Weekly Vulnerabilities Reports > December 13 to 19, 2021

Overview

589 new vulnerabilities reported during this period, including 35 critical vulnerabilities and 115 high severity vulnerabilities. This weekly summary report vulnerabilities in 547 products from 201 vendors including Google, Microsoft, Siemens, Gitlab, and Debian. Vulnerabilities are notably categorized as "Cross-site Scripting", "Out-of-bounds Write", "Missing Authorization", "Out-of-bounds Read", and "SQL Injection".

  • 392 reported vulnerabilities are remotely exploitables.
  • 2 reported vulnerabilities have public exploit available.
  • 148 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 422 reported vulnerabilities are exploitable by an anonymous user.
  • Google has the most reported vulnerabilities, with 148 reported vulnerabilities.
  • Microsoft has the most reported critical vulnerabilities, with 6 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

35 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2021-12-15 CVE-2021-0889 Google Unspecified vulnerability in Google Android

In Android TV , there is a possible silent pairing due to lack of rate limiting in the pairing flow.

10.0
2021-12-15 CVE-2021-0956 Google Out-of-bounds Write vulnerability in Google Android 11.0/12.0

In NfcTag::discoverTechnologies (activation) of NfcTag.cpp, there is a possible out of bounds write due to an incorrect bounds check.

10.0
2021-12-15 CVE-2021-39645 Google Unspecified vulnerability in Google Android

Product: AndroidVersions: Android kernelAndroid ID: A-199805112References: N/A

10.0
2021-12-15 CVE-2021-42311 Microsoft SQL Injection vulnerability in Microsoft Defender for IOT

Microsoft Defender for IoT Remote Code Execution Vulnerability

10.0
2021-12-15 CVE-2021-42313 Microsoft SQL Injection vulnerability in Microsoft Defender for IOT

Microsoft Defender for IoT Remote Code Execution Vulnerability

10.0
2021-12-15 CVE-2021-43907 Microsoft Unspecified vulnerability in Microsoft Windows Subsystem for Linux 0.63.4/0.63.5

Visual Studio Code WSL Extension Remote Code Execution Vulnerability

10.0
2021-12-15 CVE-2021-41560 Opencats Unrestricted Upload of File with Dangerous Type vulnerability in Opencats

OpenCATS through 0.9.6 allows remote attackers to execute arbitrary code by uploading an executable file via lib/FileUtility.php.

10.0
2021-12-14 CVE-2021-44041 Uipath Externally Controlled Reference to a Resource in Another Sphere vulnerability in Uipath Assistant 21.4.4

UiPath Assistant 21.4.4 will load and execute attacker controlled data from the file path supplied to the --dev-widget argument of the URI handler for uipath-assistant://.

10.0
2021-12-13 CVE-2021-39065 IBM OS Command Injection vulnerability in IBM Spectrum Copy Data Management 2.2.0.0/2.2.13

IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to execute arbitrary commands on the system, caused by improper validation of user-supplied input by the Spectrum Copy Data Management Admin Console login and uploadcertificate function .

10.0
2021-12-13 CVE-2021-43117 Fastadmin Unrestricted Upload of File with Dangerous Type vulnerability in Fastadmin 1.2.1

fastadmin v1.2.1 is affected by a file upload vulnerability which allows arbitrary code execution through shell access.

10.0
2021-12-17 CVE-2021-23450 Linuxfoundation
Oracle
Debian
All versions of package dojo are vulnerable to Prototype Pollution via the setObject function.
9.8
2021-12-15 CVE-2021-36888 Blocksera Missing Authentication for Critical Function vulnerability in Blocksera Image Hover Effects

Unauthenticated Arbitrary Options Update vulnerability leading to full website compromise discovered in Image Hover Effects Ultimate (versions <= 9.6.1) WordPress plugin.

9.8
2021-12-15 CVE-2021-42216 Anonaddy Inadequate Encryption Strength vulnerability in Anonaddy 0.8.5

A Broken or Risky Cryptographic Algorithm exists in AnonAddy 0.8.5 via VerificationController.php.

9.8
2021-12-15 CVE-2021-44653 Oretnom23 SQL Injection vulnerability in Oretnom23 Online Magazine Management System 1.0

Online Magazine Management System 1.0 contains a SQL injection authentication bypass vulnerability.

9.8
2021-12-15 CVE-2021-42310 Microsoft Unspecified vulnerability in Microsoft Defender for IOT

Microsoft Defender for IoT Remote Code Execution Vulnerability

9.8
2021-12-15 CVE-2021-43215 Microsoft Out-of-bounds Write vulnerability in Microsoft products

iSNS Server Memory Corruption Vulnerability Can Lead to Remote Code Execution

9.8
2021-12-15 CVE-2021-43882 Microsoft Improper Certificate Validation vulnerability in Microsoft Defender for IOT

Microsoft Defender for IoT Remote Code Execution Vulnerability

9.8
2021-12-15 CVE-2021-43113 Itextpdf
Debian
Command Injection vulnerability in multiple products

iTextPDF in iText 7 and up to (excluding 4.4.13.3) 7.1.17 allows command injection via a CompareTool filename that is mishandled on the gs (aka Ghostscript) command line in GhostscriptHelper.java.

9.8
2021-12-15 CVE-2021-41844 Crocoblock Unspecified vulnerability in Crocoblock Jetengine

Crocoblock JetEngine before 2.9.1 does not properly validate and sanitize form data.

9.8
2021-12-14 CVE-2021-44231 SAP Code Injection vulnerability in SAP Abap Platform and Netweaver Application Server Abap

Internally used text extraction reports allow an attacker to inject code that can be executed by the application.

9.8
2021-12-14 CVE-2021-44949 Glfusion Authorization Bypass Through User-Controlled Key vulnerability in Glfusion 1.7.9

glFusion CMS 1.7.9 is affected by an access control vulnerability via /public_html/users.php.

9.8
2021-12-14 CVE-2021-44538 Matrix
Schildi
Cinny Project
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

The olm_session_describe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow.

9.8
2021-12-13 CVE-2021-44966 Phpgurukul SQL Injection vulnerability in PHPgurukul Employee Record Management System 1.2

SQL injection bypass authentication vulnerability in PHPGURUKUL Employee Record Management System 1.2 via index.php.

9.8
2021-12-13 CVE-2021-44152 Reprisesoftware Missing Authentication for Critical Function vulnerability in Reprisesoftware Reprise License Manager

An issue was discovered in Reprise RLM 14.2.

9.8
2021-12-13 CVE-2021-44847 Toktok
Fedoraproject
Incorrect Calculation vulnerability in multiple products

A stack-based buffer overflow in handle_request function in DHT.c in toxcore 0.1.9 through 0.1.11 and 0.2.0 through 0.2.12 (caused by an improper length calculation during the handling of received network packets) allows remote attackers to crash the process or potentially execute arbitrary code via a network packet.

9.8
2021-12-17 CVE-2021-36779 Linuxfoundation Missing Authentication for Critical Function vulnerability in Linuxfoundation Longhorn

A Missing Authentication for Critical Function vulnerability in SUSE Longhorn allows any workload in the cluster to execute any binary present in the image on the host without authentication.

9.6
2021-12-17 CVE-2021-32497 Sick Unspecified vulnerability in Sick Sopas Engineering Tool

SICK SOPAS ET before version 4.8.0 allows attackers to wrap any executable file into an SDD and provide this to a SOPAS ET user.

9.3
2021-12-17 CVE-2021-32498 Sick Path Traversal vulnerability in Sick Sopas Engineering Tool

SICK SOPAS ET before version 4.8.0 allows attackers to manipulate the pathname of the emulator and use path traversal to run an arbitrary executable located on the host system.

9.3
2021-12-15 CVE-2021-0967 Google Out-of-bounds Write vulnerability in Google Android

In vorbis_book_decodev_set of codebook.c, there is a possible out of bounds write due to a missing bounds check.

9.3
2021-12-13 CVE-2021-22279 ABB Missing Authentication for Critical Function vulnerability in ABB Omnicore C30 Firmware

A Missing Authentication vulnerability in RobotWare for the OmniCore robot controller allows an attacker to read and modify files on the robot controller if the attacker has access to the Connected Services Gateway Ethernet port.

9.3
2021-12-16 CVE-2021-43837 Vault CLI Project Code Injection vulnerability in Vault-Cli Project Vault-Cli

vault-cli is a configurable command-line interface tool (and python library) to interact with Hashicorp Vault.

9.0
2021-12-15 CVE-2021-44657 Stackstorm Unspecified vulnerability in Stackstorm

In StackStorm versions prior to 3.6.0, the jinja interpreter was not run in sandbox mode and thus allows execution of unsafe system commands.

9.0
2021-12-14 CVE-2021-45046 Apache
Intel
Siemens
Debian
Sonicwall
Fedoraproject
Expression Language Injection vulnerability in multiple products

It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations.

9.0
2021-12-14 CVE-2021-44165 Siemens Stack-based Buffer Overflow vulnerability in Siemens products

A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41).

9.0
2021-12-13 CVE-2021-44153 Reprisesoftware Unspecified vulnerability in Reprisesoftware Reprise License Manager 14.2

An issue was discovered in Reprise RLM 14.2.

9.0

115 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2021-12-17 CVE-2021-23814 Unisharp Unrestricted Upload of File with Dangerous Type vulnerability in Unisharp Laravel-Filemanager

This affects the package unisharp/laravel-filemanager from 0.0.0.

8.8
2021-12-16 CVE-2021-42912 Fiberhome OS Command Injection vulnerability in Fiberhome products

FiberHome ONU GPON AN5506-04-F RP2617 is affected by an OS command injection vulnerability.

8.8
2021-12-16 CVE-2021-45099 SSH WEB Terminal Project Unspecified vulnerability in SSH & web Terminal Project SSH & web Terminal

The addon.stdin service in addon-ssh (aka Home Assistant Community Add-on: SSH & Web Terminal) before 10.0.0 has an attack surface that requires social engineering.

8.8
2021-12-15 CVE-2021-27855 Fatpipeinc Unspecified vulnerability in Fatpipeinc Ipvpn Firmware and Warp Firmware

FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows a remote, authenticated attacker with read-only privileges to grant themselves administrative privileges.

8.8
2021-12-15 CVE-2021-41365 Microsoft SQL Injection vulnerability in Microsoft Defender for IOT

Microsoft Defender for IoT Remote Code Execution Vulnerability

8.8
2021-12-15 CVE-2021-42309 Microsoft Incorrect Permission Assignment for Critical Resource vulnerability in Microsoft products

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8
2021-12-15 CVE-2021-42314 Microsoft Unspecified vulnerability in Microsoft Defender for IOT

Microsoft Defender for IoT Remote Code Execution Vulnerability

8.8
2021-12-15 CVE-2021-42315 Microsoft Unspecified vulnerability in Microsoft Defender for IOT

Microsoft Defender for IoT Remote Code Execution Vulnerability

8.8
2021-12-15 CVE-2021-43877 Microsoft Unspecified vulnerability in Microsoft products

ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability

8.8
2021-12-14 CVE-2021-43051 Tibco Unspecified vulnerability in Tibco Spotfire Server

The Spotfire Server component of TIBCO Software Inc.'s TIBCO Spotfire Server, TIBCO Spotfire Server, and TIBCO Spotfire Server contains a difficult to exploit vulnerability that allows malicious custom API clients with network access to execute internal API operations outside of the scope of those granted to it.

8.5
2021-12-15 CVE-2021-0918 Google Out-of-bounds Write vulnerability in Google Android 12.0

In gatt_process_notification of gatt_cl.cc, there is a possible out of bounds write due to a missing bounds check.

8.3
2021-12-15 CVE-2021-0930 Google Out-of-bounds Write vulnerability in Google Android

In phNxpNciHal_process_ext_rsp of phNxpNciHal_ext.cc, there is a possible out of bounds write due to a missing bounds check.

8.3
2021-12-17 CVE-2021-36780 Linuxfoundation Missing Authentication for Critical Function vulnerability in Linuxfoundation Longhorn

A Missing Authentication for Critical Function vulnerability in longhorn of SUSE Longhorn allows attackers to connect to a longhorn-engine replica instance granting it the ability to read and write data to and from a replica that they should not have access to.

8.1
2021-12-16 CVE-2021-45101 Wisc Unspecified vulnerability in Wisc Htcondor

An issue was discovered in HTCondor before 8.8.15, 9.0.x before 9.0.4, and 9.1.x before 9.1.2.

8.1
2021-12-15 CVE-2021-0933 Google Improper Encoding or Escaping of Output vulnerability in Google Android

In onCreate of CompanionDeviceActivity.java or DeviceChooserActivity.java, there is a possible way for HTML tags to interfere with a consent dialog due to improper input validation.

8.0
2021-12-13 CVE-2021-24945 Likebtn Cross-Site Request Forgery (CSRF) vulnerability in Likebtn Like Button Rating

The Like Button Rating ? LikeBtn WordPress plugin before 2.6.38 does not have any authorisation and CSRF checks in the likebtn_export_votes AJAX action, which could allow any authenticated user, such as subscriber, to get a list of email and IP addresses of people who liked content from the blog.

8.0
2021-12-19 CVE-2021-4136 VIM
Fedoraproject
Apple
Heap-based Buffer Overflow vulnerability in multiple products

vim is vulnerable to Heap-based Buffer Overflow

7.8
2021-12-17 CVE-2021-4008 X ORG
Fedoraproject
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14.

7.8
2021-12-17 CVE-2021-4009 X ORG
Fedoraproject
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14.

7.8
2021-12-17 CVE-2021-4010 X ORG
Fedoraproject
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14.

7.8
2021-12-17 CVE-2021-4011 X ORG
Fedoraproject
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14.

7.8
2021-12-15 CVE-2021-45078 GNU
Fedoraproject
Redhat
Debian
Netapp
Out-of-bounds Write vulnerability in multiple products

stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write.

7.8
2021-12-15 CVE-2021-0925 Google Out-of-bounds Read vulnerability in Google Android 12.0

In rw_t4t_sm_detect_ndef of rw_t4t.cc, there is a possible out of bounds read due to an incorrect bounds check.

7.8
2021-12-15 CVE-2021-0928 Google Improper Handling of Exceptional Conditions vulnerability in Google Android 10.0/11.0/9.0

In createFromParcel of OutputConfiguration.java, there is a possible parcel serialization/deserialization mismatch due to improper input validation.

7.8
2021-12-15 CVE-2021-0981 Google Unspecified vulnerability in Google Android 10.0/11.0

In enqueueNotificationInternal of NotificationManagerService.java, there is a possible way to run a foreground service without showing a notification due to improper input validation.

7.8
2021-12-15 CVE-2021-0984 Google Improper Resource Shutdown or Release vulnerability in Google Android 12.0

In onNullBinding of ManagedServices.java, there is a possible permission bypass due to an incorrectly unbound service.

7.8
2021-12-15 CVE-2021-39640 Google Improper Locking vulnerability in Google Android

In __dwc3_gadget_ep0_queue of ep0.c, there is a possible out of bounds write due to improper locking.

7.8
2021-12-15 CVE-2021-39653 Google Unspecified vulnerability in Google Android

In (TBD) of (TBD), there is a possible way to boot with a hidden debug policy due to a missing warning to the user.

7.8
2021-12-15 CVE-2021-40452 Microsoft Unspecified vulnerability in Microsoft Hevc Video Extensions

HEVC Video Extensions Remote Code Execution Vulnerability

7.8
2021-12-15 CVE-2021-40453 Microsoft Unspecified vulnerability in Microsoft Hevc Video Extensions

HEVC Video Extensions Remote Code Execution Vulnerability

7.8
2021-12-15 CVE-2021-41333 Microsoft Unspecified vulnerability in Microsoft products

Windows Print Spooler Elevation of Privilege Vulnerability

7.8
2021-12-15 CVE-2021-41360 Microsoft Unspecified vulnerability in Microsoft Hevc Video Extensions

HEVC Video Extensions Remote Code Execution Vulnerability

7.8
2021-12-15 CVE-2021-43207 Microsoft Unspecified vulnerability in Microsoft products

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8
2021-12-15 CVE-2021-43219 Microsoft Unspecified vulnerability in Microsoft products

DirectX Graphics Kernel File Denial of Service Vulnerability

7.8
2021-12-15 CVE-2021-43226 Microsoft Unspecified vulnerability in Microsoft products

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8
2021-12-15 CVE-2021-43228 Microsoft Unspecified vulnerability in Microsoft products

SymCrypt Denial of Service Vulnerability

7.8
2021-12-15 CVE-2021-43229 Microsoft Unspecified vulnerability in Microsoft products

Windows NTFS Elevation of Privilege Vulnerability

7.8
2021-12-15 CVE-2021-43230 Microsoft Unspecified vulnerability in Microsoft products

Windows NTFS Elevation of Privilege Vulnerability

7.8
2021-12-15 CVE-2021-43231 Microsoft Unspecified vulnerability in Microsoft products

Windows NTFS Elevation of Privilege Vulnerability

7.8
2021-12-15 CVE-2021-43518 Teeworlds
Fedoraproject
Classic Buffer Overflow vulnerability in multiple products

Teeworlds up to and including 0.7.5 is vulnerable to Buffer Overflow.

7.8
2021-12-14 CVE-2021-44002 Siemens Out-of-bounds Write vulnerability in Siemens products

A vulnerability has been identified in JT Open (All versions < V11.1.1.0), JT Utilities (All versions < V13.1.1.0), Solid Edge (All versions < V2023).

