CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 5 and 5.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
201 CVE-2021-28658 22 Dir. Trav. 2021-04-06 2021-06-04
5.0
None Remote Low Not required Partial None None
In Django 2.2 before 2.2.20, 3.0 before 3.0.14, and 3.1 before 3.1.8, MultiPartParser allowed directory traversal via uploaded files with suitably crafted file names. Built-in upload handlers were not affected by this vulnerability.
202 CVE-2021-28651 400 DoS 2021-05-27 2021-06-11
5.0
None Remote Low Not required None None Partial
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a buffer-management bug, it allows a denial of service. When resolving a request with the urn: scheme, the parser leaks a small amount of memory. However, there is an unspecified attack methodology that can easily trigger a large amount of memory consumption.
203 CVE-2021-28545 353 2021-04-01 2021-06-11
5.8
None Remote Medium Not required Partial Partial None
Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are missing support for an integrity check. An unauthenticated attacker could leverage this vulnerability to show arbitrary content in a certified PDF without invalidating the certification. Exploitation of this issue requires user interaction in that a victim must open the tampered file.
204 CVE-2021-28543 476 DoS 2021-03-16 2021-03-26
5.0
None Remote Low Not required None None Partial
Varnish varnish-modules before 0.17.1 allows remote attackers to cause a denial of service (daemon restart) in some configurations. This does not affect organizations that only install the Varnish Cache product; however, it is common to install both Varnish Cache and varnish-modules. Specifically, an assertion failure or NULL pointer dereference can be triggered in Varnish Cache through the varnish-modules header.append() and header.copy() functions. For some Varnish Configuration Language (VCL) files, this gives remote clients an opportunity to cause a Varnish Cache restart. A restart reduces overall availability and performance due to an increased number of cache misses, and may cause higher load on backend servers.
205 CVE-2021-28484 835 2021-04-14 2021-06-04
5.0
None Remote Low Not required None None Partial
An issue was discovered in the /api/connector endpoint handler in Yubico yubihsm-connector before 3.0.1 (in YubiHSM SDK before 2021.04). The handler did not validate the length of the request, which can lead to a state where yubihsm-connector becomes stuck in a loop waiting for the YubiHSM to send it data, preventing any further operations until the yubihsm-connector is restarted. An attacker can send 0, 1, or 2 bytes to trigger this.
206 CVE-2021-28478 2021-05-11 2021-05-18
5.8
None Remote Medium Not required Partial Partial None
Microsoft SharePoint Spoofing Vulnerability This CVE ID is unique from CVE-2021-26418, CVE-2021-31172.
207 CVE-2021-28439 DoS 2021-04-13 2021-04-20
5.0
None Remote Low Not required None None Partial
Windows TCP/IP Driver Denial of Service Vulnerability This CVE ID is unique from CVE-2021-28319.
208 CVE-2021-28374 312 2021-03-15 2021-05-17
5.0
None Remote Low Not required Partial None None
The Debian courier-authlib package before 0.71.1-2 for Courier Authentication Library creates a /run/courier/authdaemon directory with weak permissions, allowing an attacker to read user information. This may include a cleartext password in some configurations. In general, it includes the user's existence, uid and gids, home and/or Maildir directory, quota, and some type of password information (such as a hash).
209 CVE-2021-28373 863 2021-03-13 2021-03-18
5.0
None Remote Low Not required None Partial None
The auth_internal plugin in Tiny Tiny RSS (aka tt-rss) before 2021-03-12 allows an attacker to log in via the OTP code without a valid password. NOTE: this issue only affected the git master branch for a short time. However, all end users are explicitly directed to use the git master branch in production. Semantic version numbers such as 21.03 appear to exist, but are automatically generated from the year and month. They are not releases.
210 CVE-2021-28362 191 Mem. Corr. 2021-03-24 2021-03-26
5.0
None Remote Low Not required None None Partial
An issue was discovered in Contiki through 3.0. When sending an ICMPv6 error message because of invalid extension header options in an incoming IPv6 packet, there is an attempt to remove the RPL extension headers. Because the packet length and the extension header length are unchecked (with respect to the available data) at this stage, and these variables are susceptible to integer underflow, it is possible to construct an invalid extension header that will cause memory corruption issues and lead to a Denial-of-Service condition. This is related to rpl-ext-header.c.
