| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
801 |
CVE-2021-26318 |
203 |
|
+Info |
2021-10-13 |
2021-10-20 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
A timing and power-based side channel attack leveraging the x86 PREFETCH instructions on some AMD CPUs could potentially result in leaked kernel address space information. |
|
802 |
CVE-2021-26350 |
367 |
|
DoS |
2022-05-11 |
2022-05-23 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
A TOCTOU race condition in SMU may allow for the caller to obtain and manipulate the address of a message port register which may result in a potential denial of service. |
|
803 |
CVE-2021-26401 |
|
|
|
2022-03-11 |
2022-03-18 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs. |
|
804 |
CVE-2021-26444 |
|
|
|
2021-11-10 |
2021-11-17 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Azure RTOS Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-42301, CVE-2021-42323. |
|
805 |
CVE-2021-26931 |
770 |
|
|
2021-02-17 |
2022-06-04 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
An issue was discovered in the Linux kernel 2.6.39 through 5.10.16, as used in Xen. Block, net, and SCSI backends consider certain errors a plain bug, deliberately causing a kernel crash. For errors potentially being at least under the influence of guests (such as out of memory conditions), it isn't correct to assume a plain bug. Memory allocations potentially causing such crashes occur only when Linux is running in PV mode, though. This affects drivers/block/xen-blkback/blkback.c and drivers/xen/xen-scsiback.c. |
|
806 |
CVE-2021-26932 |
|
|
|
2021-02-17 |
2021-03-31 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen. Grant mapping operations often occur in batch hypercalls, where a number of operations are done in a single hypercall, the success or failure of each one is reported to the backend driver, and the backend driver then loops over the results, performing follow-up actions based on the success or failure of each operation. Unfortunately, when running in PV mode, the Linux backend drivers mishandle this: Some errors are ignored, effectively implying their success from the success of related batch elements. In other cases, errors resulting from one batch element lead to further batch elements not being inspected, and hence successful ones to not be possible to properly unmap upon error recovery. Only systems with Linux backends running in PV mode are vulnerable. Linux backends run in HVM / PVH modes are not vulnerable. This affects arch/*/xen/p2m.c and drivers/xen/gntdev.c. |
|
807 |
CVE-2021-27637 |
668 |
|
|
2021-06-09 |
2021-06-16 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Under certain conditions SAP Enable Now (SAP Workforce Performance Builder - Manager), versions - 1.0, 10 allows an attacker to access information which would otherwise be restricted leading to information disclosure. |
|
808 |
CVE-2021-27645 |
415 |
|
DoS |
2021-02-24 |
2022-05-23 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c. |
|
809 |
CVE-2021-27751 |
613 |
|
|
2022-05-06 |
2022-05-16 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
HCL Commerce is affected by an Insufficient Session Expiration vulnerability. After the session expires, in some circumstances, parts of the application are still accessible. |
|
810 |
CVE-2021-28964 |
362 |
|
DoS |
2021-03-22 |
2022-06-30 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
A race condition was discovered in get_old_root in fs/btrfs/ctree.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (BUG) because of a lack of locking on an extent buffer before a cloning operation, aka CID-dbcc7d57bffc. |
|
811 |
CVE-2021-29429 |
377 |
|
|
2021-04-12 |
2021-10-20 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
In Gradle before version 7.0, files created with open permissions in the system temporary directory can allow an attacker to access information downloaded by Gradle. Some builds could be vulnerable to a local information disclosure. Remote files accessed through TextResourceFactory are downloaded into the system temporary directory first. Sensitive information contained in these files can be exposed to other local users on the same system. If you do not use the `TextResourceFactory` API, you are not vulnerable. As of Gradle 7.0, uses of the system temporary directory have been moved to the Gradle User Home directory. By default, this directory is restricted to the user running the build. As a workaround, set a more restrictive umask that removes read access to other users. When files are created in the system temporary directory, they will not be accessible to other users. If you are unable to change your system's umask, you can move the Java temporary directory by setting the System Property `java.io.tmpdir`. The new path needs to limit permissions to the build user only. |
|
812 |
CVE-2021-29671 |
863 |
|
Bypass |
2021-04-09 |
2021-04-14 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
