CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2021(Gain Information) (CVSS score >= 6)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2021-44450 125 +Info 2021-12-14 2021-12-14
6.8
None Remote Medium Not required Partial Partial Partial
A vulnerability has been identified in JT Utilities (All versions < V12.8.1.1), JTTK (All versions < V10.8.1.1). JTTK library in affected products is vulnerable to an out of bounds read past the end of an allocated buffer when parsing JT files. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-15055, ZDI-CAN-14915, ZDI-CAN-14865)
2 CVE-2021-44439 125 +Info 2021-12-14 2021-12-14
6.8
None Remote Medium Not required Partial Partial Partial
A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products is vulnerable to an out of bounds read past the end of an allocated buffer when parsing specially crafted JT files. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-14908)
3 CVE-2021-42072 287 +Info 2021-11-08 2021-11-09
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered in Barrier before 2.4.0. The barriers component (aka the server-side implementation of Barrier) does not sufficiently verify the identify of connecting clients. Clients can thus exploit weaknesses in the provided protocol to cause denial-of-service or stage further attacks that could lead to information leaks or integrity corruption.
4 CVE-2021-41263 200 +Info 2021-11-15 2021-11-19
6.0
None Remote Medium ??? Partial Partial Partial
rails_multisite provides multi-db support for Rails applications. In affected versions this vulnerability impacts any Rails applications using `rails_multisite` alongside Rails' signed/encrypted cookies. Depending on how the application makes use of these cookies, it may be possible for an attacker to re-use cookies on different 'sites' within a multi-site Rails application. The issue has been patched in v4 of the `rails_multisite` gem. Note that this upgrade will invalidate all previous signed/encrypted cookies. The impact of this invalidation will vary based on the application architecture.
5 CVE-2021-40853 862 +Info 2021-12-17 2021-12-21
6.4
None Remote Low Not required Partial Partial None
TCMAN GIM does not perform an authorization check when trying to access determined resources. A remote attacker could exploit this vulnerability to access URL that require privileges without having them. The exploitation of this vulnerability might allow a remote attacker to obtain sensible information.
6 CVE-2021-40847 319 Exec Code +Info 2021-09-21 2021-10-07
9.3
None Remote Medium Not required Complete Complete Complete
The update process of the Circle Parental Control Service on various NETGEAR routers allows remote attackers to achieve remote code execution as root via a MitM attack. While the parental controls themselves are not enabled by default on the routers, the Circle update daemon, circled, is enabled by default. This daemon connects to Circle and NETGEAR to obtain version information and updates to the circled daemon and its filtering database. However, database updates from NETGEAR are unsigned and downloaded via cleartext HTTP. As such, an attacker with the ability to perform a MitM attack on the device can respond to circled update requests with a crafted, compressed database file, the extraction of which gives the attacker the ability to overwrite executable files with attacker-controlled code. This affects R6400v2 1.0.4.106, R6700 1.0.2.16, R6700v3 1.0.4.106, R6900 1.0.2.16, R6900P 1.3.2.134, R7000 1.0.11.123, R7000P 1.3.2.134, R7850 1.0.5.68, R7900 1.0.4.38, R8000 1.0.4.68, and RS400 1.5.0.68.
7 CVE-2021-40578 89 Exec Code Sql +Info 2021-12-07 2021-12-16
6.5
None Remote Low ??? Partial Partial Partial
Authenticated Blind & Error-based SQL injection vulnerability was discovered in Online Enrollment Management System in PHP and PayPal Free Source Code 1.0, that allows attackers to obtain sensitive information and execute arbitrary SQL commands via IDNO parameter.
8 CVE-2021-37062 129 Overflow +Info 2021-12-07 2021-12-09
6.4
None Remote Low Not required Partial None Partial
There is a Improper Validation of Array Index vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to memory overflow and information leakage.
9 CVE-2021-32925 200 +Info 2021-05-13 2021-09-08
6.4
None Remote Low Not required Partial None Partial
admin/user_import.php in Chamilo 1.11.x reads XML data without disabling the ability to load external entities.
