CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In April 2021 (CVSS score >= 6)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2021-31933 20 Exec Code Dir. Trav. 2021-04-30 2021-05-17
6.5
None Remote Low ??? Partial Partial Partial
A remote code execution vulnerability exists in Chamilo through 1.11.14 due to improper input sanitization of a parameter used for file uploads, and improper file-extension filtering for certain filenames (e.g., .phar or .pht). A remote authenticated administrator is able to upload a file containing arbitrary PHP code into specific directories via main/inc/lib/fileUpload.lib.php directory traversal to achieve PHP code execution.
2 CVE-2021-31875 787 Overflow 2021-04-29 2021-05-10
7.5
None Remote Low Not required Partial Partial Partial
In mjs_json.c in Cesanta MongooseOS mJS 1.26, a maliciously formed JSON string can trigger an off-by-one heap-based buffer overflow in mjs_json_parse, which can potentially lead to redirection of control flow.
3 CVE-2021-31873 190 Overflow 2021-04-30 2021-06-28
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in klibc before 2.0.9. Additions in the malloc() function may result in an integer overflow and a subsequent heap buffer overflow.
4 CVE-2021-31872 190 Overflow 2021-04-30 2021-06-28
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in klibc before 2.0.9. Multiple possible integer overflows in the cpio command on 32-bit systems may result in a buffer overflow or other security impact.
5 CVE-2021-31870 190 Overflow 2021-04-30 2021-06-28
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in klibc before 2.0.9. Multiplication in the calloc() function may result in an integer overflow and a subsequent heap buffer overflow.
6 CVE-2021-31784 787 DoS Exec Code 2021-04-26 2021-05-04
7.5
None Remote Low Not required Partial Partial Partial
An out-of-bounds write vulnerability exists in the file-reading procedure in Open Design Alliance Drawings SDK before 2021.6 on all supported by ODA platforms in static configuration. This can allow attackers to cause a crash, potentially enabling a denial of service attack (Crash, Exit, or Restart) or possible code execution.
7 CVE-2021-31776 428 2021-04-29 2021-05-13
7.2
None Local Low Not required Complete Complete Complete
Aviatrix VPN Client before 2.14.14 on Windows has an unquoted search path that enables local privilege escalation to the SYSTEM user, if the machine is misconfigured to allow unprivileged users to write to directories that are supposed to be restricted to administrators.
8 CVE-2021-31762 352 CSRF 2021-04-25 2021-12-08
6.8
None Remote Medium Not required Partial Partial Partial
Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to create a privileged user through Webmin's add users feature, and then get a reverse shell through Webmin's running process feature.
9 CVE-2021-31761 79 Exec Code XSS 2021-04-25 2021-12-08
6.8
None Remote Medium Not required Partial Partial Partial
Webmin 1.973 is affected by reflected Cross Site Scripting (XSS) to achieve Remote Command Execution through Webmin's running process feature.
10 CVE-2021-31760 352 Exec Code CSRF 2021-04-25 2021-04-28
6.8
None Remote Medium Not required Partial Partial Partial
Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to achieve Remote Command Execution (RCE) through Webmin's running process feature.
11 CVE-2021-31646 307 2021-04-26 2021-05-04
7.5
None Remote Low Not required Partial Partial Partial
Gestsup before 3.2.10 allows account takeover through the password recovery functionality (remote). The affected component is the file forgot_pwd.php - it uses a weak algorithm for the generation of password recovery tokens (the PHP uniqueid function), allowing a brute force attack.
12 CVE-2021-31597 295 2021-04-23 2021-12-08
7.5
None Remote Low Not required Partial Partial Partial
The xmlhttprequest-ssl package before 1.6.1 for Node.js disables SSL certificate validation by default, because rejectUnauthorized (when the property exists but is undefined) is considered to be false within the https.request function of Node.js. In other words, no certificate is ever rejected.
13 CVE-2021-31584 352 CSRF 2021-04-23 2021-09-07
6.8
None Remote Medium Not required Partial Partial Partial
Sipwise C5 NGCP www_csc version 3.6.4 up to and including platform NGCP CE mr3.8.13 allows call/click2dial CSRF attacks for actions with administrative privileges.
14 CVE-2021-31572 190 Overflow 2021-04-22 2021-06-02
7.5
None Remote Low Not required Partial Partial Partial
The kernel in Amazon Web Services FreeRTOS before 10.4.3 has an integer overflow in stream_buffer.c for a stream buffer.
15 CVE-2021-31571 190 Overflow 2021-04-22 2021-06-02
7.5
None Remote Low Not required Partial Partial Partial
The kernel in Amazon Web Services FreeRTOS before 10.4.3 has an integer overflow in queue.c for queue creation.