7.8
2021-12-14 CVE-2021-44014 Siemens Use After Free vulnerability in Siemens products

A vulnerability has been identified in JT Open (All versions < V11.1.1.0), JT Utilities (All versions < V13.1.1.0), Solid Edge (All versions < V2023).

7.8
2021-12-13 CVE-2020-16156 Perl
Fedoraproject
Improper Verification of Cryptographic Signature vulnerability in multiple products

CPAN 2.28 allows Signature Verification Bypass.

7.8
2021-12-13 CVE-2020-16154 APP
Fedoraproject
Improper Verification of Cryptographic Signature vulnerability in multiple products

The App::cpanminus package 1.7044 for Perl allows Signature Verification Bypass.

7.8
2021-12-17 CVE-2021-41500 Cvxopt Project
Fedoraproject
Incorrect Comparison vulnerability in multiple products

Incomplete string comparison vulnerability exits in cvxopt.org cvxop <= 1.2.6 in APIs (cvxopt.cholmod.diag, cvxopt.cholmod.getfactor, cvxopt.cholmod.solve, cvxopt.cholmod.spsolve), which allows attackers to conduct Denial of Service attacks by construct fake Capsule objects.

7.5
2021-12-17 CVE-2021-23797 Http Server Node Project Path Traversal vulnerability in Http-Server-Node Project Http-Server-Node

All versions of package http-server-node are vulnerable to Directory Traversal via use of --path-as-is.

7.5
2021-12-17 CVE-2021-23803 Nette Incorrect Authorization vulnerability in Nette Latte

This affects the package latte/latte before 2.10.6.

7.5
2021-12-17 CVE-2021-43838 JSX Slack Project Unspecified vulnerability in Jsx-Slack Project Jsx-Slack

jsx-slack is a library for building JSON objects for Slack Block Kit surfaces from JSX.

7.5
2021-12-17 CVE-2021-40850 Tcman SQL Injection vulnerability in Tcman GIM 11.0/8.0

TCMAN GIM is vulnerable to a SQL injection vulnerability inside several available webservice methods in /PC/WebService.asmx.

7.5
2021-12-17 CVE-2021-41451 TP Link HTTP Request Smuggling vulnerability in Tp-Link Archer Ax10 Firmware 230220/230508

A misconfiguration in HTTP/1.0 and HTTP/1.1 of the web interface in TP-Link AX10v1 before V1_211117 allows a remote unauthenticated attacker to send a specially crafted HTTP request and receive a misconfigured HTTP/0.9 response, potentially leading into a cache poisoning attack.

7.5
2021-12-16 CVE-2021-44315 Phpgurukul Files or Directories Accessible to External Parties vulnerability in PHPgurukul BUS Pass Management System 1.0

In Bus Pass Management System v1.0, Directory Listing/Browsing is enabled on the web server which allows an attacker to view the sensitive files of the application, for example: Any file which contains sensitive information of the user or server.

7.5
2021-12-16 CVE-2021-45092 Cybelesoft Unspecified vulnerability in Cybelesoft Thinfinity Virtualui

Thinfinity VirtualUI before 3.0 has functionality in /lab.html reachable by default that could allow IFRAME injection via the vpath parameter.

7.5
2021-12-15 CVE-2021-44350 Thinkphp SQL Injection vulnerability in Thinkphp

SQL Injection vulnerability exists in ThinkPHP5 5.0.x <=5.1.22 via the parseOrder function in Builder.php.

7.5
2021-12-15 CVE-2021-27856 Fatpipeinc Unspecified vulnerability in Fatpipeinc Ipvpn Firmware and Mpvpn Firmware

FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 includes an account named "cmuser" that has administrative privileges and no password.

7.5
2021-12-15 CVE-2021-4119 Bookstackapp Unspecified vulnerability in Bookstackapp Bookstack

bookstack is vulnerable to Improper Access Control

7.5
2021-12-15 CVE-2021-1045 Google Unspecified vulnerability in Google Android

Product: AndroidVersions: Android kernelAndroid ID: A-195580473References: N/A

7.5
2021-12-15 CVE-2021-39641 Google Unspecified vulnerability in Google Android

Product: AndroidVersions: Android kernelAndroid ID: A-126949257References: N/A

7.5
2021-12-15 CVE-2021-39644 Google Unspecified vulnerability in Google Android

Product: AndroidVersions: Android kernelAndroid ID: A-199809304References: N/A

7.5
2021-12-15 CVE-2021-39646 Google Unspecified vulnerability in Google Android

Product: AndroidVersions: Android kernelAndroid ID: A-201537251References: N/A

7.5
2021-12-15 CVE-2021-39655 Google Unspecified vulnerability in Google Android

Product: AndroidVersions: Android kernelAndroid ID: A-192641593References: N/A

7.5
2021-12-15 CVE-2021-44655 Online PRE Owned Used CAR Showroom Management System Project SQL Injection vulnerability in Online Pre-Owned/Used CAR Showroom Management System Project Online Pre-Owned/Used CAR Showroom Management System 1.0

Online Pre-owned/Used Car Showroom Management System 1.0 contains a SQL injection authentication bypass vulnerability.

7.5
2021-12-15 CVE-2021-43214 Microsoft Unspecified vulnerability in Microsoft RAW Image Extension 1.0.32861.0

Web Media Extensions Remote Code Execution Vulnerability

7.5
2021-12-15 CVE-2021-43217 Microsoft Unspecified vulnerability in Microsoft products

Windows Encrypting File System (EFS) Remote Code Execution Vulnerability

7.5
2021-12-15 CVE-2021-43222 Microsoft Unspecified vulnerability in Microsoft products

Microsoft Message Queuing Information Disclosure Vulnerability

7.5
2021-12-15 CVE-2021-43225 Microsoft Unspecified vulnerability in Microsoft BOT Framework Software Development KIT

Bot Framework SDK Remote Code Execution Vulnerability

7.5
2021-12-15 CVE-2021-43236 Microsoft Unspecified vulnerability in Microsoft products

Microsoft Message Queuing Information Disclosure Vulnerability

7.5
2021-12-15 CVE-2021-43888 Microsoft Unspecified vulnerability in Microsoft Defender for IOT

Microsoft Defender for IoT Information Disclosure Vulnerability

7.5
2021-12-15 CVE-2021-43899 Microsoft Unspecified vulnerability in Microsoft Wireless Display Adapter Firmware 2.0.8350/2.0.8365/2.0.8372

Microsoft 4K Wireless Display Adapter Remote Code Execution Vulnerability

7.5
2021-12-15 CVE-2021-42945 Zzcms SQL Injection vulnerability in Zzcms 2021

A SQL Injection vulnerability exists in ZZCMS 2021 via the askbigclassid parameter in /admin/ask.php.

7.5
2021-12-14 CVE-2021-40883 Emlog Unrestricted Upload of File with Dangerous Type vulnerability in Emlog 5.3.1

A Remote Code Execution (RCE) vulnerability exists in emlog 5.3.1 via content/plugins.

7.5
2021-12-14 CVE-2021-4044 Openssl
Netapp
Nodejs
Infinite Loop vulnerability in multiple products

Internally libssl in OpenSSL calls X509_verify_cert() on the client side to verify a certificate supplied by a server.

7.5
2021-12-14 CVE-2021-44042 Uipath Improper Encoding or Escaping of Output vulnerability in Uipath Assistant 21.4.4

An issue was discovered in UiPath Assistant 21.4.4.

7.5
2021-12-14 CVE-2021-41066 Bopsoft Missing Authorization vulnerability in Bopsoft Listary

An issue was discovered in Listary through 6.

7.5
2021-12-14 CVE-2021-41067 Listary Improper Validation of Integrity Check Value vulnerability in Listary

An issue was discovered in Listary through 6.

7.5
2021-12-14 CVE-2021-45014 Taogogo SQL Injection vulnerability in Taogogo Taocms 3.0.2

There is an upload sql injection vulnerability in the background of taocms 3.0.2 in parameter id:action=cms&ctrl=update&id=26

7.5
2021-12-14 CVE-2021-44524 Siemens Improper Authentication vulnerability in Siemens Sipass Integrated and Siveillance Identity

A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All versions), SiPass integrated V2.85 (All versions), Siveillance Identity V1.5 (All versions), Siveillance Identity V1.6 (All versions < V1.6.284.0).

7.5
2021-12-14 CVE-2021-4104 Apache
Fedoraproject
Redhat
Oracle
Deserialization of Untrusted Data vulnerability in multiple products

JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration.

7.5
2021-12-13 CVE-2021-32024 Blackberry Unspecified vulnerability in Blackberry QNX Software Development Platform

A remote code execution vulnerability in the BMP image codec of BlackBerry QNX SDP version(s) 6.4 to 7.1 could allow an attacker to potentially execute code in the context of the affected process.

7.5
2021-12-13 CVE-2021-39052 IBM Unspecified vulnerability in IBM Spectrum Copy Data Management 2.2.0.0/2.2.13

IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to access the Spring Boot console without authorization.

7.5
2021-12-13 CVE-2021-39064 IBM Improper Authentication vulnerability in IBM Spectrum Copy Data Management 2.2.0.0/2.2.13

IBM Spectrum Copy Data Management 2.2.13 and earlier has weak authentication and password rules and incorrectly handles default credentials for the Spectrum Copy Data Management Admin console.

7.5
2021-12-13 CVE-2021-44965 Phpgurukul Path Traversal vulnerability in PHPgurukul Employee Record Management System 1.2

Directory traversal vulnerability in /admin/includes/* directory for PHPGURUKUL Employee Record Management System 1.2 The attacker can retrieve and download sensitive information from the vulnerable server.

7.5
2021-12-13 CVE-2021-24857 Nocean Deserialization of Untrusted Data vulnerability in Nocean Totop Link

The ToTop Link WordPress plugin through 1.7.1 passes base64 encoded user input to the unserialize() PHP function, which could lead to PHP Object injection if a plugin installed on the blog has a suitable gadget chain.

7.5
2021-12-13 CVE-2021-24863 Stopbadbots SQL Injection vulnerability in Stopbadbots Block and Stop BAD Bots

The WP Block and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection Plugin StopBadBots WordPress plugin before 6.67 does not sanitise and escape the User Agent before using it in a SQL statement to save it, leading to a SQL injection

7.5
2021-12-13 CVE-2021-24946 Webnus SQL Injection vulnerability in Webnus Modern Events Calendar Lite

The Modern Events Calendar Lite WordPress plugin before 6.1.5 does not sanitise and escape the time parameter before using it in a SQL statement in the mec_load_single_page AJAX action, available to unauthenticated users, leading to an unauthenticated SQL injection issue

7.5
2021-12-13 CVE-2021-24951 Thimpress SQL Injection vulnerability in Thimpress Learnpress

The LearnPress WordPress plugin before 4.1.4 does not sanitise, validate and escape the id parameter before using it in SQL statements when duplicating course/lesson/quiz/question, leading to SQL Injections issues

7.5
2021-12-13 CVE-2021-44151 Reprisesoftware Use of Insufficiently Random Values vulnerability in Reprisesoftware Reprise License Manager 14.2

An issue was discovered in Reprise RLM 14.2.

7.5
2021-12-14 CVE-2021-44549 Apache Improper Certificate Validation vulnerability in Apache Sling Commons Messaging Mail 1.0.0

Apache Sling Commons Messaging Mail provides a simple layer on top of JavaMail/Jakarta Mail for OSGi to send mails via SMTPS.

7.4
2021-12-14 CVE-2021-41065 Bopsoft Exposure of Resource to Wrong Sphere vulnerability in Bopsoft Listary

An issue was discovered in Listary through 6.

7.3
2021-12-17 CVE-2021-40853 Tcman Missing Authorization vulnerability in Tcman GIM 11.0/8.0

TCMAN GIM does not perform an authorization check when trying to access determined resources.

7.2
2021-12-15 CVE-2021-0649 Google Incorrect Authorization vulnerability in Google Android 11.0

In stopVpnProfile of Vpn.java, there is a possible VPN profile reset due to a permissions bypass.

7.2
2021-12-15 CVE-2021-0675 Google Out-of-bounds Write vulnerability in Google Android

In alac decoder, there is a possible out of bounds write due to an incorrect bounds check.

7.2
2021-12-15 CVE-2021-0799 Google Unspecified vulnerability in Google Android 12.0

In ActivityThread.java, there is a possible way to collide the content provider's authorities.

7.2
2021-12-15 CVE-2021-0904 Google Incorrect Permission Assignment for Critical Resource vulnerability in Google Android

In SRAMROM, there is a possible permission bypass due to an insecure permission setting.

7.2
2021-12-15 CVE-2021-0921 Google Improper Input Validation vulnerability in Google Android 11.0

In ParsingPackageImpl of ParsingPackageImpl.java, there is a possible parcel serialization/deserialization mismatch due to improper input validation.

7.2
2021-12-15 CVE-2021-0923 Google Missing Authorization vulnerability in Google Android 12.0

In createOrUpdate of Permission.java, there is a possible way to gain internal permissions due to a missing permission check.

7.2
2021-12-15 CVE-2021-0924 Google Out-of-bounds Read vulnerability in Google Android

In xhci_vendor_get_ops of xhci.c, there is a possible out of bounds read due to a missing bounds check.

7.2
2021-12-15 CVE-2021-0926 Google Missing Authorization vulnerability in Google Android

In onCreate of NfcImportVCardActivity.java, there is a possible way to add a contact without user's consent due to a missing permission check.

7.2
2021-12-15 CVE-2021-0927 Google Improper Preservation of Permissions vulnerability in Google Android

In requestChannelBrowsable of TvInputManagerService.java, there is a possible permission bypass due to a logic error in the code.

7.2
2021-12-15 CVE-2021-0929 Google Use After Free vulnerability in Google Android

In ion_dma_buf_end_cpu_access and related functions of ion.c, there is a possible way to corrupt memory due to a use after free.

7.2
2021-12-15 CVE-2021-0932 Google Unspecified vulnerability in Google Android 10.0

In showNotification of NavigationModeController.java, there is a possible confused deputy due to an unsafe PendingIntent.

7.2
2021-12-15 CVE-2021-0953 Google Improper Preservation of Permissions vulnerability in Google Android

In setOnClickActivityIntent of SearchWidgetProvider.java, there is a possible way to access contacts and history bookmarks without permission due to an unsafe PendingIntent.

7.2
2021-12-15 CVE-2021-0970 Google Deserialization of Untrusted Data vulnerability in Google Android

In createFromParcel of GpsNavigationMessage.java, there is a possible Parcel serialization/deserialization mismatch.

7.2
2021-12-15 CVE-2021-1040 Google Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android

In onCreate of BluetoothPairingSelectionFragment.java, there is a possible EoP due to a tapjacking/overlay attack.

7.2
2021-12-15 CVE-2021-1044 Google Out-of-bounds Write vulnerability in Google Android

In eicOpsDecryptAes128Gcm of acropora/app/identity/identity_support.c, there is a possible out of bounds write due to a missing bounds check.

7.2
2021-12-15 CVE-2021-1048 Google Use After Free vulnerability in Google Android

In ep_loop_check_proc of eventpoll.c, there is a possible way to corrupt memory due to a use after free.

7.2
2021-12-15 CVE-2021-39639 Google Missing Authorization vulnerability in Google Android

In TBD of fvp.c, there is a possible way to glitch CPU behavior due to a missing permission check.

7.2
2021-12-15 CVE-2021-42294 Microsoft Unspecified vulnerability in Microsoft products

Microsoft SharePoint Server Remote Code Execution Vulnerability

7.2
2021-12-15 CVE-2021-43247 Microsoft Out-of-bounds Write vulnerability in Microsoft products

Windows TCP/IP Driver Elevation of Privilege Vulnerability

7.2
2021-12-15 CVE-2021-43889 Microsoft Unspecified vulnerability in Microsoft Defender for IOT

Microsoft Defender for IoT Remote Code Execution Vulnerability

7.2
2021-12-14 CVE-2021-34426 Keybase Unspecified vulnerability in Keybase

A vulnerability was discovered in the Keybase Client for Windows before version 5.6.0 when a user executed the "keybase git lfs-config" command on the command-line.

7.2
2021-12-14 CVE-2021-4007 Rapid7 Uncontrolled Search Path Element vulnerability in Rapid7 Insight Agent

Rapid7 Insight Agent, versions 3.0.1 to 3.1.2.34, suffer from a local privilege escalation due to an uncontrolled DLL search path.

7.2
2021-12-17 CVE-2020-8968 Parallels Unspecified vulnerability in Parallels Remote Application Server 15.5/17.0

Parallels Remote Application Server (RAS) allows a local attacker to retrieve certain profile password in clear text format by uploading a previously stored cyphered file by Parallels RAS.

7.1
2021-12-15 CVE-2021-0650 Google Out-of-bounds Read vulnerability in Google Android 10.0/11.0/9.0

In WT_InterpolateNoLoop of eas_wtengine.c, there is a possible out of bounds read due to an incorrect bounds check.

7.1
2021-12-15 CVE-2021-43890 Microsoft Unspecified vulnerability in Microsoft APP Installer

<p>We have investigated reports of a spoofing vulnerability in AppX installer that affects Microsoft Windows.

7.1
2021-12-13 CVE-2021-43818 Lxml
Fedoraproject
Debian
Netapp
Oracle
Injection vulnerability in multiple products

lxml is a library for processing XML and HTML in the Python language.

7.1

350 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2021-12-15 CVE-2021-0434 Google Unspecified vulnerability in Google Android 10.0/11.0/9.0

In onReceive of BluetoothPermissionRequest.java, there is a possible phishing attack allowing a malicious Bluetooth device to acquire permissions based on insufficient information presented to the user in the consent dialog.

