CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Related To CWE-668

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2021-43560 668 2021-11-22 2021-11-26
5.0
None Remote Low Not required Partial None None
A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. Insufficient capability checks made it possible to fetch other users' calendar action events.
2 CVE-2021-43196 668 2021-11-09 2021-11-09
5.0
None Remote Low Not required Partial None None
In JetBrains TeamCity before 2021.1, information disclosure via the Docker Registry connection dialog is possible.
3 CVE-2021-42744 668 2021-11-19 2021-11-23
2.1
None Local Low Not required Partial None None
Philips MRI 1.5T and MRI 3T Version 5.x.x exposes sensitive information to an actor not explicitly authorized to have access.
4 CVE-2021-42536 668 2021-10-22 2021-10-27
4.0
None Remote Low ??? Partial None None
The affected product is vulnerable to a disclosure of peer username and password by allowing all users access to read global variables.
5 CVE-2021-42343 668 Exec Code 2021-10-26 2021-11-17
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in the Dask distributed package before 2021.10.0 for Python. Single machine Dask clusters started with dask.distributed.LocalCluster or dask.distributed.Client (which defaults to using LocalCluster) would mistakenly configure their respective Dask workers to listen on external interfaces (typically with a randomly selected high port) rather than only on localhost. A Dask cluster created using this method (when running on a machine that has an applicable port exposed) could be used by a sophisticated attacker to achieve remote code execution.
6 CVE-2021-42323 668 2021-11-10 2021-11-15
2.1
None Local Low Not required Partial None None
Azure RTOS Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-26444, CVE-2021-42301.
7 CVE-2021-42301 668 2021-11-10 2021-11-17
2.1
None Local Low Not required Partial None None
Azure RTOS Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-26444, CVE-2021-42323.
8 CVE-2021-42254 668 2021-11-19 2021-11-24
7.2
None Local Low Not required Complete Complete Complete
BeyondTrust Privilege Management prior to version 21.6 creates a Temporary File in a Directory with Insecure Permissions.
9 CVE-2021-42087 668 2021-10-07 2021-10-14
4.0
None Remote Low ??? Partial None None
An issue was discovered in Zammad before 4.1.1. An admin can discover the application secret via the API.
10 CVE-2021-41847 668 2021-10-01 2021-10-07
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered in 3xLogic Infinias Access Control through 6.7.10708.0, affecting physical security. Users with login credentials assigned to a specific zone can send modified HTTP GET and POST requests, allowing them to view user data such as personal information and Prox card credentials. Also, an authorized user of one zone can send API requests to unlock electronic locks associated with zones they are unauthorized to have access to. They can also create new user logins for zones they were not authorized to access, including the root zone of the software.
11 CVE-2021-41790 668 Exec Code 2021-10-21 2021-10-27
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered in Hyland org.alfresco:alfresco-content-services through 7.0.1.2. Script Action execution allows executing scripts uploaded outside of the Data Dictionary. This could allow a logged-in attacker to execute arbitrary code inside a sandboxed environment.
12 CVE-2021-41590 668 2021-10-27 2021-11-03
5.0
None Remote Low Not required Partial None None
In Gradle Enterprise through 2021.3, probing of the server-side network environment can occur via an SMTP configuration test. The installation configuration user interface available to administrators allows testing the configured SMTP server settings. This test function can be used to identify the listening TCP ports available to the server, revealing information about the internal network environment.
13 CVE-2021-41532 668 2021-11-19 2021-11-19
5.0
None Remote Low Not required Partial None None
In Apache Ozone before 1.2.0, Recon HTTP endpoints provide access to OM, SCM and Datanode metadata. Due to a bug, any unauthenticated user can access the data from these endpoints.
14 CVE-2021-41329 668 2021-09-27 2021-10-06
4.0
None Remote Low ??? Partial None None
Datalust Seq before 2021.2.6259 allows users (with view filters applied to their accounts) to see query results not constrained by their view filter. This information exposure, caused by an internal cache key collision, occurs when the user's view filter includes an array or IN clause, and when another user has recently executed an identical query differing only by the array elements.
15 CVE-2021-41140 668 2021-10-19 2021-10-22
5.0
None Remote Low Not required Partial None None
Discourse-reactions is a plugin for the Discourse platform that allows user to add their reactions to the post. In affected versions reactions given by user to secure topics and private messages are visible. This issue is patched in version 0.2 of discourse-reaction. Users who are unable to update are advised to disable the Discourse-reactions plugin in admin panel.
