Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-38103 | 1 Corel | 1 Presentations 2020 | 2021-10-08 | 9.3 HIGH | 7.8 HIGH |
| IBJPG2.FLT in Corel Presentations 2020 20.0.0.200 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious PPT file. | |||||
| CVE-2021-38099 | 1 Corel | 1 Photopaint 2020 | 2021-10-08 | 9.3 HIGH | 7.8 HIGH |
| CDRRip.dll in Corel PhotoPaint Standard 2020 22.0.0.474 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious CPT file. This is different from CVE-2021-38101. | |||||
| CVE-2021-38096 | 1 Corel | 1 Pdf Fusion | 2021-10-08 | 9.3 HIGH | 7.8 HIGH |
| Coreip.dll in Corel PDF Fusion 2.6.2.0 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious PDF file. | |||||
| CVE-2021-24676 | 1 Codesolz | 1 Better Find And Replace | 2021-10-08 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Better Find and Replace WordPress plugin before 1.2.9 does not escape the 's' GET parameter before outputting back in the All Masking Rules page, leading to a Reflected Cross-Site Scripting issue | |||||
| CVE-2021-24673 | 1 Dwbooster | 1 Appointment Hour Booking | 2021-10-08 | 3.5 LOW | 4.8 MEDIUM |
| The Appointment Hour Booking WordPress plugin before 1.3.16 does not escape some of the Calendar Form settings, allowing high privilege users to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. | |||||
| CVE-2021-38822 | 1 Icehrm | 1 Icehrm | 2021-10-08 | 3.5 LOW | 5.4 MEDIUM |
| A Stored Cross Site Scripting vulnerability via Malicious File Upload exists in multiple pages of IceHrm 30.0.0.OS that allows for arbitrary execution of JavaScript commands. | |||||
| CVE-2021-23856 | 1 Bosch | 4 Rexroth Indramotion Mlc L20, Rexroth Indramotion Mlc L20 Firmware, Rexroth Indramotion Mlc L40 and 1 more | 2021-10-08 | 4.3 MEDIUM | 6.1 MEDIUM |
| The web server is vulnerable to reflected XSS and therefore an attacker might be able to execute scripts on a client’s computer by sending the client a manipulated URL. | |||||
| CVE-2021-36850 | 1 Meowapps | 1 Media File Renamer - Auto \& Manual Rename | 2021-10-08 | 4.3 MEDIUM | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in WordPress Media File Renamer – Auto & Manual Rename plugin (versions <= 5.1.9). Affected parameters "post_title", "filename", "lock". This allows changing the uploaded media title, media file name, and media locking state. | |||||
| CVE-2021-35296 | 1 Ptcl | 2 Hg150-ub, Hg150-ub Firmware | 2021-10-08 | 7.5 HIGH | 9.8 CRITICAL |
| An issue in the administrator authentication panel of PTCL HG150-Ub v3.0 allows attackers to bypass authentication via modification of the cookie value and Response Path. | |||||
| CVE-2021-41861 | 1 Telegram | 1 Telegram | 2021-10-08 | 2.1 LOW | 3.3 LOW |
| The Telegram application 7.5.0 through 7.8.0 for Android does not properly implement image self-destruction, a different vulnerability than CVE-2019-16248. After approximately two to four uses of the self-destruct feature, there is a misleading UI indication that an image was deleted (on both the sender and recipient sides). The images are still present in the /Storage/Emulated/0/Telegram/Telegram Image/ directory. | |||||
| CVE-2021-35526 | 1 Hitachiabb-powergrids | 2 Sdm600, Sdm600 Firmware | 2021-10-08 | 7.2 HIGH | 7.8 HIGH |
| Backup file without encryption vulnerability is found in Hitachi ABB Power Grids System Data Manager – SDM600 allows attacker to gain access to sensitive information. This issue affects: Hitachi ABB Power Grids System Data Manager – SDM600 1.2 versions prior to FP2 HF6 (Build Nr. 1.2.14002.257). | |||||
| CVE-2021-22259 | 1 Gitlab | 1 Gitlab | 2021-10-08 | 4.0 MEDIUM | 6.5 MEDIUM |
| A potential DOS vulnerability was discovered in GitLab EE starting with version 12.6 due to lack of pagination in dependencies API. | |||||
| CVE-2020-28119 | 1 53kf | 1 53kf | 2021-10-08 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross site scripting vulnerability in 53KF < 2.0.0.2 that allows for arbitrary code to be executed via crafted HTML statement inserted into chat window. | |||||
| CVE-2021-25964 | 1 Calibre-web Project | 1 Calibre-web | 2021-10-08 | 3.5 LOW | 5.4 MEDIUM |
