Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-40492 | 1 Gibbonedu | 1 Gibbon | 2021-09-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| A reflected XSS vulnerability exists in multiple pages in version 22 of the Gibbon application that allows for arbitrary execution of JavaScript (gibbonCourseClassID, gibbonPersonID, subpage, currentDate, or allStudents to index.php). | |||||
| CVE-2021-39322 | 1 Cybernetikz | 1 Easy Social Icons | 2021-09-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Easy Social Icons plugin <= 3.0.8 for WordPress echoes out the raw value of `$_SERVER['PHP_SELF']` in its main file. On certain configurations including Apache+modPHP this makes it possible to use it to perform a reflected Cross-Site Scripting attack by injecting malicious code in the request path. | |||||
| CVE-2021-40387 | 1 Kaseya | 1 Unitrends Backup Software | 2021-09-07 | 9.0 HIGH | 8.8 HIGH |
| An issue was discovered in the server software in Kaseya Unitrends Backup Software before 10.5.5-2. There is authenticated remote code execution. | |||||
| CVE-2021-33929 | 1 Opensuse | 1 Libsolv | 2021-09-07 | 5.0 MEDIUM | 7.5 HIGH |
| Buffer overflow vulnerability in function pool_disabled_solvable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. | |||||
| CVE-2021-33928 | 1 Opensuse | 1 Libsolv | 2021-09-07 | 5.0 MEDIUM | 7.5 HIGH |
| Buffer overflow vulnerability in function pool_installable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. | |||||
| CVE-2021-33938 | 1 Opensuse | 1 Libsolv | 2021-09-07 | 5.0 MEDIUM | 7.5 HIGH |
| Buffer overflow vulnerability in function prune_to_recommended in src/policy.c in libsolv before 0.7.17 allows attackers to cause a Denial of Service. | |||||
| CVE-2021-33930 | 1 Opensuse | 1 Libsolv | 2021-09-07 | 5.0 MEDIUM | 7.5 HIGH |
| Buffer overflow vulnerability in function pool_installable_whatprovides in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. | |||||
| CVE-2020-20343 | 1 Wtcms Project | 1 Wtcms | 2021-09-07 | 4.3 MEDIUM | 6.5 MEDIUM |
| WTCMS 1.0 contains a cross-site request forgery (CSRF) vulnerability in the index.php?g=admin&m=nav&a=add_post component that allows attackers to arbitrarily add articles in the administrator background. | |||||
| CVE-2020-20345 | 1 Wtcms Project | 1 Wtcms | 2021-09-07 | 3.5 LOW | 5.4 MEDIUM |
| WTCMS 1.0 contains a reflective cross-site scripting (XSS) vulnerability in the page management background which allows attackers to obtain cookies via a crafted payload entered into the search box. | |||||
| CVE-2020-20344 | 1 Wtcms Project | 1 Wtcms | 2021-09-07 | 3.5 LOW | 5.4 MEDIUM |
| WTCMS 1.0 contains a reflective cross-site scripting (XSS) vulnerability in the keyword search function under the background articles module. | |||||
| CVE-2020-20347 | 1 Wtcms Project | 1 Wtcms | 2021-09-07 | 3.5 LOW | 5.4 MEDIUM |
| WTCMS 1.0 contains a stored cross-site scripting (XSS) vulnerability in the source field under the article management module. | |||||
| CVE-2020-20348 | 1 Wtcms Project | 1 Wtcms | 2021-09-07 | 3.5 LOW | 5.4 MEDIUM |
| WTCMS 1.0 contains a stored cross-site scripting (XSS) vulnerability in the link field under the background menu management module. | |||||
| CVE-2020-20349 | 1 Wtcms Project | 1 Wtcms | 2021-09-07 | 3.5 LOW | 5.4 MEDIUM |
| WTCMS 1.0 contains a stored cross-site scripting (XSS) vulnerability in the link address field under the background links module. | |||||
| CVE-2020-19049 | 1 Mybb | 1 Mybb | 2021-09-07 | 3.5 LOW | 5.4 MEDIUM |
| Cross Site Scripting (XSS) in MyBB v1.8.20 allows remote attackers to inject arbitrary web script or HTML via the "Description" field found in the "Add New Forum" page by doing an authenticated POST HTTP request to '/Upload/admin/index.php?module=forum-management&action=add'. | |||||
| CVE-2021-36692 | 1 Libjxl Project | 1 Libjxl | 2021-09-07 | 4.3 MEDIUM | 6.5 MEDIUM |
