Lista CVE - 2021 / Ottobre
Visualizzazione 1 - 100 di 1707 CVE per Ottobre 2021 (Pagina 1 di 18)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2021-41456 | 2021-10-01 | There is a stack buffer overflow in MP4Box v1.0.1 at... |
| CVE-2021-41457 | 2021-10-01 | There is a stack buffer overflow in MP4Box 1.1.0 at... |
| CVE-2021-41459 | 2021-10-01 | There is a stack buffer overflow in MP4Box v1.0.1 at... |
| CVE-2021-33626 | 2021-10-01 | A vulnerability exists in SMM (System Management Mode) branch that... |
| CVE-2021-3626 | 2021-10-01 | Windows version of Multipass unauthenticated localhost tcp control socket can perform mounts |
| CVE-2021-3709 | 2021-10-01 | Apport file permission bypass through emacs byte compilation errors |
| CVE-2021-3710 | 2021-10-01 | Apport info disclosure via path traversal bug in read_file |
| CVE-2021-3747 | 2021-10-01 | MacOS version of Multipass incorrect owner for application directory |
| CVE-2021-34352 | 2021-10-01 | Command Injection Vulnerability in QVR |
| CVE-2021-34354 | 2021-10-01 | Stored Cross-site Scripting Vulnerability in Photo Station |
| CVE-2021-34355 | 2021-10-01 | Stored XSS Vulnerability in Photo Station |
| CVE-2021-34356 | 2021-10-01 | Stored XSS Vulnerability in Photo Station |
| CVE-2021-38675 | 2021-10-01 | Stored XSS Vulnerability in Image2PDF |
| CVE-2021-23893 | 2021-10-01 | Privilege Escalation vulnerability in McAfee Drive Encryption (MDE) |
| CVE-2021-41110 | 2021-10-01 | CWL Viewer: deserialization of untrusted data can lead to complete takeover by an attacker |
| CVE-2021-35297 | 2021-10-01 | Scalabium dBase Viewer version 2.6 (Build 5.751) is vulnerable to... |
| CVE-2021-40960 | 2021-10-01 | Galera WebTemplate 1.0 is affected by a directory traversal vulnerability... |
| CVE-2021-41649 | 2021-10-01 | An un-authenticated SQL Injection exists in PuneethReddyHC online-shopping-system-advanced through the... |
| CVE-2021-41648 | 2021-10-01 | An un-authenticated SQL Injection exists in PuneethReddyHC online-shopping-system-advanced through the... |
| CVE-2021-41647 | 2021-10-01 | An un-authenticated error-based and time-based blind SQL injection vulnerability exists... |
| CVE-2021-3825 | 2021-10-01 | Missing Authorization Checks in LiderAhenk |
| CVE-2021-29108 | 2021-10-01 | There is an privilege escalation vulnerability in organization-specific logins in Esri Portal for ArcGIS versions 10.9 and below. |
| CVE-2021-29109 | 2021-10-01 | A reflected XSS vulnerability in Esri Portal for ArcGIS version 10.9. |
| CVE-2021-29110 | 2021-10-01 | Stored cross-site scripting (XSS) issue in Esri Portal for ArcGIS may allow a remote unauthenticated attacker to pass and store malicious strings in the home application. |
| CVE-2021-40921 | 2021-10-01 | Cross-site scripting (XSS) vulnerability in _contactform.inc.php in Detector 0.8.5 and... |
| CVE-2021-40922 | 2021-10-01 | Cross-site scripting (XSS) vulnerability in install/index.php in bugs 1.8 and... |
| CVE-2021-40923 | 2021-10-01 | Cross-site scripting (XSS) vulnerability in install/index.php in bugs 1.8 and... |
| CVE-2021-40924 | 2021-10-01 | Cross-site scripting (XSS) vulnerability in install/index.php in bugs 1.8 and... |
| CVE-2021-40925 | 2021-10-01 | Cross-site scripting (XSS) vulnerability in dompdf/dompdf/www/demo.php infaveo-helpdesk v1.11.0 and below... |
| CVE-2021-40926 | 2021-10-01 | Cross-site scripting (XSS) vulnerability in demos/demo.mysqli.php in getID3 1.X and... |
| CVE-2021-40927 | 2021-10-01 | Cross-site scripting (XSS) vulnerability in callback.php in Spotify-for-Alfred 0.13.9 and... |
| CVE-2021-40928 | 2021-10-01 | Cross-site scripting (XSS) vulnerability in index.php in FlexTV beta development... |
