Total
240 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-4024 | 3 Fedoraproject, Podman Project, Redhat | 3 Fedora, Podman, Enterprise Linux | 2023-12-10 | 6.4 MEDIUM | 6.5 MEDIUM |
A flaw was found in podman. The `podman machine` function (used to create and manage Podman virtual machine containing a Podman process) spawns a `gvproxy` process on the host system. The `gvproxy` API is accessible on port 7777 on all IP addresses on the host. If that port is open on the host's firewall, an attacker can potentially use the `gvproxy` API to forward ports on the host to ports in the VM, making private services on the VM accessible to the network. This issue could be also used to interrupt the host's services by forwarding all ports to the VM. | |||||
CVE-2022-23032 | 1 F5 | 2 Big-ip Access Policy Manager, Big-ip Access Policy Manager Client | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
In all versions before 7.2.1.4, when proxy settings are configured in the network access resource of a BIG-IP APM system, connecting BIG-IP Edge Client on Mac and Windows is vulnerable to a DNS rebinding attack. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
CVE-2021-45441 | 2 Microsoft, Trendmicro | 4 Windows, Apex One, Worry-free Business Security and 1 more | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
A origin validation error vulnerability in Trend Micro Apex One (on-prem and SaaS) could allow a local attacker drop and manipulate a specially crafted file to issue commands over a certain pipe and elevate to a higher level of privileges. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
CVE-2021-37967 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2023-12-10 | 4.3 MEDIUM | 4.3 MEDIUM |
Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. | |||||
CVE-2020-27969 | 1 Yandex | 1 Yandex Browser | 2023-12-10 | 7.5 HIGH | 7.3 HIGH |
Yandex Browser for Android 20.8.4 allows remote attackers to perform SOP bypass and addresss bar spoofing | |||||
CVE-2021-37966 | 3 Debian, Fedoraproject, Google | 4 Debian Linux, Fedora, Android and 1 more | 2023-12-10 | 4.3 MEDIUM | 4.3 MEDIUM |
Inappropriate implementation in Compositing in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | |||||
CVE-2021-41158 | 1 Freeswitch | 1 Freeswitch | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.10.7, an attacker can perform a SIP digest leak attack against FreeSWITCH and receive the challenge response of a gateway configured on the FreeSWITCH server. This is done by challenging FreeSWITCH's SIP requests with the realm set to that of the gateway, thus forcing FreeSWITCH to respond with the challenge response which is based on the password of that targeted gateway. Abuse of this vulnerability allows attackers to potentially recover gateway passwords by performing a fast offline password cracking attack on the challenge response. The attacker does not require special network privileges, such as the ability to sniff the FreeSWITCH's network traffic, to exploit this issue. Instead, what is required for this attack to work is the ability to cause the victim server to send SIP request messages to the malicious party. Additionally, to exploit this issue, the attacker needs to specify the correct realm which might in some cases be considered secret. However, because many gateways are actually public, this information can easily be retrieved. The vulnerability appears to be due to the code which handles challenges in `sofia_reg.c`, `sofia_reg_handle_sip_r_challenge()` which does not check if the challenge is originating from the actual gateway. The lack of these checks allows arbitrary UACs (and gateways) to challenge any request sent by FreeSWITCH with the realm of the gateway being targeted. This issue is patched in version 10.10.7. Maintainers recommend that one should create an association between a SIP session for each gateway and its realm to make a check be put into place for this association when responding to challenges. | |||||
CVE-2021-44935 | 1 Glfusion | 1 Glfusion | 2023-12-10 | 6.4 MEDIUM | 9.1 CRITICAL |
glFusion CMS v1.7.9 is affected by an arbitrary user impersonation vulnerability in /public_html/comment.php. The attacker can complete the attack remotely without interaction. | |||||
CVE-2020-15734 | 1 Bitdefender | 1 Safepay | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
