CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 2 and 2.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2021-41861 2021-10-04 2021-10-08
2.1
None Local Low Not required None Partial None
The Telegram application 7.5.0 through 7.8.0 for Android does not properly implement image self-destruction, a different vulnerability than CVE-2019-16248. After approximately two to four uses of the self-destruct feature, there is a misleading UI indication that an image was deleted (on both the sender and recipient sides). The images are still present in the /Storage/Emulated/0/Telegram/Telegram Image/ directory.
2 CVE-2021-41525 2021-09-21 2021-10-04
2.1
None Local Low Not required None Partial None
An issue related to modification of otherwise restricted files through a locally authenticated attacker exists in FlexNet inventory agent and inventory beacon versions 2020 R2.5 and prior.
3 CVE-2021-41355 2021-10-13 2021-10-19
2.9
None Local Network Medium Not required Partial None None
.NET Core and Visual Studio Information Disclosure Vulnerability
4 CVE-2021-41343 2021-10-13 2021-10-19
2.1
None Local Low Not required Partial None None
Windows Fast FAT File System Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-38662.
5 CVE-2021-41338 Bypass 2021-10-13 2021-10-19
2.1
None Local Low Not required None Partial None
Windows AppContainer Firewall Rules Security Feature Bypass Vulnerability
6 CVE-2021-41336 2021-10-13 2021-10-19
2.1
None Local Low Not required Partial None None
Windows Kernel Information Disclosure Vulnerability
7 CVE-2021-41320 798 2021-10-15 2021-10-21
2.1
None Local Low Not required Partial None None
A technical user has hardcoded credentials in Wallstreet Suite TRM 7.4.83 (64-bit edition) with higher privilege than the average authenticated user.
8 CVE-2021-41106 345 2021-09-28 2021-10-07
2.1
None Local Low Not required None Partial None
JWT is a library to work with JSON Web Token and JSON Web Signature. Prior to versions 3.4.6, 4.0.4, and 4.1.5, users of HMAC-based algorithms (HS256, HS384, and HS512) combined with `Lcobucci\JWT\Signer\Key\LocalFileReference` as key are having their tokens issued/validated using the file path as hashing key - instead of the contents. The HMAC hashing functions take any string as input and, since users can issue and validate tokens, users are lead to believe that everything works properly. Versions 3.4.6, 4.0.4, and 4.1.5 have been patched to always load the file contents, deprecated the `Lcobucci\JWT\Signer\Key\LocalFileReference`, and suggest `Lcobucci\JWT\Signer\Key\InMemory` as the alternative. As a workaround, use `Lcobucci\JWT\Signer\Key\InMemory` instead of `Lcobucci\JWT\Signer\Key\LocalFileReference` to create the instances of one's keys.
9 CVE-2021-41094 668 Bypass 2021-10-04 2021-10-12
2.1
None Local Low Not required Partial None None
Wire is an open source secure messenger. Users of Wire by Bund may bypass the mandatory encryption at rest feature by simply disabling their device passcode. Upon launching, the app will attempt to enable encryption at rest by generating encryption keys via the Secure Enclave, however it will fail silently if no device passcode is set. The user has no indication that encryption at rest is not active since the feature is hidden to them. This issue has been resolved in version 3.70
10 CVE-2021-41061 326 2021-09-15 2021-09-27
2.1
None Local Low Not required Partial None None
In RIOT-OS 2021.01, nonce reuse in 802.15.4 encryption in the ieee820154_security component allows attackers to break encryption by triggering reboots.
11 CVE-2021-40530 327 2021-09-06 2021-10-18
2.6
None Remote High Not required Partial None None
The ElGamal implementation in Crypto++ through 8.5 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.
12 CVE-2021-40529 327 2021-09-06 2021-09-13
2.6
None Remote High Not required Partial None None
The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.
13 CVE-2021-40528 327 2021-09-06 2021-09-13
2.6
None Remote High Not required Partial None None
The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.
14 CVE-2021-40498 DoS 2021-10-12 2021-10-18
2.1
None Local Low Not required None None Partial
A vulnerability has been identified in SAP SuccessFactors Mobile Application for Android - versions older than 2108, which allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service, which can lead to denial of service. The vulnerability is related to Android implementation methods that are widely used across Android mobile applications, and such methods are embedded into the SAP SuccessFactors mobile application. These Android methods begin executing once the user accesses their profile on the mobile application. While executing, it can also pick up the activities from other Android applications that are running in the background of the users device and are using the same types of methods in the application. Such vulnerability can also lead to phishing attacks that can be used for staging other types of attacks.
