CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
301 CVE-2021-24352 284 2021-06-14 2021-06-14
0.0
None ??? ??? ??? ??? ??? ???
The export_data function of the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4 had no capability or nonce checks making it possible for unauthenticated users to export a site's redirects.
302 CVE-2021-24351 79 XSS 2021-06-14 2021-06-14
0.0
None ??? ??? ??? ??? ??? ???
The theplus_more_post AJAX action of The Plus Addons for Elementor Page Builder WordPress plugin before 4.1.12 did not properly sanitise some of its fields, leading to a reflected Cross-Site Scripting (exploitable on both unauthenticated and authenticated users)
303 CVE-2021-24349 79 XSS CSRF 2021-06-14 2021-06-14
0.0
None ??? ??? ??? ??? ??? ???
This Gallery from files WordPress plugin through 1.6.0 gives the functionality of uploading images to the server. But filenames are not properly sanitized before being output in an error message when they have an invalid extension, leading to a reflected Cross-Site Scripting issue. Due to the lack of CSRF check, the attack could also be performed via such vector.
304 CVE-2021-24348 89 Sql 2021-06-14 2021-06-14
0.0
None ??? ??? ??? ??? ??? ???
The menu delete functionality of the Side Menu – add fixed side buttons WordPress plugin before 3.1.5, available to Administrator users takes the did GET parameter and uses it into an SQL statement without proper sanitisation, validation or escaping, therefore leading to a SQL Injection issue
305 CVE-2021-24347 94 2021-06-14 2021-06-14
0.0
None ??? ??? ??? ??? ??? ???
The SP Project & Document Manager WordPress plugin before 4.22 allows users to upload files, however, the plugin attempts to prevent php and other similar files that could be executed on the server from being uploaded by checking the file extension. It was discovered that php files could still be uploaded by changing the file extension's case, for example, from "php" to "pHP".
306 CVE-2021-24346 XSS 2021-06-14 2021-06-14
0.0
None ??? ??? ??? ??? ??? ???
The Stock in & out WordPress plugin through 1.0.4 has a search functionality, the lowest accessible level to it being contributor. The srch POST parameter is not validated, sanitised or escaped before using it in the echo statement, leading to a reflected XSS issue
307 CVE-2021-24345 89 Sql 2021-06-14 2021-06-14
0.0
None ??? ??? ??? ??? ??? ???
The page lists-management feature of the Sendit WP Newsletter WordPress plugin through 2.5.1, available to Administrator users does not sanitise, validate or escape the id_lista POST parameter before using it in SQL statement, therefore leading to Blind SQL Injection.
308 CVE-2021-24341 Sql 2021-06-14 2021-06-14
0.0
None ??? ??? ??? ??? ??? ???
When deleting a date in the Xllentech English Islamic Calendar WordPress plugin before 2.6.8, the year_number and month_number POST parameters are not sanitised, escaped or validated before being used in a SQL statement, leading to SQL injection.
309 CVE-2021-24037 Exec Code 2021-06-15 2021-06-16
0.0
None ??? ??? ??? ??? ??? ???
A use after free in hermes, while emitting certain error messages, prior to commit d86e185e485b6330216dee8e854455c694e3a36e allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted JavaScript. Hence, most React Native applications are not affected.
310 CVE-2021-24035 2021-06-11 2021-06-11
0.0
None ??? ??? ??? ??? ??? ???
A lack of filename validation when unzipping archives prior to WhatsApp for Android v2.21.8.13 and WhatsApp Business for Android v2.21.8.13 could have allowed path traversal attacks that overwrite WhatsApp files.
311 CVE-2021-23853 2021-06-09 2021-06-09
0.0
None ??? ??? ??? ??? ??? ???
In Bosch IP cameras, improper validation of the HTTP header allows an attacker to inject arbitrary HTTP headers through crafted URLs.
312 CVE-2021-23847 2021-06-09 2021-06-09
0.0
None ??? ??? ??? ??? ??? ???
A Missing Authentication in Critical Function in Bosch IP cameras allows an unauthenticated remote attacker to extract sensitive information or change settings of the camera by sending crafted requests to the device. Only devices of the CPP6, CPP7 and CPP7.3 family with firmware 7.70, 7.72, and 7.80 prior to B128 are affected by this vulnerability. Versions 7.62 or lower and INTEOX cameras are not affected.
313 CVE-2021-23396 2021-06-17 2021-06-17
0.0
None ??? ??? ??? ??? ??? ???
All versions of package lutils are vulnerable to Prototype Pollution via the main (merge) function.
314 CVE-2021-23395 2021-06-15 2021-06-15
0.0
None ??? ??? ??? ??? ??? ???
