CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2013-5791 1 Exec Code Overflow 2013-10-16 2018-10-12
1.5
None Local Medium ??? None None Partial
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 and 8.4.1 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters. NOTE: the previous information is from the October 2013 CPU. Oracle has not commented on claims from a third party that the issue is a stack-based buffer overflow in the Microsoft Access 1.x parser in vsacs.dll before 8.4.0.108 and before 8.4.1.52, which allows attackers to execute arbitrary code via a long field (aka column) name.
2 CVE-2012-2425 20 1 DoS 2012-04-25 2021-07-23
1.8
None Local Network High Not required None None Partial
The intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, allow remote attackers to cause a denial of service (application crash) via a long URI.
3 CVE-2011-5204 255 1 +Info 2012-10-04 2012-10-05
1.9
None Local Medium Not required Partial None None
Akiva WebBoard 8.x stores passwords in plaintext, which allows local users to obtain sensitive information by reading from the database.
4 CVE-2021-42836 DoS 2021-10-22 2021-10-25
0.0
None ??? ??? ??? ??? ??? ???
GJSON before 1.9.3 allows a ReDoS (regular expression denial of service) attack.
5 CVE-2021-42771 Exec Code Dir. Trav. 2021-10-20 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files (containing serialized Python objects) via directory traversal, leading to code execution.
6 CVE-2021-42766 DoS 2021-10-20 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
The Proof-of-Stake (PoS) Ethereum consensus protocol through 2021-10-19 allows an adversary to cause a denial of service (long-range consensus chain reorganizations), even when this adversary has little stake and cannot influence network message propagation. This can cause a protocol stall, or an increase in the profits of individual validators.
7 CVE-2021-42765 DoS 2021-10-20 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
The Proof-of-Stake (PoS) Ethereum consensus protocol through 2021-10-19 allows an adversary to leverage network delay to cause a denial of service (indefinite stalling of consensus decisions).
8 CVE-2021-42764 DoS 2021-10-20 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
The Proof-of-Stake (PoS) Ethereum consensus protocol through 2021-10-19 allows an adversary to cause a denial of service (delayed consensus decisions), and also increase the profits of individual validators, via short-range reorganizations of the underlying consensus chain.
9 CVE-2021-42762 Bypass 2021-10-20 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not confined by the sandbox, by abusing VFS syscalls that manipulate its filesystem namespace. The impact is limited to host services that create UNIX sockets that WebKit mounts inside its sandbox, and the sandboxed process remains otherwise confined. NOTE: this is similar to CVE-2021-41133.
10 CVE-2021-42740 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is {A-z] instead of the correct {A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character.
11 CVE-2021-42739 Overflow 2021-10-20 2021-10-20
0.0
None ??? ??? ??? ??? ??? ???
The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking.
12 CVE-2021-42716 Overflow 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in stb stb_image.h 2.27. The PNM loader incorrectly interpreted 16-bit PGM files as 8-bit when converting to RGBA, leading to a buffer overflow when later reinterpreting the result as a 16-bit buffer. An attacker could potentially have crashed a service using stb_image, or read up to 1024 bytes of non-consecutive heap data without control over the read location.
13 CVE-2021-42715 DoS 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in stb stb_image.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An attacker could potentially have caused denial of service in applications using stb_image by submitting crafted HDR files.
14 CVE-2021-42556 Dir. Trav. 2021-10-22 2021-10-25
0.0
None ??? ??? ??? ??? ??? ???
Rasa X before 0.42.4 allows Directory Traversal during archive extraction. In the functionality that allows a user to load a trained model archive, an attacker has arbitrary write capability within specific directories via a crafted archive file.
15 CVE-2021-42542 22 Dir. Trav. 2021-10-22 2021-10-22
0.0
None ??? ??? ??? ??? ??? ???
The affected product is vulnerable to directory traversal due to mishandling of provided backup folder structure.
16 CVE-2021-42540 123 2021-10-22 2021-10-22
0.0
None ??? ??? ??? ??? ??? ???
The affected product is vulnerable to a unsanitized extract folder for system configuration. A low-privileged user can leverage this logic to overwrite the settings and other key functionality.
17 CVE-2021-42539 306 2021-10-22 2021-10-22
0.0
None ??? ??? ??? ??? ??? ???
The affected product is vulnerable to a missing permission validation on system backup restore, which could lead to account take over and unapproved settings change.
18 CVE-2021-42538 78 2021-10-22 2021-10-22
0.0
None ??? ??? ??? ??? ??? ???
The affected product is vulnerable to a parameter injection via passphrase, which enables the attacker to supply uncontrolled input.
19 CVE-2021-42536 200 +Info 2021-10-22 2021-10-22
0.0
None ??? ??? ??? ??? ??? ???
The affected product is vulnerable to a disclosure of peer username and password by allowing all users access to read global variables.
20 CVE-2021-42534 79 XSS 2021-10-22 2021-10-22
0.0
None ??? ??? ??? ??? ??? ???
The affected product’s web application does not properly neutralize the input during webpage generation, which could allow an attacker to inject code in the input forms.
