Weekly Vulnerabilities Reports > August 30 to September 5, 2021

Overview

303 new vulnerabilities reported during this period, including 44 critical vulnerabilities and 147 high severity vulnerabilities. This weekly summary report vulnerabilities in 270 products from 123 vendors including Adobe, Fedoraproject, Debian, Microsoft, and Solarwinds. Vulnerabilities are notably categorized as "Cross-site Scripting", "Out-of-bounds Write", "Use After Free", "Deserialization of Untrusted Data", and "SQL Injection".

  • 261 reported vulnerabilities are remotely exploitables.
  • 108 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 189 reported vulnerabilities are exploitable by an anonymous user.
  • Adobe has the most reported vulnerabilities, with 37 reported vulnerabilities.
  • Deltaww has the most reported critical vulnerabilities, with 6 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

44 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2021-09-03 CVE-2021-40494 Adaptivescale Use of Hard-coded Credentials vulnerability in Adaptivescale Lxdui

A Hardcoded JWT Secret Key in metadata.py in AdaptiveScale LXDUI through 2.1.3 allows attackers to gain admin access to the host system.

9.8
2021-09-02 CVE-2021-34436 Eclipse XXE vulnerability in Eclipse Theia 0.1.1/0.2.0

In Eclipse Theia 0.1.1 to 0.2.0, it is possible to exploit the default build to obtain remote code execution (and XXE) via the theia-xml-extension.

9.8
2021-09-02 CVE-2020-18048 Bertanddip Command Injection vulnerability in Bertanddip Craigms 1.0

An issue in craigms/main.php of CraigMS 1.0 allows attackers to execute arbitrary commands via a crafted input entered into the DB Name field.

9.8
2021-09-02 CVE-2019-10095 Apache Command Injection vulnerability in Apache Zeppelin

bash command injection vulnerability in Apache Zeppelin allows an attacker to inject system commands into Spark interpreter settings.

9.8
2021-09-02 CVE-2021-3757 Immer Project Unspecified vulnerability in Immer Project Immer

immer is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

9.8
2021-09-02 CVE-2021-34746 Cisco Improper Authentication vulnerability in Cisco Enterprise NFV Infrastructure Software

A vulnerability in the TACACS+ authentication, authorization and accounting (AAA) feature of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote attacker to bypass authentication and log in to an affected device as an administrator.

9.8
2021-09-01 CVE-2021-23438 Mpath Project Type Confusion vulnerability in Mpath Project Mpath

This affects the package mpath before 0.8.4.

9.8
2021-09-01 CVE-2021-23436 Immer Project Type Confusion vulnerability in Immer Project Immer

This affects the package immer before 9.0.6.

9.8
2021-09-01 CVE-2021-23427 Elfinder Netcore Project Path Traversal vulnerability in Elfinder.Netcore Project Elfinder.Netcore

This affects all versions of package elFinder.NetCore.

9.8
2021-09-01 CVE-2021-23428 Elfinder Netcore Project Path Traversal vulnerability in Elfinder.Netcore Project Elfinder.Netcore

This affects all versions of package elFinder.NetCore.

9.8
2021-09-01 CVE-2021-36020 Adobe XML Injection (aka Blind XPath Injection) vulnerability in Adobe Commerce and Magento Open Source

Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an XML Injection vulnerability in the 'City' field.

9.8
2021-09-01 CVE-2021-40350 Christiedigital Improper Authentication vulnerability in Christiedigital Dwu850-Gs Firmware 06.46

webctrl.cgi.elf on Christie Digital DWU850-GS V06.46 devices allows attackers to perform any desired action via a crafted query containing an unspecified Cookie header.

9.8
2021-09-01 CVE-2021-39377 Os4Ed SQL Injection vulnerability in Os4Ed Opensis 8.0

A SQL Injection vulnerability exists in openSIS 8.0 when MySQL (MariaDB) is being used as the application database.

9.8
2021-09-01 CVE-2021-39378 Os4Ed SQL Injection vulnerability in Os4Ed Opensis 8.0

A SQL Injection vulnerability exists in openSIS 8.0 when MySQL (MariaDB) is being used as the application database.

9.8
2021-09-01 CVE-2021-39379 Os4Ed SQL Injection vulnerability in Os4Ed Opensis 8.0

A SQL Injection vulnerability exists in openSIS 8.0 when MySQL (MariaDB) is being used as the application database.

9.8
2021-09-01 CVE-2021-37415 Zohocorp Missing Authentication for Critical Function vulnerability in Zohocorp Manageengine Servicedesk Plus

Zoho ManageEngine ServiceDesk Plus before 11302 is vulnerable to authentication bypass that allows a few REST-API URLs without authentication.

9.8
2021-09-01 CVE-2021-40353 Os4Ed SQL Injection vulnerability in Os4Ed Opensis 8.0

A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as the application database.

9.8
2021-08-31 CVE-2021-22002 Vmware Improper Authentication vulnerability in VMWare products

VMware Workspace ONE Access and Identity Manager, allow the /cfg web app and diagnostic endpoints, on port 8443, to be accessed via port 443 using a custom host header.

9.8
2021-08-31 CVE-2021-21811 ATT Integer Underflow (Wrap or Wraparound) vulnerability in ATT Xmill 0.7

A memory corruption vulnerability exists in the XML-parsing CreateLabelOrAttrib functionality of AT&T Labs’ Xmill 0.7.

9.8
2021-08-31 CVE-2021-34565 Pepperl Fuchs Unspecified vulnerability in Pepperl-Fuchs products

In PEPPERL+FUCHS WirelessHART-Gateway 3.0.7 to 3.0.9 the SSH and telnet services are active with hard-coded credentials.

9.8
2021-08-31 CVE-2021-38145 Formtools SQL Injection vulnerability in Formtools Core

An issue was discovered in Form Tools through 3.0.20.

9.8
2021-08-31 CVE-2021-36356 Kramerav Unrestricted Upload of File with Dangerous Type vulnerability in Kramerav Viaware 2.5.0719.1034

KRAMER VIAware through August 2021 allows remote attackers to execute arbitrary code because ajaxPages/writeBrowseFilePathAjax.php accepts arbitrary executable pathnames (even though browseSystemFiles.php is no longer reachable via the GUI).

9.8
2021-08-30 CVE-2020-22848 Chshcms Unspecified vulnerability in Chshcms Cscms 4.1

A remote code execution (RCE) vulnerability in the \Playsong.php component of cscms v4.1 allows attackers to execute arbitrary commands.

9.8
2021-08-30 CVE-2021-39177 Geysermc Unspecified vulnerability in Geysermc Geyser

Geyser is a bridge between Minecraft: Bedrock Edition and Minecraft: Java Edition.

9.8
2021-08-30 CVE-2021-33055 Zohocorp OS Command Injection vulnerability in Zohocorp Manageengine Adselfservice Plus

Zoho ManageEngine ADSelfService Plus through 6102 allows unauthenticated remote code execution in non-English editions.

9.8
2021-08-30 CVE-2021-34066 Edgegallery Deserialization of Untrusted Data vulnerability in Edgegallery Developer-Be 0.9/0.9.1

An issue was discovered in EdgeGallery/developer before v1.0.

9.8
2021-08-30 CVE-2021-34646 Booster Use of Insufficiently Random Values vulnerability in Booster for Woocommerce

Versions up to, and including, 5.4.3, of the Booster for WooCommerce WordPress plugin are vulnerable to authentication bypass via the process_email_verification function due to a random token generation weakness in the reset_and_mail_activation_link function found in the ~/includes/class-wcj-emails-verification.php file.

9.8
2021-08-30 CVE-2021-37417 Zohocorp Improper Authentication vulnerability in Zohocorp Manageengine Adselfservice Plus

Zoho ManageEngine ADSelfService Plus version 6103 and prior allows CAPTCHA bypass due to improper parameter validation.

9.8
2021-08-30 CVE-2021-37421 Zohocorp Insufficient Verification of Data Authenticity vulnerability in Zohocorp Manageengine Adselfservice Plus

Zoho ManageEngine ADSelfService Plus 6103 and prior is vulnerable to admin portal access-restriction bypass.

9.8
2021-08-30 CVE-2021-21741 ZTE Deserialization of Untrusted Data vulnerability in ZTE Zxv10 M910 Firmware

There is a command execution vulnerability in a ZTE conference management system.

9.8
2021-08-30 CVE-2021-27663 Johnsoncontrols Unspecified vulnerability in Johnsoncontrols Ac2000 Firmware

A vulnerability in versions 10.1 through 10.5 of Johnson Controls CEM Systems AC2000 allows a remote attacker to access to the system without adequate authorization.

9.8
2021-08-30 CVE-2021-32955 Deltaww Unspecified vulnerability in Deltaww Diaenergie 1.7.5

Delta Electronics DIAEnergie Version 1.7.5 and prior allows unrestricted file uploads, which may allow an attacker to remotely execute code.

9.8
2021-08-30 CVE-2021-32967 Deltaww Improper Authentication vulnerability in Deltaww Diaenergie 1.7.5

Delta Electronics DIAEnergie Version 1.7.5 and prior may allow an attacker to add a new administrative user without being authenticated or authorized, which may allow the attacker to log in and use the device with administrative privileges.

9.8
2021-08-30 CVE-2021-32983 Deltaww Unspecified vulnerability in Deltaww Diaenergie 1.7.5

A Blind SQL injection vulnerability exists in the /DataHandler/Handler_CFG.ashx endpoint of Delta Electronics DIAEnergie Version 1.7.5 and prior.

