Weekly Vulnerabilities Reports > October 4 to 10, 2021

Overview

410 new vulnerabilities reported during this period, including 8 critical vulnerabilities and 60 high severity vulnerabilities. This weekly summary report vulnerabilities in 285 products from 133 vendors including Google, Fedoraproject, Gitlab, IBM, and Cisco. Vulnerabilities are notably categorized as "Cross-site Scripting", "Incorrect Authorization", "Use After Free", "Unrestricted Upload of File with Dangerous Type", and "Improper Privilege Management".

  • 329 reported vulnerabilities are remotely exploitables.
  • 2 reported vulnerabilities have public exploit available.
  • 131 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 292 reported vulnerabilities are exploitable by an anonymous user.
  • Google has the most reported vulnerabilities, with 75 reported vulnerabilities.
  • Cisco has the most reported critical vulnerabilities, with 3 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

8 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2021-10-08 CVE-2021-42109 Vitec Improper Privilege Management vulnerability in Vitec products

VITEC Exterity IPTV products through 2021-04-30 allow privilege escalation to root.

10.0
2021-10-07 CVE-2021-42071 Visual Tools OS Command Injection vulnerability in Visual-Tools DVR Vx16 Firmware 4.2.28.0

In Visual Tools DVR VX16 4.2.28.0, an unauthenticated attacker can achieve remote command execution via shell metacharacters in the cgi-bin/slogin/login.py User-Agent HTTP header.

10.0
2021-10-06 CVE-2021-29908 IBM Improper Authentication vulnerability in IBM Ts7700 Firmware 8.51.0.63/8.51.1.26/8.52.100.32

The IBM TS7700 Management Interface is vulnerable to unauthenticated access.

10.0
2021-10-04 CVE-2021-23857 Bosch Improper Authentication vulnerability in Bosch products

Login with hash: The login routine allows the client to log in to the system not by using the password, but by using the hash of the password.

10.0
2021-10-06 CVE-2021-1594 Cisco Command Injection vulnerability in Cisco Identity Services Engine

A vulnerability in the REST API of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to perform a command injection attack and elevate privileges to root.

9.3
2021-10-06 CVE-2021-34710 Cisco Command Injection vulnerability in Cisco products

Multiple vulnerabilities in the Cisco ATA 190 Series Analog Telephone Adapter Software could allow an attacker to perform a command injection attack resulting in remote code execution or cause a denial of service (DoS) condition on an affected device.

9.0
2021-10-06 CVE-2021-34748 Cisco Command Injection vulnerability in Cisco Intersight Virtual Appliance 1.0.9150/1.0.9230/1.0.9292

A vulnerability in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to perform a command injection attack on an affected device.

9.0
2021-10-04 CVE-2021-32762 Redis
Debian
Netapp
Fedoraproject
Integer Overflow to Buffer Overflow vulnerability in multiple products

Redis is an open source, in-memory database that persists on disk.

9.0

60 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2021-10-07 CVE-2021-33903 Lancom Systems Unspecified vulnerability in Lancom-Systems Lcos 10.42.0473

In LCOS 10.40 to 10.42.0473-RU3 with SNMPv3 enabled on LANCOM devices, changing the password of the root user via the CLI does not change the password of the root user for SNMPv3 access.

8.5
2021-10-06 CVE-2021-34779 Cisco Classic Buffer Overflow vulnerability in Cisco products

Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business 220 Series Smart Switches.

7.9
2021-10-06 CVE-2021-34780 Cisco Classic Buffer Overflow vulnerability in Cisco products

Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business 220 Series Smart Switches.

7.9
2021-10-06 CVE-2021-34698 Cisco Memory Leak vulnerability in Cisco Asyncos

A vulnerability in the proxy service of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to exhaust system memory and cause a denial of service (DoS) condition on an affected device.

7.8
2021-10-06 CVE-2021-34735 Cisco Command Injection vulnerability in Cisco products

Multiple vulnerabilities in the Cisco ATA 190 Series Analog Telephone Adapter Software could allow an attacker to perform a command injection attack resulting in remote code execution or cause a denial of service (DoS) condition on an affected device.

7.8
2021-10-04 CVE-2021-23858 Bosch Insufficiently Protected Credentials vulnerability in Bosch products

Information disclosure: The main configuration, including users and their hashed passwords, is exposed by an unprotected web server resource and can be accessed without authentication.

7.8
2021-10-08 CVE-2020-22617 Ardour Use After Free vulnerability in Ardour 5.12

Ardour v5.12 contains a use-after-free vulnerability in the component ardour/libs/pbd/xml++.cc when using xmlFreeDoc and xmlXPathFreeContext.

7.5
2021-10-08 CVE-2021-41566 Tadtools Project Unrestricted Upload of File with Dangerous Type vulnerability in Tadtools Project Tadtools

The file extension of the TadTools file upload function fails to filter, thus remote attackers can upload any types of files and execute arbitrary code without logging in.

7.5
2021-10-08 CVE-2021-35977 Digi Classic Buffer Overflow vulnerability in Digi products

An issue was discovered in Digi RealPort for Windows through 4.8.488.0.

7.5
2021-10-08 CVE-2021-36767 Digi Use of Password Hash With Insufficient Computational Effort vulnerability in Digi products

In Digi RealPort through 4.10.490, authentication relies on a challenge-response mechanism that gives access to the server password, making the protection ineffective.

7.5
2021-10-07 CVE-2020-21725 Opensns SQL Injection vulnerability in Opensns 6.1.0

OpenSNS v6.1.0 contains a blind SQL injection vulnerability in /Controller/ChinaCityController.class.php via the pid parameter.

7.5
2021-10-07 CVE-2020-21726 Opensns SQL Injection vulnerability in Opensns 6.1.0

OpenSNS v6.1.0 contains a blind SQL injection vulnerability in /Controller/ChinaCityController.class.php via the cid parameter.

7.5
2021-10-07 CVE-2021-38298 Zohocorp XXE vulnerability in Zohocorp Manageengine Admanager Plus

Zoho ManageEngine ADManager Plus before 7110 is vulnerable to blind XXE.

7.5
2021-10-07 CVE-2020-21865 Thinkphp50 CMS Project Unspecified vulnerability in Thinkphp50-Cms Project Thinkphp50-Cms 1.0

ThinkPHP50-CMS v1.0 contains a remote code execution (RCE) vulnerability in the component /public/?s=captcha.

7.5
2021-10-07 CVE-2021-42090 Zammad Deserialization of Untrusted Data vulnerability in Zammad

An issue was discovered in Zammad before 4.1.1.

7.5
2021-10-07 CVE-2021-42094 Zammad Command Injection vulnerability in Zammad

An issue was discovered in Zammad before 4.1.1.

7.5
2021-10-07 CVE-2021-37762 Zohocorp Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Admanager Plus

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file overwrite leading to remote code execution.

7.5
2021-10-07 CVE-2021-37918 Zohocorp Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Admanager Plus

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.

7.5
2021-10-07 CVE-2021-37919 Zohocorp Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Admanager Plus

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.

7.5
2021-10-07 CVE-2021-37920 Zohocorp Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Admanager Plus

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.

7.5
2021-10-07 CVE-2021-37921 Zohocorp Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Admanager Plus

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.

7.5
2021-10-07 CVE-2021-37923 Zohocorp Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Admanager Plus

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.

7.5
2021-10-07 CVE-2021-37924 Zohocorp Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Admanager Plus

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.

7.5
2021-10-07 CVE-2021-37926 Zohocorp Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Admanager Plus

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.

7.5
2021-10-07 CVE-2021-37928 Zohocorp Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Admanager Plus

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.

7.5
2021-10-07 CVE-2021-37929 Zohocorp Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Admanager Plus

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.

7.5
2021-10-07 CVE-2021-37930 Zohocorp Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Admanager Plus

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.

7.5
2021-10-07 CVE-2021-37931 Zohocorp Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Admanager Plus

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.

7.5
2021-10-07 CVE-2021-3833 Artica Incorrect Authorization vulnerability in Artica Integria IMS 5.0.92

Integria IMS login check uses a loose comparator ("==") to compare the MD5 hash of the password provided by the user and the MD5 hash stored in the database.

7.5
2021-10-07 CVE-2021-42013 Apache
Fedoraproject
Path Traversal vulnerability in multiple products

It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient.

7.5
2021-10-07 CVE-2021-22930 Nodejs
Netapp
Use After Free vulnerability in multiple products

Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption, to change process behavior.

7.5
2021-10-07 CVE-2021-22958 Concretecms Server-Side Request Forgery (SSRF) vulnerability in Concretecms Concrete CMS

A Server-Side Request Forgery vulnerability was found in concrete5 < 8.5.5 that allowed a decimal notation encoded IP address to bypass the limitations in place for localhost allowing interaction with local services.

7.5
2021-10-07 CVE-2021-3832 Artica Unrestricted Upload of File with Dangerous Type vulnerability in Artica Integria IMS 5.0.92

Integria IMS in its 5.0.92 version is vulnerable to a Remote Code Execution attack through file uploading.

7.5
2021-10-07 CVE-2021-32172 Maianscriptworld Missing Authorization vulnerability in Maianscriptworld Maian Cart 3.8

Maian Cart v3.8 contains a preauthorization remote code execution (RCE) exploit via a broken access control issue in the Elfinder plugin.

7.5
2021-10-06 CVE-2020-21651 Myucms Project Code Injection vulnerability in Myucms Project Myucms 2.2

Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\point.php, which can be exploited via the add() method.

7.5
2021-10-06 CVE-2020-21652 Myucms Project Code Injection vulnerability in Myucms Project Myucms 2.2

Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\Config.php, which can be exploited via the addqq() method.

7.5
2021-10-06 CVE-2021-29798 IBM SQL Injection vulnerability in IBM Sterling B2B Integrator

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.1.0 is vulnerable to SQL injection.

7.5
2021-10-06 CVE-2021-29903 IBM SQL Injection vulnerability in IBM Sterling B2B Integrator

IBM Sterling B2B Integrator Standard Edition 5.2.6.0 through 6.1.1.0 is vulnerable to SQL injection.

7.5
2021-10-06 CVE-2021-24019 Fortinet Insufficient Session Expiration vulnerability in Fortinet Forticlient Endpoint Management Server

An insufficient session expiration vulnerability [CWE- 613] in FortiClientEMS versions 6.4.2 and below, 6.2.8 and below may allow an attacker to reuse the unexpired admin user session IDs to gain admin privileges, should the attacker be able to obtain that session ID (via other, hypothetical attacks)

7.5
2021-10-05 CVE-2021-3319 Zephyrproject NULL Pointer Dereference vulnerability in Zephyrproject Zephyr 2.4.0

DOS: Incorrect 802154 Frame Validation for Omitted Source / Dest Addresses.

7.5
2021-10-05 CVE-2021-3625 Zephyrproject Out-of-bounds Write vulnerability in Zephyrproject Zephyr

Buffer overflow in Zephyr USB DFU DNLOAD.

7.5
2021-10-05 CVE-2021-41116 Getcomposer Command Injection vulnerability in Getcomposer Composer

Composer is an open source dependency manager for the PHP language.

7.5
2021-10-05 CVE-2021-41553 Archibus Session Fixation vulnerability in Archibus web Central 21.3.3.815

** UNSUPPORTED WHEN ASSIGNED ** In ARCHIBUS Web Central 21.3.3.815 (a version from 2014), the Web Application in /archibus/login.axvw assign a session token that could be already in use by another user.

7.5
2021-10-04 CVE-2021-41093 Wire Improper Authorization vulnerability in Wire

Wire is an open source secure messenger.

7.5
2021-10-04 CVE-2021-41100 Wire Insufficient Session Expiration vulnerability in Wire Wire-Server

Wire-server is the backing server for the open source wire secure messaging application.

7.5
2021-10-04 CVE-2021-35296 Ptcl Improper Authentication vulnerability in Ptcl Hg150-Ub Firmware 3.0

An issue in the administrator authentication panel of PTCL HG150-Ub v3.0 allows attackers to bypass authentication via modification of the cookie value and Response Path.

7.5
2021-10-04 CVE-2021-41591 Acinq Incorrect Authorization vulnerability in Acinq Eclair

ACINQ Eclair before 0.6.3 allows loss of funds because of dust HTLC exposure.

7.5
2021-10-04 CVE-2021-41592 Elementsproject Incorrect Authorization vulnerability in Elementsproject C-Lightning 0.7.1

Blockstream c-lightning through 0.10.1 allows loss of funds because of dust HTLC exposure.

