Lista CVE - 2021 / Aprile
Visualizzazione 1601 - 1700 di 1817 CVE per Aprile 2021 (Pagina 17 di 19)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2020-36326 | 2021-04-28 | PHPMailer 6.1.8 through 6.4.0 allows object injection through Phar Deserialization... |
| CVE-2021-31856 | 2021-04-28 | A SQL Injection vulnerability in the REST API in Layer5... |
| CVE-2021-31866 | 2021-04-28 | Redmine before 4.0.9 and 4.1.x before 4.1.3 allows an attacker... |
| CVE-2021-31865 | 2021-04-28 | Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1... |
| CVE-2021-31864 | 2021-04-28 | Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1... |
| CVE-2021-31863 | 2021-04-28 | Insufficient input validation in the Git repository integration of Redmine... |
| CVE-2021-31778 | 2021-04-28 | The media2click (aka 2 Clicks for External Media) extension 1.x... |
| CVE-2021-31779 | 2021-04-28 | The yoast_seo (aka Yoast SEO) extension before 7.2.1 for TYPO3... |
| CVE-2021-31777 | 2021-04-28 | The dce (aka Dynamic Content Element) extension 2.2.0 through 2.6.x... |
| CVE-2021-27933 | 2021-04-28 | pfSense 2.5.0 allows XSS via the services_wol_edit.php Description field. |
| CVE-2021-27648 | 2021-04-28 | Externally controlled reference to a resource in another sphere in... |
| CVE-2021-30166 | 2021-04-28 | MERIT LILIN ENT.CO.,LTD. P2/Z2/P3/Z3 IP camera - Command Injection |
| CVE-2021-30167 | 2021-04-28 | MERIT LILIN ENT.CO.,LTD. P2/Z2/P3/Z3 IP camera - Broken Authentication |
| CVE-2021-30168 | 2021-04-28 | MERIT LILIN ENT.CO.,LTD. P2/Z2/P3/Z3 IP camera - Sensitive Data Exposure-1 |
| CVE-2021-30169 | 2021-04-28 | MERIT LILIN ENT.CO.,LTD. P2/Z2/P3/Z3 IP camera - Sensitive Data Exposure-2 |
| CVE-2021-22514 | 2021-04-28 | An arbitrary code execution vulnerability exists in Micro Focus Application... |
| CVE-2021-22327 | 2021-04-28 | There is an arbitrary memory write vulnerability in Huawei smart... |
| CVE-2021-22393 | 2021-04-28 | There is a denial of service vulnerability in some versions... |
| CVE-2021-22330 | 2021-04-28 | There is an out of bounds write vulnerability in Huawei... |
| CVE-2021-22332 | 2021-04-28 | There is a pointer double free vulnerability in some versions... |
| CVE-2021-22331 | 2021-04-28 | There is a JavaScript injection vulnerability in certain Huawei smartphones.... |
| CVE-2021-29159 | 2021-04-28 | A cross-site scripting (XSS) vulnerability has been discovered in Nexus... |
| CVE-2021-29387 | 2021-04-28 | Multiple stored cross-site scripting (XSS) vulnerabilities in Sourcecodester Equipment Inventory... |
| CVE-2020-18020 | 2021-04-28 | SQL Injection in PHPSHE Mall System v1.7 allows remote attackers... |
| CVE-2020-18019 | 2021-04-28 | SQL Injection in Xinhu OA System v1.8.3 allows remote attackers... |
| CVE-2021-29388 | 2021-04-28 | A stored cross-site scripting (XSS) vulnerability in SourceCodester Budget Management... |
| CVE-2021-3508 | 2021-04-28 | A flaw was found in PDFResurrect in version 0.22b. There... |
| CVE-2020-21991 | 2021-04-28 | AVE DOMINAplus <=1.10.x suffers from an authentication bypass vulnerability due... |
| CVE-2020-7123 | 2021-04-28 | A local escalation of privilege vulnerability was discovered in Aruba... |
| CVE-2021-25147 | 2021-04-28 | A remote authentication restriction bypass vulnerability was discovered in Aruba... |
| CVE-2020-21993 | 2021-04-28 | In WEMS Limited Enterprise Manager 2.58, input passed to the... |
| CVE-2020-21994 | 2021-04-28 | AVE DOMINAplus <=1.10.x suffers from clear-text credentials disclosure vulnerability that... |