211 CVE-2021-28361 476 2021-03-13 2021-03-18
5.0
None Remote Low Not required None None Partial
An issue was discovered in Storage Performance Development Kit (SPDK) before 20.01.01. If a PDU is sent to the iSCSI target with a zero length (but data is expected), the iSCSI target can crash with a NULL pointer dereference.
212 CVE-2021-28324 200 +Info 2021-04-13 2021-04-15
5.0
None Remote Low Not required Partial None None
Windows SMB Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-28325.
213 CVE-2021-28319 DoS 2021-04-13 2021-04-15
5.0
None Remote Low Not required None None Partial
Windows TCP/IP Driver Denial of Service Vulnerability This CVE ID is unique from CVE-2021-28439.
214 CVE-2021-28307 476 2021-03-12 2021-03-16
5.0
None Remote Low Not required None None Partial
An issue was discovered in the fltk crate before 0.15.3 for Rust. There is a NULL pointer dereference during attempted use of a non-raster image for a window icon.
215 CVE-2021-28306 476 2021-03-12 2021-03-16
5.0
None Remote Low Not required None None Partial
An issue was discovered in the fltk crate before 0.15.3 for Rust. There is a NULL pointer dereference during attempted use of a multi label type if the image is nonexistent.
216 CVE-2021-28302 776 DoS Overflow 2021-03-12 2021-03-18
5.0
None Remote Low Not required None None Partial
A stack overflow in pupnp 1.16.1 can cause the denial of service through the Parser_parseDocument() function. ixmlNode_free() will release a child node recursively, which will consume stack space and lead to a crash.
217 CVE-2021-28295 89 Sql 2021-03-16 2021-03-22
5.0
None Remote Low Not required Partial None None
Online Ordering System 1.0 is vulnerable to unauthenticated SQL injection through /onlineordering/GPST/admin/design.php, which may lead to database information disclosure.
218 CVE-2021-28248 307 2021-03-26 2021-03-29
5.0
None Remote Low Not required Partial None None
** UNSUPPORTED WHEN ASSIGNED ** CA eHealth Performance Manager through 6.3.2.12 is affected by Improper Restriction of Excessive Authentication Attempts. An attacker is able to perform an arbitrary number of /web/frames/ authentication attempts using different passwords, and eventually gain access to a targeted account, NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
219 CVE-2021-28245 89 Sql 2021-03-31 2021-04-05
5.0
None Remote Low Not required Partial None None
PbootCMS 3.0.4 contains a SQL injection vulnerability through index.php via the search parameter that can reveal sensitive information through adding an admin account.
220 CVE-2021-28172 22 Dir. Trav. 2021-04-06 2021-04-09
5.0
None Remote Low Not required Partial None None
There is a Path Traversal vulnerability in the file download function of Vangene deltaFlow E-platform. Remote attackers can access credential data with this leakage.
221 CVE-2021-28170 20 2021-05-26 2021-06-10
5.0
None Remote Low Not required None Partial None
In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid.
222 CVE-2021-28164 200 +Info 2021-04-01 2021-06-11
5.0
None Remote Low Not required Partial None None
In Eclipse Jetty 9.4.37.v20210219 to 9.4.38.v20210224, the default compliance mode allows requests with URIs that contain %2e or %2e%2e segments to access protected resources within the WEB-INF directory. For example a request to /context/%2e/WEB-INF/web.xml can retrieve the web.xml file. This can reveal sensitive information regarding the implementation of a web application.
223 CVE-2021-28156 Bypass 2021-04-20 2021-04-23
5.0
None Remote Low Not required None Partial None
HashiCorp Consul Enterprise version 1.8.0 up to 1.9.4 audit log can be bypassed by specifically crafted HTTP events. Fixed in 1.9.5, and 1.8.10.