10 CVE-2021-32743 202 +Info 2021-07-15 2021-12-06
6.5
None Remote Low ??? Partial Partial Partial
Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. In versions prior to 2.11.10 and from version 2.12.0 through version 2.12.4, some of the Icinga 2 features that require credentials for external services expose those credentials through the API to authenticated API users with read permissions for the corresponding object types. IdoMysqlConnection and IdoPgsqlConnection (every released version) exposes the password of the user used to connect to the database. IcingaDB (added in 2.12.0) exposes the password used to connect to the Redis server. ElasticsearchWriter (added in 2.8.0)exposes the password used to connect to the Elasticsearch server. An attacker who obtains these credentials can impersonate Icinga to these services and add, modify and delete information there. If credentials with more permissions are in use, this increases the impact accordingly. Starting with the 2.11.10 and 2.12.5 releases, these passwords are no longer exposed via the API. As a workaround, API user permissions can be restricted to not allow querying of any affected objects, either by explicitly listing only the required object types for object query permissions, or by applying a filter rule.
11 CVE-2021-31976 200 +Info 2021-06-08 2021-06-11
7.8
None Remote Low Not required Complete None None
Server for NFS Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-31975.
12 CVE-2021-31975 200 +Info 2021-06-08 2021-06-11
7.8
None Remote Low Not required Complete None None
Server for NFS Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-31976.
13 CVE-2021-31916 787 +Priv +Info 2021-05-06 2022-01-01
6.1
None Local Low Not required Partial Partial Complete
An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux kernel before 5.12. A bound check failure allows an attacker with special user (CAP_SYS_ADMIN) privilege to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability.
14 CVE-2021-31890 240 +Info 2021-11-09 2022-01-11
6.4
None Remote Low Not required Partial None Partial
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions), APOGEE PXC Compact (P2 Ethernet) (All versions), APOGEE PXC Modular (BACnet) (All versions), APOGEE PXC Modular (P2 Ethernet) (All versions), Capital VSTAR (All versions with enabled Ethernet options), Desigo PXC00-E.D (All versions >= V2.3), Desigo PXC00-U (All versions >= V2.3), Desigo PXC001-E.D (All versions >= V2.3), Desigo PXC100-E.D (All versions >= V2.3), Desigo PXC12-E.D (All versions >= V2.3), Desigo PXC128-U (All versions >= V2.3), Desigo PXC200-E.D (All versions >= V2.3), Desigo PXC22-E.D (All versions >= V2.3), Desigo PXC22.1-E.D (All versions >= V2.3), Desigo PXC36.1-E.D (All versions >= V2.3), Desigo PXC50-E.D (All versions >= V2.3), Desigo PXC64-U (All versions >= V2.3), Desigo PXM20-E (All versions >= V2.3), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.1), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions), TALON TC Modular (BACnet) (All versions). The total length of an TCP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on the network buffer organization in memory. (FSMD-2021-0017)
15 CVE-2021-31889 191 +Info 2021-11-09 2022-01-11
6.4
None Remote Low Not required Partial None Partial