| libjxl v0.3.7 is affected by a Divide By Zero in issue in lib/extras/codec_apng.cc jxl::DecodeImageAPNG(). When encoding a malicous APNG file using cjxl, an attacker can trigger a denial of service. | |||||
| CVE-2020-19046 | 1 S-cms | 1 S-cms | 2021-09-07 | 3.5 LOW | 5.4 MEDIUM |
| Cross Site Scripting (XSS) in S-CMS v1.0 allows remote attackers to execute arbitrary code via the component '/admin/tpl.php?page='. | |||||
| CVE-2021-32831 | 1 Totaljs | 1 Total.js | 2021-09-07 | 6.5 MEDIUM | 7.2 HIGH |
| Total.js framework (npm package total.js) is a framework for Node.js platfrom written in pure JavaScript similar to PHP's Laravel or Python's Django or ASP.NET MVC. In total.js framework before version 3.4.9, calling the utils.set function with user-controlled values leads to code-injection. This can cause a variety of impacts that include arbitrary code execution. This is fixed in version 3.4.9. | |||||
| CVE-2021-36981 | 1 Sernet | 1 Verinice | 2021-09-07 | 9.0 HIGH | 8.8 HIGH |
| In the server in SerNet verinice before 1.22.2, insecure Java deserialization allows remote authenticated attackers to execute arbitrary code. | |||||
| CVE-2021-29907 | 3 Ibm, Linux, Microsoft | 4 Openpages With Watson, Openpages Wtih Watson, Linux Kernel and 1 more | 2021-09-07 | 6.5 MEDIUM | 8.8 HIGH |
| IBM OpenPages with Watson 8.1 and 8.2 could allow an authenticated user to upload a file that could execute arbitrary code on the system. IBM X-Force ID: 207633. | |||||
| CVE-2020-22848 | 1 Chshcms | 1 Cscms | 2021-09-07 | 7.5 HIGH | 9.8 CRITICAL |
| A remote code execution (RCE) vulnerability in the \Playsong.php component of cscms v4.1 allows attackers to execute arbitrary commands. | |||||
| CVE-2021-37715 | 1 Arubanetworks | 1 Airwave | 2021-09-07 | 3.5 LOW | 4.8 MEDIUM |
| A remote cross-site scripting (XSS) vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.13.0. Aruba has released upgrades for the Aruba AirWave Management Platform that address this security vulnerability. | |||||
| CVE-2021-39171 | 1 Passport-saml Project | 1 Passport-saml | 2021-09-07 | 5.0 MEDIUM | 7.5 HIGH |
| Passport-SAML is a SAML 2.0 authentication provider for Passport, the Node.js authentication library. Prior to version 3.1.0, a malicious SAML payload can require transforms that consume significant system resources to process, thereby resulting in reduced or denied service. This would be an effective way to perform a denial-of-service attack. This has been resolved in version 3.1.0. The resolution is to limit the number of allowable transforms to 2. | |||||
| CVE-2021-27018 | 1 Puppet | 1 Remediate | 2021-09-07 | 4.3 MEDIUM | 7.5 HIGH |
| The mechanism which performs certificate validation was discovered to have a flaw that resulted in certificates signed by an internal certificate authority to not be properly validated. This issue only affects clients that are configured to utilize Tenable.sc as the vulnerability data source. | |||||
| CVE-2021-28233 | 1 Ok-file-formats Project | 1 Ok-file-formats | 2021-09-07 | 6.8 MEDIUM | 8.8 HIGH |
| Heap-based Buffer Overflow vulnerability exists in ok-file-formats 1 via the ok_jpg_generate_huffman_table function in ok_jpg.c. | |||||
| CVE-2021-36531 | 1 Miniupnp Project | 1 Ngiflib | 2021-09-07 | 6.8 MEDIUM | 8.8 HIGH |
| ngiflib 0.4 has a heap overflow in GetByte() at ngiflib.c:70 in NGIFLIB_NO_FILE mode, GetByte() reads memory buffer without checking the boundary. | |||||
| CVE-2020-21684 | 1 Fig2dev Project | 1 Fig2dev | 2021-09-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| A global buffer overflow in the put_font in genpict2e.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pict2e format. | |||||
| CVE-2021-36530 | 1 Miniupnp Project | 1 Ngiflib | 2021-09-07 | 6.8 MEDIUM | 8.8 HIGH |
| ngiflib 0.4 has a heap overflow in GetByteStr() at ngiflib.c:108 in NGIFLIB_NO_FILE mode, GetByteStr() copy memory buffer without checking the boundary. | |||||