6.9
2021-12-15 CVE-2021-0954 Google Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 10.0/11.0

In ResolverActivity, there is a possible user interaction bypass due to a tapjacking/overlay attack.

6.9
2021-12-15 CVE-2021-0955 Google Race Condition vulnerability in Google Android 11.0

In pf_write_buf of FuseDaemon.cpp, there is possible memory corruption due to a race condition.

6.9
2021-12-15 CVE-2021-1039 Google Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android

In NotificationAccessActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking/overlay attack.

6.9
2021-12-15 CVE-2021-43237 Microsoft Link Following vulnerability in Microsoft products

Windows Setup Elevation of Privilege Vulnerability

6.9
2021-12-18 CVE-2021-4131 Livehelperchat Cross-Site Request Forgery (CSRF) vulnerability in Livehelperchat Live Helper Chat

livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF)

6.8
2021-12-18 CVE-2021-4130 Snipeitapp Cross-Site Request Forgery (CSRF) vulnerability in Snipeitapp Snipe-It

snipe-it is vulnerable to Cross-Site Request Forgery (CSRF)

6.8
2021-12-17 CVE-2021-44035 Wolterskluwer Unspecified vulnerability in Wolterskluwer Teammate Audit Management 12.4

Wolters Kluwer TeamMate AM 12.4 Update 1 mishandles attachment uploads, such that an authenticated user may download and execute malicious files.

6.8
2021-12-17 CVE-2021-45042 Hashicorp Unspecified vulnerability in Hashicorp Vault

In HashiCorp Vault and Vault Enterprise before 1.7.7, 1.8.x before 1.8.6, and 1.9.x before 1.9.1, clusters using the Integrated Storage backend allowed an authenticated user (with write permissions to a kv secrets engine) to cause a panic and denial of service of the storage backend.

6.8
2021-12-17 CVE-2021-41843 Open EMR SQL Injection vulnerability in Open-Emr Openemr 6.0.0

An authenticated SQL injection issue in the calendar search function of OpenEMR 6.0.0 before patch 3 allows an attacker to read data from all tables of the database via the parameter provider_id, as demonstrated by the /interface/main/calendar/index.php?module=PostCalendar&func=search URI.

6.8
2021-12-16 CVE-2021-41260 Galette Cross-Site Request Forgery (CSRF) vulnerability in Galette

Galette is a membership management web application built for non profit organizations and released under GPLv3.

6.8
2021-12-15 CVE-2021-45017 Catfish CMS Cross-Site Request Forgery (CSRF) vulnerability in Catfish-Cms Catfish CMS

Cross Site Request Forgery (CSRF) vulnerability exits in Catfish <=6.1.* when you upload an html file containing CSRF on the website that uses a google editor; you can specify the menu url address as your malicious url address in the Add Menu column.

6.8
2021-12-15 CVE-2021-0968 Google Integer Overflow or Wraparound vulnerability in Google Android

In osi_malloc and osi_calloc of allocator.cc, there is a possible out of bounds write due to an integer overflow.

6.8
2021-12-15 CVE-2021-43935 Baxter Improper Authentication vulnerability in Baxter products

The impacted products, when configured to use SSO, are affected by an improper authentication vulnerability.

6.8
2021-12-15 CVE-2021-43232 Microsoft Unspecified vulnerability in Microsoft products

Windows Event Tracing Remote Code Execution Vulnerability

6.8
2021-12-15 CVE-2021-43234 Microsoft Unspecified vulnerability in Microsoft products

Windows Fax Service Remote Code Execution Vulnerability

6.8
2021-12-15 CVE-2021-43256 Microsoft Unspecified vulnerability in Microsoft products

Microsoft Excel Remote Code Execution Vulnerability

6.8
2021-12-15 CVE-2021-43875 Microsoft Unspecified vulnerability in Microsoft 365 Apps and Office

Microsoft Office Graphics Remote Code Execution Vulnerability

6.8
2021-12-15 CVE-2021-43891 Microsoft Unspecified vulnerability in Microsoft Visual Studio Code

Visual Studio Code Remote Code Execution Vulnerability

6.8
2021-12-15 CVE-2021-43905 Microsoft Unspecified vulnerability in Microsoft Office 3.0/4.0/4.3

Microsoft Office app Remote Code Execution Vulnerability

6.8
2021-12-15 CVE-2020-23545 Irfanview Unspecified vulnerability in Irfanview 4.54

IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ReadXPM_W+0x0000000000000531.

6.8
2021-12-15 CVE-2021-40826 Clementine Player NULL Pointer Dereference vulnerability in Clementine-Player Clementine 1.3.1

Clementine Music Player through 1.3.1 is vulnerable to a User Mode Write Access Violation, affecting the MP3 file parsing functionality at clementine+0x3aa207.

6.8
2021-12-15 CVE-2021-40827 Clementine Player Out-of-bounds Write vulnerability in Clementine-Player Clementine 1.3.1

Clementine Music Player through 1.3.1 (when a GLib 2.0.0 DLL is used) is vulnerable to a Read Access Violation on Block Data Move, affecting the MP3 file parsing functionality at memcpy+0x265.

6.8
2021-12-14 CVE-2021-42064 SAP SQL Injection vulnerability in SAP Commerce

If configured to use an Oracle database and if a query is created using the flexible search java api with a parameterized "in" clause, SAP Commerce - versions 1905, 2005, 2105, 2011, allows attacker to execute crafted database queries, exposing backend database.

6.8
2021-12-14 CVE-2021-4073 Metagauss Improper Authentication vulnerability in Metagauss Registrationmagic

The RegistrationMagic WordPress plugin made it possible for unauthenticated users to log in as any site user, including administrators, if they knew a valid username on the site due to missing identity validation in the social login function social_login_using_email() of the plugin.

6.8
2021-12-14 CVE-2021-42024 Siemens Out-of-bounds Write vulnerability in Siemens Simcenter Star-Ccm+ Viewer

A vulnerability has been identified in Simcenter STAR-CCM+ Viewer (All versions < 2021.3.1).

6.8
2021-12-14 CVE-2021-44001 Siemens Out-of-bounds Write vulnerability in Siemens Jt2Go and Teamcenter Visualization

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5).

6.8
2021-12-14 CVE-2021-44005 Siemens Out-of-bounds Write vulnerability in Siemens Jt2Go and Teamcenter Visualization

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5).

6.8
2021-12-14 CVE-2021-44006 Siemens Out-of-bounds Write vulnerability in Siemens Jt2Go and Teamcenter Visualization

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5).

6.8
2021-12-14 CVE-2021-44013 Siemens Out-of-bounds Write vulnerability in Siemens Jt2Go and Teamcenter Visualization

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5).

6.8
2021-12-14 CVE-2021-44430 Siemens Out-of-bounds Write vulnerability in Siemens JT Open Toolkit and JT Utilities

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0).

6.8
2021-12-14 CVE-2021-44432 Siemens Stack-based Buffer Overflow vulnerability in Siemens JT Open Toolkit and JT Utilities

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0).

6.8
2021-12-14 CVE-2021-44433 Siemens Use After Free vulnerability in Siemens JT Open Toolkit and JT Utilities

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0).

6.8
2021-12-14 CVE-2021-44434 Siemens Out-of-bounds Write vulnerability in Siemens JT Open Toolkit and JT Utilities

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0).

6.8
2021-12-14 CVE-2021-44435 Siemens Out-of-bounds Write vulnerability in Siemens JT Open Toolkit and JT Utilities

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0).

6.8
2021-12-14 CVE-2021-44437 Siemens Out-of-bounds Write vulnerability in Siemens JT Open Toolkit and JT Utilities

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0).

6.8
2021-12-14 CVE-2021-44438 Siemens Out-of-bounds Write vulnerability in Siemens JT Open Toolkit and JT Utilities

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0).

6.8
2021-12-14 CVE-2021-44439 Siemens Out-of-bounds Read vulnerability in Siemens JT Open Toolkit and JT Utilities

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0).

6.8
2021-12-14 CVE-2021-44440 Siemens Out-of-bounds Write vulnerability in Siemens JT Open Toolkit and JT Utilities

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0).

6.8
2021-12-14 CVE-2021-44441 Siemens Out-of-bounds Write vulnerability in Siemens JT Open Toolkit and JT Utilities

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0).

6.8
2021-12-14 CVE-2021-44442 Siemens Heap-based Buffer Overflow vulnerability in Siemens JT Open Toolkit and JT Utilities

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0).

6.8
2021-12-14 CVE-2021-44443 Siemens Out-of-bounds Write vulnerability in Siemens JT Open Toolkit and JT Utilities

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0).

6.8
2021-12-14 CVE-2021-44445 Siemens Out-of-bounds Write vulnerability in Siemens JT Open Toolkit and JT Utilities

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0).

6.8
2021-12-14 CVE-2021-44446 Siemens Out-of-bounds Write vulnerability in Siemens JT Open Toolkit and JT Utilities

A vulnerability has been identified in JT Utilities (All versions < V13.0.3.0), JTTK (All versions < V11.0.3.0).

6.8
2021-12-14 CVE-2021-44447 Siemens Use After Free vulnerability in Siemens JT Open Toolkit and JT Utilities

A vulnerability has been identified in JT Utilities (All versions < V13.0.3.0), JTTK (All versions < V11.0.3.0).

6.8
2021-12-14 CVE-2021-44449 Siemens Out-of-bounds Write vulnerability in Siemens JT Open Toolkit and JT Utilities

A vulnerability has been identified in JT Utilities (All versions < V12.8.1.1), JTTK (All versions < V10.8.1.1).

6.8
2021-12-14 CVE-2021-44450 Siemens Out-of-bounds Read vulnerability in Siemens JT Open Toolkit and JT Utilities

A vulnerability has been identified in JT Utilities (All versions < V12.8.1.1), JTTK (All versions < V10.8.1.1).

6.8
2021-12-13 CVE-2021-24045 Facebook Type Confusion vulnerability in Facebook Hermes

A type confusion vulnerability could be triggered when resolving the "typeof" unary operator in Facebook Hermes prior to v0.10.0.

6.8
2021-12-13 CVE-2021-43814 Rizin Out-of-bounds Write vulnerability in Rizin

Rizin is a UNIX-like reverse engineering framework and command-line toolset.

6.8
2021-12-13 CVE-2021-43822 Jackalope Doctrine Dbal Project SQL Injection vulnerability in Jackalope Doctrine-Dbal Project Jackalope Doctrine-Dbal

Jackalope Doctrine-DBAL is an implementation of the PHP Content Repository API (PHPCR) using a relational database to persist data.

6.8
2021-12-13 CVE-2021-43983 WE CON Out-of-bounds Write vulnerability in We-Con Levistudiou

WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to multiple stack-based buffer overflow instances while parsing project files, which may allow an attacker to execute arbitrary code.

6.8
2021-12-13 CVE-2021-40858 Auerswald Path Traversal vulnerability in Auerswald products

Auerswald COMpact 5500R devices before 8.2B allow Arbitrary File Disclosure.

6.8
2021-12-17 CVE-2021-0678 Google Out-of-bounds Write vulnerability in Google Android 10.0/11.0/12.0

In apusys, there is a possible out of bounds write due to a missing bounds check.

6.7
2021-12-17 CVE-2021-0679 Google Out-of-bounds Write vulnerability in Google Android 10.0/11.0/12.0

In apusys, there is a possible memory corruption due to a missing bounds check.

6.7
2021-12-17 CVE-2021-0895 Google Out-of-bounds Write vulnerability in Google Android 10.0/11.0/12.0

In apusys, there is a possible out of bounds write due to a missing bounds check.

6.7
2021-12-17 CVE-2021-0896 Google Out-of-bounds Write vulnerability in Google Android 10.0/11.0/12.0

In apusys, there is a possible out of bounds write due to a missing bounds check.

6.7
2021-12-17 CVE-2021-0903 Google Out-of-bounds Write vulnerability in Google Android 10.0/11.0/12.0

In apusys, there is a possible out of bounds write due to a missing bounds check.

6.7
2021-12-15 CVE-2021-39649 Google Improper Locking vulnerability in Google Android

In regmap_exit of regmap.c, there is a possible use-after-free due to improper locking.

6.7
2021-12-14 CVE-2021-44235 SAP OS Command Injection vulnerability in SAP Netweaver Application Server Abap

Two methods of a utility class in SAP NetWeaver AS ABAP - versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, allow an attacker with high privileges and has direct access to SAP System, to inject code when executing with a certain transaction class builder.

6.7
2021-12-16 CVE-2021-42550 QOS
Redhat
Netapp
Siemens
Deserialization of Untrusted Data vulnerability in multiple products

In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers.

6.6
2021-12-13 CVE-2021-36169 Fortinet Unspecified vulnerability in Fortinet Fortios

A Hidden Functionality in Fortinet FortiOS 7.x before 7.0.1, FortiOS 6.4.x before 6.4.7 allows attacker to Execute unauthorized code or commands via specific hex read/write operations.

6.6
2021-12-19 CVE-2021-43083 Apache Integer Underflow (Wrap or Wraparound) vulnerability in Apache Plc4X

Apache PLC4X - PLC4C (Only the C language implementation was effected) was vulnerable to an unsigned integer underflow flaw inside the tcp transport.

6.5
2021-12-19 CVE-2021-45041 Salesagility SQL Injection vulnerability in Salesagility Suitecrm

SuiteCRM before 7.12.2 and 8.x before 8.0.1 allows authenticated SQL injection via the Tooltips action in the Project module, involving resource_id and start_date.

6.5
2021-12-17 CVE-2021-44857 Mediawiki Missing Authorization vulnerability in Mediawiki

An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1.

6.5
2021-12-16 CVE-2021-41262 Galette SQL Injection vulnerability in Galette

Galette is a membership management web application built for non profit organizations and released under GPLv3.

6.5
2021-12-16 CVE-2021-45102 Wisc Incorrect Authorization vulnerability in Wisc Htcondor

An issue was discovered in HTCondor 9.0.x before 9.0.4 and 9.1.x before 9.1.2.

6.5
2021-12-16 CVE-2021-43833 Elabftw Improper Authentication vulnerability in Elabftw

eLabFTW is an electronic lab notebook manager for research teams.

6.5
2021-12-16 CVE-2021-43834 Elabftw Improper Authentication vulnerability in Elabftw

eLabFTW is an electronic lab notebook manager for research teams.

6.5
2021-12-15 CVE-2021-27859 Fatpipeinc Missing Authorization vulnerability in Fatpipeinc Ipvpn Firmware and Mpvpn Firmware

A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows an authenticated, remote attacker with read-only privileges to create an account with administrative privileges.

6.5
2021-12-15 CVE-2021-43806 Enalean SQL Injection vulnerability in Enalean Tuleap 11.16.99.173/11.17.99.144/11.17.99.146

Tuleap is a Libre and Open Source tool for end to end traceability of application and system developments.

6.5
2021-12-15 CVE-2021-43835 Sulu Improper Privilege Management vulnerability in Sulu

Sulu is an open-source PHP content management system based on the Symfony framework.

6.5
2021-12-15 CVE-2021-43836 Sulu Path Traversal vulnerability in Sulu

Sulu is an open-source PHP content management system based on the Symfony framework.

6.5
2021-12-15 CVE-2021-0964 Google Incorrect Conversion between Numeric Types vulnerability in Google Android

In C2SoftMP3::process() of C2SoftMp3Dec.cpp, there is a possible out of bounds write due to a heap buffer overflow.

6.5
2021-12-15 CVE-2021-43216 Microsoft Exposure of Resource to Wrong Sphere vulnerability in Microsoft products

Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability

6.5
2021-12-15 CVE-2021-20330 Mongodb Improper Input Validation vulnerability in Mongodb

An attacker with basic CRUD permissions on a replicated collection can run the applyOps command with specially malformed oplog entries, resulting in a potential denial of service on secondaries.

6.5
2021-12-15 CVE-2021-41870 Socomec Unrestricted Upload of File with Dangerous Type vulnerability in Socomec Remote View PRO Firmware 2.0.41.4

An issue was discovered in the firmware update form in Socomec REMOTE VIEW PRO 2.0.41.4.

6.5
2021-12-14 CVE-2021-43829 Patrowl Unrestricted Upload of File with Dangerous Type vulnerability in Patrowl Patrowlmanager

PatrOwl is a free and open-source solution for orchestrating Security Operations.

6.5
2021-12-14 CVE-2021-43830 Openproject SQL Injection vulnerability in Openproject

OpenProject is a web-based project management software.

6.5
2021-12-14 CVE-2021-38182 Kyma Project Improper Encoding or Escaping of Output vulnerability in Kyma-Project Kyma

Due to insufficient input validation of Kyma, authenticated users can pass a Header of their choice and escalate privileges which can completely compromise the cluster.

6.5
2021-12-14 CVE-2021-44233 SAP Missing Authorization vulnerability in SAP Access Control V1100700/V1100731/V1200750

SAP GRC Access Control - versions V1100_700, V1100_731, V1200_750, does not perform necessary authorization checks for an authenticated user, which could lead to escalation of privileges.

6.5
2021-12-14 CVE-2021-3376 Cuppacms Unspecified vulnerability in Cuppacms

An issue was discovered in Cuppa CMS Versions Before 31 Jan 2021 allows authenticated attackers to gain escalated privileges via a crafted POST request using the user_group_id_field parameter.

