Lista CVE - 2021 / Agosto
Visualizzazione 2001 - 2087 di 2087 CVE per Agosto 2021 (Pagina 21 di 21)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2021-33055 | 2021-08-30 | Zoho ManageEngine ADSelfService Plus through 6102 allows unauthenticated remote code... |
| CVE-2021-37416 | 2021-08-30 | Zoho ManageEngine ADSelfService Plus version 6103 and prior is vulnerable... |
| CVE-2021-37417 | 2021-08-30 | Zoho ManageEngine ADSelfService Plus version 6103 and prior allows CAPTCHA... |
| CVE-2021-37421 | 2021-08-30 | Zoho ManageEngine ADSelfService Plus 6103 and prior is vulnerable to... |
| CVE-2021-34066 | 2021-08-30 | An issue was discovered in EdgeGallery/developer before v1.0. There is... |
| CVE-2021-36370 | 2021-08-30 | An issue was discovered in Midnight Commander through 4.8.26. When... |
| CVE-2021-35061 | 2021-08-30 | Multiple cross-site scripting (XSS) vulnerabilities in DRK Odenwaldkreis Testerfassung March-2021... |
| CVE-2021-35062 | 2021-08-30 | A Shell Metacharacter Injection vulnerability in result.php in DRK Odenwaldkreis... |
| CVE-2021-39132 | 2021-08-30 | YAML deserialization can run untrusted code |
| CVE-2021-39133 | 2021-08-30 | Cross-Site Request Forgery (CSRF) can run untrusted code on Rundeck server |
| CVE-2021-36691 | 2021-08-30 | libjxl v0.5.0 is affected by a Assertion failed issue in... |
| CVE-2021-36692 | 2021-08-30 | libjxl v0.3.7 is affected by a Divide By Zero in... |
| CVE-2021-39175 | 2021-08-30 | XSS vector in slide mode speaker-view |
| CVE-2021-32831 | 2021-08-30 | Code injection in total.js |
| CVE-2021-32832 | 2021-08-30 | ReDOS in Rocket.Chat |
| CVE-2020-22848 | 2021-08-30 | A remote code execution (RCE) vulnerability in the \Playsong.php component... |
| CVE-2021-39177 | 2021-08-30 | User impersonation due to incorrect handling of the login JWT |
| CVE-2021-39178 | 2021-08-30 | XSS in Image Optimization API for Next.js versions between 10.0.0 and 11.1.0 |
| CVE-2021-3634 | 2021-08-31 | A flaw has been found in libssh in versions prior... |
| CVE-2021-36981 | 2021-08-31 | In the server in SerNet verinice before 1.22.2, insecure Java... |
| CVE-2021-37701 | 2021-08-31 | Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning using symbolic links |
| CVE-2021-37712 | 2021-08-31 | Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning using symbolic links |
| CVE-2021-40330 | 2021-08-31 | git_connect_git in connect.c in Git before 2.30.1 allows a repository... |
| CVE-2021-27556 | 2021-08-31 | The Cron job tab in EasyCorp ZenTao 12.5.3 allows remote... |
| CVE-2021-27557 | 2021-08-31 | A cross-site request forgery (CSRF) vulnerability in the Cron job... |
| CVE-2021-27558 | 2021-08-31 | A cross site scripting (XSS) issue in EasyCorp ZenTao 12.5.3... |
| CVE-2021-36356 | 2021-08-31 | KRAMER VIAware through August 2021 allows remote attackers to execute... |
| CVE-2020-13639 | 2021-08-31 | A stored XSS vulnerability was discovered in the ECT Provider... |
| CVE-2021-38145 | 2021-08-31 | An issue was discovered in Form Tools through 3.0.20. SQL... |
| CVE-2021-38143 | 2021-08-31 | An issue was discovered in Form Tools through 3.0.20. When... |