9.8
2021-08-30 CVE-2021-38390 Deltaww Unspecified vulnerability in Deltaww Diaenergie 1.7.5

A Blind SQL injection vulnerability exists in the /DataHandler/HandlerEnergyType.ashx endpoint of Delta Electronics DIAEnergie Version 1.7.5 and prior.

9.8
2021-08-30 CVE-2021-38391 Deltaww Unspecified vulnerability in Deltaww Diaenergie 1.7.5

A Blind SQL injection vulnerability exists in the /DataHandler/AM/AM_Handler.ashx endpoint of Delta Electronics DIAEnergie Version 1.7.5 and prior.

9.8
2021-08-30 CVE-2021-38393 Deltaww Unspecified vulnerability in Deltaww Diaenergie 1.7.5

A Blind SQL injection vulnerability exists in the /DataHandler/HandlerAlarmGroup.ashx endpoint of Delta Electronics DIAEnergie Version 1.7.5 and prior.

9.8
2021-08-30 CVE-2020-15744 Govicture Out-of-bounds Write vulnerability in Govicture Pc420 Firmware 1.2.2

Stack-based Buffer Overflow vulnerability in the ONVIF server component of Victure PC420 smart camera allows an attacker to execute remote code on the target device.

9.8
2021-08-30 CVE-2021-26084 Atlassian Expression Language Injection vulnerability in Atlassian Confluence Data Center and Confluence Server

In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance.

9.8
2021-08-30 CVE-2021-37749 Hexagongeospatial SQL Injection vulnerability in Hexagongeospatial Geomedia Webmap

MapService.svc in Hexagon GeoMedia WebMap 2020 before Update 2 (aka 16.6.2.66) allows blind SQL Injection via the Id (within sourceItems) parameter to the GetMap method.

9.8
2021-08-31 CVE-2021-22943 UI Improper Authentication vulnerability in UI Unifi Protect 1.13.3

A vulnerability found in UniFi Protect application V1.18.1 and earlier permits a malicious actor who has already gained access to a network to subsequently control the Protect camera(s) assigned to said network.

9.6
2021-08-31 CVE-2021-35222 Solarwinds Cross-site Scripting vulnerability in Solarwinds Orion Platform

This vulnerability allows attackers to impersonate users and perform arbitrary actions leading to a Remote Code Execution (RCE) from the Alerts Settings page.

9.6
2021-09-02 CVE-2021-22704 Schneider Electric Unspecified vulnerability in Schneider-Electric Ecostruxure Machine Expert and Vijeo Designer

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists in Harmony/HMI Products Configured by Vijeo Designer (all versions prior to V6.2 SP11 ), Vijeo Designer Basic (all versions prior to V1.2), or EcoStruxure Machine Expert (all versions prior to V2.0) that could cause a Denial of Service or unauthorized access to system information when connecting to the Harmony HMI over FTP.

9.1
2021-09-01 CVE-2020-20495 Bludit Unspecified vulnerability in Bludit 3.13.0

bludit v3.13.0 contains an arbitrary file deletion vulnerability in the backup plugin via the `deleteBackup' parameter.

9.1

147 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2021-09-03 CVE-2021-30606 Microsoft
Fedoraproject
Use After Free vulnerability in multiple products

Chromium: CVE-2021-30606 Use after free in Blink

8.8
2021-09-03 CVE-2021-30607 Fedoraproject
Microsoft
Use After Free vulnerability in multiple products

Chromium: CVE-2021-30607 Use after free in Permissions

8.8
2021-09-03 CVE-2021-30608 Fedoraproject
Microsoft
Use After Free vulnerability in multiple products

Chromium: CVE-2021-30608 Use after free in Web Share

8.8
2021-09-03 CVE-2021-30609 Fedoraproject
Microsoft
Use After Free vulnerability in multiple products

Chromium: CVE-2021-30609 Use after free in Sign-In

8.8
2021-09-03 CVE-2021-30610 Fedoraproject
Microsoft
Use After Free vulnerability in multiple products

Chromium: CVE-2021-30610 Use after free in Extensions API

8.8
2021-09-03 CVE-2021-30611 Fedoraproject
Microsoft
Use After Free vulnerability in multiple products

Chromium: CVE-2021-30611 Use after free in WebRTC

8.8
2021-09-03 CVE-2021-30612 Fedoraproject
Microsoft
Use After Free vulnerability in multiple products

Chromium: CVE-2021-30612 Use after free in WebRTC

8.8
2021-09-03 CVE-2021-30613 Fedoraproject
Microsoft
Use After Free vulnerability in multiple products

Chromium: CVE-2021-30613 Use after free in Base internals

8.8
2021-09-03 CVE-2021-30614 Fedoraproject
Microsoft
Out-of-bounds Write vulnerability in multiple products

Chromium: CVE-2021-30614 Heap buffer overflow in TabStrip

8.8
2021-09-03 CVE-2021-30616 Fedoraproject
Microsoft
Use After Free vulnerability in multiple products

Chromium: CVE-2021-30616 Use after free in Media

8.8
2021-09-03 CVE-2021-30618 Fedoraproject
Microsoft
Chromium: CVE-2021-30618 Inappropriate implementation in DevTools
8.8
2021-09-03 CVE-2021-30620 Fedoraproject
Microsoft
Chromium: CVE-2021-30620 Insufficient policy enforcement in Blink
8.8
2021-09-03 CVE-2021-30622 Fedoraproject
Microsoft
Use After Free vulnerability in multiple products

Chromium: CVE-2021-30622 Use after free in WebApp Installs

8.8
2021-09-03 CVE-2021-30623 Fedoraproject
Microsoft
Use After Free vulnerability in multiple products

Chromium: CVE-2021-30623 Use after free in Bookmarks

8.8
2021-09-03 CVE-2021-30624 Fedoraproject
Microsoft
Use After Free vulnerability in multiple products

Chromium: CVE-2021-30624 Use after free in Autofill

8.8
2021-09-02 CVE-2021-28550 Adobe Unspecified vulnerability in Adobe products

Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a Use After Free vulnerability.

8.8
2021-09-02 CVE-2021-28553 Adobe Unspecified vulnerability in Adobe products

Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by an Use After Free vulnerability.

8.8
2021-09-02 CVE-2021-28565 Adobe Unspecified vulnerability in Adobe products

Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by an Out-of-bounds Read vulnerability in the PDFLibTool component.

8.8
2021-09-01 CVE-2021-40385 Kaseya Unspecified vulnerability in Kaseya Unitrends Backup Software

An issue was discovered in the server software in Kaseya Unitrends Backup Software before 10.5.5-2.

8.8
2021-09-01 CVE-2021-40387 Kaseya Unspecified vulnerability in Kaseya Unitrends Backup Software

An issue was discovered in the server software in Kaseya Unitrends Backup Software before 10.5.5-2.

8.8
2021-09-01 CVE-2021-34435 Eclipse Origin Validation Error vulnerability in Eclipse Theia

In Eclipse Theia 0.3.9 to 1.8.1, the "mini-browser" extension allows a user to preview HTML files in an iframe inside the IDE.

8.8
2021-09-01 CVE-2021-35215 Solarwinds Deserialization of Untrusted Data vulnerability in Solarwinds Orion Platform

Insecure deserialization leading to Remote Code Execution was detected in the Orion Platform version 2020.2.5.

8.8
2021-09-01 CVE-2021-35216 Solarwinds Deserialization of Untrusted Data vulnerability in Solarwinds Patch Manager

Insecure Deserialization of untrusted data remote code execution vulnerability was discovered in Patch Manager Orion Platform Integration module.

8.8
2021-09-01 CVE-2021-35218 Solarwinds Deserialization of Untrusted Data vulnerability in Solarwinds Orion Platform

Deserialization of Untrusted Data in the Web Console Chart Endpoint can lead to remote code execution.

8.8
2021-09-01 CVE-2021-36032 Adobe Authorization Bypass Through User-Controlled Key vulnerability in Adobe Commerce and Magento Open Source

Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability.

8.8
2021-09-01 CVE-2021-35508 Terarecon Incorrect Permission Assignment for Critical Resource vulnerability in Terarecon Aquariusnet 4.4.13

NMSAccess32.exe in TeraRecon AQNetClient 4.4.13 allows attackers to execute a malicious binary with SYSTEM privileges via a low-privileged user account.

8.8
2021-09-01 CVE-2021-38703 KPN Unspecified vulnerability in KPN Experia Wifi Firmware 1.00.15

Wireless devices running certain Arcadyan-derived firmware (such as KPN Experia WiFi 1.00.15) do not properly sanitise user input to the syslog configuration form.

8.8
2021-08-31 CVE-2021-36231 Unit4 Deserialization of Untrusted Data vulnerability in Unit4 Mik.Starlight 7.9.5.24363

Deserialization of untrusted data in multiple functions in MIK.starlight 7.9.5.24363 allows authenticated remote attackers to execute operating system commands by crafting serialized objects.

8.8
2021-08-31 CVE-2021-36232 Unit4 Missing Authorization vulnerability in Unit4 Mik.Starlight 7.9.5.24363

Improper Authorization in multiple functions in MIK.starlight 7.9.5.24363 allows an authenticated attacker to escalate privileges.

8.8
2021-08-31 CVE-2021-39180 Frentix Path Traversal vulnerability in Frentix Openolat

OpenOLAT is a web-based learning management system (LMS).