15 CVE-2021-40475 2021-10-13 2021-10-19
2.1
None Local Low Not required Partial None None
Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability
16 CVE-2021-40472 2021-10-13 2021-10-19
2.1
None Local Low Not required Partial None None
Microsoft Excel Information Disclosure Vulnerability
17 CVE-2021-40468 2021-10-13 2021-10-19
2.1
None Local Low Not required Partial None None
Windows Bind Filter Driver Information Disclosure Vulnerability
18 CVE-2021-40455 2021-10-13 2021-10-19
2.1
None Local Low Not required None Partial None
Windows Installer Spoofing Vulnerability
19 CVE-2021-40454 312 2021-10-13 2021-10-19
2.1
None Local Low Not required Partial None None
Rich Text Edit Control Information Disclosure Vulnerability
20 CVE-2021-39349 79 XSS 2021-10-15 2021-10-22
2.1
None Remote High ??? None Partial None
The Author Bio Box WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/includes/admin/class-author-bio-box-admin.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 3.3.1. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled.
21 CVE-2021-39345 79 XSS 2021-10-15 2021-10-20
2.1
None Remote High ??? None Partial None
The HAL WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/wp-hal.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 2.1.1. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled.
22 CVE-2021-39344 79 XSS 2021-10-15 2021-10-20
2.1
None Remote High ??? None Partial None
The KJM Admin Notices WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/admin/class-kjm-admin-notices-admin.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 2.0.1. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled.
23 CVE-2021-39338 79 XSS 2021-10-15 2021-10-20
2.1
None Remote High ??? None Partial None
The MyBB Cross-Poster WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/classes/MyBBXPSettings.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 1.0. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled.
24 CVE-2021-39337 79 XSS 2021-10-15 2021-10-20
2.1
None Remote High ??? None Partial None
The job-portal WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/admin/jobs_function.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 0.0.1. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled.
25 CVE-2021-39336 79 XSS 2021-10-15 2021-10-20
2.1
None Remote High ??? None Partial None
The Job Manager WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/admin-jobs.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 0.7.25. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled.
26 CVE-2021-39335 79 XSS 2021-10-15 2021-10-20
2.1
None Remote High ??? None Partial None
The WpGenius Job Listing WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/src/admin/class/class-wpgenious-job-listing-options.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 1.0.2. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled.
27 CVE-2021-39334 79 XSS 2021-10-15 2021-10-20
2.1
None Remote High ??? None Partial None
The Job Board Vanila WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via the psjb_exp_in and the psjb_curr_in parameters found in the ~/job-settings.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 1.0. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled.
28 CVE-2021-39332 79 XSS 2021-10-15 2021-10-20
2.1
None Remote High ??? None Partial None
The Business Manager WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization found throughout the plugin which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 1.4.5. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled.
29 CVE-2021-39330 79 XSS 2021-10-14 2021-10-20
2.1
None Remote High ??? None Partial None
The Formidable Form Builder WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization found in the ~/classes/helpers/FrmAppHelper.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 5.0.06. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled.
30 CVE-2021-39161 79 XSS 2021-08-26 2021-09-01
2.1
None Remote High ??? None Partial None
Discourse is an open source platform for community discussion. In affected versions category names can be used for Cross-site scripting(XSS) attacks. This is mitigated by Discourse's default Content Security Policy and this vulnerability only affects sites which have modified or disabled or changed Discourse's default Content Security Policy have allowed for moderators to modify categories. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. Users are advised to ensure that the Content Security Policy is enabled, and has not been modified in a way which would make it more vulnerable to XSS attacks.
31 CVE-2021-38899 200 +Info 2021-09-20 2021-09-28
2.1
None Local Low Not required Partial None None
IBM Cloud Pak for Data 2.5 could allow a local user with special privileges to obtain highly sensitive information. IBM X-Force ID: 209575.
32 CVE-2021-38863 522 2021-09-23 2021-09-29
2.1
None Local Low Not required Partial None None
IBM Security Verify Bridge 1.0.5.0 stores user credentials in plain clear text which can be read by a locally authenticated user. IBM X-Force ID: 208154.