7.5
2021-10-04 CVE-2021-41593 Lightning Network Daemon Project Incorrect Authorization vulnerability in Lightning Network Daemon Project Lightning Network Daemon

Lightning Labs lnd before 0.13.3-beta allows loss of funds because of dust HTLC exposure.

7.5
2021-10-04 CVE-2021-37333 Bookingcore Insufficient Session Expiration vulnerability in Bookingcore Booking Core 2.0

Laravel Booking System Booking Core 2.0 is vulnerable to Session Management.

7.5
2021-10-04 CVE-2021-38823 Icehrm Insufficient Session Expiration vulnerability in Icehrm 30.0.0.Os

The IceHrm 30.0.0 OS website was found vulnerable to Session Management Issue.

7.5
2021-10-04 CVE-2021-41868 Onionshare Unspecified vulnerability in Onionshare

OnionShare 2.3 before 2.4 allows remote unauthenticated attackers to upload files on a non-public node when using the --receive functionality.

7.5
2021-10-04 CVE-2021-41511 Lodging Reservation Management System Project SQL Injection vulnerability in Lodging Reservation Management System Project Lodging Reservation Management System 1.0

The username and password field of login in Lodging Reservation Management System V1 can give access to any user by using SQL injection to bypass authentication.

7.5
2021-10-04 CVE-2021-40323 Cobbler Project Code Injection vulnerability in Cobbler Project Cobbler

Cobbler before 3.3.0 allows log poisoning, and resultant Remote Code Execution, via an XMLRPC method that logs to the logfile for template injection.

7.5
2021-10-08 CVE-2021-25270 Sophos Improper Privilege Management vulnerability in Sophos Hitmanpro.Alert 3.7.6.744/861

A local attacker could execute arbitrary code with administrator privileges in HitmanPro.Alert before version Build 901.

7.2
2021-10-06 CVE-2021-25467 Google Classic Buffer Overflow vulnerability in Google Android 11.0

Assuming system privilege is gained, possible buffer overflow vulnerabilities in the Vision DSP kernel driver prior to SMR Oct-2021 Release 1 allows privilege escalation to Root by hijacking loaded library.

7.2
2021-10-06 CVE-2021-25475 Google Out-of-bounds Write vulnerability in Google Android 10.0/11.0

A possible heap-based buffer overflow vulnerability in DSP kernel driver prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution.

7.2
2021-10-04 CVE-2021-38392 Bostonscientific Improper Access Control vulnerability in Bostonscientific Zoom Latitude Pogrammer/Recorder/Monitor 3120 Firmware

A skilled attacker with physical access to the affected device can gain access to the hard disk drive of the device to change the telemetry region and could use this setting to interrogate or program an implantable device in any region in the world.

7.2
2021-10-04 CVE-2021-41103 Linuxfoundation
Fedoraproject
Debian
Path Traversal vulnerability in multiple products

containerd is an open source container runtime with an emphasis on simplicity, robustness and portability.

7.2
2021-10-04 CVE-2021-41285 Micron Improper Privilege Management vulnerability in Micron Ballistix Memory Overview Display Utility

Ballistix MOD Utility through 2.0.2.5 is vulnerable to privilege escalation in the MODAPI.sys driver component.

7.2

276 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2021-10-06 CVE-2021-34788 Cisco Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Cisco Anyconnect Secure Mobility Client

A vulnerability in the shared library loading mechanism of Cisco AnyConnect Secure Mobility Client for Linux and Mac OS could allow an authenticated, local attacker to perform a shared library hijacking attack on an affected device if the VPN Posture (HostScan) Module is installed on the AnyConnect client.

6.9
2021-10-05 CVE-2021-42008 Linux
Netapp
Out-of-bounds Write vulnerability in multiple products

The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write.

6.9
2021-10-04 CVE-2021-38394 Bostonscientific Missing Protection Against Hardware Reverse Engineering Using Integrated Circuit (IC) Imaging Techniques vulnerability in Bostonscientific Zoom Latitude Pogrammer/Recorder/Monitor 3120 Firmware

An attacker with physical access to the device can extract the binary that checks for the hardware key and reverse engineer it, which could be used to create a physical duplicate of a valid hardware key.

6.9
2021-10-10 CVE-2021-25966 Orchardcore Insufficient Session Expiration vulnerability in Orchardcore Orchard Core 1.0.0

In “Orchard core CMS” application, versions 1.0.0-beta1-3383 to 1.0.0 are vulnerable to an improper session termination after password change.

6.8
2021-10-08 CVE-2021-37956 Google
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in Offline use in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

6.8
2021-10-08 CVE-2021-37957 Google
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in WebGPU in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.8
2021-10-08 CVE-2021-37959 Google
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in Task Manager in Google Chrome prior to 94.0.4606.54 allowed an attacker who convinced a user to enage in a series of user gestures to potentially exploit heap corruption via a crafted HTML page.

6.8
2021-10-08 CVE-2021-37961 Google
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in Tab Strip in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.8
2021-10-08 CVE-2021-37962 Google
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in Performance Manager in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

6.8
2021-10-08 CVE-2021-37969 Google
Fedoraproject
Improper Privilege Management vulnerability in multiple products

Inappropriate implementation in Google Updater in Google Chrome on Windows prior to 94.0.4606.54 allowed a remote attacker to perform local privilege escalation via a crafted file.

6.8
2021-10-08 CVE-2021-37970 Google
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in File System API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.8
2021-10-08 CVE-2021-37972 Google
Fedoraproject
Out-of-bounds Read vulnerability in multiple products

Out of bounds read in libjpeg-turbo in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.8
2021-10-08 CVE-2021-37973 Google
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in Portals in Google Chrome prior to 94.0.4606.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

6.8
2021-10-08 CVE-2021-37974 Google
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in Safebrowsing in Google Chrome prior to 94.0.4606.71 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

6.8
2021-10-08 CVE-2021-37975 Google
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.8
2021-10-08 CVE-2021-30625 Google
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in Selection API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who convinced the user the visit a malicious website to potentially exploit heap corruption via a crafted HTML page.

6.8
2021-10-08 CVE-2021-30626 Google
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

Out of bounds memory access in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.8
2021-10-08 CVE-2021-30627 Google
Fedoraproject
Type Confusion vulnerability in multiple products

Type confusion in Blink layout in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.8
2021-10-08 CVE-2021-30628 Google
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

Stack buffer overflow in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page.

6.8
2021-10-08 CVE-2021-30629 Google
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in Permissions in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

6.8
2021-10-08 CVE-2021-30632 Google
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

Out of bounds write in V8 in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.8
2021-10-08 CVE-2021-30633 Google
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in Indexed DB API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

6.8
2021-10-08 CVE-2021-41916 Webtareas Project Cross-Site Request Forgery (CSRF) vulnerability in Webtareas Project Webtareas 2.0/2.1

A Cross-Site Request Forgery (CSRF) vulnerability in webTareas version 2.4 and earlier allows a remote attacker to create a new administrative profile and add a new user to the new profile.

6.8
2021-10-08 CVE-2021-35979 Digi Improper Authentication vulnerability in Digi products

An issue was discovered in Digi RealPort through 4.8.488.0.

6.8
2021-10-07 CVE-2021-20489 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM Sterling File Gateway

IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

6.8
2021-10-07 CVE-2021-40725 Adobe Use After Free vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability when processing AcroForm listbox that could result in arbitrary code execution in the context of the current user.

6.8
2021-10-07 CVE-2021-40726 Adobe Use After Free vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability when processing AcroForm field that could result in arbitrary code execution in the context of the current user.

6.8
2021-10-06 CVE-2021-41129 Pterodactyl Reliance on Untrusted Inputs in a Security Decision vulnerability in Pterodactyl Panel

Pterodactyl is an open-source game server management panel built with PHP 7, React, and Go.

6.8
2021-10-06 CVE-2021-29837 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM Sterling B2B Integrator

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

6.8
2021-10-06 CVE-2021-0635 Google Unspecified vulnerability in Google Android 10.0

When extracting the incorrectly formatted flv file, the memory is damaged, the playback interface shows that the video cannot be played, and the log is found to be crashed.

6.8
2021-10-06 CVE-2021-0636 Google Unspecified vulnerability in Google Android 10.0

When extracting the incorrectly formatted avi file, the memory is damaged, the playback interface shows that the video cannot be played, and the log is found to be crashed.

6.8
2021-10-05 CVE-2021-31988 Axis Improper Input Validation vulnerability in Axis products

A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to add the Carriage Return and Line Feed (CRLF) control characters and include arbitrary SMTP headers in the generated test email.

6.8
2021-10-05 CVE-2021-39226 Grafana
Fedoraproject
Improper Authentication vulnerability in multiple products

Grafana is an open source data visualization platform.

6.8
2021-10-05 CVE-2021-41113 Typo3 Cross-Site Request Forgery (CSRF) vulnerability in Typo3

TYPO3 is an open source PHP based web content management system released under the GNU GPL.

6.8
2021-10-04 CVE-2021-42006 Gclib Project Out-of-bounds Read vulnerability in Gclib Project Gclib 0.12.7

An out-of-bounds access in GffLine::GffLine in gff.cpp in GCLib 0.12.7 allows an attacker to cause a segmentation fault or possibly have unspecified other impact via a crafted GFF file.

6.8
2021-10-04 CVE-2020-21386 Maccms Cross-Site Request Forgery (CSRF) vulnerability in Maccms 10.0

A Cross-Site Request Forgery (CSRF) in the component admin.php/admin/type/info.html of Maccms 10 allows attackers to gain administrator privileges.

6.8
2021-10-04 CVE-2021-38618 Gfos Improper Authentication vulnerability in Gfos Workforce Management 4.8.272.1

In GFOS Workforce Management 4.8.272.1, the login page of application is prone to authentication bypass, allowing anyone (who knows a user's credentials except the password) to get access to an account.

6.8
2021-10-04 CVE-2021-41578 Myscada Path Traversal vulnerability in Myscada Mydesigner

mySCADA myDESIGNER 8.20.0 and below allows Directory Traversal attacks when importing project files.

6.8
2021-10-04 CVE-2021-41579 Laquisscada Path Traversal vulnerability in Laquisscada Scada

LCDS LAquis SCADA through 4.3.1.1085 is vulnerable to a control bypass and path traversal.

6.8
2021-10-04 CVE-2021-36051 Adobe Classic Buffer Overflow vulnerability in Adobe XMP Toolkit Software Development KIT 2020.1/2021.07

XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user.

6.8
2021-10-04 CVE-2021-22557 Google Code Injection vulnerability in Google SLO Generator

SLO generator allows for loading of YAML files that if crafted in a specific format can allow for code execution within the context of the SLO Generator.

6.8
2021-10-08 CVE-2021-41919 Webtareas Project Unrestricted Upload of File with Dangerous Type vulnerability in Webtareas Project Webtareas 2.0/2.1

webTareas version 2.4 and earlier allows an authenticated user to arbitrarily upload potentially dangerous files without restrictions.

6.5
2021-10-08 CVE-2021-41947 Intelliants SQL Injection vulnerability in Intelliants Subrion CMS 4.2.1

A SQL injection vulnerability exists in Subrion CMS v4.2.1 in the visual-mode.

6.5
2021-10-07 CVE-2021-42086 Zammad Improper Privilege Management vulnerability in Zammad

An issue was discovered in Zammad before 4.1.1.

6.5
2021-10-07 CVE-2021-42093 Zammad Unspecified vulnerability in Zammad

An issue was discovered in Zammad before 4.1.1.

6.5
2021-10-06 CVE-2020-21650 Myucms Project Code Injection vulnerability in Myucms Project Myucms 2.2

Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\Config.php, which can be exploited via the add() method.

6.5
2021-10-06 CVE-2020-21654 Emlog Unspecified vulnerability in Emlog 6.0.0

emlog v6.0 contains a vulnerability in the component admin\template.php, which allows attackers to getshell via a crafted Zip file.

6.5
2021-10-06 CVE-2021-34766 Cisco Improper Privilege Management vulnerability in Cisco Smart Software Manager On-Prem

A vulnerability in the web UI of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to elevate privileges and create, read, update, or delete records and settings in multiple functions.

6.5
2021-10-06 CVE-2021-25478 Google Out-of-bounds Write vulnerability in Google Android

A possible stack-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution.

