CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
301 CVE-2021-27890 89 Sql 2021-03-15 2021-03-23
6.8
None Remote Medium Not required Partial Partial Partial
SQL Injection vulnerablity in MyBB before 1.8.26 via theme properties included in theme XML files.
302 CVE-2021-27885 326 2021-03-02 2021-03-18
6.8
None Remote Medium Not required Partial Partial Partial
usersettings.php in e107 through 2.3.0 lacks a certain e_TOKEN protection mechanism.
303 CVE-2021-27828 89 Sql 2021-06-01 2021-06-09
6.4
None Remote Low Not required None Partial Partial
SQL injection in In4Suite ERP 3.2.74.1370 allows attackers to modify or delete data, causing persistent changes to the application's content or behavior by using malicious SQL queries.
304 CVE-2021-27811 94 Exec Code 2021-05-21 2021-06-03
6.5
None Remote Low ??? Partial Partial Partial
A code injection vulnerability has been discovered in the Upgrade function of QibosoftX1 v1.0. An attacker is able execute arbitrary PHP code via exploitation of client_upgrade_edition.php and Upgrade.php.
305 CVE-2021-27657 269 2021-06-04 2021-06-17
6.5
None Remote Low ??? Partial Partial Partial
Successful exploitation of this vulnerability could give an authenticated Metasys user an unintended level of access to the server file system, allowing them to access or modify system files by sending specifically crafted web messages to the Metasys system. This issue affects: Johnson Controls Metasys version 11.0 and prior versions.
306 CVE-2021-27648 610 2021-04-28 2021-05-12
6.5
None Remote Low ??? Partial Partial Partial
Externally controlled reference to a resource in another sphere in quarantine functionality in Synology Antivirus Essential before 1.4.8-2801 allows remote authenticated users to obtain privilege via unspecified vectors.
307 CVE-2021-27602 94 Exec Code 2021-04-13 2021-04-21
6.5
None Remote Low ??? Partial Partial Partial
SAP Commerce, versions - 1808, 1811, 1905, 2005, 2011, Backoffice application allows certain authorized users to create source rules which are translated to drools rule when published to certain modules within the application. An attacker with this authorization can inject malicious code in the source rules and perform remote code execution enabling them to compromise the confidentiality, integrity and availability of the application.
308 CVE-2021-27592 2021-03-09 2021-03-25
6.8
None Remote Medium Not required Partial Partial Partial
When a user opens manipulated Universal 3D (.U3D) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
309 CVE-2021-27591 2021-03-09 2021-03-25
6.8
None Remote Medium Not required Partial Partial Partial
When a user opens manipulated Portable Document Format (.PDF) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.
310 CVE-2021-27590 2021-03-09 2021-03-25
6.8
None Remote Medium Not required Partial Partial Partial
When a user opens manipulated Tag Image File Format (.TIFF) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.
311 CVE-2021-27589 2021-03-09 2021-03-25
6.8
None Remote Medium Not required Partial Partial Partial
When a user opens manipulated Scalable Vector Graphics (.SVG) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.
312 CVE-2021-27588 2021-03-09 2021-03-25
6.8
None Remote Medium Not required Partial Partial Partial
When a user opens manipulated HPGL format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.
313 CVE-2021-27587 2021-03-09 2021-03-25
6.8
None Remote Medium Not required Partial Partial Partial
When a user opens manipulated Jupiter Tessellation (.JT) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.
314 CVE-2021-27586 2021-03-09 2021-03-25
6.8
None Remote Medium Not required Partial Partial Partial
When a user opens manipulated Interchange File Format (.IFF) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.
315 CVE-2021-27585 2021-03-09 2021-03-25
6.8
None Remote Medium Not required Partial Partial Partial
When a user opens manipulated Computer Graphics Metafile (.CGM) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.
316 CVE-2021-27582 915 2021-02-23 2021-03-25
6.4
None Remote Low Not required Partial Partial None
org/mitre/oauth2/web/OAuthConfirmationController.java in the OpenID Connect server implementation for MITREid Connect through 1.3.3 contains a Mass Assignment (aka Autobinding) vulnerability. This arises due to unsafe usage of the @ModelAttribute annotation during the OAuth authorization flow, in which HTTP request parameters affect an authorizationRequest.
317 CVE-2021-27574 494 2021-05-07 2021-05-12
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Emote Remote Mouse through 4.0.0.0. It uses cleartext HTTP to check, and request, updates. Thus, attackers can machine-in-the-middle a victim to download a malicious binary in place of the real update, with no SSL errors or warnings.
318 CVE-2021-27572 294 Exec Code Bypass 2021-05-07 2021-05-17
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Emote Remote Mouse through 4.0.0.0. Authentication Bypass can occur via Packet Replay. Remote unauthenticated users can execute arbitrary code via crafted UDP packets even when passwords are set.
