CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In April 2021 (CVSS score >= 1)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2021-31933 20 Exec Code Dir. Trav. 2021-04-30 2021-05-17
6.5
None Remote Low ??? Partial Partial Partial
A remote code execution vulnerability exists in Chamilo through 1.11.14 due to improper input sanitization of a parameter used for file uploads, and improper file-extension filtering for certain filenames (e.g., .phar or .pht). A remote authenticated administrator is able to upload a file containing arbitrary PHP code into specific directories via main/inc/lib/fileUpload.lib.php directory traversal to achieve PHP code execution.
2 CVE-2021-31926 863 2021-04-30 2021-07-28
4.0
None Remote Low ??? None Partial None
AMP Application Deployment Service in CubeCoders AMP 2.1.x before 2.1.1.2 allows a remote, authenticated user to open ports in the local system firewall by crafting an HTTP(S) request directly to the applicable API endpoint (despite not having permission to make changes to the system's network configuration).
3 CVE-2021-31879 601 2021-04-29 2021-06-18
5.8
None Remote Medium Not required Partial Partial None
GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007.
4 CVE-2021-31875 787 Overflow 2021-04-29 2021-05-10
7.5
None Remote Low Not required Partial Partial Partial
In mjs_json.c in Cesanta MongooseOS mJS 1.26, a maliciously formed JSON string can trigger an off-by-one heap-based buffer overflow in mjs_json_parse, which can potentially lead to redirection of control flow.
5 CVE-2021-31873 190 Overflow 2021-04-30 2021-06-28
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in klibc before 2.0.9. Additions in the malloc() function may result in an integer overflow and a subsequent heap buffer overflow.
6 CVE-2021-31872 190 Overflow 2021-04-30 2021-06-28
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in klibc before 2.0.9. Multiple possible integer overflows in the cpio command on 32-bit systems may result in a buffer overflow or other security impact.
7 CVE-2021-31871 190 Overflow 2021-04-30 2021-06-28
5.0
None Remote Low Not required None None Partial
An issue was discovered in klibc before 2.0.9. An integer overflow in the cpio command may result in a NULL pointer dereference on 64-bit systems.
8 CVE-2021-31870 190 Overflow 2021-04-30 2021-06-28
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in klibc before 2.0.9. Multiplication in the calloc() function may result in an integer overflow and a subsequent heap buffer overflow.
9 CVE-2021-31866 203 2021-04-28 2021-06-01
5.0
None Remote Low Not required Partial None None
Redmine before 4.0.9 and 4.1.x before 4.1.3 allows an attacker to learn the values of internal authentication keys by observing timing differences in string comparison operations within SysController and MailHandlerController.
10 CVE-2021-31865 863 2021-04-28 2021-06-01
5.0
None Remote Low Not required None Partial None
Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows users to circumvent the allowed filename extensions of uploaded attachments.
11 CVE-2021-31864 863 Bypass 2021-04-28 2021-06-01
5.0
None Remote Low Not required None Partial None
Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows attackers to bypass the add_issue_notes permission requirement by leveraging the incoming mail handler.
12 CVE-2021-31863 20 2021-04-28 2021-06-01
5.0
None Remote Low Not required Partial None None
Insufficient input validation in the Git repository integration of Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows Redmine users to read arbitrary local files accessible by the application server process.
13 CVE-2021-31804 416 2021-04-26 2021-05-14
4.3
None Remote Medium Not required None None Partial
LeoCAD before 21.03 sometimes allows a use-after-free during the opening of a new document.
14 CVE-2021-31794 79 XSS 2021-04-24 2021-05-01
4.3
None Remote Medium Not required None Partial None
Settings.aspx?view=About in Directum 5.8.2 allows XSS via the HTTP User-Agent header.
15 CVE-2021-31792 79 XSS 2021-04-30 2021-05-03
3.5
None Remote Medium ??? None Partial None
XSS in the client account page in SuiteCRM before 7.11.19 allows an attacker to inject JavaScript via the name field
16 CVE-2021-31784 787 DoS Exec Code 2021-04-26 2021-05-04
7.5
None Remote Low Not required Partial Partial Partial
An out-of-bounds write vulnerability exists in the file-reading procedure in Open Design Alliance Drawings SDK before 2021.6 on all supported by ODA platforms in static configuration. This can allow attackers to cause a crash, potentially enabling a denial of service attack (Crash, Exit, or Restart) or possible code execution.
17 CVE-2021-31783 345 File Inclusion 2021-04-26 2021-05-04
5.0
None Remote Low Not required Partial None None
show_default.php in the LocalFilesEditor extension before 11.4.0.1 for Piwigo allows Local File Inclusion because the file parameter is not validated with a proper regular-expression check.
