Lista CVE - 2021 / Luglio
Visualizzazione 1401 - 1500 di 1581 CVE per Luglio 2021 (Pagina 15 di 16)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2021-37440 | 2021-07-25 | NCH Axon PBX v2.22 and earlier allows path traversal for... |
| CVE-2021-37439 | 2021-07-25 | NCH FlexiServer v6.00 suffers from a syslog?file=/.. path traversal vulnerability. |
| CVE-2021-31292 | 2021-07-26 | An integer overflow in CrwMap::encode0x1810 of Exiv2 0.27.3 allows attackers... |
| CVE-2021-32791 | 2021-07-26 | Hardcoded static IV and AAD with a reused key in AES GCM encryption in mod_auth_openidc |
| CVE-2021-32792 | 2021-07-26 | XSS vulnerability when using OIDCPreservePost On in mod_auth_openidc |
| CVE-2021-3664 | 2021-07-26 | Open Redirect in unshiftio/url-parse |
| CVE-2021-21440 | 2021-07-26 | Support Bundle includes S/Mime and PGP keys |
| CVE-2021-21442 | 2021-07-26 | XSS vulnerability in Time Accounting |
| CVE-2021-21443 | 2021-07-26 | Unautorized listing of the customer user emails |
| CVE-2021-36091 | 2021-07-26 | Unautorized access to the calendar appointments |
| CVE-2021-36092 | 2021-07-26 | XSS attack using special link in email |
| CVE-2021-33900 | 2021-07-26 | StartTLS and SASL confidentiality protection bypass |
| CVE-2021-35030 | 2021-07-26 | A vulnerability was found in the CGI program in Zyxel... |
| CVE-2020-12681 | 2021-07-26 | Missing TLS certificate validation on 3xLogic Infinias eIDC32 devices through... |
| CVE-2021-22144 | 2021-07-26 | In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion... |
| CVE-2020-4623 | 2021-07-26 | IBM i2 iBase 8.9.13 could allow a local authenticated attacker... |
| CVE-2021-20337 | 2021-07-26 | IBM QRadar SIEM 7.3.0 to 7.3.3 Patch 8 and 7.4.0... |
| CVE-2021-20430 | 2021-07-26 | IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1,... |
| CVE-2021-20431 | 2021-07-26 | IBM i2 Analyst's Notebook Premium 9.2.0, 9.2.1, and 9.2.2 does... |
| CVE-2021-20560 | 2021-07-26 | IBM Sterling Connect:Direct Browser User Interface 1.4.1.1 and 1.5.0.2 could... |
| CVE-2021-29766 | 2021-07-26 | IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1,... |
| CVE-2021-29767 | 2021-07-26 | IBM i2 Analyst's Notebook Premium 9.2.0, 9.2.1, and 9.2.2 could... |
| CVE-2021-29769 | 2021-07-26 | IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1,... |
| CVE-2021-29770 | 2021-07-26 | IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1,... |
| CVE-2021-29784 | 2021-07-26 | IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2 could allow a... |
| CVE-2021-26824 | 2021-07-26 | DM FingerTool v1.19 in the DM PD065 Secure USB is... |
| CVE-2021-37534 | 2021-07-26 | app/View/GalaxyClusters/add.ctp in MISP 2.4.146 allows Stored XSS when forking a... |
| CVE-2021-33629 | 2021-07-26 | isula-build before 0.9.5-6 can cause a program crash, when building... |
| CVE-2021-32631 | 2021-07-26 | JSON Web Tokens not properly verified |
| CVE-2021-32789 | 2021-07-26 | Arbitrary SQL (SQL injection) possible via the Store API component. |
| CVE-2021-25801 | 2021-07-26 | A buffer overflow vulnerability in the __Parse_indx component of VideoLAN... |
| CVE-2021-25802 | 2021-07-26 | A buffer overflow vulnerability in the AVI_ExtractSubtitle component of VideoLAN... |
| CVE-2021-25803 | 2021-07-26 | A buffer overflow vulnerability in the vlc_input_attachment_New component of VideoLAN... |
| CVE-2021-25804 | 2021-07-26 | A NULL-pointer dereference in "Open" in avi.c of VideoLAN VLC... |