6.5
2021-12-14 CVE-2021-41547 Siemens Path Traversal vulnerability in Siemens Teamcenter Active Workspace

A vulnerability has been identified in Teamcenter Active Workspace V4.3 (All versions < V4.3.11), Teamcenter Active Workspace V5.0 (All versions < V5.0.10), Teamcenter Active Workspace V5.1 (All versions < V5.1.6), Teamcenter Active Workspace V5.2 (All versions < V5.2.3).

6.5
2021-12-13 CVE-2021-39933 Gitlab Unspecified vulnerability in Gitlab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.10 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2.

6.5
2021-12-13 CVE-2021-39937 Gitlab Improper Privilege Management vulnerability in Gitlab

A collision in access memoization logic in all versions of GitLab CE/EE before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, leads to potential elevated privileges in groups and projects under rare circumstances

6.5
2021-12-13 CVE-2021-39940 Gitlab Unspecified vulnerability in Gitlab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.2 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2.

6.5
2021-12-13 CVE-2021-24747 Cleverplugins SQL Injection vulnerability in Cleverplugins SEO Booster

The SEO Booster WordPress plugin before 3.8 allows for authenticated SQL injection via the "fn_my_ajaxified_dataloader_ajax" AJAX request as the $_REQUEST['order'][0]['dir'] parameter is not properly escaped leading to blind and error-based SQL injections.

6.5
2021-12-13 CVE-2021-24848 Frenify SQL Injection vulnerability in Frenify Mediamatic 2.7

The mediamaticAjaxRenameCategory AJAX action of the Mediamatic WordPress plugin before 2.8.1, available to any authenticated user, does not sanitise the categoryID parameter before using it in a SQL statement, leading to an SQL injection

6.5
2021-12-13 CVE-2021-24861 Quotes Collection Project SQL Injection vulnerability in Quotes Collection Project Quotes Collection

The Quotes Collection WordPress plugin through 2.5.2 does not validate and escape the bulkcheck parameter before using it in a SQL statement, leading to a SQL injection

6.5
2021-12-13 CVE-2021-24970 Plugins360 Path Traversal vulnerability in Plugins360 All-In-One Video Gallery

The All-in-One Video Gallery WordPress plugin before 2.5.0 does not sanitise and validate the tab parameter before using it in a require statement in the admin dashboard, leading to a Local File Inclusion issue

6.5
2021-12-13 CVE-2021-40857 Auerswald Insufficiently Protected Credentials vulnerability in Auerswald products

Auerswald COMpact 5500R devices before 8.2B allow Privilege Escalation via the passwd=1 substring.

6.5
2021-12-13 CVE-2021-44154 Reprisesoftware Classic Buffer Overflow vulnerability in Reprisesoftware Reprise License Manager 14.2

An issue was discovered in Reprise RLM 14.2.

6.5
2021-12-15 CVE-2021-0920 Google
Debian
Use After Free vulnerability in multiple products

In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition.

6.4
2021-12-14 CVE-2021-45015 Taogogo Path Traversal vulnerability in Taogogo Taocms 3.0.2

taocms 3.0.2 is vulnerable to arbitrary file deletion via taocms\include\Model\file.php from line 60 to line 72.

6.4
2021-12-14 CVE-2021-44935 Glfusion Origin Validation Error vulnerability in Glfusion 1.7.9

glFusion CMS v1.7.9 is affected by an arbitrary user impersonation vulnerability in /public_html/comment.php.

6.4
2021-12-14 CVE-2021-44523 Siemens Exposure of Resource to Wrong Sphere vulnerability in Siemens Sipass Integrated and Siveillance Identity

A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All versions), SiPass integrated V2.85 (All versions), Siveillance Identity V1.5 (All versions), Siveillance Identity V1.6 (All versions < V1.6.284.0).

6.4
2021-12-13 CVE-2021-39063 IBM Origin Validation Error vulnerability in IBM Spectrum Protect Plus

IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x uses Cross-Origin Resource Sharing (CORS) which could allow an attacker to carry out privileged actions and retrieve sensitive information due to a misconfiguration in access control headers.

6.4
2021-12-15 CVE-2021-43675 Lycheeorg Cross-site Scripting vulnerability in Lycheeorg Lychee 3.2.16

Lychee-v3 3.2.16 is affected by a Cross Site Scripting (XSS) vulnerability in php/Access/Guest.php.

6.1
2021-12-15 CVE-2021-26787 Genesys Cross-site Scripting vulnerability in Genesys Workforce Management 8.5.214.20

A cross site scripting (XSS) vulnerability in Genesys Workforce Management 8.5.214.20 can occur (during record deletion) via the Time-off parameter.

6.1
2021-12-15 CVE-2021-36450 Verint Cross-site Scripting vulnerability in Verint Workforce Optimization 15.2.8.10048

Verint Workforce Optimization (WFO) 15.2.8.10048 allows XSS via the control/my_notifications NEWUINAV parameter.

6.1
2021-12-15 CVE-2021-41276 Enalean Injection vulnerability in Enalean Tuleap 11.16.99.173/11.17.99.144/11.17.99.146

Tuleap is a Libre and Open Source tool for end to end traceability of application and system developments.

6.0
2021-12-15 CVE-2021-43782 Enalean Injection vulnerability in Enalean Tuleap 11.16.99.173/11.17.99.144/11.17.99.146

Tuleap is a Libre and Open Source tool for end to end traceability of application and system developments.

6.0
2021-12-15 CVE-2021-43893 Microsoft Exposure of Resource to Wrong Sphere vulnerability in Microsoft products

Windows Encrypting File System (EFS) Elevation of Privilege Vulnerability

6.0
2021-12-13 CVE-2021-24922 Fatcatapps Cross-Site Request Forgery (CSRF) vulnerability in Fatcatapps Pixel CAT

The Pixel Cat WordPress plugin before 2.6.2 does not have CSRF check when saving its settings, and did not sanitise as well as escape some of them, which could allow attacker to make a logged in admin change them and perform Cross-Site Scripting attacks

6.0
2021-12-18 CVE-2021-45105 Apache
Netapp
Debian
Sonicwall
Oracle
Uncontrolled Recursion vulnerability in multiple products

Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups.

5.9
2021-12-17 CVE-2021-37862 Mattermost Improper Check for Unusual or Exceptional Conditions vulnerability in Mattermost Server

Mattermost 6.0 and earlier fails to sufficiently validate the email address during registration, which allows attackers to trick users into signing up using attacker-controlled email addresses via crafted invitation token.

5.8
2021-12-17 CVE-2021-40852 Tcman Open Redirect vulnerability in Tcman GIM 11.0/8.0

TCMAN GIM is affected by an open redirect vulnerability.

5.8
2021-12-16 CVE-2021-43812 Auth0 Open Redirect vulnerability in Auth0 Nextjs-Auth0

The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications.

5.8
2021-12-15 CVE-2020-18985 Synacor Open Redirect vulnerability in Synacor Zimbra Collaboration Suite 8.8.12

An issue in /domain/service/.ewell-known/caldav of Zimbra Collaboration 8.8.12 allows attackers to redirect users to any arbitrary website of their choosing.

5.8
2021-12-15 CVE-2021-0965 Google Missing Authorization vulnerability in Google Android

In AndroidManifest.xml of Settings, there is a possible pairing of a Bluetooth device without user's consent due to a missing permission check.

5.8
2021-12-15 CVE-2021-40170 Securitashome Authentication Bypass by Capture-replay vulnerability in Securitashome Alarm System Firmware Hpgwg0.0.2.23Fbguitrf1Bdbl.A30.20181117

An RF replay attack vulnerability in the SecuritasHome home alarm system, version HPGW-G 0.0.2.23F BG_U-ITR-F1-BD_BL.A30.20181117, allows an attacker to trigger arbitrary system functionality by replaying previously recorded signals.

5.8
2021-12-14 CVE-2021-42027 Siemens Improper Certificate Validation vulnerability in Siemens Sinumerik Edge

A vulnerability has been identified in SINUMERIK Edge (All versions < V3.2).

5.8
2021-12-15 CVE-2021-42320 Microsoft Authentication Bypass by Spoofing vulnerability in Microsoft Sharepoint Enterprise Server and Sharepoint Server

Microsoft SharePoint Server Spoofing Vulnerability

5.7
2021-12-15 CVE-2021-43242 Microsoft Unspecified vulnerability in Microsoft products

Microsoft SharePoint Server Spoofing Vulnerability

5.7
2021-12-17 CVE-2021-41496 Numpy Classic Buffer Overflow vulnerability in Numpy

Buffer overflow in the array_from_pyobj function of fortranobject.c in NumPy < 1.19, which allows attackers to conduct a Denial of Service attacks by carefully constructing an array with negative values.

5.5
2021-12-17 CVE-2021-0674 Google Out-of-bounds Read vulnerability in Google Android

In alac decoder, there is a possible out of bounds read due to an incorrect bounds check.

5.5
2021-12-17 CVE-2021-20606 Mitsubishielectric Out-of-bounds Read vulnerability in Mitsubishielectric Ezsocket, GX Works2 and Melsoft Navigator

Out-of-bounds Read vulnerability in Mitsubishi Electric GX Works2 versions 1.606G and prior, Mitsubishi Electric MELSOFT Navigator versions 2.84N and prior and Mitsubishi Electric EZSocket versions 5.4 and prior allows an attacker to cause a DoS condition in the software by getting a user to open malicious project file specially crafted by an attacker.

5.5
2021-12-17 CVE-2021-20607 Mitsubishielectric Integer Underflow (Wrap or Wraparound) vulnerability in Mitsubishielectric Ezsocket, GX Works2 and Melsoft Navigator

Integer Underflow vulnerability in Mitsubishi Electric GX Works2 versions 1.606G and prior, Mitsubishi Electric MELSOFT Navigator versions 2.84N and prior and Mitsubishi Electric EZSocket versions 5.4 and prior allows an attacker to cause a DoS condition in the software by getting a user to open malicious project file specially crafted by an attacker.

5.5
2021-12-16 CVE-2020-35213 Atomix Injection vulnerability in Atomix 3.1.5

An issue in Atomix v3.1.5 allows attackers to cause a denial of service (DoS) via false link event messages sent to a master ONOS node.

5.5
2021-12-16 CVE-2021-3179 Gglocker Project Insufficiently Protected Credentials vulnerability in Gglocker Project Gglocker

GGLocker iOS application, contains an insecure data storage of the password hash value which results in an authentication bypass.

5.5
2021-12-16 CVE-2021-45097 Knime Insufficiently Protected Credentials vulnerability in Knime Server 4.12.5/4.13.3

KNIME Server before 4.12.6 and 4.13.x before 4.13.4 (when installed in unattended mode) keeps the administrator's password in a file without appropriate file access controls, allowing all local users to read its content.

5.5
2021-12-15 CVE-2021-0986 Google Missing Authorization vulnerability in Google Android 12.0

In hasGrantedPolicy of DevicePolicyManagerService.java, there is a possible information disclosure about the device owner, profile owner, or device admin due to a logic error in the code.

5.5
2021-12-15 CVE-2021-1001 Google Out-of-bounds Read vulnerability in Google Android 12.0

In PVInitVideoEncoder of mp4enc_api.cpp, there is a possible out of bounds read due to a heap buffer overflow.

5.5
2021-12-15 CVE-2021-42295 Microsoft Unspecified vulnerability in Microsoft 365 Apps and Office

Visual Basic for Applications Information Disclosure Vulnerability

5.5
2021-12-15 CVE-2021-43224 Microsoft Unspecified vulnerability in Microsoft products

Windows Common Log File System Driver Information Disclosure Vulnerability

5.5
2021-12-15 CVE-2021-43227 Microsoft Unspecified vulnerability in Microsoft products

Storage Spaces Controller Information Disclosure Vulnerability

5.5
2021-12-15 CVE-2021-43235 Microsoft Unspecified vulnerability in Microsoft products

Storage Spaces Controller Information Disclosure Vulnerability

5.5
2021-12-15 CVE-2021-43896 Microsoft Unspecified vulnerability in Microsoft Powershell 7.2

Microsoft PowerShell Spoofing Vulnerability

5.5
2021-12-13 CVE-2021-39048 IBM Out-of-bounds Write vulnerability in IBM products

IBM Spectrum Protect Client 7.1 and 8.1 is vulnerable to a stack based buffer overflow, caused by improper bounds checking.

5.5
2021-12-13 CVE-2021-39057 IBM Server-Side Request Forgery (SSRF) vulnerability in IBM Spectrum Protect Plus

IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x is vulnerable to server-side request forgery (SSRF).

5.5
2021-12-13 CVE-2021-39944 Gitlab Improper Privilege Management vulnerability in Gitlab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2.

5.5
2021-12-16 CVE-2021-41028 Fortinet Improper Certificate Validation vulnerability in Fortinet Forticlient

A combination of a use of hard-coded cryptographic key vulnerability [CWE-321] in FortiClientEMS 7.0.1 and below, 6.4.6 and below and an improper certificate validation vulnerability [CWE-297] in FortiClientWindows, FortiClientLinux and FortiClientMac 7.0.1 and below, 6.4.6 and below may allow an unauthenticated and network adjacent attacker to perform a man-in-the-middle attack between the EMS and the FCT via the telemetry protocol.

5.4
2021-12-16 CVE-2021-44317 Phpgurukul Cross-site Scripting vulnerability in PHPgurukul BUS Pass Management System 1.0

In Bus Pass Management System v1.0, parameters 'pagedes' and `About Us` are affected with a Stored Cross-site scripting vulnerability.

5.4
2021-12-17 CVE-2021-41495 Numpy NULL Pointer Dereference vulnerability in Numpy

Null Pointer Dereference vulnerability exists in numpy.sort in NumPy &lt and 1.19 in the PyArray_DescrNew function due to missing return-value validation, which allows attackers to conduct DoS attacks by repetitively creating sort arrays.

5.3
2021-12-17 CVE-2021-33430 Numpy Classic Buffer Overflow vulnerability in Numpy

A Buffer Overflow vulnerability exists in NumPy 1.9.x in the PyArray_NewFromDescr_int function of ctors.c when specifying arrays of large dimensions (over 32) from Python code, which could let a malicious user cause a Denial of Service.

5.3
2021-12-17 CVE-2021-34141 Numpy
Oracle
Incorrect Comparison vulnerability in multiple products

An incomplete string comparison in the numpy.core component in NumPy before 1.22.0 allows attackers to trigger slightly incorrect copying by constructing specific string objects.

5.3
2021-12-17 CVE-2021-45038 Mediawiki Information Exposure vulnerability in Mediawiki

An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1.

5.3
2021-12-15 CVE-2021-40171 Securitashome Unspecified vulnerability in Securitashome Alarm System Firmware Hpgwg0.0.2.23Fbguitrf1Bdbl.A30.20181117

The absence of notifications regarding an ongoing RF jamming attack in the SecuritasHome home alarm system, version HPGW-G 0.0.2.23F BG_U-ITR-F1-BD_BL.A30.20181117, allows an attacker to block legitimate traffic while not alerting the owner of the system.

5.3
2021-12-13 CVE-2021-44155 Reprisesoftware Information Exposure Through an Error Message vulnerability in Reprisesoftware Reprise License Manager 14.2

An issue was discovered in /goform/login_process in Reprise RLM 14.2.

5.3
2021-12-15 CVE-2021-43233 Microsoft Unspecified vulnerability in Microsoft products

Remote Desktop Client Remote Code Execution Vulnerability

5.1
2021-12-17 CVE-2021-41497 Rare Technologies NULL Pointer Dereference vulnerability in Rare-Technologies Bounter 1.01/1.10

Null pointer reference in CMS_Conservative_increment_obj in RaRe-Technologies bounter version 1.01 and 1.10, allows attackers to conduct Denial of Service attacks by inputting a huge width of hash bucket.

5.0
2021-12-17 CVE-2021-41498 PYO Project Classic Buffer Overflow vulnerability in PYO Project PYO 1.03

Buffer overflow in ajaxsoundstudio.com Pyo &lt and 1.03 in the Server_jack_init function.

5.0
2021-12-17 CVE-2021-41499 PYO Project Classic Buffer Overflow vulnerability in PYO Project PYO

Buffer Overflow Vulnerability exists in ajaxsoundstudio.com n Pyo < 1.03 in the Server_debug function, which allows remote attackers to conduct DoS attacks by deliberately passing on an overlong audio file name.

5.0
2021-12-17 CVE-2020-18077 Ftpshell Classic Buffer Overflow vulnerability in Ftpshell Server 6.83

A buffer overflow vulnerability in the Virtual Path Mapping component of FTPShell v6.83 allows attackers to cause a denial of service (DoS).

5.0
2021-12-17 CVE-2020-18078 SEM CMS Unspecified vulnerability in Sem-Cms Semcms 3.8

A vulnerability in /include/web_check.php of SEMCMS v3.8 allows attackers to reset the Administrator account's password.

5.0
2021-12-17 CVE-2020-18081 SEM CMS SQL Injection vulnerability in Sem-Cms Semcms 3.8

The checkuser function of SEMCMS 3.8 was discovered to contain a vulnerability which allows attackers to obtain the password in plaintext through a SQL query.

5.0
2021-12-17 CVE-2021-20608 Mitsubishielectric Unspecified vulnerability in Mitsubishielectric GX Works2 1.590Q/1.597X

Improper Handling of Length Parameter Inconsistency vulnerability in Mitsubishi Electric GX Works2 versions 1.606G and prior allows a remote unauthenticated attacker to cause a DoS condition in GX Works2 by getting GX Works2 to read a tampered program file from a Mitsubishi Electric PLC by sending malicious crafted packets to tamper with the program file.

