Lista CVE - 2021 / Febbraio
Visualizzazione 201 - 300 di 1455 CVE per Febbraio 2021 (Pagina 3 di 15)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2021-1341 | 2021-02-04 | Cisco Small Business RV Series Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities |
| CVE-2021-1340 | 2021-02-04 | Cisco Small Business RV Series Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities |
| CVE-2021-1339 | 2021-02-04 | Cisco Small Business RV Series Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities |
| CVE-2021-1338 | 2021-02-04 | Cisco Small Business RV Series Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities |
| CVE-2021-1337 | 2021-02-04 | Cisco Small Business RV Series Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities |
| CVE-2021-1336 | 2021-02-04 | Cisco Small Business RV Series Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities |
| CVE-2021-1335 | 2021-02-04 | Cisco Small Business RV Series Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities |
| CVE-2021-1334 | 2021-02-04 | Cisco Small Business RV Series Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities |
| CVE-2021-1333 | 2021-02-04 | Cisco Small Business RV Series Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities |
| CVE-2021-1332 | 2021-02-04 | Cisco Small Business RV Series Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities |
| CVE-2021-1331 | 2021-02-04 | Cisco Small Business RV Series Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities |
| CVE-2021-1330 | 2021-02-04 | Cisco Small Business RV Series Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities |
| CVE-2021-1329 | 2021-02-04 | Cisco Small Business RV Series Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities |
| CVE-2021-1328 | 2021-02-04 | Cisco Small Business RV Series Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities |
| CVE-2021-1327 | 2021-02-04 | Cisco Small Business RV Series Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities |
| CVE-2021-1326 | 2021-02-04 | Cisco Small Business RV Series Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities |
| CVE-2021-1325 | 2021-02-04 | Cisco Small Business RV Series Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities |
| CVE-2021-1324 | 2021-02-04 | Cisco Small Business RV Series Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities |
| CVE-2021-1323 | 2021-02-04 | Cisco Small Business RV Series Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities |
| CVE-2021-1322 | 2021-02-04 | Cisco Small Business RV Series Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities |
| CVE-2020-27872 | 2021-02-04 | This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7450 1.2.0.62_1.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the... |
| CVE-2020-27873 | 2021-02-04 | This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R7450 1.2.0.62_1.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within... |
| CVE-2020-4640 | 2021-02-04 | Certain IBM API Connect 10.0.0.0 through 10.0.1.0 and 2018.4.1.0 through 2018.4.1.13 configurations can result in sensitive information in the URL fragment identifiers. This information can be cached in the intermediate... |
| CVE-2020-4825 | 2021-02-04 | IBM API Connect 10.0.0.0 through 10.0.1.0 and 2018.4.1.0 through 2018.4.1.13 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering... |
| CVE-2020-4826 | 2021-02-04 | IBM API Connect 10.0.0.0 through 10.0.1.0 and 2018.4.1.0 through 2018.4.1.13 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a... |
| CVE-2020-4827 | 2021-02-04 | IBM API Connect 10.0.0.0 through 10.0.1.0 and 2018.4.1.0 through 2018.4.1.13 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a... |
| CVE-2020-4828 | 2021-02-04 | IBM API Connect 10.0.0.0 through 10.0.1.0 and 2018.4.1.0 through 2018.4.1.13 is vulnerable to web cache poisoning, caused by improper input validation by modifying HTTP request headers. IBM X-Force ID: 189842. |
| CVE-2020-5032 | 2021-02-04 | IBM QRadar SIEM 7.3 and 7.4 in some configurations may be vulnerable to a temporary denial of service attack when sent particular payloads. IBM X-Force ID: 194178. |
| CVE-2021-1321 | 2021-02-04 | Cisco Small Business RV Series Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities |
| CVE-2021-1320 | 2021-02-04 | Cisco Small Business RV Series Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities |
| CVE-2021-1319 | 2021-02-04 | Cisco Small Business RV Series Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities |
| CVE-2021-1318 | 2021-02-04 | Cisco Small Business RV Series Routers Management Interface Command Injection Vulnerabilities |
| CVE-2021-1317 | 2021-02-04 | Cisco Small Business RV Series Routers Management Interface Command Injection Vulnerabilities |
| CVE-2021-1316 | 2021-02-04 | Cisco Small Business RV Series Routers Management Interface Command Injection Vulnerabilities |
| CVE-2021-1315 | 2021-02-04 | Cisco Small Business RV Series Routers Management Interface Command Injection Vulnerabilities |
| CVE-2021-1314 | 2021-02-04 | Cisco Small Business RV Series Routers Management Interface Command Injection Vulnerabilities |
