Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-4114 | 2021-12-22 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2021. Notes: none. | |||||
| CVE-2021-4113 | 2021-12-22 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2021. Notes: none. | |||||
| CVE-2021-0901 | 2 Google, Mediatek | 12 Android, Mt6873, Mt6875 and 9 more | 2021-12-22 | 4.6 MEDIUM | 6.7 MEDIUM |
| In apusys, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05664618. | |||||
| CVE-2021-0893 | 2 Google, Mediatek | 12 Android, Mt6873, Mt6875 and 9 more | 2021-12-22 | 4.6 MEDIUM | 6.7 MEDIUM |
| In apusys, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05687474. | |||||
| CVE-2021-0894 | 2 Google, Mediatek | 12 Android, Mt6873, Mt6875 and 9 more | 2021-12-22 | 4.6 MEDIUM | 6.7 MEDIUM |
| In apusys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05672038. | |||||
| CVE-2021-0899 | 2 Google, Mediatek | 12 Android, Mt6873, Mt6875 and 9 more | 2021-12-22 | 4.6 MEDIUM | 6.7 MEDIUM |
| In apusys, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05672059. | |||||
| CVE-2021-0898 | 2 Google, Mediatek | 12 Android, Mt6873, Mt6875 and 9 more | 2021-12-22 | 4.6 MEDIUM | 6.7 MEDIUM |
| In apusys, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05672071. | |||||
| CVE-2021-0897 | 2 Google, Mediatek | 12 Android, Mt6873, Mt6875 and 9 more | 2021-12-22 | 4.6 MEDIUM | 6.7 MEDIUM |
| In apusys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05670549. | |||||
| CVE-2021-44232 | 1 Sap | 1 Saf-t Framework | 2021-12-22 | 4.0 MEDIUM | 7.7 HIGH |
| SAF-T Framework Transaction SAFTN_G allows an attacker to exploit insufficient validation of path information provided by normal user, leading to full server directory access. The attacker can see the whole filesystem structure but cannot overwrite, delete, or corrupt arbitrary files on the server. | |||||
| CVE-2000-0484 | 1 Max Feoktistov | 1 Small Http Server | 2021-12-22 | 5.0 MEDIUM | N/A |
| Small HTTP Server ver 3.06 contains a memory corruption bug causing a memory overflow. The overflowed buffer crashes into a Structured Exception Handler resulting in a Denial of Service. | |||||
| CVE-2021-43029 | 2 Adobe, Microsoft | 2 Premiere Rush, Windows | 2021-12-22 | 9.3 HIGH | 7.8 HIGH |
| Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious M4A file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | |||||
| CVE-2021-43028 | 2 Adobe, Microsoft | 2 Premiere Rush, Windows | 2021-12-22 | 9.3 HIGH | 7.8 HIGH |
| Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious M4A file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | |||||
| CVE-2021-43026 | 2 Adobe, Microsoft | 2 Premiere Rush, Windows | 2021-12-22 | 9.3 HIGH | 7.8 HIGH |
| Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious MXF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | |||||
| CVE-2021-43025 | 2 Adobe, Microsoft | 2 Premiere Rush, Windows | 2021-12-22 | 9.3 HIGH | 7.8 HIGH |
| Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious SVG file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | |||||
| CVE-2021-3179 | 1 Gglocker Project | 1 Gglocker | 2021-12-22 | 2.1 LOW | 5.5 MEDIUM |
| GGLocker iOS application, contains an insecure data storage of the password hash value which results in an authentication bypass. | |||||
| CVE-2021-43023 | 2 Adobe, Microsoft | 2 Premiere Rush, Windows | 2021-12-22 | 9.3 HIGH | 7.8 HIGH |
| Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious EPS/TIFF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | |||||
| CVE-2021-43022 | 2 Adobe, Microsoft | 2 Premiere Rush, Windows | 2021-12-22 | 9.3 HIGH | 7.8 HIGH |
| Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious PNG file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | |||||
| CVE-2021-43021 | 2 Adobe, Microsoft | 2 Premiere Rush, Windows | 2021-12-22 | 9.3 HIGH | 7.8 HIGH |
| Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious EXR file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | |||||
| CVE-2021-44035 | 1 Wolterskluwer | 1 Teammate Audit Management | 2021-12-22 | 6.8 MEDIUM | 7.8 HIGH |