18 CVE-2021-31777 89 Sql 2021-04-28 2021-08-27
4.0
None Remote Low ??? Partial None None
The dce (aka Dynamic Content Element) extension 2.2.0 through 2.6.x before 2.6.2, and 2.7.x before 2.7.1, for TYPO3 allows SQL Injection via a backend user account.
19 CVE-2021-31776 428 2021-04-29 2021-05-13
7.2
None Local Low Not required Complete Complete Complete
Aviatrix VPN Client before 2.14.14 on Windows has an unquoted search path that enables local privilege escalation to the SYSTEM user, if the machine is misconfigured to allow unprivileged users to write to directories that are supposed to be restricted to administrators.
20 CVE-2021-31762 352 CSRF 2021-04-25 2021-12-08
6.8
None Remote Medium Not required Partial Partial Partial
Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to create a privileged user through Webmin's add users feature, and then get a reverse shell through Webmin's running process feature.
21 CVE-2021-31761 79 Exec Code XSS 2021-04-25 2021-12-08
6.8
None Remote Medium Not required Partial Partial Partial
Webmin 1.973 is affected by reflected Cross Site Scripting (XSS) to achieve Remote Command Execution through Webmin's running process feature.
22 CVE-2021-31760 352 Exec Code CSRF 2021-04-25 2021-04-28
6.8
None Remote Medium Not required Partial Partial Partial
Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to achieve Remote Command Execution (RCE) through Webmin's running process feature.
23 CVE-2021-31712 79 XSS 2021-04-24 2021-09-09
3.5
None Remote Medium ??? None Partial None
react-draft-wysiwyg (aka React Draft Wysiwyg) before 1.14.6 allows a javascript: URi in a Link Target of the link decorator in decorators/Link/index.js when a draft is shared across users, leading to XSS.
24 CVE-2021-31671 319 2021-04-27 2021-05-04
5.0
None Remote Low Not required Partial None None
pgsync before 0.6.7 is affected by Information Disclosure of sensitive information. Syncing the schema with the --schema-first and --schema-only options is mishandled. For example, the sslmode connection parameter may be lost, which means that SSL would not be used.
25 CVE-2021-31646 307 2021-04-26 2021-05-04
7.5
None Remote Low Not required Partial Partial Partial
Gestsup before 3.2.10 allows account takeover through the password recovery functionality (remote). The affected component is the file forgot_pwd.php - it uses a weak algorithm for the generation of password recovery tokens (the PHP uniqueid function), allowing a brute force attack.
26 CVE-2021-31607 77 Exec Code 2021-04-23 2021-11-23
4.6
None Local Low Not required Partial Partial Partial
In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exists in the snapper module that allows for local privilege escalation on a minion. The attack requires that a file is created with a pathname that is backed up by snapper, and that the master calls the snapper.diff function (which executes popen unsafely).
27 CVE-2021-31598 91 Overflow 2021-04-24 2021-07-08
5.0
None Remote Low Not required None None Partial
An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_decode() performs incorrect memory handling while parsing crafted XML files, leading to a heap-based buffer overflow.
28 CVE-2021-31597 295 2021-04-23 2021-12-08
7.5
None Remote Low Not required Partial Partial Partial
The xmlhttprequest-ssl package before 1.6.1 for Node.js disables SSL certificate validation by default, because rejectUnauthorized (when the property exists but is undefined) is considered to be false within the https.request function of Node.js. In other words, no certificate is ever rejected.
29 CVE-2021-31584 352 CSRF 2021-04-23 2021-09-07
6.8
None Remote Medium Not required Partial Partial Partial
Sipwise C5 NGCP www_csc version 3.6.4 up to and including platform NGCP CE mr3.8.13 allows call/click2dial CSRF attacks for actions with administrative privileges.
30 CVE-2021-31583 79 XSS 2021-04-23 2021-09-07
3.5
None Remote Medium ??? None Partial None
Sipwise C5 NGCP WWW Admin version 3.6.7 up to and including platform version NGCP CE 3.0 has multiple authenticated stored and reflected XSS vulnerabilities when input passed via several parameters to several scripts is not properly sanitized before being returned to the user: Stored XSS in callforward/time/set/save (POST tsetname); Reflected XSS in addressbook (GET filter); Stored XSS in addressbook/save (POST firstname, lastname, company); and Reflected XSS in statistics/versions (GET lang).
31 CVE-2021-31572 190 Overflow 2021-04-22 2021-06-02
7.5
None Remote Low Not required Partial Partial Partial
The kernel in Amazon Web Services FreeRTOS before 10.4.3 has an integer overflow in stream_buffer.c for a stream buffer.
32 CVE-2021-31571 190 Overflow 2021-04-22 2021-06-02
7.5
None Remote Low Not required Partial Partial Partial
The kernel in Amazon Web Services FreeRTOS before 10.4.3 has an integer overflow in queue.c for queue creation.
