Lista CVE - 2021 / Dicembre
Visualizzazione 801 - 900 di 1978 CVE per Dicembre 2021 (Pagina 9 di 20)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2021-40171 | 2021-12-15 | The absence of notifications regarding an ongoing RF jamming attack in the SecuritasHome home alarm system, version HPGW-G 0.0.2.23F BG_U-ITR-F1-BD_BL.A30.20181117, allows an attacker to block legitimate traffic while not alerting... |
| CVE-2021-40170 | 2021-12-15 | An RF replay attack vulnerability in the SecuritasHome home alarm system, version HPGW-G 0.0.2.23F BG_U-ITR-F1-BD_BL.A30.20181117, allows an attacker to trigger arbitrary system functionality by replaying previously recorded signals. This lets... |
| CVE-2021-38701 | 2021-12-15 | Certain Motorola Solutions Avigilon devices allow XSS in the administrative UI. This affects T200/201 before 4.10.0.68; T290 before 4.4.0.80; T008 before 2.2.0.86; T205 before 4.12.0.62; T204 before 3.28.0.166; and T100,... |
| CVE-2021-36450 | 2021-12-15 | Verint Workforce Optimization (WFO) 15.2.8.10048 allows XSS via the control/my_notifications NEWUINAV parameter. |
| CVE-2021-26787 | 2021-12-15 | A cross site scripting (XSS) vulnerability in Genesys Workforce Management 8.5.214.20 can occur (during record deletion) via the Time-off parameter. |
| CVE-2020-23545 | 2021-12-15 | IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ReadXPM_W+0x0000000000000531. |
| CVE-2019-19138 | 2021-12-15 | Ivanti Workspace Control before 10.4.50.0 allows attackers to degrade integrity. |
| CVE-2021-45043 | 2021-12-15 | HD-Network Real-time Monitoring System 2.0 allows ../ directory traversal to read /etc/shadow via the /language/lang s_Language parameter. |
| CVE-2021-4111 | 2021-12-15 | Business Logic Errors in yetiforcecompany/yetiforcecrm |
| CVE-2021-20330 | 2021-12-15 | Specific replication command with malformed oplog entries can crash secondaries |
| CVE-2021-4116 | 2021-12-15 | Cross-site Scripting (XSS) - Stored in yetiforcecompany/yetiforcecrm |
| CVE-2021-40441 | 2021-12-15 | Windows Media Center Elevation of Privilege Vulnerability |
| CVE-2021-40452 | 2021-12-15 | HEVC Video Extensions Remote Code Execution Vulnerability |
| CVE-2021-40453 | 2021-12-15 | HEVC Video Extensions Remote Code Execution Vulnerability |
| CVE-2021-41333 | 2021-12-15 | Windows Print Spooler Elevation of Privilege Vulnerability |
| CVE-2021-41360 | 2021-12-15 | HEVC Video Extensions Remote Code Execution Vulnerability |
| CVE-2021-41365 | 2021-12-15 | Microsoft Defender for IoT Remote Code Execution Vulnerability |
| CVE-2021-42293 | 2021-12-15 | Microsoft Jet Red Database Engine and Access Connectivity Engine Elevation of Privilege Vulnerability |
| CVE-2021-42294 | 2021-12-15 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| CVE-2021-42295 | 2021-12-15 | Visual Basic for Applications Information Disclosure Vulnerability |
| CVE-2021-42309 | 2021-12-15 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| CVE-2021-42310 | 2021-12-15 | Microsoft Defender for IoT Remote Code Execution Vulnerability |
| CVE-2021-42311 | 2021-12-15 | Microsoft Defender for IoT Remote Code Execution Vulnerability |
| CVE-2021-42312 | 2021-12-15 | Microsoft Defender for IoT Elevation of Privilege Vulnerability |
| CVE-2021-42313 | 2021-12-15 | Microsoft Defender for IoT Remote Code Execution Vulnerability |
| CVE-2021-42314 | 2021-12-15 | Microsoft Defender for IoT Remote Code Execution Vulnerability |
| CVE-2021-42315 | 2021-12-15 | Microsoft Defender for IoT Remote Code Execution Vulnerability |
| CVE-2021-42320 | 2021-12-15 | Microsoft SharePoint Server Spoofing Vulnerability |
| CVE-2021-43207 | 2021-12-15 | Windows Common Log File System Driver Elevation of Privilege Vulnerability |
| CVE-2021-43214 | 2021-12-15 | Web Media Extensions Remote Code Execution Vulnerability |
| CVE-2021-43215 | 2021-12-15 | iSNS Server Memory Corruption Vulnerability Can Lead to Remote Code Execution |
| CVE-2021-43216 | 2021-12-15 | Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability |
| CVE-2021-43217 | 2021-12-15 | Windows Encrypting File System (EFS) Remote Code Execution Vulnerability |
| CVE-2021-43219 | 2021-12-15 | DirectX Graphics Kernel File Denial of Service Vulnerability |
| CVE-2021-43222 | 2021-12-15 | Microsoft Message Queuing Information Disclosure Vulnerability |
| CVE-2021-43223 | 2021-12-15 | Windows Remote Access Connection Manager Elevation of Privilege Vulnerability |
| CVE-2021-43224 | 2021-12-15 | Windows Common Log File System Driver Information Disclosure Vulnerability |
| CVE-2021-43225 | 2021-12-15 | Bot Framework SDK Remote Code Execution Vulnerability |
| CVE-2021-43227 | 2021-12-15 | Storage Spaces Controller Information Disclosure Vulnerability |
| CVE-2021-43226 | 2021-12-15 | Windows Common Log File System Driver Elevation of Privilege Vulnerability |
| CVE-2021-43228 | 2021-12-15 | SymCrypt Denial of Service Vulnerability |
| CVE-2021-43229 | 2021-12-15 | Windows NTFS Elevation of Privilege Vulnerability |
| CVE-2021-43230 | 2021-12-15 | Windows NTFS Elevation of Privilege Vulnerability |
| CVE-2021-43231 | 2021-12-15 | Windows NTFS Elevation of Privilege Vulnerability |
| CVE-2021-43232 | 2021-12-15 | Windows Event Tracing Remote Code Execution Vulnerability |
| CVE-2021-43233 | 2021-12-15 | Remote Desktop Client Remote Code Execution Vulnerability |
| CVE-2021-43234 | 2021-12-15 | Windows Fax Service Remote Code Execution Vulnerability |
| CVE-2021-43235 | 2021-12-15 | Storage Spaces Controller Information Disclosure Vulnerability |
| CVE-2021-43236 | 2021-12-15 | Microsoft Message Queuing Information Disclosure Vulnerability |
| CVE-2021-43237 | 2021-12-15 | Windows Setup Elevation of Privilege Vulnerability |
| CVE-2021-43238 | 2021-12-15 | Windows Remote Access Elevation of Privilege Vulnerability |
| CVE-2021-43239 | 2021-12-15 | Windows Recovery Environment Agent Elevation of Privilege Vulnerability |
| CVE-2021-43240 | 2021-12-15 | NTFS Set Short Name Elevation of Privilege Vulnerability |
| CVE-2021-43242 | 2021-12-15 | Microsoft SharePoint Server Spoofing Vulnerability |
| CVE-2021-43243 | 2021-12-15 | VP9 Video Extensions Information Disclosure Vulnerability |
| CVE-2021-43244 | 2021-12-15 | Windows Kernel Information Disclosure Vulnerability |
| CVE-2021-43245 | 2021-12-15 | Windows Digital TV Tuner Elevation of Privilege Vulnerability |
| CVE-2021-43246 | 2021-12-15 | Windows Hyper-V Denial of Service Vulnerability |
| CVE-2021-43247 | 2021-12-15 | Windows TCP/IP Driver Elevation of Privilege Vulnerability |
| CVE-2021-43248 | 2021-12-15 | Windows Digital Media Receiver Elevation of Privilege Vulnerability |
| CVE-2021-43255 | 2021-12-15 | Microsoft Office Trust Center Spoofing Vulnerability |
| CVE-2021-43256 | 2021-12-15 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2021-43875 | 2021-12-15 | Microsoft Office Graphics Remote Code Execution Vulnerability |
| CVE-2021-43877 | 2021-12-15 | ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability |
| CVE-2021-43880 | 2021-12-15 | Windows Mobile Device Management Elevation of Privilege Vulnerability |
| CVE-2021-43882 | 2021-12-15 | Microsoft Defender for IoT Remote Code Execution Vulnerability |
| CVE-2021-43883 | 2021-12-15 | Windows Installer Elevation of Privilege Vulnerability |
| CVE-2021-43888 | 2021-12-15 | Microsoft Defender for IoT Information Disclosure Vulnerability |
| CVE-2021-43889 | 2021-12-15 | Microsoft Defender for IoT Remote Code Execution Vulnerability |
| CVE-2021-43890 | 2021-12-15 | Windows AppX Installer Spoofing Vulnerability |
| CVE-2021-43891 | 2021-12-15 | Visual Studio Code Remote Code Execution Vulnerability |
| CVE-2021-43892 | 2021-12-15 | Microsoft BizTalk ESB Toolkit Spoofing Vulnerability |
| CVE-2021-43893 | 2021-12-15 | Windows Encrypting File System (EFS) Elevation of Privilege Vulnerability |
| CVE-2021-43896 | 2021-12-15 | Microsoft PowerShell Spoofing Vulnerability |
| CVE-2021-43899 | 2021-12-15 | Microsoft 4K Wireless Display Adapter Remote Code Execution Vulnerability |
| CVE-2021-43905 | 2021-12-15 | Microsoft Office app Remote Code Execution Vulnerability |