6.5
2021-10-06 CVE-2021-25479 Google Out-of-bounds Write vulnerability in Google Android

A possible heap-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution.

6.5
2021-10-06 CVE-2021-38923 IBM Unspecified vulnerability in IBM Powervm Hypervisor Firmware 1010

IBM PowerVM Hypervisor FW1010 could allow a privileged user to gain access to another VM due to assigning duplicate WWPNs.

6.5
2021-10-06 CVE-2021-41121 Vyper Project Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Vyper Project Vyper

Vyper is a Pythonic Smart Contract Language for the EVM.

6.5
2021-10-06 CVE-2021-41126 Octobercms Improper Authentication vulnerability in Octobercms October

October is a Content Management System (CMS) and web platform built on the the Laravel PHP Framework.

6.5
2021-10-06 CVE-2021-41128 Hygeia Project Injection vulnerability in Hygeia Project Hygeia

Hygeia is an application for collecting and processing personal and case data in connection with communicable diseases.

6.5
2021-10-05 CVE-2021-41554 Archibus Incorrect Authorization vulnerability in Archibus web Central 21.3.3.815

** UNSUPPORTED WHEN ASSIGNED ** ARCHIBUS Web Central 21.3.3.815 (a version from 2014) does not properly validate requests for access to data and functionality in these affected endpoints: /archibus/schema/ab-edit-users.axvw, /archibus/schema/ab-data-dictionary-table.axvw, /archibus/schema/ab-schema-add-field.axvw, /archibus/schema/ab-core/views/process-navigator/ab-my-user-profile.axvw.

6.5
2021-10-05 CVE-2021-35504 Afian Injection vulnerability in Afian Filerun

Afian FileRun 2021.03.26 allows Remote Code Execution (by administrators) via the Check Path value for the ffmpeg binary.

6.5
2021-10-05 CVE-2021-35505 Afian Injection vulnerability in Afian Filerun

Afian FileRun 2021.03.26 allows Remote Code Execution (by administrators) via the Check Path value for the magick binary.

6.5
2021-10-04 CVE-2021-32765 Redis
Debian
Netapp
Integer Overflow or Wraparound vulnerability in multiple products

Hiredis is a minimalistic C client library for the Redis database.

6.5
2021-10-04 CVE-2021-32626 Redis
Fedoraproject
Netapp
Debian
Out-of-bounds Write vulnerability in multiple products

Redis is an open source, in-memory database that persists on disk.

6.5
2021-10-04 CVE-2021-41869 Salesagility Improper Privilege Management vulnerability in Salesagility Suitecrm

SuiteCRM 7.10.x before 7.10.33 and 7.11.x before 7.11.22 is vulnerable to privilege escalation.

6.5
2021-10-04 CVE-2021-41322 Polycom Improper Privilege Management vulnerability in Polycom VVX 400 Firmware and VVX 410 Firmware

Poly VVX 400/410 5.3.1 allows low-privileged users to change the Admin password by modifying a POST parameter to 120 during the password reset process.

6.5
2021-10-08 CVE-2021-41568 TAD WEB Project Incorrect Authorization vulnerability in TAD web Project TAD web 1.76

Tad Web is vulnerable to authorization bypass, thus remote attackers can exploit the vulnerability to use the original function of viewing bulletin boards and uploading files in the system.

6.4
2021-10-08 CVE-2021-41974 TAD Book3 Project Incorrect Permission Assignment for Critical Resource vulnerability in TAD Book3 Project TAD Book3

Tad Book3 editing book page does not perform identity verification.

6.4
2021-10-08 CVE-2021-41975 Tadtools Project Incorrect Authorization vulnerability in Tadtools Project Tadtools

TadTools special page is vulnerable to authorization bypass, thus remote attackers can use the specific parameter to delete arbitrary files in the system without logging in.

6.4
2021-10-07 CVE-2021-42091 Zammad Server-Side Request Forgery (SSRF) vulnerability in Zammad

An issue was discovered in Zammad before 4.1.1.

6.4
2021-10-06 CVE-2020-21648 Wdja Unspecified vulnerability in Wdja CMS 1.5.2

WDJA CMS v1.5.2 contains an arbitrary file deletion vulnerability in the component admin/cache/manage.php.

6.4
2021-10-06 CVE-2020-21653 Myucms Project Server-Side Request Forgery (SSRF) vulnerability in Myucms Project Myucms 2.2

Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component \controller\index.php, which can be exploited via the sj() method.

6.4
2021-10-05 CVE-2021-3436 Zephyrproject Unspecified vulnerability in Zephyrproject Zephyr 1.14.2/2.4.0/2.5.0

BT: Possible to overwrite an existing bond during keys distribution phase when the identity address of the bond is known.

6.4
2021-10-05 CVE-2021-35497 Tibco Improper Certificate Validation vulnerability in Tibco Activespaces, Eftl and FTL

The FTL Server (tibftlserver) and Docker images containing tibftlserver components of TIBCO Software Inc.'s TIBCO ActiveSpaces - Community Edition, TIBCO ActiveSpaces - Developer Edition, TIBCO ActiveSpaces - Enterprise Edition, TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, TIBCO FTL - Enterprise Edition, TIBCO eFTL - Community Edition, TIBCO eFTL - Developer Edition, and TIBCO eFTL - Enterprise Edition contain a vulnerability that theoretically allows a non-administrative, authenticated FTL user to trick the affected components into creating illegitimate certificates.

6.0
2021-10-04 CVE-2021-32627 Redis
Fedoraproject
Netapp
Debian
Integer Overflow or Wraparound vulnerability in multiple products

Redis is an open source, in-memory database that persists on disk.

6.0
2021-10-04 CVE-2021-32628 Redis
Fedoraproject
Netapp
Debian
Integer Overflow to Buffer Overflow vulnerability in multiple products

Redis is an open source, in-memory database that persists on disk.

6.0
2021-10-04 CVE-2021-32687 Redis
Fedoraproject
Netapp
Debian
Integer Overflow or Wraparound vulnerability in multiple products

Redis is an open source, in-memory database that persists on disk.

6.0
2021-10-04 CVE-2021-41099 Redis
Fedoraproject
Debian
Netapp
Integer Overflow or Wraparound vulnerability in multiple products

Redis is an open source, in-memory database that persists on disk.

6.0
2021-10-08 CVE-2021-37958 Google
Fedoraproject
Inappropriate implementation in Navigation in Google Chrome on Windows prior to 94.0.4606.54 allowed a remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page.
5.8
2021-10-06 CVE-2021-34772 Cisco Open Redirect vulnerability in Cisco Orbital

A vulnerability in the web-based management interface of Cisco Orbital could allow an unauthenticated, remote attacker to redirect users to a malicious webpage.

5.8
2021-10-06 CVE-2021-25485 Google Path Traversal vulnerability in Google Android 10.0/11.0

Path traversal vulnerability in FactoryAirCommnadManger prior to SMR Oct-2021 Release 1 allows attackers to write file as system UID via BT remote socket.

5.8
2021-10-05 CVE-2021-3581 Zephyrproject Unspecified vulnerability in Zephyrproject Zephyr 2.5.0/2.5.1

Buffer Access with Incorrect Length Value in zephyr.

5.8
2021-10-05 CVE-2021-35491 Wowza Cross-Site Request Forgery (CSRF) vulnerability in Wowza Streaming Engine

A Cross-Site Request Forgery (CSRF) vulnerability in Wowza Streaming Engine through 4.8.11+5 allows a remote attacker to delete a user account via the /enginemanager/server/user/delete.htm userName parameter.

5.8
2021-10-08 CVE-2021-41802 Hashicorp Incorrect Permission Assignment for Critical Resource vulnerability in Hashicorp Vault

HashiCorp Vault and Vault Enterprise through 1.7.4 and 1.8.3 allowed a user with write permission to an entity alias ID sharing a mount accessor with another user to acquire this other user’s policies by merging their identities.

5.5
2021-10-07 CVE-2021-35067 Meross Authentication Bypass by Capture-replay vulnerability in Meross Msg100 Firmware

Meross MSG100 devices before 3.2.3 allow an attacker to replay the same data or similar data (e.g., an attacker who sniffs a Close message can transmit an acceptable Open message).

5.5
2021-10-06 CVE-2020-21649 Myucms Project Server-Side Request Forgery (SSRF) vulnerability in Myucms Project Myucms 2.2

Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component \controller\index.php, which can be exploited via the sql() method.

5.5
2021-10-06 CVE-2021-34706 Cisco XXE vulnerability in Cisco Identity Services Engine

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to access sensitive information or conduct a server-side request forgery (SSRF) attack through an affected device.

5.5
2021-10-06 CVE-2020-15941 Fortinet Path Traversal vulnerability in Fortinet Forticlient Endpoint Management Server

A path traversal vulnerability [CWE-22] in FortiClientEMS versions 6.4.1 and below; 6.2.8 and below may allow an authenticated attacker to inject directory traversal character sequences to add/delete the files of the server via the name parameter of Deployment Packages.

5.5
2021-10-05 CVE-2021-39866 Gitlab Exposure of Resource to Wrong Sphere vulnerability in Gitlab

A business logic error in the project deletion process in GitLab 13.6 and later allows persistent access via project access tokens.

5.5
2021-10-05 CVE-2021-39867 Gitlab Server-Side Request Forgery (SSRF) vulnerability in Gitlab

In all versions of GitLab CE/EE since version 8.15, a DNS rebinding vulnerability in Gitea Importer may be exploited by an attacker to trigger Server Side Request Forgery (SSRF) attacks.

5.5
2021-10-05 CVE-2021-39894 Gitlab Server-Side Request Forgery (SSRF) vulnerability in Gitlab

In all versions of GitLab CE/EE since version 8.0, a DNS rebinding vulnerability exists in Fogbugz importer which may be used by attackers to exploit Server Side Request Forgery attacks.

5.5
2021-10-04 CVE-2020-21431 Hongcms Project Unspecified vulnerability in Hongcms Project Hongcms 3.0.0

HongCMS v3.0 contains an arbitrary file read and write vulnerability in the component /admin/index.php/template/edit.

5.5
2021-10-04 CVE-2021-39896 Gitlab Unspecified vulnerability in Gitlab

In all versions of GitLab CE/EE since version 8.0, when an admin uses the impersonate feature twice and stops impersonating, the admin may be logged in as the second user they impersonated, which may lead to repudiation issues.

5.5
2021-10-04 CVE-2021-24465 Meowapps SQL Injection vulnerability in Meowapps Meow Gallery

The Meow Gallery WordPress plugin before 4.1.9 does not sanitise, validate or escape the ids attribute of its gallery shortcode (available for users as low as Contributor) before using it in an SQL statement, leading to an authenticated SQL Injection issue.

5.5
2021-10-05 CVE-2021-31987 Axis Improper Input Validation vulnerability in Axis products

A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to bypass blocked network recipients.

5.1
2021-10-08 CVE-2021-41564 TAD Honor Project Incorrect Authorization vulnerability in TAD Honor Project TAD Honor 1.46

Tad Honor viewing book list function is vulnerable to authorization bypass, thus remote attackers can use special parameters to delete articles arbitrarily without logging in.

5.0
2021-10-08 CVE-2021-41825 Verint Injection vulnerability in Verint Workforce Optimization 15.2.5.1033

Verint Workforce Optimization (WFO) 15.2.5.1033 allows HTML injection via the /wfo/control/signin username parameter.

5.0
2021-10-08 CVE-2021-41920 Webtareas Project SQL Injection vulnerability in Webtareas Project Webtareas 2.0/2.1

webTareas version 2.4 and earlier allows an unauthenticated user to perform Time and Boolean-based blind SQL Injection on the endpoint /includes/library.php, via the sor_cible, sor_champs, and sor_ordre HTTP POST parameters.

5.0
2021-10-08 CVE-2021-41976 TAD Uploader Project Incorrect Authorization vulnerability in TAD Uploader Project TAD Uploader 3.5.3

Tad Uploader edit book list function is vulnerable to authorization bypass, thus remote attackers can use the function to amend the folder names in the book list without logging in.

5.0
2021-10-07 CVE-2021-42089 Zammad Information Exposure vulnerability in Zammad

An issue was discovered in Zammad before 4.1.1.

5.0
2021-10-07 CVE-2021-42095 Netsarang Unspecified vulnerability in Netsarang Xshell 7

Xshell before 7.0.0.76 allows attackers to cause a crash by triggering rapid changes to the title bar.