This affects all versions of package nedb. The library could be tricked into adding or modifying properties of Object.prototype using a __proto__ or constructor.prototype payload.
315 CVE-2021-23394 Exec Code 2021-06-13 2021-06-14
0.0
None ??? ??? ??? ??? ??? ???
The package studio-42/elfinder before 2.1.58 are vulnerable to Remote Code Execution (RCE) via execution of PHP code in a .phar file. NOTE: This only applies if the server parses .phar files as PHP.
316 CVE-2021-23393 Bypass 2021-06-11 2021-06-11
0.0
None ??? ??? ??? ??? ??? ???
This affects the package Flask-Unchained before 0.9.0. When using the the _validate_redirect_url function, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple back slashes such as \\\evil.com/path. This vulnerability is only exploitable if an alternative WSGI server other than Werkzeug is used, or the default behaviour of Werkzeug is modified using 'autocorrect_location_header=False.
317 CVE-2021-23364 DoS 2021-04-28 2021-04-28
0.0
None ??? ??? ??? ??? ??? ???
The package browserslist from 4.0.0 and before 4.16.5 are vulnerable to Regular Expression Denial of Service (ReDoS) during parsing of queries.
318 CVE-2021-23230 Sql 2021-06-11 2021-06-11
0.0
None ??? ??? ??? ??? ??? ???
A SQL Injection vulnerability in the OPCUA interface of Gallagher Command Centre allows a remote unprivileged Command Centre Operator to modify Command Centre databases undetected. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 (MR3); 8.30 versions prior to 8.30.1359 (MR3); 8.20 versions prior to 8.20.1259 (MR5); 8.10 versions prior to 8.10.1284 (MR7); version 8.00 and prior versions.
319 CVE-2021-23211 2021-06-11 2021-06-11
0.0
None ??? ??? ??? ??? ??? ???
Cleartext Storage of Sensitive Information in Memory vulnerability in Gallagher Command Centre Server allows Cloud end-to-end encryption key to be discoverable in server memory dumps. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 (MR3).
320 CVE-2021-23205 2021-06-11 2021-06-11
0.0
None ??? ??? ??? ??? ??? ???
Improper Encoding or Escaping in Gallagher Command Centre Server allows a Command Centre Operator to alter the configuration of Controllers and other hardware items beyond their privilege. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 (MR3); 8.30 versions prior to 8.30.1359 (MR3); 8.20 versions prior to 8.20.1259 (MR5); version 8.10 and prior versions.
321 CVE-2021-23204 2021-06-11 2021-06-11
0.0
None ??? ??? ??? ??? ??? ???
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Gallagher Command Centre Server allows OSDP key material to be exposed to Command Centre Operators. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 (MR3); 8.30 versions prior to 8.30.1359 (MR3).
322 CVE-2021-23182 2021-06-11 2021-06-11
0.0
None ??? ??? ??? ??? ??? ???
Cleartext Storage of Sensitive Information in Memory vulnerability in Gallagher Command Centre Server allows OSDP reader master keys to be discoverable in server memory dumps. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 (MR3); All versions of 8.30.
323 CVE-2021-23140 2021-06-11 2021-06-11
0.0
None ??? ??? ??? ??? ??? ???
Improper Authorization vulnerability in Gallagher Command Centre Server allows command line macros to be modified by an unauthorised Command Centre Operator. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 (MR3); 8.30 versions prior to 8.30.1359 (MR3); 8.20 versions prior to 8.20.1259 (MR5); version 8.10 and prior versions.
324 CVE-2021-23136 2021-06-11 2021-06-11
0.0
None ??? ??? ??? ??? ??? ???
Improper Authorization vulnerability in Gallagher Command Centre Server allows macro overrides to be performed by an unprivileged Command Centre Operator. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 (MR3); 8.30 versions prior to 8.30.1359 (MR3); 8.20 versions prior to 8.20.1259 (MR5); version 8.10 and prior versions.
325 CVE-2021-23024 Exec Code 2021-06-10 2021-06-10
0.0
None ??? ??? ??? ??? ??? ???
On version 8.0.x before 8.0.0.1, and all 6.x and 7.x versions, the BIG-IQ Configuration utility has an authenticated remote command execution vulnerability in undisclosed pages. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
326 CVE-2021-23023 2021-06-10 2021-06-10
0.0
None ??? ??? ??? ??? ??? ???
On version 7.2.1.x before 7.2.1.3 and 7.1.x before 7.1.9.9 Update 1, a DLL hijacking issue exists in cachecleaner.dll included in the BIG-IP Edge Client Windows Installer. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
327 CVE-2021-23022 2021-06-10 2021-06-10
0.0
None ??? ??? ??? ??? ??? ???