| CVE-2020-21996 | 2021-04-28 | AVE DOMINAplus <=1.10.x suffers from an unauthenticated reboot command execution.... |
| CVE-2020-18022 | 2021-04-28 | Cross Site Scripting (XSS) in Qibosoft QiboCMS v7 and earlier... |
| CVE-2020-17999 | 2021-04-28 | Cross Site Scripting (XSS) in MiniCMS v1.10 allows remote attackers... |
| CVE-2021-23364 | 2021-04-28 | Regular Expression Denial of Service (ReDoS) |
| CVE-2021-29482 | 2021-04-28 | denial of service in github.com/ulikunitz/xz |
| CVE-2021-25151 | 2021-04-28 | A remote insecure deserialization vulnerability was discovered in Aruba AirWave... |
| CVE-2021-25154 | 2021-04-28 | A remote escalation of privilege vulnerability was discovered in Aruba... |
| CVE-2021-25153 | 2021-04-28 | A remote SQL injection vulnerability was discovered in Aruba AirWave... |
| CVE-2021-25152 | 2021-04-28 | A remote insecure deserialization vulnerability was discovered in Aruba AirWave... |
| CVE-2021-25164 | 2021-04-28 | A remote XML external entity vulnerability was discovered in Aruba... |
| CVE-2021-25165 | 2021-04-28 | A remote XML external entity vulnerability was discovered in Aruba... |
| CVE-2020-22785 | 2021-04-28 | Etherpad < 1.8.3 is affected by a missing lock check... |
| CVE-2020-22784 | 2021-04-28 | In Etherpad UeberDB < 0.4.4, due to MySQL omitting trailing... |
| CVE-2020-22783 | 2021-04-28 | Etherpad <1.8.3 stored passwords used by users insecurely in the... |
| CVE-2020-22782 | 2021-04-28 | Etherpad < 1.8.3 is affected by a denial of service... |
| CVE-2020-22781 | 2021-04-28 | In Etherpad < 1.8.3, a specially crafted URI would raise... |
| CVE-2020-22790 | 2021-04-28 | Authenticated Stored XSS in FME Server versions 2019.2 and 2020.0... |
| CVE-2020-22789 | 2021-04-28 | Unauthenticated Stored XSS in FME Server versions 2019.2 and 2020.0... |
| CVE-2021-2321 | 2021-04-28 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization... |
| CVE-2021-29483 | 2021-04-28 | wikiconfig API leaked private config variables set through ManageWiki |
| CVE-2020-7037 | 2021-04-28 | Avaya Equinox Conferencing XXE vulnerability |
| CVE-2020-7038 | 2021-04-28 | Avaya Meetings Server Information Disclosure vulnerability |
| CVE-2020-15225 | 2021-04-29 | Denial of Service vulnerability in django-filter |
| CVE-2021-20294 | 2021-04-29 | A flaw was found in binutils readelf 2.35 program. An... |
| CVE-2021-31875 | 2021-04-29 | In mjs_json.c in Cesanta MongooseOS mJS 1.26, a maliciously formed... |
| CVE-2021-20090 | 2021-04-29 | A path traversal vulnerability in the web interfaces of Buffalo... |
| CVE-2021-31776 | 2021-04-29 | Aviatrix VPN Client before 2.14.14 on Windows has an unquoted... |
| CVE-2021-21391 | 2021-04-29 | Regular expression Denial of Service in multiple packages |
| CVE-2021-21414 | 2021-04-29 | Command injection vulnerability in @prisma/sdk in getPackedPackage function |
| CVE-2021-25214 | 2021-04-29 | A broken inbound incremental zone update (IXFR) can cause named to terminate unexpectedly |
| CVE-2021-25215 | 2021-04-29 | An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself |
| CVE-2021-25216 | 2021-04-29 | A second vulnerability in BIND's GSSAPI security policy negotiation can be targeted by a buffer overflow attack |
| CVE-2020-36327 | 2021-04-29 | Bundler 1.16.0 through 2.2.9 and 2.2.11 through 2.2.16 sometimes chooses... |
| CVE-2021-31879 | 2021-04-29 | GNU Wget through 1.21.1 does not omit the Authorization header... |
| CVE-2021-25163 | 2021-04-29 | A remote XML external entity vulnerability was discovered in Aruba... |
| CVE-2021-25166 | 2021-04-29 | A remote unauthorized access vulnerability was discovered in Aruba AirWave... |