| In “Calibre-web” application, v0.6.0 to v0.6.12, are vulnerable to Stored XSS in “Metadata”. An attacker that has access to edit the metadata information, can inject JavaScript payload in the description field. When a victim tries to open the file, XSS will be triggered. | |||||
| CVE-2021-3710 | 1 Canonical | 2 Apport, Ubuntu Linux | 2021-10-08 | 4.7 MEDIUM | 5.5 MEDIUM |
| An information disclosure via path traversal was discovered in apport/hookutils.py function read_file(). This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions prior to 2.20.9-0ubuntu7.26; 2.20.11 versions prior to 2.20.11-0ubuntu27.20; 2.20.11 versions prior to 2.20.11-0ubuntu65.3; | |||||
| CVE-2021-3709 | 1 Canonical | 2 Apport, Ubuntu Linux | 2021-10-08 | 2.1 LOW | 5.5 MEDIUM |
| Function check_attachment_for_errors() in file data/general-hooks/ubuntu.py could be tricked into exposing private data via a constructed crash file. This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions prior to 2.20.9-0ubuntu7.26; 2.20.11 versions prior to 2.20.11-0ubuntu27.20; 2.20.11 versions prior to 2.20.11-0ubuntu65.3; | |||||
| CVE-2021-41110 | 1 Commonwl | 1 Cwlviewer | 2021-10-08 | 7.5 HIGH | 9.8 CRITICAL |
| cwlviewer is a web application to view and share Common Workflow Language workflows. Versions prior to 1.3.1 contain a Deserialization of Untrusted Data vulnerability. Commit number f6066f09edb70033a2ce80200e9fa9e70a5c29de (dated 2021-09-30) contains a patch. There are no available workarounds aside from installing the patch. The SnakeYaml constructor, by default, allows any data to be parsed. To fix the issue the object needs to be created with a `SafeConstructor` object, as seen in the patch. | |||||
| CVE-2021-38097 | 1 Corel | 1 Pdf Fusion | 2021-10-08 | 9.3 HIGH | 7.8 HIGH |
| Corel PDF Fusion 2.6.2.0 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious PDF file. | |||||
| CVE-2021-24687 | 1 Webnus | 1 Modern Events Calendar Lite | 2021-10-08 | 3.5 LOW | 4.8 MEDIUM |
| The Modern Events Calendar Lite WordPress plugin before 5.22.2 does not escape some of its settings before outputting them in attributes, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. | |||||
| CVE-2020-21013 | 1 Emlog | 1 Emlog | 2021-10-08 | 6.5 MEDIUM | 7.2 HIGH |
| emlog v6.0.0 contains a SQL injection via /admin/comment.php. | |||||
| CVE-2021-41647 | 1 Online Food Ordering Web App Project | 1 Online Food Ordering Web App | 2021-10-08 | 6.4 MEDIUM | 9.1 CRITICAL |
| An un-authenticated error-based and time-based blind SQL injection vulnerability exists in Kaushik Jadhav Online Food Ordering Web App 1.0. An attacker can exploit the vulnerable "username" parameter in login.php and retrieve sensitive database information, as well as add an administrative user. | |||||
| CVE-2021-21089 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-10-08 | 4.3 MEDIUM | 3.3 LOW |
| Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to locally escalate privileges in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-36309 | 1 Dell | 1 Enterprise Sonic Os | 2021-10-08 | 4.0 MEDIUM | 6.5 MEDIUM |
| Dell Enterprise SONiC OS, versions 3.3.0 and earlier, contains a sensitive information disclosure vulnerability. An authenticated malicious user with access to the system may use the TACACS\Radius credentials stored to read sensitive information and use it in further attacks. | |||||
| CVE-2020-20691 | 1 Monstra | 1 Monstra Cms | 2021-10-08 | 5.8 MEDIUM | 6.5 MEDIUM |
| An issue in Monstra CMS v3.0.4 allows attackers to execute arbitrary web scripts or HTML via bypassing the file extension filter and uploading crafted HTML files. | |||||
| CVE-2021-39835 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2021-10-08 | 4.3 MEDIUM | 4.3 MEDIUM |
| Adobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release Update 2 (and earlier) are affected by a use-after-free vulnerability in the processing of a malformed PDF file that could result in disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious PDF file. | |||||
| CVE-2021-39834 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2021-10-08 | 4.3 MEDIUM | 3.3 LOW |
| Adobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release Update 2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious TIF file. | |||||
| CVE-2021-39833 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2021-10-08 | 4.3 MEDIUM | 3.3 LOW |
| Adobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release Update 2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious TIF file. | |||||
| CVE-2021-41096 | 1 Rucky Project | 1 Rucky | 2021-10-08 | 5.0 MEDIUM | 7.5 HIGH |
| Rucky is a USB HID Rubber Ducky Launch Pad for Android. Versions 2.2 and earlier for release builds and versions 425 and earlier for nightly builds suffer from use of a weak cryptographic algorithm (RSA/ECB/PKCS1Padding). The issue will be patched in v2.3 for release builds and 426 onwards for nightly builds. As a workaround, one may disable an advance security feature if not required. | |||||
| CVE-2021-22272 | 2 Abb, Busch-jaeger | 2 Mybuildings, Mybusch-jaeger | 2021-10-08 | 9.0 HIGH | 9.4 CRITICAL |
| The vulnerability origins in the commissioning process where an attacker of the ControlTouch can enter a serial number in a specific way to transfer the device virtually into her/his my.busch-jaeger.de or mybuildings.abb.com profile. A successful attacker can observe and control a ControlTouch remotely under very specific circumstances. The issue is fixed in the cloud side of the system. No firmware update is needed for customer products. If a user wants to understand if (s)he is affected, please read the advisory. This issue affects: ABB and Busch-Jaeger, ControlTouch | |||||
| CVE-2021-39831 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2021-10-08 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release Update 2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious PDF file. | |||||
| CVE-2021-39829 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2021-10-08 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release Update 2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious PDF file. | |||||
| CVE-2021-33601 | 1 F-secure | 1 Internet Gatekeeper | 2021-10-08 | 6.5 MEDIUM | 8.8 HIGH |
| A vulnerability was discovered in the web user interface of F-Secure Internet Gatekeeper. An authenticated user can modify settings through the web user interface in a way that could lead to an arbitrary code execution on the F-Secure Internet Gatekeeper server. | |||||
| CVE-2021-33600 | 1 F-secure | 1 Internet Gatekeeper | 2021-10-08 | 5.0 MEDIUM | 7.5 HIGH |
| A denial-of-service (DoS) vulnerability was discovered in the web user interface of F-Secure Internet Gatekeeper. The vulnerability occurs because of an attacker can trigger assertion via malformed HTTP packet to web interface. An unauthenticated attacker could exploit this vulnerability by sending a large username parameter. A successful exploitation could lead to a denial-of-service of the product. | |||||
| CVE-2021-3825 | 1 Pardus | 1 Liderahenk | 2021-10-08 | 5.0 MEDIUM | 7.5 HIGH |
| On 2.1.15 version and below of Lider module in LiderAhenk software is leaking it's configurations via an unsecured API. An attacker with an access to the configurations API could get valid LDAP credentials. | |||||
| CVE-2021-0636 | 1 Google | 1 Android | 2021-10-08 | 6.8 MEDIUM | 7.8 HIGH |
| When extracting the incorrectly formatted avi file, the memory is damaged, the playback interface shows that the video cannot be played, and the log is found to be crashed. This problem may lead to hacker malicious code attacks, resulting in the loss of user rights.Product: Androidversion: Android-10Android ID: A-189392423 | |||||
| CVE-2021-0598 | 1 Google | 1 Android | 2021-10-08 | 4.4 MEDIUM | 7.3 HIGH |
| In onCreate of ConfirmConnectActivity.java, there is a possible pairing of untrusted Bluetooth devices due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-180422108 | |||||
| CVE-2021-0635 | 1 Google | 1 Android | 2021-10-08 | 6.8 MEDIUM | 7.8 HIGH |
