01 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in 3S-Smart CODESYS before 3.5.15.0 . Crafted network packets cause the Control Runtime to crash. | |||||
| CVE-2019-8449 | 1 Atlassian | 1 Jira | 2022-01-01 | 5.0 MEDIUM | 5.3 MEDIUM |
| The /rest/api/latest/groupuserpicker resource in Jira before version 8.4.0 allows remote attackers to enumerate usernames via an information disclosure vulnerability. | |||||
| CVE-2019-16167 | 4 Canonical, Fedoraproject, Opensuse and 1 more | 4 Ubuntu Linux, Fedora, Leap and 1 more | 2022-01-01 | 4.3 MEDIUM | 5.5 MEDIUM |
| sysstat before 12.1.6 has memory corruption due to an Integer Overflow in remap_struct() in sa_common.c. | |||||
| CVE-2019-9461 | 1 Google | 1 Android | 2022-01-01 | 3.3 LOW | 6.5 MEDIUM |
| In the Android kernel in VPN routing there is a possible information disclosure. This could lead to remote information disclosure by an adjacent network attacker with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2019-15954 | 1 Totaljs | 1 Total.js Cms | 2022-01-01 | 9.0 HIGH | 9.9 CRITICAL |
| An issue was discovered in Total.js CMS 12.0.0. An authenticated user with the widgets privilege can gain achieve Remote Command Execution (RCE) on the remote server by creating a malicious widget with a special tag containing JavaScript code that will be evaluated server side. In the process of evaluating the tag by the back-end, it is possible to escape the sandbox object by using the following payload: <script total>global.process.mainModule.require(child_process).exec(RCE);</script> | |||||
| CVE-2019-4402 | 1 Ibm | 1 Api Connect | 2022-01-01 | 5.0 MEDIUM | 7.5 HIGH |
| IBM API Connect 2018.1 through 2018.4.1.6 developer portal could allow an unauthorized user to cause a denial of service via an unprotected API. IBM X-Force ID: 162263. | |||||