Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-22222 | 2 Oracle, Wireshark | 4 Enterprise Manager Ops Center, Instantis Enterprisetrack, Zfs Storage Appliance Kit and 1 more | 2021-12-11 | 5.0 MEDIUM | 7.5 HIGH |
| Infinite loop in DVB-S2-BB dissector in Wireshark 3.4.0 to 3.4.5 allows denial of service via packet injection or crafted capture file | |||||
| CVE-2021-4081 | 1 Pimcore | 1 Pimcore | 2021-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
| CVE-2021-25510 | 1 Google | 1 Android | 2021-12-10 | 4.6 MEDIUM | 7.8 HIGH |
| An improper validation vulnerability in FilterProvider prior to SMR Dec-2021 Release 1 allows local arbitrary code execution. | |||||
| CVE-2021-42758 | 1 Fortinet | 1 Fortiwlc | 2021-12-10 | 9.0 HIGH | 8.8 HIGH |
| An improper access control vulnerability [CWE-284] in FortiWLC 8.6.1 and below may allow an authenticated and remote attacker with low privileges to execute any command as an admin user with full access rights via bypassing the GUI restrictions. | |||||
| CVE-2021-20040 | 1 Sonicwall | 10 Sma 200, Sma 200 Firmware, Sma 210 and 7 more | 2021-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| A relative path traversal vulnerability in the SMA100 upload funtion allows a remote unauthenticated attacker to upload crafted web pages or files as a 'nobody' user. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances. | |||||
| CVE-2021-20041 | 1 Sonicwall | 10 Sma 200, Sma 200 Firmware, Sma 210 and 7 more | 2021-12-10 | 7.8 HIGH | 7.5 HIGH |
| An unauthenticated and remote adversary can consume all of the device's CPU due to crafted HTTP requests sent to SMA100 /fileshare/sonicfiles/sonicfiles resulting in a loop with unreachable exit condition. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances. | |||||
| CVE-2021-20042 | 1 Sonicwall | 10 Sma 200, Sma 200 Firmware, Sma 210 and 7 more | 2021-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| An unauthenticated remote attacker can use SMA 100 as an unintended proxy or intermediary undetectable proxy to bypass firewall rules. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances. | |||||
| CVE-2020-28381 | 1 Siemens | 1 Solid Edge | 2021-12-10 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in Solid Edge SE2020 (All Versions < SE2020MP12), Solid Edge SE2021 (All Versions < SE2021MP2). Affected applications lack proper validation of user-supplied data when parsing PAR files. This could result in an out of bounds write into uninitialized memory. An attacker could leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2020-28382 | 1 Siemens | 1 Solid Edge | 2021-12-10 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in Solid Edge SE2020 (All Versions < SE2020MP12), Solid Edge SE2021 (All Versions < SE2021MP2). Affected applications lack proper validation of user-supplied data when parsing PAR files. This could result in a out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2020-28384 | 1 Siemens | 1 Solid Edge | 2021-12-10 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in Solid Edge SE2020 (All Versions < SE2020MP12), Solid Edge SE2021 (All Versions < SE2021MP2). Affected applications lack proper validation of user-supplied data when parsing PAR files. This could lead to a stack based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2020-28386 | 1 Siemens | 1 Solid Edge | 2021-12-10 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in Solid Edge SE2020 (All Versions < SE2020MP12), Solid Edge SE2021 (All Versions < SE2021MP2). Affected applications lack proper validation of user-supplied data when parsing DFT files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2020-28385 | 1 Siemens | 1 Solid Edge | 2021-12-10 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in Solid Edge SE2020 (All versions < SE2020MP13), Solid Edge SE2021 (All Versions < SE2021MP4). Affected applications lack proper validation of user-supplied data when parsing DFT files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12049) | |||||
| CVE-2021-27380 | 1 Siemens | 1 Solid Edge | 2021-12-10 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in Solid Edge SE2020 (All versions < SE2020MP13), Solid Edge SE2021 (All Versions < SE2021MP4). Affected applications lack proper validation of user-supplied data when parsing PAR files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12532) | |||||
| CVE-2020-7515 | 1 Schneider-electric | 1 Easergy Builder | 2021-12-10 | 2.1 LOW | 7.8 HIGH |
| A CWE-321: Use of hard-coded cryptographic key stored in cleartext vulnerability exists in Easergy Builder V1.4.7.2 and prior which could allow an attacker to decrypt a password. | |||||
