Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-44439 | 1 Siemens | 2 Jt Open Toolkit, Jt Utilities | 2021-12-14 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products is vulnerable to an out of bounds read past the end of an allocated buffer when parsing specially crafted JT files. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-14908) | |||||
| CVE-2021-44438 | 1 Siemens | 2 Jt Open Toolkit, Jt Utilities | 2021-12-14 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products is vulnerable to an out of bounds write past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-14907) | |||||
| CVE-2021-44437 | 1 Siemens | 2 Jt Open Toolkit, Jt Utilities | 2021-12-14 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products is vulnerable to an out of bounds write past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-14906) | |||||
| CVE-2021-44442 | 1 Siemens | 2 Jt Open Toolkit, Jt Utilities | 2021-12-14 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products contains an out of bounds write past the fixed-length heap-based buffer while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-14995) | |||||
| CVE-2021-44441 | 1 Siemens | 2 Jt Open Toolkit, Jt Utilities | 2021-12-14 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products contains an out of bounds write past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-14913) | |||||
| CVE-2021-44440 | 1 Siemens | 2 Jt Open Toolkit, Jt Utilities | 2021-12-14 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products is vulnerable to memory corruption condition while parsing specially crafted JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-14912) | |||||
| CVE-2021-44443 | 1 Siemens | 2 Jt Open Toolkit, Jt Utilities | 2021-12-14 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products contains an out of bounds write past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15039) | |||||
| CVE-2021-23663 | 1 Sey Project | 1 Sey | 2021-12-14 | 7.5 HIGH | 9.8 CRITICAL |
| All versions of package sey are vulnerable to Prototype Pollution via the deepmerge() function. | |||||
| CVE-2021-23639 | 1 Markdown To Pdf Project | 1 Markdown To Pdf | 2021-12-14 | 7.5 HIGH | 9.8 CRITICAL |
| The package md-to-pdf before 5.0.0 are vulnerable to Remote Code Execution (RCE) due to utilizing the library gray-matter to parse front matter content, without disabling the JS engine. | |||||
| CVE-2021-23700 | 1 Merge-deep2 Project | 1 Merge-deep2 | 2021-12-14 | 7.5 HIGH | 9.8 CRITICAL |
| All versions of package merge-deep2 are vulnerable to Prototype Pollution via the mergeDeep() function. | |||||
| CVE-2021-4089 | 1 Snipeitapp | 1 Snipe-it | 2021-12-14 | 4.0 MEDIUM | 4.3 MEDIUM |
| snipe-it is vulnerable to Improper Access Control | |||||
| CVE-2021-44434 | 1 Siemens | 2 Jt Open Toolkit, Jt Utilities | 2021-12-14 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products is vulnerable to an out of bounds write past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-14902, ZDI-CAN-14866) | |||||
| CVE-2019-9581 | 1 Twinkletoessoftware | 1 Booked | 2021-12-14 | 7.5 HIGH | 9.8 CRITICAL |
| phpscheduleit Booked Scheduler 2.7.5 allows arbitrary file upload via the Favicon field, leading to execution of arbitrary Web/custom-favicon.php PHP code, because Presenters/Admin/ManageThemePresenter.php does not ensure an image file extension. | |||||
| CVE-2021-41242 | 1 Frentix | 1 Openolat | 2021-12-14 | 7.9 HIGH | 8.1 HIGH |
| OpenOlat is a web-basedlearning management system. A path traversal vulnerability exists in OpenOlat prior to versions 15.5.12 and 16.0.5. By providing a filename that contains a relative path as a parameter in some REST methods, it is possible to create directory structures and write files anywhere on the target system. The attack could be used to write files anywhere in the web root folder or outside, depending on the configuration of the system and the properly configured permission of the application server user. The attack requires an OpenOlat user account, an enabled REST API and the rights on a business object to call the vulnerable REST calls. The problem is fixed in version 15.5.12 and 16.0.5. There is a workaround available. The vulnerability requires the REST module to be enabled. Disabling the REST module or limiting the REST module via some firewall or web-server access rules to be accessed only be trusted systems will mitigate the risk. | |||||