5.0
2021-12-17 CVE-2021-22054 Vmware Server-Side Request Forgery (SSRF) vulnerability in VMWare Workspace ONE UEM Console

VMware Workspace ONE UEM console 20.0.8 prior to 20.0.8.37, 20.11.0 prior to 20.11.0.40, 21.2.0 prior to 21.2.0.27, and 21.5.0 prior to 21.5.0.37 contain an SSRF vulnerability.

5.0
2021-12-17 CVE-2021-32499 Sick Injection vulnerability in Sick Sopas Engineering Tool

SICK SOPAS ET before version 4.8.0 allows attackers to manipulate the command line arguments to pass in any value to the Emulator executable.

5.0
2021-12-17 CVE-2021-40851 Tcman Improper Authentication vulnerability in Tcman GIM 11.0/8.0

TCMAN GIM is vulnerable to a lack of authorization in all available webservice methods listed in /PC/WebService.asmx.

5.0
2021-12-16 CVE-2020-35209 Atomix Unspecified vulnerability in Atomix

An issue in Atomix v3.1.5 allows unauthorized Atomix nodes to join a target cluster via providing configuration information.

5.0
2021-12-16 CVE-2020-35211 Atomix Unspecified vulnerability in Atomix 3.1.5

An issue in Atomix v3.1.5 allows unauthorized Atomix nodes to become the lead node in a target cluster via manipulation of the variable terms in RaftContext.

5.0
2021-12-16 CVE-2021-37262 Jflyfox Injection vulnerability in Jflyfox Jfinal CMS 5.1.0

JFinal_cms 5.1.0 is vulnerable to regex injection that may lead to Denial of Service.

5.0
2021-12-16 CVE-2021-38244 Cbioportal Project Allocation of Resources Without Limits or Throttling vulnerability in Cbioportal Project Cbioportal

A regular expression denial of service (ReDoS) vulnerability exits in cbioportal 3.6.21 and older via a POST request to /ProteinArraySignificanceTest.json.

5.0
2021-12-16 CVE-2021-3959 Bitdefender Server-Side Request Forgery (SSRF) vulnerability in Bitdefender Gravityzone 3.3.8.249

A Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateService component of Bitdefender Endpoint Security Tools allows an attacker to proxy requests to the relay server.

5.0
2021-12-16 CVE-2021-45098 Oisf
Debian
An issue was discovered in Suricata before 6.0.4.
5.0
2021-12-16 CVE-2021-45100 Ksmbd Project
Netapp
Cleartext Transmission of Sensitive Information vulnerability in multiple products

The ksmbd server through 3.4.2, as used in the Linux kernel through 5.15.8, sometimes communicates in cleartext even though encryption has been enabled.

5.0
2021-12-15 CVE-2021-27858 Fatpipeinc Missing Authorization vulnerability in Fatpipeinc Ipvpn Firmware and Mpvpn Firmware

A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows a remote attacker to access at least the URL "/fpui/jsp/index.jsp" leading to unknown impact, presumably some violation of confidentiality.

5.0
2021-12-15 CVE-2021-1002 Google Out-of-bounds Read vulnerability in Google Android 12.0

In WT_Interpolate of eas_wtengine.c, there is a possible out of bounds read due to a missing bounds check.

5.0
2021-12-15 CVE-2021-1022 Google NULL Pointer Dereference vulnerability in Google Android 12.0

In btif_in_hf_client_generic_evt of btif_hf_client.cc, there is a possible Bluetooth service crash due to a missing null check.

5.0
2021-12-15 CVE-2021-42293 Microsoft Unspecified vulnerability in Microsoft 365 Apps and Office

Microsoft Jet Red Database Engine and Access Connectivity Engine Elevation of Privilege Vulnerability

5.0
2021-12-15 CVE-2019-19138 Ivanti Unspecified vulnerability in Ivanti Workspace Control

Ivanti Workspace Control before 10.4.50.0 allows attackers to degrade integrity.

5.0
2021-12-15 CVE-2021-45043 HD Network Real Time Monitoring System Project Path Traversal vulnerability in Hd-Network Real-Time Monitoring System Project Hd-Network Real-Time Monitoring System 2.0

HD-Network Real-time Monitoring System 2.0 allows ../ directory traversal to read /etc/shadow via the /language/lang s_Language parameter.

5.0
2021-12-15 CVE-2021-4110 Mruby NULL Pointer Dereference vulnerability in Mruby

mruby is vulnerable to NULL Pointer Dereference

5.0
2021-12-14 CVE-2021-43828 Patrowl Authorization Bypass Through User-Controlled Key vulnerability in Patrowl Patrowlmanager

PatrOwl is a free and open-source solution for orchestrating Security Operations.

5.0
2021-12-14 CVE-2021-39312 Trueranker Path Traversal vulnerability in Trueranker True Ranker

The True Ranker plugin <= 2.2.2 for WordPress allows arbitrary files, including sensitive configuration files such as wp-config.php, to be accessed via the src parameter found in the ~/admin/vendor/datatables/examples/resources/examples.php file.

5.0
2021-12-14 CVE-2021-36721 Sysaid Unspecified vulnerability in Sysaid Application Programming Interface

Sysaid API User Enumeration - Attacker sending requests to specific api path without any authorization before 21.3.60 version could get users names from the LDAP server.

5.0
2021-12-14 CVE-2021-44937 Glfusion Improper Authentication vulnerability in Glfusion 1.7.9

glFusion CMS v1.7.9 is affected by an arbitrary user registration vulnerability in /public_html/users.php.

5.0
2021-12-14 CVE-2021-44522 Siemens Exposure of Resource to Wrong Sphere vulnerability in Siemens Sipass Integrated and Siveillance Identity

A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All versions), SiPass integrated V2.85 (All versions), Siveillance Identity V1.5 (All versions), Siveillance Identity V1.6 (All versions < V1.6.284.0).

5.0
2021-12-13 CVE-2021-41272 Linuxfoundation Incorrect Conversion between Numeric Types vulnerability in Linuxfoundation Besu 21.10.0/21.10.1

Besu is an Ethereum client written in Java.

5.0
2021-12-13 CVE-2021-43801 Mercurius Project Improper Check for Unusual or Exceptional Conditions vulnerability in Mercurius Project Mercurius 8.10.0/8.11.0/8.11.1

Mercurius is a GraphQL adapter for Fastify.

5.0
2021-12-13 CVE-2021-38947 IBM Inadequate Encryption Strength vulnerability in IBM Spectrum Copy Data Management

IBM Spectrum Copy Data Management 2.2.13 and earlier uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

5.0
2021-12-13 CVE-2021-39053 IBM Unspecified vulnerability in IBM Spectrum Copy Data Management

IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to obtain sensitive information, caused by the improper handling of requests for Spectrum Copy Data Management Admin Console.

5.0
2021-12-13 CVE-2021-39058 IBM Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Spectrum Copy Data Management

IBM Spectrum Copy Data Management 2.2.13 and earlier uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

5.0
2021-12-13 CVE-2021-39915 Gitlab Exposure of Resource to Wrong Sphere vulnerability in Gitlab

Improper access control in the GraphQL API in GitLab CE/EE affecting all versions starting from 13.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allows an attacker to see the names of project access tokens on arbitrary projects

5.0
2021-12-13 CVE-2021-39935 Gitlab Server-Side Request Forgery (SSRF) vulnerability in Gitlab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.5 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2.

5.0
2021-12-13 CVE-2021-39941 Gitlab Information Exposure vulnerability in Gitlab

An information disclosure vulnerability in GitLab CE/EE versions 12.0 to 14.3.6, 14.4 to 14.4.4, and 14.5 to 14.5.2 allowed non-project members to see the default branch name for projects that restrict access to the repository to project members

5.0
2021-12-13 CVE-2021-40008 Huawei Missing Release of Resource after Effective Lifetime vulnerability in Huawei products

There is a memory leak vulnerability in CloudEngine 12800 V200R019C00SPC800, CloudEngine 5800 V200R019C00SPC800, CloudEngine 6800 V200R019C00SPC800 and CloudEngine 7800 V200R019C00SPC800.

5.0
2021-12-13 CVE-2021-20865 Advancedcustomfields Missing Authorization vulnerability in Advancedcustomfields Advanced Custom Fields

Advanced Custom Fields versions prior to 5.11 and Advanced Custom Fields Pro versions prior to 5.11 contain a missing authorization vulnerability in browsing database which may allow a user to browse unauthorized data via unspecified vectors.

5.0
2021-12-13 CVE-2021-40856 Auerswald Use of Incorrectly-Resolved Name or Reference vulnerability in Auerswald products

Auerswald COMfortel 1400 IP and 2600 IP before 2.8G devices allow Authentication Bypass via the /about/../ substring.

5.0
2021-12-13 CVE-2021-44848 Cybelesoft Information Exposure Through Discrepancy vulnerability in Cybelesoft Thinfinity Virtualui

In Cibele Thinfinity VirtualUI before 3.0, /changePassword returns different responses for invalid authentication requests depending on whether the username exists.

5.0
2021-12-13 CVE-2018-25021 Toktok Improper Resource Shutdown or Release vulnerability in Toktok Toxcore

The TCP Server module in toxcore before 0.2.8 doesn't free the TCP priority queue under certain conditions, which allows a remote attacker to exhaust the system's memory, causing a denial of service (DoS).

5.0
2021-12-15 CVE-2021-0653 Google Missing Authorization vulnerability in Google Android 10.0/11.0/9.0

In enqueueNotification of NetworkPolicyManagerService.java, there is a possible way to retrieve a trackable identifier due to a missing permission check.

4.9
2021-12-15 CVE-2021-0704 Google Improper Preservation of Permissions vulnerability in Google Android 10.0/11.0/9.0

In createNoCredentialsPermissionNotification and related functions of AccountManagerService.java, there is a possible way to retrieve accounts from the device without permissions due to a permissions bypass.

4.9
2021-12-15 CVE-2021-43244 Microsoft Unspecified vulnerability in Microsoft products

Windows Kernel Information Disclosure Vulnerability

4.9
2021-12-15 CVE-2021-43246 Microsoft Unspecified vulnerability in Microsoft products

Windows Hyper-V Denial of Service Vulnerability

4.9
2021-12-13 CVE-2021-24705 Basixonline Unspecified vulnerability in Basixonline Nex-Forms

The NEX-Forms WordPress plugin before 8.4.3 does not have CSRF checks in place when editing a form, and does not escape some of its settings as well as form fields before outputting them in attributes.

4.8
2021-12-15 CVE-2021-0931 Google Unspecified vulnerability in Google Android

In getAlias of BluetoothDevice.java, there is a possible way to create misleading permission dialogs due to missing data filtering.

4.7
2021-12-15 CVE-2021-0952 Google Unspecified vulnerability in Google Android

In doCropPhoto of PhotoSelectionHandler.java, there is a possible permission bypass due to a confused deputy.

4.7
2021-12-15 CVE-2021-1038 Google Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android

In UserDetailsActivity of AndroidManifest.xml, there is a possible DoS due to a tapjacking/overlay attack.

4.7
2021-12-17 CVE-2021-0673 Google Missing Authorization vulnerability in Google Android 10.0/11.0/12.0

In Audio Aurisys HAL, there is a possible permission bypass due to a missing permission check.

4.6
2021-12-17 CVE-2021-0893 Google Use After Free vulnerability in Google Android 10.0/11.0/12.0

In apusys, there is a possible memory corruption due to a use after free.

4.6
2021-12-17 CVE-2021-0894 Google Out-of-bounds Write vulnerability in Google Android 10.0/11.0/12.0

In apusys, there is a possible out of bounds write due to a missing bounds check.

4.6
2021-12-17 CVE-2021-0897 Google Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Google Android 10.0/11.0/12.0

In apusys, there is a possible out of bounds write due to a missing bounds check.

4.6
2021-12-17 CVE-2021-0898 Google Use After Free vulnerability in Google Android 10.0/11.0/12.0

In apusys, there is a possible memory corruption due to a use after free.

4.6
2021-12-17 CVE-2021-0899 Google Use After Free vulnerability in Google Android 10.0/11.0/12.0

In apusys, there is a possible memory corruption due to a use after free.

4.6
2021-12-17 CVE-2021-0901 Google Integer Overflow or Wraparound vulnerability in Google Android 10.0/11.0/12.0

In apusys, there is a possible memory corruption due to a missing bounds check.

4.6
2021-12-16 CVE-2021-3960 Bitdefender Path Traversal vulnerability in Bitdefender Gravityzone 3.3.8.249

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the UpdateServer component of Bitdefender GravityZone allows an attacker to execute arbitrary code on vulnerable instances.

4.6
2021-12-15 CVE-2021-0922 Google Missing Authorization vulnerability in Google Android 11.0

In enforceCrossUserOrProfilePermission of PackageManagerService.java, there is a possible bypass of INTERACT_ACROSS_PROFILES permission due to a missing permission check.

4.6
2021-12-15 CVE-2021-0977 Google Out-of-bounds Write vulnerability in Google Android 12.0

In phNxpNHal_DtaUpdate of phNxpNciHal_dta.cc, there is a possible out of bounds write due to an incorrect bounds check.

4.6
2021-12-15 CVE-2021-0985 Google Missing Authorization vulnerability in Google Android 12.0

In onReceive of AlertReceiver.java, there is a possible way to dismiss system dialog due to a missing permission check.

4.6
2021-12-15 CVE-2021-0999 Google Missing Authorization vulnerability in Google Android 12.0

In the broadcast definition in AndroidManifest.xml, there is a possible way to set the A2DP bluetooth device connection state due to a missing permission check.

4.6
2021-12-15 CVE-2021-1003 Google Externally Controlled Reference to a Resource in Another Sphere vulnerability in Google Android 12.0

In adjustStreamVolume of AudioService.java, there is a possible way for unprivileged app to change audio stream volume due to a confused deputy.

4.6
2021-12-15 CVE-2021-1004 Google Missing Authorization vulnerability in Google Android 12.0

In getConfiguredNetworks of WifiServiceImpl.java, there is a possible way to determine whether an app is installed, without query permissions, due to a missing permission check.

4.6
2021-12-15 CVE-2021-1024 Google Unspecified vulnerability in Google Android 12.0

In onEventReceived of EventResultPersister.java, there is a possible intent redirection due to a confused deputy.

4.6
2021-12-15 CVE-2021-1027 Google Incorrect Type Conversion or Cast vulnerability in Google Android 12.0

In setTransactionState of SurfaceFlinger, there is possible arbitrary code execution in a privileged process due to improper casting.

4.6
2021-12-15 CVE-2021-1028 Google Use After Free vulnerability in Google Android 12.0

In setClientStateLocked of SurfaceFlinger.cpp, there is a possible out of bounds write due to a use after free.

4.6
2021-12-15 CVE-2021-1029 Google Use After Free vulnerability in Google Android 12.0

In setClientStateLocked of SurfaceFlinger.cpp, there is a possible out of bounds write due to a use after free.

4.6
2021-12-15 CVE-2021-39638 Google Use After Free vulnerability in Google Android

In periodic_io_work_func of lwis_periodic_io.c, there is a possible out of bounds write due to a use after free.

4.6
2021-12-15 CVE-2021-39643 Google Unchecked Return Value vulnerability in Google Android

In ic_startRetrieveEntryValue of acropora/app/identity/ic.c, there is a possible bypass of defense-in-depth due to missing validation of the return value.

4.6
2021-12-15 CVE-2021-39650 Google Out-of-bounds Write vulnerability in Google Android

In (TBD) of (TBD), there is a possible out of bounds write due to a missing bounds check.

4.6
2021-12-15 CVE-2021-39651 Google Missing Authorization vulnerability in Google Android

In TBD of TBD, there is a possible way to access PIN protected settings bypassing PIN confirmation due to a missing permission check.

4.6
2021-12-15 CVE-2021-39652 Google Out-of-bounds Write vulnerability in Google Android

In sec_ts_parsing_cmds of (TBD), there is a possible out of bounds write due to an incorrect bounds check.

4.6
2021-12-15 CVE-2021-39656 Google Improper Locking vulnerability in Google Android

In __configfs_open_file of file.c, there is a possible use-after-free due to improper locking.

4.6
2021-12-15 CVE-2021-40441 Microsoft Unspecified vulnerability in Microsoft products

Windows Media Center Elevation of Privilege Vulnerability

4.6
2021-12-15 CVE-2021-42312 Microsoft Unspecified vulnerability in Microsoft Defender for IOT

Microsoft Defender for IOT Elevation of Privilege Vulnerability

4.6
2021-12-15 CVE-2021-43223 Microsoft Unspecified vulnerability in Microsoft products

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability

4.6
2021-12-15 CVE-2021-43238 Microsoft Link Following vulnerability in Microsoft products

Windows Remote Access Elevation of Privilege Vulnerability

4.6
2021-12-15 CVE-2021-43239 Microsoft Unspecified vulnerability in Microsoft products

Windows Recovery Environment Agent Elevation of Privilege Vulnerability

4.6
2021-12-15 CVE-2021-43240 Microsoft Unspecified vulnerability in Microsoft products

NTFS Set Short Name Elevation of Privilege Vulnerability

4.6
2021-12-15 CVE-2021-43245 Microsoft Unspecified vulnerability in Microsoft products

Windows Digital TV Tuner Elevation of Privilege Vulnerability

4.6
2021-12-15 CVE-2021-43248 Microsoft Unspecified vulnerability in Microsoft products

Windows Digital Media Receiver Elevation of Privilege Vulnerability

4.6
2021-12-15 CVE-2021-43883 Microsoft Unspecified vulnerability in Microsoft products

Windows Installer Elevation of Privilege Vulnerability

4.6
2021-12-15 CVE-2021-43325 Automox Incorrect Default Permissions vulnerability in Automox 33

Automox Agent 33 on Windows incorrectly sets permissions on a temporary directory.