| CVE-2020-7516 | 1 Schneider-electric | 1 Easergy Builder | 2021-12-10 | 2.1 LOW | 7.8 HIGH |
| A CWE-316: Cleartext Storage of Sensitive Information in Memory vulnerability exists in Easergy Builder V1.4.7.2 and prior which could allow an attacker access to login credentials. | |||||
| CVE-2021-20210 | 1 Privoxy | 1 Privoxy | 2021-12-10 | 7.8 HIGH | 7.5 HIGH |
| A flaw was found in Privoxy in versions before 3.0.29. Memory leak in the show-status CGI handler when no filter files are configured can lead to a system crash. | |||||
| CVE-2020-25444 | 1 Bookingcore | 1 Booking Core | 2021-12-10 | 3.5 LOW | 5.4 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in Booking Core - Ultimate Booking System Booking Core 1.7.0 via the (1) "About Yourself” section under the “My Profile” page, " (2) “Hotel Policy” field under the “Hotel Details” page, (3) “Pricing code” and “name” fields under the “Manage Tour” page, and (4) all the labels under the “Menu” section. | |||||
| CVE-2006-3511 | 1 Microsoft | 2 Internet Explorer, Windows Xp | 2021-12-10 | 5.0 MEDIUM | N/A |
| Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) by setting the fonts property of the HtmlDlgSafeHelper object, which triggers a null dereference. | |||||
| CVE-2006-3897 | 1 Microsoft | 2 Internet Explorer, Windows 2000 | 2021-12-10 | 5.0 MEDIUM | N/A |
| Stack overflow in Microsoft Internet Explorer 6 on Windows 2000 allows remote attackers to cause a denial of service (application crash) by creating an NMSA.ASFSourceMediaDescription.1 ActiveX object with a long dispValue property. | |||||
| CVE-2019-9075 | 4 Canonical, F5, Gnu and 1 more | 18 Ubuntu Linux, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 15 more | 2021-12-10 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c. | |||||
| CVE-2019-9074 | 3 Canonical, Gnu, Netapp | 4 Ubuntu Linux, Binutils, Hci Management Node and 1 more | 2021-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfd_getl32 in libbfd.c, when called from pex64_get_runtime_function in pei-x86_64.c. | |||||
| CVE-2019-9073 | 3 Canonical, Gnu, Netapp | 4 Ubuntu Linux, Binutils, Hci Management Node and 1 more | 2021-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in _bfd_elf_slurp_version_tables in elf.c. | |||||
| CVE-2021-37061 | 1 Huawei | 1 Harmonyos | 2021-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| There is a Uncontrolled Resource Consumption vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Screen projection application denial of service. | |||||
| CVE-2021-44352 | 1 Tendacn | 2 Ac15, Ac15 Firmware | 2021-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| A Stack-based Buffer Overflow vulnerability exists in the Tenda AC15 V15.03.05.18_multi device via the list parameter in a post request in goform/SetIpMacBind. | |||||
| CVE-2021-43674 | 1 Thinkup | 1 Thinkup | 2021-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| ** UNSUPPORTED WHEN ASSIGNED ** ThinkUp 2.0-beta.10 is affected by a path manipulation vulnerability in Smarty.class.php. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2021-24783 | 1 Publishpress | 1 Post Expirator | 2021-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
| The Post Expirator WordPress plugin before 2.6.0 does not have proper capability checks in place, which could allow users with a role as low as Contributor to schedule deletion of arbitrary posts. | |||||
| CVE-2021-39218 | 2 Bytecodealliance, Fedoraproject | 2 Wasmtime, Fedora | 2021-12-10 | 3.3 LOW | 6.3 MEDIUM |
| Wasmtime is an open source runtime for WebAssembly & WASI. In Wasmtime from version 0.26.0 and before version 0.30.0 is affected by a memory unsoundness vulnerability. There was an invalid free and out-of-bounds read and write bug when running Wasm that uses `externref`s in Wasmtime. To trigger this bug, Wasmtime needs to be running Wasm that uses `externref`s, the host creates non-null `externrefs`, Wasmtime performs a garbage collection (GC), and there has to be a Wasm frame on the stack that is at a GC safepoint where there are no live references at this safepoint, and there is a safepoint with live references earlier in this frame's function. Under this scenario, Wasmtime would incorrectly use the GC stack map for the safepoint from earlier in the function instead of the empty safepoint. This would result in Wasmtime treating arbitrary stack slots as `externref`s that needed to be rooted for GC. At the *next* GC, it would be determined that nothing was referencing these bogus `externref`s (because nothing could ever reference them, because they are not really `externref`s) and then Wasmtime would deallocate them and run `<ExternRef as Drop>::drop` on