5.0
2021-10-07 CVE-2021-20584 IBM Unrestricted Upload of File with Dangerous Type vulnerability in IBM Sterling B2B Integrator

IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow a remote attacker to upload arbitrary files, caused by improper access controls.

5.0
2021-10-07 CVE-2021-37922 Zohocorp Path Traversal vulnerability in Zohocorp Manageengine Admanager Plus

Zoho ManageEngine ADManager Plus version 7110 and prior is vulnerable to path traversal which allows copying of files from one directory to another.

5.0
2021-10-07 CVE-2021-41794 Open5Gs Classic Buffer Overflow vulnerability in Open5Gs

ogs_fqdn_parse in Open5GS 1.0.0 through 2.3.3 inappropriately trusts a client-supplied length value, leading to a buffer overflow.

5.0
2021-10-07 CVE-2021-20602 Mitsubishielectric Improper Handling of Exceptional Conditions vulnerability in Mitsubishielectric products

Improper Handling of Exceptional Conditions vulnerability in GOT2000 series GT21 model GT2107-WTBD all versions, GT2107-WTSD all versions, GT2104-RTBD all versions, GT2104-PMBD all versions, GT2103-PMBD all versions, GOT SIMPLE series GS21 model GS2110-WTBD all versions, GS2107-WTBD all versions, GS2110-WTBD-N all versions, GS2107-WTBD-N all versions and LE7-40GU-L all versions allows a remote unauthenticated attacker to cause DoS condition of the products by sending specially crafted packets.

5.0
2021-10-07 CVE-2021-20603 Mitsubishielectric Improper Input Validation vulnerability in Mitsubishielectric products

Improper Input Validation vulnerability in GOT2000 series GT21 model GT2107-WTBD all versions, GT2107-WTSD all versions, GT2104-RTBD all versions, GT2104-PMBD all versions, GT2103-PMBD all versions, GOT SIMPLE series GS21 model GS2110-WTBD all versions, GS2107-WTBD all versions, GS2110-WTBD-N all versions, GS2107-WTBD-N all versions and LE7-40GU-L all versions allows a remote unauthenticated attacker to cause DoS condition of the products by sending specially crafted packets.

5.0
2021-10-07 CVE-2021-20604 Mitsubishielectric Improper Input Validation vulnerability in Mitsubishielectric products

Improper Input Validation vulnerability in GOT2000 series GT21 model GT2107-WTBD all versions, GT2107-WTSD all versions, GT2104-RTBD all versions, GT2104-PMBD all versions, GT2103-PMBD all versions, GOT SIMPLE series GS21 model GS2110-WTBD all versions, GS2107-WTBD all versions, GS2110-WTBD-N all versions, GS2107-WTBD-N all versions and LE7-40GU-L all versions allows a remote unauthenticated attacker to cause DoS condition of the products by sending specially crafted packets.

5.0
2021-10-07 CVE-2021-20605 Mitsubishielectric Improper Input Validation vulnerability in Mitsubishielectric products

Improper Input Validation vulnerability in GOT2000 series GT21 model GT2107-WTBD all versions, GT2107-WTSD all versions, GT2104-RTBD all versions, GT2104-PMBD all versions, GT2103-PMBD all versions, GOT SIMPLE series GS21 model GS2110-WTBD all versions, GS2107-WTBD all versions, GS2110-WTBD-N all versions, GS2107-WTBD-N all versions and LE7-40GU-L all versions allows a remote unauthenticated attacker to cause DoS condition of the products by sending specially crafted packets.

5.0
2021-10-07 CVE-2021-40978 Mkdocs Path Traversal vulnerability in Mkdocs 1.2.2

** DISPUTED ** The mkdocs 1.2.2 built-in dev-server allows directory traversal using the port 8000, enabling remote exploitation to obtain :sensitive information.

5.0
2021-10-07 CVE-2021-41770 Pingidentity XXE vulnerability in Pingidentity Pingfederate 6.10.1

Ping Identity PingFederate before 10.3.1 mishandles pre-parsing validation, leading to an XXE attack that can achieve XML file disclosure.

5.0
2021-10-07 CVE-2021-42054 Accel PPP Out-of-bounds Read vulnerability in Accel-Ppp 1.12.0

ACCEL-PPP 1.12.0 has an out-of-bounds read in triton_context_schedule if the client exits after authentication.

5.0
2021-10-06 CVE-2021-42040 Mediawiki Infinite Loop vulnerability in Mediawiki

An issue was discovered in MediaWiki through 1.36.2.

5.0
2021-10-06 CVE-2021-1534 Cisco Unspecified vulnerability in Cisco Asyncos

A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device.

5.0
2021-10-06 CVE-2021-25471 Google Unspecified vulnerability in Google Android 10.0/8.1/9.0

A lack of replay attack protection in Security Mode Command process prior to SMR Oct-2021 Release 1 can lead to denial of service on mobile network connection and battery depletion.

5.0
2021-10-06 CVE-2021-25480 Google Authentication Bypass by Capture-replay vulnerability in Google Android

A lack of replay attack protection in GUTI REALLOCATION COMMAND message process in Qualcomm modem prior to SMR Oct-2021 Release 1 can lead to remote denial of service on mobile network connection.

5.0
2021-10-06 CVE-2021-25483 Google Out-of-bounds Read vulnerability in Google Android

Lack of boundary checking of a buffer in livfivextractor library prior to SMR Oct-2021 Release 1 allows OOB read.

5.0
2021-10-06 CVE-2021-38925 IBM Inadequate Encryption Strength vulnerability in IBM Sterling B2B Integrator

IBM Sterling B2B Integrator Standard Edition 5.2.0.

5.0
2021-10-06 CVE-2020-19003 Liftoffsoftware Improper Authentication vulnerability in Liftoffsoftware Gate ONE 1.2.0

An issue in Gate One 1.2.0 allows attackers to bypass to the verification check done by the origins list and connect to Gate One instances used by hosts not on the origins list.

5.0
2021-10-06 CVE-2021-33602 F Secure Unspecified vulnerability in F-Secure products

A vulnerability affecting the F-Secure Antivirus engine was discovered when the engine tries to unpack a zip archive (LZW decompression method), and this can crash the scanning engine.

5.0
2021-10-05 CVE-2020-21503 Waimai Super CMS Project Exposure of Resource to Wrong Sphere vulnerability in Waimai Super CMS Project Waimai Super CMS 20150505

waimai Super Cms 20150505 has a logic flaw allowing attackers to modify a price, before form submission, by observing data in a packet capture.

5.0
2021-10-05 CVE-2021-3510 Zephyrproject Unspecified vulnerability in Zephyrproject Zephyr

Zephyr JSON decoder incorrectly decodes array of array.

5.0
2021-10-05 CVE-2021-41120 Sylius Information Exposure vulnerability in Sylius Paypal

sylius/paypal-plugin is a paypal plugin for the Sylius development platform.

5.0
2021-10-05 CVE-2021-41114 Typo3 Improper Neutralization of HTTP Headers for Scripting Syntax vulnerability in Typo3

TYPO3 is an open source PHP based web content management system released under the GNU GPL.

5.0
2021-10-05 CVE-2021-22257 Gitlab Unspecified vulnerability in Gitlab

An issue has been discovered in GitLab affecting all versions starting from 14.0 before 14.0.9, all versions starting from 14.1 before 14.1.4, all versions starting from 14.2 before 14.2.2.

5.0
2021-10-05 CVE-2021-22262 Gitlab Incorrect Authorization vulnerability in Gitlab

Missing access control in GitLab version 13.10 and above with Jira Cloud integration enabled allows Jira users without administrative privileges to add and remove Jira Connect Namespaces via the GitLab.com for Jira Cloud application configuration page

5.0
2021-10-05 CVE-2021-39875 Gitlab Information Exposure vulnerability in Gitlab

In all versions of GitLab CE/EE since version 13.6, it is possible to see pending invitations of any public group or public project by visiting an API endpoint.

5.0
2021-10-05 CVE-2021-39882 Gitlab Cleartext Transmission of Sensitive Information vulnerability in Gitlab

In all versions of GitLab CE/EE, provided a user ID, anonymous users can use a few endpoints to retrieve information about any GitLab user.

5.0
2021-10-05 CVE-2021-39893 Gitlab Missing Authorization vulnerability in Gitlab

A potential DOS vulnerability was discovered in GitLab starting with version 9.1 that allowed parsing files without authorisation.

5.0
2021-10-05 CVE-2021-41524 Apache
Fedoraproject
NULL Pointer Dereference vulnerability in multiple products

While fuzzing the 2.4.49 httpd, a new null pointer dereference was detected during HTTP/2 request processing, allowing an external source to DoS the server.

5.0
2021-10-04 CVE-2021-41123 Mysurvey Information Exposure vulnerability in Mysurvey Survey Solutions

Survey Solutions is a survey management and data collection system.

5.0
2021-10-04 CVE-2020-21493 Xiuno Unspecified vulnerability in Xiuno Xiunobbs 4.0.4

An issue in the component route\user.php of Xiuno BBS v4.0.4 allows attackers to enumerate usernames.

5.0
2021-10-04 CVE-2021-39433 Biqs Unspecified vulnerability in Biqs Biqsdrive 1.83

A local file inclusion (LFI) vulnerability exists in version BIQS IT Biqs-drive v1.83 and below when sending a specific payload as the file parameter to download/index.php.

5.0
2021-10-04 CVE-2021-41092 Docker
Fedoraproject
Insufficiently Protected Credentials vulnerability in multiple products

Docker CLI is the command line interface for the docker container runtime.

5.0
2021-10-04 CVE-2021-41118 Dynamicpagelist3 Project Resource Exhaustion vulnerability in Dynamicpagelist3 Project Dynamicpagelist3 3.3.5

The DynamicPageList3 extension is a reporting tool for MediaWiki, listing category members and intersections with various formats and details.

5.0
2021-10-04 CVE-2021-41651 Hotel Management System Project SQL Injection vulnerability in Hotel Management System Project Hotel Management System

A blind SQL injection vulnerability exists in the Raymart DG / Ahmed Helal Hotel-mgmt-system.

5.0
2021-10-04 CVE-2021-23855 Bosch Use of Password Hash With Insufficient Computational Effort vulnerability in Bosch products

The user and password data base is exposed by an unprotected web server resource.

5.0
2021-10-04 CVE-2021-32675 Redis
Fedoraproject
Netapp
Debian
Allocation of Resources Without Limits or Throttling vulnerability in multiple products

Redis is an open source, in-memory database that persists on disk.

5.0
2021-10-04 CVE-2021-41595 Salesagility Path Traversal vulnerability in Salesagility Suitecrm

SuiteCRM before 7.10.33 and 7.11.22 allows information disclosure via Directory Traversal.

5.0
2021-10-04 CVE-2021-41596 Salesagility Path Traversal vulnerability in Salesagility Suitecrm

SuiteCRM before 7.10.33 and 7.11.22 allows information disclosure via Directory Traversal.

5.0
2021-10-04 CVE-2021-37331 Bookingcore Improper Authentication vulnerability in Bookingcore Booking Core 2.0

Laravel Booking System Booking Core 2.0 is vulnerable to Incorrect Access Control.

5.0
2021-10-04 CVE-2021-37777 Gilacms Information Exposure vulnerability in Gilacms Gila CMS 2.2.0

Gila CMS 2.2.0 is vulnerable to Insecure Direct Object Reference (IDOR).

5.0
2021-10-04 CVE-2021-41867 Onionshare Unspecified vulnerability in Onionshare

An information disclosure vulnerability in OnionShare 2.3 before 2.4 allows remote unauthenticated attackers to retrieve the full list of participants of a non-public OnionShare node via the --chat feature.

5.0
2021-10-04 CVE-2021-40324 Cobbler Project Unrestricted Upload of File with Dangerous Type vulnerability in Cobbler Project Cobbler

Cobbler before 3.3.0 allows arbitrary file write operations via upload_log_data.

5.0
2021-10-04 CVE-2021-40325 Cobbler Project Incorrect Authorization vulnerability in Cobbler Project Cobbler

Cobbler before 3.3.0 allows authorization bypass for modification of settings.

5.0
2021-10-04 CVE-2021-21705 PHP
Netapp
Improper Input Validation vulnerability in multiple products

In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using URL validation functionality via filter_var() function with FILTER_VALIDATE_URL parameter, an URL with invalid password field can be accepted as valid.

