Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
accellion -- fta | Accellion FTA 9_12_432 and earlier is affected by argument injection via a crafted POST request to an admin endpoint. The fixed version is FTA_9_12_444 and later. | 2021-03-02 | 7.5 | CVE-2021-27730 MISC |
apache -- tomcat | The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with a configuration edge case that was highly unlikely to be used, the Tomcat instance was still vulnerable to CVE-2020-9494. Note that both the previously published prerequisites for CVE-2020-9484 and the previously published mitigations for CVE-2020-9484 also apply to this issue. | 2021-03-01 | 7.5 | CVE-2021-25329 MLIST MLIST CONFIRM MLIST MLIST MLIST MLIST |
bam_project -- bam | An issue was discovered in the bam crate before 0.1.3 for Rust. There is an integer underflow and out-of-bounds write during the loading of a bgzip block. | 2021-03-05 | 7.5 | CVE-2021-28027 MISC |
bittacora -- bpanel | In bPanel 2.0, the administrative ajax endpoints (aka ajax/aj_*.php) are accessible without authentication and allow SQL injections, which could lead to platform compromise. | 2021-03-02 | 7.5 | CVE-2020-28657 MISC |
byte_struct_project -- byte_struct | An issue was discovered in the byte_struct crate before 0.6.1 for Rust. There can be a drop of uninitialized memory if a certain deserialization method panics. | 2021-03-05 | 7.5 | CVE-2021-28033 MISC |
doctor_appointment_system_project -- doctor_appointment_system | SQL injection in admin.php in doctor appointment system 1.0 allows an unauthenticated attacker to insert malicious SQL queries via username parameter at login page. | 2021-03-05 | 7.5 | CVE-2021-27314 MISC |
eprints -- eprints | EPrints 3.4.2 allows remote attackers to read arbitrary files and possibly execute commands via crafted JSON/XML input to a cgi/ajax/phrase URI. | 2021-03-01 | 7.5 | CVE-2021-26703 CONFIRM CONFIRM MISC |
eprints -- eprints | EPrints 3.4.2 allows remote attackers to execute OS commands via crafted LaTeX input to a cgi/cal?year= URI. | 2021-03-01 | 7.5 | CVE-2021-26476 CONFIRM MISC |
fireblink -- object-collider | Prototype pollution vulnerability in 'object-collider' versions 1.0.0 through 1.0.3 allows attacker to cause a denial of service and may lead to remote code execution. | 2021-03-01 | 7.5 | CVE-2021-25914 MISC MISC |
google -- android | In performance driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch ID: ALPS05466547. | 2021-02-26 | 7.2 | CVE-2021-0405 MISC |
google -- android | In jpeg, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05433311. | 2021-02-26 | 7.2 | CVE-2021-0402 MISC |
google -- android | In cameraisp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch ID: ALPS05471418. | 2021-02-26 | 7.2 | CVE-2021-0406 MISC |
internment_project -- internment | An issue was discovered in the internment crate before 0.4.2 for Rust. There is a data race that can cause memory corruption because of the unconditional implementation of Sync for Intern<T>. | 2021-03-05 | 7.5 | CVE-2021-28037 MISC |
isida -- retriever | LMA ISIDA Retriever 5.2 allows SQL Injection. | 2021-02-26 | 7.5 | CVE-2021-26904 MISC MISC |
jpeg -- jpeg_xl | JPEG XL (aka jpeg-xl) through 0.3.2 allows writable memory corruption. | 2021-03-02 | 7.5 | CVE-2021-27804 MISC FULLDISC MISC MISC |
onlyoffice -- document_server | An improper binary stream data handling issue was found in the [core] module of ONLYOFFICE DocumentServer v4.0.0-9-v5.6.3. Using this bug, an attacker is able to produce a denial of service attack that can eventually shut down the target server. | 2021-03-01 | 7.8 | CVE-2021-25829 MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC |
qcubed -- qcubed | A SQL injection vulnerability in qcubed (all versions including 3.1.1) in profile.php via the strQuery parameter allows an unauthenticated attacker to access the database by injecting SQL code via a crafted POST request. | 2021-03-04 | 7.5 | CVE-2020-24913 MISC MISC MISC |
saltstack -- salt | An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py. | 2021-02-27 | 7.5 | CVE-2021-3148 MISC FEDORA FEDORA CONFIRM |
saltstack -- salt | An issue was discovered in through SaltStack Salt before 3002.5. The jinja renderer does not protect against server side template injection attacks. | 2021-02-27 | 7.5 | CVE-2021-25283 MISC FEDORA FEDORA CONFIRM |
saltstack -- salt | An issue was discovered in through SaltStack Salt before 3002.5. salt-api does not honor eauth credentials for the wheel_async client. Thus, an attacker can remotely run any wheel modules on the master. | 2021-02-27 | 7.5 | CVE-2021-25281 MISC FEDORA FEDORA CONFIRM MISC |
saltstack -- salt | An issue was discovered in SaltStack Salt before 3002.5. The salt-api's ssh client is vulnerable to a shell injection by including ProxyCommand in an argument, or via ssh_options provided in an API request. | 2021-02-27 | 7.5 | CVE-2021-3197 MISC FEDORA FEDORA CONFIRM |
saltstack -- salt | In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.) | 2021-02-27 | 7.5 | CVE-2021-3144 MISC FEDORA FEDORA CONFIRM |
scratchpad_project -- scratchpad | An issue was discovered in the scratchpad crate before 1.3.1 for Rust. The move_elements function can have a double-free upon a panic in a user-provided f function. | 2021-03-05 | 7.5 | CVE-2021-28031 MISC |
scytl -- secure_vote | An issue was discovered in Scytl sVote 2.1. An attacker can inject code that gets executed by creating an election-event and injecting a payload over an event alias, because the application calls Runtime.getRuntime().exec() without validation. | 2021-02-27 | 7.5 | CVE-2019-25022 MISC |
sercomm -- agcombo_vd625_firmware | SerComm AG Combo VD625 AGSOT_2.1.0 devices allow CRLF injection (for HTTP header injection) in the download function via the Content-Disposition header. | 2021-02-27 | 7.5 | CVE-2021-27132 MISC MISC |
stack_dst_project -- stack_dst | An issue was discovered in the stack_dst crate before 0.6.1 for Rust. Because of the push_inner behavior, a double free can occur upon a val.clone() panic. | 2021-03-05 | 7.5 | CVE-2021-28034 MISC |
stack_dst_project -- stack_dst | An issue was discovered in the stack_dst crate before 0.6.1 for Rust. Because of the push_inner behavior, a drop of uninitialized memory can occur upon a val.clone() panic. | 2021-03-05 | 7.5 | CVE-2021-28035 MISC |
toodee_project -- toodee | An issue was discovered in the toodee crate before 0.3.0 for Rust. Row insertion can cause a double free upon an iterator panic. | 2021-03-05 | 7.5 | CVE-2021-28028 MISC |
totaljs -- total.js | The package total.js before 3.4.8 are vulnerable to Remote Code Execution (RCE) via set. | 2021-03-04 | 7.5 | CVE-2021-23344 MISC MISC |
visualware -- myconnection_server | An issue was discovered in Visualware MyConnection Server through 11.0b build 5382. Unauthenticated Remote Code Execution can occur via Arbitrary File Upload in the web service when using a myspeed/sf?filename= URI. This application is written in Java and is thus cross-platform. The Windows installation runs as SYSTEM, which means that exploitation gives one Administrator privileges on the target system. | 2021-02-26 | 10 | CVE-2021-27198 MISC MISC MISC MISC |
Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
abb -- pm554_firmware | The vulnerabilities can be exploited to cause the web visualization component of the PLC to stop and not respond, leading to genuine users losing remote visibility of the PLC state. If a user attempts to login to the PLC while this vulnerability is exploited, the PLC will show an error state and refuse connections to Automation Builder. The execution of the PLC application is not affected by this vulnerability. This issue affects ABB AC500 V2 products with onboard Ethernet. | 2021-02-26 | 5 | CVE-2020-24686 CONFIRM |
accellion -- fta | Accellion FTA 9_12_432 and earlier is affected by stored XSS via a crafted POST request to a user endpoint. The fixed version is FTA_9_12_444 and later. | 2021-03-02 | 4.3 | CVE-2021-27731 MISC |
aiohttp_project -- aiohttp | aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In aiohttp before version 3.7.4 there is an open redirect vulnerability. A maliciously crafted link to an aiohttp-based web-server could redirect the browser to a different website. It is caused by a bug in the `aiohttp.web_middlewares.normalize_path_middleware` middleware. This security problem has been fixed in 3.7.4. Upgrade your dependency using pip as follows "pip install aiohttp >= 3.7.4". If upgrading is not an option for you, a workaround can be to avoid using `aiohttp.web_middlewares.normalize_path_middleware` in your applications. | 2021-02-26 | 5.8 | CVE-2021-21330 MISC MISC CONFIRM FEDORA MISC DEBIAN |
apache -- tomcat | When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and 8.5.0 to 8.5.61 could duplicate request headers and a limited amount of request body from one request to another meaning user A and user B could both see the results of user A's request. | 2021-03-01 | 5 | CVE-2021-25122 MLIST CONFIRM MLIST MLIST MLIST MLIST MLIST MLIST MLIST |
atlassian -- crowd | The ResourceDownloadRewriteRule class in Crowd before version 4.0.4, and from version 4.1.0 before 4.1.2 allowed unauthenticated remote attackers to read arbitrary files within WEB-INF and META-INF directories via an incorrect path access check. | 2021-03-01 | 5 | CVE-2020-36240 MISC |
bestit -- amazon_pay | best it Amazon Pay Plugin before 9.4.2 for Shopware exposes Sensitive Information to an Unauthorized Actor. | 2021-02-26 | 6.4 | CVE-2020-28199 MISC MISC |
courier_management_system_project -- courier_management_system | Courier Management System 1.0 1.0 is affected by SQL Injection via 'MULTIPART street '. | 2021-03-04 | 4 | CVE-2020-35329 MISC |
dataiku -- data_science_studio | In Dataiku DSS before 8.0.6, insufficient access control in the Jupyter notebooks integration allows users (who have coding permissions) to read and overwrite notebooks in projects that they are not authorized to access. | 2021-03-01 | 5.5 | CVE-2021-27225 CONFIRM MISC |
eclipse -- jetty | In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values. | 2021-02-26 | 5 | CVE-2020-27223 CONFIRM CONFIRM MLIST MLIST MLIST MLIST MLIST MLIST MISC MLIST MLIST MLIST MLIST MLIST MLIST MLIST MLIST MLIST MLIST MLIST MLIST MISC MLIST MLIST MLIST |
eprints -- eprints | EPrints 3.4.2 allows remote attackers to read arbitrary files and possibly execute commands via crafted LaTeX input to a cgi/latex2png?latex= URI. | 2021-03-01 | 6.8 | CVE-2021-3342 CONFIRM CONFIRM MISC |
eprints -- eprints | EPrints 3.4.2 exposes a reflected XSS opportunity in the via a cgi/cal URI. | 2021-03-01 | 4.3 | CVE-2021-26475 CONFIRM MISC |