them. This results in a free of memory that is not necessarily on the heap (and shouldn't be freed at this moment even if it was), as well as potential out-of-bounds reads and writes. Even though support for `externref`s (via the reference types proposal) is enabled by default, unless you are creating non-null `externref`s in your host code or explicitly triggering GCs, you cannot be affected by this bug. We have reason to believe that the effective impact of this bug is relatively small because usage of `externref` is currently quite rare. This bug has been patched and users should upgrade to Wasmtime version 0.30.0. If you cannot upgrade Wasmtime at this time, you can avoid this bug by disabling the reference types proposal by passing `false` to `wasmtime::Config::wasm_reference_types`. | |||||
| CVE-2019-9072 | 2 Gnu, Netapp | 3 Binutils, Hci Management Node, Solidfire | 2021-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in setup_group in elf.c. | |||||
| CVE-2015-7513 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2021-12-10 | 4.9 MEDIUM | 6.5 MEDIUM |
| arch/x86/kvm/x86.c in the Linux kernel before 4.4 does not reset the PIT counter values during state restoration, which allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via a zero value, related to the kvm_vm_ioctl_set_pit and kvm_vm_ioctl_set_pit2 functions. | |||||
| CVE-2020-28397 | 1 Siemens | 111 Cpu1510sp F-1, Cpu1510sp F-1 Firmware, Cpu 1211c and 108 more | 2021-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC S7 PLCSIM Advanced (All versions > V2 < V4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (Version V4.4), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions > V2.5 < V2.9.2), SIMATIC S7-1500 Software Controller (All versions > V2.5 < V21.9), TIM 1531 IRC (incl. SIPLUS NET variants) (Version V2.1). Due to an incorrect authorization check in the affected component, an attacker could extract information about access protected PLC program variables over port 102/tcp from an affected device when reading multiple attributes at once. | |||||
| CVE-2021-32718 | 1 Vmware | 1 Rabbitmq | 2021-12-10 | 3.5 LOW | 5.4 MEDIUM |
| RabbitMQ is a multi-protocol messaging broker. In rabbitmq-server prior to version 3.8.17, a new user being added via management UI could lead to the user's bane being rendered in a confirmation message without proper `<script>` tag sanitization, potentially allowing for JavaScript code execution in the context of the page. In order for this to occur, the user must be signed in and have elevated permissions (other user management). The vulnerability is patched in RabbitMQ 3.8.17. As a workaround, disable `rabbitmq_management` plugin and use CLI tools for management operations and Prometheus and Grafana for metrics and monitoring. | |||||
| CVE-2020-10729 | 2 Debian, Redhat | 3 Debian Linux, Ansible Engine, Enterprise Linux | 2021-12-10 | 2.1 LOW | 5.5 MEDIUM |
| A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length generate the equal value as the template caching action for the same file since no re-evaluation happens. The highest threat from this vulnerability would be that all passwords are exposed at once for the file. This flaw affects Ansible Engine versions before 2.9.6. | |||||
| CVE-2021-20221 | 3 Debian, Qemu, Redhat | 3 Debian Linux, Qemu, Enterprise Linux | 2021-12-10 | 2.1 LOW | 6.0 MEDIUM |
| An out-of-bounds heap buffer access issue was found in the ARM Generic Interrupt Controller emulator of QEMU up to and including qemu 4.2.0on aarch64 platform. The issue occurs because while writing an interrupt ID to the controller memory area, it is not masked to be 4 bits wide. It may lead to the said issue while updating controller state fields and their subsequent processing. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario. | |||||
| CVE-2021-20228 | 2 Debian, Redhat | 4 Debian Linux, Ansible Automation Platform, Ansible Engine and 1 more | 2021-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality. | |||||
| CVE-2021-25663 | 1 Siemens | 4 Capital Vstar, Nucleus Net, Nucleus Readystart and 1 more | 2021-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability has been identified in Capital VSTAR (Versions including affected IPv6 stack), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected IPv6 stack). The function that processes IPv6 headers does not check the lengths of extension header options, allowing attackers to put this function into an infinite loop with crafted length values. | |||||
| CVE-2021-20208 | 3 Fedoraproject, Redhat, Samba | 3 Fedora, Enterprise Linux, Cifs-utils | 2021-12-10 | 4.9 MEDIUM | 6.1 MEDIUM |