5.0
2021-10-07 CVE-2021-41130 Google Authentication Bypass by Spoofing vulnerability in Google Extensible Service Proxy

Extensible Service Proxy, a.k.a.

4.9
2021-10-06 CVE-2021-25473 Google Improper Handling of Exceptional Conditions vulnerability in Google Android 11.0

Assuming a shell privilege is gained, an improper exception handling for multi_sim_bar_hide_by_meadia_full value in SystemUI prior to SMR Oct-2021 Release 1 allows an attacker to cause a permanent denial of service in user device before factory reset.

4.9
2021-10-06 CVE-2021-25474 Google Improper Handling of Exceptional Conditions vulnerability in Google Android 10.0/11.0

Assuming a shell privilege is gained, an improper exception handling for multi_sim_bar_show_on_qspanel value in SystemUI prior to SMR Oct-2021 Release 1 allows an attacker to cause a permanent denial of service in user device before factory reset.

4.9
2021-10-06 CVE-2021-25489 Google Improper Input Validation vulnerability in Google Android

Assuming radio permission is gained, missing input validation in modem interface driver prior to SMR Oct-2021 Release 1 results in format string bug leading to kernel panic.

4.9
2021-10-08 CVE-2021-41133 Flatpak
Debian
Fedoraproject
Improper Input Validation vulnerability in multiple products

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux.

4.6
2021-10-07 CVE-2021-28129 Apache Improper Privilege Management vulnerability in Apache Openoffice 4.1.8

While working on Apache OpenOffice 4.1.8 a developer discovered that the DEB package did not install using root, but instead used a userid and groupid of 500.

4.6
2021-10-06 CVE-2021-25469 Google Out-of-bounds Write vulnerability in Google Android 10.0/11.0

A possible stack-based buffer overflow vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows arbitrary code execution.

4.6
2021-10-06 CVE-2021-25481 Google Improper Check for Unusual or Exceptional Conditions vulnerability in Google Android

An improper error handling in Exynos CP booting driver prior to SMR Oct-2021 Release 1 allows local attackers to bypass a Secure Memory Protector of Exynos CP Memory.

4.6
2021-10-06 CVE-2021-25487 Google Out-of-bounds Read vulnerability in Google Android

Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer.

4.6
2021-10-06 CVE-2021-25494 Samsung Classic Buffer Overflow vulnerability in Samsung Notes

A possible buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary code execution.

4.6
2021-10-06 CVE-2021-25495 Samsung Out-of-bounds Write vulnerability in Samsung Notes

A possible heap buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary code execution.

4.6
2021-10-06 CVE-2021-25496 Samsung Classic Buffer Overflow vulnerability in Samsung Notes

A possible buffer overflow vulnerability in maetd_dec_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution.

4.6
2021-10-06 CVE-2021-25497 Samsung Classic Buffer Overflow vulnerability in Samsung Notes

A possible buffer overflow vulnerability in maetd_cpy_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution.

4.6
2021-10-06 CVE-2021-25498 Samsung Classic Buffer Overflow vulnerability in Samsung Notes

A possible buffer overflow vulnerability in maetd_eco_cb_mode of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution.

4.6
2021-10-06 CVE-2021-20264 Oracle Improper Privilege Management vulnerability in Oracle Openjdk 1.8.0/11

An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11 containers.

4.6
2021-10-06 CVE-2021-0595 Google Improper Privilege Management vulnerability in Google Android

In lockAllProfileTasks of RootWindowContainer.java, there is a possible way to access the work profile without the profile PIN, after logging in.

4.6
2021-10-06 CVE-2021-0683 Google Unspecified vulnerability in Google Android

In runTraceIpcStop of ActivityManagerShellCommand.java, there is a possible deletion of system files due to a confused deputy.

4.6
2021-10-06 CVE-2021-0684 Google Use After Free vulnerability in Google Android

In TouchInputMapper::sync of TouchInputMapper.cpp, there is a possible out of bounds write due to a use after free.

4.6
2021-10-06 CVE-2021-0685 Google Deserialization of Untrusted Data vulnerability in Google Android 11.0

In ParsedIntentInfo of ParsedIntentInfo.java, there is a possible parcel serialization/deserialization mismatch due to unsafe deserialization.

4.6
2021-10-06 CVE-2021-0691 Google Improper Privilege Management vulnerability in Google Android 11.0

In the SELinux policy configured in system_app.te, there is a possible way for system_app to gain code execution in other processes due to an overly-permissive SELinux policy.

4.6
2021-10-06 CVE-2021-0692 Google Improper Privilege Management vulnerability in Google Android 10.0/11.0/9.0

In sendBroadcastToInstaller of FirstScreenBroadcast.java, there is a possible activity launch due to an unsafe PendingIntent.

4.6
2021-10-06 CVE-2021-28702 XEN
Fedoraproject
Debian
Improper Privilege Management vulnerability in multiple products

PCI devices with RMRRs not deassigned correctly Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR").

4.6
2021-10-05 CVE-2021-41286 Omikron Improper Authentication vulnerability in Omikron Multicash 4.00.008

Omikron MultiCash Desktop 4.00.008.SP5 relies on a client-side authentication mechanism.

4.6
2021-10-04 CVE-2021-41091 Mobyproject
Fedoraproject
Incorrect Permission Assignment for Critical Resource vulnerability in multiple products

Moby is an open-source project created by Docker to enable software containerization.

4.6
2021-10-04 CVE-2021-38396 Bostonscientific Insufficient Verification of Data Authenticity vulnerability in Bostonscientific Zoom Latitude Pogrammer/Recorder/Monitor 3120 Firmware

The programmer installation utility does not perform a cryptographic authenticity or integrity checks of the software on the flash drive.

4.6
2021-10-04 CVE-2021-38398 Bostonscientific Unspecified vulnerability in Bostonscientific products

The affected device uses off-the-shelf software components that contain unpatched vulnerabilities.

4.6
2021-10-04 CVE-2021-38400 Bostonscientific Use of Password Hash With Insufficient Computational Effort vulnerability in Bostonscientific Zoom Latitude Pogrammer/Recorder/Monitor 3120 Firmware

An attacker with physical access to Boston Scientific Zoom Latitude Model 3120 can remove the hard disk drive or create a specially crafted USB to extract the password hash for brute force reverse engineering of the system password.

4.6
2021-10-07 CVE-2021-26556 Octopus Untrusted Search Path vulnerability in Octopus Deploy

When Octopus Server is installed using a custom folder location, folder ACLs are not set correctly and could lead to an unprivileged user using DLL side-loading to gain privileged access.

4.4
2021-10-07 CVE-2021-26557 Octopus Untrusted Search Path vulnerability in Octopus Tentacle 3.15.4/5.0.0

When Octopus Tentacle is installed using a custom folder location, folder ACLs are not set correctly and could lead to an unprivileged user using DLL side-loading to gain privileged access.

4.4
2021-10-06 CVE-2021-0598 Google Improper Privilege Management vulnerability in Google Android

In onCreate of ConfirmConnectActivity.java, there is a possible pairing of untrusted Bluetooth devices due to a tapjacking/overlay attack.

4.4
2021-10-06 CVE-2021-0688 Google Race Condition vulnerability in Google Android

In lockNow of PhoneWindowManager.java, there is a possible lock screen bypass due to a race condition.

4.4
2021-10-04 CVE-2021-41089 Mobyproject
Fedoraproject
Improper Preservation of Permissions vulnerability in multiple products

Moby is an open-source project created by Docker to enable software containerization.

4.4
2021-10-04 CVE-2021-40683 Akamai Unquoted Search Path or Element vulnerability in Akamai Enterprise Application Access 2.0.1/2.4.0

In Akamai EAA (Enterprise Application Access) Client before 2.3.1, 2.4.x before 2.4.1, and 2.5.x before 2.5.3, an unquoted path may allow an attacker to hijack the flow of execution.

4.4
2021-10-08 CVE-2021-37963 Google
Fedoraproject
Side-channel information leakage in DevTools in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to bypass site isolation via a crafted HTML page.
4.3
2021-10-08 CVE-2021-37964 Google
Fedoraproject
Inappropriate implementation in ChromeOS Networking in Google Chrome on ChromeOS prior to 94.0.4606.54 allowed an attacker with a rogue wireless access point to to potentially carryout a wifi impersonation attack via a crafted ONC file.
4.3
2021-10-08 CVE-2021-37965 Google
Fedoraproject
Exposure of Resource to Wrong Sphere vulnerability in multiple products

Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

4.3
2021-10-08 CVE-2021-37966 Google
Fedoraproject
Origin Validation Error vulnerability in multiple products

Inappropriate implementation in Compositing in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

4.3
2021-10-08 CVE-2021-37967 Google
Fedoraproject
Exposure of Resource to Wrong Sphere vulnerability in multiple products

Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.

4.3
2021-10-08 CVE-2021-37968 Google
Fedoraproject
Exposure of Resource to Wrong Sphere vulnerability in multiple products

Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

4.3
2021-10-08 CVE-2021-37971 Google
Fedoraproject
Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products

Incorrect security UI in Web Browser UI in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

4.3
2021-10-08 CVE-2021-37976 Google
Fedoraproject
Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
4.3
2021-10-08 CVE-2021-30630 Google
Fedoraproject
Exposure of Resource to Wrong Sphere vulnerability in multiple products

Inappropriate implementation in Blink in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.

4.3
2021-10-08 CVE-2021-42112 Limesurvey Cross-site Scripting vulnerability in Limesurvey

The "File upload question" functionality in LimeSurvey 3.x-LTS through 3.27.18 allows XSS in assets/scripts/modaldialog.js and assets/scripts/uploader.js.

4.3
2021-10-08 CVE-2021-20600 Mitsubishielectric Resource Exhaustion vulnerability in Mitsubishielectric R12Ccpu-V Firmware

Uncontrolled resource consumption in MELSEC iQ-R series C Controller Module R12CCPU-V all versions allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition by sending a large number of packets in a short time while the module starting up.

4.3
2021-10-08 CVE-2021-41563 TAD Book3 Project Cross-site Scripting vulnerability in TAD Book3 Project TAD Book3

Tad Book3 editing book function does not filter special characters.

4.3
2021-10-08 CVE-2021-41565 Tadtools Project Cross-site Scripting vulnerability in Tadtools Project Tadtools

TadTools special page parameter does not properly restrict the input of specific characters, thus remote attackers can inject JavaScript syntax without logging in, and further perform reflective XSS attacks.

4.3
2021-10-08 CVE-2021-41567 TAD Uploader Project Cross-site Scripting vulnerability in TAD Uploader Project TAD Uploader 3.5.3

The new add subject parameter of Tad Uploader view book list function fails to filter special characters.

4.3
2021-10-08 CVE-2021-33603 F Secure Unspecified vulnerability in F-Secure products

A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the AVPACK module component used in certain F-Secure products can crash while scanning a fuzzed files.

4.3
2021-10-08 CVE-2021-40832 F Secure Unspecified vulnerability in F-Secure products

A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the AVRDL unpacking module component used in certain F-Secure products can crash while scanning a fuzzed files.

4.3
2021-10-07 CVE-2021-42088 Zammad Cross-site Scripting vulnerability in Zammad

An issue was discovered in Zammad before 4.1.1.

4.3
2021-10-07 CVE-2021-20481 IBM Cross-site Scripting vulnerability in IBM Sterling File Gateway

IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting.

4.3
2021-10-07 CVE-2021-20561 IBM Cross-site Scripting vulnerability in IBM Sterling B2B Integrator

IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting.

4.3
2021-10-07 CVE-2021-23447 Teddy Project Cross-site Scripting vulnerability in Teddy Project Teddy

This affects the package teddy before 0.5.9.

4.3
2021-10-07 CVE-2021-3834 Artica Cross-site Scripting vulnerability in Artica Integria IMS 5.0.92

Integria IMS in its 5.0.92 version does not filter correctly some fields related to the login.php file.

4.3
2021-10-07 CVE-2021-40439 Apache XXE vulnerability in Apache Openoffice

Apache OpenOffice has a dependency on expat software.

4.3
2021-10-07 CVE-2021-36150 Silverstripe Cross-site Scripting vulnerability in Silverstripe

SilverStripe Framework through 4.8.1 allows XSS.

4.3
2021-10-06 CVE-2021-21684 Jenkins Cross-site Scripting vulnerability in Jenkins GIT

Jenkins Git Plugin 4.8.2 and earlier does not escape the Git SHA-1 checksum parameters provided to commit notifications when displaying them in a build cause, resulting in a stored cross-site scripting (XSS) vulnerability.

