Lista CVE - 2021 / Dicembre
Visualizzazione 1001 - 1100 di 1978 CVE per Dicembre 2021 (Pagina 11 di 20)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2021-1026 | 2021-12-15 | In startRanging of RttServiceImpl.java, there is a possible way to... |
| CVE-2021-1019 | 2021-12-15 | In snoozeNotification of NotificationListenerService.java, there is a possible permission confusion... |
| CVE-2021-1020 | 2021-12-15 | In snoozeNotification of NotificationListenerService.java, there is a possible way to... |
| CVE-2021-1021 | 2021-12-15 | In snoozeNotificationInt of NotificationManagerService.java, there is a possible way to... |
| CVE-2021-1012 | 2021-12-15 | In onResume of NotificationAccessDetails.java, there is a possible way to... |
| CVE-2021-39638 | 2021-12-15 | In periodic_io_work_func of lwis_periodic_io.c, there is a possible out of... |
| CVE-2021-39643 | 2021-12-15 | In ic_startRetrieveEntryValue of acropora/app/identity/ic.c, there is a possible bypass of... |
| CVE-2021-1046 | 2021-12-15 | In lwis_dpm_update_clock of lwis_device_dpm.c, there is a possible out of... |
| CVE-2021-39642 | 2021-12-15 | In synchronous_process_io_entries of lwis_ioctl.c, there is a possible out of... |
| CVE-2021-0999 | 2021-12-15 | In the broadcast definition in AndroidManifest.xml, there is a possible... |
| CVE-2021-1023 | 2021-12-15 | In onCreate of RequestIgnoreBatteryOptimizations.java, there is a possible way to... |
| CVE-2021-1008 | 2021-12-15 | In addSubInfo of SubscriptionController.java, there is a possible way to... |
| CVE-2021-0973 | 2021-12-15 | In isFileUri of UriUtil.java, there is a possible way to... |
| CVE-2021-0995 | 2021-12-15 | In registerSuggestionConnectionStatusListener of WifiServiceImpl.java, there is a possible way to... |
| CVE-2021-1004 | 2021-12-15 | In getConfiguredNetworks of WifiServiceImpl.java, there is a possible way to... |
| CVE-2021-1047 | 2021-12-15 | In valid_ipc_dram_addr of cm_access_control.c, there is a possible out of... |
| CVE-2021-39639 | 2021-12-15 | In TBD of fvp.c, there is a possible way to... |
| CVE-2021-39647 | 2021-12-15 | In mon_smc_load_sp of gs101-sc/plat/samsung/exynos/soc/exynos9845/smc_booting.S, there is a possible reinitialization of... |
| CVE-2021-0976 | 2021-12-15 | In toBARK of floor0.c, there is a possible out of... |
| CVE-2021-39645 | 2021-12-15 | Product: AndroidVersions: Android kernelAndroid ID: A-199805112References: N/A |
| CVE-2021-39644 | 2021-12-15 | Product: AndroidVersions: Android kernelAndroid ID: A-199809304References: N/A |
| CVE-2021-39646 | 2021-12-15 | Product: AndroidVersions: Android kernelAndroid ID: A-201537251References: N/A |
| CVE-2021-1039 | 2021-12-15 | In NotificationAccessActivity of AndroidManifest.xml, there is a possible EoP due... |
| CVE-2021-1040 | 2021-12-15 | In onCreate of BluetoothPairingSelectionFragment.java, there is a possible EoP due... |
| CVE-2021-1038 | 2021-12-15 | In UserDetailsActivity of AndroidManifest.xml, there is a possible DoS due... |
| CVE-2021-36888 | 2021-12-15 | WordPress Image Hover Effects Ultimate plugin <= 9.6.1 - Unauthenticated Arbitrary Options Update leading to full website compromise |
| CVE-2021-43782 | 2021-12-15 | Indirect LDAP injection in Tuleap |
| CVE-2021-41276 | 2021-12-15 | Indirect LDAP injection in Tuleap |
| CVE-2021-45078 | 2021-12-15 | stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers... |
| CVE-2021-43806 | 2021-12-15 | SQL injection in Tuleap |
