CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2021-42840 Exec Code 2021-10-22 2021-10-22
0.0
None ??? ??? ??? ??? ??? ???
SuiteCRM before 7.11.19 allows remote code execution via the system settings Log File Name setting. In certain circumstances involving admin account takeover, logger_file_name can refer to an attacker-controlled PHP file under the web root, because only the all-lowercase PHP file extensions were blocked. NOTE: this issue exists because of an incomplete fix for CVE-2020-28328.
2 CVE-2021-42836 DoS 2021-10-22 2021-10-22
0.0
None ??? ??? ??? ??? ??? ???
GJSON before 1.9.3 allows a ReDoS (regular expression denial of service) attack.
3 CVE-2021-42771 Exec Code Dir. Trav. 2021-10-20 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files (containing serialized Python objects) via directory traversal, leading to code execution.
4 CVE-2021-42766 DoS 2021-10-20 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
The Proof-of-Stake (PoS) Ethereum consensus protocol through 2021-10-19 allows an adversary to cause a denial of service (long-range consensus chain reorganizations), even when this adversary has little stake and cannot influence network message propagation. This can cause a protocol stall, or an increase in the profits of individual validators.
5 CVE-2021-42765 DoS 2021-10-20 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
The Proof-of-Stake (PoS) Ethereum consensus protocol through 2021-10-19 allows an adversary to leverage network delay to cause a denial of service (indefinite stalling of consensus decisions).
6 CVE-2021-42764 DoS 2021-10-20 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
The Proof-of-Stake (PoS) Ethereum consensus protocol through 2021-10-19 allows an adversary to cause a denial of service (delayed consensus decisions), and also increase the profits of individual validators, via short-range reorganizations of the underlying consensus chain.
7 CVE-2021-42762 Bypass 2021-10-20 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not confined by the sandbox, by abusing VFS syscalls that manipulate its filesystem namespace. The impact is limited to host services that create UNIX sockets that WebKit mounts inside its sandbox, and the sandboxed process remains otherwise confined. NOTE: this is similar to CVE-2021-41133.
8 CVE-2021-42740 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is {A-z] instead of the correct {A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character.
9 CVE-2021-42739 Overflow 2021-10-20 2021-10-20
0.0
None ??? ??? ??? ??? ??? ???
The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking.
10 CVE-2021-42716 Overflow 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in stb stb_image.h 2.27. The PNM loader incorrectly interpreted 16-bit PGM files as 8-bit when converting to RGBA, leading to a buffer overflow when later reinterpreting the result as a 16-bit buffer. An attacker could potentially have crashed a service using stb_image, or read up to 1024 bytes of non-consecutive heap data without control over the read location.
11 CVE-2021-42715 DoS 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in stb stb_image.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An attacker could potentially have caused denial of service in applications using stb_image by submitting crafted HDR files.
12 CVE-2021-42556 Dir. Trav. 2021-10-22 2021-10-22
0.0
None ??? ??? ??? ??? ??? ???
Rasa X before 0.42.4 allows Directory Traversal during archive extraction. In the functionality that allows a user to load a trained model archive, an attacker has arbitrary write capability within specific directories via a crafted archive file.
13 CVE-2021-42542 22 Dir. Trav. 2021-10-22 2021-10-22
0.0
None ??? ??? ??? ??? ??? ???
The affected product is vulnerable to directory traversal due to mishandling of provided backup folder structure.
14 CVE-2021-42540 123 2021-10-22 2021-10-22
0.0
None ??? ??? ??? ??? ??? ???
The affected product is vulnerable to a unsanitized extract folder for system configuration. A low-privileged user can leverage this logic to overwrite the settings and other key functionality.
15 CVE-2021-42539 306 2021-10-22 2021-10-22
0.0
None ??? ??? ??? ??? ??? ???
The affected product is vulnerable to a missing permission validation on system backup restore, which could lead to account take over and unapproved settings change.
16 CVE-2021-42538 78 2021-10-22 2021-10-22
0.0
None ??? ??? ??? ??? ??? ???
The affected product is vulnerable to a parameter injection via passphrase, which enables the attacker to supply uncontrolled input.
17 CVE-2021-42536 200 +Info 2021-10-22 2021-10-22
0.0
None ??? ??? ??? ??? ??? ???
The affected product is vulnerable to a disclosure of peer username and password by allowing all users access to read global variables.
18 CVE-2021-42534 79 XSS 2021-10-22 2021-10-22
0.0
None ??? ??? ??? ??? ??? ???
The affected product’s web application does not properly neutralize the input during webpage generation, which could allow an attacker to inject code in the input forms.