4.3
2021-10-06 CVE-2020-21658 Wdja Cross-Site Request Forgery (CSRF) vulnerability in Wdja CMS 1.5.2

A Cross-Site Request Forgery (CSRF) in WDJA CMS v1.5.2 allows attackers to arbitrarily add administrator accounts via a crafted URL.

4.3
2021-10-06 CVE-2021-42041 Mediawiki Cross-site Scripting vulnerability in Mediawiki

An issue was discovered in CentralAuth in MediaWiki through 1.36.2.

4.3
2021-10-06 CVE-2021-42043 Mediawiki Cross-site Scripting vulnerability in Mediawiki

An issue was discovered in Special:MediaSearch in the MediaSearch extension in MediaWiki through 1.36.2.

4.3
2021-10-06 CVE-2021-34742 Cisco Cross-site Scripting vulnerability in Cisco Vision Dynamic Signage Director

A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface on an affected device.

4.3
2021-10-06 CVE-2021-39350 Foliovision Cross-site Scripting vulnerability in Foliovision FV Flowplayer Video Player 7.5.0.727/7.5.1.727/7.5.2.727

The FV Flowplayer Video Player WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the player_id parameter found in the ~/view/stats.php file which allows attackers to inject arbitrary web scripts, in versions 7.5.0.727 - 7.5.2.727.

4.3
2021-10-06 CVE-2021-0690 Google Out-of-bounds Write vulnerability in Google Android

In ih264d_mark_err_slice_skip of ih264d_parse_pslice.c, there is a possible out of bounds write due to a heap buffer overflow.

4.3
2021-10-05 CVE-2020-21504 Waimai Super CMS Project Cross-site Scripting vulnerability in Waimai Super CMS Project Waimai Super CMS 20150505

waimai Super Cms 20150505 contains a cross-site scripting (XSS) vulnerability in the component /admin.php?&m=Public&a=login.

4.3
2021-10-05 CVE-2020-21505 Waimai Super CMS Project Cross-site Scripting vulnerability in Waimai Super CMS Project Waimai Super CMS 20150505

waimai Super Cms 20150505 contains a cross-site scripting (XSS) vulnerability in the component /admin.php/Link/addsave.

4.3
2021-10-05 CVE-2020-21506 Waimai Super CMS Project Cross-site Scripting vulnerability in Waimai Super CMS Project Waimai Super CMS 20150505

waimai Super Cms 20150505 contains a cross-site scripting (XSS) vulnerability in the component /admin.php?m=Config&a=add.

4.3
2021-10-05 CVE-2021-41124 Zyte Information Exposure vulnerability in Zyte Scrapy-Splash

Scrapy-splash is a library which provides Scrapy and JavaScript integration.

4.3
2021-10-05 CVE-2021-41555 Archibus Cross-site Scripting vulnerability in Archibus web Central 21.3.3.815

** UNSUPPORTED WHEN ASSIGNED ** In ARCHIBUS Web Central 21.3.3.815 (a version from 2014), XSS occurs in /archibus/dwr/call/plaincall/workflow.runWorkflowRule.dwr because the data received as input from clients is re-included within the HTTP response returned by the application without adequate validation.

4.3
2021-10-05 CVE-2021-22264 Gitlab Unspecified vulnerability in Gitlab

An issue has been discovered in GitLab affecting all versions starting from 13.8 before 14.0.9, all versions starting from 14.1 before 14.1.4, all versions starting from 14.2 before 14.2.2.

4.3
2021-10-05 CVE-2021-35506 Afian Cross-site Scripting vulnerability in Afian Filerun 2021.03.26

Afian FileRun 2021.03.26 allows XSS when an administrator encounters a crafted document during use of the HTML Editor for a preview or edit action.

4.3
2021-10-05 CVE-2021-39869 Gitlab Information Exposure vulnerability in Gitlab

In all versions of GitLab CE/EE since version 8.9, project exports may expose trigger tokens configured on that project.

4.3
2021-10-05 CVE-2021-35503 Afian Cross-site Scripting vulnerability in Afian Filerun 2021.03.26

Afian FileRun 2021.03.26 allows stored XSS via an HTTP X-Forwarded-For header that is mishandled when rendering Activity Logs.

4.3
2021-10-05 CVE-2021-41773 Apache
Fedoraproject
Path Traversal vulnerability in multiple products

A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49.

4.3
2021-10-04 CVE-2020-21494 Xiuno Cross-site Scripting vulnerability in Xiuno Xiunobbs 4.0.4

A cross-site scripting (XSS) vulnerability in the component install\install.sql of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via changing the doctype value to 0.

4.3
2021-10-04 CVE-2020-21495 Xiuno Cross-site Scripting vulnerability in Xiuno Xiunobbs 4.0.4

A cross-site scripting (XSS) vulnerability in the component /admin/?setting-base.htm of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via the sitename parameter.

4.3
2021-10-04 CVE-2020-21496 Xiuno Cross-site Scripting vulnerability in Xiuno Xiunobbs 4.0.4

A cross-site scripting (XSS) vulnerability in the component /admin/?setting-base.htm of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via the sitebrief parameter.

4.3
2021-10-04 CVE-2020-21387 Maccms Cross-site Scripting vulnerability in Maccms 10.0

A cross-site scripting (XSS) vulnerability in the parameter type_en of Maccms 10 allows attackers to obtain the administrator cookie and escalate privileges via a crafted payload.

4.3
2021-10-04 CVE-2021-23856 Bosch Cross-site Scripting vulnerability in Bosch products

The web server is vulnerable to reflected XSS and therefore an attacker might be able to execute scripts on a client’s computer by sending the client a manipulated URL.

4.3
2021-10-04 CVE-2020-28119 53Kf Cross-site Scripting vulnerability in 53Kf

Cross site scripting vulnerability in 53KF < 2.0.0.2 that allows for arbitrary code to be executed via crafted HTML statement inserted into chat window.

4.3
2021-10-04 CVE-2021-36850 Meowapps Cross-Site Request Forgery (CSRF) vulnerability in Meowapps Media File Renamer - Auto & Manual Rename

Cross-Site Request Forgery (CSRF) vulnerability in WordPress Media File Renamer – Auto & Manual Rename plugin (versions <= 5.1.9).

4.3
2021-10-04 CVE-2021-39873 Gitlab Unspecified vulnerability in Gitlab

In all versions of GitLab CE/EE, there exists a content spoofing vulnerability which may be leveraged by attackers to trick users into visiting a malicious website by spoofing the content in an error response.

4.3
2021-10-04 CVE-2021-39877 Gitlab Resource Exhaustion vulnerability in Gitlab

A vulnerability was discovered in GitLab starting with version 12.2 that allows an attacker to cause uncontrolled resource consumption with a specially crafted file.

4.3
2021-10-04 CVE-2021-41530 Forcepoint Unspecified vulnerability in Forcepoint Next Generation Firewall

Forcepoint NGFW Engine versions 6.5.11 and earlier, 6.8.6 and earlier, and 6.10.0 are vulnerable to TCP reflected amplification vulnerability, if HTTP User Response has been configured.

4.3
2021-10-04 CVE-2021-24676 Codesolz Cross-site Scripting vulnerability in Codesolz Better Find and Replace

The Better Find and Replace WordPress plugin before 1.2.9 does not escape the 's' GET parameter before outputting back in the All Masking Rules page, leading to a Reflected Cross-Site Scripting issue

4.3
2021-10-04 CVE-2021-24679 Coinmarketstats Cross-site Scripting vulnerability in Coinmarketstats Bitcoin / Altcoin Payment Gateway for Woocommerce

The Bitcoin / AltCoin Payment Gateway for WooCommerce WordPress plugin before 1.6.1 does not escape the 's' GET parameter before outputting back in the All Masking Rules page, leading to a Reflected Cross-Site Scripting issue

4.3
2021-10-04 CVE-2021-41878 Hkurl Cross-site Scripting vulnerability in Hkurl I-Panel Administration System 2.0

A reflected cross-site scripting (XSS) vulnerability exists in the i-Panel Administration System Version 2.0 that enables a remote attacker to execute arbitrary JavaScript code in the browser-based web console and it is possible to insert a vulnerable malicious button.

4.3
2021-10-04 CVE-2021-21704 PHP
Netapp
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using Firebird PDO driver extension, a malicious database server could cause crashes in various database functions, such as getAttribute(), execute(), fetch() and others by returning invalid response data that is not parsed correctly by the driver.

4.3
2021-10-04 CVE-2021-21706 PHP Path Traversal vulnerability in PHP

In PHP versions 7.3.x below 7.3.31, 7.4.x below 7.4.24 and 8.0.x below 8.0.11, in Microsoft Windows environment, ZipArchive::extractTo may be tricked into writing a file outside target directory when extracting a ZIP file, thus potentially causing files to be created or overwritten, subject to OS permissions.

4.3
2021-10-08 CVE-2020-4654 IBM Incorrect Authorization vulnerability in IBM Sterling File Gateway

IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow an authenticated user to obtain sensitive information due to improper permission control.

4.0
2021-10-08 CVE-2021-32029 Postgresql
Redhat
Information Exposure vulnerability in multiple products

A flaw was found in postgresql.

4.0
2021-10-08 CVE-2021-3312 Alkacon XXE vulnerability in Alkacon Opencms 11.0/11.0.1/11.0.2

An XML external entity (XXE) vulnerability in Alkacon OpenCms 11.0, 11.0.1 and 11.0.2 allows remote authenticated users with edit privileges to exfiltrate files from the server's file system by uploading a crafted SVG document.

4.0
2021-10-07 CVE-2021-41115 Zulip Unspecified vulnerability in Zulip

Zulip is an open source team chat server.

4.0
2021-10-07 CVE-2021-42084 Zammad Infinite Loop vulnerability in Zammad

An issue was discovered in Zammad before 4.1.1.

4.0
2021-10-07 CVE-2021-42087 Zammad Exposure of Resource to Wrong Sphere vulnerability in Zammad

An issue was discovered in Zammad before 4.1.1.

4.0
2021-10-07 CVE-2021-20372 IBM Improper Authentication vulnerability in IBM Sterling B2B Integrator

IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow a remote authenticated user to cause a denial of another user's service due to insufficient permission checking.

4.0
2021-10-07 CVE-2021-20375 IBM Improper Authentication vulnerability in IBM Sterling B2B Integrator

IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow an authenticated user to intercept and replace a message sent by another user due to improper access controls.

4.0
2021-10-07 CVE-2021-20376 IBM Information Exposure vulnerability in IBM Sterling B2B Integrator

IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow an authenticated attacker to enumerate usernames due to there being an observable discrepancy in returned messages.

4.0
2021-10-07 CVE-2021-20473 IBM Insufficient Session Expiration vulnerability in IBM Sterling File Gateway

IBM Sterling File Gateway User Interface 2.2.0.0 through 6.1.1.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.

4.0
2021-10-07 CVE-2021-20552 IBM Information Exposure Through an Error Message vulnerability in IBM Sterling File Gateway

IBM Sterling File Gateway 6.0.0.0 through 6.1.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.

4.0
2021-10-07 CVE-2021-29700 IBM Information Exposure vulnerability in IBM Sterling B2B Integrator

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 could allow an authneticated attacker to obtain sensitive information from configuration files that could aid in further attacks against the system.

4.0
2021-10-07 CVE-2021-28661 Silverstripe Incorrect Authorization vulnerability in Silverstripe

Default SilverStripe GraphQL Server (aka silverstripe/graphql) 3.x through 3.4.1 permission checker not inherited by query subclass.

4.0
2021-10-07 CVE-2021-41865 Hashicorp Unspecified vulnerability in Hashicorp Nomad

HashiCorp Nomad and Nomad Enterprise 1.1.1 through 1.1.5 allowed authenticated users with job submission capabilities to cause denial of service by submitting incomplete job specifications with a Consul mesh gateway and host networking mode.

4.0
2021-10-06 CVE-2021-21682 Jenkins Path Equivalence: 'filename.' (Trailing Dot) vulnerability in Jenkins

Jenkins 2.314 and earlier, LTS 2.303.1 and earlier accepts names of jobs and other entities with a trailing dot character, potentially replacing the configuration and data of other entities on Windows.

