Total
29623 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-28169 | 5 Debian, Eclipse, Netapp and 2 more | 14 Debian Linux, Jetty, Active Iq Unified Manager and 11 more | 2024-11-21 | 5.3 Medium |
| For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, it is possible for requests to the ConcatServlet with a doubly encoded path to access protected resources within the WEB-INF directory. For example a request to `/concat?/%2557EB-INF/web.xml` can retrieve the web.xml file. This can reveal sensitive information regarding the implementation of a web application. | ||||
| CVE-2021-28164 | 4 Eclipse, Netapp, Oracle and 1 more | 23 Jetty, Cloud Manager, E-series Performance Analyzer and 20 more | 2024-11-21 | 5.3 Medium |
| In Eclipse Jetty 9.4.37.v20210219 to 9.4.38.v20210224, the default compliance mode allows requests with URIs that contain %2e or %2e%2e segments to access protected resources within the WEB-INF directory. For example a request to /context/%2e/WEB-INF/web.xml can retrieve the web.xml file. This can reveal sensitive information regarding the implementation of a web application. | ||||
| CVE-2021-28147 | 1 Grafana | 1 Grafana | 2024-11-21 | 6.5 Medium |
| The team sync HTTP API in Grafana Enterprise 6.x before 6.7.6, 7.x before 7.3.10, and 7.4.x before 7.4.5 has an Incorrect Access Control issue. On Grafana instances using an external authentication service and having the EditorsCanAdmin feature enabled, this vulnerability allows any authenticated user to add external groups to any existing team. This can be used to grant a user team permissions that the user isn't supposed to have. | ||||
| CVE-2021-28135 | 1 Espressif | 1 Esp-idf | 2024-11-21 | 6.5 Medium |
| The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a denial of service (crash) in ESP32 by flooding the target device with LMP Feature Response data. | ||||
| CVE-2021-28129 | 1 Apache | 1 Openoffice | 2024-11-21 | 7.8 High |
| While working on Apache OpenOffice 4.1.8 a developer discovered that the DEB package did not install using root, but instead used a userid and groupid of 500. This both caused issues with desktop integration and could allow a crafted attack on files owned by that user or group if they exist. Users who installed the Apache OpenOffice 4.1.8 DEB packaging should upgrade to the latest version of Apache OpenOffice. | ||||
| CVE-2021-28112 | 1 Draeger | 4 X-dock 5300, X-dock 6300, X-dock 6600 and 1 more | 2024-11-21 | 8.8 High |
| Draeger X-Dock Firmware before 03.00.13 has Active Debug Code on a debug port, leading to remote code execution by an authenticated attacker. | ||||
| CVE-2021-28032 | 1 Nano Arena Project | 1 Nano Arena | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the nano_arena crate before 0.5.2 for Rust. There is an aliasing violation in split_at because two mutable references can exist for the same element, if Borrow<Idx> behaves in certain ways. This can have a resultant out-of-bounds write or use-after-free. | ||||
| CVE-2021-27971 | 1 Alpsalpine | 1 Touchpad Driver | 2024-11-21 | 7.8 High |
| Alps Alpine Touchpad Driver 10.3201.101.215 is vulnerable to DLL Injection. | ||||
| CVE-2021-27856 | 1 Fatpipeinc | 6 Ipvpn, Ipvpn Firmware, Mpvpn and 3 more | 2024-11-21 | 9.8 Critical |
| FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 includes an account named "cmuser" that has administrative privileges and no password. Older versions of FatPipe software may also be vulnerable. The FatPipe advisory identifier for this vulnerability is FPSA002. | ||||
| CVE-2021-27855 | 1 Fatpipeinc | 6 Ipvpn, Ipvpn Firmware, Mpvpn and 3 more | 2024-11-21 | 8.8 High |
| FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows a remote, authenticated attacker with read-only privileges to grant themselves administrative privileges. Older versions of FatPipe software may also be vulnerable. The FatPipe advisory identifier for this vulnerability is FPSA001. | ||||
| CVE-2021-27789 | 1 Broadcom | 1 Fabric Operating System | 2024-11-21 | 6.5 Medium |
