CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 5 and 5.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1651 CVE-2021-23855 916 2021-10-04 2021-10-12
5.0
None Remote Low Not required Partial None None
The user and password data base is exposed by an unprotected web server resource. Passwords are hashed with a weak hashing algorithm and therefore allow an attacker to determine the password by using rainbow tables.
1652 CVE-2021-23840 190 Overflow 2021-02-16 2021-10-22
5.0
None Remote Low Not required None None Partial
Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).
1653 CVE-2021-23718 918 2021-11-22 2021-12-03
5.0
None Remote Low Not required Partial None None
The package ssrf-agent before 1.0.5 are vulnerable to Server-side Request Forgery (SSRF) via the defaultIpChecker function. It fails to properly validate if the IP requested is private.
1654 CVE-2021-23446 DoS 2021-09-29 2021-10-07
5.0
None Remote Low Not required None None Partial
The package handsontable before 10.0.0; the package handsontable from 0 and before 10.0.0 are vulnerable to Regular Expression Denial of Service (ReDoS) in Handsontable.helper.isNumeric function.
1655 CVE-2021-23443 79 XSS Bypass 2021-09-21 2021-09-29
5.8
None Remote Medium Not required Partial Partial None
This affects the package edge.js before 5.3.2. A type confusion vulnerability can be used to bypass input sanitization when the input to be rendered is an array (instead of a string or a SafeValue), even if {{ }} are used.
1656 CVE-2021-23437 125 DoS 2021-09-03 2021-11-30
5.0
None Remote Low Not required None None Partial
The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the getrgb function.
1657 CVE-2021-23435 601 2021-09-12 2021-09-23
5.8
None Remote Medium Not required Partial Partial None
This affects the package clearance before 2.5.0. The vulnerability can be possible when users are able to set the value of session[:return_to]. If the value used for return_to contains multiple leading slashes (/////example.com) the user ends up being redirected to the external domain that comes after the slashes (http://example.com).
1658 CVE-2021-23430 22 Dir. Trav. 2021-08-24 2021-08-31
5.0
None Remote Low Not required Partial None None
All versions of package startserver are vulnerable to Directory Traversal due to missing sanitization.
1659 CVE-2021-23429 755 DoS 2021-08-24 2021-08-31
5.0
None Remote Low Not required None None Partial
All versions of package transpile are vulnerable to Denial of Service (DoS) due to a lack of input sanitization or whitelisting, coupled with improper exception handling in the .to() function.
1660 CVE-2021-23426 2021-09-01 2021-09-09
5.0
None Remote Low Not required None Partial None
This affects all versions of package Proto. It is possible to inject pollute the object property of an application using Proto by leveraging the merge function.
1661 CVE-2021-23425 DoS 2021-08-18 2021-08-24
5.0
None Remote Low Not required None None Partial
All versions of package trim-off-newlines are vulnerable to Regular Expression Denial of Service (ReDoS) via string processing.
1662 CVE-2021-23424 2021-08-18 2021-08-24
5.0
None Remote Low Not required None None Partial
This affects all versions of package ansi-html. If an attacker provides a malicious string, it will get stuck processing the input for an extremely long time.
1663 CVE-2021-23423 22 Dir. Trav. 2021-08-16 2021-08-24
5.0
None Remote Low Not required Partial None None
This affects the package bikeshed before 3.0.0. This can occur when an untrusted source file containing include, include-code or include-raw block is processed. The contents of arbitrary files could be disclosed in the HTML output.
1664 CVE-2021-23419 915 2021-08-08 2021-08-16
5.0
None Remote Low Not required None Partial None
This affects the package open-graph before 0.2.6. The function parse could be tricked into adding or modifying properties of Object.prototype using a __proto__ or constructor payload.
1665 CVE-2021-23415 22 Dir. Trav. 2021-07-28 2021-08-04
5.0
None Remote Low Not required Partial None None
This affects the package elFinder.AspNet before 1.1.1. The user-controlled file name is not properly sanitized before it is used to create a file system path.