33 CVE-2021-38663 2021-10-13 2021-10-19
2.1
None Local Low Not required Partial None None
Windows exFAT File System Information Disclosure Vulnerability
34 CVE-2021-38657 2021-09-15 2021-09-24
2.1
None Local Low Not required Partial None None
Microsoft Office Graphics Component Information Disclosure Vulnerability
35 CVE-2021-38637 2021-09-15 2021-09-26
2.1
None Local Low Not required Partial None None
Windows Storage Information Disclosure Vulnerability
36 CVE-2021-38636 2021-09-15 2021-09-26
2.1
None Local Low Not required Partial None None
Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-36969, CVE-2021-38635.
37 CVE-2021-38635 2021-09-15 2021-09-28
2.1
None Local Low Not required Partial None None
Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-36969, CVE-2021-38636.
38 CVE-2021-38632 Bypass 2021-09-15 2021-09-27
2.1
None Local Low Not required Partial None None
BitLocker Security Feature Bypass Vulnerability
39 CVE-2021-38591 2021-08-12 2021-08-20
2.1
None Local Low Not required None Partial None
An issue was discovered on LG mobile devices with Android OS P and Q software for mt6762/mt6765/mt6883. Attackers can change some of the NvRAM content by leveraging the misconfiguration of a debug command. The LG ID is LVE-SMP-210005 (August 2021).
40 CVE-2021-38590 922 2021-08-11 2021-08-20
2.1
None Local Low Not required Partial None None
In cPanel before 96.0.8, weak permissions on web stats can lead to information disclosure (SEC-584).
41 CVE-2021-38586 2021-08-11 2021-08-20
2.1
None Local Low Not required None Partial None
In cPanel before 98.0.1, /scripts/cpan_config performs unsafe operations on files (SEC-589).
42 CVE-2021-38553 281 2021-08-13 2021-09-07
2.1
None Local Low Not required None None Partial
HashiCorp Vault and Vault Enterprise 1.4.0 through 1.7.3 initialized an underlying database file associated with the Integrated Storage feature with excessively broad filesystem permissions. Fixed in Vault and Vault Enterprise 1.8.0.
43 CVE-2021-38209 203 2021-08-08 2021-08-12
2.1
None Local Low Not required Partial None None
net/netfilter/nf_conntrack_standalone.c in the Linux kernel before 5.12.2 allows observation of changes in any net namespace because these changes are leaked into all other net namespaces. This is related to the NF_SYSCTL_CT_MAX, NF_SYSCTL_CT_EXPECT_MAX, and NF_SYSCTL_CT_BUCKETS sysctls.
44 CVE-2021-38208 476 DoS 2021-08-08 2021-09-21
2.1
None Local Low Not required None None Partial
net/nfc/llcp_sock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service (NULL pointer dereference and BUG) by making a getsockname call after a certain type of failure of a bind call.
45 CVE-2021-38206 476 DoS 2021-08-08 2021-08-12
2.1
None Local Low Not required None None Partial
The mac80211 subsystem in the Linux kernel before 5.12.13, when a device supporting only 5 GHz is used, allows attackers to cause a denial of service (NULL pointer dereference in the radiotap parser) by injecting a frame with 802.11a rates.
46 CVE-2021-38205 824 2021-08-08 2021-10-16
2.1
None Local Low Not required None Partial None
drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer).
47 CVE-2021-38203 770 DoS 2021-08-08 2021-10-07
2.1
None Local Low Not required None None Partial
btrfs in the Linux kernel before 5.13.4 allows attackers to cause a denial of service (deadlock) via processes that trigger allocation of new system chunks during times when there is a shortage of free space in the system space_info.
48 CVE-2021-38200 476 DoS 2021-08-08 2021-08-12
2.1
None Local Low Not required None None Partial
arch/powerpc/perf/core-book3s.c in the Linux kernel before 5.12.13, on systems with perf_event_paranoid=-1 and no specific PMU driver support registered, allows local users to cause a denial of service (perf_instruction_pointer NULL pointer dereference and OOPS) via a "perf record" command.
49 CVE-2021-38198 2021-08-08 2021-10-16
2.1
None Local Low Not required None None Partial
arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault.
50 CVE-2021-38165 522 2021-08-07 2021-09-24
2.6
None Remote High Not required Partial None None
Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.