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions), APOGEE PXC Compact (P2 Ethernet) (All versions), APOGEE PXC Modular (BACnet) (All versions), APOGEE PXC Modular (P2 Ethernet) (All versions), Capital VSTAR (All versions with enabled Ethernet options), Desigo PXC00-E.D (All versions >= V2.3), Desigo PXC00-U (All versions >= V2.3), Desigo PXC001-E.D (All versions >= V2.3), Desigo PXC100-E.D (All versions >= V2.3), Desigo PXC12-E.D (All versions >= V2.3), Desigo PXC128-U (All versions >= V2.3), Desigo PXC200-E.D (All versions >= V2.3), Desigo PXC22-E.D (All versions >= V2.3), Desigo PXC22.1-E.D (All versions >= V2.3), Desigo PXC36.1-E.D (All versions >= V2.3), Desigo PXC50-E.D (All versions >= V2.3), Desigo PXC64-U (All versions >= V2.3), Desigo PXM20-E (All versions >= V2.3), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions), TALON TC Modular (BACnet) (All versions). Malformed TCP packets with a corrupted SACK option leads to Information Leaks and Denial-of-Service conditions. (FSMD-2021-0015)
16 CVE-2021-31346 1284 +Info 2021-11-09 2022-01-11
6.4
None Remote Low Not required Partial None Partial
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions), APOGEE PXC Compact (P2 Ethernet) (All versions), APOGEE PXC Modular (BACnet) (All versions), APOGEE PXC Modular (P2 Ethernet) (All versions), Capital VSTAR (All versions with enabled Ethernet options), Desigo PXC00-E.D (All versions >= V2.3), Desigo PXC00-U (All versions >= V2.3), Desigo PXC001-E.D (All versions >= V2.3), Desigo PXC100-E.D (All versions >= V2.3), Desigo PXC12-E.D (All versions >= V2.3), Desigo PXC128-U (All versions >= V2.3), Desigo PXC200-E.D (All versions >= V2.3), Desigo PXC22-E.D (All versions >= V2.3), Desigo PXC22.1-E.D (All versions >= V2.3), Desigo PXC36.1-E.D (All versions >= V2.3), Desigo PXC50-E.D (All versions >= V2.3), Desigo PXC64-U (All versions >= V2.3), Desigo PXM20-E (All versions >= V2.3), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.1), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions), TALON TC Modular (BACnet) (All versions). The total length of an ICMP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on the network buffer organization in memory. (FSMD-2021-0007)
17 CVE-2021-31345 1284 +Info 2021-11-09 2022-01-11
6.4
None Remote Low Not required Partial None Partial
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions), APOGEE PXC Compact (P2 Ethernet) (All versions), APOGEE PXC Modular (BACnet) (All versions), APOGEE PXC Modular (P2 Ethernet) (All versions), Capital VSTAR (All versions with enabled Ethernet options), Desigo PXC00-E.D (All versions >= V2.3), Desigo PXC00-U (All versions >= V2.3), Desigo PXC001-E.D (All versions >= V2.3), Desigo PXC100-E.D (All versions >= V2.3), Desigo PXC12-E.D (All versions >= V2.3), Desigo PXC128-U (All versions >= V2.3), Desigo PXC200-E.D (All versions >= V2.3), Desigo PXC22-E.D (All versions >= V2.3), Desigo PXC22.1-E.D (All versions >= V2.3), Desigo PXC36.1-E.D (All versions >= V2.3), Desigo PXC50-E.D (All versions >= V2.3), Desigo PXC64-U (All versions >= V2.3), Desigo PXM20-E (All versions >= V2.3), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions), TALON TC Modular (BACnet) (All versions). The total length of an UDP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on a user-defined applications that runs on top of the UDP protocol. (FSMD-2021-0006)
18 CVE-2021-30790 200 Exec Code +Info 2021-09-08 2021-09-15
6.8
None Remote Medium Not required Partial Partial Partial
An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution.
19 CVE-2021-29715 668 +Info 2021-08-26 2021-09-01
6.4
None Remote Low Not required Partial None Partial
IBM API Connect 5.0.0.0 through 5.0.8.11 could alllow a remote user to obtain sensitive information or conduct denial of serivce attacks due to open ports. IBM X-Force ID: 201018.
