Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-32971 | 1 Aveva | 1 Suitelink | 2021-10-01 | 5.0 MEDIUM | 7.5 HIGH |
| Null pointer dereference in SuiteLink server while processing command 0x07 | |||||
| CVE-2021-32963 | 1 Aveva | 1 Suitelink | 2021-10-01 | 5.0 MEDIUM | 7.5 HIGH |
| Null pointer dereference in SuiteLink server while processing commands 0x03/0x10 | |||||
| CVE-2021-32979 | 1 Aveva | 1 Suitelink | 2021-10-01 | 5.0 MEDIUM | 7.5 HIGH |
| Null pointer dereference in SuiteLink server while processing commands 0x04/0x0a | |||||
| CVE-2021-32987 | 1 Aveva | 1 Suitelink | 2021-10-01 | 5.0 MEDIUM | 7.5 HIGH |
| Null pointer dereference in SuiteLink server while processing command 0x0b | |||||
| CVE-2021-32999 | 1 Aveva | 1 Suitelink | 2021-10-01 | 5.0 MEDIUM | 7.5 HIGH |
| Improper handling of exceptional conditions in SuiteLink server while processing command 0x01 | |||||
| CVE-2021-24741 | 1 Schiocco | 1 Support Board - Chat And Help Desk | 2021-10-01 | 7.5 HIGH | 9.8 CRITICAL |
| The Support Board WordPress plugin before 3.3.4 does not escape multiple POST parameters (such as status_code, department, user_id, conversation_id, conversation_status_code, and recipient_id) before using them in SQL statements, leading to SQL injections which are exploitable by unauthenticated users. | |||||
| CVE-2021-24663 | 1 Simple Schools Staff Directory Project | 1 Simple Schools Staff Directory | 2021-10-01 | 6.5 MEDIUM | 7.2 HIGH |
| The Simple Schools Staff Directory WordPress plugin through 1.1 does not validate uploaded logo pictures to ensure that are indeed images, allowing high privilege users such as admin to upload arbitrary file like PHP, leading to RCE | |||||
| CVE-2021-24657 | 1 Limit Login Attempts Project | 1 Limit Login Attempts | 2021-10-01 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Limit Login Attempts WordPress plugin before 4.0.50 does not escape the IP addresses (which can be controlled by attacker via headers such as X-Forwarded-For) of attempted logins before outputting them in the reports table, leading to an Unauthenticated Stored Cross-Site Scripting issue. | |||||
| CVE-2021-24636 | 1 Print My Blog Project | 1 Print My Blog | 2021-10-01 | 5.8 MEDIUM | 8.1 HIGH |
| The Print My Blog WordPress Plugin before 3.4.2 does not enforce nonce (CSRF) checks, which allows attackers to make logged in administrators deactivate the Print My Blog plugin and delete all saved data for that plugin by tricking them to open a malicious link | |||||
| CVE-2021-24640 | 1 Gutenslider | 1 Gutenslider | 2021-10-01 | 3.5 LOW | 5.4 MEDIUM |
| The WordPress Slider Block Gutenslider plugin before 5.2.0 does not escape the minWidth attribute of a Gutenburg block, which could allow users with a role as low as contributor to perform Cross-Site Scripting attacks | |||||
| CVE-2021-32959 | 1 Aveva | 1 Suitelink | 2021-10-01 | 7.5 HIGH | 9.8 CRITICAL |
| Heap-based buffer overflow in SuiteLink server while processing commands 0x05/0x06 | |||||
| CVE-2021-41088 | 1 Elv | 1 Elvish | 2021-10-01 | 9.3 HIGH | 8.8 HIGH |
| Elvish is a programming language and interactive shell, combined into one package. In versions prior to 0.14.0 Elvish's web UI backend (started by `elvish -web`) hosts an endpoint that allows executing the code sent from the web UI. The backend does not check the origin of requests correctly. As a result, if the user has the web UI backend open and visits a compromised or malicious website, the website can send arbitrary code to the endpoint in localhost. All Elvish releases from 0.14.0 onward no longer include the the web UI, although it is still possible for the user to build a version from source that includes the web UI. The issue can be patched for previous versions by removing the web UI (found in web, pkg/web or pkg/prog/web, depending on the exact version). | |||||
| CVE-2021-24637 | 1 Fontsplugin | 1 Fonts | 2021-10-01 | 3.5 LOW | 5.4 MEDIUM |
| The Google Fonts Typography WordPress plugin before 3.0.3 does not escape and sanitise some of its block settings, allowing users with as role as low as Contributor to perform Stored Cross-Site Scripting attacks via blockType (combined with content), align, color, variant and fontID argument of a Gutenberg block. | |||||
| CVE-2021-41083 | 1 Dadamailproject | 1 Dada Mail | 2021-10-01 | 6.8 MEDIUM | 8.8 HIGH |