IBM Spectrum Scale 5.1.0.1 could allow a local attacker to bypass the filesystem audit logging mechanism when file audit logging is enabled. IBM X-Force ID: 199478. |
|
813 |
CVE-2021-29763 |
770 |
|
DoS |
2021-09-16 |
2021-11-05 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 under very specific conditions, could allow a local user to keep running a procedure that could cause the system to run out of memory.and cause a denial of service. IBM X-Force ID: 202267. |
|
814 |
CVE-2021-29906 |
|
|
|
2021-10-08 |
2021-10-15 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
IBM App Connect Enterprise Certified Container 1.0, 1.1, 1.2, 1.3, 1.4 and 1.5 could disclose sensitive information to a local user when it is configured to use an IBM Cloud API key to connect to cloud-based connectors. IBM X-Force ID: 207630. |
|
815 |
CVE-2021-29948 |
362 |
|
|
2021-06-24 |
2021-06-30 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
Signatures are written to disk before and read during verification, which might be subject to a race condition when a malicious local process or user is replacing the file. This vulnerability affects Thunderbird < 78.10. |
|
816 |
CVE-2021-30731 |
|
|
|
2021-09-08 |
2021-09-22 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-004 Catalina. An unprivileged application may be able to capture USB devices. |
|
817 |
CVE-2021-30908 |
|
|
|
2021-08-24 |
2021-11-02 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
An authentication issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.6.1. A local attacker may be able to view the previous logged-in user’s desktop from the fast user switching screen. |
|
818 |
CVE-2021-30992 |
668 |
|
+Info |
2021-08-24 |
2022-01-03 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
This issue was addressed with improved handling of file metadata. This issue is fixed in iOS 15.2 and iPadOS 15.2. A user in a FaceTime call may unexpectedly leak sensitive user information through Live Photos metadata. |
|
819 |
CVE-2021-31403 |
203 |
|
CSRF |
2021-04-23 |
2021-04-30 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Non-constant-time comparison of CSRF tokens in UIDL request handler in com.vaadin:vaadin-server versions 7.0.0 through 7.7.23 (Vaadin 7.0.0 through 7.7.23), and 8.0.0 through 8.12.2 (Vaadin 8.0.0 through 8.12.2) allows attacker to guess a security token via timing attack |
|
820 |
CVE-2021-31404 |
203 |
|
CSRF |
2021-04-23 |
2021-04-30 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Non-constant-time comparison of CSRF tokens in UIDL request handler in com.vaadin:flow-server versions 1.0.0 through 1.0.13 (Vaadin 10.0.0 through 10.0.16), 1.1.0 prior to 2.0.0 (Vaadin 11 prior to 14), 2.0.0 through 2.4.6 (Vaadin 14.0.0 through 14.4.6), 3.0.0 prior to 5.0.0 (Vaadin 15 prior to 18), and 5.0.0 through 5.0.2 (Vaadin 18.0.0 through 18.0.5) allows attacker to guess a security token via timing attack. |
|
821 |
CVE-2021-31406 |
203 |
|
CSRF |
2021-04-23 |
2021-04-30 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Non-constant-time comparison of CSRF tokens in endpoint request handler in com.vaadin:flow-server versions 3.0.0 through 5.0.3 (Vaadin 15.0.0 through 18.0.6), and com.vaadin:fusion-endpoint version 6.0.0 (Vaadin 19.0.0) allows attacker to guess a security token for Fusion endpoints via timing attack. |
|
822 |
CVE-2021-31797 |
362 |
|
|
2021-09-02 |
2021-09-10 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The user identification mechanism used by CyberArk Credential Provider prior to 12.1 is susceptible to a local host race condition, leading to password disclosure. |
|
823 |
CVE-2021-31798 |
326 |
|
|
2021-09-02 |
2021-09-10 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The effective key space used to encrypt the cache in CyberArk Credential Provider prior to 12.1 has low entropy, and under certain conditions a local malicious user can obtain the plaintext of cache files. |
|
824 |
CVE-2021-32033 |
287 |
|
|
2021-06-16 |
2021-06-25 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Protectimus SLIM NFC 70 10.01 devices allow a Time Traveler attack in which attackers can predict TOTP passwords in certain situations. The time value used by the device can be set independently from the used seed value for generating time-based one-time passwords, without authentication. Thus, an attacker with short-time physical access to a device can set the internal real-time clock (RTC) to the future, generate one-time passwords, and reset the clock to the current time. This allows the generation of valid future time-based one-time passwords without having further access to the hardware token. |
|
825 |
CVE-2021-33881 |
863 |
|
Bypass |
2021-06-06 |
2021-06-17 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
On NXP MIFARE Ultralight and NTAG cards, an attacker can interrupt a write operation (aka conduct a "tear off" attack) over RFID to bypass a Monotonic Counter protection mechanism. The impact depends on how the anti tear-off feature is used in specific applications such as public transportation, physical access control, etc. |