224 CVE-2021-28153 59 2021-03-11 2021-04-22
5.0
None Remote Low Not required None Partial None
An issue was discovered in GNOME GLib before 2.66.8. When g_file_replace() is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path that is a dangling symlink, it incorrectly also creates the target of the symlink as an empty file, which could conceivably have security relevance if the symlink is attacker-controlled. (If the path is a symlink to a file that already exists, then the contents of that file correctly remain unchanged.)
225 CVE-2021-28148 287 DoS 2021-03-22 2021-04-30
5.0
None Remote Low Not required None None Partial
One of the usage insights HTTP API endpoints in Grafana Enterprise 6.x before 6.7.6, 7.x before 7.3.10, and 7.4.x before 7.4.5 is accessible without any authentication. This allows any unauthenticated user to send an unlimited number of requests to the endpoint, leading to a denial of service (DoS) attack against a Grafana Enterprise instance.
226 CVE-2021-28128 640 2021-05-06 2021-05-14
5.5
None Remote Low ??? Partial Partial None
In Strapi through 3.6.0, the admin panel allows the changing of one's own password without entering the current password. An attacker who gains access to a valid session can use this to take over an account by changing the password.
227 CVE-2021-28117 2021-03-20 2021-04-01
5.0
None Remote Low Not required None Partial None
libdiscover/backends/KNSBackend/KNSResource.cpp in KDE Discover before 5.21.3 automatically creates links to potentially dangerous URLs (that are neither https:// nor http://) based on the content of the store.kde.org web site. (5.18.7 is also a fixed version.)
228 CVE-2021-28110 611 2021-03-19 2021-03-25
5.0
None Remote Low Not required None None Partial
/exec in TranzWare e-Commerce Payment Gateway (TWEC PG) before 3.1.27.5 had a vulnerability in its XML parser.
229 CVE-2021-28092 DoS 2021-03-12 2021-05-17
5.0
None Remote Low Not required None None Partial
The is-svg package 2.1.0 through 4.2.1 for Node.js uses a regular expression that is vulnerable to Regular Expression Denial of Service (ReDoS). If an attacker provides a malicious string, is-svg will get stuck processing the input for a very long time.
230 CVE-2021-28091 347 2021-06-04 2021-06-11
5.0
None Remote Low Not required None Partial None
Lasso all versions prior to 2.7.0 has improper verification of a cryptographic signature.
231 CVE-2021-28090 2021-03-19 2021-03-25
5.0
None Remote Low Not required None None Partial
Tor before 0.4.5.7 allows a remote attacker to cause Tor directory authorities to exit with an assertion failure, aka TROVE-2021-002.
232 CVE-2021-28089 400 2021-03-19 2021-03-25
5.0
None Remote Low Not required None None Partial
Tor before 0.4.5.7 allows a remote participant in the Tor directory protocol to exhaust CPU resources on a target, aka TROVE-2021-001.
233 CVE-2021-28075 +Info 2021-04-06 2021-04-12
5.0
None Remote Low Not required Partial None None
iKuaiOS 3.4.8 Build 202012291059 has an arbitrary file download vulnerability, which can be exploited by attackers to obtain sensitive information.
234 CVE-2021-28060 918 2021-04-14 2021-04-19
5.0
None Remote Low Not required Partial None None
A Server-Side Request Forgery (SSRF) vulnerability in Group Office 6.4.196 allows a remote attacker to forge GET requests to arbitrary URLs via the url parameter to group/api/upload.php.
235 CVE-2021-28040 674 2021-03-05 2021-03-09
5.0
None Remote Low Not required None None Partial
An issue was discovered in OSSEC 3.6.0. An uncontrolled recursion vulnerability in os_xml.c occurs when a large number of opening and closing XML tags is used. Because recursion is used in _ReadElem without restriction, an attacker can trigger a segmentation fault once unmapped memory is reached.
236 CVE-2021-28036 119 Overflow 2021-03-05 2021-03-05
5.0
None Remote Low Not required Partial None None
An issue was discovered in the quinn crate before 0.7.0 for Rust. It may have invalid memory access for certain versions of the standard library because it relies on a direct cast of std::net::SocketAddrV4 and std::net::SocketAddrV6 data structures.
