Total
23789 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-31535 | 2 Fedoraproject, X.org | 3 Fedora, Libx11, X Window System | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11 XLookupColor request (intended for server-side color lookup) contains a flaw allowing a client to send color-name requests with a name longer than the maximum size allowed by the protocol (and also longer than the maximum packet size for normal-sized packets). The user-controlled data exceeding the maximum size is then interpreted by the server as additional X protocol requests and executed, e.g., to disable X server authorization completely. For example, if the victim encounters malicious terminal control sequences for color codes, then the attacker may be able to take full control of the running graphical session. | |||||
| CVE-2021-22160 | 1 Apache | 1 Pulsar | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| If Apache Pulsar is configured to authenticate clients using tokens based on JSON Web Tokens (JWT), the signature of the token is not validated if the algorithm of the presented token is set to "none". This allows an attacker to connect to Pulsar instances as any user (incl. admins). | |||||
| CVE-2020-25414 | 1 Monstra | 1 Monstra | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| A local file inclusion vulnerability was discovered in the captcha function in Monstra 3.0.4 which allows remote attackers to execute arbitrary PHP code. | |||||
| CVE-2021-23421 | 1 Merge-change Project | 1 Merge-change | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| All versions of package merge-change are vulnerable to Prototype Pollution via the utils.set function. | |||||
| CVE-2021-27741 | 1 Hcltechsw | 1 Hcl Commerce | 2023-12-10 | 6.4 MEDIUM | 9.1 CRITICAL |
| " Security vulnerability in HCL Commerce Management Center allowing XML external entity (XXE) injection" | |||||
| CVE-2021-32928 | 1 Thalesgroup | 1 Sentinel Ldk Run-time Environment | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| The Sentinel LDK Run-Time Environment installer (Versions 7.6 and prior) adds a firewall rule named “Sentinel License Manager” that allows incoming connections from private networks using TCP Port 1947. While uninstalling, the uninstaller fails to close Port 1947. | |||||
| CVE-2021-22323 | 1 Huawei | 2 Emui, Magic Ui | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| There is an Integer Overflow Vulnerability in Huawei Smartphone. Successful exploitation of these vulnerabilities may escalate the permission to that of the root user. | |||||
| CVE-2021-21804 | 1 Advantech | 1 R-seenet | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| A local file inclusion (LFI) vulnerability exists in the options.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). A specially crafted HTTP request can lead to arbitrary PHP code execution. An attacker can send a crafted HTTP request to trigger this vulnerability. | |||||
| CVE-2021-25434 | 1 Linux | 1 Tizen | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| Improper input validation vulnerability in Tizen bootloader prior to Firmware update JUL-2021 Release allows arbitrary code execution using param partition in wireless firmware download mode. | |||||
| CVE-2021-36385 | 1 Cerner | 1 Mobile Care | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| A SQL Injection vulnerability in Cerner Mobile Care 5.0.0 allows remote unauthenticated attackers to execute arbitrary SQL commands via a Fullwidth Apostrophe (aka U+FF07) in the default.aspx User ID field. Arbitrary system commands can be executed through the use of xp_cmdshell. | |||||
| CVE-2021-35395 | 1 Realtek | 1 Realtek Jungle Sdk | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| Realtek Jungle SDK version v2.x up to v3.4.14B provides an HTTP web server exposing a management interface that can be used to configure the access point. Two versions of this management interface exists: one based on Go-Ahead named webs and another based on Boa named boa. Both of them are affected by these vulnerabilities. Specifically, these binaries are vulnerable to the following issues: - stack buffer overflow in formRebootCheck due to unsafe copy of submit-url parameter - stack buffer overflow in formWsc due to unsafe copy of submit-url parameter - stack buffer overflow in formWlanMultipleAP due to unsafe copy of submit-url parameter - stack buffer overflow in formWlSiteSurvey due to unsafe copy of ifname parameter - stack buffer overflow in formStaticDHCP due to unsafe copy of hostname parameter - stack buffer overflow in formWsc due to unsafe copy of 'peerPin' parameter - arbitrary command execution in formSysCmd via the sysCmd parameter - arbitrary command injection in formWsc via the 'peerPin' parameter Exploitability of identified issues will differ based on what the end vendor/manufacturer did with the Realtek SDK webserver. Some vendors use it as-is, others add their own authentication implementation, some kept all the features from the server, some remove some of them, some inserted their own set of features. However, given that Realtek SDK implementation is full of insecure calls and that developers tends to re-use those examples in their custom code, any binary based on Realtek SDK webserver will probably contains its own set of issues on top of the Realtek ones (if kept). Successful exploitation of these issues allows remote attackers to gain arbitrary code execution on the device. | |||||
| CVE-2021-27440 | 1 Ge | 2 Reason Dr60, Reason Dr60 Firmware | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| The software contains a hard-coded password it uses for its own inbound authentication or for outbound communication to external components on the Reason DR60 (all firmware versions prior to 02A04.1). | |||||
| CVE-2021-35502 | 1 Misp | 1 Misp | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| app/View/Elements/genericElements/IndexTable/Fields/generic_field.ctp in MISP 2.4.144 does not sanitize certain data related to generic-template:index. | |||||
| CVE-2021-32530 | 1 Qsan | 1 Xevo | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| OS command injection vulnerability in Array function in QSAN XEVO allows remote unauthenticated attackers to execute arbitrary commands via status parameter. The referred vulnerability has been solved with the updated version of QSAN XEVO v2.1.0. | |||||
| CVE-2019-10881 | 1 Xerox | 20 Altalink B8045, Altalink B8045 Firmware, Altalink B8055 and 17 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| Xerox AltaLink B8045/B8055/B8065/B8075/B8090, AltaLink C8030/C8035/C8045/C8055/C8070 with software releases before 103.xxx.030.32000 includes two accounts with weak hard-coded passwords which can be exploited and allow unauthorized access which cannot be disabled. | |||||
| CVE-2021-30179 | 1 Apache | 1 Dubbo | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| Apache Dubbo prior to 2.6.9 and 2.7.9 by default supports generic calls to arbitrary methods exposed by provider interfaces. These invocations are handled by the GenericFilter which will find the service and method specified in the first arguments of the invocation and use the Java Reflection API to make the final call. The signature for the $invoke or $invokeAsync methods is Ljava/lang/String;[Ljava/lang/String;[Ljava/lang/Object; where the first argument is the name of the method to invoke, the second one is an array with the parameter types for the method being invoked and the third one is an array with the actual call arguments. In addition, the caller also needs to set an RPC attachment specifying that the call is a generic call and how to decode the arguments. The possible values are: - true - raw.return - nativejava - bean - protobuf-json An attacker can control this RPC attachment and set it to nativejava to force the java deserialization of the byte array located in the third argument. | |||||
| CVE-2021-31758 | 1 Tenda | 2 Ac11, Ac11 Firmware | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setportList allows attackers to execute arbitrary code on the system via a crafted post request. | |||||
| CVE-2021-3538 | 1 Go.uuid Project | 1 Go.uuid | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| A flaw was found in github.com/satori/go.uuid in versions from commit 0ef6afb2f6cdd6cdaeee3885a95099c63f18fc8c to d91630c8510268e75203009fe7daf2b8e1d60c45. Due to insecure randomness in the g.rand.Read function the generated UUIDs are predictable for an attacker. | |||||
| CVE-2021-20021 | 1 Sonicwall | 2 Email Security, Hosted Email Security | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability in the SonicWall Email Security version 10.0.9.x allows an attacker to create an administrative account by sending a crafted HTTP request to the remote host. | |||||
| CVE-2021-20720 | 1 Kujirahand | 1 Konawiki | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in the KonaWiki2 versions prior to 2.2.4 allows remote attackers to execute arbitrary SQL commands and to obtain/alter the information stored in the database via unspecified vectors. | |||||