| Dada Mail is a web-based e-mail list management system. In affected versions a bad actor could give someone a carefully crafted web page via email, SMS, etc, that - when visited, allows them control of the list control panel as if the bad actor was logged in themselves. This includes changing any mailing list password, as well as the Dada Mail Root Password - which could effectively shut out actual list owners of the mailing list and allow the bad actor complete and unfettered control of your mailing list. This vulnerability also affects profile logins. For this vulnerability to work, the target of the bad actor would need to be logged into the list control panel themselves. This CSRF vulnerability in Dada Mail affects all versions of Dada Mail v11.15.1 and below. Although we know of no known CSRF exploits that have happened in the wild, this vulnerability has been confirmed by our testing, and by a third party. Users are advised to update to version 11.16.0. | |||||
| CVE-2021-24609 | 1 Wp Mapa Politico Espana Project | 1 Wp Mapa Politico Espana | 2021-10-01 | 3.5 LOW | 4.8 MEDIUM |
| The WP Mapa Politico Espana WordPress plugin before 3.7.0 does not sanitise or escape some of its settings before outputting them in attributes, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed | |||||
| CVE-2016-6556 | 1 Opennms | 1 Opennms | 2021-10-01 | 4.3 MEDIUM | 6.1 MEDIUM |
| OpenNMS version 18.0.1 and prior are vulnerable to a stored XSS issue due to insufficient filtering of SNMP agent supplied data. By creating a malicious SNMP 'sysName' or 'sysContact' response, an attacker can store an XSS payload which will trigger when a user of the web UI views the data. This issue was fixed in version 18.0.2, released on September 20, 2016. | |||||
| CVE-2016-6555 | 1 Opennms | 1 Opennms | 2021-10-01 | 4.3 MEDIUM | 6.1 MEDIUM |
| OpenNMS version 18.0.1 and prior are vulnerable to a stored XSS issue due to insufficient filtering of SNMP trap supplied data. By creating a malicious SNMP trap, an attacker can store an XSS payload which will trigger when a user of the web UI views the events list page. This issue was fixed in version 18.0.2, released on September 20, 2016. | |||||
| CVE-2020-19551 | 1 Wuzhicms | 1 Wuzhicms | 2021-10-01 | 6.5 MEDIUM | 8.8 HIGH |
| Blacklist bypass issue exists in WUZHI CMS up to and including 4.1.0 in common.func.php, which when uploaded can cause remote code executiong. | |||||
| CVE-2021-24635 | 1 Bootstrapped | 1 Visual Link Preview | 2021-10-01 | 5.5 MEDIUM | 5.4 MEDIUM |
| The Visual Link Preview WordPress plugin before 2.2.3 does not enforce authorisation on several AJAX actions and has the CSRF nonce displayed for all authenticated users, allowing any authenticated user (such as subscriber) to call them and 1) Get and search through title and content of Draft post, 2) Get title of a password-protected post as well as 3) Upload an image from an URL | |||||
| CVE-2021-24596 | 1 Itservicejung | 1 Youforms-free-for-copecart | 2021-10-01 | 3.5 LOW | 4.8 MEDIUM |
| The youForms for WordPress plugin through 1.0.5 does not sanitise escape the Button Text field of its Templates, allowing high privilege users (editors and admins) to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed | |||||
| CVE-2021-24585 | 1 Motopress | 1 Timetable And Event Schedule | 2021-10-01 | 4.0 MEDIUM | 6.5 MEDIUM |
| The Timetable and Event Schedule WordPress plugin before 2.4.0 outputs the Hashed Password, Username and Email Address (along other less sensitive data) of the user related to the Even Head of the Timeslot in the response when requesting the event Timeslot data with a user with the edit_posts capability. Combined with the other Unauthorised Event Timeslot Modification issue (https://wpscan.com/reports/submissions/4699/) where an arbitrary user ID can be set, this could allow low privilege users with the edit_posts capability (such as author) to retrieve sensitive User data by iterating over the user_id | |||||
| CVE-2021-24606 | 1 Offshorewebmaster | 1 Availability Calendar | 2021-10-01 | 6.5 MEDIUM | 8.8 HIGH |
| The Availability Calendar WordPress plugin before 1.2.1 does not escape the category attribute from its shortcode before using it in a SQL statement, leading to a SQL Injection issue, which can be exploited by any user able to add shortcode to posts/pages, such as contributor+ | |||||
| CVE-2021-24600 | 1 Wp Dialog Project | 1 Wp Dialog | 2021-10-01 | 3.5 LOW | 4.8 MEDIUM |