| CVE-2021-32790 | 2021-07-26 | Blind SQL Injection possible via Authenticated Web-hook Search API Endpoint |
| CVE-2021-37392 | 2021-07-26 | In RPCMS v1.8 and below, the "nickname" variable is not... |
| CVE-2021-37393 | 2021-07-26 | In RPCMS v1.8 and below, the "nickname" variable is not... |
| CVE-2021-37394 | 2021-07-26 | In RPCMS v1.8 and below, attackers can interact with API... |
| CVE-2021-37473 | 2021-07-26 | In NavigateCMS version 2.9.4 and below, function in `product.php` is... |
| CVE-2021-37475 | 2021-07-26 | In NavigateCMS version 2.9.4 and below, function in `templates.php` is... |
| CVE-2021-37476 | 2021-07-26 | In NavigateCMS version 2.9.4 and below, function in `product.php` is... |
| CVE-2021-37477 | 2021-07-26 | In NavigateCMS version 2.9.4 and below, function in `structure.php` is... |
| CVE-2021-37478 | 2021-07-26 | In NavigateCMS version 2.9.4 and below, function `block` is vulnerable... |
| CVE-2021-36563 | 2021-07-26 | The CheckMK management web console (versions 1.5.0 to 2.0.0) does... |
| CVE-2020-18169 | 2021-07-26 | A vulnerability in the Windows installer XML (WiX) toolset of... |
| CVE-2020-18170 | 2021-07-26 | An issue in the SeChangeNotifyPrivilege component of Abloy Key Manager... |
| CVE-2020-18171 | 2021-07-26 | TechSmith Snagit 19.1.0.2653 uses Object Linking and Embedding (OLE) which... |
| CVE-2020-18172 | 2021-07-26 | A code injection vulnerability in the SeDebugPrivilege component of Trezor... |
| CVE-2020-18173 | 2021-07-26 | A DLL injection vulnerability in 1password.dll of 1Password 7.3.712 allows... |
| CVE-2020-18174 | 2021-07-26 | A process injection vulnerability in setup.exe of AutoHotkey 1.1.32.00 allows... |
| CVE-2021-32794 | 2021-07-26 | Accidental removal of IPCPassword (< 5.1.2.4) |
| CVE-2020-23234 | 2021-07-26 | Cross Site Scripting (XSS) vulnerabiity exists in LavaLite CMS 5.8.0... |
| CVE-2021-32795 | 2021-07-26 | Denial of Service via Steam chat in ArchiSteamFarm |
| CVE-2020-23238 | 2021-07-26 | Cross Site Scripting (XSS) vulnerability in Evolution CMS 2.0.2 via... |
| CVE-2020-17952 | 2021-07-26 | A remote code execution (RCE) vulnerability in /library/think/App.php of Twothink... |
| CVE-2020-23239 | 2021-07-26 | Cross Site Scripting (XSS) vulnerability in Textpattern CMS 4.8.1 via... |
| CVE-2020-23240 | 2021-07-26 | Cross Site Scripting (XSS) vulnerablity in CMS Made Simple 2.2.14... |
| CVE-2020-23241 | 2021-07-26 | Cross Site Scripting (XSS) vulnerability in CMS Made Simple 2.2.14... |
| CVE-2020-23242 | 2021-07-26 | Cross Site Scripting (XSS) vulnerability in NavigateCMS 2.9 when performing... |
| CVE-2020-23243 | 2021-07-26 | Cross Site Scripting (XSS) vulnerability in NavigateCMS NavigateCMS 2.9 via... |
| CVE-2021-37555 | 2021-07-26 | TX9 Automatic Food Dispenser v3.2.57 devices allow access to a... |
| CVE-2021-37576 | 2021-07-26 | arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc... |
| CVE-2020-18428 | 2021-07-26 | tinyexr commit 0.9.5 was discovered to contain an array index... |
| CVE-2020-18430 | 2021-07-26 | tinyexr 0.9.5 was discovered to contain an array index error... |
| CVE-2020-11511 | 2021-07-27 | The LearnPress plugin before 3.2.6.9 for WordPress allows remote attackers... |
| CVE-2021-28094 | 2021-07-27 | OX Documents before 7.10.5-rev7 has Incorrect Access Control for converted... |
