Weekly Vulnerabilities Reports > August 30 to September 5, 2021
Overview
303 new vulnerabilities reported during this period, including 44 critical vulnerabilities and 147 high severity vulnerabilities. This weekly summary report vulnerabilities in 270 products from 123 vendors including Adobe, Fedoraproject, Debian, Microsoft, and Solarwinds. Vulnerabilities are notably categorized as "Cross-site Scripting", "Out-of-bounds Write", "Use After Free", "Deserialization of Untrusted Data", and "SQL Injection".
- 261 reported vulnerabilities are remotely exploitables.
- 108 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 189 reported vulnerabilities are exploitable by an anonymous user.
- Adobe has the most reported vulnerabilities, with 37 reported vulnerabilities.
- Deltaww has the most reported critical vulnerabilities, with 6 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
44 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2021-09-03 | CVE-2021-40494 | Adaptivescale | Use of Hard-coded Credentials vulnerability in Adaptivescale Lxdui A Hardcoded JWT Secret Key in metadata.py in AdaptiveScale LXDUI through 2.1.3 allows attackers to gain admin access to the host system. | 9.8 |
2021-09-02 | CVE-2021-34436 | Eclipse | XXE vulnerability in Eclipse Theia 0.1.1/0.2.0 In Eclipse Theia 0.1.1 to 0.2.0, it is possible to exploit the default build to obtain remote code execution (and XXE) via the theia-xml-extension. | 9.8 |
2021-09-02 | CVE-2020-18048 | Bertanddip | Command Injection vulnerability in Bertanddip Craigms 1.0 An issue in craigms/main.php of CraigMS 1.0 allows attackers to execute arbitrary commands via a crafted input entered into the DB Name field. | 9.8 |
2021-09-02 | CVE-2019-10095 | Apache | Command Injection vulnerability in Apache Zeppelin bash command injection vulnerability in Apache Zeppelin allows an attacker to inject system commands into Spark interpreter settings. | 9.8 |
2021-09-02 | CVE-2021-3757 | Immer Project | Unspecified vulnerability in Immer Project Immer immer is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | 9.8 |
2021-09-02 | CVE-2021-34746 | Cisco | Improper Authentication vulnerability in Cisco Enterprise NFV Infrastructure Software A vulnerability in the TACACS+ authentication, authorization and accounting (AAA) feature of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote attacker to bypass authentication and log in to an affected device as an administrator. | 9.8 |
2021-09-01 | CVE-2021-23438 | Mpath Project | Type Confusion vulnerability in Mpath Project Mpath This affects the package mpath before 0.8.4. | 9.8 |
2021-09-01 | CVE-2021-23436 | Immer Project | Type Confusion vulnerability in Immer Project Immer This affects the package immer before 9.0.6. | 9.8 |
2021-09-01 | CVE-2021-23427 | Elfinder Netcore Project | Path Traversal vulnerability in Elfinder.Netcore Project Elfinder.Netcore This affects all versions of package elFinder.NetCore. | 9.8 |
2021-09-01 | CVE-2021-23428 | Elfinder Netcore Project | Path Traversal vulnerability in Elfinder.Netcore Project Elfinder.Netcore This affects all versions of package elFinder.NetCore. | 9.8 |
2021-09-01 | CVE-2021-36020 | Adobe | XML Injection (aka Blind XPath Injection) vulnerability in Adobe Commerce and Magento Open Source Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an XML Injection vulnerability in the 'City' field. | 9.8 |
2021-09-01 | CVE-2021-40350 | Christiedigital | Improper Authentication vulnerability in Christiedigital Dwu850-Gs Firmware 06.46 webctrl.cgi.elf on Christie Digital DWU850-GS V06.46 devices allows attackers to perform any desired action via a crafted query containing an unspecified Cookie header. | 9.8 |
2021-09-01 | CVE-2021-39377 | Os4Ed | SQL Injection vulnerability in Os4Ed Opensis 8.0 A SQL Injection vulnerability exists in openSIS 8.0 when MySQL (MariaDB) is being used as the application database. | 9.8 |
2021-09-01 | CVE-2021-39378 | Os4Ed | SQL Injection vulnerability in Os4Ed Opensis 8.0 A SQL Injection vulnerability exists in openSIS 8.0 when MySQL (MariaDB) is being used as the application database. | 9.8 |
2021-09-01 | CVE-2021-39379 | Os4Ed | SQL Injection vulnerability in Os4Ed Opensis 8.0 A SQL Injection vulnerability exists in openSIS 8.0 when MySQL (MariaDB) is being used as the application database. | 9.8 |
2021-09-01 | CVE-2021-37415 | Zohocorp | Missing Authentication for Critical Function vulnerability in Zohocorp Manageengine Servicedesk Plus Zoho ManageEngine ServiceDesk Plus before 11302 is vulnerable to authentication bypass that allows a few REST-API URLs without authentication. | 9.8 |
2021-09-01 | CVE-2021-40353 | Os4Ed | SQL Injection vulnerability in Os4Ed Opensis 8.0 A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as the application database. | 9.8 |
2021-08-31 | CVE-2021-22002 | Vmware | Improper Authentication vulnerability in VMWare products VMware Workspace ONE Access and Identity Manager, allow the /cfg web app and diagnostic endpoints, on port 8443, to be accessed via port 443 using a custom host header. | 9.8 |
2021-08-31 | CVE-2021-21811 | ATT | Integer Underflow (Wrap or Wraparound) vulnerability in ATT Xmill 0.7 A memory corruption vulnerability exists in the XML-parsing CreateLabelOrAttrib functionality of AT&T Labs’ Xmill 0.7. | 9.8 |
2021-08-31 | CVE-2021-34565 | Pepperl Fuchs | Unspecified vulnerability in Pepperl-Fuchs products In PEPPERL+FUCHS WirelessHART-Gateway 3.0.7 to 3.0.9 the SSH and telnet services are active with hard-coded credentials. | 9.8 |
2021-08-31 | CVE-2021-38145 | Formtools | SQL Injection vulnerability in Formtools Core An issue was discovered in Form Tools through 3.0.20. | 9.8 |
2021-08-31 | CVE-2021-36356 | Kramerav | Unrestricted Upload of File with Dangerous Type vulnerability in Kramerav Viaware 2.5.0719.1034 KRAMER VIAware through August 2021 allows remote attackers to execute arbitrary code because ajaxPages/writeBrowseFilePathAjax.php accepts arbitrary executable pathnames (even though browseSystemFiles.php is no longer reachable via the GUI). | 9.8 |
2021-08-30 | CVE-2020-22848 | Chshcms | Unspecified vulnerability in Chshcms Cscms 4.1 A remote code execution (RCE) vulnerability in the \Playsong.php component of cscms v4.1 allows attackers to execute arbitrary commands. | 9.8 |
2021-08-30 | CVE-2021-39177 | Geysermc | Unspecified vulnerability in Geysermc Geyser Geyser is a bridge between Minecraft: Bedrock Edition and Minecraft: Java Edition. | 9.8 |
2021-08-30 | CVE-2021-33055 | Zohocorp | OS Command Injection vulnerability in Zohocorp Manageengine Adselfservice Plus Zoho ManageEngine ADSelfService Plus through 6102 allows unauthenticated remote code execution in non-English editions. | 9.8 |
2021-08-30 | CVE-2021-34066 | Edgegallery | Deserialization of Untrusted Data vulnerability in Edgegallery Developer-Be 0.9/0.9.1 An issue was discovered in EdgeGallery/developer before v1.0. | 9.8 |
2021-08-30 | CVE-2021-34646 | Booster | Use of Insufficiently Random Values vulnerability in Booster for Woocommerce Versions up to, and including, 5.4.3, of the Booster for WooCommerce WordPress plugin are vulnerable to authentication bypass via the process_email_verification function due to a random token generation weakness in the reset_and_mail_activation_link function found in the ~/includes/class-wcj-emails-verification.php file. | 9.8 |
2021-08-30 | CVE-2021-37417 | Zohocorp | Improper Authentication vulnerability in Zohocorp Manageengine Adselfservice Plus Zoho ManageEngine ADSelfService Plus version 6103 and prior allows CAPTCHA bypass due to improper parameter validation. | 9.8 |
2021-08-30 | CVE-2021-37421 | Zohocorp | Insufficient Verification of Data Authenticity vulnerability in Zohocorp Manageengine Adselfservice Plus Zoho ManageEngine ADSelfService Plus 6103 and prior is vulnerable to admin portal access-restriction bypass. | 9.8 |
2021-08-30 | CVE-2021-21741 | ZTE | Deserialization of Untrusted Data vulnerability in ZTE Zxv10 M910 Firmware There is a command execution vulnerability in a ZTE conference management system. | 9.8 |
2021-08-30 | CVE-2021-27663 | Johnsoncontrols | Unspecified vulnerability in Johnsoncontrols Ac2000 Firmware A vulnerability in versions 10.1 through 10.5 of Johnson Controls CEM Systems AC2000 allows a remote attacker to access to the system without adequate authorization. | 9.8 |
2021-08-30 | CVE-2021-32955 | Deltaww | Unspecified vulnerability in Deltaww Diaenergie 1.7.5 Delta Electronics DIAEnergie Version 1.7.5 and prior allows unrestricted file uploads, which may allow an attacker to remotely execute code. | 9.8 |
2021-08-30 | CVE-2021-32967 | Deltaww | Improper Authentication vulnerability in Deltaww Diaenergie 1.7.5 Delta Electronics DIAEnergie Version 1.7.5 and prior may allow an attacker to add a new administrative user without being authenticated or authorized, which may allow the attacker to log in and use the device with administrative privileges. | 9.8 |
2021-08-30 | CVE-2021-32983 | Deltaww | Unspecified vulnerability in Deltaww Diaenergie 1.7.5 A Blind SQL injection vulnerability exists in the /DataHandler/Handler_CFG.ashx endpoint of Delta Electronics DIAEnergie Version 1.7.5 and prior. | 9.8 |