| CVE-2021-38144 | 2021-08-31 | An issue was discovered in Form Tools through 3.0.20. A... |
| CVE-2021-33555 | 2021-08-31 | A vulnerability may allow remote attackers to read arbitrary files on the server of the WirelessHART-Gateway |
| CVE-2021-34559 | 2021-08-31 | A vulnerability in WirelessHART-Gateway <= 3.0.8 may allow remote attackers to rewrite links and URLs in cached pages to arbitrary strings |
| CVE-2021-34560 | 2021-08-31 | A vulnerability in WirelessHART-Gateway <= 3.0.9 could lead to information exposure of sensitive information |
| CVE-2021-34561 | 2021-08-31 | A vulnerability in WirelessHART-Gateway <= 3.0.8 allows to bypass any IP or firewall based access restrictions through DNS rebinding |
| CVE-2021-34562 | 2021-08-31 | A vulnerability in WirelessHART-Gateway 3.0.8 it is possible to inject arbitrary JavaScript into the application's response |
| CVE-2021-34563 | 2021-08-31 | In WirelessHART-Gateway versions 3.0.8 and 3.0.9 the HttpOnly flag is missing in a cookie which allows client-side javascript to modify it |
| CVE-2021-34564 | 2021-08-31 | In WirelessHART-Gateway versions 3.0.9 a vulnerability allows to read and write sensitive data in a cookie |
| CVE-2021-34565 | 2021-08-31 | In WirelessHART-Gateway versions 3.0.7 to 3.0.9 hard-coded credentials have been found |
| CVE-2021-34578 | 2021-08-31 | WAGO: Authentication Vulnerability in Web-Based Management |
| CVE-2021-34581 | 2021-08-31 | WAGO: Denial of Service vulnerability inside the OpenSSL implementation |
| CVE-2021-3749 | 2021-08-31 | Inefficient Regular Expression Complexity in axios/axios |
| CVE-2021-35219 | 2021-08-31 | ExportToPdfCmd Arbitrary File Read Information Disclosure Vulnerability |
| CVE-2021-35220 | 2021-08-31 | EmailWebPage Command Injection RCE |
| CVE-2021-39316 | 2021-08-31 | ZoomSounds <= 6.45 Unauthenticated Directory Traversal and Sensitive Information Dislosure |
| CVE-2021-35221 | 2021-08-31 | ImportAlert Improper Access Control Tampering Vulnerability |
| CVE-2021-35222 | 2021-08-31 | Resource.aspx Reflected Cross-Site Scripting Vulnerability |
| CVE-2020-19046 | 2021-08-31 | Cross Site Scripting (XSS) in S-CMS v1.0 allows remote attackers... |
| CVE-2020-19047 | 2021-08-31 | Cross Site Request Forgey (CSRF) in iWebShop v5.3 allows remote... |
| CVE-2020-19048 | 2021-08-31 | Cross Site Scripting (XSS) in MyBB v1.8.20 allows remote attackers... |
| CVE-2020-19049 | 2021-08-31 | Cross Site Scripting (XSS) in MyBB v1.8.20 allows remote attackers... |
| CVE-2021-21677 | 2021-08-31 | Jenkins Code Coverage API Plugin 1.4.0 and earlier does not... |
| CVE-2021-21678 | 2021-08-31 | Jenkins SAML Plugin 2.0.7 and earlier allows attackers to craft... |
| CVE-2021-21679 | 2021-08-31 | Jenkins Azure AD Plugin 179.vf6841393099e and earlier allows attackers to... |
| CVE-2021-21680 | 2021-08-31 | Jenkins Nested View Plugin 1.20 and earlier does not configure... |
| CVE-2021-21681 | 2021-08-31 | Jenkins Nomad Plugin 0.7.4 and earlier stores Docker passwords unencrypted... |
| CVE-2021-35239 | 2021-08-31 | Stored XSS in Maps text box hyperlink Vulnerability |
| CVE-2021-35240 | 2021-08-31 | Stored XSS via Help Server settings |
