Lista CVE - 2021 / Dicembre
Visualizzazione 1 - 100 di 1978 CVE per Dicembre 2021 (Pagina 1 di 20)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2021-38575 | 2021-12-01 | NetworkPkg/IScsiDxe has remotely exploitable buffer overflows. |
| CVE-2021-3984 | 2021-12-01 | Heap-based Buffer Overflow in vim/vim |
| CVE-2021-4019 | 2021-12-01 | Heap-based Buffer Overflow in vim/vim |
| CVE-2021-41039 | 2021-12-01 | In versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT... |
| CVE-2021-40809 | 2021-12-01 | An issue was discovered in Jamf Pro before 10.32.0, aka... |
| CVE-2021-43358 | 2021-12-01 | Sunnet eHRD - Path Traversal |
| CVE-2021-43359 | 2021-12-01 | Sunnet eHRD - Broken Access Control |
| CVE-2021-43360 | 2021-12-01 | Sunnet eHRD - Insecure Deserialization |
| CVE-2021-20847 | 2021-12-01 | Cross-site scripting vulnerability in Wi-Fi STATION SH-52A (38JP_1_11G, 38JP_1_11J, 38JP_1_11K,... |
| CVE-2021-20851 | 2021-12-01 | Cross-site request forgery (CSRF) vulnerability in Browser and Operating System... |
| CVE-2021-20852 | 2021-12-01 | Buffer overflow vulnerability in ELECOM LAN routers (WRH-733GBK firmware v1.02.9... |
| CVE-2021-20853 | 2021-12-01 | ELECOM LAN routers (WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH... |
| CVE-2021-20854 | 2021-12-01 | ELECOM LAN routers (WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH... |
| CVE-2021-20855 | 2021-12-01 | Cross-site scripting vulnerability in ELECOM LAN routers (WRH-733GBK firmware v1.02.9... |
| CVE-2021-20856 | 2021-12-01 | Cross-site scripting vulnerability in ELECOM LAN routers (WRH-733GBK firmware v1.02.9... |
| CVE-2021-20857 | 2021-12-01 | Cross-site scripting vulnerability in ELECOM LAN router WRC-2533GHBK-I firmware v1.20... |
| CVE-2021-20858 | 2021-12-01 | Cross-site scripting vulnerability in ELECOM LAN router WRC-2533GHBK-I firmware v1.20... |
| CVE-2021-20859 | 2021-12-01 | ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware... |
| CVE-2021-20860 | 2021-12-01 | Cross-site request forgery (CSRF) vulnerability in ELECOM LAN routers (WRC-1167GST2... |
| CVE-2021-20861 | 2021-12-01 | Improper access control vulnerability in ELECOM LAN routers (WRC-1167GST2 firmware... |
| CVE-2021-20862 | 2021-12-01 | Improper access control vulnerability in ELECOM routers (WRC-1167GST2 firmware v1.25... |
| CVE-2021-20863 | 2021-12-01 | OS command injection vulnerability in ELECOM routers (WRC-1167GST2 firmware v1.25... |
| CVE-2021-20864 | 2021-12-01 | Improper access control vulnerability in ELECOM routers (WRC-1167GST2 firmware v1.25... |
| CVE-2021-34599 | 2021-12-01 | Improper Certificate Validation in CODESYS Git |
| CVE-2021-4018 | 2021-12-01 | Cross-site Scripting (XSS) - Stored in snipe/snipe-it |
| CVE-2021-4017 | 2021-12-01 | Cross-Site Request Forgery (CSRF) in star7th/showdoc |
| CVE-2021-4015 | 2021-12-01 | Cross-Site Request Forgery (CSRF) in firefly-iii/firefly-iii |
| CVE-2021-3993 | 2021-12-01 | Cross-Site Request Forgery (CSRF) in star7th/showdoc |
| CVE-2021-3994 | 2021-12-01 | Cross-site Scripting (XSS) - Stored in django-helpdesk/django-helpdesk |
| CVE-2021-3992 | 2021-12-01 | Improper Access Control in kevinpapst/kimai2 |
| CVE-2021-3990 | 2021-12-01 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in star7th/showdoc |
| CVE-2021-3989 | 2021-12-01 | Open Redirect in star7th/showdoc |
| CVE-2021-3985 | 2021-12-01 | Cross-site Scripting (XSS) - Stored in kevinpapst/kimai2 |