2021-08-30 | CVE-2021-38390 | Deltaww | Unspecified vulnerability in Deltaww Diaenergie 1.7.5 A Blind SQL injection vulnerability exists in the /DataHandler/HandlerEnergyType.ashx endpoint of Delta Electronics DIAEnergie Version 1.7.5 and prior. | 9.8 |
2021-08-30 | CVE-2021-38391 | Deltaww | Unspecified vulnerability in Deltaww Diaenergie 1.7.5 A Blind SQL injection vulnerability exists in the /DataHandler/AM/AM_Handler.ashx endpoint of Delta Electronics DIAEnergie Version 1.7.5 and prior. | 9.8 |
2021-08-30 | CVE-2021-38393 | Deltaww | Unspecified vulnerability in Deltaww Diaenergie 1.7.5 A Blind SQL injection vulnerability exists in the /DataHandler/HandlerAlarmGroup.ashx endpoint of Delta Electronics DIAEnergie Version 1.7.5 and prior. | 9.8 |
2021-08-30 | CVE-2020-15744 | Govicture | Out-of-bounds Write vulnerability in Govicture Pc420 Firmware 1.2.2 Stack-based Buffer Overflow vulnerability in the ONVIF server component of Victure PC420 smart camera allows an attacker to execute remote code on the target device. | 9.8 |
2021-08-30 | CVE-2021-26084 | Atlassian | Expression Language Injection vulnerability in Atlassian Confluence Data Center and Confluence Server In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. | 9.8 |
2021-08-30 | CVE-2021-37749 | Hexagongeospatial | SQL Injection vulnerability in Hexagongeospatial Geomedia Webmap MapService.svc in Hexagon GeoMedia WebMap 2020 before Update 2 (aka 16.6.2.66) allows blind SQL Injection via the Id (within sourceItems) parameter to the GetMap method. | 9.8 |
2021-08-31 | CVE-2021-22943 | UI | Improper Authentication vulnerability in UI Unifi Protect 1.13.3 A vulnerability found in UniFi Protect application V1.18.1 and earlier permits a malicious actor who has already gained access to a network to subsequently control the Protect camera(s) assigned to said network. | 9.6 |
2021-08-31 | CVE-2021-35222 | Solarwinds | Cross-site Scripting vulnerability in Solarwinds Orion Platform This vulnerability allows attackers to impersonate users and perform arbitrary actions leading to a Remote Code Execution (RCE) from the Alerts Settings page. | 9.6 |
2021-09-02 | CVE-2021-22704 | Schneider Electric | Unspecified vulnerability in Schneider-Electric Ecostruxure Machine Expert and Vijeo Designer A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists in Harmony/HMI Products Configured by Vijeo Designer (all versions prior to V6.2 SP11 ), Vijeo Designer Basic (all versions prior to V1.2), or EcoStruxure Machine Expert (all versions prior to V2.0) that could cause a Denial of Service or unauthorized access to system information when connecting to the Harmony HMI over FTP. | 9.1 |
2021-09-01 | CVE-2020-20495 | Bludit | Unspecified vulnerability in Bludit 3.13.0 bludit v3.13.0 contains an arbitrary file deletion vulnerability in the backup plugin via the `deleteBackup' parameter. | 9.1 |
147 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2021-09-03 | CVE-2021-30606 | Microsoft Fedoraproject | Use After Free vulnerability in multiple products Chromium: CVE-2021-30606 Use after free in Blink | 8.8 |
2021-09-03 | CVE-2021-30607 | Fedoraproject Microsoft | Use After Free vulnerability in multiple products Chromium: CVE-2021-30607 Use after free in Permissions | 8.8 |
2021-09-03 | CVE-2021-30608 | Fedoraproject Microsoft | Use After Free vulnerability in multiple products Chromium: CVE-2021-30608 Use after free in Web Share | 8.8 |
2021-09-03 | CVE-2021-30609 | Fedoraproject Microsoft | Use After Free vulnerability in multiple products Chromium: CVE-2021-30609 Use after free in Sign-In | 8.8 |
2021-09-03 | CVE-2021-30610 | Fedoraproject Microsoft | Use After Free vulnerability in multiple products Chromium: CVE-2021-30610 Use after free in Extensions API | 8.8 |
2021-09-03 | CVE-2021-30611 | Fedoraproject Microsoft | Use After Free vulnerability in multiple products Chromium: CVE-2021-30611 Use after free in WebRTC | 8.8 |
2021-09-03 | CVE-2021-30612 | Fedoraproject Microsoft | Use After Free vulnerability in multiple products Chromium: CVE-2021-30612 Use after free in WebRTC | 8.8 |
2021-09-03 | CVE-2021-30613 | Fedoraproject Microsoft | Use After Free vulnerability in multiple products Chromium: CVE-2021-30613 Use after free in Base internals | 8.8 |
2021-09-03 | CVE-2021-30614 | Fedoraproject Microsoft | Out-of-bounds Write vulnerability in multiple products Chromium: CVE-2021-30614 Heap buffer overflow in TabStrip | 8.8 |
2021-09-03 | CVE-2021-30616 | Fedoraproject Microsoft | Use After Free vulnerability in multiple products Chromium: CVE-2021-30616 Use after free in Media | 8.8 |
2021-09-03 | CVE-2021-30618 | Fedoraproject Microsoft | Chromium: CVE-2021-30618 Inappropriate implementation in DevTools | 8.8 |
2021-09-03 | CVE-2021-30620 | Fedoraproject Microsoft | Chromium: CVE-2021-30620 Insufficient policy enforcement in Blink | 8.8 |
2021-09-03 | CVE-2021-30622 | Fedoraproject Microsoft | Use After Free vulnerability in multiple products Chromium: CVE-2021-30622 Use after free in WebApp Installs | 8.8 |
2021-09-03 | CVE-2021-30623 | Fedoraproject Microsoft | Use After Free vulnerability in multiple products Chromium: CVE-2021-30623 Use after free in Bookmarks | 8.8 |
2021-09-03 | CVE-2021-30624 | Fedoraproject Microsoft | Use After Free vulnerability in multiple products Chromium: CVE-2021-30624 Use after free in Autofill | 8.8 |
2021-09-02 | CVE-2021-28550 | Adobe | Unspecified vulnerability in Adobe products Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a Use After Free vulnerability. | 8.8 |
2021-09-02 | CVE-2021-28553 | Adobe | Unspecified vulnerability in Adobe products Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by an Use After Free vulnerability. | 8.8 |
2021-09-02 | CVE-2021-28565 | Adobe | Unspecified vulnerability in Adobe products Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by an Out-of-bounds Read vulnerability in the PDFLibTool component. | 8.8 |
2021-09-01 | CVE-2021-40385 | Kaseya | Unspecified vulnerability in Kaseya Unitrends Backup Software An issue was discovered in the server software in Kaseya Unitrends Backup Software before 10.5.5-2. | 8.8 |
2021-09-01 | CVE-2021-40387 | Kaseya | Unspecified vulnerability in Kaseya Unitrends Backup Software An issue was discovered in the server software in Kaseya Unitrends Backup Software before 10.5.5-2. | 8.8 |
2021-09-01 | CVE-2021-34435 | Eclipse | Origin Validation Error vulnerability in Eclipse Theia In Eclipse Theia 0.3.9 to 1.8.1, the "mini-browser" extension allows a user to preview HTML files in an iframe inside the IDE. | 8.8 |
2021-09-01 | CVE-2021-35215 | Solarwinds | Deserialization of Untrusted Data vulnerability in Solarwinds Orion Platform Insecure deserialization leading to Remote Code Execution was detected in the Orion Platform version 2020.2.5. | 8.8 |
2021-09-01 | CVE-2021-35216 | Solarwinds | Deserialization of Untrusted Data vulnerability in Solarwinds Patch Manager Insecure Deserialization of untrusted data remote code execution vulnerability was discovered in Patch Manager Orion Platform Integration module. | 8.8 |
2021-09-01 | CVE-2021-35218 | Solarwinds | Deserialization of Untrusted Data vulnerability in Solarwinds Orion Platform Deserialization of Untrusted Data in the Web Console Chart Endpoint can lead to remote code execution. | 8.8 |
2021-09-01 | CVE-2021-36032 | Adobe | Authorization Bypass Through User-Controlled Key vulnerability in Adobe Commerce and Magento Open Source Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. | 8.8 |
2021-09-01 | CVE-2021-35508 | Terarecon | Incorrect Permission Assignment for Critical Resource vulnerability in Terarecon Aquariusnet 4.4.13 NMSAccess32.exe in TeraRecon AQNetClient 4.4.13 allows attackers to execute a malicious binary with SYSTEM privileges via a low-privileged user account. | 8.8 |
2021-09-01 | CVE-2021-38703 | KPN | Unspecified vulnerability in KPN Experia Wifi Firmware 1.00.15 Wireless devices running certain Arcadyan-derived firmware (such as KPN Experia WiFi 1.00.15) do not properly sanitise user input to the syslog configuration form. | 8.8 |
2021-08-31 | CVE-2021-36231 | Unit4 | Deserialization of Untrusted Data vulnerability in Unit4 Mik.Starlight 7.9.5.24363 Deserialization of untrusted data in multiple functions in MIK.starlight 7.9.5.24363 allows authenticated remote attackers to execute operating system commands by crafting serialized objects. | 8.8 |
2021-08-31 | CVE-2021-36232 | Unit4 | Missing Authorization vulnerability in Unit4 Mik.Starlight 7.9.5.24363 Improper Authorization in multiple functions in MIK.starlight 7.9.5.24363 allows an authenticated attacker to escalate privileges. | 8.8 |
2021-08-31 | CVE-2021-39180 | Frentix | Path Traversal vulnerability in Frentix Openolat OpenOLAT is a web-based learning management system (LMS). | 8.8 |
2021-08-31 | CVE-2021-35212 | Solarwinds | SQL Injection vulnerability in Solarwinds Orion Platform An SQL injection Privilege Escalation Vulnerability was discovered in the Orion Platform reported by the ZDI Team. | 8.8 |
2021-08-31 | CVE-2021-29907 | IBM | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Openpages With Watson IBM OpenPages with Watson 8.1 and 8.2 could allow an authenticated user to upload a file that could execute arbitrary code on the system. | 8.8 |