| CVE-2021-35490 | 2021-12-15 | Thruk before 2.44 allows XSS for a quick command. |
| CVE-2021-43831 | 2021-12-15 | Files on the host computer can be accessed from the Gradio interface |
| CVE-2021-43835 | 2021-12-15 | Privilege escalation in the Sulu Admin panel |
| CVE-2021-43836 | 2021-12-15 | PHP file inclusion in the Sulu admin panel |
| CVE-2021-44116 | 2021-12-15 | Cross Site Scripting (XSS) vulnerability exits in Anchor CMS <=0.12.7... |
| CVE-2021-44350 | 2021-12-15 | SQL Injection vulnerability exists in ThinkPHP5 5.0.x <=5.1.22 via the... |
| CVE-2020-18984 | 2021-12-15 | A reflected cross-site scripting (XSS) vulnerability in the zimbraAdmin/public/secureRequest.jsp component... |
| CVE-2020-18985 | 2021-12-15 | An issue in /domain/service/.ewell-known/caldav of Zimbra Collaboration 8.8.12 allows attackers... |
| CVE-2021-45017 | 2021-12-15 | Cross Site Request Forgery (CSRF) vulnerability exits in Catfish <=6.1.*... |
| CVE-2021-45018 | 2021-12-15 | Cross Site Scripting (XSS) vulnerability exists in Catfish <=6.3.0 via... |
| CVE-2021-43833 | 2021-12-15 | Account takeover in eLabFTW |
| CVE-2021-43834 | 2021-12-15 | Incorrect Authentication in elabftw |
| CVE-2021-42550 | 2021-12-16 | RCE from attacker with configuration edit priviledges through JNDI lookup |
| CVE-2021-45096 | 2021-12-16 | KNIME Analytics Platform before 4.5.0 is vulnerable to XXE (external... |
| CVE-2021-45097 | 2021-12-16 | KNIME Server before 4.12.6 and 4.13.x before 4.13.4 (when installed... |
| CVE-2021-45085 | 2021-12-16 | XSS can occur in GNOME Web (aka Epiphany) before 40.4... |
| CVE-2021-45088 | 2021-12-16 | XSS can occur in GNOME Web (aka Epiphany) before 40.4... |
| CVE-2021-45087 | 2021-12-16 | XSS can occur in GNOME Web (aka Epiphany) before 40.4... |
| CVE-2021-45086 | 2021-12-16 | XSS can occur in GNOME Web (aka Epiphany) before 40.4... |
| CVE-2021-44023 | 2021-12-16 | A link following denial-of-service (DoS) vulnerability in the Trend Micro... |
| CVE-2021-45092 | 2021-12-16 | Thinfinity VirtualUI before 3.0 has functionality in /lab.html reachable by... |
| CVE-2021-45095 | 2021-12-16 | pep_sock_accept in net/phonet/pep.c in the Linux kernel through 5.15.8 has... |
| CVE-2021-45098 | 2021-12-16 | An issue was discovered in Suricata before 6.0.4. It is... |
| CVE-2021-45099 | 2021-12-16 | The addon.stdin service in addon-ssh (aka Home Assistant Community Add-on:... |
| CVE-2021-45100 | 2021-12-16 | The ksmbd server through 3.4.2, as used in the Linux... |
| CVE-2021-45101 | 2021-12-16 | An issue was discovered in HTCondor before 8.8.15, 9.0.x before... |
| CVE-2021-45102 | 2021-12-16 | An issue was discovered in HTCondor 9.0.x before 9.0.4 and... |
| CVE-2021-4121 | 2021-12-16 | Cross-site Scripting (XSS) - Stored in yetiforcecompany/yetiforcecrm |
| CVE-2021-4123 | 2021-12-16 | Cross-Site Request Forgery (CSRF) in livehelperchat/livehelperchat |
| CVE-2021-40835 | 2021-12-16 | URL Address Bar Spoofing in F-Secure SAFE Browser for iOS |
| CVE-2021-4124 | 2021-12-16 | Cross-site Scripting (XSS) - Stored in meetecho/janus-gateway |
| CVE-2021-3959 | 2021-12-16 | Server-Side Request Forgery in Bitdefender GravityZone Update Server in Relay Mode (VA-10145) |
| CVE-2021-3960 | 2021-12-16 | Privilege Escalation via the GravityZone productManager UpdateServer.KitsManager API (VA-10146) |
| CVE-2021-42912 | 2021-12-16 | FiberHome ONU GPON AN5506-04-F RP2617 is affected by an OS... |