| The Web application of Brocade Fabric OS before versions Brocade Fabric OS v9.0.1a and v8.2.3a contains debug statements that expose sensitive information to the program's standard output device. An attacker who has compromised the FOS system may utilize this weakness to capture sensitive information, such as user credentials. | ||||
| CVE-2021-27770 | 1 Hcltech | 1 Sametime | 2024-11-21 | 6.8 Medium |
| The vulnerability was discovered within the “FaviconService”. The service takes a base64-encoded URL which is then requested by the webserver. We assume this service is used by the “meetings”-function where users can specify an external URL where the online meeting will take place. | ||||
| CVE-2021-27663 | 1 Johnsoncontrols | 2 Ac2000, Ac2000 Firmware | 2024-11-21 | 8.2 High |
| A vulnerability in versions 10.1 through 10.5 of Johnson Controls CEM Systems AC2000 allows a remote attacker to access to the system without adequate authorization. This issue affects: Johnson Controls CEM Systems AC2000 10.1; 10.2; 10.3; 10.4; 10.5. | ||||
| CVE-2021-27619 | 1 Sap | 1 Commerce | 2024-11-21 | 6.5 Medium |
| SAP Commerce (Backoffice Search), versions - 1808, 1811, 1905, 2005, 2011, allows a low privileged user to search for attributes which are not supposed to be displayed to them. Although the search results are masked, the user can iteratively enter one character at a time to search and determine the masked attribute value thereby leading to information disclosure. | ||||
| CVE-2021-27496 | 3 Datakit, Luxion, Siemens | 6 Crosscadware, Keyshot, Solid Edge Se2020 and 3 more | 2024-11-21 | 7.8 High |
| Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior lack proper validation of user-supplied data when parsing PRT files. This could lead to pointer dereferences of a value obtained from an untrusted source. An attacker could leverage this vulnerability to execute code in the context of the current process. | ||||
| CVE-2021-27379 | 2 Debian, Xen | 2 Debian Linux, Xen | 2024-11-21 | 7.8 High |
| An issue was discovered in Xen through 4.11.x, allowing x86 Intel HVM guest OS users to achieve unintended read/write DMA access, and possibly cause a denial of service (host OS crash) or gain privileges. This occurs because a backport missed a flush, and thus IOMMU updates were not always correct. NOTE: this issue exists because of an incomplete fix for CVE-2020-15565. | ||||
| CVE-2021-27292 | 2 Redhat, Ua-parser-js Project | 5 Acm, Jaeger, Logging and 2 more | 2024-11-21 | 7.5 High |
| ua-parser-js >= 0.7.14, fixed in 0.7.24, uses a regular expression which is vulnerable to denial of service. If an attacker sends a malicious User-Agent header, ua-parser-js will get stuck processing it for an extended period of time. | ||||
| CVE-2021-27290 | 4 Oracle, Redhat, Siemens and 1 more | 6 Graalvm, Enterprise Linux, Rhel Eus and 3 more | 2024-11-21 | 7.5 High |
| ssri 5.2.2-8.0.0, fixed in 8.0.1, processes SRIs using a regular expression which is vulnerable to a denial of service. Malicious SRIs could take an extremely long time to process, leading to denial of service. This issue only affects consumers using the strict option. | ||||
| CVE-2021-27258 | 1 Solarwinds | 1 Orion Platform | 2024-11-21 | 9.8 Critical |
| This vulnerability allows remote attackers to execute escalate privileges on affected installations of SolarWinds Orion Platform 2020.2. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SaveUserSetting endpoint. The issue results from improper restriction of this endpoint to unprivileged users. An attacker can leverage this vulnerability to escalate privileges their privileges from Guest to Administrator. Was ZDI-CAN-11903. | ||||
| CVE-2021-27173 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2024-11-21 | 7.5 High |
| An issue was discovered on FiberHome HG6245D devices through RP2613. There is a telnet?enable=0&key=calculated(BR0_MAC) backdoor API, without authentication, provided by the HTTP server. This will remove firewall rules and allow an attacker to reach the telnet server (used for the CLI). | ||||