2021-08-31 | CVE-2021-35213 | Solarwinds | Unspecified vulnerability in Solarwinds Orion Platform An Improper Access Control Privilege Escalation Vulnerability was discovered in the User Setting of Orion Platform version 2020.2.5. | 8.8 |
2021-08-31 | CVE-2021-35223 | Solarwinds | Unspecified vulnerability in Solarwinds Serv-U The Serv-U File Server allows for events such as user login failures to be audited by executing a command. | 8.8 |
2021-08-31 | CVE-2020-19047 | Iwebshop | Cross-Site Request Forgery (CSRF) vulnerability in Iwebshop 5.3 Cross Site Request Forgey (CSRF) in iWebShop v5.3 allows remote atatckers to execute arbitrary code via malicious POST request to the component '/index.php?controller=system&action=admin_edit_act'. | 8.8 |
2021-08-31 | CVE-2021-21677 | Jenkins | Deserialization of Untrusted Data vulnerability in Jenkins Code Coverage API Jenkins Code Coverage API Plugin 1.4.0 and earlier does not apply Jenkins JEP-200 deserialization protection to Java objects it deserializes from disk, resulting in a remote code execution vulnerability. | 8.8 |
2021-08-31 | CVE-2021-21678 | Jenkins | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Saml Jenkins SAML Plugin 2.0.7 and earlier allows attackers to craft URLs that would bypass the CSRF protection of any target URL in Jenkins. | 8.8 |
2021-08-31 | CVE-2021-21679 | Jenkins | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Azure AD Jenkins Azure AD Plugin 179.vf6841393099e and earlier allows attackers to craft URLs that would bypass the CSRF protection of any target URL in Jenkins. | 8.8 |
2021-08-31 | CVE-2021-34561 | Pepperl Fuchs | Unspecified vulnerability in Pepperl-Fuchs products In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.8 serious issue exists, if the application is not externally accessible or uses IP-based access restrictions. | 8.8 |
2021-08-31 | CVE-2021-36981 | Sernet | Deserialization of Untrusted Data vulnerability in Sernet Verinice In the server in SerNet verinice before 1.22.2, insecure Java deserialization allows remote authenticated attackers to execute arbitrary code. | 8.8 |
2021-08-30 | CVE-2021-39132 | Pagerduty | Deserialization of Untrusted Data vulnerability in Pagerduty Rundeck Rundeck is an open source automation service with a web console, command line tools and a WebAPI. | 8.8 |
2021-08-30 | CVE-2020-18121 | Indexhibit | Incorrect Permission Assignment for Critical Resource vulnerability in Indexhibit 2.1.5 A configuration issue in Indexhibit 2.1.5 allows authenticated attackers to modify .php files, leading to getshell. | 8.8 |
2021-08-30 | CVE-2020-35633 | Cgal Debian | A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. | 8.8 |
2021-08-30 | CVE-2020-35634 | Cgal Debian | A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. | 8.8 |
2021-08-30 | CVE-2020-35635 | Cgal Debian | A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1 in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface() store_sm_boundary_item() Sloop_of OOB read. | 8.8 |
2021-08-30 | CVE-2021-27020 | Puppet | Improper Neutralization of Formula Elements in a CSV File vulnerability in Puppet Enterprise Puppet Enterprise presented a security risk by not sanitizing user input when doing a CSV export. | 8.8 |
2021-08-30 | CVE-2021-24579 | Bold Themes | Deserialization of Untrusted Data vulnerability in Bold-Themes Bold Page Builder The bt_bb_get_grid AJAX action of the Bold Page Builder WordPress plugin before 3.1.6 passes user input into the unserialize() function without any validation or sanitisation, which could lead to a PHP Object Injection. | 8.8 |
2021-08-30 | CVE-2021-24580 | WOW Estore | SQL Injection vulnerability in Wow-Estore Side Menu The Side Menu Lite WordPress plugin before 2.2.6 does not sanitise user input from the List page in the admin dashboard before using it in SQL statement, leading to a SQL Injection issue | 8.8 |
2021-08-30 | CVE-2021-24581 | Blue Admin Project | Cross-site Scripting vulnerability in Blue-Admin Project Blue-Admin 21.06.01 The Blue Admin WordPress plugin through 21.06.01 does not sanitise or escape its "Logo Title" setting before outputting in a page, leading to a Stored Cross-Site Scripting issue. | 8.8 |
2021-08-30 | CVE-2021-36359 | Bscw | XML Injection (aka Blind XPath Injection) vulnerability in Bscw Classic OrbiTeam BSCW Classic before 7.4.3 allows exportpdf authenticated remote code execution (RCE) via XML tag injection because reportlab\platypus\paraparser.py (reached via bscw.cgi op=_editfolder.EditFolder) calls eval on attacker-supplied Python code. | 8.8 |
2021-08-30 | CVE-2021-39271 | Bscw | Unspecified vulnerability in Bscw Classic OrbiTeam BSCW Classic before 7.4.3 allows authenticated remote code execution (RCE) during archive extraction via attacker-supplied Python code in the class attribute of a .bscw file. | 8.8 |
2021-09-01 | CVE-2021-30355 | Amazon | Improper Privilege Management vulnerability in Amazon Kindle Firmware Amazon Kindle e-reader prior to and including version 5.13.4 improperly manages privileges, allowing the framework user to elevate privileges to root. | 8.6 |
2021-09-01 | CVE-2021-30354 | Amazon | Integer Overflow or Wraparound vulnerability in Amazon Kindle Firmware Amazon Kindle e-reader prior to and including version 5.13.4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function CJBig2Image::expand() and results in a memory corruption that leads to code execution when parsing a crafted PDF book. | 8.6 |
2021-08-31 | CVE-2021-37701 | Npmjs Debian Oracle Siemens | The npm package "tar" (aka node-tar) before versions 4.4.16, 5.0.8, and 6.1.7 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. | 8.6 |
2021-08-31 | CVE-2021-37712 | Npmjs Debian Oracle Siemens | The npm package "tar" (aka node-tar) before versions 4.4.18, 5.0.10, and 6.1.9 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. | 8.6 |
2021-08-31 | CVE-2021-37713 | Npmjs Oracle Siemens | The npm package "tar" (aka node-tar) before versions 4.4.18, 5.0.10, and 6.1.9 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. | 8.6 |
2021-09-01 | CVE-2021-40378 | Comprotech | Missing Authorization vulnerability in Comprotech products An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices. | 8.1 |
2021-08-31 | CVE-2021-35221 | Solarwinds | Unspecified vulnerability in Solarwinds Orion Platform Improper Access Control Tampering Vulnerability using ImportAlert function which can lead to a Remote Code Execution (RCE) from the Alerts Settings page. | 8.1 |
2021-08-31 | CVE-2021-34578 | Wago | Unspecified vulnerability in Wago products This vulnerability allows an attacker who has access to the WBM to read and write settings-parameters of the device by sending specifically constructed requests without authentication on multiple WAGO PLCs in firmware versions up to FW07. | 8.1 |
2021-08-30 | CVE-2021-35062 | Testzentrum ODW | OS Command Injection vulnerability in Testzentrum-Odw Testerfassung 202103 A Shell Metacharacter Injection vulnerability in result.php in DRK Odenwaldkreis Testerfassung March-2021 allow an attacker with a valid token of a COVID-19 test result to execute shell commands with the permissions of the web server. | 8.1 |
2021-08-30 | CVE-2021-29630 | Freebsd | Out-of-bounds Write vulnerability in Freebsd 11.4/12.2/13.0 In FreeBSD 13.0-STABLE before n246938-0729ba2f49c9, 12.2-STABLE before r370383, 11.4-STABLE before r370381, 13.0-RELEASE before p4, 12.2-RELEASE before p10, and 11.4-RELEASE before p13, the ggatec daemon does not validate the size of a response before writing it to a fixed-sized buffer allowing a malicious attacker in a privileged network position to overwrite the stack of ggatec and potentially execute arbitrary code. | 8.1 |
2021-08-30 | CVE-2021-38342 | Kylephillips | Cross-Site Request Forgery (CSRF) vulnerability in Kylephillips Nested Pages The Nested Pages WordPress plugin <= 3.1.15 was vulnerable to Cross-Site Request Forgery via the `npBulkAction`s and `npBulkEdit` `admin_post` actions, which allowed attackers to trash or permanently purge arbitrary posts as well as changing their status, reassigning their ownership, and editing other metadata. | 8.1 |
2021-08-31 | CVE-2021-22944 | UI | Unspecified vulnerability in UI Unifi Protect 1.13.3 A vulnerability found in UniFi Protect application V1.18.1 and earlier allows a malicious actor with a view-only role and network access to gain the same privileges as the owner of the UniFi Protect application. | 8.0 |
2021-09-02 | CVE-2021-22775 | Schneider Electric | Unspecified vulnerability in Schneider-Electric Gp-Pro EX A CWE-427: Uncontrolled Search Path Element vulnerability exists in GP-Pro EX,V4.09.250 and prior, that could cause local code execution with elevated privileges when installing the software. | 7.8 |
2021-09-02 | CVE-2021-35996 | Adobe | Out-of-bounds Write vulnerability in Adobe After Effects Adobe After Effects version 18.2.1 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file. | 7.8 |
2021-09-02 | CVE-2021-21086 | Adobe | Out-of-bounds Write vulnerability in Adobe products Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Write vulnerability in the CoolType library. | 7.8 |