| CVE-2021-41962 | 2021-12-16 | Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service... |
| CVE-2021-37262 | 2021-12-16 | JFinal_cms 5.1.0 is vulnerable to regex injection that may lead... |
| CVE-2021-41260 | 2021-12-16 | Missing CSRF checks in Galette |
| CVE-2021-41262 | 2021-12-16 | SQL Injection in Galette |
| CVE-2021-41261 | 2021-12-16 | Stored Cross-site Scripting in Galette |
| CVE-2021-41028 | 2021-12-16 | A combination of a use of hard-coded cryptographic key vulnerability... |
| CVE-2021-38244 | 2021-12-16 | A regular expression denial of service (ReDoS) vulnerability exits in... |
| CVE-2021-43812 | 2021-12-16 | Open redirect in nextjs-auth0 |
| CVE-2021-44315 | 2021-12-16 | In Bus Pass Management System v1.0, Directory Listing/Browsing is enabled... |
| CVE-2021-44317 | 2021-12-16 | In Bus Pass Management System v1.0, parameters 'pagedes' and `About... |
| CVE-2021-43837 | 2021-12-16 | Template injection in vault-cli |
| CVE-2021-26800 | 2021-12-16 | Cross Site Request Forgery (CSRF) vulnerability in Change-password.php in phpgurukul... |
| CVE-2020-35209 | 2021-12-16 | An issue in Atomix v3.1.5 allows unauthorized Atomix nodes to... |
| CVE-2020-35210 | 2021-12-16 | A vulnerability in Atomix v3.1.5 allows attackers to cause a... |
| CVE-2020-35211 | 2021-12-16 | An issue in Atomix v3.1.5 allows unauthorized Atomix nodes to... |
| CVE-2020-35213 | 2021-12-16 | An issue in Atomix v3.1.5 allows attackers to cause a... |
| CVE-2020-35214 | 2021-12-16 | An issue in Atomix v3.1.5 allows a malicious Atomix node... |
| CVE-2020-35215 | 2021-12-16 | An issue in Atomix v3.1.5 allows attackers to access sensitive... |
| CVE-2020-35216 | 2021-12-16 | An issue in Atomix v3.1.5 allows attackers to cause a... |
| CVE-2021-3179 | 2021-12-16 | GGLocker iOS application, contains an insecure data storage of the... |
| CVE-2021-4008 | 2021-12-17 | A flaw was found in xorg-x11-server in versions before 21.1.2... |
| CVE-2021-4009 | 2021-12-17 | A flaw was found in xorg-x11-server in versions before 21.1.2... |
| CVE-2021-4010 | 2021-12-17 | A flaw was found in xorg-x11-server in versions before 21.1.2... |
| CVE-2021-4011 | 2021-12-17 | A flaw was found in xorg-x11-server in versions before 21.1.2... |
| CVE-2021-44857 | 2021-12-17 | An issue was discovered in MediaWiki before 1.35.5, 1.36.x before... |
| CVE-2021-45038 | 2021-12-17 | An issue was discovered in MediaWiki before 1.35.5, 1.36.x before... |
| CVE-2021-41843 | 2021-12-17 | An authenticated SQL injection issue in the calendar search function... |
| CVE-2021-44145 | 2021-12-17 | Apache NiFi information disclosure by XXE |
| CVE-2021-36779 | 2021-12-17 | Host operations allowed in privileged Longhorn managed pods |
| CVE-2021-36780 | 2021-12-17 | Unauthorized data access from replicas through vulnerable instance manager pods |
| CVE-2021-4132 | 2021-12-17 | Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat |
| CVE-2021-43678 | 2021-12-17 | Wechat-php-sdk v1.10.2 is affected by a Cross Site Scripting (XSS)... |
| CVE-2021-42584 | 2021-12-17 | A Stored Cross Site Scripting (XSS) issue exists in Convos-Chat... |
| CVE-2021-45042 | 2021-12-17 | In HashiCorp Vault and Vault Enterprise before 1.7.7, 1.8.x before... |
| CVE-2021-41451 | 2021-12-17 | A misconfiguration in HTTP/1.0 and HTTP/1.1 of the web interface... |
| CVE-2021-44035 | 2021-12-17 | Wolters Kluwer TeamMate AM 12.4 Update 1 mishandles attachment uploads,... |