| CVE-2021-1313 | 2021-02-04 | Cisco IOS XR Software Enf Broker Denial of Service Vulnerability |
| CVE-2021-1297 | 2021-02-04 | Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Arbitrary File Write Vulnerabilities |
| CVE-2021-1296 | 2021-02-04 | Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Arbitrary File Write Vulnerabilities |
| CVE-2021-1295 | 2021-02-04 | Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Remote Code Execution Vulnerabilities |
| CVE-2021-1294 | 2021-02-04 | Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Remote Code Execution Vulnerabilities |
| CVE-2021-1293 | 2021-02-04 | Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Remote Code Execution Vulnerabilities |
| CVE-2021-1292 | 2021-02-04 | Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Remote Code Execution Vulnerabilities |
| CVE-2021-1291 | 2021-02-04 | Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Remote Code Execution Vulnerabilities |
| CVE-2021-1290 | 2021-02-04 | Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Remote Code Execution Vulnerabilities |
| CVE-2021-0343 | 2021-02-04 | In kisd, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2021-0344 | 2021-02-04 | In mtkpower, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is... |
| CVE-2021-0345 | 2021-02-04 | In mobile_log_d, there is a possible escalation of privilege due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is... |
| CVE-2021-0346 | 2021-02-04 | In vpu, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2021-0347 | 2021-02-04 | In ccu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction... |
| CVE-2021-0348 | 2021-02-04 | In vpu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2021-0349 | 2021-02-04 | In display driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction... |
| CVE-2021-0350 | 2021-02-04 | In ged, there is a possible system crash due to an improper input validation. This could lead to local denial of service with System execution privileges needed. User interaction is... |
| CVE-2021-0351 | 2021-02-04 | In wlan driver, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User... |
| CVE-2021-25227 | 2021-02-04 | Trend Micro Antivirus for Mac 2021 (Consumer) is vulnerable to a memory exhaustion vulnerability that could lead to disabling all the scanning functionality within the application. Please note: an attacker... |
| CVE-2021-25228 | 2021-02-04 | An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information... |
| CVE-2021-25229 | 2021-02-04 | An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about the database server. |
| CVE-2021-25230 | 2021-02-04 | An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about the contents of a... |
| CVE-2021-25231 | 2021-02-04 | An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information... |
| CVE-2021-25232 | 2021-02-04 | An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about the SQL database. |
| CVE-2021-25233 | 2021-02-04 | An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information... |
| CVE-2021-25234 | 2021-02-04 | An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information... |
| CVE-2021-25235 | 2021-02-04 | An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about a content inspection configuration... |
| CVE-2021-25236 | 2021-02-04 | A server-side request forgery (SSRF) information disclosure vulnerability in Trend Micro OfficeScan XG SP1 and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to locate online agents via... |
| CVE-2021-25237 | 2021-02-04 | An improper access control vulnerability in Trend Micro Apex One (on-prem) could allow an unauthenticated user to obtain information about the managing port used by agents. |
| CVE-2021-25238 | 2021-02-04 | An improper access control information disclosure vulnerability in Trend Micro OfficeScan XG SP1 and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about an agent's... |
| CVE-2021-25239 | 2021-02-04 | An improper access control vulnerability in Trend Micro Apex One (on-prem), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about x86... |
| CVE-2021-25240 | 2021-02-04 | An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain x64... |
| CVE-2021-25241 | 2021-02-04 | A server-side request forgery (SSRF) information disclosure vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to locate online agents via a... |
| CVE-2021-25242 | 2021-02-04 | An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain version... |
| CVE-2021-25243 | 2021-02-04 | An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain patch... |
| CVE-2021-25244 | 2021-02-04 | An improper access control vulnerability in Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain various pieces of configuration informaiton. |
| CVE-2021-25245 | 2021-02-04 | An improper access control vulnerability in Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain various pieces of settings informaiton. |
| CVE-2021-25246 | 2021-02-04 | An improper access control information disclosure vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG SP1, and Worry-Free Business Security could allow an unauthenticated user to... |