| CVE-2021-35213 | 2021-08-31 | Orion User setting Improper Access Control Privilege Escalation Vulnerability |
| CVE-2021-39163 | 2021-08-31 | Adding a private/unlisted room to a community exposes room metadata in an unauthorised manner. |
| CVE-2021-35223 | 2021-08-31 | Execute Command Function Allows Remote Code Execution (RCE)Vulnerability |
| CVE-2021-29907 | 2021-08-31 | IBM OpenPages with Watson 8.1 and 8.2 could allow an... |
| CVE-2021-39164 | 2021-08-31 | Improper authorisation of /members discloses room membership to non-members |
| CVE-2021-22684 | 2021-08-31 | Tizen RT RTOS version 3.0.GBB is vulnerable to integer wrap-around... |
| CVE-2021-37713 | 2021-08-31 | Arbitrary File Creation/Overwrite on Windows via insufficient relative path sanitization |
| CVE-2021-22944 | 2021-08-31 | A vulnerability found in UniFi Protect application V1.18.1 and earlier... |
| CVE-2021-22943 | 2021-08-31 | A vulnerability found in UniFi Protect application V1.18.1 and earlier... |
| CVE-2021-22929 | 2021-08-31 | An information disclosure exists in Brave Browser Desktop prior to... |
| CVE-2021-39134 | 2021-08-31 | UNIX Symbolic Link (Symlink) Following in @npmcli/arborist |
| CVE-2021-21811 | 2021-08-31 | A memory corruption vulnerability exists in the XML-parsing CreateLabelOrAttrib functionality... |
| CVE-2021-35212 | 2021-08-31 | Blind SQL injection Vulnerability |
| CVE-2021-27668 | 2021-08-31 | HashiCorp Vault Enterprise 0.9.2 through 1.6.2 allowed the read of... |
| CVE-2021-39135 | 2021-08-31 | UNIX Symbolic Link (Symlink) Following in @npmcli/arborist |
| CVE-2021-37794 | 2021-08-31 | A stored cross-site scripting (XSS) vulnerability exists in FileBrowser <... |
| CVE-2021-40085 | 2021-08-31 | An issue was discovered in OpenStack Neutron before 16.4.1, 17.x... |
| CVE-2021-36232 | 2021-08-31 | Improper Authorization in multiple functions in MIK.starlight 7.9.5.24363 allows an... |
| CVE-2021-36231 | 2021-08-31 | Deserialization of untrusted data in multiple functions in MIK.starlight 7.9.5.24363... |
| CVE-2021-36234 | 2021-08-31 | Use of a hard-coded cryptographic key in MIK.starlight 7.9.5.24363 allows... |
| CVE-2021-36233 | 2021-08-31 | The function AdminGetFirstFileContentByFilePath in MIK.starlight 7.9.5.24363 allows (by design) an... |
| CVE-2021-39180 | 2021-08-31 | Path Traversal in Archive Handling Leading to Code Execution |
| CVE-2021-39176 | 2021-08-31 | Missing Release of Memory after Effective Lifetime in detect-character-encoding |
| CVE-2021-22029 | 2021-08-31 | VMware Workspace ONE UEM REST API contains a denial of... |
| CVE-2021-22002 | 2021-08-31 | VMware Workspace ONE Access and Identity Manager, allow the /cfg... |
| CVE-2021-22003 | 2021-08-31 | VMware Workspace ONE Access and Identity Manager, unintentionally provide a... |
| CVE-2020-20486 | 2021-08-31 | IEC104 v1.0 contains a stack-buffer overflow in the parameter Iec10x_Sta_Addr. |
| CVE-2020-20490 | 2021-08-31 | A heap buffer-overflow in the client_example1.c component of libiec_iccp_mod v1.5... |
| CVE-2020-20495 | 2021-08-31 | bludit v3.13.0 contains an arbitrary file deletion vulnerability in the... |