|
826 |
CVE-2021-34389 |
401 |
|
|
2021-06-21 |
2021-08-25 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Trusty contains a vulnerability in NVIDIA OTE protocol message parsing code, which is present in all the TAs. An incorrect bounds check can allow a local user through a malicious client to access memory from the heap in the TrustZone, which may lead to information disclosure. |
|
827 |
CVE-2021-35214 |
613 |
|
|
2021-10-12 |
2021-10-18 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
The vulnerability in SolarWinds Pingdom can be described as a failure to invalidate user session upon password or email address change. When running multiple active sessions in separate browser windows, it was observed a password or email address change could be changed without terminating the user session. This issue has been resolved on September 13, 2021. |
|
828 |
CVE-2021-37436 |
|
|
+Info |
2021-07-24 |
2021-08-09 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Amazon Echo Dot devices through 2021-07-02 sometimes allow attackers, who have physical access to a device after a factory reset, to obtain sensitive information via a series of complex hardware and software attacks. NOTE: reportedly, there were vendor marketing statements about safely removing personal content via a factory reset. Also, the vendor has reportedly indicated that they are working on mitigations. |
|
829 |
CVE-2021-39648 |
668 |
|
|
2021-12-15 |
2021-12-20 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
In gadget_dev_desc_UDC_show of configfs.c, there is a possible disclosure of kernel heap memory due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-160822094References: Upstream kernel |
|
830 |
CVE-2021-39664 |
125 |
|
|
2022-02-11 |
2022-02-15 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
In LoadedPackage::Load of LoadedArsc.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure when parsing an APK file with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-203938029 |
|
831 |
CVE-2021-39727 |
362 |
|
|
2022-03-16 |
2022-03-23 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
In eicPresentationRetrieveEntryValue of acropora/app/identity/libeic/EicPresentation.c, there is a possible information disclosure due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196388042References: N/A |
|
832 |
CVE-2021-39792 |
362 |
|
|
2022-03-16 |
2022-03-23 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
In usb_gadget_giveback_request of core.c, there is a possible use after free out of bounds read due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-161010552References: Upstream kernel |
|
833 |
CVE-2021-39899 |
640 |
|
|
2021-10-04 |
2021-10-12 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
In all versions of GitLab CE/EE, an attacker with physical access to a user’s machine may brute force the user’s password via the change password function. There is a rate limit in place, but the attack may still be conducted by stealing the session id from the physical compromise of the account and splitting the attack over several IP addresses and passing in the compromised session value from these various locations. |
|
834 |
CVE-2021-40015 |
362 |
|
|
2022-02-09 |
2022-02-16 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
There is a race condition vulnerability in the binder driver subsystem in the kernel.Successful exploitation of this vulnerability may affect kernel stability. |
|
835 |
CVE-2021-40041 |
79 |
|
XSS |
2022-01-10 |
2022-01-13 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
There is a Cross-Site Scripting(XSS) vulnerability in HUAWEI WS318n product when processing network settings. Due to insufficient validation of user input, a local authenticated attacker could exploit this vulnerability by injecting special characters. Successful exploit could cause certain information disclosure. Affected product versions include: WS318n-21 10.0.2.2, 10.0.2.5 and 10.0.2.6. |
|
836 |
CVE-2021-40089 |
|
|
|
2021-08-25 |
2021-09-09 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
An issue was discovered in PrimeKey EJBCA before 7.6.0. The General Purpose Custom Publisher, which is normally run to invoke a local script upon a publishing operation, was still able to run if the System Configuration setting Enable External Script Access was disabled. With this setting disabled it's not possible to create new such publishers, but existing publishers would continue to run. |
|
837 |
CVE-2021-41808 |
532 |
|
|
2022-01-18 |
2022-01-26 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
In M-Files Server product with versions before 21.11.10775.0, enabling logging of Federated authentication to event log wrote sensitive information to log. Mitigating factors are logging is disabled by default. |
|
838 |
CVE-2021-41993 |
330 |
|
Bypass |
2022-04-30 |
2022-05-10 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