eprints -- eprints | EPrints 3.4.2 exposes a reflected XSS opportunity in the dataset parameter to the cgi/dataset_dictionary URI. | 2021-03-01 | 4.3 | CVE-2021-26702 CONFIRM MISC |
eprints -- eprints | EPrints 3.4.2 allows remote attackers to execute arbitrary commands via crafted input to the verb parameter in a cgi/toolbox/toolbox URI. | 2021-03-01 | 6.5 | CVE-2021-26704 CONFIRM CONFIRM MISC |
google -- android | In vpu, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch ID: ALPS05371580; Issue ID: ALPS05379085. | 2021-02-26 | 6.9 | CVE-2021-0367 MISC |
google -- android | In vow, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch ID: ALPS05418265. | 2021-02-26 | 6.9 | CVE-2021-0401 MISC |
google -- android | In vpu, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch ID: ALPS05371580; Issue ID: ALPS05379093. | 2021-02-26 | 6.9 | CVE-2021-0366 MISC |
isida -- retriever | LMA ISIDA Retriever 5.2 is vulnerable to XSS via query['text']. | 2021-02-26 | 4.3 | CVE-2021-26903 MISC MISC |
joomla -- joomla\! | An issue was discovered in Joomla! 3.2.0 through 3.9.24. Usage of the insecure rand() function within the process of generating the 2FA secret. | 2021-03-04 | 5 | CVE-2021-23126 MISC |
joomla -- joomla\! | An issue was discovered in Joomla! 3.2.0 through 3.9.24. Missing input validation within the template manager. | 2021-03-04 | 5 | CVE-2021-23131 MISC |
joomla -- joomla\! | An issue was discovered in Joomla! 3.0.0 through 3.9.24. com_media allowed paths that are not intended for image uploads | 2021-03-04 | 5 | CVE-2021-23132 MISC |
joomla -- joomla\! | An issue was discovered in Joomla! 2.5.0 through 3.9.24. Missing filtering of feed fields could lead to xss issues. | 2021-03-04 | 4.3 | CVE-2021-23130 MISC |
joomla -- joomla\! | An issue was discovered in Joomla! 2.5.0 through 3.9.24. Missing filtering of messages showed to users that could lead to xss issues. | 2021-03-04 | 4.3 | CVE-2021-23129 MISC |
joomla -- joomla\! | An issue was discovered in Joomla! 3.2.0 through 3.9.24. The core shipped but unused randval implementation within FOF (FOFEncryptRandval) used an potential insecure implemetation. That has now been replaced with a call to 'random_bytes()' and its backport that is shipped within random_compat. | 2021-03-04 | 6.4 | CVE-2021-23128 MISC |
joomla -- joomla\! | An issue was discovered in Joomla! 3.2.0 through 3.9.24. Usage of an insufficient length for the 2FA secret accoring to RFC 4226 of 10 bytes vs 20 bytes. | 2021-03-04 | 6.4 | CVE-2021-23127 MISC |
kaspersky -- endpoint_security | A component of Kaspersky custom boot loader allowed loading of untrusted UEFI modules due to insufficient check of their authenticity. This component is incorporated in Kaspersky Rescue Disk (KRD) and was trusted by the Authentication Agent of Full Disk Encryption in Kaspersky Endpoint Security (KES). This issue allowed to bypass the UEFI Secure Boot security feature. An attacker would need physical access to the computer to exploit it. Otherwise, local administrator privileges would be required to modify the boot loader component. | 2021-02-26 | 4.6 | CVE-2020-26200 MISC MISC |
matrix -- synapse | Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.25.0, a malicious homeserver could redirect requests to their .well-known file to a large file. This can lead to a denial of service attack where homeservers will consume significantly more resources when requesting the .well-known file of a malicious homeserver. This affects any server which accepts federation requests from untrusted servers. Issue is resolved in version 1.25.0. As a workaround the `federation_domain_whitelist` setting can be used to restrict the homeservers communicated with over federation. | 2021-02-26 | 4.3 | CVE-2021-21274 MISC MISC MISC CONFIRM |
matrix -- synapse | Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.25.0, requests to user provided domains were not restricted to external IP addresses when calculating the key validity for third-party invite events and sending push notifications. This could cause Synapse to make requests to internal infrastructure. The type of request was not controlled by the user, although limited modification of request bodies was possible. For the most thorough protection server administrators should remove the deprecated `federation_ip_range_blacklist` from their settings after upgrading to Synapse v1.25.0 which will result in Synapse using the improved default IP address restrictions. See the new `ip_range_blacklist` and `ip_range_whitelist` settings if more specific control is necessary. | 2021-02-26 | 5.8 | CVE-2021-21273 MISC MISC MISC CONFIRM |
microfocus -- solutions_business_manager | Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to XML External Entity Processing (XXE) on certain operations. | 2021-02-26 | 5.2 | CVE-2019-18943 MISC |
microfocus -- solutions_business_manager | Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to privilege escalation vulnerability. | 2021-02-26 | 5.2 | CVE-2019-18945 CONFIRM |
mozilla -- firefox | Mozilla developers reported memory safety bugs present in Firefox 85. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 86. | 2021-02-26 | 6.8 | CVE-2021-23979 MISC MISC |
mozilla -- firefox | Using the new logical assignment operators in a JavaScript switch statement could have caused a type confusion, leading to a memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firefox ESR < 78.7. | 2021-02-26 | 6.8 | CVE-2021-23954 MISC MISC MISC MISC |
mozilla -- firefox | Performing garbage collection on re-declared JavaScript variables resulted in a user-after-poison, and a potentially exploitable crash. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firefox ESR < 78.7. | 2021-02-26 | 6.8 | CVE-2021-23960 MISC MISC MISC MISC |
mozilla -- firefox | If a user clicked into a specifically crafted PDF, the PDF reader could be confused into leaking cross-origin information, when said information is served as chunked data. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firefox ESR < 78.7. | 2021-02-26 | 4.3 | CVE-2021-23953 MISC MISC MISC MISC |
mozilla -- firefox | The browser could have been confused into transferring a pointer lock state into another tab, which could have lead to clickjacking attacks. This vulnerability affects Firefox < 85. | 2021-02-26 | 4.3 | CVE-2021-23955 MISC MISC |
mozilla -- firefox | Incorrect use of the '<RowCountChanged>' method could have led to a user-after-poison and a potentially exploitable crash. This vulnerability affects Firefox < 85. | 2021-02-26 | 6.8 | CVE-2021-23962 MISC MISC |
mozilla -- firefox | Mozilla developers reported memory safety bugs present in Firefox 84 and Firefox ESR 78.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firefox ESR < 78.7. | 2021-02-26 | 6.8 | CVE-2021-23964 MISC MISC MISC MISC |
mozilla -- firefox | Mozilla developers reported memory safety bugs present in Firefox 84. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 85. | 2021-02-26 | 6.8 | CVE-2021-23965 MISC MISC |
mozilla -- firefox | One phishing tactic on the web is to provide a link with HTTP Auth. For example 'https://[email protected]'. To mitigate this type of attack, Firefox will display a warning dialog; however, this warning dialog would not have been displayed if evil.com used a redirect that was cached by the browser. This vulnerability affects Firefox < 86. | 2021-02-26 | 6.8 | CVE-2021-23972 MISC MISC |
mozilla -- firefox | An ambiguous file picker design could have confused users who intended to select and upload a single file into uploading a whole directory. This was addressed by adding a new prompt. This vulnerability affects Firefox < 85. | 2021-02-26 | 4.3 | CVE-2021-23956 MISC MISC |
mozilla -- firefox | Mozilla developers reported memory safety bugs present in Firefox 85 and Firefox ESR 78.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8. | 2021-02-26 | 6.8 | CVE-2021-23978 MISC MLIST DEBIAN MISC MISC MISC |
mozilla -- firefox | As specified in the W3C Content Security Policy draft, when creating a violation report, "User agents need to ensure that the source file is the URL requested by the page, pre-redirects. If that’s not possible, user agents need to strip the URL down to an origin to avoid unintentional leakage." Under certain types of redirects, Firefox incorrectly set the source file to be the destination of the redirects. This was fixed to be the redirect destination's origin. This vulnerability affects Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8. | 2021-02-26 | 4.3 | CVE-2021-23969 MISC MLIST DEBIAN MISC MISC MISC |
mozilla -- firefox | The developer page about:memory has a Measure function for exploring what object types the browser has allocated and their sizes. When this function was invoked we incorrectly called the sizeof function, instead of using the API method that checks for invalid pointers. This vulnerability affects Firefox < 86. | 2021-02-26 | 4.3 | CVE-2021-23975 MISC MISC |
mozilla -- firefox | The DOMParser API did not properly process '<noscript>' elements for escaping. This could be used as an mXSS vector to bypass an HTML Sanitizer. This vulnerability affects Firefox < 86. | 2021-02-26 | 4.3 | CVE-2021-23974 MISC MISC |
mozilla -- firefox | If Content Security Policy blocked frame navigation, the full destination of a redirect served in the frame was reported in the violation report; as opposed to the original frame URI. This could be used to leak sensitive information contained in such URIs. This vulnerability affects Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8. | 2021-02-26 | 4.3 | CVE-2021-23968 MISC MLIST DEBIAN MISC MISC MISC |
mozilla -- firefox | The browser could have been confused into transferring a screen sharing state into another tab, which would leak unintended information. This vulnerability affects Firefox < 85. | 2021-02-26 | 4.3 | CVE-2021-23958 MISC MISC |
mozilla -- firefox | An XSS bug in internal error pages could have led to various spoofing attacks, including other error pages and the address bar. Note: This issue only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox < 85. | 2021-02-26 | 4.3 | CVE-2021-23959 MISC MISC |
mozilla -- firefox | When trying to load a cross-origin resource in an audio/video context a decoding error may have resulted, and the content of that error may have revealed information about the resource. This vulnerability affects Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8. | 2021-02-26 | 4.3 | CVE-2021-23973 MISC MLIST DEBIAN MISC MISC MISC |