| When extracting the incorrectly formatted flv file, the memory is damaged, the playback interface shows that the video cannot be played, and the log is found to be crashed. This problem may lead to hacker malicious code attacks, resulting in the loss of user rights.Product: Androidversion:Android-10Android ID: A-189402477 | |||||
| CVE-2021-0695 | 1 Google | 1 Android | 2021-10-08 | 2.1 LOW | 5.5 MEDIUM |
| In get_sock_stat of xt_qtaguid.c, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-184018316References: Upstream kernel | |||||
| CVE-2021-0693 | 1 Google | 1 Android | 2021-10-08 | 2.1 LOW | 5.5 MEDIUM |
| In openFile of HeapDumpProvider.java, there is a possible way to retrieve generated heap dumps from debuggable apps due to an unprotected provider. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-184046948 | |||||
| CVE-2021-0691 | 1 Google | 1 Android | 2021-10-08 | 4.6 MEDIUM | 6.7 MEDIUM |
| In the SELinux policy configured in system_app.te, there is a possible way for system_app to gain code execution in other processes due to an overly-permissive SELinux policy. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-188554048 | |||||
| CVE-2021-0690 | 1 Google | 1 Android | 2021-10-08 | 4.3 MEDIUM | 6.5 MEDIUM |
| In ih264d_mark_err_slice_skip of ih264d_parse_pslice.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-182152757 | |||||
| CVE-2021-0689 | 1 Google | 1 Android | 2021-10-08 | 2.1 LOW | 5.5 MEDIUM |
| In RGB_to_BGR1_portable of SkSwizzler_opts.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-190188264 | |||||
| CVE-2021-0688 | 1 Google | 1 Android | 2021-10-08 | 4.4 MEDIUM | 7.0 HIGH |
| In lockNow of PhoneWindowManager.java, there is a possible lock screen bypass due to a race condition. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-161149543 | |||||
| CVE-2021-0685 | 1 Google | 1 Android | 2021-10-08 | 4.6 MEDIUM | 7.8 HIGH |
| In ParsedIntentInfo of ParsedIntentInfo.java, there is a possible parcel serialization/deserialization mismatch due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-191055353 | |||||
| CVE-2021-0684 | 1 Google | 1 Android | 2021-10-08 | 4.6 MEDIUM | 7.8 HIGH |
| In TouchInputMapper::sync of TouchInputMapper.cpp, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-179839665 | |||||
| CVE-2021-0683 | 1 Google | 1 Android | 2021-10-08 | 4.6 MEDIUM | 7.8 HIGH |
| In runTraceIpcStop of ActivityManagerShellCommand.java, there is a possible deletion of system files due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-185398942 | |||||
| CVE-2021-34712 | 1 Cisco | 1 Sd-wan Vmanage | 2021-10-08 | 4.0 MEDIUM | 6.5 MEDIUM |
| A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct cypher query language injection attacks on an affected system. This vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to the interface of an affected system. A successful exploit could allow the attacker to obtain sensitive information. | |||||
| CVE-2021-41109 | 1 Parseplatform | 1 Parse-server | 2021-10-08 | 4.3 MEDIUM | 7.5 HIGH |
| Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to version 4.10.4, for regular (non-LiveQuery) queries, the session token is removed from the response, but for LiveQuery payloads it is currently not. If a user has a LiveQuery subscription on the `Parse.User` class, all session tokens created during user sign-ups will be broadcast as part of the LiveQuery payload. A patch in version 4.10.4 removes session tokens from the LiveQuery payload. As a workaround, set `user.acl(new Parse.ACL())` in a beforeSave trigger to make the user private already on sign-up. | |||||
| CVE-2021-24016 | 1 Fortinet | 1 Fortimanager | 2021-10-08 | 9.3 HIGH | 6.3 MEDIUM |
| An improper neutralization of formula elements in a csv file in Fortinet FortiManager version 6.4.3 and below, 6.2.7 and below allows attacker to execute arbitrary commands via crafted IPv4 field in policy name, when exported as excel file and opened unsafely on the victim host. | |||||
| CVE-2021-41729 | 1 Baicloud-cms Project | 1 Baicloud-cms | 2021-10-08 | 6.4 MEDIUM | 9.1 CRITICAL |
| BaiCloud-cms v2.5.7 is affected by an arbitrary file deletion vulnerability, which allows an attacker to delete arbitrary files on the server through /user/ppsave.php. | |||||