16 CVE-2021-31553 428 DoS 2021-04-22 2021-04-22
6.4
None Remote Low Not required None Partial Partial
An issue was discovered in the CheckUser extension for MediaWiki through 1.35.2. MediaWiki usernames with trailing whitespace could be stored in the cu_log database table such that denial of service occurred for certain CheckUser extension pages and functionality. For example, the attacker could turn off Special:CheckUserLog and thus interfere with usage tracking.
17 CVE-2021-31523 269 +Priv 2021-04-21 2021-04-29
7.2
None Local Low Not required Complete Complete Complete
The Debian xscreensaver 5.42+dfsg1-1 package for XScreenSaver has cap_net_raw enabled for the /usr/libexec/xscreensaver/sonar file, which allows local users to gain privileges because this is arguably incompatible with the design of the Mesa 3D Graphics library dependency.
18 CVE-2021-31438 787 Exec Code 2021-04-29 2021-05-05
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.931. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of PSP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12443.
19 CVE-2021-31437 787 Exec Code 2021-04-29 2021-05-05
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.931. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12384.
20 CVE-2021-31436 787 Exec Code 2021-04-29 2021-05-05
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.931. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of SGI files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12376.
21 CVE-2021-31435 457 Exec Code 2021-04-29 2021-05-05
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.931. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CMP files. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12331.
22 CVE-2021-31434 787 Exec Code 2021-04-29 2021-05-05
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.931. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPM files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12377.
23 CVE-2021-31433 787 Exec Code 2021-04-29 2021-05-05
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.931. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ARW files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12333.
24 CVE-2021-31414 Exec Code 2021-04-16 2021-04-21
7.5
None Remote Low Not required Partial Partial Partial
The unofficial vscode-rpm-spec extension before 0.3.2 for Visual Studio Code allows remote code execution via a crafted workspace configuration.
25 CVE-2021-31255 120 DoS Exec Code Overflow 2021-04-19 2021-04-21
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in the abst_box_read function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file.
26 CVE-2021-31254 787 DoS Exec Code Overflow 2021-04-19 2021-04-22
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in the tenc_box_read function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file, related invalid IV sizes.
27 CVE-2021-31162 415 2021-04-14 2021-06-02
7.5
None Remote Low Not required Partial Partial Partial
In the standard library in Rust before 1.52.0, a double free can occur in the Vec::from_iter function if freeing the element panics.
28 CVE-2021-31152 352 CSRF 2021-04-14 2021-06-28
6.8
None Remote Medium Not required Partial Partial Partial
Multilaser Router AC1200 V02.03.01.45_pt contains a cross-site request forgery (CSRF) vulnerability. An attacker can enable remote access, change passwords, and perform other actions through misconfigured requests, entries, and headers.
29 CVE-2021-30503 863 Exec Code 2021-04-13 2021-04-23
7.5
None Remote Low Not required Partial Partial Partial
The unofficial GLSL Linting extension before 1.4.0 for Visual Studio Code allows remote code execution via a crafted glslangValidatorPath in the workspace configuration.
30 CVE-2021-30481 120 Exec Code Overflow 2021-04-10 2021-04-21
6.0
None Remote Medium ??? Partial Partial Partial
Valve Steam through 2021-04-10, when a Source engine game is installed, allows remote authenticated users to execute arbitrary code because of a buffer overflow that occurs for a Steam invite after one click.
31 CVE-2021-30480 Exec Code 2021-04-09 2021-09-21
9.0
None Remote Low ??? Complete Complete Complete
Zoom Chat through 2021-04-09 on Windows and macOS allows certain remote authenticated attackers to execute arbitrary code without user interaction. An attacker must be within the same organization, or an external party who has been accepted as a contact. NOTE: this is specific to the Zoom Chat software, which is different from the chat feature of the Zoom Meetings and Zoom Video Webinars software.
32 CVE-2021-30476 2021-04-22 2021-04-29
7.5
None Remote Low Not required Partial Partial Partial
HashiCorp Terraform’s Vault Provider (terraform-provider-vault) did not correctly configure GCE-type bound labels for Vault’s GCP auth method. Fixed in 2.19.1.
33 CVE-2021-30463 59 +Priv 2021-04-08 2021-04-14
7.2
None Local Low Not required Complete Complete Complete
VestaCP through 0.9.8-24 allows attackers to gain privileges by creating symlinks to files for which they lack permissions. After reading the RKEY value from user.conf under the /usr/local/vesta/data/users/admin directory, the admin password can be changed via a /reset/?action=confirm&user=admin&code= URI. This occurs because chmod is used unsafely.
34 CVE-2021-30462 269 2021-04-08 2021-04-14
9.0
None Remote Low ??? Complete Complete Complete
VestaCP through 0.9.8-24 allows the admin user to escalate privileges to root because the Sudo configuration does not require a password to run /usr/local/vesta/bin scripts.