On version 7.2.1.x before 7.2.1.3 and 7.1.x before 7.1.9.9 Update 1, the BIG-IP Edge Client Windows Installer Service's temporary folder has weak file and folder permissions. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
328 CVE-2021-22915 Bypass 2021-06-11 2021-06-11
0.0
None ??? ??? ??? ??? ??? ???
Nextcloud server before 19.0.11, 20.0.10, 21.0.2 is vulnerable to brute force attacks due to lack of inclusion of IPv6 subnets in rate-limiting considerations. This could potentially result in an attacker bypassing rate-limit controls such as the Nextcloud brute-force protection.
329 CVE-2021-22914 Bypass 2021-06-16 2021-06-16
0.0
None ??? ??? ??? ??? ??? ???
Citrix Cloud Connector before 6.31.0.62192 suffers from insecure storage of sensitive information due to sensitive information being stored in the Citrix Cloud Connector installation log files. Such information could be used by an malicious actor to access a Citrix Cloud environment. This issue affects all versions of Citrix Cloud Connector that were installed by passing secure client parameters for installation via the command line. The issue does not affect Citrix Cloud Connector if it was installed using the interactive installer or where a parameter file was used with the command-line installer.
330 CVE-2021-22913 2021-06-11 2021-06-11
0.0
None ??? ??? ??? ??? ??? ???
Nextcloud Deck before 1.2.7, 1.4.1 suffers from an information disclosure vulnerability when searches for sharees utilize the lookup server by default instead of only the local Nextcloud server unless a global search has been explicitly chosen by the user.
331 CVE-2021-22912 2021-06-11 2021-06-11
0.0
None ??? ??? ??? ??? ??? ???
Nextcloud iOS before 3.4.2 suffers from an information disclosure vulnerability when searches for sharees utilize the lookup server by default instead of only on the local Nextcloud server unless a global search has been explicitly chosen by the user.
332 CVE-2021-22906 DoS 2021-06-11 2021-06-11
0.0
None ??? ??? ??? ??? ??? ???
Nextcloud End-to-End Encryption before 1.5.3, 1.6.3 and 1.7.1 suffers from a denial of service vulnerability due to permitting any authenticated users to lock files of other users.
333 CVE-2021-22905 2021-06-11 2021-06-11
0.0
None ??? ??? ??? ??? ??? ???
Nextcloud Android App (com.nextcloud.client) before v3.16.0 is vulnerable to information disclosure due to searches for sharees being performed by default on the lookup server instead of only using the local Nextcloud server unless a global search has been explicitly chosen by the user.
334 CVE-2021-22904 DoS 2021-06-11 2021-06-11
0.0
None ??? ??? ??? ??? ??? ???
The actionpack ruby gem before 6.1.3.2, 6.0.3.7, 5.2.4.6, 5.2.6 suffers from a possible denial of service vulnerability in the Token Authentication logic in Action Controller due to a too permissive regular expression. Impacted code uses `authenticate_or_request_with_http_token` or `authenticate_with_http_token` for request authentication.
335 CVE-2021-22903 2021-06-11 2021-06-11
0.0
None ??? ??? ??? ??? ??? ???
The actionpack ruby gem before 6.1.3.2 suffers from a possible open redirect vulnerability. Specially crafted Host headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website. This is similar to CVE-2021-22881. Strings in config.hosts that do not have a leading dot are converted to regular expressions without proper escaping. This causes, for example, `config.hosts << "sub.example.com"` to permit a request with a Host header value of `sub-example.com`.
336 CVE-2021-22902 DoS 2021-06-11 2021-06-11
0.0
None ??? ??? ??? ??? ??? ???
The actionpack ruby gem (a framework for handling and responding to web requests in Rails) before 6.0.3.7, 6.1.3.2 suffers from a possible denial of service vulnerability in the Mime type parser of Action Dispatch. Carefully crafted Accept headers can cause the mime type parser in Action Dispatch to do catastrophic backtracking in the regular expression engine.
337 CVE-2021-22901 Exec Code 2021-06-11 2021-06-11
0.0
None ??? ??? ??? ??? ??? ???
curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. A malicious server can use this in rare unfortunate circumstances to potentially reach remote code execution in the client. When libcurl at run-time sets up support for TLS 1.3 session tickets on a connection using OpenSSL, it stores pointers to the transfer in-memory object for later retrieval when a session ticket arrives. If the connection is used by multiple transfers (like with a reused HTTP/1.1 connection or multiplexed HTTP/2 connection) that first transfer object might be freed before the new session is established on that connection and then the function will access a memory buffer that might be freed. When using that memory, libcurl might even call a function pointer in the object, making it possible for a remote code execution if the server could somehow manage to get crafted memory content into the correct place in memory.