mozilla -- firefox | When accepting a malicious intent from other installed apps, Firefox for Android accepted manifests from arbitrary file paths and allowed declaring webapp manifests for other origins. This could be used to gain fullscreen access for UI spoofing and could also lead to cross-origin attacks on targeted websites. Note: This issue is a different issue from CVE-2020-26954 and only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox < 86. | 2021-02-26 | 5.8 | CVE-2021-23976 MISC MISC |
mozilla -- firefox | When processing a redirect with a conflicting Referrer-Policy, Firefox would have adopted the redirect's Referrer-Policy. This would have potentially resulted in more information than intended by the original origin being provided to the destination of the redirect. This vulnerability affects Firefox < 86. | 2021-02-26 | 4.3 | CVE-2021-23971 MISC MISC |
mozilla -- firefox | Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox < 85. | 2021-02-26 | 4.3 | CVE-2021-23961 MISC MISC |
mozilla -- firefox | When sharing geolocation during an active WebRTC share, Firefox could have reset the webRTC sharing state in the user interface, leading to loss of control over the currently granted permission. This vulnerability affects Firefox < 85. | 2021-02-26 | 4.3 | CVE-2021-23963 MISC MISC |
mozilla -- firefox | Context-specific code was included in a shared jump table; resulting in assertions being triggered in multithreaded wasm code. This vulnerability affects Firefox < 86. | 2021-02-26 | 4.3 | CVE-2021-23970 MISC MISC |
mozilla -- firefox | Navigations through the Android-specific `intent` URL scheme could have been misused to escape iframe sandbox. Note: This issue only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox < 85. | 2021-02-26 | 4.3 | CVE-2021-23957 MISC MISC |
nodered -- node-red | Node-Red is a low-code programming for event-driven applications built using nodejs. Node-RED 1.2.7 and earlier contains a Prototype Pollution vulnerability in the admin API. A badly formed request can modify the prototype of the default JavaScript Object with the potential to affect the default behaviour of the Node-RED runtime. The vulnerability is patched in the 1.2.8 release. A workaround is to ensure only authorized users are able to access the editor url. | 2021-02-26 | 4 | CVE-2021-21297 MISC CONFIRM MISC MISC |
onlyoffice -- document_server | A file extension handling issue was found in [core] module of ONLYOFFICE DocumentServer v4.2.0.236-v5.6.4.13. An attacker must request the conversion of the crafted file from DOCT into DOCX format. Using the chain of two other bugs related to improper string handling, an attacker can achieve remote code execution on DocumentServer. | 2021-03-01 | 6.8 | CVE-2021-25830 MISC MISC MISC MISC MISC MISC |
onlyoffice -- document_server | A file extension handling issue was found in [core] module of ONLYOFFICE DocumentServer v4.0.0-9-v5.6.3. An attacker must request the conversion of the crafted file from PPTT into PPTX format. Using the chain of two other bugs related to improper string handling, a remote attacker can obtain remote code execution on DocumentServer. | 2021-03-01 | 6.8 | CVE-2021-25831 MISC MISC MISC MISC MISC MISC |
onlyoffice -- document_server | A heap buffer overflow vulnerability inside of BMP image processing was found at [core] module of ONLYOFFICE DocumentServer v4.0.0-9-v6.0.0. Using this vulnerability, an attacker is able to gain remote code executions on DocumentServer. | 2021-03-01 | 6.8 | CVE-2021-25832 MISC MISC MISC MISC MISC MISC MISC |
onlyoffice -- document_server | A file extension handling issue was found in [server] module of ONLYOFFICE DocumentServer v4.2.0.71-v5.6.0.21. The file extension is controlled by an attacker through the request data and leads to arbitrary file overwriting. Using this vulnerability, a remote attacker can obtain remote code execution on DocumentServer. | 2021-03-01 | 6.8 | CVE-2021-25833 MISC MISC MISC MISC MISC MISC |
owncloud -- owncloud | ownCloud owncloud/client before 2.7 allows DLL Injection. The desktop client loaded development plugins from certain directories when they were present. | 2021-02-26 | 4.4 | CVE-2020-28646 MISC MISC |
prestashop -- prestashop | PrestaShop is a fully scalable open source e-commerce solution. In PrestaShop before version 1.7.2 the soft logout system is not complete and an attacker is able to foreign request and executes customer commands. The problem is fixed in 1.7.7.2 | 2021-02-26 | 6.4 | CVE-2021-21308 MISC MISC CONFIRM |
prestashop -- prestashop | PrestaShop is a fully scalable open source e-commerce solution. In PrestaShop before version 1.7.2 there is a CSV Injection vulnerability possible by using shop search keywords via the admin panel. The problem is fixed in 1.7.7.2 | 2021-02-26 | 6.5 | CVE-2021-21302 MISC MISC CONFIRM |
prosoft-technology -- icx35-hwc-a_firmware | Changing the password on the module webpage does not require the user to type in the current password first. Thus, the password could be changed by a user or external process without knowledge of the current password on the ICX35-HWC-A and ICX35-HWC-E (Versions 1.9.62 and prior). | 2021-02-26 | 5 | CVE-2021-22661 MISC |
quinn_project -- quinn | An issue was discovered in the quinn crate before 0.7.0 for Rust. It may have invalid memory access for certain versions of the standard library because it relies on a direct cast of std::net::SocketAddrV4 and std::net::SocketAddrV6 data structures. | 2021-03-05 | 5 | CVE-2021-28036 MISC |
saltstack -- salt | An issue was discovered in SaltStack Salt before 3002.5. The minion's restartcheck is vulnerable to command injection via a crafted process name. This allows for a local privilege escalation by any user able to create a files on the minion in a non-blacklisted directory. | 2021-02-27 | 4.6 | CVE-2020-28243 MISC FEDORA FEDORA CONFIRM MISC |
saltstack -- salt | In SaltStack Salt before 3002.5, authentication to VMware vcenter, vsphere, and esxi servers (in the vmware.py files) does not always validate the SSL/TLS certificate. | 2021-02-27 | 4.3 | CVE-2020-28972 FEDORA FEDORA CONFIRM |
saltstack -- salt | In SaltStack Salt before 3002.5, when authenticating to services using certain modules, the SSL certificate is not always validated. | 2021-02-27 | 5.8 | CVE-2020-35662 FEDORA FEDORA CONFIRM |
saltstack -- salt | An issue was discovered in through SaltStack Salt before 3002.5. The salt.wheel.pillar_roots.write method is vulnerable to directory traversal. | 2021-02-27 | 6.4 | CVE-2021-25282 MISC FEDORA FEDORA CONFIRM |
scytl -- secure_vote | An issue was discovered in Scytl sVote 2.1. Because the sdm-ws-rest API does not require authentication, an attacker can retrieve the administrative configuration by sending a POST request to the /sdm-ws-rest/preconfiguration URI. | 2021-02-27 | 5 | CVE-2019-25020 MISC |
scytl -- secure_vote | An issue was discovered in Scytl sVote 2.1. Because the IP address from an X-Forwarded-For header (which can be manipulated client-side) is used for the internal application logs, an attacker can inject wrong IP addresses into these logs. | 2021-02-27 | 6.4 | CVE-2019-25023 MISC |
scytl -- secure_vote | An issue was discovered in Scytl sVote 2.1. Due to the implementation of the database manager, an attacker can access the OrientDB by providing admin as the admin password. A different password cannot be set because of the implementation in code. | 2021-02-27 | 5 | CVE-2019-25021 MISC |
synology -- diskstation_manager | Cleartext transmission of sensitive information vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to spoof servers via an HTTP session. | 2021-02-26 | 4.3 | CVE-2021-26560 CONFIRM |
synology -- diskstation_manager | Cleartext transmission of sensitive information vulnerability in synorelayd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to obtain sensitive information via an HTTP session. | 2021-02-26 | 4.3 | CVE-2021-26565 CONFIRM |
synology -- diskstation_manager | Cleartext transmission of sensitive information vulnerability in synorelayd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to spoof servers via an HTTP session. | 2021-02-26 | 4.3 | CVE-2021-26564 CONFIRM |
synology -- diskstation_manager | Use of unmaintained third party components vulnerability in faad in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote authenticated users to execute arbitrary code via a crafted file path. | 2021-02-26 | 6.5 | CVE-2021-26567 CONFIRM |
synology -- diskstation_manager | Stack-based buffer overflow vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to execute arbitrary code via syno_finder_site HTTP header. | 2021-02-26 | 6.8 | CVE-2021-26561 CONFIRM |
synology -- diskstation_manager | Out-of-bounds write vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to execute arbitrary code via syno_finder_site HTTP header. | 2021-02-26 | 6.8 | CVE-2021-26562 CONFIRM |
synology -- diskstation_manager | Insertion of sensitive information into sent data vulnerability in synorelayd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to execute arbitrary commands via inbound QuickConnect traffic. | 2021-02-26 | 6.8 | CVE-2021-26566 CONFIRM |
toodee_project -- toodee | An issue was discovered in the toodee crate before 0.3.0 for Rust. The row-insertion feature allows attackers to read the contents of uninitialized memory locations. | 2021-03-05 | 5 | CVE-2021-28029 MISC |
tpm2_software_stack_project -- tpm2_software_stack | Missing initialization of a variable in the TPM2 source may allow a privileged user to potentially enable an escalation of privilege via local access. This affects tpm2-tss before 3.0.1 and before 2.4.3. | 2021-02-26 | 4.6 | CVE-2020-24455 CONFIRM CONFIRM CONFIRM |
truetype_project -- truetype | An issue was discovered in the truetype crate before 0.30.1 for Rust. Attackers can read the contents of uninitialized memory locations via a user-provided Read operation within Tape::take_bytes. | 2021-03-05 | 5 | CVE-2021-28030 MISC |
vapor_project -- vapor | Vapor is a web framework for Swift. In Vapor before version 4.40.1, there is a DoS attack against anyone who Bootstraps a metrics backend for their Vapor app. The following is the attack vector: 1. send unlimited requests against a vapor instance with different paths. this will create unlimited counters and timers, which will eventually drain the system. 2. downstream services might suffer from this attack as well by being spammed with error paths. This has been patched in 4.40.1. The `DefaultResponder` will rewrite any undefined route paths for to `vapor_route_undefined` to avoid unlimited counters. | 2021-02-26 | 5 | CVE-2021-21328 MISC MISC CONFIRM MISC |