319 CVE-2021-27568 754 2021-02-23 2021-05-04
6.4
None Remote Low Not required Partial None Partial
An issue was discovered in netplex json-smart-v1 through 2015-10-23 and json-smart-v2 through 2.4. An exception is thrown from a function, but it is not caught, as demonstrated by NumberFormatException. When it is not caught, it may cause programs using the library to crash or expose sensitive information.
320 CVE-2021-27522 269 2021-04-08 2021-04-14
6.5
None Remote Low ??? Partial Partial Partial
Learnsite 1.2.5.0 contains a remote privilege escalation vulnerability in /Manager/index.aspx through the JudgIsAdmin() function. By modifying the initial letter of the key of a user cookie, the key of the administrator cookie can be obtained.
321 CVE-2021-27513 434 2021-02-22 2021-02-26
6.5
None Remote Low ??? Partial Partial Partial
The module admin_ITSM in EyesOfNetwork 5.3-10 allows remote authenticated users to upload arbitrary .xml.php files because it relies on "le filtre userside."
322 CVE-2021-27496 Exec Code 2021-05-27 2021-06-09
6.8
None Remote Medium Not required Partial Partial Partial
Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior lack proper validation of user-supplied data when parsing PRT files. This could lead to pointer dereferences of a value obtained from an untrusted source. An attacker could leverage this vulnerability to execute code in the context of the current process.
323 CVE-2021-27494 121 Exec Code Overflow 2021-05-27 2021-06-09
6.8
None Remote Medium Not required Partial Partial Partial
Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior lack proper validation of user-supplied data when parsing STP files. This could result in a stack-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the current process.
324 CVE-2021-27490 125 Exec Code 2021-05-27 2021-06-09
6.8
None Remote Medium Not required Partial Partial Partial
Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior are vulnerable to an out-of-bounds read, which may allow an attacker to execute arbitrary code.
325 CVE-2021-27488 787 Exec Code 2021-05-27 2021-06-10
6.8
None Remote Medium Not required Partial Partial Partial
Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior lack proper validation of user-supplied data when parsing CATPart files. This could result in an out-of-bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process.
326 CVE-2021-27486 191 Exec Code 2021-04-12 2021-04-22
6.8
None Remote Medium Not required Partial Partial Partial
FATEK Automation WinProladder Versions 3.30 and prior is vulnerable to an integer underflow, which may cause an out-of-bounds write and allow an attacker to execute arbitrary code.
327 CVE-2021-27438 94 2021-03-25 2021-03-30
6.5
None Remote Low ??? Partial Partial Partial
The software contains a hard-coded password it uses for its own inbound authentication or for outbound communication to external components on the Reason DR60 (all firmware versions prior to 02A04.1).
328 CVE-2021-27437 798 +Info 2021-05-07 2021-05-19
6.4
None Remote Low Not required Partial Partial None
The affected product allows attackers to obtain sensitive information from the WISE-PaaS dashboard. The system contains a hard-coded administrator username and password that can be used to query Grafana APIs. Authentication is not required for exploitation on the WISE-PaaS/RMM (versions prior to 9.0.1).
329 CVE-2021-27413 787 Exec Code Overflow 2021-05-13 2021-05-21
6.8
None Remote Medium Not required Partial Partial Partial
Omron CX-One Versions 4.60 and prior, including CX-Server Versions 5.0.29.0 and prior, are vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code.
330 CVE-2021-27398 121 Exec Code Overflow 2021-05-12 2021-05-19
6.8
None Remote Medium Not required Partial Partial Partial
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V16.0.5). The PlantSimCore.dll library lacks proper validation of user-supplied data when parsing SPP files. This could result in a stack based buffer overflow, a different vulnerability than CVE-2021-27396. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13290)
331 CVE-2021-27397 119 Exec Code Overflow Mem. Corr. 2021-05-12 2021-05-19
6.8
None Remote Medium Not required Partial Partial Partial
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V16.0.5). The PlantSimCore.dll library lacks proper validation of user-supplied data when parsing SPP files. This could result in a memory corruption condition. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13287)
332 CVE-2021-27396 121 Exec Code Overflow 2021-05-12 2021-05-19
6.8
None Remote Medium Not required Partial Partial Partial
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V16.0.5). The PlantSimCore.dll library lacks proper validation of user-supplied data when parsing SPP files. This could result in a stack based buffer overflow, a different vulnerability than CVE-2021-27398. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13279)
333 CVE-2021-27394 269 +Priv 2021-04-16 2021-04-22
6.5
None Remote Low ??? Partial Partial Partial
A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.19), Mendix Applications using Mendix 8 (All versions < V8.17.0), Mendix Applications using Mendix 8 (V8.12) (All versions < V8.12.5), Mendix Applications using Mendix 8 (V8.6) (All versions < V8.6.9), Mendix Applications using Mendix 9 (All versions < V9.0.5). Authenticated, non-administrative users could modify their privileges by manipulating the user role under certain circumstances, allowing them to gain administrative privileges.
