Vulnerabilities (CVE)

Total 174711 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-42694 1 Unicode 1 Unicode 2021-11-26 5.1 MEDIUM 8.3 HIGH
An issue was discovered in the character definitions of the Unicode Specification through 14.0. The specification allows an adversary to produce source code identifiers such as function names using homoglyphs that render visually identical to a target identifier. Adversaries can leverage this to inject code via adversarial identifier definitions in upstream software dependencies invoked deceptively in downstream software.
CVE-2021-42574 2 Fedoraproject, Unicode 2 Fedora, Unicode 2021-11-26 5.1 MEDIUM 8.3 HIGH
An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control sequences, which can be used to craft source code that renders different logic than the logical ordering of tokens ingested by compilers and interpreters. Adversaries can leverage this to encode source code for compilers accepting Unicode such that targeted vulnerabilities are introduced invisibly to human reviewers.
CVE-2021-25969 1 Tuzitio 1 Camaleon Cms 2021-11-26 3.5 LOW 5.4 MEDIUM
In Camaleon CMS application, versions 0.0.1 to 2.6.0 are vulnerable to stored XSS, that allows an unauthenticated attacker to store malicious scripts in the comments section of the post. These scripts are executed in a victim’s browser when they open the page containing the malicious comment.
CVE-2021-41648 1 Online-shopping-system-advanced Project 1 Online-shopping-system-advanced 2021-11-26 5.0 MEDIUM 7.5 HIGH
An un-authenticated SQL Injection exists in PuneethReddyHC online-shopping-system-advanced through the /action.php prId parameter. Using a post request does not sanitize the user input.
CVE-2021-41160 1 Freerdp 1 Freerdp 2021-11-26 6.8 MEDIUM 8.8 HIGH
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a malicious server might trigger out of bound writes in a connected client. Connections using GDI or SurfaceCommands to send graphics updates to the client might send `0` width/height or out of bound rectangles to trigger out of bound writes. With `0` width or heigth the memory allocation will be `0` but the missing bounds checks allow writing to the pointer at this (not allocated) region. This issue has been patched in FreeRDP 2.4.1.
CVE-2016-9446 2 Gstreamer Project, Redhat 7 Gstreamer, Enterprise Linux Desktop, Enterprise Linux Eus and 4 more 2021-11-26 5.0 MEDIUM 7.5 HIGH
The vmnc decoder in the gstreamer does not initialize the render canvas, which allows remote attackers to obtain sensitive information as demonstrated by thumbnailing a simple 1 frame vmnc movie that does not draw to the allocated render canvas.
CVE-2016-9811 1 Gstreamer 1 Gstreamer 2021-11-26 4.3 MEDIUM 4.7 MEDIUM
The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ico file.
CVE-2021-41174 1 Grafana 1 Grafana 2021-11-25 4.3 MEDIUM 6.1 MEDIUM
Grafana is an open-source platform for monitoring and observability. In affected versions if an attacker is able to convince a victim to visit a URL referencing a vulnerable page, arbitrary JavaScript content may be executed within the context of the victim's browser. The user visiting the malicious link must be unauthenticated and the link must be for a page that contains the login button in the menu bar. The url has to be crafted to exploit AngularJS rendering and contain the interpolation binding for AngularJS expressions. AngularJS uses double curly braces for interpolation binding: {{ }} ex: {{constructor.constructor(‘alert(1)’)()}}. When the user follows the link and the page renders, the login button will contain the original link with a query parameter to force a redirect to the login page. The URL is not validated and the AngularJS rendering engine will execute the JavaScript expression contained in the URL. Users are advised to upgrade as soon as possible. If for some reason you cannot upgrade, you can use a reverse proxy or similar to block access to block the literal string {{ in the path.
CVE-2021-43267 1 Linux 1 Linux Kernel 2021-11-25 7.5 HIGH 9.8 CRITICAL
An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type.
CVE-2021-22096 1 Vmware 1 Spring Framework 2021-11-25 4.0 MEDIUM 4.3 MEDIUM
In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries.
CVE-2021-43057 1 Linux 1 Linux Kernel 2021-11-25 7.2 HIGH 7.8 HIGH
An issue was discovered in the Linux kernel before 5.14.8. A use-after-free in selinux_ptrace_traceme (aka the SELinux handler for PTRACE_TRACEME) could be used by local attackers to cause memory corruption and escalate privileges, aka CID-a3727a8bac0a. This occurs because of an attempt to access the subjective credentials of another task.
CVE-2011-1075 1 Freebsd 1 Freebsd 2021-11-25 4.3 MEDIUM 3.7 LOW
FreeBSD's crontab calculates the MD5 sum of the previous and new cronjob to determine if any changes have been made before copying the new version in. In particular, it uses the MD5File() function, which takes a pathname as an argument, and is called with euid 0. A race condition in this process may lead to an arbitrary MD5 comparison regardless of the read permissions.
CVE-2021-43016 3 Adobe, Apple, Microsoft 3 Incopy, Macos, Windows 2021-11-25 4.3 MEDIUM 5.5 MEDIUM
Adobe InCopy version 16.4 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-42386 1 Busybox 1 Busybox 2021-11-25 6.5 MEDIUM 7.2 HIGH
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc function
CVE-2021-42385 1 Busybox 1 Busybox 2021-11-25 6.5 MEDIUM 7.2 HIGH
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function
CVE-2021-42384 1 Busybox 1 Busybox 2021-11-25 6.5 MEDIUM 7.2 HIGH
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special function
CVE-2021-42383 1 Busybox 1 Busybox 2021-11-25 6.5 MEDIUM 7.2 HIGH
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function
CVE-2021-42382 1 Busybox 1 Busybox 2021-11-25 6.5 MEDIUM 7.2 HIGH
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s function
CVE-2021-42381 1 Busybox 1 Busybox 2021-11-25 6.5 MEDIUM 7.2 HIGH
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init function
CVE-2021-42380 1 Busybox 1 Busybox 2021-11-25 6.5 MEDIUM 7.2 HIGH
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function