w1.fi -- wpa_supplicant | A vulnerability was discovered in how p2p/p2p_pd.c in wpa_supplicant before 2.10 processes P2P (Wi-Fi Direct) provision discovery requests. It could result in denial of service or other impact (potentially execution of arbitrary code), for an attacker within radio range. | 2021-02-26 | 5.4 | CVE-2021-27803 MLIST MLIST FEDORA MISC MISC MISC |
xerox -- altalink_b8045_firmware | Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases before 101.00x.099.28200 allow a user with administrative privileges to turn off data encryption on the device, thus leaving it open to potential cryptographic information disclosure. | 2021-03-04 | 4 | CVE-2019-18628 MISC CONFIRM |
zenphoto -- zenphoto | ** DISPUTED ** Zenphoto through 1.5.7 is affected by authenticated arbitrary file upload, leading to remote code execution. The attacker must navigate to the uploader plugin, check the elFinder box, and then drag and drop files into the Files(elFinder) portion of the UI. This can, for example, place a .php file in the server's uploaded/ directory. NOTE: the vendor disputes this because exploitation can only be performed by an admin who has "lots of other possibilities to harm a site." | 2021-02-26 | 6.5 | CVE-2020-36079 MISC MISC MISC |
Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
courier_management_system_project -- courier_management_system | Courier Management System 1.0 - 'First Name' Stored XSS | 2021-03-04 | 3.5 | CVE-2020-35328 MISC |
gitlab -- gitlab | An issue has been discovered in GitLab affecting all versions starting with 13.7. GitLab was vulnerable to a stored XSS in merge request. | 2021-03-03 | 3.5 | CVE-2021-22182 CONFIRM MISC MISC |
gnu -- glibc | The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228. | 2021-02-26 | 2.1 | CVE-2020-27618 MISC MISC |
google -- android | In mobile_log_d, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05457039. | 2021-02-26 | 2.1 | CVE-2021-0404 MISC |
google -- android | In netdiag, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05475124. | 2021-02-26 | 2.1 | CVE-2021-0403 MISC |
i-doit -- i-doit | i-doit before 1.16.0 is affected by Stored Cross-Site Scripting (XSS) issues that could allow remote authenticated attackers to inject arbitrary web script or HTML via C__MONITORING__CONFIG__TITLE, SM2__C__MONITORING__CONFIG__TITLE, C__MONITORING__CONFIG__PATH, SM2__C__MONITORING__CONFIG__PATH, C__MONITORING__CONFIG__ADDRESS, or SM2__C__MONITORING__CONFIG__ADDRESS. | 2021-02-27 | 3.5 | CVE-2021-3151 MISC MISC |
ibm -- doors_next | IBM Engineering products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190459. | 2021-03-04 | 3.5 | CVE-2020-4856 XF CONFIRM |
ibm -- doors_next | IBM Engineering products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190460. | 2021-03-04 | 3.5 | CVE-2020-4857 XF CONFIRM |
ibm -- doors_next | IBM Engineering products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190566. | 2021-03-04 | 3.5 | CVE-2020-4863 XF CONFIRM |
ibm -- doors_next | IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190742. | 2021-03-04 | 3.5 | CVE-2020-4866 XF CONFIRM |
ibm -- doors_next | IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 194451. | 2021-03-04 | 3.5 | CVE-2021-20340 XF CONFIRM |
ibm -- doors_next | IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 194707. | 2021-03-04 | 3.5 | CVE-2021-20350 XF CONFIRM |
ibm -- doors_next | IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 194708. | 2021-03-04 | 3.5 | CVE-2021-20351 XF CONFIRM |
microfocus -- solutions_business_manager | Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to session fixation. | 2021-02-26 | 3.8 | CVE-2019-18946 CONFIRM |
microfocus -- solutions_business_manager | Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to information disclosure. | 2021-02-26 | 2.7 | CVE-2019-18947 CONFIRM |
microfocus -- solutions_business_manager | Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to reflected XSS. | 2021-02-26 | 2.3 | CVE-2019-18944 CONFIRM |
microfocus -- solutions_business_manager | Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to stored XSS. The application reflects previously stored user input without encoding. | 2021-02-26 | 2.3 | CVE-2019-18942 CONFIRM |
mozilla -- firefox | Firefox for Android suffered from a time-of-check-time-of-use vulnerability that allowed a malicious application to read sensitive data from application directories. Note: This issue is only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox < 86. | 2021-02-26 | 2.6 | CVE-2021-23977 MISC MISC |
opentext -- content_server | There are multiple persistent cross-site scripting (XSS) vulnerabilities in the web interface of OpenText Content Server Version 20.3. The application allows a remote attacker to introduce arbitrary JavaScript by crafting malicious form values that are later not sanitized. | 2021-02-26 | 3.5 | CVE-2021-3010 MISC MISC |
saltstack -- salt | An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level. | 2021-02-27 | 1.9 | CVE-2021-25284 MISC FEDORA FEDORA CONFIRM |
samsung -- internet | Improper permission grant check in Samsung Internet prior to version 13.0.1.60 allows access to files in internal storage without authorized STORAGE permission. | 2021-03-04 | 2.1 | CVE-2021-25348 MISC CONFIRM |
samsung -- s_assistant | Calling of non-existent provider in S Assistant prior to version 6.5.01.22 allows unauthorized actions including denial of service attack by hijacking the provider. | 2021-03-04 | 2.1 | CVE-2021-25341 MISC CONFIRM |
synology -- diskstation_manager | Improper access control vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows local users to obtain sensitive information via a crafted kernel module. | 2021-02-26 | 2.1 | CVE-2021-26563 CONFIRM |
zte -- zxr10_8900e_firmware | A ZTE product has a memory leak vulnerability. Due to the product's improper handling of memory release in certain scenarios, a local attacker with device permissions repeatedly attenuated the optical signal to cause memory leak and abnormal service. This affects: ZXR10 8900E, all versions up to V3.03.20R2B30P1. | 2021-02-26 | 2.1 | CVE-2021-21724 MISC |
Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
activerecord-session_store -- activerecord-session_store |
The activerecord-session_store (aka Active Record Session Store) component through 1.1.3 for Ruby on Rails does not use a constant-time approach when delivering information about whether a guessed session ID is valid. Consequently, remote attackers can leverage timing discrepancies to achieve a correct guess in a relatively short amount of time. This is a related issue to CVE-2019-16782. | 2021-03-05 | not yet calculated | CVE-2019-25025 MISC |
adguard -- adguard |
An issue was discovered in AdGuard before 0.105.2. An attacker able to get the user's cookie is able to bruteforce their password offline, because the hash of the password is stored in the cookie. | 2021-03-03 | not yet calculated | CVE-2021-27935 MISC |
advantech -- webaccess/scada |
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In webvrpcs Run Key Privilege Escalation in installation folder of WebAccess, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege. | 2021-03-03 | not yet calculated | CVE-2020-13554 MISC |
afterlogic -- aurora |
An issue was discovered in AfterLogic Aurora through 8.5.3 and WebMail Pro through 8.5.3, when DAV is enabled. They allow directory traversal to create new files (such as an executable file under the web root). This is related to DAVServer.php in 8.x and DAV/Server.php in 7.x. | 2021-03-04 | not yet calculated | CVE-2021-26293 CONFIRM |
ansi -- ansi |
The npm package ansi_up converts ANSI escape codes into HTML. In ansi_up v4, ANSI escape codes can be used to create HTML hyperlinks. Due to insufficient URL sanitization, this feature is affected by a cross-site scripting (XSS) vulnerability. This issue is fixed in v5.0.0. | 2021-03-05 | not yet calculated | CVE-2021-3377 MISC MISC |
anuko -- time_tracker |
Anuko Time Tracker is an open source, web-based time tracking application written in PHP. In TimeTracker before version 1.19.24.5415 tokens used in password reset feature in Time Tracker are based on system time and, therefore, are predictable. This opens a window for brute force attacks to guess user tokens and, once successful, change user passwords, including that of a system administrator. This vulnerability is pathced in version 1.19.24.5415 (started to use more secure tokens) with an additional improvement in 1.19.24.5416 (limited an available window for brute force token guessing). | 2021-03-03 | not yet calculated | CVE-2021-21352 MISC CONFIRM MISC |
apache -- ambari_views |
A cross-site scripting issue was found in Apache Ambari Views. This was addressed in Apache Ambari 2.7.4. | 2021-03-02 | not yet calculated | CVE-2020-1936 MLIST CONFIRM |
apache -- asterixdb |
When loading a UDF, a specially crafted zip file could allow files to be placed outside of the UDF deployment directory. This issue affected Apache AsterixDB unreleased builds between commits 580b81aa5e8888b8e1b0620521a1c9680e54df73 and 28c0ee84f1387ab5d0659e9e822f4e3923ddc22d. Note: this CVE may be REJECTed as the issue did not affect any released versions of Apache AsterixDB | 2021-03-01 | not yet calculated | CVE-2020-9479 MLIST MISC |
apache -- superset |
Apache Superset up to and including 0.38.0 allowed the creation of a Markdown component on a Dashboard page for describing chart's related information. Abusing this functionality, a malicious user could inject javascript code executing unwanted action in the context of the user's browser. The javascript code will be automatically executed (Stored XSS) when a legitimate user surfs on the dashboard page. The vulnerability is exploitable creating a “div” section and embedding in it a “svg” element with javascript code. | 2021-03-05 | not yet calculated | CVE-2021-27907 MISC MLIST |
argopro -- argopro |
The package github.com/argoproj/argo-cd/cmd before 1.7.13, from 1.8.0 and before 1.8.6 are vulnerable to Cross-site Scripting (XSS) the SSO provider connected to Argo CD would have to send back a malicious error message containing JavaScript to the user. | 2021-03-03 | not yet calculated | CVE-2021-23347 CONFIRM CONFIRM |
aruba -- airwave_management_platform | A remote authenticated authenticated xml external entity (xxe) vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. Due to improper restrictions on XML entities a vulnerability exists in the web-based management interface of AirWave. A successful exploit could allow an authenticated attacker to retrieve files from the local system or cause the application to consume system resources, resulting in a denial of service condition. | 2021-03-05 | not yet calculated | CVE-2021-26969 MISC |