| CVE-2021-3983 | 2021-12-01 | Cross-site Scripting (XSS) - Stored in kevinpapst/kimai2 |
| CVE-2021-3964 | 2021-12-01 | Authorization Bypass Through User-Controlled Key in elgg/elgg |
| CVE-2021-32592 | 2021-12-01 | An unsafe search path vulnerability in FortiClientWindows 7.0.0, 6.4.6 and... |
| CVE-2021-43690 | 2021-12-01 | YurunProxy v0.01 is affected by a Cross Site Scripting (XSS)... |
| CVE-2021-44280 | 2021-12-01 | attendance management system 1.0 is affected by a SQL injection... |
| CVE-2021-44279 | 2021-12-01 | Librenms 21.11.0 is affected by a Cross Site Scripting (XSS)... |
| CVE-2021-44277 | 2021-12-01 | Librenms 21.11.0 is affected by a Cross Site Scripting (XSS)... |
| CVE-2021-25967 | 2021-12-01 | CKAN - Stored Cross-Site Scripting (XSS) via SVG File Upload |
| CVE-2021-43689 | 2021-12-01 | manage (last update Oct 24, 2017) is affected by a... |
| CVE-2021-40154 | 2021-12-01 | NXP LPC55S69 devices before A3 have a buffer over-read via... |
| CVE-2021-44479 | 2021-12-01 | NXP Kinetis K82 devices have a buffer over-read via a... |
| CVE-2021-43685 | 2021-12-01 | libretime hv3.0.0-alpha.10 is affected by a path manipulation vulnerability in... |
| CVE-2021-44480 | 2021-12-01 | Wokka Lokka Q50 devices through 2021-11-30 allow remote attackers (who... |
| CVE-2020-10627 | 2021-12-01 | Insulet Omnipod Insulin Management System insulin pump product ID 19191... |
| CVE-2021-20609 | 2021-12-01 | Uncontrolled Resource Consumption vulnerability in Mitsubishi Electric MELSEC iQ-R Series... |
| CVE-2021-20610 | 2021-12-01 | Improper Handling of Length Parameter Inconsistency vulnerability in Mitsubishi Electric... |
| CVE-2021-20611 | 2021-12-01 | Improper Input Validation vulnerability in Mitsubishi Electric MELSEC iQ-R Series... |
| CVE-2021-26334 | 2021-12-01 | AMD Chipset Driver Information Disclosure Vulnerability |
| CVE-2021-43687 | 2021-12-01 | chamilo-lms v1.11.14 is affected by a Cross Site Scripting (XSS)... |
| CVE-2021-42776 | 2021-12-01 | CloverDX Server before 5.11.2 and and 5.12.x before 5.12.1 allows... |
| CVE-2021-20400 | 2021-12-01 | IBM QRadar SIEM 7.3 and 7.4 uses weaker than expected... |
| CVE-2021-29779 | 2021-12-01 | IBM QRadar SIEM 7.3 and 7.4 could allow an attacker... |
| CVE-2021-29849 | 2021-12-01 | IBM QRadar SIEM 7.3 and 7.4 is vulnerable to cross-site... |
| CVE-2021-29863 | 2021-12-01 | IBM QRadar SIEM 7.3 and 7.4 is vulnerable to server... |
| CVE-2021-43451 | 2021-12-01 | SQL Injection vulnerability exists in PHPGURUKUL Employee Record Management System... |
| CVE-2021-43137 | 2021-12-01 | Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) vulnerability exits... |
| CVE-2021-43792 | 2021-12-01 | Notifications leak in Discourse |
| CVE-2021-43794 | 2021-12-01 | Anonymous user cache poisoning via development-mode header in Discourse |
| CVE-2021-43793 | 2021-12-01 | Bypass of Poll voting limits in Discourse |
| CVE-2021-33274 | 2021-12-01 | D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_20190410 were discovered to... |
| CVE-2021-33270 | 2021-12-01 | D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_20190410 were discovered to... |
| CVE-2021-33271 | 2021-12-01 | D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_20190410 were discovered to... |
| CVE-2021-33269 | 2021-12-01 | D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_20190410 were discovered to... |