20 CVE-2021-29427 829 +Info 2021-04-13 2021-10-20
6.0
None Remote Medium ??? Partial Partial Partial
In Gradle from version 5.1 and before version 7.0 there is a vulnerability which can lead to information disclosure and/or dependency poisoning. Repository content filtering is a security control Gradle introduced to help users specify what repositories are used to resolve specific dependencies. This feature was introduced in the wake of the "A Confusing Dependency" blog post. In some cases, Gradle may ignore content filters and search all repositories for dependencies. This only occurs when repository content filtering is used from within a `pluginManagement` block in a settings file. This may change how dependencies are resolved for Gradle plugins and build scripts. For builds that are vulnerable, there are two risks: 1) Information disclosure: Gradle could make dependency requests to repositories outside your organization and leak internal package identifiers. 2) Dependency poisoning/Dependency confusion: Gradle could download a malicious binary from a repository outside your organization due to name squatting. For a full example and more details refer to the referenced GitHub Security Advisory. The problem has been patched and released with Gradle 7.0. Users relying on this feature should upgrade their build as soon as possible. As a workaround, users may use a company repository which has the right rules for fetching packages from public repositories, or use project level repository content filtering, inside `buildscript.repositories`. This option is available since Gradle 5.1 when the feature was introduced.
21 CVE-2021-28242 77 Sql +Info 2021-04-15 2021-06-04
6.5
None Remote Low ??? Partial Partial Partial
SQL Injection in the "evoadm.php" component of b2evolution v7.2.2-stable allows remote attackers to obtain sensitive database information by injecting SQL commands into the "cf_name" parameter when creating a new filter under the "Collections" tab.
22 CVE-2021-28204 78 Exec Code +Info 2021-04-06 2021-04-14
6.5
None Remote Low ??? Partial Partial Partial
The specific function in ASUS BMC’s firmware Web management page (Modify user’s information function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can launch command injection to execute command arbitrary.
23 CVE-2021-27610 287 +Info 2021-06-16 2021-06-23
7.5
None Remote Low Not required Partial Partial Partial
SAP NetWeaver ABAP Server and ABAP Platform, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 804, does not create information about internal and external RFC user in consistent and distinguished format, which could lead to improper authentication and may be exploited by malicious users to obtain illegitimate access to the system.
24 CVE-2021-27437 798 +Info 2021-05-07 2021-05-19
6.4
None Remote Low Not required Partial Partial None
The affected product allows attackers to obtain sensitive information from the WISE-PaaS dashboard. The system contains a hard-coded administrator username and password that can be used to query Grafana APIs. Authentication is not required for exploitation on the WISE-PaaS/RMM (versions prior to 9.0.1).
25 CVE-2021-27079 200 +Info 2021-04-13 2021-04-15
6.3
None Remote Medium ??? Complete None None
Windows Media Photo Codec Information Disclosure Vulnerability
26 CVE-2021-26822 89 Exec Code Sql +Info 2021-02-15 2021-11-30
7.5
None Remote Low Not required Partial Partial Partial
Teachers Record Management System 1.0 is affected by a SQL injection vulnerability in 'searchteacher' POST parameter in search-teacher.php. This vulnerability can be exploited by a remote unauthenticated attacker to leak sensitive information and perform code execution attacks.
27 CVE-2021-26795 89 Sql +Info 2021-11-14 2021-11-17
6.5
None Remote Low ??? Partial Partial Partial
A SQL Injection vulnerability in /appliance/shiftmgn.php in TalariaX sendQuick Alert Plus Server Admin 4.3 before 8HF11 allows attackers to obtain sensitive information via a Roster Time to Roster Management.
28 CVE-2021-26566 200 Exec Code +Info 2021-02-26 2021-04-22
6.8
None Remote Medium Not required Partial Partial Partial
Insertion of sensitive information into sent data vulnerability in synorelayd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to execute arbitrary commands via inbound QuickConnect traffic.
29 CVE-2021-25249 787 Exec Code +Info 2021-02-04 2021-02-05
7.2
None Local Low Not required Complete Complete Complete
An out-of-bounds write information disclosure vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
30 CVE-2021-24945 200 +Info CSRF 2021-12-13 2021-12-16
6.0
None Remote Medium ??? Partial Partial Partial
The Like Button Rating ♥ LikeBtn WordPress plugin before 2.6.38 does not have any authorisation and CSRF checks in the likebtn_export_votes AJAX action, which could allow any authenticated user, such as subscriber, to get a list of email and IP addresses of people who liked content from the blog.