| Wolters Kluwer TeamMate AM 12.4 Update 1 mishandles attachment uploads, such that an authenticated user may download and execute malicious files. | |||||
| CVE-2021-0677 | 2 Google, Mediatek | 9 Android, Mt6833, Mt6853 and 6 more | 2021-12-22 | 2.1 LOW | 4.4 MEDIUM |
| In ccu driver, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05827154; Issue ID: ALPS05827154. | |||||
| CVE-2021-43438 | 1 Iresturant Project | 1 Iresturant | 2021-12-22 | 3.5 LOW | 5.4 MEDIUM |
| Stored XSS in Signup Form in iResturant 1.0 Allows Remote Attacker to Inject Arbitrary code via NAME and ADDRESS field | |||||
| CVE-2020-19316 | 2 Laravel, Microsoft | 2 Framework, Windows | 2021-12-22 | 6.8 MEDIUM | 8.8 HIGH |
| OS Command injection vulnerability in function link in Filesystem.php in Laravel Framework before 5.8.17. | |||||
| CVE-2021-43812 | 1 Auth0 | 1 Nextjs-auth0 | 2021-12-22 | 5.8 MEDIUM | 6.1 MEDIUM |
| The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. Versions before 1.6.2 do not filter out certain returnTo parameter values from the login url, which expose the application to an open redirect vulnerability. Users are advised to upgrade as soon as possible. There are no known workarounds for this issue. | |||||
| CVE-2021-22054 | 1 Vmware | 1 Workspace One Uem Console | 2021-12-22 | 5.0 MEDIUM | 7.5 HIGH |
| VMware Workspace ONE UEM console 20.0.8 prior to 20.0.8.37, 20.11.0 prior to 20.11.0.40, 21.2.0 prior to 21.2.0.27, and 21.5.0 prior to 21.5.0.37 contain an SSRF vulnerability. This issue may allow a malicious actor with network access to UEM to send their requests without authentication and to gain access to sensitive information. | |||||
| CVE-2021-3959 | 1 Bitdefender | 1 Gravityzone | 2021-12-22 | 5.0 MEDIUM | 7.5 HIGH |
| A Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateService component of Bitdefender Endpoint Security Tools allows an attacker to proxy requests to the relay server. This issue affects: Bitdefender Bitdefender GravityZone versions prior to 3.3.8.272 | |||||
| CVE-2021-41260 | 1 Galette | 1 Galette | 2021-12-22 | 6.8 MEDIUM | 8.8 HIGH |
| Galette is a membership management web application built for non profit organizations and released under GPLv3. Versions prior to 0.9.6 do not check for Cross Site Request Forgery attacks. All users are advised to upgrade to 0.9.6 as soon as possible. There are no known workarounds for this issue. | |||||
| CVE-2021-42912 | 1 Fiberhome | 12 Aan5506-04-g2g Firmware, An5506-01-a, An5506-01-a Firmware and 9 more | 2021-12-22 | 9.0 HIGH | 8.8 HIGH |
| FiberHome ONU GPON AN5506-04-F RP2617 is affected by an OS command injection vulnerability. This vulnerability allows the attacker, once logged in, to send commands to the operating system as the root user via the ping diagnostic tool, bypassing the IP address field, and concatenating OS commands with a semicolon. | |||||
| CVE-2021-30889 | 1 Apple | 5 Ipad Os, Iphone Os, Macos and 2 more | 2021-12-21 | 6.8 MEDIUM | 8.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2021-30809 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2021-12-21 | 6.8 MEDIUM | 8.8 HIGH |
| A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2021-30836 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2021-12-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted audio file may disclose restricted memory. | |||||
| CVE-2021-43573 | 1 Realtek | 2 Rtl8195am, Rtl8195am Firmware | 2021-12-21 | 7.5 HIGH | 9.8 CRITICAL |
| A buffer overflow was discovered on Realtek RTL8195AM devices before 2.0.10. It exists in the client code when processing a malformed IE length of HT capability information in the Beacon and Association response frame. | |||||
| CVE-2021-30888 | 1 Apple | 5 Ipad Os, Iphone Os, Macos and 2 more | 2021-12-21 | 4.3 MEDIUM | 7.4 HIGH |
| An information leakage issue was addressed. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1. A malicious website using Content Security Policy reports may be able to leak information via redirect behavior . | |||||