21 CVE-2021-42327 Overflow 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
dp_link_settings_write in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c in the Linux kernel through 5.14.14 allows a heap-based buffer overflow by an attacker who can write a string to the AMD GPU display drivers debug filesystem. There are no checks on size within parse_write_buffer_into_params when it uses the size of copy_from_user to copy a userspace buffer into a 40-byte heap buffer.
22 CVE-2021-42299 Bypass 2021-10-20 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
Microsoft Surface Pro 3 Security Feature Bypass Vulnerability
23 CVE-2021-42258 Exec Code Sql 2021-10-22 2021-10-25
0.0
None ??? ??? ??? ??? ??? ???
BQE BillQuick Web Suite 2018 through 2021 before 22.0.9.1 allows SQL injection for unauthenticated remote code execution, as exploited in the wild in October 2021 for ransomware installation. SQL injection can, for example, use the txtID (aka username) parameter. Successful exploitation can include the ability to execute arbitrary code as MSSQLSERVER$ via xp_cmdshell.
24 CVE-2021-42169 Sql Bypass 2021-10-22 2021-10-22
0.0
None ??? ??? ??? ??? ??? ???
The Simple Payroll System with Dynamic Tax Bracket in PHP using SQLite Free Source Code (by: oretnom23 ) is vulnerable from remote SQL-Injection-Bypass-Authentication for the admin account. The parameter (username) from the login form is not protected correctly and there is no security and escaping from malicious payloads.
25 CVE-2021-42108 Exec Code 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
Unnecessary privilege vulnerabilities in the Web Console of Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
26 CVE-2021-42107 Exec Code 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-42104, 42105 and 42106.
27 CVE-2021-42106 Exec Code 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-42104, 42105 and 42107.
28 CVE-2021-42105 Exec Code 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-42104, 42106 and 42107.
29 CVE-2021-42104 Exec Code 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-42105, 42106 and 42107.
30 CVE-2021-42103 Exec Code 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service could allow a local attacker to escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar but not identical to CVE-2021-42101.
31 CVE-2021-42102 Exec Code 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service agents could allow a local attacker to escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
32 CVE-2021-42101 Exec Code 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service could allow a local attacker to escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar but not identical to CVE-2021-42103.
33 CVE-2021-42097 +Priv CSRF 2021-10-21 2021-10-23
0.0
None ??? ??? ??? ??? ??? ???
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A csrf_token value is not specific to a single user account. An attacker can obtain a value within the context of an unprivileged user account, and then use that value in a CSRF attack against an admin (e.g., for account takeover).
34 CVE-2021-42096 +Priv CSRF 2021-10-21 2021-10-23
0.0
None ??? ??? ??? ??? ??? ???
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A certain csrf_token value is derived from the admin password, and may be useful in conducting a brute-force attack against that password.
35 CVE-2021-42012 Exec Code Overflow 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
A stack-based buffer overflow vulnerability in Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
36 CVE-2021-42011 Exec Code 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
An incorrect permission assignment vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to load a DLL with escalated privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
37 CVE-2021-41792 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in Hyland org.alfresco:alfresco-content-services through 6.2.2.18 and org.alfresco:alfresco-transform-services through 1.3. A crafted HTML file, once uploaded, could trigger an unexpected request by the transformation engine. The response to the request is not available to the attacker, i.e., this is blind SSRF.
38 CVE-2021-41791 XSS 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in Hyland org.alfresco:share through 7.0.0.2 and org.alfresco:community-share through 7.0. An evasion of the XSS filter for HTML input validation in the Alfresco Share User Interface leads to stored XSS that could be exploited by an attacker (given that he has privileges on the content collaboration features).
39 CVE-2021-41790 Exec Code 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in Hyland org.alfresco:alfresco-content-services through 7.0.1.2. Script Action execution allows executing scripts uploaded outside of the Data Dictionary. This could allow a logged-in attacker to execute arbitrary code inside a sandboxed environment.
40 CVE-2021-41745 2021-10-22 2021-10-22
0.0
None ??? ??? ??? ??? ??? ???
ShowDoc 2.8.3 ihas a file upload vulnerability, where attackers can use the vulnerability to obtain server permissions.
41 CVE-2021-41744 2021-10-22 2021-10-22
0.0
None ??? ??? ??? ??? ??? ???
All versions of yongyou PLM are affected by a command injection issue. UFIDA PLM (Product Life Cycle Management) is a strategic management method. It applies a series of enterprise application systems to support the entire process from conceptual design to the end of product life, and the collaborative creation, distribution, application and management of product information across organizations. Yonyou PLM uses jboss by default, and you can access the management control background without authorization An attacker can use this vulnerability to gain server permissions.
42 CVE-2021-41179 304 2021-10-25 2021-10-25
0.0
None ??? ??? ??? ??? ??? ???
Nextcloud is an open-source, self-hosted productivity platform. Prior to Nextcloud Server versions 20.0.13, 21.0.5, and 22.2.0, the Two-Factor Authentication wasn't enforced for pages marked as public. Any page marked as `@PublicPage` could thus be accessed with a valid user session that isn't authenticated. This particularly affects the Nextcloud Talk application, as this could be leveraged to gain access to any private chat channel without going through the Two-Factor flow. It is recommended that the Nextcloud Server be upgraded to 20.0.13, 21.0.5 or 22.2.0. There are no known workarounds aside from upgrading.