2021-09-01 | CVE-2021-36046 | Adobe Debian | Out-of-bounds Write vulnerability in multiple products XMP Toolkit version 2020.1 (and earlier) is affected by a memory corruption vulnerability, potentially resulting in arbitrary code execution in the context of the current user. | 7.8 |
2021-09-01 | CVE-2021-36047 | Adobe Debian | XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Improper Input Validation vulnerability potentially resulting in arbitrary code execution in the context of the current user. | 7.8 |
2021-09-01 | CVE-2021-36048 | Adobe Debian | XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Improper Input Validation vulnerability potentially resulting in arbitrary code execution in the context of the current user. | 7.8 |
2021-09-01 | CVE-2021-36050 | Adobe Debian | Out-of-bounds Write vulnerability in multiple products XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. | 7.8 |
2021-09-01 | CVE-2021-36055 | Adobe Debian | XMP Toolkit SDK versions 2020.1 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
2021-09-01 | CVE-2021-36064 | Adobe Debian | XMP Toolkit version 2020.1 (and earlier) is affected by a Buffer Underflow vulnerability which could result in arbitrary code execution in the context of the current user. | 7.8 |
2021-09-01 | CVE-2021-36068 | Adobe | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Bridge Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious Bridge file, potentially resulting in arbitrary code execution in the context of the current user. | 7.8 |
2021-09-01 | CVE-2021-39847 | Adobe Debian | XMP Toolkit SDK version 2020.1 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. | 7.8 |
2021-09-01 | CVE-2021-39373 | Samsung | Insufficiently Protected Credentials vulnerability in Samsung Drive Manager 2.0.104 Samsung Drive Manager 2.0.104 on Samsung H3 devices allows attackers to bypass intended access controls on disk management. | 7.8 |
2021-09-01 | CVE-2021-36235 | Ivanti | Unspecified vulnerability in Ivanti Workspace Control An issue was discovered in Ivanti Workspace Control before 10.6.30.0. | 7.8 |
2021-08-31 | CVE-2021-39134 | Npmjs Oracle Siemens | Improper Handling of Case Sensitivity vulnerability in multiple products `@npmcli/arborist`, the library that calculates dependency trees and manages the `node_modules` folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed into the expected folder. | 7.8 |
2021-08-31 | CVE-2021-39135 | Npmjs Oracle Siemens | `@npmcli/arborist`, the library that calculates dependency trees and manages the node_modules folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed into the expected folder. | 7.8 |
2021-08-30 | CVE-2021-29631 | Freebsd | Use of Uninitialized Resource vulnerability in Freebsd 11.4/12.2/13.0 In FreeBSD 13.0-STABLE before n246941-20f96f215562, 12.2-STABLE before r370400, 11.4-STABLE before r370399, 13.0-RELEASE before p4, 12.2-RELEASE before p10, and 11.4-RELEASE before p13, certain VirtIO-based device models in bhyve failed to handle errors when fetching I/O descriptors. | 7.8 |
2021-08-30 | CVE-2021-33007 | Deltaww | Unspecified vulnerability in Deltaww Tpeditor A heap-based buffer overflow in Delta Electronics TPEditor: v1.98.06 and prior may be exploited by processing a specially crafted project file. | 7.8 |
2021-08-30 | CVE-2021-33019 | Deltaww | Out-of-bounds Write vulnerability in Deltaww Dopsoft A stack-based buffer overflow vulnerability in Delta Electronics DOPSoft Version 4.00.11 and prior may be exploited by processing a specially crafted project file, which may allow an attacker to execute arbitrary code. | 7.8 |
2021-09-05 | CVE-2021-40523 | Contiki OS | Improper Check for Unusual or Exceptional Conditions vulnerability in Contiki-Os Contiki 3.0 In Contiki 3.0, Telnet option negotiation is mishandled. | 7.5 |
2021-09-05 | CVE-2021-40524 | Pureftpd | Unrestricted Upload of File with Dangerous Type vulnerability in Pureftpd Pure-Ftpd In Pure-FTPd before 1.0.50, an incorrect max_filesize quota mechanism in the server allows attackers to upload files of unbounded size, which may lead to denial of service or a server hang. | 7.5 |
2021-09-05 | CVE-2021-40516 | Weechat Debian | Out-of-bounds Read vulnerability in multiple products WeeChat before 3.2.1 allows remote attackers to cause a denial of service (crash) via a crafted WebSocket frame that trigger an out-of-bounds read in plugins/relay/relay-websocket.c in the Relay plugin. | 7.5 |
2021-09-03 | CVE-2021-23437 | Python Fedoraproject | Out-of-bounds Read vulnerability in multiple products The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the getrgb function. | 7.5 |
2021-09-02 | CVE-2020-13929 | Apache | Unspecified vulnerability in Apache Zeppelin Authentication bypass vulnerability in Apache Zeppelin allows an attacker to bypass Zeppelin authentication mechanism to act as another user. | 7.5 |
2021-09-02 | CVE-2021-22792 | Schneider Electric | Unspecified vulnerability in Schneider-Electric products A CWE-476: NULL Pointer Dereference vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions). | 7.5 |
2021-09-02 | CVE-2021-39187 | Parseplatform | Improper Handling of Exceptional Conditions vulnerability in Parseplatform Parse-Server Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. | 7.5 |
2021-09-02 | CVE-2021-33928 | Opensuse | Out-of-bounds Write vulnerability in Opensuse Libsolv Buffer overflow vulnerability in function pool_installable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. | 7.5 |
2021-09-02 | CVE-2021-33929 | Opensuse | Out-of-bounds Write vulnerability in Opensuse Libsolv Buffer overflow vulnerability in function pool_disabled_solvable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. | 7.5 |
2021-09-02 | CVE-2021-33930 | Opensuse | Out-of-bounds Write vulnerability in Opensuse Libsolv Buffer overflow vulnerability in function pool_installable_whatprovides in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. | 7.5 |
2021-09-02 | CVE-2021-33938 | Opensuse | Out-of-bounds Write vulnerability in Opensuse Libsolv Buffer overflow vulnerability in function prune_to_recommended in src/policy.c in libsolv before 0.7.17 allows attackers to cause a Denial of Service. | 7.5 |
2021-09-02 | CVE-2021-31796 | Cyberark | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Cyberark Credential Provider An inadequate encryption vulnerability discovered in CyberArk Credential Provider before 12.1 may lead to Information Disclosure. | 7.5 |
2021-09-01 | CVE-2020-20340 | S CMS | SQL Injection vulnerability in S-Cms 1.0 A SQL injection vulnerability in the 4.edu.php\conn\function.php component of S-CMS v1.0 allows attackers to access sensitive database information. | 7.5 |
2021-09-01 | CVE-2020-20341 | Yzmcms | Server-Side Request Forgery (SSRF) vulnerability in Yzmcms 5.5 YzmCMS v5.5 contains a server-side request forgery (SSRF) in the grab_image() function. | 7.5 |
2021-09-01 | CVE-2021-40379 | Comprotech | Missing Authorization vulnerability in Comprotech products An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices. | 7.5 |
2021-09-01 | CVE-2021-40380 | Comprotech | Unspecified vulnerability in Comprotech products An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices. | 7.5 |
2021-09-01 | CVE-2021-40381 | Comprotech | Unspecified vulnerability in Comprotech products An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices. | 7.5 |
2021-09-01 | CVE-2021-40382 | Comprotech | Unspecified vulnerability in Comprotech products An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices. | 7.5 |
2021-09-01 | CVE-2021-23426 | Proto Project | Unspecified vulnerability in Proto Project Proto This affects all versions of package Proto. | 7.5 |
2021-09-01 | CVE-2021-36030 | Adobe | Unspecified vulnerability in Adobe Commerce and Magento Open Source Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability during the checkout process. | 7.5 |
2021-09-01 | CVE-2020-9000 | Iportalis | Resource Exhaustion vulnerability in Iportalis Control Portal 7.1.13.0 An issue was discovered in iPortalis iCS 7.1.13.0. | 7.5 |
2021-09-01 | CVE-2020-9002 | Iportalis | Improper Input Validation vulnerability in Iportalis Control Portal 7.1.13.0 An issue was discovered in iPortalis iCS 7.1.13.0. | 7.5 |
2021-09-01 | CVE-2021-33582 | Cyrus Fedoraproject Debian | Algorithmic Complexity vulnerability in multiple products Cyrus IMAP before 3.4.2 allows remote attackers to cause a denial of service (multiple-minute daemon hang) via input that is mishandled during hash-table interaction. | 7.5 |
2021-09-01 | CVE-2021-39109 | Atlassian | Path Traversal vulnerability in Atlassian Atlasboard The renderWidgetResource resource in Atlasian Atlasboard before version 1.1.9 allows remote attackers to read arbitrary files via a path traversal vulnerability. | 7.5 |
2021-08-31 | CVE-2020-20486 | Iec104 Project | Out-of-bounds Write vulnerability in Iec104 Project Iec104 1.0 IEC104 v1.0 contains a stack-buffer overflow in the parameter Iec10x_Sta_Addr. | 7.5 |
2021-08-31 | CVE-2020-20490 | Libiec Iccp MOD Project | Out-of-bounds Write vulnerability in Libiec Iccp MOD Project Libiec Iccp MOD 1.5 A heap buffer-overflow in the client_example1.c component of libiec_iccp_mod v1.5 leads to a denial of service (DOS). | 7.5 |