4.0
2021-10-06 CVE-2021-21683 Jenkins Path Traversal vulnerability in Jenkins

The file browser in Jenkins 2.314 and earlier, LTS 2.303.1 and earlier may interpret some paths to files as absolute on Windows, resulting in a path traversal vulnerability allowing attackers with Overall/Read permission (Windows controller) or Job/Workspace permission (Windows agents) to obtain the contents of arbitrary files.

4.0
2021-10-06 CVE-2021-34702 Cisco Information Exposure vulnerability in Cisco Identity Services Engine

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information.

4.0
2021-10-06 CVE-2021-34744 Cisco Information Exposure vulnerability in Cisco products

Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an attacker with Administrator privileges to access sensitive login credentials or reconfigure the passwords on the user account.

4.0
2021-10-06 CVE-2021-34782 Cisco Unspecified vulnerability in Cisco DNA Center

A vulnerability in the API endpoints for Cisco DNA Center could allow an authenticated, remote attacker to gain access to sensitive information that should be restricted.

4.0
2021-10-06 CVE-2021-25477 Google Double Free vulnerability in Google Android 10.0/11.0/9.0

An improper error handling in Mediatek RRC Protocol stack prior to SMR Oct-2021 Release 1 allows modem crash and remote denial of service.

4.0
2021-10-06 CVE-2021-41125 Scrapy Information Exposure vulnerability in Scrapy

Scrapy is a high-level web crawling and scraping framework for Python.

4.0
2021-10-06 CVE-2021-29758 IBM Improper Authentication vulnerability in IBM Sterling B2B Integrator

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 could allow an authenticated user to perform actions that they should not be able to access due to improper access controls.

4.0
2021-10-06 CVE-2021-29760 IBM Incorrect Authorization vulnerability in IBM Sterling B2B Integrator

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 could allow an authenticated user to download unauthorized files through the dashboard user interface.

4.0
2021-10-06 CVE-2021-29761 IBM Information Exposure vulnerability in IBM Sterling B2B Integrator

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 could allow an authenticated user to obtain sensitive information from the dashboard that they should not have access to.

4.0
2021-10-06 CVE-2021-39351 WP Bannerize Project SQL Injection vulnerability in WP Bannerize Project WP Bannerize

The WP Bannerize WordPress plugin is vulnerable to authenticated SQL injection via the id parameter found in the ~/Classes/wpBannerizeAdmin.php file which allows attackers to exfiltrate sensitive information from vulnerable sites.

4.0
2021-10-06 CVE-2021-36178 Fortinet Insufficiently Protected Credentials vulnerability in Fortinet Fortisdnconnector

A insufficiently protected credentials in Fortinet FortiSDNConnector version 1.1.7 and below allows attacker to disclose third-party devices credential information via configuration page lookup.

4.0
2021-10-05 CVE-2021-41122 Vyper Project Incorrect Calculation vulnerability in Vyper Project Vyper

Vyper is a Pythonic Smart Contract Language for the EVM.

4.0
2021-10-05 CVE-2021-31986 Axis Out-of-bounds Write vulnerability in Axis products

User controlled parameters related to SMTP notifications are not correctly validated.

4.0
2021-10-05 CVE-2021-35492 Wowza Resource Exhaustion vulnerability in Wowza Streaming Engine

Wowza Streaming Engine through 4.8.11+5 could allow an authenticated, remote attacker to exhaust filesystem resources via the /enginemanager/server/vhost/historical.jsdata vhost parameter.

4.0
2021-10-05 CVE-2021-39880 Gitlab Unspecified vulnerability in Gitlab

A Denial Of Service vulnerability in the apollo_upload_server Ruby gem in GitLab CE/EE version 11.11 and above allows an attacker to deny access to all users via specially crafted requests to the apollo_upload_server middleware.

4.0
2021-10-05 CVE-2021-22258 Gitlab Unspecified vulnerability in Gitlab

The project import/export feature in GitLab 8.9 and greater could be used to obtain otherwise private email addresses

4.0
2021-10-05 CVE-2021-39870 Gitlab Unspecified vulnerability in Gitlab

In all versions of GitLab CE/EE since version 11.11, an instance that has the setting to disable Repo by URL import enabled is bypassed by an attacker making a crafted API call.

4.0
2021-10-05 CVE-2021-39886 Gitlab Incorrect Default Permissions vulnerability in Gitlab

Permissions rules were not applied while issues were moved between projects of the same group in GitLab versions starting with 10.6 and up to 14.1.7 allowing users to read confidential Epic references.

4.0
2021-10-05 CVE-2021-39889 Gitlab Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab

In all versions of GitLab EE since version 14.1, due to an insecure direct object reference vulnerability, an endpoint may reveal the protected branch name to a malicious user who makes a crafted API call with the ID of the protected branch.

4.0
2021-10-05 CVE-2021-39891 Gitlab Incorrect Authorization vulnerability in Gitlab

In all versions of GitLab CE/EE since version 8.0, access tokens created as part of admin's impersonation of a user are not cleared at the end of impersonation which may lead to unnecessary sensitive info disclosure.

4.0
2021-10-05 CVE-2021-39872 Gitlab Improper Authentication vulnerability in Gitlab

In all versions of GitLab CE/EE since version 14.1, an improper access control vulnerability allows users with expired password to still access GitLab through git and API through access tokens acquired before password expiration.

4.0
2021-10-05 CVE-2021-39884 Gitlab Exposure of Resource to Wrong Sphere vulnerability in Gitlab

In all versions of GitLab EE since version 8.13, an endpoint discloses names of private groups that have access to a project to low privileged users that are part of that project.

4.0
2021-10-05 CVE-2021-39888 Gitlab Information Exposure vulnerability in Gitlab

In all versions of GitLab EE since version 13.10, a specific API endpoint may reveal details about a private group and other sensitive info inside issue and merge request templates.

4.0
2021-10-05 CVE-2021-37223 Nagios Server-Side Request Forgery (SSRF) vulnerability in Nagios XI

Nagios Enterprises NagiosXI <= 5.8.4 contains a Server-Side Request Forgery (SSRF) vulnerability in schedulereport.php.

4.0
2021-10-04 CVE-2021-32672 Redislabs
Redhat
Debian
Netapp
Fedoraproject
Out-of-bounds Read vulnerability in multiple products

Redis is an open source, in-memory database that persists on disk.

4.0
2021-10-04 CVE-2021-39347 Paymentplugins Missing Authorization vulnerability in Paymentplugins Stripe for Woocommerce

The Stripe for WooCommerce WordPress plugin is missing a capability check on the save() function found in the ~/includes/admin/class-wc-stripe-admin-user-edit.php file that makes it possible for attackers to configure their account to use other site users unique STRIPE identifier and make purchases with their payment accounts.

4.0
2021-10-04 CVE-2021-22259 Gitlab Unspecified vulnerability in Gitlab

A potential DOS vulnerability was discovered in GitLab EE starting with version 12.6 due to lack of pagination in dependencies API.

4.0
2021-10-04 CVE-2021-39868 Gitlab Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab

In all versions of GitLab CE/EE since version 8.12, an authenticated low-privileged malicious user may create a project with unlimited repository size by modifying values in a project export.

4.0
2021-10-04 CVE-2021-39871 Gitlab Unspecified vulnerability in Gitlab

In all versions of GitLab CE/EE since version 13.0, an instance that has the setting to disable Bitbucket Server import enabled is bypassed by an attacker making a crafted API call.

4.0
2021-10-04 CVE-2021-39874 Gitlab Unspecified vulnerability in Gitlab

In all versions of GitLab CE/EE since version 11.0, the requirement to enforce 2FA is not honored when using git commands.

4.0
2021-10-04 CVE-2021-39879 Gitlab Missing Authentication for Critical Function vulnerability in Gitlab

Missing authentication in all versions of GitLab CE/EE since version 7.11.0 allows an attacker with access to a victim's session to disable two-factor authentication

4.0
2021-10-04 CVE-2021-39883 Gitlab Incorrect Authorization vulnerability in Gitlab

Improper authorization checks in GitLab EE > 13.11 allows subgroup members to see epics from all parent subgroups.

4.0
2021-10-04 CVE-2021-39900 Gitlab Exposure of Resource to Wrong Sphere vulnerability in Gitlab

Information disclosure from SendEntry in GitLab starting with 10.8 allowed exposure of full URL of artifacts stored in object-storage with a temporary availability via Rails logs.

4.0

66 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2021-10-08 CVE-2021-25271 Sophos Improper Privilege Management vulnerability in Sophos Hitmanpro 3.7/3.7.20

A local attacker could read or write arbitrary files with administrator privileges in HitmanPro before version Build 318.

3.6
2021-10-06 CVE-2021-34757 Cisco Information Exposure vulnerability in Cisco products

Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an attacker with Administrator privileges to access sensitive login credentials or reconfigure the passwords on the user account.

3.6
2021-10-06 CVE-2021-25470 Google Incorrect Authorization vulnerability in Google Android 10.0/11.0/9.0

An improper caller check logic of SMC call in TEEGRIS secure OS prior to SMR Oct-2021 Release 1 can be used to compromise TEE.

3.6
2021-10-06 CVE-2021-25482 Google SQL Injection vulnerability in Google Android 11.0

SQL injection vulnerabilities in CMFA framework prior to SMR Oct-2021 Release 1 allow untrusted application to overwrite some CMFA framework information.

3.6
2021-10-06 CVE-2021-25490 Google Unspecified vulnerability in Google Android 10.0/11.0/9.0

A keyblob downgrade attack in keymaster prior to SMR Oct-2021 Release 1 allows attacker to trigger IV reuse vulnerability with privileged process.

3.6
2021-10-06 CVE-2021-25492 Samsung Out-of-bounds Write vulnerability in Samsung Notes

Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read.

3.6
2021-10-06 CVE-2021-25493 Samsung Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Samsung Notes

Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read

3.6
2021-10-08 CVE-2021-41917 Webtareas Project Cross-site Scripting vulnerability in Webtareas Project Webtareas 2.0/2.1

webTareas version 2.4 and earlier allows an authenticated user to store arbitrary web script or HTML by creating or editing a client name in the clients section, due to incorrect sanitization of user-supplied data and achieve a Stored Cross-Site Scripting attack against the platform users and administrators.

3.5
2021-10-08 CVE-2021-41918 Webtareas Project Cross-site Scripting vulnerability in Webtareas Project Webtareas 2.0/2.1

webTareas version 2.4 and earlier allows an authenticated user to inject arbitrary web script or HTML due to incorrect sanitization of user-supplied data and achieve a Reflected Cross-Site Scripting attack against the platform users and administrators.

3.5
2021-10-07 CVE-2020-21729 Jeecms Cross-site Scripting vulnerability in Jeecms X 1.1

JEECMS x1.1 contains a stored cross-site scripting (XSS) vulnerability in the component of /member-vipcenter.htm, which allows attackers to execute arbitrary web scripts or HTML via a crafted payload.

3.5
2021-10-07 CVE-2021-42085 Zammad Cross-site Scripting vulnerability in Zammad

An issue was discovered in Zammad before 4.1.1.

3.5
2021-10-07 CVE-2021-42092 Zammad Cross-site Scripting vulnerability in Zammad

An issue was discovered in Zammad before 4.1.1.

3.5
2021-10-07 CVE-2021-20571 IBM Cross-site Scripting vulnerability in IBM Sterling B2B Integrator

IBM Sterling B2B Integrator 5.2.0.0 through 6.1.1.0 is vulnerable to stored cross-site scripting.

3.5
2021-10-07 CVE-2021-42053 Django Unicorn Cross-site Scripting vulnerability in Django-Unicorn Unicorn

The Unicorn framework through 0.35.3 for Django allows XSS via component.name.

3.5
2021-10-06 CVE-2020-21656 Xyhcms Cross-site Scripting vulnerability in Xyhcms 3.6

XYHCMS v3.6 contains a stored cross-site scripting (XSS) vulnerability in the component xyhai.php?s=/Link/index.

3.5
2021-10-06 CVE-2021-42042 Mediawiki Cross-site Scripting vulnerability in Mediawiki

An issue was discovered in SpecialEditGrowthConfig in the GrowthExperiments extension in MediaWiki through 1.36.2.

3.5
2021-10-06 CVE-2021-42044 Mediawiki Cross-site Scripting vulnerability in Mediawiki

An issue was discovered in the Mentor dashboard in the GrowthExperiments extension in MediaWiki through 1.36.2.