| The WP Dialog WordPress plugin through 1.2.5.5 does not sanitise and escape some of its settings before outputting them in pages, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. | |||||
| CVE-2021-24583 | 1 Motopress | 1 Timetable And Event Schedule | 2021-10-01 | 4.3 MEDIUM | 4.3 MEDIUM |
| The Timetable and Event Schedule WordPress plugin before 2.4.2 does not have proper access control when deleting a timeslot, allowing any user with the edit_posts capability (contributor+) to delete arbitrary timeslot from any events. Furthermore, no CSRF check is in place as well, allowing such attack to be performed via CSRF against a logged in with such capability | |||||
| CVE-2021-24613 | 1 Dfactory | 1 Post Views Counter | 2021-10-01 | 3.5 LOW | 4.8 MEDIUM |
| The Post Views Counter WordPress plugin before 1.3.5 does not sanitise or escape its Post Views Label settings, which could allow high privilege users to perform Cross-Site Scripting attacks in the frontend even when the unfiltered_html capability is disallowed | |||||
| CVE-2019-11831 | 5 Debian, Drupal, Fedoraproject and 2 more | 5 Debian Linux, Drupal, Fedora and 2 more | 2021-10-01 | 7.5 HIGH | 9.8 CRITICAL |
| The PharStreamWrapper (aka phar-stream-wrapper) package 2.x before 2.1.1 and 3.x before 3.1.1 for TYPO3 does not prevent directory traversal, which allows attackers to bypass a deserialization protection mechanism, as demonstrated by a phar:///path/bad.phar/../good.phar URL. | |||||
| CVE-2021-36286 | 1 Dell | 1 Supportassist Client Consumer | 2021-10-01 | 3.6 LOW | 7.1 HIGH |
| Dell SupportAssist Client Consumer versions 3.9.13.0 and any versions prior to 3.9.13.0 contain an arbitrary file deletion vulnerability that can be exploited by using the Windows feature of NTFS called Symbolic links. Symbolic links can be created by any(non-privileged) user under some object directories, but by themselves are not sufficient to successfully escalate privileges. However, combining them with a different object, such as the NTFS junction point allows for the exploitation. Support assist clean files functionality do not distinguish junction points from the physical folder and proceeds to clean the target of the junction that allows nonprivileged users to create junction points and delete arbitrary files on the system which can be accessed only by the admin. | |||||
| CVE-2021-24604 | 1 Offshorewebmaster | 1 Availability Calendar | 2021-10-01 | 3.5 LOW | 4.8 MEDIUM |
| The Availability Calendar WordPress plugin before 1.2.2 does not sanitise or escape its Category Names before outputting them in page/post where the associated shortcode is embed, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed | |||||
| CVE-2018-10023 | 1 Catfish-cms | 1 Catfish Cms | 2021-10-01 | 3.5 LOW | 5.4 MEDIUM |
| Catfish CMS V4.7.21 allows XSS via the pinglun parameter to cat/index/index/pinglun (aka an authenticated comment). | |||||
| CVE-2006-4469 | 1 Joomla | 1 Joomla\! | 2021-10-01 | 7.5 HIGH | N/A |
| Unspecified vulnerability in PEAR.php in Joomla! before 1.0.11 allows remote attackers to perform "remote execution," related to "Injection Flaws." | |||||
| CVE-2006-4470 | 1 Joomla | 1 Joomla\! | 2021-10-01 | 7.5 HIGH | N/A |
| Joomla! before 1.0.11 omits some checks for whether _VALID_MOS is defined, which allows attackers to have an unknown impact, possibly resulting in PHP remote file inclusion. | |||||
| CVE-2006-4472 | 1 Joomla | 1 Joomla\! | 2021-10-01 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in Joomla! before 1.0.11 allow attackers to bypass user authentication via unknown vectors involving the (1) do_pdf command and the (2) emailform com_content task. | |||||
| CVE-2007-4188 | 1 Joomla | 1 Joomla\! | 2021-10-01 | 9.3 HIGH | N/A |
| Session fixation vulnerability in Joomla! before 1.0.13 (aka Sunglow) allows remote attackers to hijack administrative web sessions via unspecified vectors. | |||||
| CVE-2006-4468 | 1 Joomla | 1 Joomla\! | 2021-10-01 | 6.8 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in Joomla! before 1.0.11, related to unvalidated input, allow attackers to have an unknown impact via unspecified vectors involving the (1) mosMail, (2) JosIsValidEmail, and (3) josSpoofValue functions; (4) the lack of inclusion of globals.php in administrator/index.php; (5) the Admin User Manager; and (6) the poll module. | |||||
| CVE-2021-21570 | 1 Dell | 1 Emc Networker | 2021-10-01 | 4.0 MEDIUM | 4.9 MEDIUM |