33 CVE-2021-31555 20 2021-04-22 2021-04-22
5.0
None Remote Low Not required None Partial None
An issue was discovered in the Oauth extension for MediaWiki through 1.35.2. It did not validate the oarc_version (aka oauth_registered_consumer.oarc_version) parameter's length.
34 CVE-2021-31554 668 2021-04-22 2021-04-22
5.5
None Remote Low ??? Partial Partial None
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. It improperly handled account blocks for certain automatically created MediaWiki user accounts, thus allowing nefarious users to remain unblocked.
35 CVE-2021-31553 428 DoS 2021-04-22 2021-04-22
6.4
None Remote Low Not required None Partial Partial
An issue was discovered in the CheckUser extension for MediaWiki through 1.35.2. MediaWiki usernames with trailing whitespace could be stored in the cu_log database table such that denial of service occurred for certain CheckUser extension pages and functionality. For example, the attacker could turn off Special:CheckUserLog and thus interfere with usage tracking.
36 CVE-2021-31552 668 2021-04-22 2021-04-22
5.5
None Remote Low ??? Partial Partial None
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. It incorrectly executed certain rules related to blocking accounts after account creation. Such rules would allow for user accounts to be created while blocking only the IP address used to create an account (and not the user account itself). Such rules could also be used by a nefarious, unprivileged user to catalog and enumerate any number of IP addresses related to these account creations.
37 CVE-2021-31551 79 XSS 2021-04-22 2021-04-22
4.3
None Remote Medium Not required None Partial None
An issue was discovered in the PageForms extension for MediaWiki through 1.35.2. Crafted payloads for Token-related query parameters allowed for XSS on certain PageForms-managed MediaWiki pages.
38 CVE-2021-31550 79 XSS 2021-04-22 2021-04-27
3.5
None Remote Medium ??? None Partial None
An issue was discovered in the CommentBox extension for MediaWiki through 1.35.2. Via crafted configuration variables, a malicious actor could introduce XSS payloads into various layers.
39 CVE-2021-31549 200 +Info 2021-04-22 2021-04-22
4.0
None Remote Low ??? Partial None None
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. The Special:AbuseFilter/examine form allowed for the disclosure of suppressed MediaWiki usernames to unprivileged users.
40 CVE-2021-31548 668 Bypass 2021-04-22 2021-04-22
4.0
None Remote Low ??? None Partial None
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. A MediaWiki user who is partially blocked or was unsuccessfully blocked could bypass AbuseFilter and have their edits completed.
41 CVE-2021-31547 668 2021-04-22 2021-04-22
4.0
None Remote Low ??? Partial None None
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. Its AbuseFilterCheckMatch API reveals suppressed edits and usernames to unprivileged users through the iteration of crafted AbuseFilter rules.
42 CVE-2021-31546 200 +Info 2021-04-22 2021-04-22
4.0
None Remote Low ??? Partial None None
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. It incorrectly logged sensitive suppression deletions, which should not have been visible to users with access to view AbuseFilter log data.
43 CVE-2021-31545 200 +Info 2021-04-22 2021-04-22
5.0
None Remote Low Not required Partial None None
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. The page_recent_contributors leaked the existence of certain deleted MediaWiki usernames, related to rev_deleted.
44 CVE-2021-31540 732 2021-04-23 2021-12-03
3.6
None Local Low Not required Partial Partial None
Wowza Streaming Engine through 4.8.5 (in a default installation) has incorrect file permissions of configuration files in the conf/ directory. A regular local user is able to read and write to all the configuration files, e.g., modify the application server configuration.
45 CVE-2021-31539 312 2021-04-23 2021-12-08
2.1
None Local Low Not required Partial None None
Wowza Streaming Engine before 4.8.8.01 (in a default installation) has cleartext passwords stored in the conf/admin.password file. A regular local user is able to read usernames and passwords.
46 CVE-2021-31523 269 +Priv 2021-04-21 2021-04-29
7.2
None Local Low Not required Complete Complete Complete
The Debian xscreensaver 5.42+dfsg1-1 package for XScreenSaver has cap_net_raw enabled for the /usr/libexec/xscreensaver/sonar file, which allows local users to gain privileges because this is arguably incompatible with the design of the Mesa 3D Graphics library dependency.
47 CVE-2021-31438 787 Exec Code 2021-04-29 2021-05-05
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.931. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of PSP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12443.
48 CVE-2021-31437 787 Exec Code 2021-04-29 2021-05-05
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.931. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12384.
49 CVE-2021-31436 787 Exec Code 2021-04-29 2021-05-05
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.931. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of SGI files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12376.
50 CVE-2021-31435 457 Exec Code 2021-04-29 2021-05-05
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.931. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CMP files. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12331.
Total number of vulnerabilities : 1648   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.