aruba -- airwave_management_platform | A remote authenticated stored cross-site scripting (xss) vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. A vulnerability in the web-based management interface of AirWave could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim’s browser in the context of the affected interface. | 2021-03-05 | not yet calculated | CVE-2021-26968 MISC |
aruba -- airwave_management_platform | A remote reflected cross-site scripting (xss) vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. A vulnerability in the web-based management interface of AirWave could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of certain components of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim’s browser in the context of the AirWave management interface. | 2021-03-05 | not yet calculated | CVE-2021-26967 MISC |
aruba -- airwave_management_platform | A remote authenticated sql injection vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. Multiple vulnerabilities in the API of AirWave could allow an authenticated remote attacker to conduct SQL injection attacks against the AirWave instance. An attacker could exploit these vulnerabilities to obtain and modify sensitive information in the underlying database. | 2021-03-05 | not yet calculated | CVE-2021-26966 MISC |
aruba -- airwave_management_platform | A remote authenticated sql injection vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. Multiple vulnerabilities in the API of AirWave could allow an authenticated remote attacker to conduct SQL injection attacks against the AirWave instance. An attacker could exploit these vulnerabilities to obtain and modify sensitive information in the underlying database. | 2021-03-05 | not yet calculated | CVE-2021-26965 MISC |
aruba -- airwave_management_platform | A remote authenticated arbitrary command execution vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. Vulnerabilities in the AirWave CLI could allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to full system compromise. | 2021-03-05 | not yet calculated | CVE-2021-26963 MISC |
aruba -- airwave_management_platform | A remote authenticated arbitrary command execution vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. Vulnerabilities in the AirWave web-base management interface could allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as a lower privileged user on the underlying operating system leading to partial system compromise. | 2021-03-05 | not yet calculated | CVE-2021-26970 MISC |
aruba -- airwave_management_platform | A remote authenticated arbitrary command execution vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. Vulnerabilities in the AirWave web-base management interface could allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as a lower privileged user on the underlying operating system leading to partial system compromise. | 2021-03-05 | not yet calculated | CVE-2021-26971 MISC |
aruba -- airwave_management_platform |
A remote authentication restriction bypass vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. A vulnerability in the AirWave web-based management interface could allow an authenticated remote attacker to improperly access and modify devices and management user details. A successful exploit would consist of an attacker using a lower privileged account to change management user or device details. This could allow the attacker to escalate privileges and/or change network details that they should not have access to. | 2021-03-05 | not yet calculated | CVE-2021-26964 MISC |
aruba -- airwave_management_platform |
A remote unauthenticated cross-site request forgery (csrf) vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. A vulnerability in the AirWave web-based management interface could allow an unauthenticated remote attacker to conduct a CSRF attack against a vulnerable system. A successful exploit would consist of an attacker persuading an authorized user to follow a malicious link, resulting in arbitrary actions being carried out with the privilege level of the targeted user. | 2021-03-05 | not yet calculated | CVE-2021-26960 MISC |
aruba -- airwave_management_platform |
A remote unauthenticated cross-site request forgery (csrf) vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. A vulnerability in the AirWave web-based management interface could allow an unauthenticated remote attacker to conduct a CSRF attack against a vulnerable system. A successful exploit would consist of an attacker persuading an authorized user to follow a malicious link, resulting in arbitrary actions being carried out with the privilege level of the targeted user. | 2021-03-05 | not yet calculated | CVE-2021-26961 MISC |
aruba -- airwave_management_platform |
A remote authenticated arbitrary command execution vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. Vulnerabilities in the AirWave CLI could allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to full system compromise. | 2021-03-05 | not yet calculated | CVE-2021-26962 MISC |
bitnami -- containers |
In Bitnami Containers, all Laravel container versions prior to: 6.20.0-debian-10-r107 for Laravel 6, 7.30.1-debian-10-r108 for Laravel 7 and 8.5.11-debian-10-r0 for Laravel 8, the file /tmp/app/.env is generated at the time that the docker image bitnami/laravel was built, and the value of APP_KEY is fixed under certain conditions. This value is crucial for the security of the application and must be randomly generated per Laravel installation. If your application's encryption key is in the hands of a malicious party, that party could craft cookie values using the encryption key and exploit vulnerabilities inherent to PHP object serialization / unserialization, such as calling arbitrary class methods within your application. | 2021-03-03 | not yet calculated | CVE-2021-21979 MISC |
blackboard -- collaborate_ultra |
Blackboard Collaborate Ultra 20.02 is affected by a cross-site scripting (XSS) vulnerability. The XSS payload will execute on the class room, which leads to stealing cookies from users who join the class. | 2021-03-02 | not yet calculated | CVE-2020-25902 MISC MISC |
cgal -- libcal |
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface() sfh->volume(). An attacker can provide malicious input to trigger this vulnerability. | 2021-03-04 | not yet calculated | CVE-2020-35636 MISC |
cgal -- libcal |
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sloop() slh->incident_sface. An attacker can provide malicious input to trigger this vulnerability. | 2021-03-04 | not yet calculated | CVE-2020-35628 MISC |
cgal -- libcgal |
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sloop() slh->twin() An attacker can provide malicious input to trigger this vulnerability. | 2021-03-04 | not yet calculated | CVE-2020-28636 MISC |
cgal -- libcgal |
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser::read_vertex() Face_of[] OOB read. An attacker can provide malicious input to trigger this vulnerability. | 2021-03-04 | not yet calculated | CVE-2020-28601 MISC |
clustered_data -- ontap |
Clustered Data ONTAP versions prior to 9.3P21, 9.5P16, 9.6P12, 9.7P8 and 9.8 are susceptible to a vulnerability which could allow unauthorized tenant users to discover information related to converting a 7-Mode directory to Cluster-mode such as Storage Virtual Machine (SVM) names, volume names, directory paths and Job IDs. | 2021-03-04 | not yet calculated | CVE-2021-26988 MISC |
clustered_data -- ontap |
Clustered Data ONTAP versions prior to 9.3P21, 9.5P16, 9.6P12, 9.7P9 and 9.8 are susceptible to a vulnerability which could allow a remote authenticated attacker to cause a Denial of Service (DoS) on clustered Data ONTAP configured for SMB access. | 2021-03-04 | not yet calculated | CVE-2021-26989 MISC |
courier -- management_system |
SQL injection vulnerability was discovered in Courier Management System 1.0, which can be exploited via the ref_no (POST) parameter to admin_class.php | 2021-03-04 | not yet calculated | CVE-2020-35327 MISC |
datadog -- datadog |
The Java client for the Datadog API before version 1.0.0-beta.9 has a local information disclosure of sensitive information downloaded via the API using the API Client. The Datadog API is executed on a unix-like system with multiple users. The API is used to download a file containing sensitive information. This sensitive information is exposed locally to other users. This vulnerability exists in the API Client for version 1 and 2. The method `prepareDownloadFilecreates` creates a temporary file with the permissions bits of `-rw-r--r--` on unix-like systems. On unix-like systems, the system temporary directory is shared between users. As such, the contents of the file downloaded via the `downloadFileFromResponse` method will be visible to all other users on the local system. Analysis of the finding determined that the affected code was unused, meaning that the exploitation likelihood is low. The unused code has been removed, effectively mitigating this issue. This issue has been patched in version 1.0.0-beta.9. As a workaround one may specify `java.io.tmpdir` when starting the JVM with the flag `-Djava.io.tmpdir`, specifying a path to a directory with `drw-------` permissions owned by `dd-agent`. | 2021-03-03 | not yet calculated | CVE-2021-21331 CONFIRM CONFIRM |
dell -- emc_openmanage_server_administrator |
Dell EMC OpenManage Server Administrator (OMSA) version 9.5 Microsoft Windows installations with Distributed Web Server (DWS) enabled configuration contains an authentication bypass vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to gain admin access on the affected system. | 2021-03-02 | not yet calculated | CVE-2021-21513 CONFIRM |
dell -- emc_openmanage_server_administrator |
Dell EMC OpenManage Server Administrator (OMSA) versions 9.5 and prior contain a path traversal vulnerability. A remote user with admin privileges could potentially exploit this vulnerability to view arbitrary files on the target system by sending a specially crafted URL request. | 2021-03-02 | not yet calculated | CVE-2021-21514 CONFIRM |
dell -- emc_sourceone |
Dell EMC SourceOne, versions 7.2SP10 and prior, contain a Stored Cross-Site Scripting vulnerability. A remote low privileged attacker may potentially exploit this vulnerability, to hijack user sessions or to trick a victim application user to unknowingly send arbitrary requests to the server. | 2021-03-01 | not yet calculated | CVE-2021-21515 MISC |
deutsche -- post_mailoptimizer |
