Lista CVE - 2021 / Ottobre

Visualizzazione 601 - 700 di 1706 CVE per Ottobre 2021 (Pagina 7 di 18)

Torna alla Lista Precedente Successivo

ID CVE	Data	Titolo
CVE-2021-42326	2021-10-12	Redmine before 4.1.5 and 4.2.x before 4.2.3 may disclose the names of users on activity views due to an insufficient access filter.
CVE-2021-29644	2021-10-12	Hitachi JP1/IT Desktop Management 2 Agent 9 through 12 contains a remote code execution vulnerability because of an Integer Overflow. An attacker with network access to port 31016 may exploit...
CVE-2021-29645	2021-10-12	Hitachi JP1/IT Desktop Management 2 Agent 9 through 12 calls the SendMessageTimeoutW API with arbitrary arguments via a local pipe, leading to a local privilege escalation vulnerability. An attacker who...
CVE-2021-38862	2021-10-12	IBM Data Risk Manager (iDNA) 2.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 207980.
CVE-2021-38915	2021-10-12	IBM Data Risk Manager 2.0.6 stores user credentials in plain clear text which can be read by an authenticated user. IBM X-Force ID: 209947.
CVE-2021-42325	2021-10-12	Froxlor through 0.10.29.1 allows SQL injection in Database/Manager/DbManagerMySQL.php via a custom DB name.
CVE-2021-39184	2021-10-12	Sandboxed renderers can obtain thumbnails of arbitrary files through the nativeImage API
CVE-2020-22678	2021-10-12	An issue was discovered in gpac 0.8.0. The gf_media_nalu_remove_emulation_bytes function in av_parsers.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input.
CVE-2020-22679	2021-10-12	Memory leak in the sgpd_parse_entry function in MP4Box in gpac 0.8.0 allows attackers to cause a denial of service (DoS) via a crafted input.
CVE-2020-22677	2021-10-12	An issue was discovered in gpac 0.8.0. The dump_data_hex function in box_dump.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input.
CVE-2020-22674	2021-10-12	An issue was discovered in gpac 0.8.0. An invalid memory dereference exists in the function FixTrackID located in isom_intern.c, which allows attackers to cause a denial of service (DoS) via...
CVE-2020-22675	2021-10-12	An issue was discovered in gpac 0.8.0. The GetGhostNum function in stbl_read.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input.
CVE-2020-22673	2021-10-12	Memory leak in the senc_Parse function in MP4Box in gpac 0.8.0 allows attackers to cause a denial of service (DoS) via a crafted input.
CVE-2021-3321	2021-10-12	Integer Underflow in Zephyr in IEEE 802154 Fragment Reassembly Header Removal
CVE-2021-3322	2021-10-12	Unexpected Pointer Aliasing in IEEE 802154 Fragment Reassembly in Zephyr
CVE-2021-3323	2021-10-12	Integer Underflow in 6LoWPAN IPHC Header Uncompression in Zephyr
CVE-2021-3330	2021-10-12	RCE/DOS: Linked-list corruption leading to large out-of-bounds write while sorting for forged fragment list in Zephyr
CVE-2021-20031	2021-10-12	A Host Header Redirection vulnerability in SonicOS potentially allows a remote attacker to redirect firewall management users to arbitrary web domains.
CVE-2021-26427	2021-10-13	Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2021-26441	2021-10-13	Storage Spaces Controller Elevation of Privilege Vulnerability
CVE-2021-26442	2021-10-13	Windows HTTP.sys Elevation of Privilege Vulnerability
CVE-2021-34453	2021-10-13	Microsoft Exchange Server Denial of Service Vulnerability
CVE-2021-36953	2021-10-13	Windows TCP/IP Denial of Service Vulnerability
CVE-2021-36970	2021-10-13	Windows Print Spooler Spoofing Vulnerability
CVE-2021-38662	2021-10-13	Windows Fast FAT File System Driver Information Disclosure Vulnerability
CVE-2021-38663	2021-10-13	Windows exFAT File System Information Disclosure Vulnerability
CVE-2021-38672	2021-10-13	Windows Hyper-V Remote Code Execution Vulnerability
CVE-2021-40443	2021-10-13	Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2021-40449	2021-10-13	Win32k Elevation of Privilege Vulnerability
CVE-2021-40450	2021-10-13	Win32k Elevation of Privilege Vulnerability
CVE-2021-40454	2021-10-13	Rich Text Edit Control Information Disclosure Vulnerability
CVE-2021-40455	2021-10-13	Windows Installer Spoofing Vulnerability
CVE-2021-40456	2021-10-13	Windows AD FS Security Feature Bypass Vulnerability
CVE-2021-40457	2021-10-13	Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability
CVE-2021-40460	2021-10-13	Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerability
CVE-2021-40461	2021-10-13	Windows Hyper-V Remote Code Execution Vulnerability
CVE-2021-40462	2021-10-13	Windows Media Foundation Dolby Digital Atmos Decoders Remote Code Execution Vulnerability
CVE-2021-40463	2021-10-13	Windows Network Address Translation (NAT) Denial of Service Vulnerability
CVE-2021-40464	2021-10-13	Windows Nearby Sharing Elevation of Privilege Vulnerability
CVE-2021-40465	2021-10-13	Windows Text Shaping Remote Code Execution Vulnerability
CVE-2021-40466	2021-10-13	Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2021-40467	2021-10-13	Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2021-40468	2021-10-13	Windows Bind Filter Driver Information Disclosure Vulnerability
CVE-2021-40469	2021-10-13	Windows DNS Server Remote Code Execution Vulnerability
CVE-2021-40470	2021-10-13	DirectX Graphics Kernel Elevation of Privilege Vulnerability
CVE-2021-40471	2021-10-13	Microsoft Excel Remote Code Execution Vulnerability