31 CVE-2021-24163 200 +Info 2021-04-05 2021-04-09
6.5
None Remote Low ??? Partial Partial Partial
The AJAX action, wp_ajax_ninja_forms_sendwp_remote_install_handler, did not have a capability check on it, nor did it have any nonce protection, therefore making it possible for low-level users, such as subscribers, to install and activate the SendWP Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress WordPress plugin before 3.4.34 and retrieve the client_secret key needed to establish the SendWP connection while also installing the SendWP plugin.
32 CVE-2021-22860 287 +Info 2021-03-17 2021-03-23
7.5
None Remote Low Not required Partial Partial Partial
EIC e-document system does not perform completed identity verification for sorting and filtering personnel data. The vulnerability allows remote attacker to obtain users’ credential information without logging in the system, and further acquire the privileged permissions and execute arbitrary commends.
33 CVE-2021-22793 200 +Info 2021-09-02 2021-09-13
6.5
None Remote Low ??? Partial Partial Partial
A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exist in AccuSine PCS+ / PFV+ (Versions prior to V1.6.7) and AccuSine PCSn (Versions prior to V2.2.4) that could allow an authenticated attacker to access the device via FTP protocol.
34 CVE-2021-21779 416 Mem. Corr. +Info 2021-07-08 2021-09-20
6.8
None Remote Medium Not required Partial Partial Partial
A use-after-free vulnerability exists in the way Webkit’s GraphicsContext handles certain events in WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. A victim must be tricked into visiting a malicious web page to trigger this vulnerability.
35 CVE-2021-21775 416 Mem. Corr. +Info 2021-07-07 2021-09-20
6.8
None Remote Medium Not required Partial Partial Partial
A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. In order to trigger the vulnerability, a victim must be tricked into visiting a malicious webpage.
36 CVE-2021-21190 908 +Info 2021-03-09 2021-12-03
6.8
None Remote Medium Not required Partial Partial Partial
Uninitialized data in PDFium in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.
37 CVE-2021-20736 74 Sql +Info 2021-06-22 2021-07-01
6.4
None Remote Low Not required Partial Partial None
NoSQL injection vulnerability in GROWI versions prior to v4.2.20 allows a remote attacker to obtain and/or alter the information stored in the database via unspecified vectors.
38 CVE-2021-20720 89 Exec Code Sql +Info 2021-05-20 2021-05-25
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in the KonaWiki2 versions prior to 2.2.4 allows remote attackers to execute arbitrary SQL commands and to obtain/alter the information stored in the database via unspecified vectors.
39 CVE-2021-20618 269 +Priv Bypass +Info 2021-01-14 2021-01-26
10.0
None Remote Low Not required Complete Complete Complete
Privilege chaining vulnerability in acmailer ver. 4.0.2 and earlier, and acmailer DB ver. 1.1.4 and earlier allows remote attackers to bypass authentication and to gain an administrative privilege which may result in obtaining the sensitive information on the server via unspecified vectors.
40 CVE-2021-20617 269 Exec Code +Priv +Info 2021-01-14 2021-01-26
10.0
None Remote Low Not required Complete Complete Complete
Improper access control vulnerability in acmailer ver. 4.0.1 and earlier, and acmailer DB ver. 1.1.3 and earlier allows remote attackers to execute an arbitrary OS command, or gain an administrative privilege which may result in obtaining the sensitive information on the server via unspecified vectors.
41 CVE-2021-20597 522 +Info 2021-08-06 2021-08-27
6.4
None Remote Low Not required Partial Partial None
Insufficiently Protected Credentials vulnerability in Mitsubishi Electric MELSEC iQ-R series CPU modules (R08/16/32/120SFCPU all versions, R08/16/32/120PSFCPU all versions) allows a remote unauthenticated attacker to login to the target unauthorizedly by sniffing network traffic and obtaining credentials when registering user information in the target or changing a password.