| CVE-2021-25248 | 2021-02-04 | An out-of-bounds read information disclosure vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security (10.0 SP1 and Services) could allow an attacker to... |
| CVE-2021-25249 | 2021-02-04 | An out-of-bounds write information disclosure vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker... |
| CVE-2020-18713 | 2021-02-04 | SQL Injection in Rockoa v1.8.7 allows remote attackers to gain privileges due to loose filtering of parameters in customerAction.php |
| CVE-2020-18714 | 2021-02-04 | SQL Injection in Rockoa v1.8.7 allows remote attackers to gain privileges due to loose filtering of parameters in wordModel.php's getdata function. |
| CVE-2020-18716 | 2021-02-04 | SQL Injection in Rockoa v1.8.7 allows remote attackers to gain privileges due to loose filtering of parameters in wordAction.php. |
| CVE-2020-18717 | 2021-02-04 | SQL Injection in ZZZCMS zzzphp 1.7.1 allows remote attackers to execute arbitrary code due to a lack of parameter filtering in inc/zzz_template.php. |
| CVE-2021-20176 | 2021-02-05 | A divide-by-zero flaw was found in ImageMagick 6.9.11-57 and 7.0.10-57 in gem.c. This flaw allows an attacker who submits a crafted file that is processed by ImageMagick to trigger undefined... |
| CVE-2021-3311 | 2021-02-05 | An issue was discovered in October through build 471. It reactivates an old session ID (which had been invalid after a logout) once a new login occurs. NOTE: this violates... |
| CVE-2020-36241 | 2021-02-05 | autoar-extractor.c in GNOME gnome-autoar through 0.2.4, as used by GNOME Shell, Nautilus, and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent... |
| CVE-2021-26708 | 2021-02-05 | A local privilege escalation was discovered in the Linux kernel before 5.10.13. Multiple race conditions in the AF_VSOCK implementation are caused by wrong locking in net/vmw_vsock/af_vsock.c. The race conditions were... |
| CVE-2021-26711 | 2021-02-05 | A frame-injection issue in the online help in Redwood Report2Web 4.3.4.5 allows remote attackers to render an external resource inside a frame via the help/Online_Help/NetHelp/default.htm turl parameter. |
| CVE-2021-26710 | 2021-02-05 | A cross-site scripting (XSS) issue in the login panel in Redwood Report2Web 4.3.4.5 and 4.5.3 allows remote attackers to inject JavaScript via the signIn.do urll parameter. |
| CVE-2020-35765 | 2021-02-05 | doFilter in com.adventnet.appmanager.filter.UriCollector in Zoho ManageEngine Applications Manager through 14930 allows an authenticated SQL Injection via the resourceid parameter to showresource.do. |
| CVE-2020-8806 | 2021-02-05 | Electric Coin Company Zcashd before 2.1.1-1 allows attackers to trigger consensus failure and double spending. A valid chain could be incorrectly rejected because timestamp requirements on block headers were not... |
| CVE-2020-8807 | 2021-02-05 | In Electric Coin Company Zcashd before 2.1.1-1, the time offset between messages could be leveraged to obtain sensitive information about the relationship between a suspected victim's address and an IP... |
| CVE-2020-10537 | 2021-02-05 | An issue was discovered in Epikur before 20.1.1. A Glassfish 4.1 server with a default configuration is running on TCP port 4848. No password is required to access it with... |
| CVE-2020-10538 | 2021-02-05 | An issue was discovered in Epikur before 20.1.1. It stores the secret passwords of the users as MD5 hashes in the database. MD5 can be brute-forced efficiently and should not... |
| CVE-2020-10539 | 2021-02-05 | An issue was discovered in Epikur before 20.1.1. The Epikur server contains the checkPasswort() function that, upon user login, checks the submitted password against the user password's MD5 hash stored... |
| CVE-2021-20623 | 2021-02-05 | Video Insight VMS versions prior to 7.8 allows a remote attacker to execute arbitrary code with the system user privilege by sending a specially crafted request. |
| CVE-2021-20652 | 2021-02-05 | Cross-site request forgery (CSRF) vulnerability in Name Directory 1.17.4 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. |
| CVE-2021-3333 | 2021-02-05 | Opmantek Open-AudIT 4.0.1 is affected by cross-site scripting (XSS). When outputting SQL statements for debugging, a maliciously crafted query can trigger an XSS attack. This attack only succeeds if the... |
| CVE-2020-4832 | 2021-02-05 | IBM PowerHA 7.2 could allow a local attacker to obtain sensitive information from temporary directories after a discovery failure occurs. IBM X-Force ID: 189969. |
| CVE-2021-3382 | 2021-02-05 | Stack buffer overflow vulnerability in gitea 1.9.0 through 1.13.1 allows remote attackers to cause a denial of service (crash) via vectors related to a file path. |
| CVE-2020-18737 | 2021-02-05 | An issue was discovered in Typora 0.9.67. There is an XSS vulnerability that causes Remote Code Execution. |
| CVE-2021-3258 | 2021-02-05 | Question2Answer Q2A Ultimate SEO Version 1.3 is affected by cross-site scripting (XSS), which may lead to arbitrary remote code execution. |
| CVE-2021-26722 | 2021-02-05 | LinkedIn Oncall through 1.4.0 allows reflected XSS via /query because of mishandling of the "No results found for" message in the search bar. |