| CVE-2021-43907 | 2021-12-15 | Visual Studio Code WSL Extension Remote Code Execution Vulnerability |
| CVE-2021-43908 | 2021-12-15 | Visual Studio Code Spoofing Vulnerability |
| CVE-2021-44657 | 2021-12-15 | In StackStorm versions prior to 3.6.0, the jinja interpreter was not run in sandbox mode and thus allows execution of unsafe system commands. Jinja does not enable sandboxed mode by... |
| CVE-2021-43518 | 2021-12-15 | Teeworlds up to and including 0.7.5 is vulnerable to Buffer Overflow. A map parser does not validate m_Channels value coming from a map file, leading to a buffer overflow. A... |
| CVE-2021-4117 | 2021-12-15 | Business Logic Errors in yetiforcecompany/yetiforcecrm |
| CVE-2021-43675 | 2021-12-15 | Lychee-v3 3.2.16 is affected by a Cross Site Scripting (XSS) vulnerability in php/Access/Guest.php. The function exit will terminate the script and print the message to the user. The message will... |
| CVE-2021-44653 | 2021-12-15 | Online Magazine Management System 1.0 contains a SQL injection authentication bypass vulnerability. The Admin panel authentication can be bypassed due to SQL injection vulnerability in the login form allowing attacker... |
| CVE-2021-44655 | 2021-12-15 | Online Pre-owned/Used Car Showroom Management System 1.0 contains a SQL injection authentication bypass vulnerability. Admin panel authentication can be bypassed due to SQL injection vulnerability in the login form allowing... |
| CVE-2021-27855 | 2021-12-15 | FatPipe software allows privilege escalation |
| CVE-2021-27856 | 2021-12-15 | FatPipe software administrative account with no password |
| CVE-2021-27857 | 2021-12-15 | FatPipe software allows unauthenticated configuration download |
| CVE-2021-27858 | 2021-12-15 | Missing authorization vulnerability in FatPipe software |
| CVE-2021-27859 | 2021-12-15 | Missing authorization vulnerability in FatPipe software |
| CVE-2021-29847 | 2021-12-15 | BMC firmware (IBM Power System S821LC Server (8001-12C) OP825.50) configuration changed to allow an authenticated user to open an insecure communication channel which could allow an attacker to obtain sensitive... |
| CVE-2021-4119 | 2021-12-15 | Improper Access Control in bookstackapp/bookstack |
| CVE-2021-42216 | 2021-12-15 | A Broken or Risky Cryptographic Algorithm exists in AnonAddy 0.8.5 via VerificationController.php. |
| CVE-2021-43935 | 2021-12-15 | ICSMA-21-343-01 Hillrom Welch Allyn Cardio Products |
| CVE-2021-0434 | 2021-12-15 | In onReceive of BluetoothPermissionRequest.java, there is a possible phishing attack allowing a malicious Bluetooth device to acquire permissions based on insufficient information presented to the user in the consent dialog.... |
| CVE-2021-0933 | 2021-12-15 | In onCreate of CompanionDeviceActivity.java or DeviceChooserActivity.java, there is a possible way for HTML tags to interfere with a consent dialog due to improper input validation. This could lead to remote... |
| CVE-2021-0653 | 2021-12-15 | In enqueueNotification of NetworkPolicyManagerService.java, there is a possible way to retrieve a trackable identifier due to a missing permission check. This could lead to local information disclosure with no additional... |
| CVE-2021-0932 | 2021-12-15 | In showNotification of NavigationModeController.java, there is a possible confused deputy due to an unsafe PendingIntent. This could lead to local escalation of privilege that allows actions performed as the System... |
| CVE-2021-0889 | 2021-12-15 | In Android TV , there is a possible silent pairing due to lack of rate limiting in the pairing flow. This could lead to remote code execution with no additional... |
| CVE-2021-0931 | 2021-12-15 | In getAlias of BluetoothDevice.java, there is a possible way to create misleading permission dialogs due to missing data filtering. This could lead to local information disclosure with User execution privileges... |
| CVE-2021-0929 | 2021-12-15 | In ion_dma_buf_end_cpu_access and related functions of ion.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with... |