8.8
2021-08-31 CVE-2021-35212 Solarwinds SQL Injection vulnerability in Solarwinds Orion Platform

An SQL injection Privilege Escalation Vulnerability was discovered in the Orion Platform reported by the ZDI Team.

8.8
2021-08-31 CVE-2021-29907 IBM Unrestricted Upload of File with Dangerous Type vulnerability in IBM Openpages With Watson

IBM OpenPages with Watson 8.1 and 8.2 could allow an authenticated user to upload a file that could execute arbitrary code on the system.

8.8
2021-08-31 CVE-2021-35213 Solarwinds Unspecified vulnerability in Solarwinds Orion Platform

An Improper Access Control Privilege Escalation Vulnerability was discovered in the User Setting of Orion Platform version 2020.2.5.

8.8
2021-08-31 CVE-2021-35223 Solarwinds Unspecified vulnerability in Solarwinds Serv-U

The Serv-U File Server allows for events such as user login failures to be audited by executing a command.

8.8
2021-08-31 CVE-2020-19047 Iwebshop Cross-Site Request Forgery (CSRF) vulnerability in Iwebshop 5.3

Cross Site Request Forgey (CSRF) in iWebShop v5.3 allows remote atatckers to execute arbitrary code via malicious POST request to the component '/index.php?controller=system&action=admin_edit_act'.

8.8
2021-08-31 CVE-2021-21677 Jenkins Deserialization of Untrusted Data vulnerability in Jenkins Code Coverage API

Jenkins Code Coverage API Plugin 1.4.0 and earlier does not apply Jenkins JEP-200 deserialization protection to Java objects it deserializes from disk, resulting in a remote code execution vulnerability.

8.8
2021-08-31 CVE-2021-21678 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Saml

Jenkins SAML Plugin 2.0.7 and earlier allows attackers to craft URLs that would bypass the CSRF protection of any target URL in Jenkins.

8.8
2021-08-31 CVE-2021-21679 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Azure AD

Jenkins Azure AD Plugin 179.vf6841393099e and earlier allows attackers to craft URLs that would bypass the CSRF protection of any target URL in Jenkins.

8.8
2021-08-31 CVE-2021-34561 Pepperl Fuchs Unspecified vulnerability in Pepperl-Fuchs products

In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.8 serious issue exists, if the application is not externally accessible or uses IP-based access restrictions.

8.8
2021-08-31 CVE-2021-36981 Sernet Deserialization of Untrusted Data vulnerability in Sernet Verinice

In the server in SerNet verinice before 1.22.2, insecure Java deserialization allows remote authenticated attackers to execute arbitrary code.

8.8
2021-08-30 CVE-2021-39132 Pagerduty Deserialization of Untrusted Data vulnerability in Pagerduty Rundeck

Rundeck is an open source automation service with a web console, command line tools and a WebAPI.

8.8
2021-08-30 CVE-2020-18121 Indexhibit Incorrect Permission Assignment for Critical Resource vulnerability in Indexhibit 2.1.5

A configuration issue in Indexhibit 2.1.5 allows authenticated attackers to modify .php files, leading to getshell.

8.8
2021-08-30 CVE-2020-35633 Cgal
Debian
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1.
8.8
2021-08-30 CVE-2020-35634 Cgal
Debian
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1.
8.8
2021-08-30 CVE-2020-35635 Cgal
Debian
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1 in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface() store_sm_boundary_item() Sloop_of OOB read.
8.8
2021-08-30 CVE-2021-27020 Puppet Improper Neutralization of Formula Elements in a CSV File vulnerability in Puppet Enterprise

Puppet Enterprise presented a security risk by not sanitizing user input when doing a CSV export.

8.8
2021-08-30 CVE-2021-24579 Bold Themes Deserialization of Untrusted Data vulnerability in Bold-Themes Bold Page Builder

The bt_bb_get_grid AJAX action of the Bold Page Builder WordPress plugin before 3.1.6 passes user input into the unserialize() function without any validation or sanitisation, which could lead to a PHP Object Injection.

8.8
2021-08-30 CVE-2021-24580 WOW Estore SQL Injection vulnerability in Wow-Estore Side Menu

The Side Menu Lite WordPress plugin before 2.2.6 does not sanitise user input from the List page in the admin dashboard before using it in SQL statement, leading to a SQL Injection issue

8.8
2021-08-30 CVE-2021-24581 Blue Admin Project Cross-site Scripting vulnerability in Blue-Admin Project Blue-Admin 21.06.01

The Blue Admin WordPress plugin through 21.06.01 does not sanitise or escape its "Logo Title" setting before outputting in a page, leading to a Stored Cross-Site Scripting issue.

8.8
2021-08-30 CVE-2021-36359 Bscw XML Injection (aka Blind XPath Injection) vulnerability in Bscw Classic

OrbiTeam BSCW Classic before 7.4.3 allows exportpdf authenticated remote code execution (RCE) via XML tag injection because reportlab\platypus\paraparser.py (reached via bscw.cgi op=_editfolder.EditFolder) calls eval on attacker-supplied Python code.

8.8
2021-08-30 CVE-2021-39271 Bscw Unspecified vulnerability in Bscw Classic

OrbiTeam BSCW Classic before 7.4.3 allows authenticated remote code execution (RCE) during archive extraction via attacker-supplied Python code in the class attribute of a .bscw file.

8.8
2021-09-01 CVE-2021-30355 Amazon Improper Privilege Management vulnerability in Amazon Kindle Firmware

Amazon Kindle e-reader prior to and including version 5.13.4 improperly manages privileges, allowing the framework user to elevate privileges to root.

8.6
2021-09-01 CVE-2021-30354 Amazon Integer Overflow or Wraparound vulnerability in Amazon Kindle Firmware

Amazon Kindle e-reader prior to and including version 5.13.4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function CJBig2Image::expand() and results in a memory corruption that leads to code execution when parsing a crafted PDF book.

8.6
2021-08-31 CVE-2021-37701 Npmjs
Debian
Oracle
Siemens
The npm package "tar" (aka node-tar) before versions 4.4.16, 5.0.8, and 6.1.7 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability.
8.6
2021-08-31 CVE-2021-37712 Npmjs
Debian
Oracle
Siemens
The npm package "tar" (aka node-tar) before versions 4.4.18, 5.0.10, and 6.1.9 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability.
8.6
2021-08-31 CVE-2021-37713 Npmjs
Oracle
Siemens
The npm package "tar" (aka node-tar) before versions 4.4.18, 5.0.10, and 6.1.9 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability.
8.6
2021-09-01 CVE-2021-40378 Comprotech Missing Authorization vulnerability in Comprotech products

An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices.

8.1
2021-08-31 CVE-2021-35221 Solarwinds Unspecified vulnerability in Solarwinds Orion Platform

Improper Access Control Tampering Vulnerability using ImportAlert function which can lead to a Remote Code Execution (RCE) from the Alerts Settings page.

8.1
2021-08-31 CVE-2021-34578 Wago Unspecified vulnerability in Wago products

This vulnerability allows an attacker who has access to the WBM to read and write settings-parameters of the device by sending specifically constructed requests without authentication on multiple WAGO PLCs in firmware versions up to FW07.

8.1
2021-08-30 CVE-2021-35062 Testzentrum ODW OS Command Injection vulnerability in Testzentrum-Odw Testerfassung 202103

A Shell Metacharacter Injection vulnerability in result.php in DRK Odenwaldkreis Testerfassung March-2021 allow an attacker with a valid token of a COVID-19 test result to execute shell commands with the permissions of the web server.

8.1
2021-08-30 CVE-2021-29630 Freebsd Out-of-bounds Write vulnerability in Freebsd 11.4/12.2/13.0

In FreeBSD 13.0-STABLE before n246938-0729ba2f49c9, 12.2-STABLE before r370383, 11.4-STABLE before r370381, 13.0-RELEASE before p4, 12.2-RELEASE before p10, and 11.4-RELEASE before p13, the ggatec daemon does not validate the size of a response before writing it to a fixed-sized buffer allowing a malicious attacker in a privileged network position to overwrite the stack of ggatec and potentially execute arbitrary code.

8.1
2021-08-30 CVE-2021-38342 Kylephillips Cross-Site Request Forgery (CSRF) vulnerability in Kylephillips Nested Pages

The Nested Pages WordPress plugin <= 3.1.15 was vulnerable to Cross-Site Request Forgery via the `npBulkAction`s and `npBulkEdit` `admin_post` actions, which allowed attackers to trash or permanently purge arbitrary posts as well as changing their status, reassigning their ownership, and editing other metadata.

8.1
2021-08-31 CVE-2021-22944 UI Unspecified vulnerability in UI Unifi Protect 1.13.3

A vulnerability found in UniFi Protect application V1.18.1 and earlier allows a malicious actor with a view-only role and network access to gain the same privileges as the owner of the UniFi Protect application.

8.0
2021-09-02 CVE-2021-22775 Schneider Electric Unspecified vulnerability in Schneider-Electric Gp-Pro EX

A CWE-427: Uncontrolled Search Path Element vulnerability exists in GP-Pro EX,V4.09.250 and prior, that could cause local code execution with elevated privileges when installing the software.

7.8
2021-09-02 CVE-2021-35996 Adobe Out-of-bounds Write vulnerability in Adobe After Effects

Adobe After Effects version 18.2.1 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file.