43 CVE-2021-41178 434 XSS 2021-10-25 2021-10-25
0.0
None ??? ??? ??? ??? ??? ???
Nextcloud is an open-source, self-hosted productivity platform. Prior to versions 20.0.13, 21.0.5, and 22.2.0, a file traversal vulnerability makes an attacker able to download arbitrary SVG images from the host system, including user provided files. This could also be leveraged into a XSS/phishing attack, an attacker could upload a malicious SVG file that mimics the Nextcloud login form and send a specially crafted link to victims. The XSS risk here is mitigated due to the fact that Nextcloud employs a strict Content-Security-Policy disallowing execution of arbitrary JavaScript. It is recommended that the Nextcloud Server be upgraded to 20.0.13, 21.0.5 or 22.2.0. There are no known workarounds aside from upgrading.
44 CVE-2021-41177 799 2021-10-25 2021-10-25
0.0
None ??? ??? ??? ??? ??? ???
Nextcloud is an open-source, self-hosted productivity platform. Prior to versions 20.0.13, 21.0.5, and 22.2.0, Nextcloud Server did not implement a database backend for rate-limiting purposes. Any component of Nextcloud using rate-limits (as as `AnonRateThrottle` or `UserRateThrottle`) was thus not rate limited on instances not having a memory cache backend configured. In the case of a default installation, this would notably include the rate-limits on the two factor codes. It is recommended that the Nextcloud Server be upgraded to 20.0.13, 21.0.5, or 22.2.0. As a workaround, enable a memory cache backend in `config.php`.
45 CVE-2021-41176 352 2021-10-25 2021-10-25
0.0
None ??? ??? ??? ??? ??? ???
Pterodactyl is an open-source game server management panel built with PHP 7, React, and Go. In affected versions of Pterodactyl a malicious user can trigger a user logout if a signed in user visits a malicious website that makes a request to the Panel's sign-out endpoint. This requires a targeted attack against a specific Panel instance, and serves only to sign a user out. **No user details are leaked, nor is any user data affected, this is simply an annoyance at worst.** This is fixed in version 1.6.3.
46 CVE-2021-41171 307 Bypass 2021-10-22 2021-10-25
0.0
None ??? ??? ??? ??? ??? ???
eLabFTW is an open source electronic lab notebook manager for research teams. In versions of eLabFTW before 4.1.0, it allows attackers to bypass a brute-force protection mechanism by using many different forged PHPSESSID values in HTTP Cookie header. This issue has been addressed by implementing brute force login protection, as recommended by Owasp with Device Cookies. This mechanism will not impact users and will effectively thwart any brute-force attempts at guessing passwords. The only correct way to address this is to upgrade to version 4.1.0. Adding rate limitation upstream of the eLabFTW service is of course a valid option, with or without upgrading.
47 CVE-2021-41169 79 XSS 2021-10-21 2021-10-22
0.0
None ??? ??? ??? ??? ??? ???
Sulu is an open-source PHP content management system based on the Symfony framework. In versions before 1.6.43 are subject to stored cross site scripting attacks. HTML input into Tag names is not properly sanitized. Only admin users are allowed to create tags. Users are advised to upgrade.
48 CVE-2021-41168 20 DoS 2021-10-21 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
Snudown is a reddit-specific fork of the Sundown Markdown parser used by GitHub, with Python integration added. In affected versions snudown was found to be vulnerable to denial of service attacks to its reference table implementation. References written in markdown ` [reference_name]: https://www.example.com` are inserted into a hash table which was found to have a weak hash function, meaning that an attacker can reliably generate a large number of collisions for it. This makes the hash table vulnerable to a hash-collision DoS attack, a type of algorithmic complexity attack. Further the hash table allowed for duplicate entries resulting in long retrieval times. Proofs of concept and further discussion of the hash collision issue are discussed on the snudown GHSA(https://github.com/reddit/snudown/security/advisories/GHSA-6gvv-9q92-w5f6). Users are advised to update to version 1.7.0.
49 CVE-2021-41167 2021-10-20 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
modern-async is an open source JavaScript tooling library for asynchronous operations using async/await and promises. In affected versions a bug affecting two of the functions in this library: forEachSeries and forEachLimit. They should limit the concurrency of some actions but, in practice, they don't. Any code calling these functions will be written thinking they would limit the concurrency but they won't. This could lead to potential security issues in other projects. The problem has been patched in 1.0.4. There is no workaround.
50 CVE-2021-41163 74 Exec Code 2021-10-20 2021-10-21
0.0
None ??? ??? ??? ??? ??? ???
Discourse is an open source platform for community discussion. In affected versions maliciously crafted requests could lead to remote code execution. This resulted from a lack of validation in subscribe_url values. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. To workaround the issue without updating, requests with a path starting /webhooks/aws path could be blocked at an upstream proxy.
Total number of vulnerabilities : 1779   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.