| Dell NetWorker, versions 18.x and 19.x contain an Information disclosure vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and gain access to unauthorized information. | |||||
| CVE-2007-5577 | 1 Joomla | 1 Joomla\! | 2021-10-01 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.13 (aka Sunglow) allow remote attackers to inject arbitrary web script or HTML via the (1) Title or (2) Section Name form fields in the Section Manager component, or (3) multiple unspecified fields in New Menu Item. | |||||
| CVE-2007-4189 | 1 Joomla | 1 Joomla\! | 2021-10-01 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.13 (aka Sunglow) allow remote attackers to inject arbitrary web script or HTML via unspecified vectors in the (1) com_search, (2) com_content, and (3) mod_login components. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2007-4190 | 1 Joomla | 1 Joomla\! | 2021-10-01 | 4.3 MEDIUM | N/A |
| CRLF injection vulnerability in Joomla! before 1.0.13 (aka Sunglow) allows remote attackers to inject arbitrary HTTP headers and probably conduct HTTP response splitting attacks via CRLF sequences in the url parameter. NOTE: this can be leveraged for cross-site scripting (XSS) attacks. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2021-21569 | 1 Dell | 1 Emc Networker | 2021-10-01 | 4.0 MEDIUM | 4.9 MEDIUM |
| Dell NetWorker, versions 18.x and 19.x contain a Path traversal vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and gain access to unauthorized information. | |||||
| CVE-2021-36365 | 1 Nagios | 1 Nagios Xi | 2021-10-01 | 7.5 HIGH | 9.8 CRITICAL |
| Nagios XI before 5.8.5 has Incorrect Permission Assignment for repairmysql.sh. | |||||
| CVE-2021-24597 | 1 You-shang Project | 1 You-shang | 2021-10-01 | 3.5 LOW | 5.4 MEDIUM |
| The You Shang WordPress plugin through 1.0.1 does not escape its qrcode links settings, which result into Stored Cross-Site Scripting issues in frontend posts and the plugins settings page depending on the payload used | |||||
| CVE-2021-36363 | 1 Nagios | 1 Nagios Xi | 2021-10-01 | 7.5 HIGH | 9.8 CRITICAL |
| Nagios XI before 5.8.5 has Incorrect Permission Assignment for migrate.php. | |||||
| CVE-2021-3830 | 1 Btcpayserver | 1 Btcpay Server | 2021-10-01 | 3.5 LOW | 5.4 MEDIUM |
| btcpayserver is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
| CVE-2021-38303 | 1 Surelinesystems | 1 Sureedge Migrator | 2021-10-01 | 7.5 HIGH | 9.8 CRITICAL |
| A SQL injection vulnerability exists in Sureline SUREedge Migrator 7.0.7.29360. | |||||
| CVE-2021-37271 | 1 Baidu | 1 Ueditor | 2021-10-01 | 3.5 LOW | 5.4 MEDIUM |
| Cross Site Scripting (XSS) vulnerability exists in UEditor v1.4.3.3, which can be exploited by an attacker to obtain user cookie information. | |||||
| CVE-2021-37267 | 1 Kindsoft | 1 Kindeditor | 2021-10-01 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability exists in all versions of KindEditor, which can be exploited by an attacker to obtain user cookie information. | |||||
| CVE-2021-30086 | 1 Kindsoft | 1 Kindeditor | 2021-10-01 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability exists in KindEditor (Chinese versions) 4.1.12, which can be exploited by an attacker to obtain user cookie information. | |||||
| CVE-2020-26301 | 2 Microsoft, Ssh2 Project | 2 Windows, Ssh2 | 2021-10-01 | 7.5 HIGH | 10.0 CRITICAL |
| ssh2 is client and server modules written in pure JavaScript for node.js. In ssh2 before version 1.4.0 there is a command injection vulnerability. The issue only exists on Windows. This issue may lead to remote code execution if a client of the library calls the vulnerable method with untrusted input. This is fixed in version 1.4.0. | |||||
| CVE-2021-41540 | 1 Siemens | 1 Solid Edge | 2021-10-01 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in Solid Edge SE2021 (All versions < SE2021MP8). The affected application contains a use-after-free vulnerability while parsing OBJ files. An attacker could leverage this vulnerability to execute code in the context of the current process (ZDI-CAN-13776). | |||||
| CVE-2021-41539 | 1 Siemens | 1 Solid Edge | 2021-10-01 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in Solid Edge SE2021 (All versions < SE2021MP8). The affected application contains a use-after-free vulnerability while parsing OBJ files. An attacker could leverage this vulnerability to execute code in the context of the current process (ZDI-CAN-13773). | |||||