7.8
2021-09-02 CVE-2021-21086 Adobe Out-of-bounds Write vulnerability in Adobe products

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Write vulnerability in the CoolType library.

7.8
2021-09-01 CVE-2021-36046 Adobe
Debian
Out-of-bounds Write vulnerability in multiple products

XMP Toolkit version 2020.1 (and earlier) is affected by a memory corruption vulnerability, potentially resulting in arbitrary code execution in the context of the current user.

7.8
2021-09-01 CVE-2021-36047 Adobe
Debian
XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Improper Input Validation vulnerability potentially resulting in arbitrary code execution in the context of the current user.
7.8
2021-09-01 CVE-2021-36048 Adobe
Debian
XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Improper Input Validation vulnerability potentially resulting in arbitrary code execution in the context of the current user.
7.8
2021-09-01 CVE-2021-36050 Adobe
Debian
Out-of-bounds Write vulnerability in multiple products

XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user.

7.8
2021-09-01 CVE-2021-36055 Adobe
Debian
XMP Toolkit SDK versions 2020.1 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user.
7.8
2021-09-01 CVE-2021-36064 Adobe
Debian
XMP Toolkit version 2020.1 (and earlier) is affected by a Buffer Underflow vulnerability which could result in arbitrary code execution in the context of the current user.
7.8
2021-09-01 CVE-2021-36068 Adobe Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Bridge

Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious Bridge file, potentially resulting in arbitrary code execution in the context of the current user.

7.8
2021-09-01 CVE-2021-39847 Adobe
Debian
XMP Toolkit SDK version 2020.1 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user.
7.8
2021-09-01 CVE-2021-39373 Samsung Insufficiently Protected Credentials vulnerability in Samsung Drive Manager 2.0.104

Samsung Drive Manager 2.0.104 on Samsung H3 devices allows attackers to bypass intended access controls on disk management.

7.8
2021-09-01 CVE-2021-36235 Ivanti Unspecified vulnerability in Ivanti Workspace Control

An issue was discovered in Ivanti Workspace Control before 10.6.30.0.

7.8
2021-08-31 CVE-2021-39134 Npmjs
Oracle
Siemens
Improper Handling of Case Sensitivity vulnerability in multiple products

`@npmcli/arborist`, the library that calculates dependency trees and manages the `node_modules` folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed into the expected folder.

7.8
2021-08-31 CVE-2021-39135 Npmjs
Oracle
Siemens
`@npmcli/arborist`, the library that calculates dependency trees and manages the node_modules folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed into the expected folder.
7.8
2021-08-30 CVE-2021-29631 Freebsd Use of Uninitialized Resource vulnerability in Freebsd 11.4/12.2/13.0

In FreeBSD 13.0-STABLE before n246941-20f96f215562, 12.2-STABLE before r370400, 11.4-STABLE before r370399, 13.0-RELEASE before p4, 12.2-RELEASE before p10, and 11.4-RELEASE before p13, certain VirtIO-based device models in bhyve failed to handle errors when fetching I/O descriptors.

7.8
2021-08-30 CVE-2021-33007 Deltaww Unspecified vulnerability in Deltaww Tpeditor

A heap-based buffer overflow in Delta Electronics TPEditor: v1.98.06 and prior may be exploited by processing a specially crafted project file.

7.8
2021-08-30 CVE-2021-33019 Deltaww Out-of-bounds Write vulnerability in Deltaww Dopsoft

A stack-based buffer overflow vulnerability in Delta Electronics DOPSoft Version 4.00.11 and prior may be exploited by processing a specially crafted project file, which may allow an attacker to execute arbitrary code.

7.8
2021-09-05 CVE-2021-40523 Contiki OS Improper Check for Unusual or Exceptional Conditions vulnerability in Contiki-Os Contiki 3.0

In Contiki 3.0, Telnet option negotiation is mishandled.

7.5
2021-09-05 CVE-2021-40524 Pureftpd Unrestricted Upload of File with Dangerous Type vulnerability in Pureftpd Pure-Ftpd

In Pure-FTPd before 1.0.50, an incorrect max_filesize quota mechanism in the server allows attackers to upload files of unbounded size, which may lead to denial of service or a server hang.

7.5
2021-09-05 CVE-2021-40516 Weechat
Debian
Out-of-bounds Read vulnerability in multiple products

WeeChat before 3.2.1 allows remote attackers to cause a denial of service (crash) via a crafted WebSocket frame that trigger an out-of-bounds read in plugins/relay/relay-websocket.c in the Relay plugin.

7.5
2021-09-03 CVE-2021-23437 Python
Fedoraproject
Out-of-bounds Read vulnerability in multiple products

The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the getrgb function.

7.5
2021-09-02 CVE-2020-13929 Apache Unspecified vulnerability in Apache Zeppelin

Authentication bypass vulnerability in Apache Zeppelin allows an attacker to bypass Zeppelin authentication mechanism to act as another user.

7.5
2021-09-02 CVE-2021-22792 Schneider Electric Unspecified vulnerability in Schneider-Electric products

A CWE-476: NULL Pointer Dereference vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions).

7.5
2021-09-02 CVE-2021-39187 Parseplatform Improper Handling of Exceptional Conditions vulnerability in Parseplatform Parse-Server

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js.

7.5
2021-09-02 CVE-2021-33928 Opensuse Out-of-bounds Write vulnerability in Opensuse Libsolv

Buffer overflow vulnerability in function pool_installable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service.

7.5
2021-09-02 CVE-2021-33929 Opensuse Out-of-bounds Write vulnerability in Opensuse Libsolv

Buffer overflow vulnerability in function pool_disabled_solvable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service.

7.5
2021-09-02 CVE-2021-33930 Opensuse Out-of-bounds Write vulnerability in Opensuse Libsolv

Buffer overflow vulnerability in function pool_installable_whatprovides in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service.

7.5
2021-09-02 CVE-2021-33938 Opensuse Out-of-bounds Write vulnerability in Opensuse Libsolv

Buffer overflow vulnerability in function prune_to_recommended in src/policy.c in libsolv before 0.7.17 allows attackers to cause a Denial of Service.

7.5
2021-09-02 CVE-2021-31796 Cyberark Use of a Broken or Risky Cryptographic Algorithm vulnerability in Cyberark Credential Provider

An inadequate encryption vulnerability discovered in CyberArk Credential Provider before 12.1 may lead to Information Disclosure.

7.5
2021-09-01 CVE-2020-20340 S CMS SQL Injection vulnerability in S-Cms 1.0

A SQL injection vulnerability in the 4.edu.php\conn\function.php component of S-CMS v1.0 allows attackers to access sensitive database information.

7.5
2021-09-01 CVE-2020-20341 Yzmcms Server-Side Request Forgery (SSRF) vulnerability in Yzmcms 5.5

YzmCMS v5.5 contains a server-side request forgery (SSRF) in the grab_image() function.

7.5
2021-09-01 CVE-2021-40379 Comprotech Missing Authorization vulnerability in Comprotech products

An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices.

7.5
2021-09-01 CVE-2021-40380 Comprotech Unspecified vulnerability in Comprotech products

An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices.

7.5
2021-09-01 CVE-2021-40381 Comprotech Unspecified vulnerability in Comprotech products

An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices.

7.5
2021-09-01 CVE-2021-40382 Comprotech Unspecified vulnerability in Comprotech products

An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices.

7.5
2021-09-01 CVE-2021-23426 Proto Project Unspecified vulnerability in Proto Project Proto

This affects all versions of package Proto.

7.5
2021-09-01 CVE-2021-36030 Adobe Unspecified vulnerability in Adobe Commerce and Magento Open Source

Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability during the checkout process.

7.5
2021-09-01 CVE-2020-9000 Iportalis Resource Exhaustion vulnerability in Iportalis Control Portal 7.1.13.0

An issue was discovered in iPortalis iCS 7.1.13.0.

7.5
2021-09-01 CVE-2020-9002 Iportalis Improper Input Validation vulnerability in Iportalis Control Portal 7.1.13.0

An issue was discovered in iPortalis iCS 7.1.13.0.

7.5
2021-09-01 CVE-2021-33582 Cyrus
Fedoraproject
Debian
Algorithmic Complexity vulnerability in multiple products

Cyrus IMAP before 3.4.2 allows remote attackers to cause a denial of service (multiple-minute daemon hang) via input that is mishandled during hash-table interaction.

7.5
2021-09-01 CVE-2021-39109 Atlassian Path Traversal vulnerability in Atlassian Atlasboard

The renderWidgetResource resource in Atlasian Atlasboard before version 1.1.9 allows remote attackers to read arbitrary files via a path traversal vulnerability.

7.5
2021-08-31 CVE-2020-20486 Iec104 Project Out-of-bounds Write vulnerability in Iec104 Project Iec104 1.0

IEC104 v1.0 contains a stack-buffer overflow in the parameter Iec10x_Sta_Addr.

7.5
2021-08-31 CVE-2020-20490 Libiec Iccp MOD Project Out-of-bounds Write vulnerability in Libiec Iccp MOD Project Libiec Iccp MOD 1.5

A heap buffer-overflow in the client_example1.c component of libiec_iccp_mod v1.5 leads to a denial of service (DOS).

7.5
2021-08-31 CVE-2021-22003 Vmware Improper Restriction of Excessive Authentication Attempts vulnerability in VMWare products

VMware Workspace ONE Access and Identity Manager, unintentionally provide a login interface on port 7443.