2021-08-31 | CVE-2021-22003 | Vmware | Improper Restriction of Excessive Authentication Attempts vulnerability in VMWare products VMware Workspace ONE Access and Identity Manager, unintentionally provide a login interface on port 7443. | 7.5 |
2021-08-31 | CVE-2021-22029 | Vmware | Allocation of Resources Without Limits or Throttling vulnerability in VMWare Workspace ONE UEM Console VMware Workspace ONE UEM REST API contains a denial of service vulnerability. | 7.5 |
2021-08-31 | CVE-2021-22684 | Samsung | Unspecified vulnerability in Samsung Tizenrt Tizen RT RTOS version 3.0.GBB is vulnerable to integer wrap-around in functions_calloc and mm_zalloc. | 7.5 |
2021-08-31 | CVE-2021-33555 | Pepperl Fuchs | Unspecified vulnerability in Pepperl-Fuchs products In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.7 the filename parameter is vulnerable to unauthenticated path traversal attacks, enabling read access to arbitrary files on the server. | 7.5 |
2021-08-31 | CVE-2021-34581 | Wago | Missing Release of Resource after Effective Lifetime vulnerability in Wago products Missing Release of Resource after Effective Lifetime vulnerability in OpenSSL implementation of WAGO 750-831/xxx-xxx, 750-880/xxx-xxx, 750-881, 750-889 in versions FW4 up to FW15 allows an unauthenticated attacker to cause DoS on the device. | 7.5 |
2021-08-31 | CVE-2021-3749 | Axios Siemens Oracle | axios is vulnerable to Inefficient Regular Expression Complexity | 7.5 |
2021-08-31 | CVE-2021-40330 | GIT SCM Debian | git_connect_git in connect.c in Git before 2.30.1 allows a repository path to contain a newline character, which may result in unexpected cross-protocol requests, as demonstrated by the git://localhost:1234/%0d%0a%0d%0aGET%20/%20HTTP/1.1 substring. | 7.5 |
2021-08-30 | CVE-2021-36691 | Libjxl Project | Reachable Assertion vulnerability in Libjxl Project Libjxl 0.5.0 libjxl v0.5.0 is affected by a Assertion failed issue in lib/jxl/image.cc jxl::PlaneBase::PlaneBase(). | 7.5 |
2021-08-30 | CVE-2021-36370 | Midnight Commander | Improper Authentication vulnerability in Midnight-Commander Midnight Commander An issue was discovered in Midnight Commander through 4.8.26. | 7.5 |
2021-08-30 | CVE-2021-22024 | Vmware | Information Exposure Through Log Files vulnerability in VMWare products The vRealize Operations Manager API (8.x prior to 8.5) contains an arbitrary log-file read vulnerability. | 7.5 |
2021-08-30 | CVE-2021-22025 | Vmware | Improper Authentication vulnerability in VMWare products The vRealize Operations Manager API (8.x prior to 8.5) contains a broken access control vulnerability leading to unauthenticated API access. | 7.5 |
2021-08-30 | CVE-2021-22026 | Vmware | Server-Side Request Forgery (SSRF) vulnerability in VMWare products The vRealize Operations Manager API (8.x prior to 8.5) contains a Server Side Request Forgery in an end point. | 7.5 |
2021-08-30 | CVE-2021-22027 | Vmware | Server-Side Request Forgery (SSRF) vulnerability in VMWare products The vRealize Operations Manager API (8.x prior to 8.5) contains a Server Side Request Forgery in an end point. | 7.5 |
2021-08-30 | CVE-2021-27018 | Puppet | Improper Certificate Validation vulnerability in Puppet Remediate The mechanism which performs certificate validation was discovered to have a flaw that resulted in certificates signed by an internal certificate authority to not be properly validated. | 7.5 |
2021-08-30 | CVE-2021-29722 | IBM | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM products IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
2021-08-30 | CVE-2021-29723 | IBM | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM products IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
2021-08-30 | CVE-2021-25958 | Apache | Information Exposure Through an Error Message vulnerability in Apache Ofbiz In Apache Ofbiz, versions v17.12.01 to v17.12.07 implement a try catch exception to handle errors at multiple locations but leaks out sensitive table info which may aid the attacker for further recon. | 7.5 |
2021-08-30 | CVE-2021-39113 | Atlassian | Insufficient Session Expiration vulnerability in Atlassian products Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to continue to view cached content even after losing permissions, via a Broken Access Control vulnerability in the allowlist feature. | 7.5 |
2021-08-30 | CVE-2021-38385 | Torproject | Reachable Assertion vulnerability in Torproject TOR Tor before 0.3.5.16, 0.4.5.10, and 0.4.6.7 mishandles the relationship between batch-signature verification and single-signature verification, leading to a remote assertion failure, aka TROVE-2021-007. | 7.5 |
2021-09-01 | CVE-2021-36002 | Adobe | Exposure of Resource to Wrong Sphere vulnerability in Adobe Captivate Adobe Captivate version 11.5.5 (and earlier) is affected by an Creation of Temporary File In Directory With Incorrect Permissions vulnerability that could result in privilege escalation in the context of the current user. | 7.3 |
2021-09-03 | CVE-2021-39192 | Ghost | Improper Privilege Management vulnerability in Ghost Ghost is a Node.js content management system. | 7.2 |
2021-09-02 | CVE-2021-22793 | Schneider Electric | Unspecified vulnerability in Schneider-Electric products A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exist in AccuSine PCS+ / PFV+ (Versions prior to V1.6.7) and AccuSine PCSn (Versions prior to V2.2.4) that could allow an authenticated attacker to access the device via FTP protocol. | 7.2 |
2021-09-01 | CVE-2021-39115 | Atlassian | Code Injection vulnerability in Atlassian Jira Service Desk Affected versions of Atlassian Jira Service Management Server and Data Center allow remote attackers with "Jira Administrators" access to execute arbitrary Java code or run arbitrary system commands via a Server_Side Template Injection vulnerability in the Email Template feature. | 7.2 |
2021-09-01 | CVE-2021-36022 | Adobe | XML Injection (aka Blind XPath Injection) vulnerability in Adobe Commerce and Magento Open Source Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an XML Injection vulnerability in the Widgets Update Layout. | 7.2 |
2021-09-01 | CVE-2021-36024 | Adobe | Command Injection vulnerability in Adobe Commerce and Magento Open Source Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an Improper Neutralization of Special Elements Used In A Command via the Data collection endpoint. | 7.2 |
2021-09-01 | CVE-2021-36025 | Adobe | Unspecified vulnerability in Adobe Commerce and Magento Open Source Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability while saving a customer's details with a specially crafted file. | 7.2 |
2021-09-01 | CVE-2021-36028 | Adobe | Unspecified vulnerability in Adobe Commerce and Magento Open Source Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an XML Injection vulnerability when saving a configurable product. | 7.2 |
2021-09-01 | CVE-2021-36029 | Adobe | Unspecified vulnerability in Adobe Commerce and Magento Open Source Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper improper authorization vulnerability. | 7.2 |
2021-09-01 | CVE-2021-36033 | Adobe | Unspecified vulnerability in Adobe Commerce and Magento Open Source Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an XML Injection vulnerability in the Widgets Module. | 7.2 |
2021-09-01 | CVE-2021-36034 | Adobe | Improper Input Validation vulnerability in Adobe Commerce and Magento Open Source Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. | 7.2 |
2021-09-01 | CVE-2021-36035 | Adobe | Unspecified vulnerability in Adobe Commerce and Magento Open Source Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. | 7.2 |
2021-09-01 | CVE-2021-36040 | Adobe | Unrestricted Upload of File with Dangerous Type vulnerability in Adobe Commerce and Magento Open Source Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. | 7.2 |
2021-09-01 | CVE-2021-36041 | Adobe | Improper Input Validation vulnerability in Adobe Commerce and Magento Open Source Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. | 7.2 |
2021-09-01 | CVE-2021-36042 | Adobe | Unrestricted Upload of File with Dangerous Type vulnerability in Adobe Commerce and Magento Open Source Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability in the API File Option Upload Extension. | 7.2 |
2021-08-31 | CVE-2021-35220 | Solarwinds | Command Injection vulnerability in Solarwinds Orion Platform Command Injection vulnerability in EmailWebPage API which can lead to a Remote Code Execution (RCE) from the Alerts Settings page. | 7.2 |
2021-08-31 | CVE-2021-27556 | Easycorp | OS Command Injection vulnerability in Easycorp Zentao 12.5.3 The Cron job tab in EasyCorp ZenTao 12.5.3 allows remote attackers (who have admin access) to execute arbitrary code by setting the type parameter to System. | 7.2 |
2021-08-30 | CVE-2021-32831 | Totaljs | Unspecified vulnerability in Totaljs Total.Js Total.js framework (npm package total.js) is a framework for Node.js platfrom written in pure JavaScript similar to PHP's Laravel or Python's Django or ASP.NET MVC. | 7.2 |
2021-08-30 | CVE-2021-22023 | Vmware | Authorization Bypass Through User-Controlled Key vulnerability in VMWare products The vRealize Operations Manager API (8.x prior to 8.5) has insecure object reference vulnerability. | 7.2 |