16 CVE-2021-41094 668 Bypass 2021-10-04 2021-10-12
2.1
None Local Low Not required Partial None None
Wire is an open source secure messenger. Users of Wire by Bund may bypass the mandatory encryption at rest feature by simply disabling their device passcode. Upon launching, the app will attempt to enable encryption at rest by generating encryption keys via the Secure Enclave, however it will fail silently if no device passcode is set. The user has no indication that encryption at rest is not active since the feature is hidden to them. This issue has been resolved in version 3.70
17 CVE-2021-41088 668 2021-09-23 2021-10-01
9.3
None Remote Medium Not required Complete Complete Complete
Elvish is a programming language and interactive shell, combined into one package. In versions prior to 0.14.0 Elvish's web UI backend (started by `elvish -web`) hosts an endpoint that allows executing the code sent from the web UI. The backend does not check the origin of requests correctly. As a result, if the user has the web UI backend open and visits a compromised or malicious website, the website can send arbitrary code to the endpoint in localhost. All Elvish releases from 0.14.0 onward no longer include the the web UI, although it is still possible for the user to build a version from source that includes the web UI. The issue can be patched for previous versions by removing the web UI (found in web, pkg/web or pkg/prog/web, depending on the exact version).
18 CVE-2021-41011 668 2021-09-22 2021-10-05
4.3
None Remote Medium Not required Partial None None
LINE client for iOS before 11.15.0 might expose authentication information for a certain service to external entities under certain conditions. This is usually impossible, but in combination with a server-side bug, attackers could get this information.
19 CVE-2021-40862 668 2021-09-15 2021-09-28
6.5
None Remote Low ??? Partial Partial Partial
HashiCorp Terraform Enterprise up to v202108-1 contained an API endpoint that erroneously disclosed a sensitive URL to authenticated parties, which could be used for privilege escalation or unauthorized modification of a Terraform configuration. Fixed in v202109-1.
20 CVE-2021-40497 668 2021-10-12 2021-10-18
5.0
None Remote Low Not required Partial None None
SAP BusinessObjects Analysis (edition for OLAP) - versions 420, 430, allows an attacker to exploit certain application endpoints to read sensitive data. These endpoints are normally exposed over the network and successful exploitation could lead to exposure of some system specific data like its version.
21 CVE-2021-40496 668 Exec Code 2021-10-12 2021-11-24
4.0
None Remote Low ??? Partial None None
SAP Internet Communication framework (ICM) - versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 785, allows an attacker with logon functionality, to exploit the authentication function by using POST and form field to repeat executions of the initial command by a GET request and exposing sensitive data. This vulnerability is normally exposed over the network and successful exploitation can lead to exposure of data like system details.
22 CVE-2021-40086 668 2021-08-25 2021-09-07
3.5
None Remote Medium ??? Partial None None
An issue was discovered in PrimeKey EJBCA before 7.6.0. As part of the configuration of the aliases for SCEP, CMP, EST, and Auto-enrollment, the enrollment secret was reflected on a page (that can only be viewed by an administrator). While hidden from direct view, checking the page source would reveal the secret.
23 CVE-2021-39900 668 2021-10-04 2021-10-13
4.0
None Remote Low ??? Partial None None
Information disclosure from SendEntry in GitLab starting with 10.8 allowed exposure of full URL of artifacts stored in object-storage with a temporary availability via Rails logs.
24 CVE-2021-39898 668 2021-11-05 2021-11-08
5.0
None Remote Low Not required Partial None None
In all versions of GitLab CE/EE since version 10.6, a project export leaks the external webhook token value which may allow access to the project which it was exported from.
25 CVE-2021-39884 668 2021-10-05 2021-10-12
4.0
None Remote Low ??? Partial None None
In all versions of GitLab EE since version 8.13, an endpoint discloses names of private groups that have access to a project to low privileged users that are part of that project.
26 CVE-2021-39866 668 2021-10-05 2021-10-12
5.5
None Remote Low ??? Partial Partial None
A business logic error in the project deletion process in GitLab 13.6 and later allows persistent access via project access tokens.