| CVE-2021-22565 | 1 Google | 1 Exposure Notification Verification Server | 2021-12-14 | 5.8 MEDIUM | 6.5 MEDIUM |
| An attacker could prematurely expire a verification code, making it unusable by the patient, making the patient unable to upload their TEKs to generate exposure notifications. We recommend upgrading the Exposure Notification server to V1.1.2 or greater. | |||||
| CVE-2021-44432 | 1 Siemens | 2 Jt Open Toolkit, Jt Utilities | 2021-12-14 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products is vulnerable to stack based buffer overflow while parsing specially crafted JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-14845) | |||||
| CVE-2021-44431 | 1 Siemens | 2 Jt Open Toolkit, Jt Utilities | 2021-12-14 | 4.3 MEDIUM | 3.3 LOW |
| A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products is vulnerable to an out of bounds read past the end of an allocated buffer when parsing specially crafted JT files. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-14841) | |||||
| CVE-2021-44445 | 1 Siemens | 2 Jt Open Toolkit, Jt Utilities | 2021-12-14 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products contains an out of bounds write past the fixed-length heap-based buffer while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15054) | |||||
| CVE-2021-31745 | 1 Pluck-cms | 1 Pluck | 2021-12-14 | 5.0 MEDIUM | 7.5 HIGH |
| Session Fixation vulnerability in login.php in Pluck-CMS Pluck 4.7.15 allows an attacker to sustain unauthorized access to the platform. Because Pluck does not invalidate prior sessions after a password change, access can be sustained even after an administrator performs regular remediation attempts such as resetting their password. | |||||
| CVE-2021-37935 | 1 Huntflow | 1 Huntflow Enterprise | 2021-12-14 | 5.0 MEDIUM | 7.5 HIGH |
| An information disclosure vulnerability in the login page of Huntflow Enterprise before 3.10.4 could allow an unauthenticated, remote user to get information about the domain name of the configured LDAP server. An attacker could exploit this vulnerability by requesting the login page and searching for the "isLdap" JavaScript parameter in the HTML source code. | |||||
| CVE-2021-44450 | 1 Siemens | 2 Jt Open Toolkit, Jt Utilities | 2021-12-14 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in JT Utilities (All versions < V12.8.1.1), JTTK (All versions < V10.8.1.1). JTTK library in affected products is vulnerable to an out of bounds read past the end of an allocated buffer when parsing JT files. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-15055, ZDI-CAN-14915, ZDI-CAN-14865) | |||||
| CVE-2021-23862 | 1 Bosch | 8 Bosch Video Management System, Divar Ip 5000 Firmware, Divar Ip 7000 Firmware and 5 more | 2021-12-14 | 9.0 HIGH | 7.2 HIGH |
| A crafted configuration packet sent by an authenticated administrative user can be used to execute arbitrary commands in system context. This issue also affects installations of the VRM, DIVAR IP, BVMS with VRM installed, the VIDEOJET decoder (VJD-7513 and VJD-8000). | |||||
| CVE-2021-37187 | 1 Digi | 17 Transport Dr64, Transport Dr64 Firmware, Transport Sr44 and 14 more | 2021-12-14 | 4.0 MEDIUM | 6.5 MEDIUM |
| An issue was discovered on Digi TransPort devices through 2021-07-21. An authenticated attacker may read a password file (with reversible passwords) from the device, which allows decoding of other users' passwords. | |||||
| CVE-2021-37189 | 1 Digi | 12 Transport Wr11, Transport Wr11 Firmware, Transport Wr11 Xt and 9 more | 2021-12-14 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Digi TransPort Gateway devices through 5.2.13.4. They do not set the Secure attribute for sensitive cookies in HTTPS sessions, which could cause the user agent to send those cookies in cleartext over an HTTP session. | |||||
| CVE-2021-37934 | 1 Huntflow | 1 Huntflow Enterprise | 2021-12-14 | 5.0 MEDIUM | 9.8 CRITICAL |