| A flaw was found in cifs-utils in versions before 6.13. A user when mounting a krb5 CIFS file system from within a container can use Kerberos credentials of the host. The highest threat from this vulnerability is to data confidentiality and integrity. | |||||
| CVE-2021-3477 | 2 Debian, Openexr | 2 Debian Linux, Openexr | 2021-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| There's a flaw in OpenEXR's deep tile sample size calculations in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger an integer overflow, subsequently leading to an out-of-bounds read. The greatest risk of this flaw is to application availability. | |||||
| CVE-2021-20271 | 3 Fedoraproject, Redhat, Rpm | 3 Fedora, Enterprise Linux, Rpm | 2021-12-10 | 5.1 MEDIUM | 7.0 HIGH |
| A flaw was found in RPM's signature check functionality when reading a package file. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package, whose signature header was modified, to cause RPM database corruption and execute code. The highest threat from this vulnerability is to data integrity, confidentiality, and system availability. | |||||
| CVE-2021-21157 | 4 Fedoraproject, Google, Linux and 1 more | 5 Fedora, Chrome, Linux Kernel and 2 more | 2021-12-10 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Web Sockets in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-21155 | 3 Fedoraproject, Google, Microsoft | 3 Fedora, Chrome, Windows | 2021-12-10 | 6.8 MEDIUM | 9.6 CRITICAL |
| Heap buffer overflow in Tab Strip in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | |||||
| CVE-2021-21154 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2021-12-10 | 6.8 MEDIUM | 9.6 CRITICAL |
| Heap buffer overflow in Tab Strip in Google Chrome prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | |||||
| CVE-2021-21153 | 3 Fedoraproject, Google, Linux | 3 Fedora, Chrome, Linux Kernel | 2021-12-10 | 6.8 MEDIUM | 8.8 HIGH |
| Stack buffer overflow in GPU Process in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | |||||
| CVE-2021-21152 | 3 Fedoraproject, Google, Linux | 3 Fedora, Chrome, Linux Kernel | 2021-12-10 | 6.8 MEDIUM | 8.8 HIGH |
| Heap buffer overflow in Media in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-21151 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2021-12-10 | 6.8 MEDIUM | 9.6 CRITICAL |
| Use after free in Payments in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | |||||
| CVE-2021-21150 | 3 Fedoraproject, Google, Microsoft | 3 Fedora, Chrome, Windows | 2021-12-10 | 6.8 MEDIUM | 9.6 CRITICAL |
| Use after free in Downloads in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | |||||
| CVE-2021-21149 | 3 Fedoraproject, Google, Linux | 3 Fedora, Chrome, Linux Kernel | 2021-12-10 | 6.8 MEDIUM | 8.8 HIGH |
| Stack buffer overflow in Data Transfer in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. | |||||
| CVE-2021-21013 | 1 Adobe | 1 Magento | 2021-12-10 | 5.5 MEDIUM | 8.1 HIGH |
| Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to an insecure direct object vulnerability (IDOR) in the customer API module. Successful exploitation could lead to sensitive information disclosure and update arbitrary information on another user's account. | |||||
| CVE-2021-21043 | 1 Adobe | 1 Adobe Consulting Services Commons | 2021-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| ACS Commons version 4.9.2 (and earlier) suffers from a Reflected Cross-site Scripting (XSS) vulnerability in version-compare and page-compare due to invalid JCR characters that are not handled correctly. An attacker could potentially exploit this vulnerability to inject malicious JavaScript content into vulnerable form fields and execute it within the context of the victim's browser. Exploitation of this issue requires user interaction in order to be successful. | |||||
| CVE-2020-15783 | 1 Siemens | 24 Simatic S7-300 Cpu 312, Simatic S7-300 Cpu 312 Firmware, Simatic S7-300 Cpu 314 and 21 more | 2021-12-10 | 7.8 HIGH | 7.5 HIGH |
| A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC TDC CPU555 (All versions), SINUMERIK 840D sl (All versions). Sending multiple specially crafted packets to the affected devices could cause a Denial-of-Service on port 102. A cold restart is required to recover the service. | |||||
| CVE-2021-21085 | 1 Adobe | 1 Connect | 2021-12-10 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Connect version 11.0.7 (and earlier) is affected by an Input Validation vulnerability in the export feature. An attacker could exploit this vulnerability by injecting a payload into an online event form and achieve code execution if the victim exports and opens the data on their local machine. | |||||