Deutsche Post Mailoptimizer 4.3 before 2020-11-09 allows Directory Traversal via a crafted ZIP archive to the Upload feature or the MO Connect component. This can lead to remote code execution. | 2021-03-05 | not yet calculated | CVE-2021-28042 MISC MISC |
docker -- dashboard |
rakibtg Docker Dashboard before 2021-02-28 allows command injection in backend/utilities/terminal.js via shell metacharacters in the command parameter of an API request. NOTE: this is NOT a Docker, Inc. product. | 2021-03-02 | not yet calculated | CVE-2021-27886 MISC MISC MISC |
doctor_appointment_system -- doctor_appointment_system | Cross Site Scripting (XSS) vulnerability in contactus.php in Doctor Appointment System 1.0 allows remote attackers to inject arbitrary web script or HTML via the lastname parameter. | 2021-03-01 | not yet calculated | CVE-2021-27318 MISC MISC |
doctor_appointment_system -- doctor_appointment_system |
Cross Site Scripting (XSS) vulnerability in contactus.php in Doctor Appointment System 1.0 allows remote attackers to inject arbitrary web script or HTML via the comment parameter. | 2021-03-01 | not yet calculated | CVE-2021-27317 MISC MISC |
e107 -- e107 |
usersettings.php in e107 through 2.3.0 lacks a certain e_TOKEN protection mechanism. | 2021-03-02 | not yet calculated | CVE-2021-27885 MISC MISC MISC |
epignosis -- efontpro |
A predictable seed vulnerability exists in the password reset functionality of Epignosis EfrontPro 5.2.21. By predicting the seed it is possible to generate the correct password reset 1-time token. An attacker can visit the password reset supplying the password reset token to reset the password of an account of their choice. | 2021-03-03 | not yet calculated | CVE-2020-28597 MISC |
fastify-reply-form -- fastify-reply-form | fastify-http-proxy is an npm package which is a fastify plugin for proxying your http requests to another server, with hooks. By crafting a specific URL, it is possible to escape the prefix of the proxied backend service. If the base url of the proxied server is `/pub/`, a user expect that accessing `/priv` on the target service would not be possible. In affected versions, it is possible. This is fixed in version 4.3.1. | 2021-03-02 | not yet calculated | CVE-2021-21322 MISC CONFIRM MISC |
fastify-reply-form -- fastify-reply-form |
fastify-reply-from is an npm package which is a fastify plugin to forward the current http request to another server. In fastify-reply-from before version 4.0.2, by crafting a specific URL, it is possible to escape the prefix of the proxied backend service. If the base url of the proxied server is "/pub/", a user expect that accessing "/priv" on the target service would not be possible. In affected versions, it is possible. This is fixed in version 4.0.2. | 2021-03-02 | not yet calculated | CVE-2021-21321 MISC CONFIRM MISC |
fatek -- fvdesigner |
An uninitialized pointer may be exploited in Fatek FvDesigner Version 1.5.76 and prior while the application is processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution. | 2021-03-03 | not yet calculated | CVE-2021-22670 MISC |
fatek -- fvdesigner |
Fatek FvDesigner Version 1.5.76 and prior is vulnerable to an out-of-bounds write while processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution. | 2021-03-03 | not yet calculated | CVE-2021-22683 MISC |
fatek -- fvdesigner |
A use after free issue has been identified in Fatek FvDesigner Version 1.5.76 and prior in the way the application processes project files, allowing an attacker to craft a special project file that may permit arbitrary code execution. | 2021-03-03 | not yet calculated | CVE-2021-22662 MISC |
fatek -- fvdesigner |
Fatek FvDesigner Version 1.5.76 and prior is vulnerable to an out-of-bounds read while processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution. | 2021-03-03 | not yet calculated | CVE-2021-22638 MISC |
fatek -- fvdesigner |
Fatek FvDesigner Version 1.5.76 and prior is vulnerable to a stack-based buffer overflow while project files are being processed, allowing an attacker to craft a special project file that may permit arbitrary code execution. | 2021-03-03 | not yet calculated | CVE-2021-22666 MISC |
fork -- forkcms | PHP object injection in the Ajax endpoint of the backend in ForkCMS below version 5.8.3 allows an authenticated remote user to execute malicious code. | 2021-03-04 | not yet calculated | CVE-2020-24036 MISC MISC MISC |
fortinet -- fortigate |
When traffic other than HTTP/S (eg: SSH traffic, etc...) traverses the FortiGate in version below 6.2.5 and below 6.4.2 on port 80/443, it is not redirected to the transparent proxy policy for processing, as it doesn't have a valid HTTP header. | 2021-03-04 | not yet calculated | CVE-2020-15938 CONFIRM |
fortinet -- fortigate |
An improper neutralization of input vulnerability in FortiGate version 6.2.x below 6.2.5 and 6.4.x below 6.4.1 may allow a remote attacker to perform a stored cross site scripting attack (XSS) via the IPS and WAF logs dashboard. | 2021-03-03 | not yet calculated | CVE-2020-15937 CONFIRM |
fortinet -- fortiproxy |
An improper access control vulnerability in FortiProxy SSL VPN portal 2.0.0, 1.2.9 and below versions may allow an authenticated, remote attacker to access internal service such as the ZebOS Shell on the FortiProxy appliance through the Quick Connection functionality. | 2021-03-04 | not yet calculated | CVE-2021-22128 CONFIRM |
fs-path -- fs-path | fs-path node module before 0.0.25 is vulnerable to command injection by way of user-supplied inputs via the `copy`, `copySync`, `remove`, and `removeSync` methods. | 2021-03-04 | not yet calculated | CVE-2020-8298 MISC MISC MISC |
gigaset -- dx600a_devices | The telnet administrator service running on port 650 on Gigaset DX600A v41.00-175 devices does not implement any lockout or throttling functionality. This situation (together with the weak password policy that forces a 4-digit password) allows remote attackers to easily obtain administrative access via brute-force attacks. | 2021-03-02 | not yet calculated | CVE-2021-25309 MISC |
gigaset -- dx600a_devices |
A buffer overflow vulnerability in the AT command interface of Gigaset DX600A v41.00-175 devices allows remote attackers to force a device reboot by sending relatively long AT commands. | 2021-03-02 | not yet calculated | CVE-2021-25306 MISC |
github -- enterprise_server |
A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration of the underlying parsers used by GitHub Pages were not sufficiently restricted and made it possible to execute commands on the GitHub Enterprise Server instance. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulnerability affected all versions of GitHub Enterprise Server prior to 2.22.7 and was fixed in 2.22.7, 2.21.15, and 2.20.24. The underlying issues contributing to this vulnerability were identified through the GitHub Security Bug Bounty program. | 2021-03-03 | not yet calculated | CVE-2020-10519 MISC MISC MISC |
github -- github |
An improper access control vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user with the ability to fork a repository to disclose Actions secrets for the parent repository of the fork. This vulnerability existed due to a flaw that allowed the base reference of a pull request to be updated to point to an arbitrary SHA or another pull request outside of the fork repository. By establishing this incorrect reference in a PR, the restrictions that limit the Actions secrets sent a workflow from forks could be bypassed. This vulnerability affected GitHub Enterprise Server version 3.0.0, 3.0.0.rc2, and 3.0.0.rc1. This vulnerability was reported via the GitHub Bug Bounty program. | 2021-03-03 | not yet calculated | CVE-2021-22862 MISC |
github -- github |
An improper access control vulnerability was identified in the GitHub Enterprise Server GraphQL API that allowed authenticated users of the instance to modify the maintainer collaboration permission of a pull request without proper authorization. By exploiting this vulnerability, an attacker would be able to gain access to head branches of pull requests opened on repositories of which they are a maintainer. Forking is disabled by default for organization owned private repositories and would prevent this vulnerability. Additionally, branch protections such as required pull request reviews or status checks would prevent unauthorized commits from being merged without further review or validation. This vulnerability affected all versions of GitHub Enterprise Server since 2.12.22 and was fixed in versions 2.20.24, 2.21.15, 2.22.7 and 3.0.1. This vulnerability was reported via the GitHub Bug Bounty program. | 2021-03-03 | not yet calculated | CVE-2021-22863 MISC MISC MISC MISC |
github -- github |
An improper access control vulnerability was identified in GitHub Enterprise Server that allowed authenticated users of the instance to gain write access to unauthorized repositories via specifically crafted pull requests and REST API requests. An attacker would need to be able to fork the targeted repository, a setting that is disabled by default for organization owned private repositories. Branch protections such as required pull request reviews or status checks would prevent unauthorized commits from being merged without further review or validation. This vulnerability affected all versions of GitHub Enterprise Server since 2.4.21 and was fixed in versions 2.20.24, 2.21.15, 2.22.7 and 3.0.1. This vulnerability was reported via the GitHub Bug Bounty program. | 2021-03-03 | not yet calculated | CVE-2021-22861 MISC MISC MISC MISC |
gitlab -- gitlab | An issue has been discovered in GitLab affecting all versions starting with 13.0. Confidential issue titles in Gitlab were readable by an unauthorised user via branch logs. | 2021-03-03 | not yet calculated | CVE-2021-22188 CONFIRM MISC MISC |
gitlab -- gitlab |
Starting with version 13.7 the Gitlab CE/EE editions were affected by a security issue related to the validation of the certificates for the Fortinet OTP that could result in authentication issues. | 2021-03-04 | not yet calculated | CVE-2021-22189 CONFIRM MISC |
gitlab -- gitlab |
An issue has been discovered in GitLab affecting all versions starting with 11.8. GitLab was vulnerable to a stored XSS in the epics page, which could be exploited with user interactions. | 2021-03-04 | not yet calculated | CVE-2021-22183 CONFIRM MISC MISC |
gitlab -- gitlab |
An issue has been discovered in GitLab affecting all versions of Gitlab EE/CE before 12.6.7. A potential resource exhaustion issue that allowed running or pending jobs to continue even after project was deleted. | 2021-03-02 | not yet calculated | CVE-2021-22187 CONFIRM MISC |