338 CVE-2021-22898 2021-06-11 2021-06-11
0.0
None ??? ??? ??? ??? ??? ???
curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEW_ENV variables, libcurl could be made to pass on uninitialized data from a stack based buffer to the server, resulting in potentially revealing sensitive internal information to the server using a clear-text network protocol.
339 CVE-2021-22897 2021-06-11 2021-06-11
0.0
None ??? ??? ??? ??? ??? ???
curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. The selected cipher set was stored in a single "static" variable in the library, which has the surprising side-effect that if an application sets up multiple concurrent transfers, the last one that sets the ciphers will accidentally control the set used by all transfers. In a worst-case scenario, this weakens transport security significantly.
340 CVE-2021-22896 2021-06-11 2021-06-11
0.0
None ??? ??? ??? ??? ??? ???
Nextcloud Mail before 1.9.5 suffers from improper access control due to a missing permission check allowing other authenticated users to create mail aliases for other users.
341 CVE-2021-22895 2021-06-11 2021-06-11
0.0
None ??? ??? ??? ??? ??? ???
Nextcloud Desktop Client before 3.3.1 is vulnerable to improper certificate validation due to lack of SSL certificate verification when using the "Register with a Provider" flow.
342 CVE-2021-22769 269 2021-06-11 2021-06-11
0.0
None ??? ??? ??? ??? ??? ???
A CWE-269: Improper Privilege Management vulnerability exists in EnerlinÕX ComÕX versions prior to V6.8.4 that could cause disclosure of device configuration information to any authenticated user when a specially crafted request is sent to the device.
343 CVE-2021-22768 DoS Exec Code 2021-06-11 2021-06-11
0.0
None ??? ??? ??? ??? ??? ???
** UNSUPPORTED WHEN ASSIGNED ** A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 (Versions 3.0.0 and newer) and PowerLogic EGX300 (All Versions) that could cause denial of service or remote code execution via a specially crafted HTTP packet.This CVE ID is unique from CVE-2021-22767.
344 CVE-2021-22767 DoS Exec Code 2021-06-11 2021-06-11
0.0
None ??? ??? ??? ??? ??? ???
** UNSUPPORTED WHEN ASSIGNED ** A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 (Versions 3.0.0 and newer) and PowerLogic EGX300 (All Versions) that could cause denial of service or remote code execution via a specially crafted HTTP packet.This CVE ID is unique from CVE-2021-22768
345 CVE-2021-22766 DoS 2021-06-11 2021-06-11
0.0
None ??? ??? ??? ??? ??? ???
** UNSUPPORTED WHEN ASSIGNED ** A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 (Versions 3.0.0 and newer) and PowerLogic EGX300 (All Versions) that could cause denial of service via a specially crafted HTTP packet.
346 CVE-2021-22765 DoS Exec Code 2021-06-11 2021-06-11
0.0
None ??? ??? ??? ??? ??? ???
** UNSUPPORTED WHEN ASSIGNED ** A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 (Versions 3.0.0 and newer) and PowerLogic EGX300 (All Versions) that could cause denial of service or remote code execution via a specially crafted HTTP packet.
347 CVE-2021-22764 2021-06-11 2021-06-11
0.0
None ??? ??? ??? ??? ??? ???
A CWE-287: Improper Authentication vulnerability exists in PowerLogic PM55xx, PowerLogic PM8ECC, PowerLogic EGX100 and PowerLogic EGX300 (see security notification for version infromation) that could cause loss of connectivity to the device via Modbus TCP protocol when an attacker sends a specially crafted HTTP request.
348 CVE-2021-22763 2021-06-11 2021-06-11
0.0
None ??? ??? ??? ??? ??? ???
A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists in PowerLogic PM55xx, PowerLogic PM8ECC, PowerLogic EGX100 and PowerLogic EGX300 (see security notification for version infromation) that could allow an attacker administrator level access to a device.
349 CVE-2021-22749 +Info 2021-06-11 2021-06-11
0.0
None ??? ??? ??? ??? ??? ???
A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Modicon X80 BMXNOR0200H RTU SV1.70 IR22 and prior that could cause information leak concerning the current RTU configuration including communication parameters dedicated to telemetry, when a specially crafted HTTP request is sent to the web server of the module.
350 CVE-2021-22669 732 2021-04-26 2021-04-26
0.0
None ??? ??? ??? ??? ??? ???
Incorrect permissions are set to default on the ‘Project Management’ page of WebAccess/SCADA portal of WebAccess/SCADA Versions 9.0.1 and prior, which may allow a low-privileged user to update an administrator’s password and login as an administrator to escalate privileges on the system.
Total number of vulnerabilities : 799   Page : 1 2 3 4 5 6 7 (This Page)8 9 10 11 12 13 14 15 16
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.