27 CVE-2021-39231 668 2021-11-19 2021-11-20
6.4
None Remote Low Not required Partial Partial None
In Apache Ozone versions prior to 1.2.0, Various internal server-to-server RPC endpoints are available for connections, making it possible for an attacker to download raw data from Datanode and Ozone manager and modify Ratis replication configuration.
28 CVE-2021-39212 668 2021-09-13 2021-09-24
3.6
None Local Low Not required Partial Partial None
ImageMagick is free software delivered as a ready-to-run binary distribution or as source code that you may use, copy, modify, and distribute in both open and proprietary applications. In affected versions and in certain cases, Postscript files could be read and written when specifically excluded by a `module` policy in `policy.xml`. ex. <policy domain="module" rights="none" pattern="PS" />. The issue has been resolved in ImageMagick 7.1.0-7 and in 6.9.12-22. Fortunately, in the wild, few users utilize the `module` policy and instead use the `coder` policy that is also our workaround recommendation: <policy domain="coder" rights="none" pattern="{PS,EPI,EPS,EPSF,EPSI}" />.
29 CVE-2021-39211 668 2021-09-15 2021-09-28
5.0
None Remote Low Not required Partial None None
GLPI is a free Asset and IT management software package. Starting in version 9.2 and prior to version 9.5.6, the telemetry endpoint discloses GLPI and server information. This issue is fixed in version 9.5.6. As a workaround, remove the file `ajax/telemetry.php`, which is not needed for usual functions of GLPI.
30 CVE-2021-39184 668 2021-10-12 2021-10-20
5.0
None Remote Low Not required Partial None None
Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. A vulnerability in versions prior to 11.5.0, 12.1.0, and 13.3.0 allows a sandboxed renderer to request a "thumbnail" image of an arbitrary file on the user's system. The thumbnail can potentially include significant parts of the original file, including textual data in many cases. Versions 15.0.0-alpha.10, 14.0.0, 13.3.0, 12.1.0, and 11.5.0 all contain a fix for the vulnerability. Two workarounds aside from upgrading are available. One may make the vulnerability significantly more difficult for an attacker to exploit by enabling `contextIsolation` in one's app. One may also disable the functionality of the `createThumbnailFromPath` API if one does not need it.
31 CVE-2021-39127 668 2021-10-21 2021-10-25
5.0
None Remote Low Not required None Partial None
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to the query component JQL endpoint via a Broken Access Control vulnerability (BAC) vulnerability. The affected versions are before version 8.5.10, and from version 8.6.0 before 8.13.1.
32 CVE-2021-38712 668 2021-08-16 2021-08-24
5.0
None Remote Low Not required Partial None None
OneNav 0.9.12 allows Information Disclosure of the onenav.db3 contents. NOTE: the vendor's recommended solution is to block the access via an NGINX configuration file.
33 CVE-2021-38587 668 2021-08-11 2021-08-20
5.0
None Remote Low Not required None Partial None
In cPanel before 96.0.13, scripts/fix-cpanel-perl mishandles the creation of temporary files (SEC-586).
34 CVE-2021-38378 668 2021-11-22 2021-11-23
4.0
None Remote Low ??? Partial None None
OX App Suite 7.10.5 allows Information Exposure because a caching mechanism can caused a Modified By response to show a person's name.
35 CVE-2021-38376 668 2021-11-22 2021-11-23
5.0
None Remote Low Not required Partial None None
OX App Suite through 7.10.5 has Incorrect Access Control for retrieval of session information via the rampup action of the login API call.
36 CVE-2021-38004 668 2021-11-23 2021-11-24
4.3
None Remote Medium Not required Partial None None
Insufficient policy enforcement in Autofill in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
37 CVE-2021-37968 668 2021-10-08 2021-11-24
4.3
None Remote Medium Not required Partial None None
Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
38 CVE-2021-37967 668 2021-10-08 2021-11-24
4.3
None Remote Medium Not required Partial None None
Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.
39 CVE-2021-37965 668 2021-10-08 2021-11-24
4.3
None Remote Medium Not required Partial None None
Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
40 CVE-2021-37734 668 2021-10-12 2021-11-24
4.0
None Remote Low ??? Partial None None
A remote unauthorized read access to files vulnerability was discovered in Aruba Instant version(s): 6.4.x.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x.x: 6.5.4.19 and below; Aruba Instant 8.5.x.x: 8.5.0.12 and below; Aruba Instant 8.6.x.x: 8.6.0.11 and below; Aruba Instant 8.7.x.x: 8.7.1.3 and below; Aruba Instant 8.8.x.x: 8.8.0.0 and below. Aruba has released patches for Aruba Instant (IAP) that address this security vulnerability.