glpi -- glpi | GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI from version 9.5.0 and before version 9.5.4, there is a cross-site scripting injection vulnerability when using ajax/kanban.php. This is fixed in version 9.5.4. | 2021-03-02 | not yet calculated | CVE-2021-21258 MISC CONFIRM |
glpi -- glpi |
GLPI is open source software which stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package. In GLPI before verison 9.5.4, there is a vulnerability within the document upload function (Home > Management > Documents > Add, or /front/document.form.php endpoint), indeed one of the form field: "Web Link" is not properly sanitized and a malicious user (who has document upload rights) can use it to deliver JavaScript payload. For example if you use the following payload: " accesskey="x" onclick="alert(1)" x=", the content will be saved within the database without any control. And then once you return to the summary documents page, by clicking on the "Web Link" of the newly created file it will create a new empty tab, but on the initial tab the pop-up "1" will appear. | 2021-03-03 | not yet calculated | CVE-2021-21312 MISC CONFIRM |
glpi -- glpi |
GLPI is open source software which stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package. In GLPI before verison 9.5.4, there is a vulnerability in the /ajax/common.tabs.php endpoint, indeed, at least two parameters _target and id are not properly sanitized. Here are two payloads (due to two different exploitations depending on which parameter you act) to exploit the vulnerability:/ajax/common.tabs.php?_target=javascript:alert(document.cookie)&_itemtype=DisplayPreference&_glpi_tab=DisplayPreference$2&id=258&displaytype=Ticket (Payload triggered if you click on the button). /ajax/common.tabs.php?_target=/front/ticket.form.php&_itemtype=Ticket&_glpi_tab=Ticket$1&id=(){};(function%20(){alert(document.cookie);})();function%20a&#. | 2021-03-03 | not yet calculated | CVE-2021-21313 MISC CONFIRM |
glpi -- glpi |
GLPI is open source software which stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package. In GLPI before verison 9.5.4, there is an XSS vulnerability involving a logged in user while updating a ticket. | 2021-03-03 | not yet calculated | CVE-2021-21314 MISC CONFIRM |
glpi -- glpi |
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI version 9.5.3, it was possible to switch entities with IDOR from a logged in user. This is fixed in version 9.5.4. | 2021-03-02 | not yet calculated | CVE-2021-21255 MISC CONFIRM |
grub2 -- grub2 |
A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() in the menu rendering code performs a length calculation on the assumption that expressing a quoted single quote will require 3 characters, while it actually requires 4 characters which allows an attacker to corrupt memory by one byte for each quote in the input. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | 2021-03-03 | not yet calculated | CVE-2021-20233 MISC |
grub2 -- grub2 |
A flaw was found in grub2 in versions prior to 2.06. The option parser allows an attacker to write past the end of a heap-allocated buffer by calling certain commands with a large number of specific short forms of options. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | 2021-03-03 | not yet calculated | CVE-2021-20225 MISC |
grub2 -- grub2 |
A flaw was found in grub2 in versions prior to 2.06. The rmmod implementation allows the unloading of a module used as a dependency without checking if any other dependent module is still loaded leading to a use-after-free scenario. This could allow arbitrary code to be executed or a bypass of Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | 2021-03-03 | not yet calculated | CVE-2020-25632 MISC |
grub2 -- grub2 |
A flaw was found in grub2 in versions prior to 2.06. During USB device initialization, descriptors are read with very little bounds checking and assumes the USB device is providing sane values. If properly exploited, an attacker could trigger memory corruption leading to arbitrary code execution allowing a bypass of the Secure Boot mechanism. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | 2021-03-03 | not yet calculated | CVE-2020-25647 MISC |
grub2 -- grub2 |
A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that references a variable with a sufficiently large payload, it is possible to overflow the stack buffer, corrupt the stack frame and control execution which could also circumvent Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | 2021-03-03 | not yet calculated | CVE-2020-27749 MISC |
grub2 -- grub2 |
A flaw was found in grub2 in versions prior to 2.06. The cutmem command does not honor secure boot locking allowing an privileged attacker to remove address ranges from memory creating an opportunity to circumvent SecureBoot protections after proper triage about grub's memory layout. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | 2021-03-03 | not yet calculated | CVE-2020-27779 MISC |
gunua -- genugate |
An issue was discovered in genua genugate before 9.0 Z p19, 9.1.x through 9.6.x before 9.6 p7, and 10.x before 10.1 p4. The Web Interfaces (Admin, Userweb, Sidechannel) can use different methods to perform the authentication of a user. A specific authentication method during login does not check the provided data (when a certain manipulation occurs) and returns OK for any authentication request. This allows an attacker to login to the admin panel as a user of his choice, e.g., the root user (with highest privileges) or even a non-existing user. | 2021-03-03 | not yet calculated | CVE-2021-27215 MISC MISC MISC |
harmonyos -- harmonyos |
A component API of the HarmonyOS 2.0 has a permission bypass vulnerability. Local attackers may exploit this vulnerability to issue commands repeatedly, exhausting system service resources. | 2021-03-02 | not yet calculated | CVE-2021-22294 MISC |
harmonyos -- harmonyos |
A component of HarmonyOS 2.0 has a DoS vulnerability. Local attackers may exploit this vulnerability to mount a file system to the target device, causing DoS of the file system. | 2021-03-02 | not yet calculated | CVE-2021-22296 MISC MISC MISC |
html-parse-stringify -- html-parse-stringify |
This affects the package html-parse-stringify before 2.0.1; all versions of package html-parse-stringify2. Sending certain input could cause one of the regular expressions that is used for parsing to backtrack, freezing the process. | 2021-03-04 | not yet calculated | CVE-2021-23346 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
ibm -- cloud_apm |
IBM Monitoring (IBM Cloud APM 8.1.4 ) could allow an authenticated user to modify HTML content by sending a specially crafted HTTP request to the APM UI, which could mislead another user. IBM X-Force ID: 187974. | 2021-03-02 | not yet calculated | CVE-2020-4725 XF CONFIRM |
ibm -- cloud_apm |
The IBM Cloud APM 8.1.4 server will issue a DNS request to resolve any hostname specified in the Cloud Event Management Webhook URL configuration definition. This could enable an authenticated user with admin authorization to create DNS query strings that are not hostnames. IBM X-Force ID: 187861. | 2021-03-02 | not yet calculated | CVE-2020-4719 XF CONFIRM |
ibm -- cloud_apm |
The IBM Application Performance Monitoring UI (IBM Cloud APM 8.1.4) allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 187975. | 2021-03-02 | not yet calculated | CVE-2020-4726 XF CONFIRM |
ibm -- multiple_products |
IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 192435. | 2021-03-04 | not yet calculated | CVE-2020-4975 XF CONFIRM |
ibm -- security_verify_bridge |
IBM Security Verify Bridge uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 196617. | 2021-03-03 | not yet calculated | CVE-2021-20441 XF CONFIRM |
ibm -- security_verify_bridge |
IBM Security Verify Bridge contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 196618. | 2021-03-03 | not yet calculated | CVE-2021-20442 XF CONFIRM |
identitymodel -- identitymodel |
An issue was discovered in IdentityModel (aka ScottBrady.IdentityModel) before 1.3.0. The Branca implementation allows an attacker to modify and forge authentication tokens. | 2021-03-05 | not yet calculated | CVE-2020-36255 MISC MISC MISC |
joomla! -- joomla! |
An issue was discovered in Joomla! 1.6.0 through 3.9.24. Inadequate filtering of form contents could allow to overwrite the author field. | 2021-03-04 | not yet calculated | CVE-2021-26029 MISC |
joomla! -- joomla! |
An issue was discovered in Joomla! 3.0.0 through 3.9.24. Extracting an specifilcy crafted zip package could write files outside of the intended path. | 2021-03-04 | not yet calculated | CVE-2021-26028 MISC |
joomla! -- joomla! |
An issue was discovered in Joomla! 3.0.0 through 3.9.24. Incorrect ACL checks could allow unauthorized change of the category for an article. | 2021-03-04 | not yet calculated | CVE-2021-26027 MISC |
kentico -- the_blog |
The Blog module in Kentico CMS 5.5 R2 build 5.5.3996 allows SQL injection via the tagname parameter. | 2021-03-05 | not yet calculated | CVE-2021-27581 MISC MISC |
lg -- mobile_devices |
An issue was discovered on LG mobile devices with Android OS 11 software. They mishandle fingerprint recognition because local high beam mode (LHBM) does not function properly during bright illumination. The LG ID is LVE-SMP-210001 (March 2021). | 2021-03-02 | not yet calculated | CVE-2021-27901 MISC |
linux -- linux_kernel |
An issue was discovered in the Linux kernel 5.9.x through 5.11.3, as used with Xen. In some less-common configurations, an x86 PV guest OS user can crash a Dom0 or driver domain via a large amount of I/O activity. The issue relates to misuse of guest physical addresses when a configuration has CONFIG_XEN_UNPOPULATED_ALLOC but not CONFIG_XEN_BALLOON_MEMORY_HOTPLUG. | 2021-03-05 | not yet calculated | CVE-2021-28039 MLIST MISC |
linux -- linux_kernel |
An issue was discovered in the Linux kernel through 5.11.3, as used with Xen PV. A certain part of the netback driver lacks necessary treatment of errors such as failed memory allocations (as a result of changes to the handling of grant mapping errors). A host OS denial of service may occur during misbehavior of a networking frontend driver. NOTE: this issue exists because of an incomplete fix for CVE-2021-26931. | 2021-03-05 | not yet calculated | CVE-2021-28038 MLIST MISC |
linux -- linux_kernel |
A NULL pointer dereference flaw was found in the Linux kernel’s GPU Nouveau driver functionality in versions prior to 5.12-rc1 in the way the user calls ioctl DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC. This flaw allows a local user to crash the system. | 2021-03-04 | not yet calculated | CVE-2020-25639 MISC |
lumisxp -- lumisxp |