7.5
2021-08-31 CVE-2021-22029 Vmware Allocation of Resources Without Limits or Throttling vulnerability in VMWare Workspace ONE UEM Console

VMware Workspace ONE UEM REST API contains a denial of service vulnerability.

7.5
2021-08-31 CVE-2021-22684 Samsung Unspecified vulnerability in Samsung Tizenrt

Tizen RT RTOS version 3.0.GBB is vulnerable to integer wrap-around in functions_calloc and mm_zalloc.

7.5
2021-08-31 CVE-2021-33555 Pepperl Fuchs Unspecified vulnerability in Pepperl-Fuchs products

In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.7 the filename parameter is vulnerable to unauthenticated path traversal attacks, enabling read access to arbitrary files on the server.

7.5
2021-08-31 CVE-2021-34581 Wago Missing Release of Resource after Effective Lifetime vulnerability in Wago products

Missing Release of Resource after Effective Lifetime vulnerability in OpenSSL implementation of WAGO 750-831/xxx-xxx, 750-880/xxx-xxx, 750-881, 750-889 in versions FW4 up to FW15 allows an unauthenticated attacker to cause DoS on the device.

7.5
2021-08-31 CVE-2021-3749 Axios
Siemens
Oracle
axios is vulnerable to Inefficient Regular Expression Complexity
7.5
2021-08-31 CVE-2021-40330 GIT SCM
Debian
git_connect_git in connect.c in Git before 2.30.1 allows a repository path to contain a newline character, which may result in unexpected cross-protocol requests, as demonstrated by the git://localhost:1234/%0d%0a%0d%0aGET%20/%20HTTP/1.1 substring.
7.5
2021-08-30 CVE-2021-36691 Libjxl Project Reachable Assertion vulnerability in Libjxl Project Libjxl 0.5.0

libjxl v0.5.0 is affected by a Assertion failed issue in lib/jxl/image.cc jxl::PlaneBase::PlaneBase().

7.5
2021-08-30 CVE-2021-36370 Midnight Commander Improper Authentication vulnerability in Midnight-Commander Midnight Commander

An issue was discovered in Midnight Commander through 4.8.26.

7.5
2021-08-30 CVE-2021-22024 Vmware Information Exposure Through Log Files vulnerability in VMWare products

The vRealize Operations Manager API (8.x prior to 8.5) contains an arbitrary log-file read vulnerability.

7.5
2021-08-30 CVE-2021-22025 Vmware Improper Authentication vulnerability in VMWare products

The vRealize Operations Manager API (8.x prior to 8.5) contains a broken access control vulnerability leading to unauthenticated API access.

7.5
2021-08-30 CVE-2021-22026 Vmware Server-Side Request Forgery (SSRF) vulnerability in VMWare products

The vRealize Operations Manager API (8.x prior to 8.5) contains a Server Side Request Forgery in an end point.

7.5
2021-08-30 CVE-2021-22027 Vmware Server-Side Request Forgery (SSRF) vulnerability in VMWare products

The vRealize Operations Manager API (8.x prior to 8.5) contains a Server Side Request Forgery in an end point.

7.5
2021-08-30 CVE-2021-27018 Puppet Improper Certificate Validation vulnerability in Puppet Remediate

The mechanism which performs certificate validation was discovered to have a flaw that resulted in certificates signed by an internal certificate authority to not be properly validated.

7.5
2021-08-30 CVE-2021-29722 IBM Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM products

IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

7.5
2021-08-30 CVE-2021-29723 IBM Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM products

IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

7.5
2021-08-30 CVE-2021-25958 Apache Information Exposure Through an Error Message vulnerability in Apache Ofbiz

In Apache Ofbiz, versions v17.12.01 to v17.12.07 implement a try catch exception to handle errors at multiple locations but leaks out sensitive table info which may aid the attacker for further recon.

7.5
2021-08-30 CVE-2021-39113 Atlassian Insufficient Session Expiration vulnerability in Atlassian products

Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to continue to view cached content even after losing permissions, via a Broken Access Control vulnerability in the allowlist feature.

7.5
2021-08-30 CVE-2021-38385 Torproject Reachable Assertion vulnerability in Torproject TOR

Tor before 0.3.5.16, 0.4.5.10, and 0.4.6.7 mishandles the relationship between batch-signature verification and single-signature verification, leading to a remote assertion failure, aka TROVE-2021-007.

7.5
2021-09-01 CVE-2021-36002 Adobe Exposure of Resource to Wrong Sphere vulnerability in Adobe Captivate

Adobe Captivate version 11.5.5 (and earlier) is affected by an Creation of Temporary File In Directory With Incorrect Permissions vulnerability that could result in privilege escalation in the context of the current user.

7.3
2021-09-03 CVE-2021-39192 Ghost Improper Privilege Management vulnerability in Ghost

Ghost is a Node.js content management system.

7.2
2021-09-02 CVE-2021-22793 Schneider Electric Unspecified vulnerability in Schneider-Electric products

A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exist in AccuSine PCS+ / PFV+ (Versions prior to V1.6.7) and AccuSine PCSn (Versions prior to V2.2.4) that could allow an authenticated attacker to access the device via FTP protocol.

7.2
2021-09-01 CVE-2021-39115 Atlassian Code Injection vulnerability in Atlassian Jira Service Desk

Affected versions of Atlassian Jira Service Management Server and Data Center allow remote attackers with "Jira Administrators" access to execute arbitrary Java code or run arbitrary system commands via a Server_Side Template Injection vulnerability in the Email Template feature.

7.2
2021-09-01 CVE-2021-36022 Adobe XML Injection (aka Blind XPath Injection) vulnerability in Adobe Commerce and Magento Open Source

Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an XML Injection vulnerability in the Widgets Update Layout.

7.2
2021-09-01 CVE-2021-36024 Adobe Command Injection vulnerability in Adobe Commerce and Magento Open Source

Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an Improper Neutralization of Special Elements Used In A Command via the Data collection endpoint.

7.2
2021-09-01 CVE-2021-36025 Adobe Unspecified vulnerability in Adobe Commerce and Magento Open Source

Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability while saving a customer's details with a specially crafted file.

7.2
2021-09-01 CVE-2021-36028 Adobe Unspecified vulnerability in Adobe Commerce and Magento Open Source

Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an XML Injection vulnerability when saving a configurable product.

7.2
2021-09-01 CVE-2021-36029 Adobe Unspecified vulnerability in Adobe Commerce and Magento Open Source

Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper improper authorization vulnerability.

7.2
2021-09-01 CVE-2021-36033 Adobe Unspecified vulnerability in Adobe Commerce and Magento Open Source

Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an XML Injection vulnerability in the Widgets Module.

7.2
2021-09-01 CVE-2021-36034 Adobe Improper Input Validation vulnerability in Adobe Commerce and Magento Open Source

Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability.

7.2
2021-09-01 CVE-2021-36035 Adobe Unspecified vulnerability in Adobe Commerce and Magento Open Source

Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability.

7.2
2021-09-01 CVE-2021-36040 Adobe Unrestricted Upload of File with Dangerous Type vulnerability in Adobe Commerce and Magento Open Source

Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability.

7.2
2021-09-01 CVE-2021-36041 Adobe Improper Input Validation vulnerability in Adobe Commerce and Magento Open Source

Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability.

7.2
2021-09-01 CVE-2021-36042 Adobe Unrestricted Upload of File with Dangerous Type vulnerability in Adobe Commerce and Magento Open Source

Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability in the API File Option Upload Extension.

7.2
2021-08-31 CVE-2021-35220 Solarwinds Command Injection vulnerability in Solarwinds Orion Platform

Command Injection vulnerability in EmailWebPage API which can lead to a Remote Code Execution (RCE) from the Alerts Settings page.

7.2
2021-08-31 CVE-2021-27556 Easycorp OS Command Injection vulnerability in Easycorp Zentao 12.5.3

The Cron job tab in EasyCorp ZenTao 12.5.3 allows remote attackers (who have admin access) to execute arbitrary code by setting the type parameter to System.

7.2
2021-08-30 CVE-2021-32831 Totaljs Unspecified vulnerability in Totaljs Total.Js

Total.js framework (npm package total.js) is a framework for Node.js platfrom written in pure JavaScript similar to PHP's Laravel or Python's Django or ASP.NET MVC.

7.2
2021-08-30 CVE-2021-22023 Vmware Authorization Bypass Through User-Controlled Key vulnerability in VMWare products

The vRealize Operations Manager API (8.x prior to 8.5) has insecure object reference vulnerability.

7.2
2021-08-31 CVE-2021-21680 Jenkins XXE vulnerability in Jenkins Nested View

Jenkins Nested View Plugin 1.20 and earlier does not configure its XML transformer to prevent XML external entity (XXE) attacks.

7.1
2021-09-03 CVE-2021-40490 Linux
Fedoraproject
Debian
Netapp
Race Condition vulnerability in multiple products

A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13.

7.0

106 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2021-08-30 CVE-2021-39133 Pagerduty Unspecified vulnerability in Pagerduty Rundeck

Rundeck is an open source automation service with a web console, command line tools and a WebAPI.

6.8
2021-09-01 CVE-2021-36043 Adobe Unspecified vulnerability in Adobe Commerce and Magento Open Source

Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by a blind SSRF vulnerability in the bundled dotmailer extension.