| CVE-2021-40147 | 1 Emtec | 1 Zoc | 2021-09-07 | 7.5 HIGH | 9.8 CRITICAL |
| EmTec ZOC before 8.02.2 allows \e[201~ pastes, a different vulnerability than CVE-2021-32198. | |||||
| CVE-2020-14161 | 1 Thecodingmachine | 1 Gotenberg | 2021-09-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| It is possible to inject HTML and/or JavaScript in the HTML to PDF conversion in Gotenberg through 6.2.1 via the /convert/html endpoint. | |||||
| CVE-2021-38553 | 1 Hashicorp | 1 Vault | 2021-09-07 | 2.1 LOW | 4.4 MEDIUM |
| HashiCorp Vault and Vault Enterprise 1.4.0 through 1.7.3 initialized an underlying database file associated with the Integrated Storage feature with excessively broad filesystem permissions. Fixed in Vault and Vault Enterprise 1.8.0. | |||||
| CVE-2020-25816 | 1 Hashicorp | 1 Vault | 2021-09-07 | 4.9 MEDIUM | 6.8 MEDIUM |
| HashiCorp Vault and Vault Enterprise versions 1.0 and newer allowed leases created with a batch token to outlive their TTL because expiration time was not scheduled correctly. Fixed in 1.4.7 and 1.5.4. | |||||
| CVE-2021-29862 | 1 Ibm | 2 Aix, Vios | 2021-09-07 | 4.9 MEDIUM | 5.5 MEDIUM |
| IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 206086. | |||||
| CVE-2021-29801 | 1 Ibm | 2 Aix, Vios | 2021-09-07 | 7.2 HIGH | 7.8 HIGH |
| IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the kernel to gain root privileges. IBM X-Force ID: 203977. | |||||
| CVE-2020-18971 | 1 Podofo Project | 1 Podofo | 2021-09-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| Stack-based Buffer Overflow in PoDoFo v0.9.6 allows attackers to cause a denial of service via the component 'src/base/PdfDictionary.cpp:65'. | |||||
| CVE-2020-18972 | 1 Podofo Project | 1 Podofo | 2021-09-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| Exposure of Sensitive Information to an Unauthorized Actor in PoDoFo v0.9.6 allows attackers to obtain sensitive information via 'IsNextToken' in the component 'src/base/PdfToenizer.cpp'. | |||||
| CVE-2021-27663 | 1 Johnsoncontrols | 2 Ac2000, Ac2000 Firmware | 2021-09-07 | 9.3 HIGH | 9.8 CRITICAL |
| A vulnerability in versions 10.1 through 10.5 of Johnson Controls CEM Systems AC2000 allows a remote attacker to access to the system without adequate authorization. This issue affects: Johnson Controls CEM Systems AC2000 10.1; 10.2; 10.3; 10.4; 10.5. | |||||
| CVE-2020-18065 | 1 Popojicms | 1 Popojicms | 2021-09-07 | 3.5 LOW | 5.4 MEDIUM |
| Cross Site Scripting (XSS) vulnerability exists in PopojiCMS 2.0.1 in admin.php?mod=menumanager--------- edit menu. | |||||
| CVE-2021-34066 | 1 Edgegallery | 1 Developer-be | 2021-09-07 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered in EdgeGallery/developer before v1.0. There is a "Deserialization of yaml file" vulnerability that can allow attackers to execute system command through uploading the malicious constructed YAML file. | |||||
| CVE-2021-27020 | 1 Puppet | 1 Puppet Enterprise | 2021-09-07 | 6.8 MEDIUM | 8.8 HIGH |
| Puppet Enterprise presented a security risk by not sanitizing user input when doing a CSV export. | |||||
| CVE-2021-27845 | 1 Jasper Project | 1 Jasper | 2021-09-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Divide-by-zero vulnerability exists in JasPer Image Coding Toolkit 2.0 in jasper/src/libjasper/jpc/jpc_enc.c | |||||
| CVE-2021-27019 | 1 Puppet | 2 Puppet Enterprise, Puppetdb | 2021-09-07 | 4.0 MEDIUM | 4.3 MEDIUM |
| PuppetDB logging included potentially sensitive system information. | |||||
| CVE-2021-40088 | 1 Primekey | 1 Ejbca | 2021-09-07 | 4.9 MEDIUM | 5.4 MEDIUM |
| An issue was discovered in PrimeKey EJBCA before 7.6.0. CMP RA Mode can be configured to use a known client certificate to authenticate enrolling clients. The same RA client certificate is used for revocation requests as well. While enrollment enforces multi tenancy constraints (by verifying that the client certificate has access to the CA and Profiles being enrolled against), this check was not performed when authenticating revocation operations, allowing a known tenant to revoke a certificate belonging to another tenant. | |||||