LumisXP (aka Lumis Experience Platform) before 10.0.0 allows unauthenticated blind XXE via an API request to PageControllerXml.jsp. One can send a request crafted with an XXE payload and achieve outcomes such as reading local server files or denial of service. | 2021-03-03 | not yet calculated | CVE-2021-27931 MISC |
markdown -- markdown |
markdown2 >=1.0.1.18, fixed in 2.4.0, is affected by a regular expression denial of service vulnerability. If an attacker provides a malicious string, it can make markdown2 processing difficult or delayed for an extended period of time. | 2021-03-03 | not yet calculated | CVE-2021-26813 MISC |
matrix-react-sdk -- matrix-react-sdk |
matrix-react-sdk is an npm package which is a Matrix SDK for React Javascript. In matrix-react-sdk before version 3.15.0, the user content sandbox can be abused to trick users into opening unexpected documents. The content is opened with a `blob` origin that cannot access Matrix user data, so messages and secrets are not at risk. This has been fixed in version 3.15.0. | 2021-03-02 | not yet calculated | CVE-2021-21320 MISC MISC CONFIRM MISC |
microsoft -- exchange_server | Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26857, CVE-2021-27065, CVE-2021-27078. | 2021-03-03 | not yet calculated | CVE-2021-26858 MISC |
microsoft -- exchange_server | Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065. | 2021-03-03 | not yet calculated | CVE-2021-27078 MISC |
microsoft -- exchange_server | Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078. | 2021-03-03 | not yet calculated | CVE-2021-26857 MISC |
microsoft -- exchange_server |
Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27078. | 2021-03-03 | not yet calculated | CVE-2021-27065 MISC |
microsoft -- exchange_server |
Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26854, CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078. | 2021-03-03 | not yet calculated | CVE-2021-26412 MISC |
microsoft -- exchange_server |
Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078. | 2021-03-03 | not yet calculated | CVE-2021-26854 MISC |
microsoft -- exchange_server |
Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078. | 2021-03-03 | not yet calculated | CVE-2021-26855 MISC |
misp -- misp |
An issue was discovered in app/Model/SharingGroupServer.php in MISP 2.4.139. In the implementation of Sharing Groups, the "all org" flag sometimes provided view access to unintended actors. | 2021-03-02 | not yet calculated | CVE-2021-27904 MISC |
mobilewips -- mobilewips |
Calling of non-existent provider in MobileWips application prior to SMR Feb-2021 Release 1 allows unauthorized actions including denial of service attack by hijacking the provider. | 2021-03-02 | not yet calculated | CVE-2021-25330 MISC |
mongodb -- mongodb_server |
A user authorized to performing a specific type of query may trigger a denial of service by issuing a generic explain command on a find query. This issue affects: MongoDB Inc. MongoDB Server v4.0 versions prior to 4.0.6; MongoDB Server v3.6 versions prior to 3.6.11. | 2021-03-01 | not yet calculated | CVE-2018-25004 MISC |
mongodb -- mongodb_server |
A user authorized to perform database queries may trigger denial of service by issuing specially crafted query contain a type of regex. This issue affects: MongoDB Inc. MongoDB Server v3.6 versions prior to 3.6.21 and MongoDB Server v4.0 versions prior to 4.0.20. | 2021-03-01 | not yet calculated | CVE-2020-7929 CONFIRM |
movable -- multiple_products | Cross-site scripting vulnerability in in Add asset screen of Contents field of Movable Type 7 r.4705 and earlier (Movable Type 7 Series), Movable Type Advanced 7 r.4705 and earlier (Movable Type Advanced 7 Series), Movable Type Premium 1.39 and earlier, and Movable Type Premium Advanced 1.39 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors. | 2021-03-05 | not yet calculated | CVE-2021-20665 MISC MISC |
movable -- multiple_products |
Cross-site scripting vulnerability in in Role authority setting screen of Movable Type 7 r.4705 and earlier (Movable Type 7 Series), Movable Type Advanced 7 r.4705 and earlier (Movable Type Advanced 7 Series), Movable Type 6.7.5 and earlier (Movable Type 6.7 Series), Movable Type Premium 1.39 and earlier, and Movable Type Premium Advanced 1.39 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors. | 2021-03-05 | not yet calculated | CVE-2021-20663 MISC MISC |
movable -- multiple_products |
Cross-site scripting vulnerability in in Asset registration screen of Movable Type 7 r.4705 and earlier (Movable Type 7 Series), Movable Type Advanced 7 r.4705 and earlier (Movable Type Advanced 7 Series), Movable Type 6.7.5 and earlier (Movable Type 6.7 Series), Movable Type Premium 1.39 and earlier, and Movable Type Premium Advanced 1.39 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors. | 2021-03-05 | not yet calculated | CVE-2021-20664 MISC MISC |
msi -- dragon_center |
The MsIo64.sys driver before 1.1.19.1016 in MSI Dragon Center before 2.0.98.0 has a buffer overflow that allows privilege escalation via a crafted 0x80102040, 0x80102044, 0x80102050, or 0x80102054 IOCTL request. | 2021-03-05 | not yet calculated | CVE-2021-27965 MISC MISC |
mymvconnect24 -- mymvconnect24 |
An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions through V2.6.2. There is an XSS issue in the redirect.php allowing an attacker to inject code via a get parameter. | 2021-03-02 | not yet calculated | CVE-2020-12530 CONFIRM |
mymvconnect24 -- mymvconnect24 |
An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions through V2.6.2 There is a SSRF in the LDAP access check, allowing an attacker to scan for open ports. | 2021-03-02 | not yet calculated | CVE-2020-12529 CONFIRM |
mymvconnect24 -- mymvconnect24 |
An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions through V2.6.2. Improper use of access validation allows a logged in user to kill web2go sessions in the account he should not have access to. | 2021-03-02 | not yet calculated | CVE-2020-12528 CONFIRM |
mymvconnect24 -- mymvconnect24 |
An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions through V2.6.2. Improper use of access validation allows a logged in user to interact with devices in the account he should not have access to. | 2021-03-02 | not yet calculated | CVE-2020-12527 CONFIRM |
netgear -- r7800_devices |
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the rc_service parameter provided to apply_save.cgi. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12355. | 2021-03-05 | not yet calculated | CVE-2021-27256 N/A N/A |
netgear -- r7800_devices |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the refresh_status.aspx endpoint. The issue results from a lack of authentication required to start a service on the server. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12360. | 2021-03-05 | not yet calculated | CVE-2021-27255 N/A N/A |
netgear -- r7800_devices |
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7800. Authentication is not required to exploit this vulnerability. The specific flaw exists within the apply_save.cgi endpoint. This issue results from the use of hard-coded encryption key. An attacker can leverage this vulnerability to execute arbitrary code in the context of root. Was ZDI-CAN-12287. | 2021-03-05 | not yet calculated | CVE-2021-27254 N/A N/A |
netgear -- r7800_devices |
This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the downloading of files via FTP. The issue results from the lack of proper validation of the certificate presented by the server. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-12362. | 2021-03-05 | not yet calculated | CVE-2021-27257 N/A N/A |
newlib -- newlib |
A flaw was found in newlib in versions prior to 4.0.0. Improper overflow validation in the memory allocation functions mEMALIGn, pvALLOc, nano_memalign, nano_valloc, nano_pvalloc could case an integer overflow, leading to an allocation of a small buffer and then to a heap-based buffer overflow. | 2021-03-05 | not yet calculated | CVE-2021-3420 MISC |
nextcloud -- nexcloud_server |
Nextcloud Server prior to 20.0.6 is vulnerable to reflected cross-site scripting (XSS) due to lack of sanitization in `OC.Notification.show`. | 2021-03-03 | not yet calculated | CVE-2021-22878 MISC MISC MISC |
nextcloud -- nexcloud_server |
A missing user check in Nextcloud prior to 20.0.6 inadvertently populates a user's own credentials for other users external storage configuration when not already configured yet. | 2021-03-03 | not yet calculated | CVE-2021-22877 MISC MISC MISC MISC |
nextcloud -- nextcloud_server |
Nextcloud Server prior to 20.0.0 stores passwords in a recoverable format even when external storage is not configured. | 2021-03-03 | not yet calculated | CVE-2020-8296 MISC MISC MISC MISC |
node.js -- node.js |
Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to DNS rebinding attacks as the whitelist includes “localhost6”. When “localhost6” is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS, i.e., over network. If the attacker controls the victim's DNS server or can spoof its responses, the DNS rebinding protection can be bypassed by using the “localhost6” domain. As long as the attacker uses the “localhost6” domain, they can still apply the attack described in CVE-2018-7160. | 2021-03-03 | not yet calculated | CVE-2021-22884 MISC MISC MISC |
node.js -- node.js |
Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to a denial of service attack when too many connection attempts with an 'unknownProtocol' are established. This leads to a leak of file descriptors. If a file descriptor limit is configured on the system, then the server is unable to accept new connections and prevent the process also from opening, e.g. a file. If no file descriptor limit is configured, then this lead to an excessive memory usage and cause the system to run out of memory. | 2021-03-03 | not yet calculated | CVE-2021-22883 MISC MISC |
online_invoicing_system -- online_invoicing_system |
A CSV injection vulnerability found in Online Invoicing System (OIS) 4.3 and below can be exploited by users to perform malicious actions such as redirecting admins to unknown or harmful websites, or disclosing other clients' details that the user did not have access to. | 2021-03-03 | not yet calculated | CVE-2021-27839 MISC MISC |
openark -- orchestrator |
resources/public/js/orchestrator.js in openark orchestrator before 3.2.4 allows XSS via the orchestrator-msg parameter. | 2021-03-03 | not yet calculated | CVE-2021-27940 MISC MISC MISC |
openssh -- openssh |
ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host. | 2021-03-05 | not yet calculated | CVE-2021-28041 < |