1666 CVE-2021-23413 2021-07-25 2021-08-27
5.0
None Remote Low Not required None None Partial
This affects the package jszip before 3.7.0. Crafting a new zip file with filenames set to Object prototype values (e.g __proto__, toString, etc) results in a returned object with a modified prototype instance.
1667 CVE-2021-23409 DoS 2021-07-21 2021-07-29
5.0
None Remote Low Not required None None Partial
The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service (DoS) via creating connections without the proxy protocol header.
1668 CVE-2021-23407 22 Dir. Trav. 2021-07-14 2021-08-05
5.0
None Remote Low Not required Partial None None
This affects the package elFinder.Net.Core from 0 and before 1.2.4. The user-controlled file name is not properly sanitized before it is used to create a file system path.
1669 CVE-2021-23401 601 Bypass 2021-07-05 2021-07-08
5.8
None Remote Medium Not required Partial Partial None
This affects all versions of package Flask-User. When using the make_safe_url function, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple back slashes such as /////evil.com/path or \\\evil.com/path. This vulnerability is only exploitable if an alternative WSGI server other than Werkzeug is used, or the default behaviour of Werkzeug is modified using 'autocorrect_location_header=False.
1670 CVE-2021-23395 2021-06-15 2021-06-24
5.0
None Remote Low Not required None Partial None
This affects all versions of package nedb. The library could be tricked into adding or modifying properties of Object.prototype using a __proto__ or constructor.prototype payload.
1671 CVE-2021-23393 601 Bypass 2021-06-11 2021-06-22
5.8
None Remote Medium Not required Partial Partial None
This affects the package Flask-Unchained before 0.9.0. When using the the _validate_redirect_url function, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple back slashes such as \\\evil.com/path. This vulnerability is only exploitable if an alternative WSGI server other than Werkzeug is used, or the default behaviour of Werkzeug is modified using 'autocorrect_location_header=False.
1672 CVE-2021-23392 DoS 2021-06-08 2021-06-15
5.0
None Remote Low Not required None None Partial
The package locutus before 2.0.15 are vulnerable to Regular Expression Denial of Service (ReDoS) via the gopher_parsedir function.
1673 CVE-2021-23388 DoS 2021-06-01 2021-06-09
5.0
None Remote Low Not required None None Partial
The package forms before 1.2.1, from 1.3.0 and before 1.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via email validation.
1674 CVE-2021-23387 601 2021-05-24 2021-05-28
5.8
None Remote Medium Not required Partial Partial None
The package trailing-slash before 2.0.1 are vulnerable to Open Redirect via the use of trailing double slashes in the URL when accessing the vulnerable endpoint (such as https://example.com//attacker.example/). The vulnerable code is in index.js::createTrailing(), as the web server uses relative URLs instead of absolute URLs.
1675 CVE-2021-23384 601 2021-05-17 2021-05-25
5.8
None Remote Medium Not required Partial Partial None
The package koa-remove-trailing-slashes before 2.0.2 are vulnerable to Open Redirect via the use of trailing double slashes in the URL when accessing the vulnerable endpoint (such as https://example.com//attacker.example/). The vulnerable code is in index.js::removeTrailingSlashes(), as the web server uses relative URLs instead of absolute URLs.
1676 CVE-2021-23382 DoS 2021-04-26 2021-07-08
5.0
None Remote Low Not required None None Partial
The package postcss before 8.2.13 are vulnerable to Regular Expression Denial of Service (ReDoS) via getAnnotationURL() and loadAnnotation() in lib/previous-map.js. The vulnerable regexes are caused mainly by the sub-pattern \/\*\s* sourceMappingURL=(.*).