35 CVE-2021-30459 89 Sql 2021-04-14 2021-04-21
7.5
None Remote Low Not required Partial Partial Partial
A SQL Injection issue in the SQL Panel in Jazzband Django Debug Toolbar before 1.11.1, 2.x before 2.2.1, and 3.x before 3.2.1 allows attackers to execute SQL statements by changing the raw_sql input field of the SQL explain, analyze, or select form.
36 CVE-2021-30457 415 2021-04-07 2021-04-12
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in the id-map crate through 2021-02-26 for Rust. A double free can occur in remove_set upon a panic in a Drop impl.
37 CVE-2021-30456 415 2021-04-07 2021-04-12
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in the id-map crate through 2021-02-26 for Rust. A double free can occur in get_or_insert upon a panic of a user-provided f function.
38 CVE-2021-30455 415 2021-04-07 2021-04-12
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in the id-map crate through 2021-02-26 for Rust. A double free can occur in IdMap::clone_from upon a .clone panic.
39 CVE-2021-30454 119 Overflow 2021-04-07 2021-04-12
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in the outer_cgi crate before 0.2.1 for Rust. A user-provided Read instance receives an uninitialized memory buffer from KeyValueReader.
40 CVE-2021-30246 347 2021-04-07 2021-04-14
6.4
None Remote Low Not required Partial Partial None
In the jsrsasign package through 10.1.13 for Node.js, some invalid RSA PKCS#1 v1.5 signatures are mistakenly recognized to be valid. NOTE: there is no known practical attack.
41 CVE-2021-30245 610 Exec Code 2021-04-15 2021-04-23
6.8
None Remote Medium Not required Partial Partial Partial
The project received a report that all versions of Apache OpenOffice through 4.1.8 can open non-http(s) hyperlinks. The problem has existed since about 2006 and the issue is also in 4.1.9. If the link is specifically crafted this could lead to untrusted code execution. It is always best practice to be careful opening documents from unknown and unverified sources. The mitigation in Apache OpenOffice 4.1.10 (unreleased) assures that a security warning is displayed giving the user the option of continuing to open the hyperlink.
42 CVE-2021-30224 352 CSRF 2021-04-29 2021-05-03
6.8
None Remote Medium Not required Partial Partial Partial
Cross Site Request Forgery (CSRF) in Rukovoditel v2.8.3 allows attackers to create an admin user with an arbitrary credentials.
43 CVE-2021-30184 120 Exec Code Overflow 2021-04-07 2021-07-12
6.8
None Remote Medium Not required Partial Partial Partial
GNU Chess 6.2.7 allows attackers to execute arbitrary code via crafted PGN (Portable Game Notation) data. This is related to a buffer overflow in the use of a .tmp.epd temporary file in the cmd_pgnload and cmd_pgnreplay functions in frontend/cmd.cc.
44 CVE-2021-30177 89 Exec Code Sql 2021-04-07 2021-04-13
7.5
None Remote Low Not required Partial Partial Partial
There is a SQL Injection vulnerability in PHP-Nuke 8.3.3 in the User Registration section, leading to remote code execution. This occurs because the U.S. state is not validated to be two letters, and the OrderBy field is not validated to be one of LASTNAME, CITY, or STATE.
45 CVE-2021-30176 89 Sql 2021-04-13 2021-04-14
7.5
None Remote Low Not required Partial Partial Partial
The ZEROF Expert pro/2.0 application for mobile devices allows SQL Injection via the Authorization header to the /v2/devices/add endpoint.
46 CVE-2021-30175 89 Sql 2021-04-13 2021-04-14
7.5
None Remote Low Not required Partial Partial Partial
ZEROF Web Server 1.0 (April 2021) allows SQL Injection via the /HandleEvent endpoint for the login page.
47 CVE-2021-30164 Bypass 2021-04-06 2021-06-02
7.5
None Remote Low Not required Partial Partial Partial
Redmine before 4.0.8 and 4.1.x before 4.1.2 allows attackers to bypass the add_issue_notes permission requirement by leveraging the Issues API.
48 CVE-2021-30149 434 2021-04-06 2021-04-08
7.5
None Remote Low Not required Partial Partial Partial
Composr 10.0.36 allows upload and execution of PHP files.
49 CVE-2021-30147 352 CSRF 2021-04-07 2021-04-12
6.8
None Remote Medium Not required Partial Partial Partial
DMA Softlab Radius Manager 4.4.0 allows CSRF with impacts such as adding new manager accounts via admin.php.
50 CVE-2021-30128 502 2021-04-27 2021-09-20
10.0
None Remote Low Not required Complete Complete Complete
Apache OFBiz has unsafe deserialization prior to 17.12.07 version
Total number of vulnerabilities : 656   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.