2021-08-31 | CVE-2021-21680 | Jenkins | XXE vulnerability in Jenkins Nested View Jenkins Nested View Plugin 1.20 and earlier does not configure its XML transformer to prevent XML external entity (XXE) attacks. | 7.1 |
2021-09-03 | CVE-2021-40490 | Linux Fedoraproject Debian Netapp | Race Condition vulnerability in multiple products A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. | 7.0 |
106 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2021-08-30 | CVE-2021-39133 | Pagerduty | Unspecified vulnerability in Pagerduty Rundeck Rundeck is an open source automation service with a web console, command line tools and a WebAPI. | 6.8 |
2021-09-01 | CVE-2021-36043 | Adobe | Unspecified vulnerability in Adobe Commerce and Magento Open Source Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by a blind SSRF vulnerability in the bundled dotmailer extension. | 6.6 |
2021-09-03 | CVE-2021-30615 | Fedoraproject Microsoft | Chromium: CVE-2021-30615 Cross-origin data leak in Navigation | 6.5 |
2021-09-03 | CVE-2021-30617 | Fedoraproject Microsoft | Chromium: CVE-2021-30617 Policy bypass in Blink | 6.5 |
2021-09-03 | CVE-2021-30619 | Fedoraproject Microsoft | Authentication Bypass by Spoofing vulnerability in multiple products Chromium: CVE-2021-30619 UI Spoofing in Autofill | 6.5 |
2021-09-03 | CVE-2021-30621 | Fedoraproject Microsoft | Authentication Bypass by Spoofing vulnerability in multiple products Chromium: CVE-2021-30621 UI Spoofing in Autofill | 6.5 |
2021-09-03 | CVE-2021-40491 | GNU Debian | Insufficient Verification of Data Authenticity vulnerability in multiple products The ftp client in GNU Inetutils before 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they match the server address. | 6.5 |
2021-09-02 | CVE-2021-22789 | Schneider Electric | Unspecified vulnerability in Schneider-Electric products A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions). | 6.5 |
2021-09-02 | CVE-2021-22790 | Schneider Electric | Out-of-bounds Read vulnerability in Schneider-Electric products A CWE-125: Out-of-bounds Read vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions). | 6.5 |
2021-09-02 | CVE-2021-22791 | Schneider Electric | Unspecified vulnerability in Schneider-Electric products A CWE-787: Out-of-bounds Write vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions). | 6.5 |
2021-09-02 | CVE-2021-38312 | Redux | Incorrect Authorization vulnerability in Redux Gutenberg Template Library & Redux Framework The Gutenberg Template Library & Redux Framework plugin <= 4.2.11 for WordPress used an incorrect authorization check in the REST API endpoints registered under the “redux/v1/templates/” REST Route in “redux-templates/classes/class-api.php”. | 6.5 |
2021-09-02 | CVE-2021-3758 | Bookstackapp | Server-Side Request Forgery (SSRF) vulnerability in Bookstackapp Bookstack bookstack is vulnerable to Server-Side Request Forgery (SSRF) | 6.5 |
2021-09-01 | CVE-2020-20343 | Wtcms Project | Cross-Site Request Forgery (CSRF) vulnerability in Wtcms Project Wtcms 1.0 WTCMS 1.0 contains a cross-site request forgery (CSRF) vulnerability in the index.php?g=admin&m=nav&a=add_post component that allows attackers to arbitrarily add articles in the administrator background. | 6.5 |
2021-09-01 | CVE-2021-40352 | Open EMR | Authorization Bypass Through User-Controlled Key vulnerability in Open-Emr Openemr 6.0.0 OpenEMR 6.0.0 has a pnotes_print.php?noteid= Insecure Direct Object Reference vulnerability via which an attacker can read the messages of all users. | 6.5 |
2021-08-31 | CVE-2021-36233 | Unit4 | Files or Directories Accessible to External Parties vulnerability in Unit4 Mik.Starlight 7.9.5.24363 The function AdminGetFirstFileContentByFilePath in MIK.starlight 7.9.5.24363 allows (by design) an authenticated attacker to read arbitrary files from the filesystem by specifying the file path. | 6.5 |
2021-08-31 | CVE-2021-40085 | Openstack Debian | An issue was discovered in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. | 6.5 |
2021-08-31 | CVE-2021-3634 | Libssh Redhat Debian Fedoraproject Oracle Netapp | Out-of-bounds Write vulnerability in multiple products A flaw has been found in libssh in versions prior to 0.9.6. | 6.5 |
2021-08-30 | CVE-2021-32832 | Rocket Chat | Unspecified vulnerability in Rocket.Chat Rocket.Chat is an open-source fully customizable communications platform developed in JavaScript. | 6.5 |
2021-08-30 | CVE-2021-36692 | Libjxl Project | Divide By Zero vulnerability in Libjxl Project Libjxl 0.3.7 libjxl v0.3.7 is affected by a Divide By Zero in issue in lib/extras/codec_apng.cc jxl::DecodeImageAPNG(). | 6.5 |
2021-08-30 | CVE-2020-18123 | Indexhibit | Cross-Site Request Forgery (CSRF) vulnerability in Indexhibit 2.1.5 A cross-site request forgery (CSRF) vulnerability in Indexhibit 2.1.5 allows attackers to arbitrarily delete admin accounts. | 6.5 |
2021-08-30 | CVE-2020-18127 | Indexhibit | Path Traversal vulnerability in Indexhibit 2.1.5 An issue in the /config/config.php component of Indexhibit 2.1.5 allows attackers to arbitrarily view files. | 6.5 |
2021-09-05 | CVE-2021-23439 | Johndatserakis | Cross-site Scripting vulnerability in Johndatserakis File-Upload-With-Preview This affects the package file-upload-with-preview before 4.2.0. | 6.1 |
2021-09-03 | CVE-2021-40492 | Gibbonedu | Cross-site Scripting vulnerability in Gibbonedu Gibbon 22.0.00 A reflected XSS vulnerability exists in multiple pages in version 22 of the Gibbon application that allows for arbitrary execution of JavaScript (gibbonCourseClassID, gibbonPersonID, subpage, currentDate, or allStudents to index.php). | 6.1 |
2021-09-03 | CVE-2021-39191 | Openidc Fedoraproject Debian | mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. | 6.1 |
2021-09-02 | CVE-2021-27578 | Apache | Cross-site Scripting vulnerability in Apache Zeppelin Cross Site Scripting vulnerability in markdown interpreter of Apache Zeppelin allows an attacker to inject malicious scripts. | 6.1 |
2021-09-02 | CVE-2021-34732 | Cisco | Cross-site Scripting vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. | 6.1 |
2021-09-01 | CVE-2021-39186 | Miraheze | Unspecified vulnerability in Miraheze Globalnewfiles GlobalNewFiles is a MediaWiki extension maintained by Miraheze. | 6.1 |
2021-09-01 | CVE-2021-36026 | Adobe | Unspecified vulnerability in Adobe Commerce and Magento Open Source Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by a stored cross-site scripting vulnerability in the customer address upload feature that could be abused by an attacker to inject malicious scripts into vulnerable form fields. | 6.1 |
2021-09-01 | CVE-2021-36027 | Adobe | Unspecified vulnerability in Adobe Commerce and Magento Open Source Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by a stored cross-site scripting vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. | 6.1 |
2021-09-01 | CVE-2021-36062 | Adobe | Unspecified vulnerability in Adobe Connect Adobe Connect version 11.2.2 (and earlier) is affected by a Reflected Cross-site Scripting vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. | 6.1 |
2021-09-01 | CVE-2021-36063 | Adobe | Cross-site Scripting vulnerability in Adobe Connect Adobe Connect version 11.2.2 (and earlier) is affected by a Reflected Cross-site Scripting vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. | 6.1 |
2021-08-31 | CVE-2021-22929 | Brave | Information Exposure Through Log Files vulnerability in Brave An information disclosure exists in Brave Browser Desktop prior to version 1.28.62, where logged warning messages that included timestamps of connections to V2 onion domains in tor.log. | 6.1 |
2021-08-31 | CVE-2021-34562 | Pepperl Fuchs | Unspecified vulnerability in Pepperl-Fuchs products In PEPPERL+FUCHS WirelessHART-Gateway 3.0.8 it is possible to inject arbitrary JavaScript into the application's response. | 6.1 |
2021-08-31 | CVE-2021-38143 | Formtools | Cross-site Scripting vulnerability in Formtools Core An issue was discovered in Form Tools through 3.0.20. | 6.1 |
2021-08-31 | CVE-2020-13639 | Outsystems | Cross-site Scripting vulnerability in Outsystems products A stored XSS vulnerability was discovered in the ECT Provider in OutSystems before 2020-09-04, affecting generated applications. | 6.1 |
2021-08-31 | CVE-2021-27558 | Easycorp | Cross-site Scripting vulnerability in Easycorp Zentao 12.5.3 A cross site scripting (XSS) issue in EasyCorp ZenTao 12.5.3 allows remote attackers to execute arbitrary web script via various areas such as data-link-creator. | 6.1 |
2021-08-31 | CVE-2021-39178 | Vercel | Cross-site Scripting vulnerability in Vercel Next.Js Next.js is a React framework. | 6.1 |
2021-08-30 | CVE-2021-39175 | Hedgedoc | Cross-site Scripting vulnerability in Hedgedoc HedgeDoc is a platform to write and share markdown. | 6.1 |
2021-08-30 | CVE-2021-35061 | DRK Odenwaldkreis | Cross-site Scripting vulnerability in Drk-Odenwaldkreis Testerfassung 20210331 Multiple cross-site scripting (XSS) vulnerabilities in DRK Odenwaldkreis Testerfassung March-2021 allow remote attackers to inject arbitrary web script or HTML via all parameters to HTML form fields in all components. | 6.1 |