19 CVE-2021-42327 Overflow 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
dp_link_settings_write in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c in the Linux kernel through 5.14.14 allows a heap-based buffer overflow by an attacker who can write a string to the AMD GPU display drivers debug filesystem. There are no checks on size within parse_write_buffer_into_params when it uses the size of copy_from_user to copy a userspace buffer into a 40-byte heap buffer.
20 CVE-2021-42299 Bypass 2021-10-20 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
Microsoft Surface Pro 3 Security Feature Bypass Vulnerability
21 CVE-2021-42261 Dir. Trav. 2021-10-19 2021-10-19
0.0
None ??? ??? ??? ??? ??? ???
Revisor Video Management System (VMS) before 2.0.0 has a directory traversal vulnerability. Successful exploitation could allow an attacker to traverse the file system to access files or directories that are outside of restricted directory on the remote server. This could lead to the disclosure of sensitive data on the vulnerable server.
22 CVE-2021-42258 Exec Code Sql 2021-10-22 2021-10-22
0.0
None ??? ??? ??? ??? ??? ???
BQE BillQuick Web Suite 2018 through 2021 before 22.0.9.1 allows SQL injection for unauthenticated remote code execution, as exploited in the wild in October 2021 for ransomware installation. SQL injection can, for example, use the txtID (aka username) parameter. Successful exploitation can include the ability to execute arbitrary code as MSSQLSERVER$ via xp_cmdshell.
23 CVE-2021-42169 Sql Bypass 2021-10-22 2021-10-22
0.0
None ??? ??? ??? ??? ??? ???
The Simple Payroll System with Dynamic Tax Bracket in PHP using SQLite Free Source Code (by: oretnom23 ) is vulnerable from remote SQL-Injection-Bypass-Authentication for the admin account. The parameter (username) from the login form is not protected correctly and there is no security and escaping from malicious payloads.
24 CVE-2021-42108 Exec Code 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
Unnecessary privilege vulnerabilities in the Web Console of Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
25 CVE-2021-42107 Exec Code 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-42104, 42105 and 42106.
26 CVE-2021-42106 Exec Code 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-42104, 42105 and 42107.
27 CVE-2021-42105 Exec Code 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-42104, 42106 and 42107.
28 CVE-2021-42104 Exec Code 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-42105, 42106 and 42107.
29 CVE-2021-42103 Exec Code 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service could allow a local attacker to escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar but not identical to CVE-2021-42101.
30 CVE-2021-42102 Exec Code 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service agents could allow a local attacker to escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
31 CVE-2021-42101 Exec Code 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service could allow a local attacker to escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar but not identical to CVE-2021-42103.
32 CVE-2021-42097 +Priv CSRF 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A csrf_token value is not specific to a single user account. An attacker can obtain a value within the context of an unprivileged user account, and then use that value in a CSRF attack against an admin (e.g., for account takeover).
33 CVE-2021-42096 +Priv CSRF 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A certain csrf_token value is derived from the admin password, and may be useful in conducting a brute-force attack against that password.
34 CVE-2021-42012 Exec Code Overflow 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
A stack-based buffer overflow vulnerability in Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
35 CVE-2021-42011 Exec Code 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
An incorrect permission assignment vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to load a DLL with escalated privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
36 CVE-2021-41792 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in Hyland org.alfresco:alfresco-content-services through 6.2.2.18 and org.alfresco:alfresco-transform-services through 1.3. A crafted HTML file, once uploaded, could trigger an unexpected request by the transformation engine. The response to the request is not available to the attacker, i.e., this is blind SSRF.
37 CVE-2021-41791 XSS 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in Hyland org.alfresco:share through 7.0.0.2 and org.alfresco:community-share through 7.0. An evasion of the XSS filter for HTML input validation in the Alfresco Share User Interface leads to stored XSS that could be exploited by an attacker (given that he has privileges on the content collaboration features).
38 CVE-2021-41790 Exec Code 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in Hyland org.alfresco:alfresco-content-services through 7.0.1.2. Script Action execution allows executing scripts uploaded outside of the Data Dictionary. This could allow a logged-in attacker to execute arbitrary code inside a sandboxed environment.
39 CVE-2021-41747 XSS +Info 2021-10-22 2021-10-22
0.0
None ??? ??? ??? ??? ??? ???
Cross-Site Scripting (XSS) vulnerability exists in Csdn APP 4.10.0, which can be exploited by attackers to obtain sensitive information such as user cookies.
40 CVE-2021-41745 2021-10-22 2021-10-22
0.0
None ??? ??? ??? ??? ??? ???
ShowDoc 2.8.3 ihas a file upload vulnerability, where attackers can use the vulnerability to obtain server permissions.
41 CVE-2021-41744 2021-10-22 2021-10-22
0.0
None ??? ??? ??? ??? ??? ???