| Due to insufficient server-side login-attempt limit enforcement, a vulnerability in /account/login in Huntflow Enterprise before 3.10.14 could allow an unauthenticated, remote user to perform multiple login attempts for brute-force password guessing. | |||||
| CVE-2021-40834 | 1 F-secure | 1 Safe | 2021-12-14 | 4.3 MEDIUM | 4.3 MEDIUM |
| A user interface overlay vulnerability was discovered in F-secure SAFE Browser for Android. When user click on a specially crafted seemingly legitimate URL SAFE browser goes into full screen and hides the user interface. A remote attacker can leverage this to perform spoofing attack. | |||||
| CVE-2021-35978 | 1 Digi | 18 Transport Dr64, Transport Dr64 Firmware, Transport Sr44 and 15 more | 2021-12-14 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered in Digi TransPort DR64, SR44 VC74, and WR. The ZING protocol allows arbitrary remote command execution with SUPER privileges. This allows an attacker (with knowledge of the protocol) to execute arbitrary code on the controller including overwriting firmware, adding/removing users, disabling the internal firewall, etc. | |||||
| CVE-2021-23861 | 1 Bosch | 4 Bosch Video Management System, Divar Ip 5000 Firmware, Divar Ip 7000 Firmware and 1 more | 2021-12-14 | 5.5 MEDIUM | 6.5 MEDIUM |
| By executing a special command, an user with administrative rights can get access to extended debug functionality on the VRM allowing an impact on integrity or availability of the installed software. This issue also affects installations of the DIVAR IP and BVMS with VRM installed. | |||||
| CVE-2021-31747 | 1 Pluck-cms | 1 Pluck | 2021-12-14 | 5.8 MEDIUM | 4.8 MEDIUM |
| Missing SSL Certificate Validation issue exists in Pluck 4.7.15 in update_applet.php, which could lead to man-in-the-middle attacks. | |||||
| CVE-2021-23860 | 1 Bosch | 4 Bosch Video Management System, Divar Ip 5000 Firmware, Divar Ip 7000 Firmware and 1 more | 2021-12-14 | 4.3 MEDIUM | 6.1 MEDIUM |
| An error in a page handler of the VRM may lead to a reflected cross site scripting (XSS) in the web-based interface. To exploit this vulnerability an attack must be able to modify the HTTP header that is sent. This issue also affects installations of the DIVAR IP and BVMS with VRM installed. | |||||
| CVE-2021-23859 | 1 Bosch | 9 Access Easy Controller, Access Easy Controller Firmware, Access Professional Edition and 6 more | 2021-12-14 | 5.0 MEDIUM | 7.5 HIGH |
| An unauthenticated attacker is able to send a special HTTP request, that causes a service to crash. In case of a standalone VRM or BVMS with VRM installation this crash also opens the possibility to send further unauthenticated commands to the service. On some products the interface is only local accessible lowering the CVSS base score. For a list of modified CVSS scores, please see the official Bosch Advisory Appendix chapter Modified CVSS Scores for CVE-2021-23859 | |||||
| CVE-2021-31746 | 1 Pluck-cms | 1 Pluck | 2021-12-14 | 7.5 HIGH | 9.8 CRITICAL |
| Zip Slip vulnerability in Pluck-CMS Pluck 4.7.15 allows an attacker to upload specially crafted zip files, resulting in directory traversal and potentially arbitrary code execution. | |||||
| CVE-2015-0536 | 1 Dell | 2 Bsafe, Bsafe Ssl-c | 2021-12-14 | 4.3 MEDIUM | 7.5 HIGH |
| EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3 and RSA BSAFE SSL-C 2.8.9 and earlier, when client authentication and an ephemeral Diffie-Hellman ciphersuite are enabled, allow remote attackers to cause a denial of service (daemon crash) via a ClientKeyExchange message with a length of zero, a similar issue to CVE-2015-1787. | |||||
| CVE-2015-0533 | 1 Dell | 2 Bsafe, Bsafe Ssl-c | 2021-12-14 | 5.0 MEDIUM | 7.5 HIGH |
| EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3 and RSA BSAFE SSL-C 2.8.9 and earlier allow remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message, a similar issue to CVE-2014-3572. | |||||
| CVE-2015-0534 | 1 Dell | 3 Bsafe, Bsafe Ssl-c, Bsafe Ssl-j | 2021-12-14 | 5.0 MEDIUM | 7.5 HIGH |
| EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3, RSA BSAFE Crypto-J before 6.2, RSA BSAFE SSL-J before 6.2, and RSA BSAFE SSL-C 2.8.9 and earlier do not enforce certain constraints on certificate data, which allows remote attackers to defeat a fingerprint-based certificate-blacklist protection mechanism by including crafted data within a certificate's unsigned portion, a similar issue to CVE-2014-8275. | |||||