41 CVE-2021-37704 668 2021-08-12 2021-08-23
4.0
None Remote Low ??? Partial None None
PhpFastCache is a high-performance backend cache system (packagist package phpfastcache/phpfastcache). In versions before 6.1.5, 7.1.2, and 8.0.7 the `phpinfo()` can be exposed if the `/vendor` is not protected from public access. This is a rare situation today since the vendor directory is often located outside the web directory or protected via server rule (.htaccess, etc). Only the v6, v7 and v8 will be patched respectively in 8.0.7, 7.1.2, 6.1.5. Older versions such as v5, v4 are not longer supported and will **NOT** be patched. As a workaround, protect the `/vendor` directory from public access.
42 CVE-2021-37601 668 +Info 2021-07-30 2021-09-20
5.0
None Remote Low Not required Partial None None
muc.lib.lua in Prosody 0.11.0 through 0.11.9 allows remote attackers to obtain sensitive information (list of admins, members, owners, and banned entities of a Multi-User chat room) in some common configurations.
43 CVE-2021-37326 668 2021-08-15 2021-08-24
5.0
None Remote Low Not required Partial None None
NetSarang Xshell 7 before Build 0077 includes unintended code strings in paste operations.
44 CVE-2021-36917 668 2021-11-24 2021-11-27
5.0
None Remote Low Not required None None Partial
WordPress Hide My WP plugin (versions <= 6.2.3) can be deactivated by any unauthenticated user. It is possible to retrieve a reset token which can then be used to deactivate the plugin.
45 CVE-2021-36793 668 CSRF 2021-08-13 2021-08-20
5.0
None Remote Low Not required Partial None None
The routes (aka Extbase Yaml Routes) extension before 2.1.1 for TYPO3, when CsrfTokenViewHelper is used, allows Sensitive Information Disclosure because a session identifier is unsafely present in HTML output.
46 CVE-2021-36791 668 2021-08-13 2021-08-20
5.0
None Remote Low Not required Partial None None
The dated_news (aka Dated News) extension through 5.1.1 for TYPO3 allows Information Disclosure of application registration data.
47 CVE-2021-36749 668 Bypass 2021-09-24 2021-10-01
4.0
None Remote Low ??? Partial None None
In the Druid ingestion system, the InputSource is used for reading data from a certain data source. However, the HTTP InputSource allows authenticated users to read data from other sources than intended, such as the local file system, with the privileges of the Druid server process. This is not an elevation of privilege when users access Druid directly, since Druid also provides the Local InputSource, which allows the same level of access. But it is problematic when users interact with Druid indirectly through an application that allows users to specify the HTTP InputSource, but not the Local InputSource. In this case, users could bypass the application-level restriction by passing a file URL to the HTTP InputSource. This issue was previously mentioned as being fixed in 0.21.0 as per CVE-2021-26920 but was not fixed in 0.21.0 or 0.21.1.
48 CVE-2021-36319 668 +Priv 2021-11-20 2021-11-23
2.1
None Local Low Not required Partial None None
Dell Networking OS10 versions 10.4.3.x, 10.5.0.x and 10.5.1.x contain an information exposure vulnerability. A low privileged authenticated malicious user can gain access to SNMP authentication failure messages.
49 CVE-2021-36192 668 2021-11-03 2021-11-05
2.1
None Local Low Not required Partial None None
An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in FortiManager 7.0.1 and below, 6.4.6 and below, 6.2.x, 6.0.x, 5.6.0 may allow a FortiGate user to see scripts from other ADOMS.
50 CVE-2021-35958 668 2021-06-30 2021-08-17
6.4
None Remote Low Not required None Partial Partial
** DISPUTED ** TensorFlow through 2.5.0 allows attackers to overwrite arbitrary files via a crafted archive when tf.keras.utils.get_file is used with extract=True. NOTE: the vendor's position is that tf.keras.utils.get_file is not intended for untrusted archives.
Total number of vulnerabilities : 330   Page : 1 (This Page)2 3 4 5 6 7
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.