A misconfiguration of RSA in PingID Android app prior to 1.19 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass when using PingID Windows Login. |
|
839 |
CVE-2021-41994 |
330 |
|
Bypass |
2022-04-30 |
2022-05-10 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
A misconfiguration of RSA in PingID iOS app prior to 1.19 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass when using PingID Windows Login. |
|
840 |
CVE-2021-42015 |
525 |
|
|
2021-11-09 |
2021-11-12 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.26), Mendix Applications using Mendix 8 (All versions < V8.18.12), Mendix Applications using Mendix 9 (All versions < V9.6.1). Applications built with affected versions of Mendix Studio Pro do not prevent file documents from being cached when files are opened or downloaded using a browser. This could allow a local attacker to read those documents by exploring the browser cache. |
|
841 |
CVE-2021-42375 |
|
|
DoS |
2021-11-15 |
2022-03-31 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
An incorrect handling of a special element in Busybox's ash applet leads to denial of service when processing a crafted shell command, due to the shell mistaking specific characters for reserved characters. This may be used for DoS under rare conditions of filtered command input. |
|
842 |
CVE-2021-42376 |
476 |
|
DoS |
2021-11-15 |
2022-03-31 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
A NULL pointer dereference in Busybox's hush applet leads to denial of service when processing a crafted shell command, due to missing validation after a \x03 delimiter character. This may be used for DoS under very rare conditions of filtered command input. |
|
843 |
CVE-2021-43392 |
347 |
|
+Info |
2022-03-04 |
2022-03-10 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes allow attackers to obtain information on cryptographic secrets. This is associated with the ECDSA signature algorithm on the Java Card J-SAFE3 and STSAFE-J platforms exposing a 3.0.4 Java Card API. It is exploitable for STSAFE-J in closed configuration and J-SIGN (when signature verification is activated) but not for J-SAFE3 EPASS BAC and EAC products. It might also impact other products based on the J-SAFE-3 Java Card platform. |
|
844 |
CVE-2021-43393 |
347 |
|
|
2022-03-04 |
2022-03-10 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes allow attackers to abuse signature verification. This is associated with the ECDSA signature algorithm on the Java Card J-SAFE3 and STSAFE-J platforms exposing a 3.0.4 Java Card API. It is exploitable for STSAFE-J in closed configuration and J-SIGN (when signature verification is activated) but not for J-SAFE3 EPASS BAC and EAC products. It might also impact other products based on the J-SAFE-3 Java Card platform. |
|
845 |
CVE-2021-44199 |
427 |
|
DoS |
2021-11-29 |
2021-11-30 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
DLL hijacking could lead to denial of service. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27305, Acronis Cyber Protect Home Office (Windows) before build 39612 |
|
846 |
CVE-2022-0019 |
522 |
|
|
2022-02-10 |
2022-02-17 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
An insufficiently protected credentials vulnerability exists in the Palo Alto Networks GlobalProtect app on Linux that exposes the hashed credentials of GlobalProtect users that saved their password during previous GlobalProtect app sessions to other local users on the system. The exposed credentials enable a local attacker to authenticate to the GlobalProtect portal or gateway as the target user without knowing of the target user’s plaintext password. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.10 on Linux. GlobalProtect app 5.2 versions earlier than and including GlobalProtect app 5.2.7 on Linux. GlobalProtect app 5.3 versions earlier than GlobalProtect app 5.3.2 on Linux. This issue does not affect the GlobalProtect app on other platforms. |
|
847 |
CVE-2022-0021 |
532 |
|
|
2022-02-10 |
2022-02-17 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
An information exposure through log file vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows that logs the cleartext credentials of the connecting GlobalProtect user when authenticating using Connect Before Logon feature. This issue impacts GlobalProtect App 5.2 versions earlier than 5.2.9 on Windows. This issue does not affect the GlobalProtect app on other platforms. |
|
848 |
CVE-2022-0563 |
209 |
|
|
2022-02-21 |
2022-06-03 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4. |
|
849 |
CVE-2022-0835 |
312 |
|
|
2022-04-11 |
2022-04-18 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
AVEVA System Platform 2020 stores sensitive information in cleartext, which may allow access to an attacker or a low-privileged user. |
|
850 |
CVE-2022-20032 |
362 |
|
Mem. Corr. |
2022-02-09 |
2022-02-11 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
In vow driver, there is a possible memory corruption due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05852822; Issue ID: ALPS05852822. |