| CVE-2021-25167 | 2021-04-29 | A remote unauthorized access vulnerability was discovered in Aruba AirWave... |
| CVE-2021-29137 | 2021-04-29 | A remote URL redirection vulnerability was discovered in Aruba AirWave... |
| CVE-2021-29146 | 2021-04-29 | A remote cross-site scripting (XSS) vulnerability was discovered in Aruba... |
| CVE-2021-29145 | 2021-04-29 | A remote server side request forgery (SSRF) remote code execution... |
| CVE-2021-29144 | 2021-04-29 | A remote disclosure of sensitive information vulnerability was discovered in... |
| CVE-2021-29147 | 2021-04-29 | A remote arbitrary command execution vulnerability was discovered in Aruba... |
| CVE-2021-29142 | 2021-04-29 | A remote cross-site scripting (XSS) vulnerability was discovered in Aruba... |
| CVE-2021-29140 | 2021-04-29 | A remote XML external entity (XXE) vulnerability was discovered in... |
| CVE-2021-29138 | 2021-04-29 | A remote disclosure of privileged information vulnerability was discovered in... |
| CVE-2021-29139 | 2021-04-29 | A remote cross-site scripting (XSS) vulnerability was discovered in Aruba... |
| CVE-2021-29141 | 2021-04-29 | A remote disclosure of sensitive information vulnerability was discovered in... |
| CVE-2020-21990 | 2021-04-29 | Emmanuel MyDomoAtHome (MDAH) REST API REST API Domoticz ISS Gateway... |
| CVE-2020-21992 | 2021-04-29 | Inim Electronics SmartLiving SmartLAN/G/SI <=6.x suffers from an authenticated remote... |
| CVE-2021-28899 | 2021-04-29 | Vulnerability in the AC3AudioFileServerMediaSubsession, ADTSAudioFileServerMediaSubsession, and AMRAudioFileServerMediaSubsessionLive OnDemandServerMediaSubsession subclasses in... |
| CVE-2020-21995 | 2021-04-29 | Inim Electronics Smartliving SmartLAN/G/SI <=6.x uses default hardcoded credentials. An... |
| CVE-2020-21997 | 2021-04-29 | Smartwares HOME easy <=1.0.9 is vulnerable to an unauthenticated database... |
| CVE-2020-22002 | 2021-04-29 | An Unauthenticated Server-Side Request Forgery (SSRF) vulnerability exists in Inim... |
| CVE-2021-20091 | 2021-04-29 | The web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02... |
| CVE-2021-20092 | 2021-04-29 | The web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02... |
| CVE-2021-30027 | 2021-04-29 | md_analyze_line in md4c.c in md4c 0.4.7 allows attackers to trigger... |
| CVE-2021-30218 | 2021-04-29 | samurai 1.2 has a NULL pointer dereference in writefile() in... |
| CVE-2021-30219 | 2021-04-29 | samurai 1.2 has a NULL pointer dereference in printstatus() function... |
| CVE-2021-27651 | 2021-04-29 | In versions 8.2.1 through 8.5.2 of Pega Infinity, the password... |
| CVE-2021-30224 | 2021-04-29 | Cross Site Request Forgery (CSRF) in Rukovoditel v2.8.3 allows attackers... |
| CVE-2021-28280 | 2021-04-29 | CSRF + Cross-site scripting (XSS) vulnerability in search.php in PHPFusion... |
| CVE-2021-30227 | 2021-04-29 | Cross Site Scripting (XSS) vulnerability in the article comments feature... |
| CVE-2021-29350 | 2021-04-29 | SQL injection in the getip function in conn/function.php in 发货100-设计素材下载系统... |
| CVE-2021-20228 | 2021-04-29 | A flaw was found in the Ansible Engine 2.9.18, where... |
| CVE-2021-25810 | 2021-04-29 | Cross site Scripting (XSS) vulnerability in MERCUSYS Mercury X18G 1.0.5... |
| CVE-2021-25811 | 2021-04-29 | MERCUSYS Mercury X18G 1.0.5 devices allow Denial of service via... |
| CVE-2021-25812 | 2021-04-29 | Command injection vulnerability in China Mobile An Lianbao WF-1 1.01... |
| CVE-2021-30228 | 2021-04-29 | The api/ZRAndlink/set_ZRAndlink interface in China Mobile An Lianbao WF-1 router... |