6.6
2021-09-03 CVE-2021-30615 Fedoraproject
Microsoft
Chromium: CVE-2021-30615 Cross-origin data leak in Navigation
6.5
2021-09-03 CVE-2021-30617 Fedoraproject
Microsoft
Chromium: CVE-2021-30617 Policy bypass in Blink
6.5
2021-09-03 CVE-2021-30619 Fedoraproject
Microsoft
Authentication Bypass by Spoofing vulnerability in multiple products

Chromium: CVE-2021-30619 UI Spoofing in Autofill

6.5
2021-09-03 CVE-2021-30621 Fedoraproject
Microsoft
Authentication Bypass by Spoofing vulnerability in multiple products

Chromium: CVE-2021-30621 UI Spoofing in Autofill

6.5
2021-09-03 CVE-2021-40491 GNU
Debian
Insufficient Verification of Data Authenticity vulnerability in multiple products

The ftp client in GNU Inetutils before 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they match the server address.

6.5
2021-09-02 CVE-2021-22789 Schneider Electric Unspecified vulnerability in Schneider-Electric products

A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions).

6.5
2021-09-02 CVE-2021-22790 Schneider Electric Out-of-bounds Read vulnerability in Schneider-Electric products

A CWE-125: Out-of-bounds Read vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions).

6.5
2021-09-02 CVE-2021-22791 Schneider Electric Unspecified vulnerability in Schneider-Electric products

A CWE-787: Out-of-bounds Write vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions).

6.5
2021-09-02 CVE-2021-38312 Redux Incorrect Authorization vulnerability in Redux Gutenberg Template Library & Redux Framework

The Gutenberg Template Library & Redux Framework plugin <= 4.2.11 for WordPress used an incorrect authorization check in the REST API endpoints registered under the “redux/v1/templates/” REST Route in “redux-templates/classes/class-api.php”.

6.5
2021-09-02 CVE-2021-3758 Bookstackapp Server-Side Request Forgery (SSRF) vulnerability in Bookstackapp Bookstack

bookstack is vulnerable to Server-Side Request Forgery (SSRF)

6.5
2021-09-01 CVE-2020-20343 Wtcms Project Cross-Site Request Forgery (CSRF) vulnerability in Wtcms Project Wtcms 1.0

WTCMS 1.0 contains a cross-site request forgery (CSRF) vulnerability in the index.php?g=admin&m=nav&a=add_post component that allows attackers to arbitrarily add articles in the administrator background.

6.5
2021-09-01 CVE-2021-40352 Open EMR Authorization Bypass Through User-Controlled Key vulnerability in Open-Emr Openemr 6.0.0

OpenEMR 6.0.0 has a pnotes_print.php?noteid= Insecure Direct Object Reference vulnerability via which an attacker can read the messages of all users.

6.5
2021-08-31 CVE-2021-36233 Unit4 Files or Directories Accessible to External Parties vulnerability in Unit4 Mik.Starlight 7.9.5.24363

The function AdminGetFirstFileContentByFilePath in MIK.starlight 7.9.5.24363 allows (by design) an authenticated attacker to read arbitrary files from the filesystem by specifying the file path.

6.5
2021-08-31 CVE-2021-40085 Openstack
Debian
An issue was discovered in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1.
6.5
2021-08-31 CVE-2021-3634 Libssh
Redhat
Debian
Fedoraproject
Oracle
Netapp
Out-of-bounds Write vulnerability in multiple products

A flaw has been found in libssh in versions prior to 0.9.6.

6.5
2021-08-30 CVE-2021-32832 Rocket Chat Unspecified vulnerability in Rocket.Chat

Rocket.Chat is an open-source fully customizable communications platform developed in JavaScript.

6.5
2021-08-30 CVE-2021-36692 Libjxl Project Divide By Zero vulnerability in Libjxl Project Libjxl 0.3.7

libjxl v0.3.7 is affected by a Divide By Zero in issue in lib/extras/codec_apng.cc jxl::DecodeImageAPNG().

6.5
2021-08-30 CVE-2020-18123 Indexhibit Cross-Site Request Forgery (CSRF) vulnerability in Indexhibit 2.1.5

A cross-site request forgery (CSRF) vulnerability in Indexhibit 2.1.5 allows attackers to arbitrarily delete admin accounts.

6.5
2021-08-30 CVE-2020-18127 Indexhibit Path Traversal vulnerability in Indexhibit 2.1.5

An issue in the /config/config.php component of Indexhibit 2.1.5 allows attackers to arbitrarily view files.

6.5
2021-09-05 CVE-2021-23439 Johndatserakis Cross-site Scripting vulnerability in Johndatserakis File-Upload-With-Preview

This affects the package file-upload-with-preview before 4.2.0.

6.1
2021-09-03 CVE-2021-40492 Gibbonedu Cross-site Scripting vulnerability in Gibbonedu Gibbon 22.0.00

A reflected XSS vulnerability exists in multiple pages in version 22 of the Gibbon application that allows for arbitrary execution of JavaScript (gibbonCourseClassID, gibbonPersonID, subpage, currentDate, or allStudents to index.php).

6.1
2021-09-03 CVE-2021-39191 Openidc
Fedoraproject
Debian
mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider.
6.1
2021-09-02 CVE-2021-27578 Apache Cross-site Scripting vulnerability in Apache Zeppelin

Cross Site Scripting vulnerability in markdown interpreter of Apache Zeppelin allows an attacker to inject malicious scripts.

6.1
2021-09-02 CVE-2021-34732 Cisco Cross-site Scripting vulnerability in Cisco Prime Collaboration Provisioning

A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.

6.1
2021-09-01 CVE-2021-39186 Miraheze Unspecified vulnerability in Miraheze Globalnewfiles

GlobalNewFiles is a MediaWiki extension maintained by Miraheze.

6.1
2021-09-01 CVE-2021-36026 Adobe Unspecified vulnerability in Adobe Commerce and Magento Open Source

Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by a stored cross-site scripting vulnerability in the customer address upload feature that could be abused by an attacker to inject malicious scripts into vulnerable form fields.

6.1
2021-09-01 CVE-2021-36027 Adobe Unspecified vulnerability in Adobe Commerce and Magento Open Source

Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by a stored cross-site scripting vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.

6.1
2021-09-01 CVE-2021-36062 Adobe Unspecified vulnerability in Adobe Connect

Adobe Connect version 11.2.2 (and earlier) is affected by a Reflected Cross-site Scripting vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.

6.1
2021-09-01 CVE-2021-36063 Adobe Cross-site Scripting vulnerability in Adobe Connect

Adobe Connect version 11.2.2 (and earlier) is affected by a Reflected Cross-site Scripting vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.

6.1
2021-08-31 CVE-2021-22929 Brave Information Exposure Through Log Files vulnerability in Brave

An information disclosure exists in Brave Browser Desktop prior to version 1.28.62, where logged warning messages that included timestamps of connections to V2 onion domains in tor.log.

6.1
2021-08-31 CVE-2021-34562 Pepperl Fuchs Unspecified vulnerability in Pepperl-Fuchs products

In PEPPERL+FUCHS WirelessHART-Gateway 3.0.8 it is possible to inject arbitrary JavaScript into the application's response.

6.1
2021-08-31 CVE-2021-38143 Formtools Cross-site Scripting vulnerability in Formtools Core

An issue was discovered in Form Tools through 3.0.20.

6.1
2021-08-31 CVE-2020-13639 Outsystems Cross-site Scripting vulnerability in Outsystems products

A stored XSS vulnerability was discovered in the ECT Provider in OutSystems before 2020-09-04, affecting generated applications.

6.1
2021-08-31 CVE-2021-27558 Easycorp Cross-site Scripting vulnerability in Easycorp Zentao 12.5.3

A cross site scripting (XSS) issue in EasyCorp ZenTao 12.5.3 allows remote attackers to execute arbitrary web script via various areas such as data-link-creator.

6.1
2021-08-31 CVE-2021-39178 Vercel Cross-site Scripting vulnerability in Vercel Next.Js

Next.js is a React framework.

6.1
2021-08-30 CVE-2021-39175 Hedgedoc Cross-site Scripting vulnerability in Hedgedoc

HedgeDoc is a platform to write and share markdown.

6.1
2021-08-30 CVE-2021-35061 DRK Odenwaldkreis Cross-site Scripting vulnerability in Drk-Odenwaldkreis Testerfassung 20210331

Multiple cross-site scripting (XSS) vulnerabilities in DRK Odenwaldkreis Testerfassung March-2021 allow remote attackers to inject arbitrary web script or HTML via all parameters to HTML form fields in all components.

6.1
2021-08-30 CVE-2021-37416 Zohocorp Cross-site Scripting vulnerability in Zohocorp Manageengine Adselfservice Plus

Zoho ManageEngine ADSelfService Plus version 6103 and prior is vulnerable to reflected XSS on the loadframe page.

6.1
2021-08-30 CVE-2021-38343 Kylephillips Open Redirect vulnerability in Kylephillips Nested Pages

The Nested Pages WordPress plugin <= 3.1.15 was vulnerable to an Open Redirect via the `page` POST parameter in the `npBulkActions`, `npBulkEdit`, `npListingSort`, and `npCategoryFilter` `admin_post` actions.

6.1
2021-08-30 CVE-2020-18125 Indexhibit Cross-site Scripting vulnerability in Indexhibit 2.1.5

A reflected cross-site scripting (XSS) vulnerability in the /plugin/ajax.php component of Indexhibit 2.1.5 allows attackers to execute arbitrary web scripts or HTML.