1677 CVE-2021-23372 754 DoS 2021-04-13 2021-04-19
5.0
None Remote Low Not required None None Partial
All versions of package mongo-express are vulnerable to Denial of Service (DoS) when exporting an empty collection as CSV, due to an unhandled exception, leading to a crash.
1678 CVE-2021-23371 2021-04-12 2021-04-20
5.0
None Remote Low Not required None None Partial
This affects the package chrono-node before 2.2.4. It hangs on a date-like string with lots of embedded spaces.
1679 CVE-2021-23368 DoS 2021-04-12 2021-06-11
5.0
None Remote Low Not required None None Partial
The package postcss from 7.0.0 and before 8.2.10 are vulnerable to Regular Expression Denial of Service (ReDoS) during source map parsing.
1680 CVE-2021-23365 287 Bypass 2021-04-26 2021-05-19
5.5
None Remote Low ??? Partial Partial None
The package github.com/tyktechnologies/tyk-identity-broker before 1.1.1 are vulnerable to Authentication Bypass via the Go XML parser which can cause SAML authentication bypass. This is because the XML parser doesn’t guarantee integrity in the XML round-trip (encoding/decoding XML data).
1681 CVE-2021-23362 DoS 2021-03-23 2021-06-08
5.0
None Remote Low Not required None None Partial
The package hosted-git-info before 3.0.8 are vulnerable to Regular Expression Denial of Service (ReDoS) via regular expression shortcutMatch in the fromUrl function in index.js. The affected regular expression exhibits polynomial worst-case time complexity.
1682 CVE-2021-23354 DoS 2021-03-12 2021-03-18
5.0
None Remote Low Not required None None Partial
The package printf before 0.6.1 are vulnerable to Regular Expression Denial of Service (ReDoS) via the regex string /\%(?:\(([\w_.]+)\)|([1-9]\d*)\$)?([0 +\-\]*)(\*|\d+)?(\.)?(\*|\d+)?[hlL]?([\%bscdeEfFgGioOuxX])/g in lib/printf.js. The vulnerable regular expression has cubic worst-case time complexity.
1683 CVE-2021-23353 2021-03-09 2021-03-18
5.0
None Remote Low Not required None None Partial
This affects the package jspdf before 2.3.1. ReDoS is possible via the addImage function.
1684 CVE-2021-23346 2021-03-04 2021-03-09
5.0
None Remote Low Not required None None Partial
This affects the package html-parse-stringify before 2.0.1; all versions of package html-parse-stringify2. Sending certain input could cause one of the regular expressions that is used for parsing to backtrack, freezing the process.
1685 CVE-2021-23345 918 2021-02-26 2021-03-09
5.0
None Remote Low Not required Partial None None
All versions of package github.com/thecodingmachine/gotenberg are vulnerable to Server-side Request Forgery (SSRF) via the /convert/html endpoint when the src attribute of an HTML element refers to an internal system file, such as <iframe src='file:///etc/passwd'>.
1686 CVE-2021-23343 DoS 2021-05-04 2021-12-03
5.0
None Remote Low Not required None None Partial
All versions of package path-parse are vulnerable to Regular Expression Denial of Service (ReDoS) via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity.
1687 CVE-2021-23341 DoS 2021-02-18 2021-02-26
5.0
None Remote Low Not required None None Partial
The package prismjs before 1.23.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the prism-asciidoc, prism-rest, prism-tap and prism-eiffel components.
1688 CVE-2021-23340 22 Dir. Trav. File Inclusion 2021-02-18 2021-02-25
5.5
None Remote Low ??? Partial Partial None
This affects the package pimcore/pimcore before 6.8.8. A Local FIle Inclusion vulnerability exists in the downloadCsvAction function of the CustomReportController class (bundles/AdminBundle/Controller/Reports/CustomReportController.php). An authenticated user can reach this function with a GET request at the following endpoint: /admin/reports/custom-report/download-csv?exportFile=&91;filename]. Since exportFile variable is not sanitized, an attacker can exploit a local file inclusion vulnerability.