4.6
2021-12-15 CVE-2021-43326 Automox Incorrect Default Permissions vulnerability in Automox 31

Automox Agent before 32 on Windows incorrectly sets permissions on a temporary directory.

4.6
2021-12-13 CVE-2021-39049 IBM Out-of-bounds Write vulnerability in IBM I2 Analysts Notebook

IBM i2 Analyst's Notebook 9.2.0, 9.2.1, and 9.2.2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking.

4.6
2021-12-13 CVE-2021-39050 IBM Out-of-bounds Write vulnerability in IBM I2 Analysts Notebook

IBM i2 Analyst's Notebook 9.2.0, 9.2.1, and 9.2.2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking.

4.6
2021-12-17 CVE-2021-0676 Google Out-of-bounds Read vulnerability in Google Android

In geniezone driver, there is a possible out of bounds read due to an incorrect bounds check.

4.4
2021-12-17 CVE-2021-0900 Google Out-of-bounds Read vulnerability in Google Android 10.0/11.0/12.0

In apusys, there is a possible out of bounds read due to an incorrect bounds check.

4.4
2021-12-17 CVE-2021-0902 Google Out-of-bounds Read vulnerability in Google Android 10.0/11.0/12.0

In apusys, there is a possible out of bounds read due to an incorrect bounds check.

4.4
2021-12-15 CVE-2021-0769 Google Unspecified vulnerability in Google Android 12.0

In onCreate of AllowBindAppWidgetActivity.java, there is a possible bypass of user interaction requirements due to unclear UI.

4.4
2021-12-15 CVE-2021-1016 Google Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 12.0

In onCreate of UsbPermissionActivity.java, there is a possible way to grant an app access to USB without informed user consent due to a tapjacking/overlay attack.

4.4
2021-12-15 CVE-2021-1017 Google Missing Authorization vulnerability in Google Android 12.0

In AdapterService and GattService definition of AndroidManifest.xml, there is a possible way to disable bluetooth connection due to a missing permission check.

4.4
2021-12-15 CVE-2021-1019 Google Unspecified vulnerability in Google Android 12.0

In snoozeNotification of NotificationListenerService.java, there is a possible permission confusion due to a misleading user consent dialog.

4.4
2021-12-15 CVE-2021-1020 Google Improper Input Validation vulnerability in Google Android 12.0

In snoozeNotification of NotificationListenerService.java, there is a possible way to disable notification for an arbitrary user due to improper input validation.

4.4
2021-12-15 CVE-2021-1021 Google Improper Input Validation vulnerability in Google Android 12.0

In snoozeNotificationInt of NotificationManagerService.java, there is a possible way to disable notification for an arbitrary user due to improper input validation.

4.4
2021-12-15 CVE-2021-39642 Google Race Condition vulnerability in Google Android

In synchronous_process_io_entries of lwis_ioctl.c, there is a possible out of bounds write due to a race condition.

4.4
2021-12-14 CVE-2021-38950 IBM Unspecified vulnerability in IBM MQ for HPE Nonstop 8.0.4/8.1.0

IBM MQ on HPE NonStop 8.0.4 and 8.1.0 is vulnerable to a privilege escalation attack when SharedBindingsUserId is set to effective.

4.4
2021-12-17 CVE-2021-43678 Wechat PHP SDK Project Cross-site Scripting vulnerability in Wechat-PHP-Sdk Project Wechat-PHP-Sdk 1.10.2

Wechat-php-sdk v1.10.2 is affected by a Cross Site Scripting (XSS) vulnerability in Wechat.php.

4.3
2021-12-16 CVE-2020-35216 Atomix Race Condition vulnerability in Atomix 3.1.5

An issue in Atomix v3.1.5 allows attackers to cause a denial of service (DoS) via false member down event messages.

4.3
2021-12-16 CVE-2021-26800 User Management System IN PHP Stored Procedure Project Cross-Site Request Forgery (CSRF) vulnerability in User Management System in PHP Stored Procedure Project User Management System in PHP Stored Procedure 1.0

Cross Site Request Forgery (CSRF) vulnerability in Change-password.php in phpgurukul user management system in php using stored procedure V1.0, allows attackers to change the password to an arbitrary account.

4.3
2021-12-16 CVE-2021-4124 Meetecho Cross-site Scripting vulnerability in Meetecho Janus

janus-gateway is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

4.3
2021-12-16 CVE-2021-40835 F Secure Unspecified vulnerability in F-Secure Safe 17.7.260301/17.8.264411

An URL Address bar spoofing vulnerability was discovered in Safe Browser for iOS.

4.3
2021-12-16 CVE-2021-4123 Livehelperchat Cross-Site Request Forgery (CSRF) vulnerability in Livehelperchat Live Helper Chat

livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF)

4.3
2021-12-16 CVE-2021-4121 Yetiforce Cross-site Scripting vulnerability in Yetiforce Customer Relationship Management

yetiforcecrm is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

4.3
2021-12-16 CVE-2021-45096 Knime XXE vulnerability in Knime Analytics Platform

KNIME Analytics Platform before 4.5.0 is vulnerable to XXE (external XML entity injection) via a crafted workflow file (.knwf), aka AP-17730.

4.3
2021-12-16 CVE-2021-45085 Gnome
Debian
Cross-site Scripting vulnerability in multiple products

XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 via an about: page, as demonstrated by ephy-about:overview when a user visits an XSS payload page often enough to place that page on the Most Visited list.

4.3
2021-12-16 CVE-2021-45086 Gnome
Debian
Cross-site Scripting vulnerability in multiple products

XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 because a server's suggested_filename is used as the pdf_name value in PDF.js.

4.3
2021-12-16 CVE-2021-45087 Gnome
Debian
Cross-site Scripting vulnerability in multiple products

XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 when View Source mode or Reader mode is used, as demonstrated by a a page title.

4.3
2021-12-16 CVE-2021-45088 Gnome
Debian
Cross-site Scripting vulnerability in multiple products

XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 via an error page.

4.3
2021-12-15 CVE-2020-18984 Synacor Cross-site Scripting vulnerability in Synacor Zimbra Collaboration Suite 8.8.12

A reflected cross-site scripting (XSS) vulnerability in the zimbraAdmin/public/secureRequest.jsp component of Zimbra Collaboration 8.8.12 allows unauthenticated attackers to execute arbitrary web scripts or HTML via a host header injection.

4.3
2021-12-15 CVE-2021-45018 Catfish CMS Cross-site Scripting vulnerability in Catfish-Cms Catfish CMS

Cross Site Scripting (XSS) vulnerability exists in Catfish <=6.3.0 via a Google search in url:/catfishcms/index.php/admin/Index/addmenu.htmland then the .html file on the website that uses this editor (the file suffix is allowed).

4.3
2021-12-15 CVE-2021-44116 Anchorcms Cross-site Scripting vulnerability in Anchorcms Anchor CMS

Cross Site Scripting (XSS) vulnerability exits in Anchor CMS <=0.12.7 in posts.php.

4.3
2021-12-15 CVE-2021-27857 Fatpipeinc Missing Authorization vulnerability in Fatpipeinc Ipvpn Firmware and Mpvpn Firmware

A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows a remote, unauthenticated attacker to download a configuration archive.

4.3
2021-12-15 CVE-2021-29847 IBM Unspecified vulnerability in IBM products

BMC firmware (IBM Power System S821LC Server (8001-12C) OP825.50) configuration changed to allow an authenticated user to open an insecure communication channel which could allow an attacker to obtain sensitive information using man in the middle techniques.

4.3
2021-12-15 CVE-2021-0969 Google Improper Handling of Exceptional Conditions vulnerability in Google Android 10.0/11.0

In getTitle of AccessPoint.java, there is a possible unhandled exception due to a missing null check.

4.3
2021-12-15 CVE-2021-0971 Google Out-of-bounds Write vulnerability in Google Android

In MPEG4Source::read of MPEG4Extractor.cpp, there is a possible out of bounds write due to a missing bounds check.

4.3
2021-12-15 CVE-2021-0976 Google Out-of-bounds Read vulnerability in Google Android 12.0

In toBARK of floor0.c, there is a possible out of bounds read due to a missing bounds check.

4.3
2021-12-15 CVE-2021-0993 Google Unspecified vulnerability in Google Android 12.0

In getOffsetBeforeAfter of TextLine.java, there is a possible denial of service due to resource exhaustion.

4.3
2021-12-15 CVE-2021-43255 Microsoft Unspecified vulnerability in Microsoft 365 Apps and Office

Microsoft Office Trust Center Spoofing Vulnerability

4.3
2021-12-15 CVE-2021-43892 Microsoft Unspecified vulnerability in Microsoft Biztalk ESB Toolkit 2.2/2.3/2.4

Microsoft BizTalk ESB Toolkit Spoofing Vulnerability

4.3
2021-12-15 CVE-2021-43908 Microsoft Unspecified vulnerability in Microsoft Visual Studio Code

Visual Studio Code Spoofing Vulnerability

4.3
2021-12-14 CVE-2021-44942 Glfusion Cross-Site Request Forgery (CSRF) vulnerability in Glfusion 1.7.9

glFusion CMS 1.7.9 is affected by a Cross Site Request Forgery (CSRF) vulnerability in /public_html/admin/plugins/bad_behavior2/blacklist.php.

4.3
2021-12-14 CVE-2021-39183 Owncast Project Cross-site Scripting vulnerability in Owncast Project Owncast

Owncast is an open source, self-hosted live video streaming and chat server.

4.3
2021-12-14 CVE-2021-4108 Snipeitapp Cross-site Scripting vulnerability in Snipeitapp Snipe-It

snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

4.3
2021-12-14 CVE-2018-10228 Limesurvey Cross-site Scripting vulnerability in Limesurvey 3.6.2

Cross-site scripting (XSS) vulnerability in /application/controller/admin/theme.php in LimeSurvey 3.6.2+180406 allows remote attackers to inject arbitrary web script or HTML via the changes_cp parameter to the index.php/admin/themes/sa/templatesavechanges URI.

4.3
2021-12-14 CVE-2021-43820 Seafile Authorization Bypass Through User-Controlled Key vulnerability in Seafile Server

Seafile is an open source cloud storage system.

4.3
2021-12-14 CVE-2021-40882 Piwigo Cross-site Scripting vulnerability in Piwigo 11.5.0

A Cross Site Scripting (XSS) vulnerability exists in Piwigo 11.5.0 via the system album name and description of the location.

4.3
2021-12-14 CVE-2021-43388 Unisys Cleartext Storage of Sensitive Information vulnerability in Unisys Cargo Mobile

Unisys Cargo Mobile Application before 1.2.29 uses cleartext to store sensitive information, which might be revealed in a backup.

4.3
2021-12-14 CVE-2021-43807 Apereo Authentication Bypass by Spoofing vulnerability in Apereo Opencast

Opencast is an Open Source Lecture Capture & Video Management for Education.

4.3
2021-12-14 CVE-2021-38361 Htaccess Redirect Project Cross-site Scripting vulnerability in Htaccess-Redirect Project Htaccess-Redirect

The .htaccess Redirect WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the link parameter found in the ~/htaccess-redirect.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.3.1.

4.3
2021-12-14 CVE-2021-39308 WOO Myghpay Payment Gateway Project Cross-site Scripting vulnerability in Woo-Myghpay-Payment-Gateway Project Woo-Myghpay-Payment-Gateway

The WooCommerce myghpay Payment Gateway WordPess plugin is vulnerable to Reflected Cross-Site Scripting via the clientref parameter found in the ~/processresponse.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 3.0.

4.3
2021-12-14 CVE-2021-39309 Dpsoft Cross-site Scripting vulnerability in Dpsoft Parsian Bank Gateway for Woocommerce

The Parsian Bank Gateway for Woocommerce WordPress plugin is vulnerable to Reflected Cross-Site Scripting via and parameter due to a var_dump() on $_POST variables found in the ~/vendor/dpsoft/parsian-payment/sample/rollback-payment.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0.

4.3
2021-12-14 CVE-2021-39310 Windyroad Cross-site Scripting vulnerability in Windyroad Real Wysiwyg

The Real WYSIWYG WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to the use of PHP_SELF in the ~/real-wysiwyg.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.0.2.

4.3
2021-12-14 CVE-2021-39311 Link List Manager Project Cross-site Scripting vulnerability in Link-List-Manager Project Link-List-Manager

The link-list-manager WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the category parameter found in the ~/llm.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0.

4.3
2021-12-14 CVE-2021-39313 Duogeek Cross-site Scripting vulnerability in Duogeek Simple Image Gallery

The Simple Image Gallery WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the msg parameter found in the ~/simple-image-gallery.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0.6.

4.3
2021-12-14 CVE-2021-39314 Wanderlust Webdesign Cross-site Scripting vulnerability in Wanderlust-Webdesign Woo-Enviopack

The WooCommerce EnvioPack WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the dataid parameter found in the ~/includes/functions.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.2.

4.3
2021-12-14 CVE-2021-39315 Magic Post Voice Project Cross-site Scripting vulnerability in Magic-Post-Voice Project Magic-Post-Voice

The Magic Post Voice WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the ids parameter found in the ~/inc/admin/main.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.2.

4.3
2021-12-14 CVE-2021-39318 H5P CSS Editor Project Cross-site Scripting vulnerability in H5P-Css-Editor Project H5P-Css-Editor

The H5P CSS Editor WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the h5p-css-file parameter found in the ~/h5p-css-editor.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0.

4.3
2021-12-14 CVE-2021-39319 Duogeek Cross-site Scripting vulnerability in Duogeek Duofaq-Responsive-Flat-Simple-Faq

The duoFAQ - Responsive, Flat, Simple FAQ WordPess plugin is vulnerable to Reflected Cross-Site Scripting via the msg parameter found in the ~/duogeek/duogeek-panel.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.4.8.

4.3
2021-12-14 CVE-2021-3836 Dbeaver XXE vulnerability in Dbeaver

dbeaver is vulnerable to Improper Restriction of XML External Entity Reference

4.3
2021-12-14 CVE-2021-42063 SAP Cross-site Scripting vulnerability in SAP Knowledge Warehouse

A security vulnerability has been discovered in the SAP Knowledge Warehouse - versions 7.30, 7.31, 7.40, 7.50.

4.3
2021-12-14 CVE-2021-42068 SAP Improper Input Validation vulnerability in SAP 3D Visual Enterprise Viewer 9

When a user opens a manipulated GIF (.gif) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application.

4.3
2021-12-14 CVE-2021-42069 SAP Out-of-bounds Write vulnerability in SAP 3D Visual Enterprise Viewer 9

When a user opens manipulated Tagged Image File Format (.tif) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application

4.3
2021-12-14 CVE-2021-42070 SAP Improper Input Validation vulnerability in SAP 3D Visual Enterprise Viewer 9

When a user opens manipulated Jupiter Tessellation (.jt) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application

4.3
2021-12-14 CVE-2021-42050 Abantecart Cross-site Scripting vulnerability in Abantecart

An issue was discovered in AbanteCart before 1.3.2.

4.3
2021-12-14 CVE-2021-4107 Yetiforce Cross-site Scripting vulnerability in Yetiforce Customer Relationship Management

yetiforcecrm is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

4.3
2021-12-14 CVE-2021-44003 Siemens Use of Uninitialized Resource vulnerability in Siemens Jt2Go and Teamcenter Visualization

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5).

4.3
2021-12-14 CVE-2021-44004 Siemens Out-of-bounds Read vulnerability in Siemens Jt2Go and Teamcenter Visualization

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5).

4.3
2021-12-14 CVE-2021-44007 Siemens Off-by-one Error vulnerability in Siemens Jt2Go and Teamcenter Visualization

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5).

4.3
2021-12-14 CVE-2021-44008 Siemens Out-of-bounds Read vulnerability in Siemens Jt2Go and Teamcenter Visualization

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5).

4.3
2021-12-14 CVE-2021-44009 Siemens Out-of-bounds Read vulnerability in Siemens Jt2Go and Teamcenter Visualization

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5).

4.3
2021-12-14 CVE-2021-44010 Siemens Out-of-bounds Read vulnerability in Siemens Jt2Go and Teamcenter Visualization

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5).

4.3
2021-12-14 CVE-2021-44011 Siemens Out-of-bounds Read vulnerability in Siemens Jt2Go and Teamcenter Visualization

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5).

4.3
2021-12-14 CVE-2021-44012 Siemens Out-of-bounds Read vulnerability in Siemens Jt2Go and Teamcenter Visualization

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5).

4.3
2021-12-14 CVE-2021-44015 Siemens Out-of-bounds Read vulnerability in Siemens Jt2Go and Teamcenter Visualization

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5).

4.3
2021-12-14 CVE-2021-44017 Siemens Out-of-bounds Read vulnerability in Siemens Jt2Go and Teamcenter Visualization

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5).

4.3
2021-12-14 CVE-2021-44431 Siemens Out-of-bounds Read vulnerability in Siemens JT Open Toolkit and JT Utilities

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0).

4.3
2021-12-14 CVE-2021-44436 Siemens Out-of-bounds Read vulnerability in Siemens JT Open Toolkit and JT Utilities

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0).

4.3
2021-12-14 CVE-2021-44448 Siemens Out-of-bounds Read vulnerability in Siemens JT Open Toolkit and JT Utilities

A vulnerability has been identified in JT Utilities (All versions < V13.0.3.0), JTTK (All versions < V11.0.3.0).