| CVE-2015-0537 | 1 Dell | 3 Bsafe, Bsafe Crypto-c, Bsafe Ssl-c | 2021-12-14 | 7.5 HIGH | 9.8 CRITICAL |
| Integer underflow in the base64-decoding implementation in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3, RSA BSAFE Crypto-C Micro Edition (Crypto-C ME) before 4.0.4 and 4.1, and RSA BSAFE SSL-C 2.8.9 and earlier allows remote attackers to cause a denial of service (memory corruption or segmentation fault) or possibly have unspecified other impact via crafted base64 data, a similar issue to CVE-2015-0292. | |||||
| CVE-2015-0535 | 1 Dell | 2 Bsafe, Bsafe Ssl-c | 2021-12-14 | 5.0 MEDIUM | 7.5 HIGH |
| EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3 and RSA BSAFE SSL-C 2.8.9 and earlier do not properly restrict TLS state transitions, which makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a similar issue to CVE-2015-0204. | |||||
| CVE-2021-23561 | 1 C2fo | 1 Comb | 2021-12-14 | 7.5 HIGH | 9.8 CRITICAL |
| All versions of package comb are vulnerable to Prototype Pollution via the deepMerge() function. | |||||
| CVE-2021-41695 | 1 Globaldatingsoftware | 1 Premiumdatingscript | 2021-12-14 | 7.5 HIGH | 9.8 CRITICAL |
| An SQL Injection vulnerability exists in Premiumdatingscript 4.2.7.7 via the ip parameter in connect.php. . | |||||
| CVE-2021-41696 | 1 Globaldatingsoftware | 1 Premiumdatingscript | 2021-12-14 | 4.0 MEDIUM | 6.5 MEDIUM |
| An authentication bypass (account takeover) vulnerability exists in Premiumdatingscript 4.2.7.7 due to a weak password reset mechanism in requests\user.php. | |||||
| CVE-2021-41697 | 1 Globaldatingsoftware | 1 Premiumdatingscript | 2021-12-14 | 4.3 MEDIUM | 6.1 MEDIUM |
| A reflected Cross Site Scripting (XSS) vulnerability exists in Premiumdatingscript 4.2.7.7 via the aerror_description parameter in assets/sources/instagram.php script. | |||||
| CVE-2021-27983 | 1 Max-3000 | 1 Maxsite Cms | 2021-12-14 | 7.5 HIGH | 9.8 CRITICAL |
| Remote Code Execution (RCE) vulnerability exists in MaxSite CMS v107.5 via the Documents page. | |||||
| CVE-2017-18922 | 4 Canonical, Fedoraproject, Libvncserver Project and 1 more | 4 Ubuntu Linux, Fedora, Libvncserver and 1 more | 2021-12-14 | 7.5 HIGH | 9.8 CRITICAL |
| It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket frames to a server, causing a heap-based buffer overflow. | |||||
| CVE-2020-14405 | 2 Debian, Libvncserver Project | 2 Debian Linux, Libvncserver | 2021-12-14 | 4.0 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in LibVNCServer before 0.9.13. libvncclient/rfbproto.c does not limit TextChat size. | |||||
| CVE-2020-14404 | 2 Debian, Libvncserver Project | 2 Debian Linux, Libvncserver | 2021-12-14 | 5.5 MEDIUM | 5.4 MEDIUM |
| An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rre.c allows out-of-bounds access via encodings. | |||||
| CVE-2020-14403 | 2 Debian, Libvncserver Project | 2 Debian Linux, Libvncserver | 2021-12-14 | 5.5 MEDIUM | 5.4 MEDIUM |
| An issue was discovered in LibVNCServer before 0.9.13. libvncserver/hextile.c allows out-of-bounds access via encodings. | |||||
| CVE-2020-14402 | 3 Debian, Libvncserver Project, Opensuse | 3 Debian Linux, Libvncserver, Leap | 2021-12-14 | 5.5 MEDIUM | 5.4 MEDIUM |
| An issue was discovered in LibVNCServer before 0.9.13. libvncserver/corre.c allows out-of-bounds access via encodings. | |||||
| CVE-2020-14401 | 3 Debian, Libvncserver Project, Opensuse | 3 Debian Linux, Libvncserver, Leap | 2021-12-14 | 6.4 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in LibVNCServer before 0.9.13. libvncserver/scale.c has a pixel_value integer overflow. | |||||
| CVE-2020-14398 | 2 Libvncserver Project, Opensuse | 2 Libvncserver, Leap | 2021-12-14 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in LibVNCServer before 0.9.13. An improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c. | |||||
| CVE-2020-14397 | 3 Debian, Libvncserver Project, Opensuse | 3 Debian Linux, Libvncserver, Leap | 2021-12-14 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rfbregion.c has a NULL pointer dereference. | |||||