1689 CVE-2021-23335 74 Bypass 2021-02-11 2021-02-17
5.0
None Remote Low Not required Partial None None
All versions of package is-user-valid are vulnerable to LDAP Injection which can lead to either authentication bypass or information exposure.
1690 CVE-2021-23329 2021-01-31 2021-02-05
5.0
None Remote Low Not required None None Partial
The package nested-object-assign before 1.0.4 are vulnerable to Prototype Pollution via the default function, as demonstrated by running the PoC below.
1691 CVE-2021-23278 2021-04-13 2021-04-21
5.5
None Remote Low ??? None Partial Partial
Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to authenticated arbitrary file delete vulnerability induced due to improper input validation at server/maps_srv.js with action removeBackground and server/node_upgrade_srv.js with action removeFirmware. An attacker can send specially crafted packets to delete the files on the system where IPM software is installed.
1692 CVE-2021-23263 668 2021-12-02 2021-12-04
5.0
None Remote Low Not required Partial None None
Unauthenticated remote attackers can read textual content via FreeMarker including files /scripts/*, /templates/* and some of the files in /.git/* (non-binary).
1693 CVE-2021-23253 2021-01-11 2021-01-20
5.0
None Remote Low Not required None Partial None
Opera Mini for Android below 53.1 displays URL left-aligned in the address field. This allows a malicious attacker to craft a URL with a long domain name, e.g. www.safe.opera.com.attacker.com. With the URL being left-aligned, the user will only see the front part (e.g. www.safe.opera.com…) The exact amount depends on the phone screen size but the attacker can craft a number of different domains and target different phones. Starting with version 53.1 Opera Mini displays long URLs with the top-level domain label aligned to the right of the address field which mitigates the issue.
1694 CVE-2021-23242 22 Dir. Trav. 2021-01-07 2021-01-12
5.0
None Remote Low Not required Partial None None
MERCUSYS Mercury X18G 1.0.5 devices allow Directory Traversal via ../ to the UPnP server, as demonstrated by the /../../conf/template/uhttpd.json URI.
1695 CVE-2021-23241 22 Dir. Trav. Bypass 2021-01-07 2021-01-12
5.0
None Remote Low Not required Partial None None
MERCUSYS Mercury X18G 1.0.5 devices allow Directory Traversal via ../ in conjunction with a loginLess or login.htm URI (for authentication bypass) to the web server, as demonstrated by the /loginLess/../../etc/passwd URI.
1696 CVE-2021-23146 697 Bypass 2021-11-18 2021-11-24
5.0
None Remote Low Not required None Partial None
An Incomplete Comparison with Missing Factors vulnerability in the Gallagher Controller allows an attacker to bypass PIV verification. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 (MR3); 8.30 versions prior to 8.30.1454 (MR3); 8.20 versions prior to 8.20.1291 (MR5); 8.10 versions prior to 8.10.1284 (MR7); version 8.00 and prior versions.
1697 CVE-2021-23139 476 2021-10-21 2021-10-26
5.0
None Remote Low Not required None None Partial
A null pointer vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 could allow an attacker to crash the CGI program on affected installations.
1698 CVE-2021-23132 2021-03-04 2021-03-05
5.0
None Remote Low Not required None Partial None
An issue was discovered in Joomla! 3.0.0 through 3.9.24. com_media allowed paths that are not intended for image uploads
1699 CVE-2021-23131 20 2021-03-04 2021-03-05
5.0
None Remote Low Not required None None Partial
An issue was discovered in Joomla! 3.2.0 through 3.9.24. Missing input validation within the template manager.
1700 CVE-2021-23126 326 2021-03-04 2021-03-05
5.0
None Remote Low Not required Partial None None
An issue was discovered in Joomla! 3.2.0 through 3.9.24. Usage of the insecure rand() function within the process of generating the 2FA secret.
Total number of vulnerabilities : 31212   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 (This Page)35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.