| CVE-2021-30823 | 1 Apple | 6 Ipad Os, Iphone Os, Macos and 3 more | 2021-12-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 14.8 and iPadOS 14.8, tvOS 15, Safari 15, watchOS 8. An attacker in a privileged network position may be able to bypass HSTS. | |||||
| CVE-2021-30818 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2021-12-21 | 6.8 MEDIUM | 8.8 HIGH |
| A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2021-41262 | 1 Galette | 1 Galette | 2021-12-21 | 6.5 MEDIUM | 8.8 HIGH |
| Galette is a membership management web application built for non profit organizations and released under GPLv3. Versions prior to 0.9.6 are subject to SQL injection attacks by users with "member" privilege. Users are advised to upgrade to version 0.9.6 as soon as possible. There are no known workarounds. | |||||
| CVE-2021-41261 | 1 Galette | 1 Galette | 2021-12-21 | 3.5 LOW | 4.8 MEDIUM |
| Galette is a membership management web application built for non profit organizations and released under GPLv3. Versions prior to 0.9.6 are subject to stored cross site scripting attacks via the preferences footer. The preference footer can only be altered by a site admin. This issue has been resolved in the 0.9.6 release and all users are advised to upgrade. There are no known workarounds. | |||||
| CVE-2021-40850 | 1 Tcman | 1 Gim | 2021-12-21 | 7.5 HIGH | 9.8 CRITICAL |
| TCMAN GIM is vulnerable to a SQL injection vulnerability inside several available webservice methods in /PC/WebService.asmx. | |||||
| CVE-2021-40851 | 1 Tcman | 1 Gim | 2021-12-21 | 5.0 MEDIUM | 7.5 HIGH |
| TCMAN GIM is vulnerable to a lack of authorization in all available webservice methods listed in /PC/WebService.asmx. The exploitation of this vulnerability might allow a remote attacker to obtain information. | |||||
| CVE-2021-40852 | 1 Tcman | 1 Gim | 2021-12-21 | 5.8 MEDIUM | 6.1 MEDIUM |
| TCMAN GIM is affected by an open redirect vulnerability. This vulnerability allows the redirection of user navigation to pages controlled by the attacker. The exploitation of this vulnerability might allow a remote attacker to obtain information. | |||||
| CVE-2021-3960 | 1 Bitdefender | 1 Gravityzone | 2021-12-21 | 4.6 MEDIUM | 7.8 HIGH |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the UpdateServer component of Bitdefender GravityZone allows an attacker to execute arbitrary code on vulnerable instances. This issue affects Bitdefender GravityZone versions prior to 3.3.8.272 | |||||
| CVE-2021-45038 | 1 Mediawiki | 1 Mediawiki | 2021-12-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. By using an action=rollback query, attackers can view private wiki contents. | |||||
| CVE-2021-43782 | 1 Enalean | 1 Tuleap | 2021-12-21 | 6.0 MEDIUM | 7.2 HIGH |
| Tuleap is a Libre and Open Source tool for end to end traceability of application and system developments. This is a follow up to GHSA-887w-pv2r-x8pm/CVE-2021-41276, the initial fix was incomplete. Tuleap does not sanitize properly the search filter built from the ldap_id attribute of a user during the daily synchronization. A malicious user could force accounts to be suspended or take over another account by forcing the update of the ldap_uid attribute. Note that the malicious user either need to have site administrator capability on the Tuleap instance or be an LDAP operator with the capability to create/modify account. The Tuleap instance needs to have the LDAP plugin activated and enabled for this issue to be exploitable. The following versions contain the fix: Tuleap Community Edition 13.2.99.83, Tuleap Enterprise Edition 13.1-6, and Tuleap Enterprise Edition 13.2-4. | |||||
| CVE-2021-43806 | 1 Enalean | 1 Tuleap | 2021-12-21 | 6.5 MEDIUM | 8.8 HIGH |
| Tuleap is a Libre and Open Source tool for end to end traceability of application and system developments. In affected versions Tuleap does not sanitize properly user settings when constructing the SQL query to browse and search commits in the CVS repositories. A authenticated malicious user with read access to a CVS repository could execute arbitrary SQL queries. Tuleap instances without an active CVS repositories are not impacted. The following versions contain the fix: Tuleap Community Edition 13.2.99.155, Tuleap Enterprise Edition 13.1-7, and Tuleap Enterprise Edition 13.2-6. | |||||