6.1
2021-08-30 CVE-2021-27909 Acquia Cross-site Scripting vulnerability in Acquia Mautic

For Mautic versions prior to 3.3.4/4.0.0, there is an XSS vulnerability on Mautic's password reset page where a vulnerable parameter, "bundle," in the URL could allow an attacker to execute Javascript code.

6.1
2021-08-30 CVE-2021-27910 Acquia Cross-site Scripting vulnerability in Acquia Mautic

Insufficient sanitization / filtering allows for arbitrary JavaScript Injection in Mautic using the bounce management callback function.

6.1
2021-08-30 CVE-2021-27911 Acquia Cross-site Scripting vulnerability in Acquia Mautic

Mautic versions before 3.3.4/4.0.0 are vulnerable to an inline JS XSS attack through the contact's first or last name and triggered when viewing a contact's details page then clicking on the action drop down and hovering over the Campaigns button.

6.1
2021-08-30 CVE-2021-24437 Realfavicongenerator Unspecified vulnerability in Realfavicongenerator Favicon BY Realfavicongenerator

The Favicon by RealFaviconGenerator WordPress plugin through 1.3.20 does not sanitise or escape one of its parameter before outputting it back in the response, leading to a Reflected Cross-Site Scripting (XSS) which is executed in the context of a logged administrator.

6.1
2021-08-30 CVE-2021-24438 Sharethis Cross-site Scripting vulnerability in Sharethis Dashboard for Google Analytics

The ShareThis Dashboard for Google Analytics WordPress plugin before 2.5.2 does not sanitise or escape the 'ga_action' parameter in the stats view before outputting it back in an attribute when the plugin is connected to a Google Analytics account, leading to a reflected Cross-Site Scripting issue which will be executed in the context of a logged in administrator

6.1
2021-08-30 CVE-2021-39111 Atlassian Cross-site Scripting vulnerability in Atlassian products

The Editor plugin in Atlassian Jira Server and Data Center before version 8.5.18, from 8.6.0 before 8.13.10, and from version 8.14.0 before 8.18.2 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the handling of supplied content such as from a PDF when pasted into a field such as the description field.

6.1
2021-08-30 CVE-2021-39272 Fetchmail
Fedoraproject
Cleartext Transmission of Sensitive Information vulnerability in multiple products

Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH.

5.9
2021-08-30 CVE-2020-18124 Indexhibit Cross-Site Request Forgery (CSRF) vulnerability in Indexhibit 2.1.5

A cross-site request forgery (CSRF) vulnerability in Indexhibit 2.1.5 allows attackers to arbitrarily reset account passwords.

5.7
2021-09-02 CVE-2021-22525 Microfocus Unspecified vulnerability in Microfocus Access Manager

This release addresses a potential information leakage vulnerability in NetIQ Access Manager versions prior to 5.0.1

5.5
2021-09-02 CVE-2021-34733 Cisco Insufficiently Protected Credentials vulnerability in Cisco products

A vulnerability in the CLI of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, local attacker to access sensitive information stored on the underlying file system of an affected system.

5.5
2021-09-01 CVE-2021-36058 Adobe
Debian
XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Integer Overflow vulnerability potentially resulting in application-level denial of service in the context of the current user.
5.5
2021-09-01 CVE-2021-36077 Adobe Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Bridge

Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious SVG file, potentially resulting in local application denial of service in the context of the current user.

5.5
2021-08-31 CVE-2021-36234 Unit4 Use of Hard-coded Credentials vulnerability in Unit4 Mik.Starlight 7.9.5.24363

Use of a hard-coded cryptographic key in MIK.starlight 7.9.5.24363 allows local users to decrypt credentials via unspecified vectors.

5.5
2021-08-31 CVE-2021-21681 Jenkins Insufficiently Protected Credentials vulnerability in Jenkins Nomad

Jenkins Nomad Plugin 0.7.4 and earlier stores Docker passwords unencrypted in the global config.xml file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system.

5.5
2021-08-31 CVE-2021-34564 Pepperl Fuchs Unspecified vulnerability in Pepperl-Fuchs products

Any cookie-stealing vulnerabilities within the application or browser would enable an attacker to steal the user's credentials to the PEPPERL+FUCHS WirelessHART-Gateway 3.0.9.

5.5
2021-08-30 CVE-2021-33003 Deltaww Use of a Broken or Risky Cryptographic Algorithm vulnerability in Deltaww Diaenergie 1.7.5

Delta Electronics DIAEnergie Version 1.7.5 and prior may allow an attacker to retrieve passwords in cleartext due to a weak hashing algorithm.

5.5
2021-09-04 CVE-2021-40509 Jforum Cross-site Scripting vulnerability in Jforum 2.7.0

ViewCommon.java in JForum2 2.7.0 allows XSS via a user signature.

5.4
2021-09-01 CVE-2020-20344 Wtcms Project Cross-site Scripting vulnerability in Wtcms Project Wtcms 1.0

WTCMS 1.0 contains a reflective cross-site scripting (XSS) vulnerability in the keyword search function under the background articles module.

5.4
2021-09-01 CVE-2020-20345 Wtcms Project Cross-site Scripting vulnerability in Wtcms Project Wtcms 1.0

WTCMS 1.0 contains a reflective cross-site scripting (XSS) vulnerability in the page management background which allows attackers to obtain cookies via a crafted payload entered into the search box.

5.4
2021-09-01 CVE-2020-20347 Wtcms Project Cross-site Scripting vulnerability in Wtcms Project Wtcms 1.0

WTCMS 1.0 contains a stored cross-site scripting (XSS) vulnerability in the source field under the article management module.

5.4
2021-09-01 CVE-2020-20348 Wtcms Project Cross-site Scripting vulnerability in Wtcms Project Wtcms 1.0

WTCMS 1.0 contains a stored cross-site scripting (XSS) vulnerability in the link field under the background menu management module.

5.4
2021-09-01 CVE-2020-20349 Wtcms Project Cross-site Scripting vulnerability in Wtcms Project Wtcms 1.0

WTCMS 1.0 contains a stored cross-site scripting (XSS) vulnerability in the link address field under the background links module.

5.4
2021-09-01 CVE-2021-29852 IBM Cross-site Scripting vulnerability in IBM Planning Analytics 2.0

IBM Planning Analytics 2.0 is vulnerable to cross-site scripting.

5.4
2021-09-01 CVE-2021-39166 Pimcore Unspecified vulnerability in Pimcore

Pimcore is an open source data & experience management platform.

5.4
2021-09-01 CVE-2021-39170 Pimcore Cross-site Scripting vulnerability in Pimcore

Pimcore is an open source data & experience management platform.

5.4
2021-08-31 CVE-2021-37794 Filebrowser Project Cross-site Scripting vulnerability in Filebrowser Project Filebrowser

A stored cross-site scripting (XSS) vulnerability exists in FileBrowser < v2.16.0 that allows an authenticated user authorized to upload a malicious .svg file which acts as a stored XSS payload.

5.4
2021-08-31 CVE-2021-35239 Solarwinds Cross-site Scripting vulnerability in Solarwinds Orion Platform

A security researcher found a user with Orion map manage rights could store XSS through via text box hyperlink.

5.4
2021-08-31 CVE-2020-19046 S CMS Cross-site Scripting vulnerability in S-Cms 1.0

Cross Site Scripting (XSS) in S-CMS v1.0 allows remote attackers to execute arbitrary code via the component '/admin/tpl.php?page='.

5.4
2021-08-31 CVE-2020-19048 Mybb Cross-site Scripting vulnerability in Mybb 1.8.20

Cross Site Scripting (XSS) in MyBB v1.8.20 allows remote attackers to inject arbitrary web script or HTML via the "Title" field found in the "Add New Forum" page by doing an authenticated POST HTTP request to '/Upload/admin/index.php?module=forum-management&action=add'.

5.4
2021-08-31 CVE-2020-19049 Mybb Cross-site Scripting vulnerability in Mybb 1.8.20

Cross Site Scripting (XSS) in MyBB v1.8.20 allows remote attackers to inject arbitrary web script or HTML via the "Description" field found in the "Add New Forum" page by doing an authenticated POST HTTP request to '/Upload/admin/index.php?module=forum-management&action=add'.

5.4
2021-08-31 CVE-2021-38144 Formtools Cross-site Scripting vulnerability in Formtools Core

An issue was discovered in Form Tools through 3.0.20.

5.4
2021-08-30 CVE-2021-22021 Vmware Cross-site Scripting vulnerability in VMWare Cloud Foundation and Vrealize LOG Insight

VMware vRealize Log Insight (8.x prior to 8.4) contains a Cross Site Scripting (XSS) vulnerability due to improper user input validation.

5.4
2021-08-30 CVE-2021-34668 Devowl Cross-site Scripting vulnerability in Devowl Wordpress Real Media Library

The WordPress Real Media Library WordPress plugin is vulnerable to Stored Cross-Site Scripting via the name parameter in the ~/inc/overrides/lite/rest/Folder.php file which allows author-level attackers to inject arbitrary web scripts in folder names, in versions up to and including 4.14.1.

5.4
2021-08-30 CVE-2020-18126 Indexhibit Cross-site Scripting vulnerability in Indexhibit 2.1.5

Multiple stored cross-site scripting (XSS) vulnerabilities in the Sections module of Indexhibit 2.1.5 allows attackers to execute arbitrary web scripts or HTML.