CVE-2021-40472	2021-10-13	Microsoft Excel Information Disclosure Vulnerability
CVE-2021-40473	2021-10-13	Microsoft Excel Remote Code Execution Vulnerability
CVE-2021-40474	2021-10-13	Microsoft Excel Remote Code Execution Vulnerability
CVE-2021-40475	2021-10-13	Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability
CVE-2021-40476	2021-10-13	Windows AppContainer Elevation Of Privilege Vulnerability
CVE-2021-40477	2021-10-13	Windows Event Tracing Elevation of Privilege Vulnerability
CVE-2021-40478	2021-10-13	Storage Spaces Controller Elevation of Privilege Vulnerability
CVE-2021-40479	2021-10-13	Microsoft Excel Remote Code Execution Vulnerability
CVE-2021-40480	2021-10-13	Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2021-40481	2021-10-13	Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2021-40482	2021-10-13	Microsoft SharePoint Server Information Disclosure Vulnerability
CVE-2021-40483	2021-10-13	Microsoft SharePoint Server Spoofing Vulnerability
CVE-2021-40484	2021-10-13	Microsoft SharePoint Server Spoofing Vulnerability
CVE-2021-40485	2021-10-13	Microsoft Excel Remote Code Execution Vulnerability
CVE-2021-40486	2021-10-13	Microsoft Word Remote Code Execution Vulnerability
CVE-2021-40487	2021-10-13	Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2021-40488	2021-10-13	Storage Spaces Controller Elevation of Privilege Vulnerability
CVE-2021-40489	2021-10-13	Storage Spaces Controller Elevation of Privilege Vulnerability
CVE-2021-41330	2021-10-13	Microsoft Windows Media Foundation Remote Code Execution Vulnerability
CVE-2021-41331	2021-10-13	Windows Media Audio Decoder Remote Code Execution Vulnerability
CVE-2021-41332	2021-10-13	Windows Print Spooler Information Disclosure Vulnerability
CVE-2021-41334	2021-10-13	Windows Desktop Bridge Elevation of Privilege Vulnerability
CVE-2021-41335	2021-10-13	Windows Kernel Elevation of Privilege Vulnerability
CVE-2021-41336	2021-10-13	Windows Kernel Information Disclosure Vulnerability
CVE-2021-41337	2021-10-13	Active Directory Security Feature Bypass Vulnerability
CVE-2021-41338	2021-10-13	Windows AppContainer Firewall Rules Security Feature Bypass Vulnerability
CVE-2021-41339	2021-10-13	Microsoft DWM Core Library Elevation of Privilege Vulnerability
CVE-2021-41340	2021-10-13	Windows Graphics Component Remote Code Execution Vulnerability
CVE-2021-41342	2021-10-13	Windows MSHTML Platform Remote Code Execution Vulnerability
CVE-2021-41343	2021-10-13	Windows Fast FAT File System Driver Information Disclosure Vulnerability
CVE-2021-41344	2021-10-13	Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2021-41345	2021-10-13	Storage Spaces Controller Elevation of Privilege Vulnerability
CVE-2021-41346	2021-10-13	Console Window Host Security Feature Bypass Vulnerability
CVE-2021-41347	2021-10-13	Windows AppX Deployment Service Elevation of Privilege Vulnerability
CVE-2021-41348	2021-10-13	Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2021-41350	2021-10-13	Microsoft Exchange Server Spoofing Vulnerability
CVE-2021-41352	2021-10-13	SCOM Information Disclosure Vulnerability
CVE-2021-41353	2021-10-13	Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability
CVE-2021-41354	2021-10-13	Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2021-41355	2021-10-13	.NET Core and Visual Studio Information Disclosure Vulnerability
CVE-2021-41357	2021-10-13	Win32k Elevation of Privilege Vulnerability
CVE-2021-41361	2021-10-13	Active Directory Federation Server Spoofing Vulnerability
CVE-2021-41363	2021-10-13	Intune Management Extension Security Feature Bypass Vulnerability
CVE-2021-20795	2021-10-13	Cross-site request forgery (CSRF) vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote attacker to hijack the authentication of administrators and unintended operations may...
CVE-2021-20796	2021-10-13	Directory traversal vulnerability in the management screen of Cybozu Remote Service 3.1.8 allows a remote authenticated attacker to upload an arbitrary file via unspecified vectors.
CVE-2021-20797	2021-10-13	Cross-site script inclusion vulnerability in the management screen of Cybozu Remote Service 3.1.8 allows a remote authenticated attacker to obtain the information stored in the product. This issue occurs only...
CVE-2021-20798	2021-10-13	Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.
CVE-2021-20799	2021-10-13	Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.
CVE-2021-20800	2021-10-13	Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.8 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.
CVE-2021-20801	2021-10-13	Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to conduct XML External Entity (XXE) attacks and obtain the information stored in the product via unspecified vectors. This...
CVE-2021-20802	2021-10-13	HTTP header injection vulnerability in Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote attacker to alter the information stored in the product.
CVE-2021-20803	2021-10-13	Operation restriction bypass in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to alter the data of the management screen.
CVE-2021-20804	2021-10-13	Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to cause a denial of service (DoS) condition via unspecified vectors.
CVE-2021-20805	2021-10-13	Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.7 to 3.1.9 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.