| CVE-2021-28093 | 2021-07-27 | OX Documents before 7.10.5-rev5 has Incorrect Access Control of converted... |
| CVE-2021-28095 | 2021-07-27 | OX Documents before 7.10.5-rev5 has Incorrect Access Control for documents... |
| CVE-2021-31878 | 2021-07-27 | An issue was discovered in PJSIP in Asterisk before 16.19.1... |
| CVE-2021-32558 | 2021-07-27 | An issue was discovered in Sangoma Asterisk 13.x before 13.38.3,... |
| CVE-2021-32610 | 2021-07-27 | In Archive_Tar before 1.4.14, symlinks can refer to targets outside... |
| CVE-2021-35458 | 2021-07-27 | Online Pet Shop We App 1.0 is vulnerable to Union... |
| CVE-2021-35472 | 2021-07-27 | An issue was discovered in LemonLDAP::NG before 2.0.12. Session cache... |
| CVE-2021-36754 | 2021-07-27 | PowerDNS Authoritative Server 4.5.0 before 4.5.1 allows anybody to crash... |
| CVE-2021-36766 | 2021-07-27 | Concrete5 through 8.5.5 deserializes Untrusted Data. The vulnerable code is... |
| CVE-2021-20399 | 2021-07-27 | IBM Qradar SIEM 7.3.0 to 7.3.3 Patch 8 and 7.4.0... |
| CVE-2021-20562 | 2021-07-27 | IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_3 and... |
| CVE-2021-34802 | 2021-07-27 | A failure in resetting the security context in some transaction... |
| CVE-2021-35478 | 2021-07-27 | Nagios Log Server before 2.1.9 contains Reflected XSS in the... |
| CVE-2021-35479 | 2021-07-27 | Nagios Log Server before 2.1.9 contains Stored XSS in the... |
| CVE-2021-36004 | 2021-07-27 | Adobe InDesign CoolType out of bounds write vulnerability could lead to arbitrary stack manipulation |
| CVE-2020-14999 | 2021-07-27 | A logic bug in system monitoring driver of Acronis Agent... |
| CVE-2020-16839 | 2021-07-27 | On Crestron DM-NVX-DIR, DM-NVX-DIR80, and DM-NVX-ENT devices before the DM-XIO/1-0-3-802... |
| CVE-2021-36605 | 2021-07-27 | engineercms 1.03 is vulnerable to Cross Site Scripting (XSS). There... |
| CVE-2020-18013 | 2021-07-27 | SQL Injextion vulnerability exists in Whatsns 4.0 via the ip... |
| CVE-2021-34432 | 2021-07-27 | In Eclipse Mosquitto versions 2.07 and earlier, the server will... |
| CVE-2021-28674 | 2021-07-27 | The node management page in SolarWinds Orion Platform before 2020.2.5... |
| CVE-2021-28966 | 2021-07-27 | In Ruby through 3.0 on Windows, a remote attacker can... |
| CVE-2020-21806 | 2021-07-27 | SQL Injection Vulnerability in ECTouch v2 via the shop page... |
| CVE-2020-19118 | 2021-07-27 | Cross Site Scripting (XSS) vulnerabiity in YzmCMS 5.2 via the... |
| CVE-2021-30483 | 2021-07-27 | isomorphic-git before 1.8.2 allows Directory Traversal via a crafted repository. |
| CVE-2021-32748 | 2021-07-27 | WOPI API not protected by credentials/IP check |
| CVE-2021-32788 | 2021-07-27 | Post creator of a whisper post can be revealed to non-staff users in Discourse |
| CVE-2021-32796 | 2021-07-27 | Misinterpretation of malicious XML input in xmldom |
| CVE-2021-37588 | 2021-07-27 | In Charm 0.43, any two users can collude to achieve... |
| CVE-2021-37587 | 2021-07-27 | In Charm 0.43, any single user can decrypt DAC-MACS or... |
| CVE-2020-20698 | 2021-07-27 | A remote code execution (RCE) vulnerability in /1.com.php of S-CMS... |
| CVE-2020-20699 | 2021-07-27 | A cross site scripting (XSS) vulnerability in S-CMS PHP v3.0... |
| CVE-2020-20700 | 2021-07-27 | A stored cross site scripting (XSS) vulnerability in /app/form_add/of S-CMS... |
| CVE-2020-20701 | 2021-07-27 | A stored cross site scripting (XSS) vulnerability in /app/config/of S-CMS... |