| CVE-2021-40968 | 2021-10-01 | Cross-site scripting (XSS) vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and... |
| CVE-2021-40969 | 2021-10-01 | Cross-site scripting (XSS) vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and... |
| CVE-2021-40970 | 2021-10-01 | Cross-site scripting (XSS) vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and... |
| CVE-2021-40971 | 2021-10-01 | Cross-site scripting (XSS) vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and... |
| CVE-2021-40972 | 2021-10-01 | Cross-site scripting (XSS) vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and... |
| CVE-2021-40973 | 2021-10-01 | Cross-site scripting (XSS) vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and... |
| CVE-2021-40975 | 2021-10-01 | Cross-site scripting (XSS) vulnerability in application/modules/admin/views/ecommerce/products.php in Ecommerce-CodeIgniter-Bootstrap (Codeigniter 3.1.11,... |
| CVE-2021-41461 | 2021-10-01 | Cross-site scripting (XSS) vulnerability in concrete/elements/collection_add.php in concrete5-legacy 5.6.4.0 and... |
| CVE-2021-41462 | 2021-10-01 | Cross-site scripting (XSS) vulnerability in concrete/elements/collection_add.php in concrete5-legacy 5.6.4.0 and... |
| CVE-2021-41463 | 2021-10-01 | Cross-site scripting (XSS) vulnerability in toos/permissions/dialogs/access/entity/types/group_combination.php in concrete5-legacy 5.6.4.0 and... |
| CVE-2021-41464 | 2021-10-01 | Cross-site scripting (XSS) vulnerability in concrete/elements/collection_add.php in concrete5-legacy 5.6.4.0 and... |
| CVE-2021-41465 | 2021-10-01 | Cross-site scripting (XSS) vulnerability in concrete/elements/collection_theme.php in concrete5-legacy 5.6.4.0 and... |
| CVE-2021-41467 | 2021-10-01 | Cross-site scripting (XSS) vulnerability in application/controllers/dropbox.php in JustWriting 1.0.0 and... |
| CVE-2021-38097 | 2021-10-01 | Corel PDF Fusion 2.6.2.0 is affected by an Out-of-bounds Write... |
| CVE-2021-38096 | 2021-10-01 | Coreip.dll in Corel PDF Fusion 2.6.2.0 is affected by an... |
| CVE-2021-38099 | 2021-10-01 | CDRRip.dll in Corel PhotoPaint Standard 2020 22.0.0.474 is affected by... |
| CVE-2021-38104 | 2021-10-01 | IPPP72.FLT in Corel Presentations 2020 20.0.0.200 is affected by an... |
| CVE-2021-38103 | 2021-10-01 | IBJPG2.FLT in Corel Presentations 2020 20.0.0.200 is affected by an... |
| CVE-2021-41845 | 2021-10-01 | A SQL injection issue was discovered in ThycoticCentrify Secret Server... |
| CVE-2020-21012 | 2021-10-01 | Sourcecodester Hotel and Lodge Management System 2.0 is vulnerable to... |
| CVE-2020-21013 | 2021-10-01 | emlog v6.0.0 contains a SQL injection via /admin/comment.php. |
| CVE-2020-21014 | 2021-10-01 | emlog v6.0.0 contains an arbitrary file deletion vulnerability in admin/plugin.php. |
| CVE-2021-36298 | 2021-10-01 | Dell EMC InsightIQ, versions prior to 4.1.4, contain risky cryptographic... |
| CVE-2021-36309 | 2021-10-01 | Dell Enterprise SONiC OS, versions 3.3.0 and earlier, contains a... |
| CVE-2020-21228 | 2021-10-01 | JIZHICMS 1.5.1 contains a cross-site scripting (XSS) vulnerability in the... |
| CVE-2021-41847 | 2021-10-01 | An issue was discovered in 3xLogic Infinias Access Control through... |
| CVE-2021-38101 | 2021-10-01 | CDRRip.dll in Corel PhotoPaint Standard 2020 22.0.0.474 is affected by... |
| CVE-2021-38098 | 2021-10-01 | Corel PDF Fusion 2.6.2.0 is affected by a Heap Corruption... |
| CVE-2021-38100 | 2021-10-01 | Corel PhotoPaint Standard 2020 22.0.0.474 is affected by an Out-of-bounds... |
| CVE-2021-38106 | 2021-10-01 | UAX200.dll in Corel Presentations 2020 20.0.0.200 is affected by an... |
| CVE-2021-38102 | 2021-10-01 | IPPP82.FLT in Corel Presentations 2020 20.0.0.200 is affected by an... |
| CVE-2021-38110 | 2021-10-01 | Word97Import200.dll in Corel WordPerfect 2020 20.0.0.200 is affected by an... |