2021-08-30 | CVE-2021-37416 | Zohocorp | Cross-site Scripting vulnerability in Zohocorp Manageengine Adselfservice Plus Zoho ManageEngine ADSelfService Plus version 6103 and prior is vulnerable to reflected XSS on the loadframe page. | 6.1 |
2021-08-30 | CVE-2021-38343 | Kylephillips | Open Redirect vulnerability in Kylephillips Nested Pages The Nested Pages WordPress plugin <= 3.1.15 was vulnerable to an Open Redirect via the `page` POST parameter in the `npBulkActions`, `npBulkEdit`, `npListingSort`, and `npCategoryFilter` `admin_post` actions. | 6.1 |
2021-08-30 | CVE-2020-18125 | Indexhibit | Cross-site Scripting vulnerability in Indexhibit 2.1.5 A reflected cross-site scripting (XSS) vulnerability in the /plugin/ajax.php component of Indexhibit 2.1.5 allows attackers to execute arbitrary web scripts or HTML. | 6.1 |
2021-08-30 | CVE-2021-27909 | Acquia | Cross-site Scripting vulnerability in Acquia Mautic For Mautic versions prior to 3.3.4/4.0.0, there is an XSS vulnerability on Mautic's password reset page where a vulnerable parameter, "bundle," in the URL could allow an attacker to execute Javascript code. | 6.1 |
2021-08-30 | CVE-2021-27910 | Acquia | Cross-site Scripting vulnerability in Acquia Mautic Insufficient sanitization / filtering allows for arbitrary JavaScript Injection in Mautic using the bounce management callback function. | 6.1 |
2021-08-30 | CVE-2021-27911 | Acquia | Cross-site Scripting vulnerability in Acquia Mautic Mautic versions before 3.3.4/4.0.0 are vulnerable to an inline JS XSS attack through the contact's first or last name and triggered when viewing a contact's details page then clicking on the action drop down and hovering over the Campaigns button. | 6.1 |
2021-08-30 | CVE-2021-24437 | Realfavicongenerator | Unspecified vulnerability in Realfavicongenerator Favicon BY Realfavicongenerator The Favicon by RealFaviconGenerator WordPress plugin through 1.3.20 does not sanitise or escape one of its parameter before outputting it back in the response, leading to a Reflected Cross-Site Scripting (XSS) which is executed in the context of a logged administrator. | 6.1 |
2021-08-30 | CVE-2021-24438 | Sharethis | Cross-site Scripting vulnerability in Sharethis Dashboard for Google Analytics The ShareThis Dashboard for Google Analytics WordPress plugin before 2.5.2 does not sanitise or escape the 'ga_action' parameter in the stats view before outputting it back in an attribute when the plugin is connected to a Google Analytics account, leading to a reflected Cross-Site Scripting issue which will be executed in the context of a logged in administrator | 6.1 |
2021-08-30 | CVE-2021-39111 | Atlassian | Cross-site Scripting vulnerability in Atlassian products The Editor plugin in Atlassian Jira Server and Data Center before version 8.5.18, from 8.6.0 before 8.13.10, and from version 8.14.0 before 8.18.2 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the handling of supplied content such as from a PDF when pasted into a field such as the description field. | 6.1 |
2021-08-30 | CVE-2021-39272 | Fetchmail Fedoraproject | Cleartext Transmission of Sensitive Information vulnerability in multiple products Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH. | 5.9 |
2021-08-30 | CVE-2020-18124 | Indexhibit | Cross-Site Request Forgery (CSRF) vulnerability in Indexhibit 2.1.5 A cross-site request forgery (CSRF) vulnerability in Indexhibit 2.1.5 allows attackers to arbitrarily reset account passwords. | 5.7 |
2021-09-02 | CVE-2021-22525 | Microfocus | Unspecified vulnerability in Microfocus Access Manager This release addresses a potential information leakage vulnerability in NetIQ Access Manager versions prior to 5.0.1 | 5.5 |
2021-09-02 | CVE-2021-34733 | Cisco | Insufficiently Protected Credentials vulnerability in Cisco products A vulnerability in the CLI of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, local attacker to access sensitive information stored on the underlying file system of an affected system. | 5.5 |
2021-09-01 | CVE-2021-36058 | Adobe Debian | XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Integer Overflow vulnerability potentially resulting in application-level denial of service in the context of the current user. | 5.5 |
2021-09-01 | CVE-2021-36077 | Adobe | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Bridge Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious SVG file, potentially resulting in local application denial of service in the context of the current user. | 5.5 |
2021-08-31 | CVE-2021-36234 | Unit4 | Use of Hard-coded Credentials vulnerability in Unit4 Mik.Starlight 7.9.5.24363 Use of a hard-coded cryptographic key in MIK.starlight 7.9.5.24363 allows local users to decrypt credentials via unspecified vectors. | 5.5 |
2021-08-31 | CVE-2021-21681 | Jenkins | Insufficiently Protected Credentials vulnerability in Jenkins Nomad Jenkins Nomad Plugin 0.7.4 and earlier stores Docker passwords unencrypted in the global config.xml file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system. | 5.5 |
2021-08-31 | CVE-2021-34564 | Pepperl Fuchs | Unspecified vulnerability in Pepperl-Fuchs products Any cookie-stealing vulnerabilities within the application or browser would enable an attacker to steal the user's credentials to the PEPPERL+FUCHS WirelessHART-Gateway 3.0.9. | 5.5 |
2021-08-30 | CVE-2021-33003 | Deltaww | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Deltaww Diaenergie 1.7.5 Delta Electronics DIAEnergie Version 1.7.5 and prior may allow an attacker to retrieve passwords in cleartext due to a weak hashing algorithm. | 5.5 |
2021-09-04 | CVE-2021-40509 | Jforum | Cross-site Scripting vulnerability in Jforum 2.7.0 ViewCommon.java in JForum2 2.7.0 allows XSS via a user signature. | 5.4 |
2021-09-01 | CVE-2020-20344 | Wtcms Project | Cross-site Scripting vulnerability in Wtcms Project Wtcms 1.0 WTCMS 1.0 contains a reflective cross-site scripting (XSS) vulnerability in the keyword search function under the background articles module. | 5.4 |
2021-09-01 | CVE-2020-20345 | Wtcms Project | Cross-site Scripting vulnerability in Wtcms Project Wtcms 1.0 WTCMS 1.0 contains a reflective cross-site scripting (XSS) vulnerability in the page management background which allows attackers to obtain cookies via a crafted payload entered into the search box. | 5.4 |
2021-09-01 | CVE-2020-20347 | Wtcms Project | Cross-site Scripting vulnerability in Wtcms Project Wtcms 1.0 WTCMS 1.0 contains a stored cross-site scripting (XSS) vulnerability in the source field under the article management module. | 5.4 |
2021-09-01 | CVE-2020-20348 | Wtcms Project | Cross-site Scripting vulnerability in Wtcms Project Wtcms 1.0 WTCMS 1.0 contains a stored cross-site scripting (XSS) vulnerability in the link field under the background menu management module. | 5.4 |
2021-09-01 | CVE-2020-20349 | Wtcms Project | Cross-site Scripting vulnerability in Wtcms Project Wtcms 1.0 WTCMS 1.0 contains a stored cross-site scripting (XSS) vulnerability in the link address field under the background links module. | 5.4 |
2021-09-01 | CVE-2021-29852 | IBM | Cross-site Scripting vulnerability in IBM Planning Analytics 2.0 IBM Planning Analytics 2.0 is vulnerable to cross-site scripting. | 5.4 |
2021-09-01 | CVE-2021-39166 | Pimcore | Unspecified vulnerability in Pimcore Pimcore is an open source data & experience management platform. | 5.4 |
2021-09-01 | CVE-2021-39170 | Pimcore | Cross-site Scripting vulnerability in Pimcore Pimcore is an open source data & experience management platform. | 5.4 |
2021-08-31 | CVE-2021-37794 | Filebrowser Project | Cross-site Scripting vulnerability in Filebrowser Project Filebrowser A stored cross-site scripting (XSS) vulnerability exists in FileBrowser < v2.16.0 that allows an authenticated user authorized to upload a malicious .svg file which acts as a stored XSS payload. | 5.4 |
2021-08-31 | CVE-2021-35239 | Solarwinds | Cross-site Scripting vulnerability in Solarwinds Orion Platform A security researcher found a user with Orion map manage rights could store XSS through via text box hyperlink. | 5.4 |
2021-08-31 | CVE-2020-19046 | S CMS | Cross-site Scripting vulnerability in S-Cms 1.0 Cross Site Scripting (XSS) in S-CMS v1.0 allows remote attackers to execute arbitrary code via the component '/admin/tpl.php?page='. | 5.4 |
2021-08-31 | CVE-2020-19048 | Mybb | Cross-site Scripting vulnerability in Mybb 1.8.20 Cross Site Scripting (XSS) in MyBB v1.8.20 allows remote attackers to inject arbitrary web script or HTML via the "Title" field found in the "Add New Forum" page by doing an authenticated POST HTTP request to '/Upload/admin/index.php?module=forum-management&action=add'. | 5.4 |
2021-08-31 | CVE-2020-19049 | Mybb | Cross-site Scripting vulnerability in Mybb 1.8.20 Cross Site Scripting (XSS) in MyBB v1.8.20 allows remote attackers to inject arbitrary web script or HTML via the "Description" field found in the "Add New Forum" page by doing an authenticated POST HTTP request to '/Upload/admin/index.php?module=forum-management&action=add'. | 5.4 |
2021-08-31 | CVE-2021-38144 | Formtools | Cross-site Scripting vulnerability in Formtools Core An issue was discovered in Form Tools through 3.0.20. | 5.4 |