4.3
2021-12-14 CVE-2021-3831 Gnuboard Cross-site Scripting vulnerability in Gnuboard Gnuboard5

gnuboard5 is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

4.3
2021-12-13 CVE-2020-19042 Zzcms Cross-site Scripting vulnerability in Zzcms 2019

Cross Site Scripting (XSS) vulnerability exists in zzcms 2019 XSS via a modify action in user/adv.php.

4.3
2021-12-13 CVE-2021-43817 Collabora Cross-site Scripting vulnerability in Collabora Online

Collabora Online is a collaborative online office suite based on LibreOffice technology.

4.3
2021-12-13 CVE-2020-4496 IBM Improper Certificate Validation vulnerability in IBM Spectrum Protect Plus

The IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x server connection to an IBM Spectrum Protect Plus workload agent is subject to a man-in-the-middle attack due to improper certificate validation.

4.3
2021-12-13 CVE-2021-39910 Gitlab Cross-site Scripting vulnerability in Gitlab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.6 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2.

4.3
2021-12-13 CVE-2021-24756 WP System LOG Project Cross-site Scripting vulnerability in WP System LOG Project WP System LOG

The WP System Log WordPress plugin before 1.0.21 does not sanitise, validate and escape the IP address retrieved from login requests before outputting them in the admin dashboard, which could allow unauthenticated attacker to perform Cross-Site Scripting attacks against admins viewing the logs.

4.3
2021-12-13 CVE-2021-24780 Single Post Exporter Project Cross-Site Request Forgery (CSRF) vulnerability in Single Post Exporter Project Single Post Exporter

The Single Post Exporter WordPress plugin through 1.1.1 does not have CSRF checks when saving its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and give access to the export feature to any role such as subscriber.

4.3
2021-12-13 CVE-2021-24784 WP Admin Logo Changer Project Cross-Site Request Forgery (CSRF) vulnerability in WP Admin Logo Changer Project WP Admin Logo Changer

The WP Admin Logo Changer WordPress plugin through 1.0 does not have CSRF check when saving its settings, which could allow attackers to make a logged in admin update them via a CSRF attack.

4.3
2021-12-13 CVE-2021-24790 Contact Form Advanced Database Project Missing Authorization vulnerability in Contact Form Advanced Database Project Contact Form Advanced Database 1.0.8

The Contact Form Advanced Database WordPress plugin through 1.0.8 does not have any authorisation as well as CSRF checks in its delete_cf7_data and export_cf7_data AJAX actions, available to any authenticated users, which could allow users with a role as low as subscriber to call them.

4.3
2021-12-13 CVE-2021-24792 Wpeden Cross-site Scripting vulnerability in Wpeden Shiny Buttons

The Shiny Buttons WordPress plugin through 1.1.0 does not have any authorisation and CSRF in place when saving a template (wpbtn_save_template function hooked to the init action), nor sanitise and escape them before outputting them in the admin dashboard, which allow unauthenticated users to add a malicious template and lead to Stored Cross-Site Scripting issues.

4.3
2021-12-13 CVE-2021-24795 Phoeniixx Cross-Site Request Forgery (CSRF) vulnerability in Phoeniixx Filter Portfolio Gallery 1.5

The Filter Portfolio Gallery WordPress plugin through 1.5 is lacking Cross-Site Request Forgery (CSRF) check when deleting a Gallery, which could allow attackers to make a logged in admin delete arbitrary Gallery.

4.3
2021-12-13 CVE-2021-24818 WP Limits Project Cross-Site Request Forgery (CSRF) vulnerability in WP Limits Project WP Limits

The WP Limits WordPress plugin through 1.0 does not have CSRF check when saving its settings, allowing attacker to make a logged in admin change them, which could make the blog unstable by setting low values

4.3
2021-12-13 CVE-2021-24925 Webnus Cross-site Scripting vulnerability in Webnus Modern Events Calendar Lite

The Modern Events Calendar Lite WordPress plugin before 6.1.5 does not sanitise and escape the current_month_divider parameter of its mec_list_load_more AJAX call (available to both unauthenticated and authenticated users) before outputting it back in the response, leading to a Reflected Cross-Site Scripting issue

4.3
2021-12-13 CVE-2021-24932 CM WP Cross-site Scripting vulnerability in Cm-Wp Auto Featured Image

The Auto Featured Image (Auto Post Thumbnail) WordPress plugin before 3.9.3 does not sanitise and escape the post_id parameter before outputting back in an admin page within a JS block, leading to a Reflected Cross-Site Scripting issue.

4.3
2021-12-13 CVE-2021-24954 Profilepress Cross-site Scripting vulnerability in Profilepress User Registration, Login Form, User Profile & Membership 3.2.2

The User Registration, Login Form, User Profile & Membership WordPress plugin before 3.2.3 does not sanitise and escape the ppress_cc_data parameter before outputting it back in an attribute of an admin dashboard page, leading to a Reflected Cross-Site Scripting issue

4.3
2021-12-13 CVE-2021-24955 Profilepress Cross-site Scripting vulnerability in Profilepress User Registration, Login Form, User Profile & Membership 3.2.2

The User Registration, Login Form, User Profile & Membership WordPress plugin before 3.2.3 does not escape the data parameter of the pp_get_forms_by_builder_type AJAX action before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting issue

4.3
2021-12-13 CVE-2021-42546 Wpcloudplugins Cross-site Scripting vulnerability in Wpcloudplugins Use-Your-Drive

Insufficient Input Validation in the search functionality of Wordpress plugin Use-Your-Drive prior to 1.18.3 allows unauthenticated user to craft a reflected Cross-Site Scripting attack.

4.3
2021-12-13 CVE-2021-42547 Wpcloudplugins Cross-site Scripting vulnerability in Wpcloudplugins Out-Of-The-Box

Insufficient Input Validation in the search functionality of Wordpress plugin Out-of-the-Box prior to 1.20.3 allows unauthenticated user to craft a reflected Cross-Site Scripting attack.

4.3
2021-12-13 CVE-2021-42548 Wpcloudplugins Cross-site Scripting vulnerability in Wpcloudplugins Share-One-Drive

Insufficient Input Validation in the search functionality of Wordpress plugin Share-one-Drive prior to 1.15.3 allows unauthenticated user to craft a reflected Cross-Site Scripting attack.

4.3
2021-12-13 CVE-2021-42549 Wpcloudplugins Cross-site Scripting vulnerability in Wpcloudplugins Lets-Box

Insufficient Input Validation in the search functionality of Wordpress plugin Lets-Box prior to 1.15.3 allows unauthenticated user to craft a reflected Cross-Site Scripting attack.

4.3
2021-12-13 CVE-2018-25022 Toktok Information Exposure vulnerability in Toktok Toxcore

The Onion module in toxcore before 0.2.2 doesn't restrict which packets can be onion-routed, which allows a remote attacker to discover a target user's IP address (when knowing only their Tox Id) by positioning themselves close to target's Tox Id in the DHT for the target to establish an onion connection with the attacker, guessing the target's DHT public key and creating a DHT node with public key close to it, and finally onion-routing a NAT Ping Request to the target, requesting it to ping the just created DHT node.

4.3
2021-12-17 CVE-2021-44145 Apache Information Exposure vulnerability in Apache Nifi

In the TransformXML processor of Apache NiFi before 1.15.1 an authenticated user could configure an XSLT file which, if it included malicious external entity calls, may reveal sensitive information.

4.0
2021-12-16 CVE-2020-35210 Atomix Allocation of Resources Without Limits or Throttling vulnerability in Atomix

A vulnerability in Atomix v3.1.5 allows attackers to cause a denial of service (DoS) via a Raft session flooding attack using Raft OpenSessionRequest messages.

4.0
2021-12-16 CVE-2020-35214 Atomix Unspecified vulnerability in Atomix 3.1.5

An issue in Atomix v3.1.5 allows a malicious Atomix node to remove states of ONOS storage via abuse of primitive operations.

4.0
2021-12-16 CVE-2020-35215 Atomix Exposure of Resource to Wrong Sphere vulnerability in Atomix 3.1.5

An issue in Atomix v3.1.5 allows attackers to access sensitive information when a malicious Atomix node queries distributed variable primitives which contain the entire primitive lists that ONOS nodes use to share important states.

4.0
2021-12-15 CVE-2021-4117 Yetiforce Improper Input Validation vulnerability in Yetiforce Customer Relationship Management

yetiforcecrm is vulnerable to Business Logic Errors

4.0
2021-12-15 CVE-2021-4111 Yetiforce Improper Input Validation vulnerability in Yetiforce Customer Relationship Management

yetiforcecrm is vulnerable to Business Logic Errors

4.0
2021-12-14 CVE-2021-43827 Discourse Improper Handling of Exceptional Conditions vulnerability in Discourse Footnote 0.1

discourse-footnote is a library providing footnotes for posts in Discourse.

4.0
2021-12-14 CVE-2021-34425 Zoom Server-Side Request Forgery (SSRF) vulnerability in Zoom Meetings

The Zoom Client for Meetings before version 5.7.3 (for Android, iOS, Linux, macOS, and Windows) contain a server side request forgery vulnerability in the chat\'s "link preview" functionality.

4.0
2021-12-14 CVE-2021-43821 Apereo Files or Directories Accessible to External Parties vulnerability in Apereo Opencast

Opencast is an Open Source Lecture Capture & Video Management for Education.

4.0
2021-12-14 CVE-2021-44232 SAP Path Traversal vulnerability in SAP Saf-T Framework

SAF-T Framework Transaction SAFTN_G allows an attacker to exploit insufficient validation of path information provided by normal user, leading to full server directory access.

4.0
2021-12-13 CVE-2021-43823 Sourcegraph Information Exposure Through Discrepancy vulnerability in Sourcegraph

Sourcegraph is a code search and navigation engine.

4.0
2021-12-13 CVE-2020-16155 Cpan Unspecified vulnerability in Cpan::Checksums Project Cpan::Checksums 2.12

The CPAN::Checksums package 2.12 for Perl does not uniquely define signed data.

4.0
2021-12-13 CVE-2021-39916 Gitlab Authorization Bypass Through User-Controlled Key vulnerability in Gitlab

Lack of an access control check in the External Status Check feature allowed any authenticated user to retrieve the configuration of any External Status Check in GitLab EE starting from 14.1 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2.

4.0
2021-12-13 CVE-2021-39917 Gitlab Incorrect Comparison vulnerability in Gitlab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.9 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2.

4.0
2021-12-13 CVE-2021-39918 Gitlab Incorrect Authorization vulnerability in Gitlab

Incorrect Authorization in GitLab EE affecting all versions starting from 11.1 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allows a user to add comments to a vulnerability which cannot be accessed.

4.0
2021-12-13 CVE-2021-39930 Gitlab Incorrect Authorization vulnerability in Gitlab

Missing authorization in GitLab EE versions between 12.4 and 14.3.6, between 14.4.0 and 14.4.4, and between 14.5.0 and 14.5.2 allowed an attacker to access a user's custom project and group templates

4.0
2021-12-13 CVE-2021-39932 Gitlab Improper Input Validation vulnerability in Gitlab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2.

4.0
2021-12-13 CVE-2021-39934 Gitlab Authorization Bypass Through User-Controlled Key vulnerability in Gitlab

Improper access control allows any project member to retrieve the service desk email address in GitLab CE/EE versions starting 12.10 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2.

4.0
2021-12-13 CVE-2021-39936 Gitlab Incorrect Authorization vulnerability in Gitlab

Improper access control in GitLab CE/EE affecting all versions starting from 10.7 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allows an attacker in possession of a deploy token to access a project's disabled wiki.

4.0
2021-12-13 CVE-2021-39938 Gitlab Resource Exhaustion vulnerability in Gitlab

A vulnerable regular expression pattern in GitLab CE/EE since version 8.15 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allows an attacker to cause uncontrolled resource consumption leading to Denial of Service via specially crafted deploy Slash commands

4.0
2021-12-13 CVE-2021-39939 Gitlab Resource Exhaustion vulnerability in Gitlab

An uncontrolled resource consumption vulnerability in GitLab Runner affecting all versions starting from 13.7 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allows an attacker triggering a job with a specially crafted docker image to exhaust resources on runner manager

4.0
2021-12-13 CVE-2021-39945 Gitlab Incorrect Authorization vulnerability in Gitlab

Improper access control in the GitLab CE/EE API affecting all versions starting from 9.4 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allows an author of a Merge Request to approve the Merge Request even after having their project access revoked

4.0
2021-12-13 CVE-2021-40007 Huawei Improper Encoding or Escaping of Output vulnerability in Huawei Ecns280 TD Firmware V100R005C10Spc650

There is an information leak vulnerability in eCNS280_TD V100R005C10SPC650.

4.0
2021-12-13 CVE-2021-24819 Page Post Content Shortcode Project Incorrect Authorization vulnerability in Page/Post Content Shortcode Project Page/Post Content Shortcode 1.0

The Page/Post Content Shortcode WordPress plugin through 1.0 does not have proper authorisation in place, allowing users with a role as low as contributor to access draft/private/password protected/trashed posts/pages they should not be allowed to, including posts created by other users such as admins and editors.

4.0
2021-12-13 CVE-2021-24836 Storeapps Missing Authorization vulnerability in Storeapps Temporary Login Without Password

The Temporary Login Without Password WordPress plugin before 1.7.1 does not have authorisation and CSRF checks when updating its settings, which could allows any logged-in users, such as subscribers to update them

4.0
2021-12-13 CVE-2021-24845 Improved Include Page Project Unspecified vulnerability in Improved Include Page Project Improved Include Page 1.2

The Improved Include Page WordPress plugin through 1.2 allows passing shortcode attributes with post_type & post_status which can be used to retrieve arbitrary content.

4.0
2021-12-13 CVE-2021-24859 User Meta Shortcodes Project Improper Access Control vulnerability in User Meta Shortcodes Project User Meta Shortcodes

The User Meta Shortcodes WordPress plugin through 0.5 registers a shortcode that allows any user with a role as low as contributor to access other users metadata by specifying the user login as a parameter.

4.0
2021-12-13 CVE-2021-24872 GET Custom Field Values Project Incorrect Authorization vulnerability in GET Custom Field Values Project GET Custom Field Values

The Get Custom Field Values WordPress plugin before 4.0 allows users with a role as low as Contributor to access other posts metadata without validating the permissions.

4.0
2021-12-13 CVE-2021-20866 Advancedcustomfields Missing Authorization vulnerability in Advancedcustomfields Advanced Custom Fields

Advanced Custom Fields versions prior to 5.11 and Advanced Custom Fields Pro versions prior to 5.11 contain a missing authorization vulnerability in obtaining the user list which may allow a user to obtain the unauthorized information via unspecified vectors.

4.0
2021-12-13 CVE-2021-20867 Advancedcustomfields Missing Authorization vulnerability in Advancedcustomfields Advanced Custom Fields

Advanced Custom Fields versions prior to 5.11 and Advanced Custom Fields Pro versions prior to 5.11 contain a missing authorization vulnerability in moving the field group which may allow a user to move the unauthorized field group via unspecified vectors.

4.0

89 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2021-12-16 CVE-2021-44023 Trendmicro Link Following vulnerability in Trendmicro products

A link following denial-of-service (DoS) vulnerability in the Trend Micro Security (Consumer) 2021 familiy of products could allow an attacker to abuse the PC Health Checkup feature of the product to create symlinks that would allow modification of files which could lead to a denial-of-service.

3.6
2021-12-15 CVE-2021-43880 Microsoft Unspecified vulnerability in Microsoft Windows 11

Windows Mobile Device Management Elevation of Privilege Vulnerability

3.6
2021-12-17 CVE-2021-43840 Discourse Path Traversal vulnerability in Discourse Message BUS

message_bus is a messaging bus for Ruby processes and web clients.

3.5
2021-12-17 CVE-2021-37863 Mattermost Improper Input Validation vulnerability in Mattermost Server

Mattermost 6.0 and earlier fails to sufficiently validate parameters during post creation, which allows authenticated attackers to cause a client-side crash of the web application via a maliciously crafted post.

3.5
2021-12-17 CVE-2021-38883 IBM Cross-site Scripting vulnerability in IBM products

IBM Business Automation Workflow 18.0, 19.0, 20,0 and 21.0 and IBM Business Process Manager 8.5 and 8.6 are vulnerable to cross-site scripting.

3.5
2021-12-17 CVE-2021-42584 Convos Cross-site Scripting vulnerability in Convos

A Stored Cross Site Scripting (XSS) issue exists in Convos-Chat before 6.32.

3.5
2021-12-17 CVE-2021-4132 Livehelperchat Cross-site Scripting vulnerability in Livehelperchat Live Helper Chat

livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

3.5
2021-12-16 CVE-2021-41261 Galette Cross-site Scripting vulnerability in Galette

Galette is a membership management web application built for non profit organizations and released under GPLv3.

3.5
2021-12-16 CVE-2021-41962 Vehicle Service Management System Project Cross-site Scripting vulnerability in Vehicle Service Management System Project Vehicle Service Management System 1.0

Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the Owner fullname parameter in a Send Service Request in vehicle_service.

3.5
2021-12-15 CVE-2021-35490 Thruk Cross-site Scripting vulnerability in Thruk

Thruk before 2.44 allows XSS for a quick command.

3.5
2021-12-15 CVE-2021-43831 Gradio Project Path Traversal vulnerability in Gradio Project Gradio

Gradio is an open source framework for building interactive machine learning models and demos.