3.5
2021-10-06 CVE-2021-29764 IBM Cross-site Scripting vulnerability in IBM Sterling B2B Integrator

IBM Sterling B2B Integrator 5.2.0.0 through 6.1.1.0 is vulnerable to stored cross-site scripting.

3.5
2021-10-06 CVE-2021-29836 IBM Cross-site Scripting vulnerability in IBM Sterling B2B Integrator

IBM Sterling B2B Integrator Standard Edition 5.2.0.0.

3.5
2021-10-06 CVE-2021-29855 IBM Cross-site Scripting vulnerability in IBM Sterling B2B Integrator

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting.

3.5
2021-10-06 CVE-2021-24021 Fortinet Cross-site Scripting vulnerability in Fortinet Fortianalyzer

An improper neutralization of input vulnerability [CWE-79] in FortiAnalyzer versions 6.4.3 and below, 6.2.7 and below and 6.0.10 and below may allow a remote authenticated attacker to perform a stored cross site scripting attack (XSS) via the column settings of Logview in FortiAnalyzer, should the attacker be able to obtain that POST request, via other, hypothetical attacks.

3.5
2021-10-06 CVE-2021-36175 Fortinet Cross-site Scripting vulnerability in Fortinet Fortiweb

An improper neutralization of input vulnerability [CWE-79] in FortiWebManager versions 6.2.3 and below, 6.0.2 and below may allow a remote authenticated attacker to inject malicious script/tags via the name/description/comments parameter of various sections of the device.

3.5
2021-10-05 CVE-2021-33849 Zohocorp Cross-site Scripting vulnerability in Zohocorp Zoho CRM Lead Magnet 1.7.2.4

A Cross-Site Scripting (XSS) attack can cause arbitrary code (JavaScript) to run in a user’s browser while the browser is connected to a trusted website.

3.5
2021-10-05 CVE-2021-22261 Gitlab Cross-site Scripting vulnerability in Gitlab

A stored Cross-Site Scripting vulnerability in the Jira integration in GitLab version 13.7 and above allows an attacker to execute arbitrary JavaScript code on the victim's behalf via malicious Jira API responses

3.5
2021-10-05 CVE-2021-39881 Gitlab Unspecified vulnerability in Gitlab

In all versions of GitLab CE/EE since version 7.7, the application may let a malicious user create an OAuth client application with arbitrary scope names which may allow the malicious user to trick unsuspecting users to authorize the malicious client application using the spoofed scope name and description.

3.5
2021-10-05 CVE-2021-39878 Gitlab Cross-site Scripting vulnerability in Gitlab

A stored Reflected Cross-Site Scripting vulnerability in the Jira integration in GitLab version 13.0 up to 14.3.1 allowed an attacker to execute arbitrary javascript code.

3.5
2021-10-05 CVE-2021-39887 Gitlab Cross-site Scripting vulnerability in Gitlab

A stored Cross-Site Scripting vulnerability in the GitLab Flavored Markdown in GitLab CE/EE version 8.4 and above allowed an attacker to execute arbitrary JavaScript code on the victim's behalf.

3.5
2021-10-04 CVE-2020-21434 Maccms Cross-site Scripting vulnerability in Maccms 10.0

Maccms 10 contains a cross-site scripting (XSS) vulnerability in the Editing function under the Member module.

3.5
2021-10-04 CVE-2021-39885 Gitlab Cross-site Scripting vulnerability in Gitlab

A Stored XSS in merge request creation page in Gitlab EE version 13.5 and above allows an attacker to execute arbitrary JavaScript code on the victim's behalf via malicious approval rule names

3.5
2021-10-04 CVE-2021-25964 Calibre WEB Project Cross-site Scripting vulnerability in Calibre-Web Project Calibre-Web

In “Calibre-web” application, v0.6.0 to v0.6.12, are vulnerable to Stored XSS in “Metadata”.

3.5
2021-10-04 CVE-2021-37330 Bookingcore Cross-site Scripting vulnerability in Bookingcore Booking Core 2.0

Laravel Booking System Booking Core 2.0 is vulnerable to Cross Site Scripting (XSS).

3.5
2021-10-04 CVE-2021-38822 Icehrm Cross-site Scripting vulnerability in Icehrm 30.0.0.Os

A Stored Cross Site Scripting vulnerability via Malicious File Upload exists in multiple pages of IceHrm 30.0.0.OS that allows for arbitrary execution of JavaScript commands.

3.5
2021-10-04 CVE-2021-39486 Gilacms Cross-site Scripting vulnerability in Gilacms Gila CMS 2.2.0

A Stored XSS via Malicious File Upload exists in Gila CMS version 2.2.0.

3.5
2021-10-04 CVE-2021-24654 Wpeverest Cross-site Scripting vulnerability in Wpeverest User Registration

The User Registration WordPress plugin before 2.0.2 does not properly sanitise the user_registration_profile_pic_url value when submitted directly via the user_registration_update_profile_details AJAX action.

3.5
2021-10-04 CVE-2021-24673 Dwbooster Cross-site Scripting vulnerability in Dwbooster Appointment Hour Booking

The Appointment Hour Booking WordPress plugin before 1.3.16 does not escape some of the Calendar Form settings, allowing high privilege users to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

3.5
2021-10-04 CVE-2021-24678 Cminds Cross-site Scripting vulnerability in Cminds Tooltip Glossary

The CM Tooltip Glossary WordPress plugin before 3.9.21 does not escape some glossary_tooltip shortcode attributes, which could allow users a role as low as Contributor to perform Stored Cross-Site Scripting attacks

3.5
2021-10-04 CVE-2021-24687 Webnus Cross-site Scripting vulnerability in Webnus Modern Events Calendar Lite

The Modern Events Calendar Lite WordPress plugin before 5.22.2 does not escape some of its settings before outputting them in attributes, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

3.5
2021-10-06 CVE-2021-34775 Cisco Classic Buffer Overflow vulnerability in Cisco products

Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business 220 Series Smart Switches.

2.9
2021-10-06 CVE-2021-34776 Cisco Classic Buffer Overflow vulnerability in Cisco products

Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business 220 Series Smart Switches.

2.9
2021-10-06 CVE-2021-34777 Cisco Classic Buffer Overflow vulnerability in Cisco products

Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business 220 Series Smart Switches.

2.9
2021-10-06 CVE-2021-34778 Cisco Classic Buffer Overflow vulnerability in Cisco products

Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business 220 Series Smart Switches.

2.9
2021-10-06 CVE-2021-34711 Cisco Path Traversal vulnerability in Cisco products

A vulnerability in the debug shell of Cisco IP Phone software could allow an authenticated, local attacker to read any file on the device file system.

2.1
2021-10-06 CVE-2021-34758 Cisco Incorrect Permission Assignment for Critical Resource vulnerability in Cisco Roomos and Telepresence Collaboration Endpoint

A vulnerability in the memory management of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an authenticated, local attacker to corrupt a shared memory segment, resulting in a denial of service (DoS) condition.

2.1
2021-10-06 CVE-2021-25468 Google Improper Input Validation vulnerability in Google Android 10.0/11.0

A possible guessing and confirming a byte memory vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows attackers to read arbitrary memory address.

2.1
2021-10-06 CVE-2021-25472 Google Incorrect Authorization vulnerability in Google Android

An improper access control vulnerability in BluetoothSettingsProvider prior to SMR Oct-2021 Release 1 allows untrusted application to overwrite some Bluetooth information.

2.1
2021-10-06 CVE-2021-25476 Google Incorrect Authorization vulnerability in Google Android 10.0/11.0

An information disclosure vulnerability in Widevine TA log prior to SMR Oct-2021 Release 1 allows attackers to bypass the ASLR protection mechanism in TEE.

2.1
2021-10-06 CVE-2021-25484 Google Improper Authentication vulnerability in Google Android 10.0/11.0/8.1

Improper authentication in InputManagerService prior to SMR Oct-2021 Release 1 allows monitoring the touch event.

2.1
2021-10-06 CVE-2021-25486 Google Unspecified vulnerability in Google Android

Exposure of information vulnerability in ipcdump prior to SMR Oct-2021 Release 1 allows an attacker detect device information via analyzing packet in log.

2.1
2021-10-06 CVE-2021-25488 Google Out-of-bounds Read vulnerability in Google Android

Lack of boundary checking of a buffer in recv_data() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read.

2.1
2021-10-06 CVE-2021-25491 Google NULL Pointer Dereference vulnerability in Google Android 10.0/11.0/9.0

A vulnerability in mfc driver prior to SMR Oct-2021 Release 1 allows memory corruption via NULL-pointer dereference.

2.1
2021-10-06 CVE-2021-25499 Samsung Unspecified vulnerability in Samsung Galaxy Store

Intent redirection vulnerability in SamsungAccountSDKSigninActivity of Galaxy Store prior to version 4.5.32.4 allows attacker to access content provider of Galaxy Store.

2.1
2021-10-06 CVE-2021-0644 Google Incorrect Authorization vulnerability in Google Android 10.0/11.0

In conditionallyRemoveIdentifiers of SubscriptionController.java, there is a possible way to retrieve a trackable identifier due to a missing permission check.

2.1
2021-10-06 CVE-2021-0680 Google Incorrect Authorization vulnerability in Google Android

In system properties, there is a possible information disclosure due to a missing permission check.

2.1
2021-10-06 CVE-2021-0681 Google Incorrect Authorization vulnerability in Google Android

In system properties, there is a possible information disclosure due to a missing permission check.

2.1
2021-10-06 CVE-2021-0682 Google Incorrect Authorization vulnerability in Google Android

In sendAccessibilityEvent of NotificationManagerService.java, there is a possible disclosure of notification data due to a missing permission check.

2.1
2021-10-06 CVE-2021-0686 Google Incorrect Authorization vulnerability in Google Android 10.0/11.0

In getDefaultSmsPackage of RoleManagerService.java, there is a possible way to get information about the default sms app of a different device user due to a missing permission check.

2.1
2021-10-06 CVE-2021-0689 Google Out-of-bounds Read vulnerability in Google Android

In RGB_to_BGR1_portable of SkSwizzler_opts.h, there is a possible out of bounds read due to a missing bounds check.

2.1
2021-10-06 CVE-2021-0693 Google Unspecified vulnerability in Google Android 11.0

In openFile of HeapDumpProvider.java, there is a possible way to retrieve generated heap dumps from debuggable apps due to an unprotected provider.

2.1
2021-10-06 CVE-2021-0695 Google Use After Free vulnerability in Google Android

In get_sock_stat of xt_qtaguid.c, there is a possible out of bounds read due to a use after free.

2.1
2021-10-06 CVE-2021-36170 Fortinet Insufficiently Protected Credentials vulnerability in Fortinet Fortianalyzer

An information disclosure vulnerability [CWE-200] in FortiAnalyzerVM and FortiManagerVM versions 7.0.0 and 6.4.6 and below may allow an authenticated attacker to read the FortiCloud credentials which were used to activate the trial license in cleartext.

2.1
2021-10-06 CVE-2021-3848 Trendmicro Improper Privilege Management vulnerability in Trendmicro Apex ONE and Worry-Free Business Security

An arbitrary file creation by privilege escalation vulnerability in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1, and Worry-Free Business Security Services could allow a local attacker to create an arbitrary file with higher privileges that could lead to a denial-of-service (DoS) on affected installations.

2.1
2021-10-04 CVE-2021-41094 Wire Exposure of Resource to Wrong Sphere vulnerability in Wire 3.68/3.69

Wire is an open source secure messenger.

2.1
2021-10-04 CVE-2021-41861 Telegram Unspecified vulnerability in Telegram

The Telegram application 7.5.0 through 7.8.0 for Android does not properly implement image self-destruction, a different vulnerability than CVE-2019-16248.

2.1
2021-10-08 CVE-2021-29906 IBM Unspecified vulnerability in IBM APP Connect Enterprise Certified Container

IBM App Connect Enterprise Certified Container 1.0, 1.1, 1.2, 1.3, 1.4 and 1.5 could disclose sensitive information to a local user when it is configured to use an IBM Cloud API key to connect to cloud-based connectors.

1.9
2021-10-06 CVE-2021-0687 Google Improper Input Validation vulnerability in Google Android

In ellipsize of Layout.java, there is a possible ANR due to improper input validation.

1.9
2021-10-04 CVE-2021-39899 Gitlab Weak Password Recovery Mechanism for Forgotten Password vulnerability in Gitlab

In all versions of GitLab CE/EE, an attacker with physical access to a user’s machine may brute force the user’s password via the change password function.

1.9