All versions of yongyou PLM are affected by a command injection issue. UFIDA PLM (Product Life Cycle Management) is a strategic management method. It applies a series of enterprise application systems to support the entire process from conceptual design to the end of product life, and the collaborative creation, distribution, application and management of product information across organizations. Yonyou PLM uses jboss by default, and you can access the management control background without authorization An attacker can use this vulnerability to gain server permissions.
42 CVE-2021-41171 307 Bypass 2021-10-22 2021-10-22
0.0
None ??? ??? ??? ??? ??? ???
eLabFTW is an open source electronic lab notebook manager for research teams. In versions of eLabFTW before 4.1.0, it allows attackers to bypass a brute-force protection mechanism by using many different forged PHPSESSID values in HTTP Cookie header. This issue has been addressed by implementing brute force login protection, as recommended by Owasp with Device Cookies. This mechanism will not impact users and will effectively thwart any brute-force attempts at guessing passwords. The only correct way to address this is to upgrade to version 4.1.0. Adding rate limitation upstream of the eLabFTW service is of course a valid option, with or without upgrading.
43 CVE-2021-41169 79 XSS 2021-10-21 2021-10-22
0.0
None ??? ??? ??? ??? ??? ???
Sulu is an open-source PHP content management system based on the Symfony framework. In versions before 1.6.43 are subject to stored cross site scripting attacks. HTML input into Tag names is not properly sanitized. Only admin users are allowed to create tags. Users are advised to upgrade.
44 CVE-2021-41168 20 DoS 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
Snudown is a reddit-specific fork of the Sundown Markdown parser used by GitHub, with Python integration added. In affected versions snudown was found to be vulnerable to denial of service attacks to its reference table implementation. References written in markdown ` [reference_name]: https://www.example.com` are inserted into a hash table which was found to have a weak hash function, meaning that an attacker can reliably generate a large number of collisions for it. This makes the hash table vulnerable to a hash-collision DoS attack, a type of algorithmic complexity attack. Further the hash table allowed for duplicate entries resulting in long retrieval times. Proofs of concept and further discussion of the hash collision issue are discussed on the snudown GHSA(https://github.com/reddit/snudown/security/advisories/GHSA-6gvv-9q92-w5f6). Users are advised to update to version 1.7.0.
45 CVE-2021-41167 2021-10-20 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
modern-async is an open source JavaScript tooling library for asynchronous operations using async/await and promises. In affected versions a bug affecting two of the functions in this library: forEachSeries and forEachLimit. They should limit the concurrency of some actions but, in practice, they don't. Any code calling these functions will be written thinking they would limit the concurrency but they won't. This could lead to potential security issues in other projects. The problem has been patched in 1.0.4. There is no workaround.
46 CVE-2021-41163 74 Exec Code 2021-10-20 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
Discourse is an open source platform for community discussion. In affected versions maliciously crafted requests could lead to remote code execution. This resulted from a lack of validation in subscribe_url values. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. To workaround the issue without updating, requests with a path starting /webhooks/aws path could be blocked at an upstream proxy.
47 CVE-2021-41160 787 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a malicious server might trigger out of bound writes in a connected client. Connections using GDI or SurfaceCommands to send graphics updates to the client might send `0` width/height or out of bound rectangles to trigger out of bound writes. With `0` width or heigth the memory allocation will be `0` but the missing bounds checks allow writing to the pointer at this (not allocated) region. This issue has been patched in FreeRDP 2.4.1.
48 CVE-2021-41159 787 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. All FreeRDP clients prior to version 2.4.1 using gateway connections (`/gt:rpc`) fail to validate input data. A malicious gateway might allow client memory to be written out of bounds. This issue has been resolved in version 2.4.1. If you are unable to update then use `/gt:http` rather than /gt:rdp connections if possible or use a direct connection without a gateway.
49 CVE-2021-41150 2021-10-19 2021-10-20
0.0
None ??? ??? ??? ??? ??? ???
Tough provides a set of Rust libraries and tools for using and generating the update framework (TUF) repositories. The tough library, prior to 0.12.0, does not properly sanitize delegated role names when caching a repository, or when loading a repository from the filesystem. When the repository is cached or loaded, files ending with the .json extension could be overwritten with role metadata anywhere on the system. A fix is available in version 0.12.0. No workarounds to this issue are known.
50 CVE-2021-41149 22 Dir. Trav. 2021-10-19 2021-10-19
0.0
None ??? ??? ??? ??? ??? ???
Tough provides a set of Rust libraries and tools for using and generating the update framework (TUF) repositories. The tough library, prior to 0.12.0, does not properly sanitize target names when caching a repository, or when saving specific targets to an output directory. When targets are cached or saved, files could be overwritten with arbitrary content anywhere on the system. A fix is available in version 0.12.0. No workarounds to this issue are known.
Total number of vulnerabilities : 687   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.