3.5
2021-12-15 CVE-2021-4116 Yetiforce Cross-site Scripting vulnerability in Yetiforce Customer Relationship Management

yetiforcecrm is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

3.5
2021-12-15 CVE-2021-38701 Motorola Cross-site Scripting vulnerability in Motorola products

Certain Motorola Solutions Avigilon devices allow XSS in the administrative UI.

3.5
2021-12-15 CVE-2021-41557 Sofico Cross-site Scripting vulnerability in Sofico Miles Rich Internet Application 2020.2

Sofico Miles RIA 2020.2 Build 127964T is affected by Stored Cross Site Scripting (XSS).

3.5
2021-12-15 CVE-2021-42220 Dolibarr Cross-site Scripting vulnerability in Dolibarr

A Cross Site Scripting (XSS) vulnerability exists in Dolibarr before 14.0.3 via the ticket creation flow.

3.5
2021-12-15 CVE-2021-41871 Socomec Cross-site Scripting vulnerability in Socomec Remote View PRO Firmware 2.0.41.4

An issue was discovered in Socomec REMOTE VIEW PRO 2.0.41.4.

3.5
2021-12-14 CVE-2021-44043 Uipath Cross-site Scripting vulnerability in Uipath APP Studio 21.4.4

An issue was discovered in UiPath App Studio 21.4.4.

3.5
2021-12-14 CVE-2021-41836 Conva Cross-site Scripting vulnerability in Conva Fathom Analytics

The Fathom Analytics WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and escaping via the $site_id parameter found in the ~/fathom-analytics.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 3.0.4.

3.5
2021-12-14 CVE-2021-42061 SAP Cross-site Scripting vulnerability in SAP Businessobjects Business Intelligence Platform 420

SAP BusinessObjects Business Intelligence Platform (Web Intelligence) - version 420, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.

3.5
2021-12-14 CVE-2021-42066 SAP Cleartext Storage of Sensitive Information vulnerability in SAP Business ONE 10.0

SAP Business One - version 10.0, allows an admin user to view DB password in plain text over the network, which should otherwise be encrypted.

3.5
2021-12-14 CVE-2021-42367 Variation Swatches FOR Woocommerce Project Missing Authorization vulnerability in Variation Swatches for Woocommerce Project Variation Swatches for Woocommerce

The Variation Swatches for WooCommerce WordPress plugin is vulnerable to Stored Cross-Site Scripting via several parameters found in the ~/includes/class-menu-page.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.1.1.

3.5
2021-12-14 CVE-2021-42051 Abantecart Cross-site Scripting vulnerability in Abantecart

An issue was discovered in AbanteCart before 1.3.2.

3.5
2021-12-14 CVE-2021-42022 Siemens Path Traversal vulnerability in Siemens Simatic Easie PCS 7 Skill 20.07/21.00

A vulnerability has been identified in SIMATIC eaSie PCS 7 Skill Package (All versions < V21.00 SP3).

3.5
2021-12-13 CVE-2021-39054 IBM Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Spectrum Copy Data Management

IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to hijack the clicking action of the victim.

3.5
2021-12-13 CVE-2021-39931 Gitlab Unspecified vulnerability in Gitlab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.11 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2.

3.5
2021-12-13 CVE-2021-24771 Inspirational Quote Rotator Project Cross-site Scripting vulnerability in Inspirational Quote Rotator Project Inspirational Quote Rotator 1.0.0

The Inspirational Quote Rotator WordPress plugin through 1.0.0 does not sanitize and escape some of its quote fields when adding/editing a quote as admin, leading to Stored Cross-Site scripting issues when the quote is output in the "Quotes list" even when the unfiltered_html capability is disallowed

3.5
2021-12-13 CVE-2021-24782 Flex Local Fonts Project Cross-site Scripting vulnerability in Flex Local Fonts Project Flex Local Fonts 1.0.0

The Flex Local Fonts WordPress plugin through 1.0.0 does not escape the Class Name field when adding a font, which could allow hight privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

3.5
2021-12-13 CVE-2021-24817 Ultimate Nofollow Project Cross-site Scripting vulnerability in Ultimate Nofollow Project Ultimate Nofollow

The Ultimate NoFollow WordPress plugin through 1.4.8 does not sanitise and escape the href attribute of its shortcodes, allowing users with a role as low as contributor to perform Cross-Site Scripting attacks

3.5
2021-12-13 CVE-2021-24855 Display Post Metadata Project Cross-site Scripting vulnerability in Display Post Metadata Project Display Post Metadata

The Display Post Metadata WordPress plugin before 1.5.0 adds a shortcode to print out custom fields, however their content is not sanitised or escaped which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks

3.5
2021-12-13 CVE-2021-24871 GET Custom Field Values Project Cross-site Scripting vulnerability in GET Custom Field Values Project GET Custom Field Values

The Get Custom Field Values WordPress plugin before 4.0.1 does not escape custom fields before outputting them in the page, which could allow users with a role as low as contributor to perform Cross-Site Scripting attacks

3.5
2021-12-13 CVE-2021-24896 Calderaforms Cross-site Scripting vulnerability in Calderaforms Caldera Forms

The Caldera Forms WordPress plugin before 1.9.5 does not sanitise and escape the Form Name before outputting it in attributes, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

3.5
2021-12-13 CVE-2021-24972 Fatcatapps Cross-site Scripting vulnerability in Fatcatapps Pixel CAT

The Pixel Cat WordPress plugin before 2.6.3 does not escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed

3.5
2021-12-15 CVE-2021-0963 Google Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android

In onCreate of KeyChainActivity.java, there is a possible way to use an app certificate stored in keychain due to a tapjacking/overlay attack.

3.3
2021-12-15 CVE-2021-0978 Google Missing Authorization vulnerability in Google Android 12.0

In getSerialForPackage of DeviceIdentifiersPolicyService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure.

3.3
2021-12-15 CVE-2021-0983 Google Information Exposure vulnerability in Google Android 12.1

In createAdminSupportIntent of DevicePolicyManagerService.java, there is a possible disclosure of information about installed device/profile owner package name due to side channel information disclosure.

3.3
2021-12-14 CVE-2021-44444 Siemens Out-of-bounds Read vulnerability in Siemens JT Open Toolkit and JT Utilities

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0).

3.3
2021-12-15 CVE-2021-0991 Google Information Exposure Through Log Files vulnerability in Google Android 12.0

In OnMetadataChangedListener of AdvancedBluetoothDetailsHeaderController.java, there is a possible leak of Bluetooth MAC addresses due to log information disclosure.

2.7
2021-12-15 CVE-2021-0996 Google Out-of-bounds Read vulnerability in Google Android 12.0

In nfaHciCallback of HciEventManager.cpp, there is a possible out of bounds read due to a missing bounds check.

2.7
2021-12-17 CVE-2021-0677 Google Integer Overflow or Wraparound vulnerability in Google Android 11.0

In ccu driver, there is a possible out of bounds read due to an integer overflow.

2.1
2021-12-16 CVE-2021-45095 Linux
Debian
Information Exposure vulnerability in multiple products

pep_sock_accept in net/phonet/pep.c in the Linux kernel through 5.15.8 has a refcount leak.

2.1
2021-12-15 CVE-2021-0958 Google Unspecified vulnerability in Google Android 11.0/12.0

In update of km_compat.cpp, there is a possible loss of potentially sensitive data due to a logic error in the code.

2.1
2021-12-15 CVE-2021-0961 Google Missing Initialization of Resource vulnerability in Google Android

In quota_proc_write of xt_quota2.c, there is a possible way to read kernel memory due to uninitialized data.

2.1
2021-12-15 CVE-2021-0966 Google Missing Initialization of Resource vulnerability in Google Android 11.0/12.0

In code generated by BuildParcelFields of generate_cpp.cpp, there is a possible way for a crafted parcelable to reveal uninitialized memory of a target process due to uninitialized data.

2.1
2021-12-15 CVE-2021-0979 Google Incorrect Default Permissions vulnerability in Google Android 12.0

In isRequestPinItemSupported of ShortcutService.java, there is a possible cross-user leak of packages in which the default launcher supports requests to create pinned shortcuts due to a permissions bypass.

2.1
2021-12-15 CVE-2021-0982 Google Missing Authorization vulnerability in Google Android 12.0

In getOrganizationNameForUser of DevicePolicyManagerService.java, there is a possible organization name disclosure due to a missing permission check.

2.1
2021-12-15 CVE-2021-0987 Google Information Exposure Through Discrepancy vulnerability in Google Android 12.0

In getNeighboringCellInfo of PhoneInterfaceManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure.

2.1
2021-12-15 CVE-2021-0988 Google Information Exposure Through Discrepancy vulnerability in Google Android 12.0

In getLaunchedFromUid and getLaunchedFromPackage of ActivityClientController.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure.

2.1
2021-12-15 CVE-2021-0989 Google Information Exposure Through Discrepancy vulnerability in Google Android 12.0

In hasManageOngoingCallsPermission of TelecomServiceImpl.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure.

2.1
2021-12-15 CVE-2021-0990 Google Information Exposure Through Discrepancy vulnerability in Google Android 12.0

In getDeviceId of PhoneSubInfoController.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure.

2.1
2021-12-15 CVE-2021-0994 Google Missing Authorization vulnerability in Google Android 12.0

In requestRouteToHostAddress of ConnectivityService.java, there is a possible way to determine whether an app is installed, without query permissions, due to a missing permission check.

2.1
2021-12-15 CVE-2021-0995 Google Information Exposure Through Discrepancy vulnerability in Google Android 12.0

In registerSuggestionConnectionStatusListener of WifiServiceImpl.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure.

2.1
2021-12-15 CVE-2021-0997 Google Information Exposure Through Log Files vulnerability in Google Android 12.0

In handleUpdateNetworkState of GnssNetworkConnectivityHandler.java , there is a possible APN disclosure due to log information disclosure.

2.1
2021-12-15 CVE-2021-0998 Google Out-of-bounds Read vulnerability in Google Android 12.0

In 'ih264e_find_bskip_params()' of ih264e_me.c, there is a possible out of bounds read due to a heap buffer overflow.

2.1
2021-12-15 CVE-2021-1005 Google Information Exposure Through Discrepancy vulnerability in Google Android 12.0

In getDeviceIdWithFeature of PhoneInterfaceManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure.

2.1
2021-12-15 CVE-2021-1006 Google Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 12.0

In several functions of DatabaseManager.java, there is a possible leak of Bluetooth MAC addresses due to log information disclosure.

2.1
2021-12-15 CVE-2021-1007 Google Out-of-bounds Read vulnerability in Google Android 12.0

In btu_hcif_process_event of btu_hcif.cc, there is a possible out of bounds read due to an incorrect bounds check.

2.1
2021-12-15 CVE-2021-1008 Google Unspecified vulnerability in Google Android 12.0

In addSubInfo of SubscriptionController.java, there is a possible way to force the user to make a factory reset due to a logic error in the code.

2.1
2021-12-15 CVE-2021-1009 Google Information Exposure Through Discrepancy vulnerability in Google Android 12.0

In setApplicationCategoryHint of PackageManagerService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure.

2.1
2021-12-15 CVE-2021-1010 Google Missing Authorization vulnerability in Google Android 12.0

In getSigningKeySet of PackageManagerService.java, there is a missing permission check.

2.1
2021-12-15 CVE-2021-1011 Google Missing Authorization vulnerability in Google Android 12.0

In setPackageStoppedState of PackageManagerService.java, there is a missing permission check.

2.1
2021-12-15 CVE-2021-1012 Google Information Exposure Through Discrepancy vulnerability in Google Android 12.0

In onResume of NotificationAccessDetails.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure.

2.1
2021-12-15 CVE-2021-1013 Google Information Exposure Through Discrepancy vulnerability in Google Android 12.0

In checkExistsAndEnforceCannotModifyImmutablyRestrictedPermission of PermissionManagerService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure.

2.1
2021-12-15 CVE-2021-1014 Google Information Exposure Through Discrepancy vulnerability in Google Android 12.0

In getNetworkTypeForSubscriber of PhoneInterfaceManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure.

2.1
2021-12-15 CVE-2021-1015 Google Information Exposure Through Discrepancy vulnerability in Google Android 12.0

In getMeidForSlot of PhoneInterfaceManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure.

2.1
2021-12-15 CVE-2021-1018 Google Information Exposure Through Discrepancy vulnerability in Google Android 12.0

In adjustStreamVolume of AudioService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure.

2.1
2021-12-15 CVE-2021-1025 Google Missing Authorization vulnerability in Google Android 12.0

In hasNamedWallpaper of WallpaperManagerService.java, there is a possible way to determine whether an app is installed, without query permissions, due to a missing permission check.

2.1
2021-12-15 CVE-2021-1026 Google Information Exposure Through Discrepancy vulnerability in Google Android 12.0

In startRanging of RttServiceImpl.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure.

2.1
2021-12-15 CVE-2021-1030 Google Information Exposure Through Discrepancy vulnerability in Google Android 12.0

In setNotificationsShownFromListener of NotificationManagerService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure.

2.1
2021-12-15 CVE-2021-1031 Google Information Exposure Through Discrepancy vulnerability in Google Android 12.0

In cancelNotificationsFromListener of NotificationManagerService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure.

2.1
2021-12-15 CVE-2021-1032 Google Information Exposure Through Discrepancy vulnerability in Google Android 12.0

In getMimeGroup of PackageManagerService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure.

2.1
2021-12-15 CVE-2021-1034 Google Missing Authorization vulnerability in Google Android 12.0

In getLine1NumberForDisplay of PhoneInterfaceManager.java, there is apossible way to determine whether an app is installed, without querypermissions due to a missing permission check.

2.1
2021-12-15 CVE-2021-1041 Google Out-of-bounds Read vulnerability in Google Android

In (TBD) of (TBD), there is a possible out of bounds read due to memory corruption.

2.1
2021-12-15 CVE-2021-1042 Google Use After Free vulnerability in Google Android

In dsi_panel_debugfs_read_cmdset of dsi_panel.c, there is a possible disclosure of freed kernel heap memory due to a use after free.

2.1
2021-12-15 CVE-2021-1043 Google Unspecified vulnerability in Google Android

In TBD of TBD, there is a possible downgrade attack due to under utilized anti-rollback protections.

2.1
2021-12-15 CVE-2021-1046 Google Out-of-bounds Read vulnerability in Google Android

In lwis_dpm_update_clock of lwis_device_dpm.c, there is a possible out of bounds read due to an incorrect bounds check.

2.1
2021-12-15 CVE-2021-1047 Google Integer Overflow or Wraparound vulnerability in Google Android

In valid_ipc_dram_addr of cm_access_control.c, there is a possible out of bounds read due to an integer overflow.

2.1
2021-12-15 CVE-2021-39636 Google Improper Initialization vulnerability in Google Android

In do_ipt_get_ctl and do_ipt_set_ctl of ip_tables.c, there is a possible way to leak kernel information due to uninitialized data.

2.1
2021-12-15 CVE-2021-39637 Google Out-of-bounds Read vulnerability in Google Android

In CreateDeviceInfo of trusty_remote_provisioning_context.cpp, there is a possible out of bounds read due to a missing bounds check.

2.1
2021-12-15 CVE-2021-39647 Google Improper Locking vulnerability in Google Android

In mon_smc_load_sp of gs101-sc/plat/samsung/exynos/soc/exynos9845/smc_booting.S, there is a possible reinitialization of TEE due to improper locking.

2.1
2021-12-15 CVE-2021-39657 Google Out-of-bounds Read vulnerability in Google Android

In ufshcd_eh_device_reset_handler of ufshcd.c, there is a possible out of bounds read due to a missing bounds check.

2.1
2021-12-15 CVE-2021-43243 Microsoft Unspecified vulnerability in Microsoft VP9 Video Extensions

VP9 Video Extensions Information Disclosure Vulnerability

2.1
2021-12-14 CVE-2021-42023 Siemens Insufficiently Protected Credentials vulnerability in Siemens Modelsim and Questa

A vulnerability has been identified in ModelSim Simulation (All versions), Questa Simulation (All versions).

2.1
2021-12-13 CVE-2021-38901 IBM Information Exposure vulnerability in IBM Spectrum Protect Operations Center

IBM Spectrum Protect Operations Center 7.1, under special configurations, could allow a local user to obtain highly sensitive information.

2.1
2021-12-13 CVE-2021-39919 Gitlab Weak Password Recovery Mechanism for Forgotten Password vulnerability in Gitlab

In all versions of GitLab CE/EE starting version 14.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, the reset password token and new user email token are accidentally logged which may lead to information disclosure.

2.1
2021-12-15 CVE-2021-0919 Google Integer Overflow or Wraparound vulnerability in Google Android 10.0/11.0/9.0

In getService of IServiceManager.cpp, there is a possible unhandled exception due to an integer overflow.

1.9
2021-12-15 CVE-2021-0973 Google Improper Handling of Case Sensitivity vulnerability in Google Android 12.0

In isFileUri of UriUtil.java, there is a possible way to bypass ignoring file://URI attachment due to improper handling of case sensitivity.

1.9
2021-12-15 CVE-2021-0992 Google Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 12.0

In onCreate of PaymentDefaultDialog.java, there is a possible way to change a default payment app without user consent due to tapjack overlay.

1.9
2021-12-15 CVE-2021-1023 Google Information Exposure vulnerability in Google Android 12.0

In onCreate of RequestIgnoreBatteryOptimizations.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure.

1.9
2021-12-15 CVE-2021-39648 Google Race Condition vulnerability in Google Android

In gadget_dev_desc_UDC_show of configfs.c, there is a possible disclosure of kernel heap memory due to a race condition.

1.9