2021-08-30 | CVE-2021-22021 | Vmware | Cross-site Scripting vulnerability in VMWare Cloud Foundation and Vrealize LOG Insight VMware vRealize Log Insight (8.x prior to 8.4) contains a Cross Site Scripting (XSS) vulnerability due to improper user input validation. | 5.4 |
2021-08-30 | CVE-2021-34668 | Devowl | Cross-site Scripting vulnerability in Devowl Wordpress Real Media Library The WordPress Real Media Library WordPress plugin is vulnerable to Stored Cross-Site Scripting via the name parameter in the ~/inc/overrides/lite/rest/Folder.php file which allows author-level attackers to inject arbitrary web scripts in folder names, in versions up to and including 4.14.1. | 5.4 |
2021-08-30 | CVE-2020-18126 | Indexhibit | Cross-site Scripting vulnerability in Indexhibit 2.1.5 Multiple stored cross-site scripting (XSS) vulnerabilities in the Sections module of Indexhibit 2.1.5 allows attackers to execute arbitrary web scripts or HTML. | 5.4 |
2021-08-30 | CVE-2021-3628 | Openkm | Cross-site Scripting vulnerability in Openkm 6.3.10 OpenKM Community Edition in its 6.3.10 version is vulnerable to authenticated Cross-site scripting (XSS). | 5.4 |
2021-08-30 | CVE-2021-29743 | IBM | Cross-site Scripting vulnerability in IBM Maximo Application Suite and Maximo Asset Management IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to stored cross-site scripting. | 5.4 |
2021-08-30 | CVE-2021-27912 | Acquia | Cross-site Scripting vulnerability in Acquia Mautic Mautic versions before 3.3.4/4.0.0 are vulnerable to an inline JS XSS attack when viewing Mautic assets by utilizing inline JS in the title and adding a broken image URL as a remote asset. | 5.4 |
2021-08-30 | CVE-2021-24528 | Wpmanageninja | Cross-site Scripting vulnerability in Wpmanageninja Fluentsmtp The FluentSMTP WordPress plugin before 2.0.1 does not sanitize parameters before storing the settings in the database, nor does the plugin escape the values before outputting them when viewing the SMTP settings set by this plugin, leading to a stored cross site scripting (XSS) vulnerability. | 5.4 |
2021-08-30 | CVE-2021-24593 | Business Hours Indicator Project | Cross-site Scripting vulnerability in Business Hours Indicator Project Business Hours Indicator The Business Hours Indicator WordPress plugin before 2.3.5 does not sanitise or escape its 'Now closed message" setting when outputting it in the backend and frontend, leading to an Authenticated Stored Cross-Site Scripting issue | 5.4 |
2021-08-30 | CVE-2021-24665 | Tipsandtricks HQ | Cross-site Scripting vulnerability in Tipsandtricks-Hq WP Video Lightbox The WP Video Lightbox WordPress plugin before 1.9.3 does not escape the attributes of its shortcodes, allowing users with a role as low as contributor to perform Cross-Site Scripting attacks | 5.4 |
2021-08-30 | CVE-2021-24667 | Simplygallery | Unspecified vulnerability in Simplygallery Simply Gallery Blocks With Lightbox A stored cross-site scripting vulnerability has been discovered in : Simply Gallery Blocks with Lightbox (Version – 2.2.0 & below). | 5.4 |
2021-09-03 | CVE-2021-39193 | Parity | Improper Validation of Specified Quantity in Input vulnerability in Parity Frontier Frontier is Substrate's Ethereum compatibility layer. | 5.3 |
2021-09-02 | CVE-2021-38314 | Redux | Use of Password Hash With Insufficient Computational Effort vulnerability in Redux Gutenberg Template Library & Redux Framework The Gutenberg Template Library & Redux Framework plugin <= 4.2.11 for WordPress registered several AJAX actions available to unauthenticated users in the `includes` function in `redux-core/class-redux-core.php` that were unique to a given site but deterministic and predictable given that they were based on an md5 hash of the site URL with a known salt value of '-redux' and an md5 hash of the previous hash with a known salt value of '-support'. | 5.3 |
2021-09-01 | CVE-2021-39119 | Atlassian | Incorrect Authorization vulnerability in Atlassian Data Center and Jira Affected versions of Atlassian Jira Server and Data Center allow users who have watched an issue to continue receiving updates on the issue even after their Jira account is revoked, via a Broken Access Control vulnerability in the issue notification feature. | 5.3 |
2021-09-01 | CVE-2021-37151 | Cyberark | Information Exposure Through Discrepancy vulnerability in Cyberark Identity CyberArk Identity 21.5.131, when handling an invalid authentication attempt, sometimes reveals whether the username is valid. | 5.3 |
2021-08-31 | CVE-2021-27668 | Hashicorp | Missing Authentication for Critical Function vulnerability in Hashicorp Vault HashiCorp Vault Enterprise 0.9.2 through 1.6.2 allowed the read of license metadata from DR secondaries without authentication. | 5.3 |
2021-08-31 | CVE-2021-34559 | Pepperl Fuchs | Unspecified vulnerability in Pepperl-Fuchs products In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.8 a vulnerability may allow remote attackers to rewrite links and URLs in cached pages to arbitrary strings. | 5.3 |
2021-08-30 | CVE-2021-34434 | Eclipse Fedoraproject | Incorrect Authorization vulnerability in multiple products In Eclipse Mosquitto versions 2.0 to 2.0.11, when using the dynamic security plugin, if the ability for a client to make subscriptions on a topic is revoked when a durable client is offline, then existing subscriptions for that client are not revoked. | 5.3 |
2021-09-02 | CVE-2021-31797 | Cyberark | Insufficient Entropy vulnerability in Cyberark Credential Provider The user identification mechanism used by CyberArk Credential Provider prior to 12.1 is susceptible to a local host race condition, leading to password disclosure. | 5.1 |
2021-08-31 | CVE-2021-35219 | Solarwinds | Unspecified vulnerability in Solarwinds Orion Platform ExportToPdfCmd Arbitrary File Read Information Disclosure Vulnerability using ImportAlert function within the Alerts Settings page. | 4.9 |
2021-08-30 | CVE-2021-22022 | Vmware | Path Traversal vulnerability in VMWare products The vRealize Operations Manager API (8.x prior to 8.5) contains an arbitrary file read vulnerability. | 4.9 |
2021-08-30 | CVE-2021-29728 | IBM | Use of Hard-coded Credentials vulnerability in IBM products IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 4.9 |
2021-09-02 | CVE-2021-34759 | Cisco | Cross-site Scripting vulnerability in Cisco Identity Services Engine A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting (XSS) attack against a user of the interface. | 4.8 |
2021-09-01 | CVE-2021-35238 | Solarwinds | Cross-site Scripting vulnerability in Solarwinds Orion Platform User with Orion Platform Admin Rights could store XSS through URL POST parameter in CreateExternalWebsite website. | 4.8 |
2021-08-31 | CVE-2021-35240 | Solarwinds | Cross-site Scripting vulnerability in Solarwinds Orion Platform A security researcher stored XSS via a Help Server setting. | 4.8 |
2021-08-30 | CVE-2021-24592 | Yoohooplugins | Cross-site Scripting vulnerability in Yoohooplugins Sitewide Notice The Sitewide Notice WP WordPress plugin before 2.3 does not sanitise some of its settings before outputting them in frontend pages, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed | 4.8 |
2021-08-30 | CVE-2021-39117 | Atlassian | Cross-site Scripting vulnerability in Atlassian Data Center and Jira The AssociateFieldToScreens page in Atlassian Jira Server and Data Center before version 8.18.0 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability via the name of a custom field. | 4.8 |
2021-09-02 | CVE-2021-31798 | Cyberark | Insufficient Entropy vulnerability in Cyberark Credential Provider The effective key space used to encrypt the cache in CyberArk Credential Provider prior to 12.1 has low entropy, and under certain conditions a local malicious user can obtain the plaintext of cache files. | 4.4 |
2021-09-02 | CVE-2021-34765 | Cisco | Files or Directories Accessible to External Parties vulnerability in Cisco Nexus Insights A vulnerability in the web UI for Cisco Nexus Insights could allow an authenticated, remote attacker to view and download files related to the web application. | 4.3 |
2021-09-01 | CVE-2021-29851 | IBM | Unspecified vulnerability in IBM Planning Analytics 2.0 IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser. | 4.3 |
2021-09-01 | CVE-2021-29853 | IBM | Unchecked Return Value vulnerability in IBM Planning Analytics 2.0 IBM Planning Analytics 2.0 could expose information that could be used to to create attacks by not validating the return values from some methods or functions. | 4.3 |
2021-08-31 | CVE-2021-27557 | Easycorp | Cross-Site Request Forgery (CSRF) vulnerability in Easycorp Zentao 12.5.3 A cross-site request forgery (CSRF) vulnerability in the Cron job tab in EasyCorp ZenTao 12.5.3 allows attackers to update the fields of a Cron job. | 4.3 |
2021-08-30 | CVE-2021-27019 | Puppet | Information Exposure Through Log Files vulnerability in Puppet Enterprise and Puppetdb PuppetDB logging included potentially sensitive system information. | 4.3 |
2021-08-30 | CVE-2021-32991 | Deltaww | Unspecified vulnerability in Deltaww Diaenergie 1.7.5 Delta Electronics DIAEnergie Version 1.7.5 and prior is vulnerable to cross-site request forgery, which may allow an attacker to cause a user to carry out an action unintentionally. | 4.3 |