334 CVE-2021-27382 121 Exec Code Overflow 2021-04-22 2021-06-08
6.8
None Remote Medium Not required Partial Partial Partial
A vulnerability has been identified in Solid Edge SE2020 (All versions < SE2020MP13), Solid Edge SE2020 (All versions < SE2020MP14), Solid Edge SE2021 (All Versions < SE2021MP4). Affected applications lack proper validation of user-supplied data when parsing of PAR files. This could result in a stack based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13040)
335 CVE-2021-27381 125 Exec Code 2021-03-15 2021-03-18
6.8
None Remote Medium Not required Partial Partial Partial
A vulnerability has been identified in Solid Edge SE2020 (All Versions < SE2020MP13), Solid Edge SE2021 (All Versions < SE2021MP3). Affected applications lack proper validation of user-supplied data when parsing PAR files. This could result in an out of bounds read past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12534)
336 CVE-2021-27380 787 Exec Code 2021-03-15 2021-04-22
6.8
None Remote Medium Not required Partial Partial Partial
A vulnerability has been identified in Solid Edge SE2020 (All versions < SE2020MP13), Solid Edge SE2021 (All Versions < SE2021MP4). Affected applications lack proper validation of user-supplied data when parsing PAR files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12532)
337 CVE-2021-27275 22 Dir. Trav. Bypass 2021-03-29 2021-03-30
6.5
None Remote Low ??? Partial Partial Partial
This vulnerability allows remote attackers to disclose sensitive information and delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the ConfigFileController class. When parsing the realName parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose sensitive information or to create a denial-of-service condition on the system. Was ZDI-CAN-12125.
338 CVE-2021-27271 119 Exec Code Overflow Mem. Corr. 2021-03-30 2021-04-01
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects embedded in PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12438.
339 CVE-2021-27270 125 Exec Code 2021-03-30 2021-04-01
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPEG2000 images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12230.
340 CVE-2021-27269 787 Exec Code 2021-03-30 2021-04-01
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects in PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process Was ZDI-CAN-12390.
341 CVE-2021-27268 416 Exec Code 2021-03-30 2021-04-01
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects in PDF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12295.
342 CVE-2021-27267 416 Exec Code 2021-03-30 2021-04-01
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects in PDF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12294.
343 CVE-2021-27261 125 Exec Code 2021-03-30 2021-04-01
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects in PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12269.
344 CVE-2021-27232 787 Exec Code Overflow 2021-02-16 2021-02-22
6.8
None Remote Medium Not required Partial Partial Partial
The RTSPLive555.dll ActiveX control in Pelco Digital Sentry Server 7.18.72.11464 has a SetCameraConnectionParameter stack-based buffer overflow. This can be exploited by a remote attacker to potentially execute arbitrary attacker-supplied code. The victim would have to visit a malicious webpage using Internet Explorer where the exploit could be triggered.
345 CVE-2021-27230 20 2021-03-15 2021-03-22
6.5
None Remote Low ??? Partial Partial Partial
ExpressionEngine before 5.4.2 and 6.x before 6.0.3 allows PHP Code Injection by certain authenticated users who can leverage Translate::save() to write to an _lang.php file under the system/user/language directory.
346 CVE-2021-27229 59 Exec Code 2021-02-16 2021-05-26
6.8
None Remote Medium Not required Partial Partial Partial
Mumble before 1.3.4 allows remote code execution if a victim navigates to a crafted URL on a server list and clicks on the Open Webpage text.
347 CVE-2021-27216 269 2021-05-06 2021-05-13
6.3
None Local Medium Not required None Complete Complete
Exim 4 before 4.94.2 has Execution with Unnecessary Privileges. By leveraging a delete_pid_file race condition, a local user can delete arbitrary files as root. This involves the -oP and -oPX options.
348 CVE-2021-27201 88 Exec Code 2021-02-15 2021-02-23
6.5
None Remote Low ??? Partial Partial Partial
Endian Firewall Community (aka EFW) 3.3.2 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in a backup comment.
349 CVE-2021-27183 610 Exec Code 2021-04-14 2021-04-21
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered in MDaemon before 20.0.4. Administrators can use Remote Administration to exploit an Arbitrary File Write vulnerability. An attacker is able to create new files in any location of the filesystem, or he may be able to modify existing files. This vulnerability may directly lead to Remote Code Execution.
350 CVE-2021-27182 74 2021-04-14 2021-04-21
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered in MDaemon before 20.0.4. There is an IFRAME injection vulnerability in Webmail (aka WorldClient). It can be exploited via an email message. It allows an attacker to perform any action with the privileges of the attacked user.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.