| CVE-2021-33267 | 2021-12-01 | D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_20190410 were discovered to... |
| CVE-2021-33268 | 2021-12-01 | D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_20190410 were discovered to... |
| CVE-2021-33266 | 2021-12-01 | D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_20190410 were discovered to... |
| CVE-2021-33265 | 2021-12-01 | D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_20190410 were discovered to... |
| CVE-2021-42711 | 2021-12-01 | Barracuda Network Access Client before 5.2.2 creates a Temporary File... |
| CVE-2020-35012 | 2021-12-01 | Events Manager < 5.9.8 - Admin+ SQL Injection |
| CVE-2020-35037 | 2021-12-01 | Events Manager < 5.9.8 - Cross-Site Scripting (XSS) |
| CVE-2020-36129 | 2021-12-02 | AOM v2.0.1 was discovered to contain a stack buffer overflow... |
| CVE-2020-36130 | 2021-12-02 | AOM v2.0.1 was discovered to contain a NULL pointer dereference... |
| CVE-2020-36131 | 2021-12-02 | AOM v2.0.1 was discovered to contain a stack buffer overflow... |
| CVE-2020-36133 | 2021-12-02 | AOM v2.0.1 was discovered to contain a global buffer overflow... |
| CVE-2020-36134 | 2021-12-02 | AOM v2.0.1 was discovered to contain a segmentation violation via... |
| CVE-2020-36135 | 2021-12-02 | AOM v2.0.1 was discovered to contain a NULL pointer dereference... |
| CVE-2021-43791 | 2021-12-02 | Ineffective expiration validation for invitation links in Zulip |
| CVE-2021-44227 | 2021-12-02 | In GNU Mailman before 2.1.38, a list member or moderator... |
| CVE-2020-27414 | 2021-12-02 | Mahavitaran android application 7.50 and prior transmit sensitive information in... |
| CVE-2021-26777 | 2021-12-02 | Buffer overflow vulnerability in function SetFirewall in index.cgi in CIRCUTOR... |
| CVE-2021-43686 | 2021-12-02 | nZEDb v0.4.20 is affected by a Cross Site Scripting (XSS)... |
| CVE-2021-43683 | 2021-12-02 | pictshare v1.5 is affected by a Cross Site Scripting (XSS)... |
| CVE-2021-43681 | 2021-12-02 | SakuraPanel v1.0.1.1 is affected by a Cross Site Scripting (XSS)... |
| CVE-2021-43682 | 2021-12-02 | thinkphp-bjyblog (last update Jun 4 2021) is affected by a... |
| CVE-2021-43679 | 2021-12-02 | ecshop v2.7.3 is affected by a SQL injection vulnerability in... |
| CVE-2021-23258 | 2021-12-02 | Spring SPEL Expression Language Injection |
| CVE-2021-23259 | 2021-12-02 | Groovy Sandbox Bypass |
| CVE-2021-23260 | 2021-12-02 | Stored XSS Vulnerability in File Name of the File Upload function |
| CVE-2021-23261 | 2021-12-02 | Overriding the system configuration file causes a denial of service |
| CVE-2021-23262 | 2021-12-02 | Snakeyaml deserialization vulnerability bypass |
| CVE-2021-23263 | 2021-12-02 | Transmission of Private Resources into a New Sphere ('Resource Leak') in Crafter Engine |
| CVE-2021-23264 | 2021-12-02 | Transmission of Private Resources into a New Sphere ('Resource Leak') and Exposure of Resource to Wrong Sphere in Crafter Search |
| CVE-2021-3944 | 2021-12-02 | Cross-Site Request Forgery (CSRF) in bookstackapp/bookstack |
| CVE-2021-44518 | 2021-12-02 | An issue was discovered in the eGeeTouch 3rd Generation Travel... |
| CVE-2015-20105 | 2021-12-02 | ClickBank Affiliate Ads <= 1.20 - CSRF to Stored Cross-Site Scripting |
| CVE-2015-20106 | 2021-12-02 | ClickBank Affiliate Ads <= 1.20 - Admin+ Stored Cross-Site Scripting |
| CVE-2021-43795 | 2021-12-02 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in com.linecorp.armeria:armeria |