| CVE-2021-38105 | 2021-10-01 | IPPP82.FLT in Corel Presentations 2020 20.0.0.200 is affected by an... |
| CVE-2021-38108 | 2021-10-01 | Word97Import200.dll in Corel WordPerfect 2020 20.0.0.200 is affected by an... |
| CVE-2021-38109 | 2021-10-01 | Corel DrawStandard 2020 22.0.0.474 is affected by an Out-of-bounds Read... |
| CVE-2021-38107 | 2021-10-01 | CdrCore.dll in Corel DrawStandard 2020 22.0.0.474 is affected by an... |
| CVE-2021-41862 | 2021-10-01 | AviatorScript through 5.2.7 allows code execution via an expression that... |
| CVE-2021-41864 | 2021-10-01 | prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows... |
| CVE-2021-32765 | 2021-10-04 | Integer Overflow to Buffer Overflow in Hiredis |
| CVE-2021-41103 | 2021-10-04 | Insufficiently restricted permissions on plugin directories |
| CVE-2021-41861 | 2021-10-04 | The Telegram application 7.5.0 through 7.8.0 for Android does not... |
| CVE-2021-21704 | 2021-10-04 | Multiple vulnerabilities in Firebird client extension |
| CVE-2021-21705 | 2021-10-04 | Incorrect URL validation in FILTER_VALIDATE_URL |
| CVE-2021-21706 | 2021-10-04 | ZipArchive::extractTo may extract outside of destination dir |
| CVE-2021-40323 | 2021-10-04 | Cobbler before 3.3.0 allows log poisoning, and resultant Remote Code... |
| CVE-2021-40324 | 2021-10-04 | Cobbler before 3.3.0 allows arbitrary file write operations via upload_log_data. |
| CVE-2021-40325 | 2021-10-04 | Cobbler before 3.3.0 allows authorization bypass for modification of settings. |
| CVE-2021-41285 | 2021-10-04 | Ballistix MOD Utility through 2.0.2.5 is vulnerable to privilege escalation... |
| CVE-2021-41322 | 2021-10-04 | Poly VVX 400/410 5.3.1 allows low-privileged users to change the... |
| CVE-2021-41869 | 2021-10-04 | SuiteCRM 7.10.x before 7.10.33 and 7.11.x before 7.11.22 is vulnerable... |
| CVE-2021-22557 | 2021-10-04 | Code execution in SLO Generator via YAML Payload |
| CVE-2021-24465 | 2021-10-04 | Meow Gallery < 4.1.9 - Contributor+ SQL Injection |
| CVE-2021-24654 | 2021-10-04 | User Registration < 2.0.2 - Low Privilege Stored Cross-Site Scripting |
| CVE-2021-24673 | 2021-10-04 | Appointment Hour Booking < 1.3.16 - Authenticated Stored Cross-Site Scripting |
| CVE-2021-24676 | 2021-10-04 | Better Find and Replace < 1.2.9 - Reflected Cross-Site Scripting |
| CVE-2021-24678 | 2021-10-04 | CM Tooltip Glossary < 3.9.21 - Contributor+ Stored Cross-Site Scripting |
| CVE-2021-24679 | 2021-10-04 | Bitcoin / AltCoin Payment Gateway for WooCommerce < 1.6.1 - Reflected Cross-Site Scripting |
| CVE-2021-24687 | 2021-10-04 | Modern Events Calendar Lite < 5.22.2 - Admin+ Stored Cross-Site Scripting |
| CVE-2021-41878 | 2021-10-04 | A reflected cross-site scripting (XSS) vulnerability exists in the i-Panel... |
| CVE-2021-41511 | 2021-10-04 | The username and password field of login in Lodging Reservation... |
| CVE-2021-36051 | 2021-10-04 | XMP Toolkit SDK Buffer Overflow Could Lead To Arbitrary Code Execution |
| CVE-2021-37330 | 2021-10-04 | Laravel Booking System Booking Core 2.0 is vulnerable to Cross... |
| CVE-2021-37331 | 2021-10-04 | Laravel Booking System Booking Core 2.0 is vulnerable to Incorrect... |
| CVE-2021-37333 | 2021-10-04 | Laravel Booking System Booking Core 2.0 is vulnerable to Session... |
| CVE-2021-37777 | 2021-10-04 | Gila CMS 2.2.0 is vulnerable to Insecure Direct Object Reference... |
| CVE-2021-39486 | 2021-10-04 | A Stored XSS via Malicious File Upload exists in Gila... |
| CVE-2021-41868 | 2021-10-04 | OnionShare 2.3 before 2.4 allows remote unauthenticated attackers to upload... |
| CVE-2021-38822 | 2021-10-04 | A Stored Cross Site Scripting vulnerability via Malicious File Upload... |