| CVE-2018-14576 | 1 Suncontract | 1 Suncontract | 2021-09-07 | 5.0 MEDIUM | 7.5 HIGH |
| The mintTokens function of a smart contract implementation for SunContract, an Ethereum token, has an integer overflow via the _amount variable. | |||||
| CVE-2021-40087 | 1 Primekey | 1 Ejbca | 2021-09-07 | 4.0 MEDIUM | 2.7 LOW |
| An issue was discovered in PrimeKey EJBCA before 7.6.0. When audit logging changes to the alias configurations of various protocols that use an enrollment secret, any modifications to the secret were logged in cleartext in the audit log (that can only be viewed by an administrator). This affects use of any of the following protocols: SCEP, CMP, or EST. | |||||
| CVE-2021-21741 | 1 Zte | 2 Zxv10 M910, Zxv10 M910 Firmware | 2021-09-07 | 7.5 HIGH | 9.8 CRITICAL |
| A conference management system of ZTE is impacted by a command execution vulnerability. Since the soapmonitor's java object service is enabled by default, the attacker could exploit this vulnerability to execute arbitrary commands by sending a deserialized payload to port 5001. | |||||
| CVE-2021-38390 | 1 Deltaww | 1 Diaenergie | 2021-09-07 | 10.0 HIGH | 9.8 CRITICAL |
| A Blind SQL injection vulnerability exists in the /DataHandler/HandlerEnergyType.ashx endpoint of Delta Electronics DIAEnergie Version 1.7.5 and prior. The application does not properly validate the user-controlled value supplied through the parameter egyid before using it as part of an SQL query. A remote, unauthenticated attacker can exploit this issue to execute arbitrary code in the context of NT SERVICE\MSSQLSERVER. | |||||
| CVE-2021-38393 | 1 Deltaww | 1 Diaenergie | 2021-09-07 | 10.0 HIGH | 9.8 CRITICAL |
| A Blind SQL injection vulnerability exists in the /DataHandler/HandlerAlarmGroup.ashx endpoint of Delta Electronics DIAEnergie Version 1.7.5 and prior. The application does not properly validate the user-controlled value supplied through the parameter agid before using it as part of an SQL query. A remote, unauthenticated attacker can exploit this issue to execute arbitrary code in the context of NT SERVICE\MSSQLSERVER. | |||||
| CVE-2021-38391 | 1 Deltaww | 1 Diaenergie | 2021-09-07 | 10.0 HIGH | 9.8 CRITICAL |
| A Blind SQL injection vulnerability exists in the /DataHandler/AM/AM_Handler.ashx endpoint of Delta Electronics DIAEnergie Version 1.7.5 and prior. The application does not properly validate the user-controlled value supplied through the parameter type before using it as part of an SQL query. A remote, unauthenticated attacker can exploit this issue to execute arbitrary code in the context of NT SERVICE\MSSQLSERVER. | |||||
| CVE-2021-32983 | 1 Deltaww | 1 Diaenergie | 2021-09-07 | 10.0 HIGH | 9.8 CRITICAL |
| A Blind SQL injection vulnerability exists in the /DataHandler/Handler_CFG.ashx endpoint of Delta Electronics DIAEnergie Version 1.7.5 and prior. The application does not properly validate the user-controlled value supplied through the parameter keyword before using it as part of an SQL query. A remote, unauthenticated attacker can exploit this issue to execute arbitrary code in the context of NT SERVICE\MSSQLSERVER. | |||||
| CVE-2021-31583 | 1 Sipwise | 1 Next Generation Communication Platform | 2021-09-07 | 3.5 LOW | 5.4 MEDIUM |
| Sipwise C5 NGCP WWW Admin version 3.6.7 up to and including platform version NGCP CE 3.0 has multiple authenticated stored and reflected XSS vulnerabilities when input passed via several parameters to several scripts is not properly sanitized before being returned to the user: Stored XSS in callforward/time/set/save (POST tsetname); Reflected XSS in addressbook (GET filter); Stored XSS in addressbook/save (POST firstname, lastname, company); and Reflected XSS in statistics/versions (GET lang). | |||||