An Origin Validation Error vulnerability in Bitdefender Safepay allows an attacker to manipulate the browser's file upload capability into accessing other files in the same directory or sub-directories. This issue affects: Bitdefender Safepay versions prior to 25.0.7.29. | |||||
CVE-2021-39185 | 1 Typelevel | 1 Http4s | 2023-12-10 | 6.4 MEDIUM | 9.1 CRITICAL |
Http4s is a minimal, idiomatic Scala interface for HTTP services. In http4s versions 0.21.26 and prior, 0.22.0 through 0.22.2, 0.23.0, 0.23.1, and 1.0.0-M1 through 1.0.0-M24, the default CORS configuration is vulnerable to an origin reflection attack. The middleware is also susceptible to a Null Origin Attack. The problem is fixed in 0.21.27, 0.22.3, 0.23.2, and 1.0.0-M25. The original `CORS` implementation and `CORSConfig` are deprecated. See the GitHub GHSA for more information, including code examples and workarounds. | |||||
CVE-2021-39270 | 1 Pingidentity | 1 Rsa Securid Integration Kit | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
In Ping Identity RSA SecurID Integration Kit before 3.2, user impersonation can occur. | |||||
CVE-2021-21229 | 3 Debian, Fedoraproject, Google | 4 Debian Linux, Fedora, Android and 1 more | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
Incorrect security UI in downloads in Google Chrome on Android prior to 90.0.4430.93 allowed a remote attacker to perform domain spoofing via a crafted HTML page. | |||||
CVE-2021-23986 | 1 Mozilla | 1 Firefox | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
A malicious extension with the 'search' permission could have installed a new search engine whose favicon referenced a cross-origin URL. The response to this cross-origin request could have been read by the extension, allowing a same-origin policy bypass by the extension, which should not have cross-origin permissions. This cross-origin request was made without cookies, so the sensitive information disclosed by the violation was limited to local-network resources or resources that perform IP-based authentication. This vulnerability affects Firefox < 87. | |||||
CVE-2021-21211 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
Inappropriate implementation in Navigation in Google Chrome on iOS prior to 90.0.4430.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||||
CVE-2021-26291 | 3 Apache, Oracle, Quarkus | 4 Maven, Financial Services Analytical Applications Infrastructure, Goldengate Big Data And Application Adapters and 1 more | 2023-12-10 | 6.4 MEDIUM | 9.1 CRITICAL |
Apache Maven will follow repositories that are defined in a dependency’s Project Object Model (pom) which may be surprising to some users, resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be that repository. Maven is changing the default behavior in 3.8.1+ to no longer follow http (non-SSL) repository references by default. More details available in the referenced urls. If you are currently using a repository manager to govern the repositories used by your builds, you are unaffected by the risks present in the legacy behavior, and are unaffected by this vulnerability and change to default behavior. See this link for more information about repository management: https://maven.apache.org/repository-management.html | |||||
CVE-2021-31718 | 1 Npupnp Project | 1 Npupnp | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
The server in npupnp before 4.1.4 is affected by DNS rebinding in the embedded web server (including UPnP SOAP and GENA endpoints), leading to remote code execution. | |||||
CVE-2021-34435 | 1 Eclipse | 1 Theia | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
In Eclipse Theia 0.3.9 to 1.8.1, the "mini-browser" extension allows a user to preview HTML files in an iframe inside the IDE. But with the way it is made it is possible for a previewed HTML file to trigger an RCE. This exploit only happens if a user previews a malicious file.. | |||||
CVE-2021-21209 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
Inappropriate implementation in storage in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||||
CVE-2021-30596 | 2 Fedoraproject, Google | 3 Fedora, Android, Chrome | 2023-12-10 | 4.3 MEDIUM | 4.3 MEDIUM |
Incorrect security UI in Navigation in Google Chrome on Android prior to 92.0.4515.131 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | |||||
CVE-2021-28048 | 1 Devolutions | 1 Devolutions Server | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
An overly permissive CORS policy in Devolutions Server before 2021.1 and Devolutions Server LTS before 2020.3.18 allows a remote attacker to leak cross-origin data via a crafted HTML page. |