237 CVE-2021-28030 908 2021-03-05 2021-03-05
5.0
None Remote Low Not required Partial None None
An issue was discovered in the truetype crate before 0.30.1 for Rust. Attackers can read the contents of uninitialized memory locations via a user-provided Read operation within Tape::take_bytes.
238 CVE-2021-28029 2021-03-05 2021-03-05
5.0
None Remote Low Not required Partial None None
An issue was discovered in the toodee crate before 0.3.0 for Rust. The row-insertion feature allows attackers to read the contents of uninitialized memory locations.
239 CVE-2021-27990 287 2021-04-14 2021-04-21
5.0
None Remote Low Not required Partial None None
Appspace 6.2.4 is vulnerable to a broken authentication mechanism where pages such as /medianet/mail.aspx can be called directly and the framework is exposed with layouts, menus and functionalities.
240 CVE-2021-27935 307 2021-03-03 2021-03-10
5.0
None Remote Low Not required Partial None None
An issue was discovered in AdGuard before 0.105.2. An attacker able to get the user's cookie is able to bruteforce their password offline, because the hash of the password is stored in the cookie.
241 CVE-2021-27923 400 DoS 2021-03-03 2021-03-23
5.0
None Remote Low Not required None None Partial
Pillow before 8.1.1 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for an ICO container, and thus an attempted memory allocation can be very large.
242 CVE-2021-27922 400 DoS 2021-03-03 2021-03-23
5.0
None Remote Low Not required None None Partial
Pillow before 8.1.1 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for an ICNS container, and thus an attempted memory allocation can be very large.
243 CVE-2021-27921 400 DoS 2021-03-03 2021-03-23
5.0
None Remote Low Not required None None Partial
Pillow before 8.1.1 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for a BLP container, and thus an attempted memory allocation can be very large.
244 CVE-2021-27918 835 2021-03-11 2021-03-18
5.0
None Remote Low Not required None None Partial
encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.
245 CVE-2021-27900 862 2021-04-06 2021-04-12
5.5
None Remote Low ??? None Partial Partial
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) is missing an authorization check on several pages in the Web Console. This enables a view-only user to change any configuration setting and delete any registered agents. All versions before 7.11.1 are affected.
246 CVE-2021-27899 295 2021-04-06 2021-04-12
5.8
None Remote Medium Not required Partial Partial None
The Proofpoint Insider Threat Management Agents (formerly ObserveIT Agent) for MacOS and Linux perform improper validation of the ITM Server's certificate, which enables a remote attacker to intercept and alter these communications using a man-in-the-middle attack. All versions before 7.11.1 are affected. Agents for Windows and Cloud are not affected.
247 CVE-2021-27839 1236 2021-03-03 2021-03-10
5.8
None Remote Medium Not required Partial Partial None
A CSV injection vulnerability found in Online Invoicing System (OIS) 4.3 and below can be exploited by users to perform malicious actions such as redirecting admins to unknown or harmful websites, or disclosing other clients' details that the user did not have access to.
248 CVE-2021-27823 200 +Info 2021-05-25 2021-05-28
5.0
None Remote Low Not required Partial None None
An information disclosure vulnerability was discovered in /index.class.php (via port 8181) on NetWave System 1.0 which allows unauthenticated attackers to exfiltrate sensitive information from the system.
249 CVE-2021-27803 DoS Exec Code 2021-02-26 2021-04-23
5.4
None Local Network Medium Not required Partial Partial Partial
A vulnerability was discovered in how p2p/p2p_pd.c in wpa_supplicant before 2.10 processes P2P (Wi-Fi Direct) provision discovery requests. It could result in denial of service or other impact (potentially execution of arbitrary code), for an attacker within radio range.
250 CVE-2021-27799 787 Overflow 2021-02-26 2021-03-10
5.0
None Remote Low Not required None None Partial
ean_leading_zeroes in backend/upcean.c in Zint Barcode Generator 2.9.1 has a stack-based buffer overflow that is reachable from the C API through an application that includes the Zint Barcode Generator library code.
Total number of vulnerabilities : 22711   Page : 1 2 3 4 5 (This Page)6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.