5.4
2021-08-30 CVE-2021-3628 Openkm Cross-site Scripting vulnerability in Openkm 6.3.10

OpenKM Community Edition in its 6.3.10 version is vulnerable to authenticated Cross-site scripting (XSS).

5.4
2021-08-30 CVE-2021-29743 IBM Cross-site Scripting vulnerability in IBM Maximo Application Suite and Maximo Asset Management

IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to stored cross-site scripting.

5.4
2021-08-30 CVE-2021-27912 Acquia Cross-site Scripting vulnerability in Acquia Mautic

Mautic versions before 3.3.4/4.0.0 are vulnerable to an inline JS XSS attack when viewing Mautic assets by utilizing inline JS in the title and adding a broken image URL as a remote asset.

5.4
2021-08-30 CVE-2021-24528 Wpmanageninja Cross-site Scripting vulnerability in Wpmanageninja Fluentsmtp

The FluentSMTP WordPress plugin before 2.0.1 does not sanitize parameters before storing the settings in the database, nor does the plugin escape the values before outputting them when viewing the SMTP settings set by this plugin, leading to a stored cross site scripting (XSS) vulnerability.

5.4
2021-08-30 CVE-2021-24593 Business Hours Indicator Project Cross-site Scripting vulnerability in Business Hours Indicator Project Business Hours Indicator

The Business Hours Indicator WordPress plugin before 2.3.5 does not sanitise or escape its 'Now closed message" setting when outputting it in the backend and frontend, leading to an Authenticated Stored Cross-Site Scripting issue

5.4
2021-08-30 CVE-2021-24665 Tipsandtricks HQ Cross-site Scripting vulnerability in Tipsandtricks-Hq WP Video Lightbox

The WP Video Lightbox WordPress plugin before 1.9.3 does not escape the attributes of its shortcodes, allowing users with a role as low as contributor to perform Cross-Site Scripting attacks

5.4
2021-08-30 CVE-2021-24667 Simplygallery Unspecified vulnerability in Simplygallery Simply Gallery Blocks With Lightbox

A stored cross-site scripting vulnerability has been discovered in : Simply Gallery Blocks with Lightbox (Version – 2.2.0 & below).

5.4
2021-09-03 CVE-2021-39193 Parity Improper Validation of Specified Quantity in Input vulnerability in Parity Frontier

Frontier is Substrate's Ethereum compatibility layer.

5.3
2021-09-02 CVE-2021-38314 Redux Use of Password Hash With Insufficient Computational Effort vulnerability in Redux Gutenberg Template Library & Redux Framework

The Gutenberg Template Library & Redux Framework plugin <= 4.2.11 for WordPress registered several AJAX actions available to unauthenticated users in the `includes` function in `redux-core/class-redux-core.php` that were unique to a given site but deterministic and predictable given that they were based on an md5 hash of the site URL with a known salt value of '-redux' and an md5 hash of the previous hash with a known salt value of '-support'.

5.3
2021-09-01 CVE-2021-39119 Atlassian Incorrect Authorization vulnerability in Atlassian Data Center and Jira

Affected versions of Atlassian Jira Server and Data Center allow users who have watched an issue to continue receiving updates on the issue even after their Jira account is revoked, via a Broken Access Control vulnerability in the issue notification feature.

5.3
2021-09-01 CVE-2021-37151 Cyberark Information Exposure Through Discrepancy vulnerability in Cyberark Identity

CyberArk Identity 21.5.131, when handling an invalid authentication attempt, sometimes reveals whether the username is valid.

5.3
2021-08-31 CVE-2021-27668 Hashicorp Missing Authentication for Critical Function vulnerability in Hashicorp Vault

HashiCorp Vault Enterprise 0.9.2 through 1.6.2 allowed the read of license metadata from DR secondaries without authentication.

5.3
2021-08-31 CVE-2021-34559 Pepperl Fuchs Unspecified vulnerability in Pepperl-Fuchs products

In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.8 a vulnerability may allow remote attackers to rewrite links and URLs in cached pages to arbitrary strings.

5.3
2021-08-30 CVE-2021-34434 Eclipse
Fedoraproject
Incorrect Authorization vulnerability in multiple products

In Eclipse Mosquitto versions 2.0 to 2.0.11, when using the dynamic security plugin, if the ability for a client to make subscriptions on a topic is revoked when a durable client is offline, then existing subscriptions for that client are not revoked.

5.3
2021-09-02 CVE-2021-31797 Cyberark Insufficient Entropy vulnerability in Cyberark Credential Provider

The user identification mechanism used by CyberArk Credential Provider prior to 12.1 is susceptible to a local host race condition, leading to password disclosure.

5.1
2021-08-31 CVE-2021-35219 Solarwinds Unspecified vulnerability in Solarwinds Orion Platform

ExportToPdfCmd Arbitrary File Read Information Disclosure Vulnerability using ImportAlert function within the Alerts Settings page.

4.9
2021-08-30 CVE-2021-22022 Vmware Path Traversal vulnerability in VMWare products

The vRealize Operations Manager API (8.x prior to 8.5) contains an arbitrary file read vulnerability.

4.9
2021-08-30 CVE-2021-29728 IBM Use of Hard-coded Credentials vulnerability in IBM products

IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.

4.9
2021-09-02 CVE-2021-34759 Cisco Cross-site Scripting vulnerability in Cisco Identity Services Engine

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting (XSS) attack against a user of the interface.

4.8
2021-09-01 CVE-2021-35238 Solarwinds Cross-site Scripting vulnerability in Solarwinds Orion Platform

User with Orion Platform Admin Rights could store XSS through URL POST parameter in CreateExternalWebsite website.

4.8
2021-08-31 CVE-2021-35240 Solarwinds Cross-site Scripting vulnerability in Solarwinds Orion Platform

A security researcher stored XSS via a Help Server setting.

4.8
2021-08-30 CVE-2021-24592 Yoohooplugins Cross-site Scripting vulnerability in Yoohooplugins Sitewide Notice

The Sitewide Notice WP WordPress plugin before 2.3 does not sanitise some of its settings before outputting them in frontend pages, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed

4.8
2021-08-30 CVE-2021-39117 Atlassian Cross-site Scripting vulnerability in Atlassian Data Center and Jira

The AssociateFieldToScreens page in Atlassian Jira Server and Data Center before version 8.18.0 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability via the name of a custom field.

4.8
2021-09-02 CVE-2021-31798 Cyberark Insufficient Entropy vulnerability in Cyberark Credential Provider

The effective key space used to encrypt the cache in CyberArk Credential Provider prior to 12.1 has low entropy, and under certain conditions a local malicious user can obtain the plaintext of cache files.

4.4
2021-09-02 CVE-2021-34765 Cisco Files or Directories Accessible to External Parties vulnerability in Cisco Nexus Insights

A vulnerability in the web UI for Cisco Nexus Insights could allow an authenticated, remote attacker to view and download files related to the web application.

4.3
2021-09-01 CVE-2021-29851 IBM Unspecified vulnerability in IBM Planning Analytics 2.0

IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser.

4.3
2021-09-01 CVE-2021-29853 IBM Unchecked Return Value vulnerability in IBM Planning Analytics 2.0

IBM Planning Analytics 2.0 could expose information that could be used to to create attacks by not validating the return values from some methods or functions.

4.3
2021-08-31 CVE-2021-27557 Easycorp Cross-Site Request Forgery (CSRF) vulnerability in Easycorp Zentao 12.5.3

A cross-site request forgery (CSRF) vulnerability in the Cron job tab in EasyCorp ZenTao 12.5.3 allows attackers to update the fields of a Cron job.

4.3
2021-08-30 CVE-2021-27019 Puppet Information Exposure Through Log Files vulnerability in Puppet Enterprise and Puppetdb

PuppetDB logging included potentially sensitive system information.

4.3
2021-08-30 CVE-2021-32991 Deltaww Unspecified vulnerability in Deltaww Diaenergie 1.7.5

Delta Electronics DIAEnergie Version 1.7.5 and prior is vulnerable to cross-site request forgery, which may allow an attacker to cause a user to carry out an action unintentionally.

4.3

6 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2021-08-30 CVE-2021-27913 Acquia Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Acquia Mautic

The function mt_rand is used to generate session tokens, this function is cryptographically flawed due to its nature being one pseudorandomness, an attacker can take advantage of the cryptographically insecure nature of this function to enumerate session tokens for accounts that are not under his/her control This issue affects: Mautic Mautic versions prior to 3.3.4; versions prior to 4.0.0.

3.5
2021-09-01 CVE-2021-36045 Adobe
Debian
XMP Toolkit SDK versions 2020.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory.
3.3
2021-09-01 CVE-2021-36053 Adobe
Debian
XMP Toolkit SDK versions 2020.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory.
3.3
2021-08-31 CVE-2021-34563 Pepperl Fuchs Unspecified vulnerability in Pepperl-Fuchs products

In PEPPERL+FUCHS WirelessHART-Gateway 3.0.8 and 3.0.9 the HttpOnly attribute is not set on a cookie.

3.3
2021-08-31 CVE-2021-39164 Matrix
Fedoraproject
Matrix is an ecosystem for open federated Instant Messaging and Voice over IP.
3.1
2021-08-31 CVE-2021-39163 Matrix
Fedoraproject
Matrix is an ecosystem for open federated Instant Messaging and Voice over IP.
3.1