| CVE-2021-37863 | 1 Mattermost | 1 Mattermost Server | 2021-12-21 | 3.5 LOW | 5.7 MEDIUM |
| Mattermost 6.0 and earlier fails to sufficiently validate parameters during post creation, which allows authenticated attackers to cause a client-side crash of the web application via a maliciously crafted post. | |||||
| CVE-2021-41276 | 1 Enalean | 1 Tuleap | 2021-12-21 | 6.0 MEDIUM | 7.2 HIGH |
| Tuleap is a Libre and Open Source tool for end to end traceability of application and system developments. In affected versions Tuleap does not sanitize properly the search filter built from the ldap_id attribute of a user during the daily synchronization. A malicious user could force accounts to be suspended or take over another account by forcing the update of the ldap_uid attribute. Note that the malicious user either need to have site administrator capability on the Tuleap instance or be an LDAP operator with the capability to create/modify account. The Tuleap instance needs to have the LDAP plugin activated and enabled for this issue to be exploitable. This issue has been patched in Tuleap Community Edition 13.2.99.31, Tuleap Enterprise Edition 13.1-5, and Tuleap Enterprise Edition 13.2-3. | |||||
| CVE-2021-38883 | 1 Ibm | 2 Business Automation Workflow, Business Process Manager | 2021-12-21 | 3.5 LOW | 5.4 MEDIUM |
| IBM Business Automation Workflow 18.0, 19.0, 20,0 and 21.0 and IBM Business Process Manager 8.5 and 8.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 209165. | |||||
| CVE-2021-43820 | 1 Seafile | 1 Seafile Server | 2021-12-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| Seafile is an open source cloud storage system. A sync token is used in Seafile file syncing protocol to authorize access to library data. To improve performance, the token is cached in memory in seaf-server. Upon receiving a token from sync client or SeaDrive client, the server checks whether the token exist in the cache. However, if the token exists in cache, the server doesn't check whether it's associated with the specific library in the URL. This vulnerability makes it possible to use any valid sync token to access data from any **known** library. Note that the attacker has to first find out the ID of a library which it has no access to. The library ID is a random UUID, which is not possible to be guessed. There are no workarounds for this issue. | |||||
| CVE-2020-29394 | 1 Genivi | 1 Diagnostic Log And Trace | 2021-12-21 | 6.8 MEDIUM | 7.8 HIGH |
| A buffer overflow in the dlt_filter_load function in dlt_common.c from dlt-daemon through 2.18.5 (GENIVI Diagnostic Log and Trace) allows arbitrary code execution because fscanf is misused (no limit on the number of characters to be read in the format argument). | |||||
| CVE-2021-4131 | 1 Livehelperchat | 1 Live Helper Chat | 2021-12-21 | 6.8 MEDIUM | 8.8 HIGH |
| livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) | |||||
| CVE-2021-44549 | 1 Apache | 1 Sling Commons Messaging Mail | 2021-12-21 | 5.8 MEDIUM | 7.4 HIGH |
| Apache Sling Commons Messaging Mail provides a simple layer on top of JavaMail/Jakarta Mail for OSGi to send mails via SMTPS. To reduce the risk of "man in the middle" attacks additional server identity checks must be performed when accessing mail servers. For compatibility reasons these additional checks are disabled by default in JavaMail/Jakarta Mail. The SimpleMailService in Apache Sling Commons Messaging Mail 1.0 lacks an option to enable these checks for the shared mail session. A user could enable these checks nevertheless by accessing the session via the message created by SimpleMessageBuilder and setting the property mail.smtps.ssl.checkserveridentity to true. Apache Sling Commons Messaging Mail 2.0 adds support for enabling server identity checks and these checks are enabled by default. - https://javaee.github.io/javamail/docs/SSLNOTES.txt - https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package-summary.html - https://github.com/eclipse-ee4j/mail/issues/429 | |||||