42 CVE-2021-20538 863 +Info 2021-05-10 2021-05-14
6.4
None Remote Low Not required Partial Partial None
IBM Cloud Pak for Security (CP4S) 1.5.0.0 and 1.5.0.1 could allow a user to obtain sensitive information or perform actions they should not have access to due to incorrect authorization mechanisms. IBM X-Force ID: 198919.
43 CVE-2021-4024 200 +Info 2021-12-23 2022-01-07
6.4
None Remote Low Not required Partial None Partial
A flaw was found in podman. The `podman machine` function (used to create and manage Podman virtual machine containing a Podman process) spawns a `gvproxy` process on the host system. The `gvproxy` API is accessible on port 7777 on all IP addresses on the host. If that port is open on the host's firewall, an attacker can potentially use the `gvproxy` API to forward ports on the host to ports in the VM, making private services on the VM accessible to the network. This issue could be also used to interrupt the host's services by forwarding all ports to the VM.
44 CVE-2021-3570 119 Exec Code Overflow +Info 2021-07-09 2021-09-14
8.0
None Remote Low ??? Partial Partial Complete
A flaw was found in the ptp4l program of the linuxptp package. A missing length check when forwarding a PTP message between ports allows a remote attacker to cause an information leak, crash, or potentially remote code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. This flaw affects linuxptp versions before 3.1.1, before 2.0.1, before 1.9.3, before 1.8.1, before 1.7.1, before 1.6.1 and before 1.5.1.
45 CVE-2021-3413 200 +Info 2021-04-08 2021-04-14
6.5
None Remote Low ??? Partial Partial Partial
A flaw was found in Red Hat Satellite in tfm-rubygem-foreman_azure_rm in versions before 2.2.0. A credential leak was identified which will expose Azure Resource Manager's secret key through JSON of the API output. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
46 CVE-2021-1487 78 DoS Exec Code +Info 2021-05-22 2021-05-27
9.0
None Remote Low ??? Complete Complete Complete
A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to execute arbitrary commands on an affected system. The vulnerability is due to insufficient validation of user-supplied input to the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to the interface. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system (OS) with the permissions of a special non-root user. In this way, an attacker could take control of the affected system, which would allow them to obtain and alter sensitive data. The attacker could also affect the devices that are managed by the affected system by pushing arbitrary configuration files, retrieving device credentials and confidential information, and ultimately undermining the stability of the devices, causing a denial of service (DoS) condition.
47 CVE-2021-1442 532 Exec Code +Info 2021-03-24 2021-03-30
6.9
None Local Medium Not required Complete Complete Complete
A vulnerability in a diagnostic command for the Plug-and-Play (PnP) subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to the level of an Administrator user (level 15) on an affected device. The vulnerability is due to insufficient protection of sensitive information. An attacker with low privileges could exploit this vulnerability by issuing the diagnostic CLI show pnp profile when a specific PnP listener is enabled on the device. A successful exploit could allow the attacker to obtain a privileged authentication token. This token can be used to send crafted PnP messages and execute privileged commands on the targeted system.
48 CVE-2021-1401 269 +Info 2021-05-06 2021-05-17
9.0
None Remote Low ??? Complete Complete Complete
Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to obtain sensitive information from or inject arbitrary commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
49 CVE-2021-1400 269 +Info 2021-05-06 2021-05-17
6.5
None Remote Low ??? Partial Partial Partial
Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to obtain sensitive information from or inject arbitrary commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
50 CVE-2021-1309 119 DoS Exec Code Overflow +Info 2021-04-08 2021-04-14
8.3
None Local Network Low Not required Complete Complete Complete
Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business RV Series Routers. An unauthenticated, adjacent attacker could execute arbitrary code or cause an affected router to leak system memory or reload. A memory leak or device reload would cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Note: LLDP is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).
Total number of vulnerabilities : 78   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.