jell.ie CVEs

Read at: 2021-09-25T14:14:46+01:00

CVE-2021-21742

There is an information leak vulnerability in the message service app of a ZTE mobile phone. Due to improper parameter settings, attackers could use this vulnerability to obtain some sensitive information of users by accessing specific pages.

Source: National Vulnerability Database | 25 Sep 2021 | 1:15 am IST

CVE-2020-20514

A Cross-Site Request Forgery (CSRF) in Maccms v10 via admin.php/admin/admin/del/ids/<id>.html allows authenticated attackers to delete all users.

Source: National Vulnerability Database | 24 Sep 2021 | 11:15 pm IST

CVE-2020-20508

Shopkit v2.7 contains a reflective cross-site scripting (XSS) vulnerability in the /account/register component, which allows attackers to hijack user credentials via a crafted payload in the E-Mail text field.

Source: National Vulnerability Database | 24 Sep 2021 | 11:15 pm IST

CVE-2016-6555

OpenNMS version 18.0.1 and prior are vulnerable to a stored XSS issue due to insufficient filtering of SNMP trap supplied data. By creating a malicious SNMP trap, an attacker can store an XSS payload which will trigger when a user of the web UI views the events list page. This issue was fixed in version 18.0.2, released on September 20, 2016.

Source: National Vulnerability Database | 24 Sep 2021 | 10:15 pm IST

CVE-2016-6556

OpenNMS version 18.0.1 and prior are vulnerable to a stored XSS issue due to insufficient filtering of SNMP agent supplied data. By creating a malicious SNMP 'sysName' or 'sysContact' response, an attacker can store an XSS payload which will trigger when a user of the web UI views the data. This issue was fixed in version 18.0.2, released on September 20, 2016.

Source: National Vulnerability Database | 24 Sep 2021 | 10:15 pm IST

CVE-2021-40655

An informtion disclosure issue exists in D-LINK-DIR-605 B2 Firmware Version : 2.01MT. An attacker can obtain a user name and password by forging a post request to the / getcfg.php page

Source: National Vulnerability Database | 24 Sep 2021 | 10:15 pm IST

CVE-2021-40654

An information disclosure issue exist in D-LINK-DIR-615 B2 2.01mt. An attacker can obtain a user name and password by forging a post request to the / getcfg.php page

Source: National Vulnerability Database | 24 Sep 2021 | 10:15 pm IST

CVE-2021-41504

** UNSUPPORTED WHEN ASSIGNED ** An Elevated Privileges issue exists in D-Link DCS-5000L v1.05 and DCS-932L v2.17 and older. The use of the digest-authentication for the devices command interface may allow further attack vectors that may compromise the cameras configuration and allow malicious users on the LAN to access the device. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Source: National Vulnerability Database | 24 Sep 2021 | 9:15 pm IST

CVE-2021-41503

** UNSUPPORTED WHEN ASSIGNED ** DCS-5000L v1.05 and DCS-932L v2.17 and older are affecged by Incorrect Acess Control. The use of the basic authentication for the devices command interface allows attack vectors that may compromise the cameras configuration and allow malicious users on the LAN to access the device. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Source: National Vulnerability Database | 24 Sep 2021 | 9:15 pm IST

CVE-2021-2464

Vulnerability in Oracle Linux (component: OSwatcher). Supported versions that are affected are 7 and 8. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Linux executes to compromise Oracle Linux. Successful attacks of this vulnerability can result in takeover of Oracle Linux. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

Source: National Vulnerability Database | 24 Sep 2021 | 8:15 pm IST

CVE-2021-39246

Tor Browser through 10.5.6 and 11.x through 11.0a4 allows a correlation attack that can compromise the privacy of visits to v2 onion addresses. If --log or --verbose is used, exact timestamps of these onion-service visits are logged locally, and an attacker might be able to compare them to timestamp data collected by the destination server (or collected by a rogue site within the Tor network).

Source: National Vulnerability Database | 24 Sep 2021 | 8:15 pm IST

CVE-2021-35313

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

Source: National Vulnerability Database | 24 Sep 2021 | 7:15 pm IST

CVE-2021-22869

An improper access control vulnerability in GitHub Enterprise Server allowed a workflow job to execute in a self-hosted runner group it should not have had access to. This affects customers using self-hosted runner groups for access control. A repository with access to one enterprise runner group could access all of the enterprise runner groups within the organization because of improper authentication checks during the request. This could cause code to be run unintentionally by the incorrect runner group. This vulnerability affected GitHub Enterprise Server versions from 3.0.0 to 3.0.15 and 3.1.0 to 3.1.7 and was fixed in 3.0.16 and 3.1.8 releases.

Source: National Vulnerability Database | 24 Sep 2021 | 7:15 pm IST

CVE-2021-22868

A path traversal vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration options used by GitHub Pages were not sufficiently restricted and made it possible to read files on the GitHub Enterprise Server instance. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.1.8 and was fixed in 3.1.8, 3.0.16, and 2.22.22. This vulnerability was reported via the GitHub Bug Bounty program. This is the result of an incomplete fix for CVE-2021-22867.

Source: National Vulnerability Database | 24 Sep 2021 | 7:15 pm IST

CVE-2021-40310

OpenSIS Community Edition version 8.0 is affected by a cross-site scripting (XSS) vulnerability in the TakeAttendance.php via the cp_id_miss_attn parameter.

Source: National Vulnerability Database | 24 Sep 2021 | 5:15 pm IST

CVE-2021-40309

A SQL injection vulnerability exists in the Take Attendance functionality of OS4Ed's OpenSIS 8.0. allows an attacker to inject their own SQL query. The cp_id_miss_attn parameter from TakeAttendance.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request as a user with access to "Take Attendance" functionality to trigger this vulnerability.

Source: National Vulnerability Database | 24 Sep 2021 | 5:15 pm IST

CVE-2021-28130

Dr.Web Firewall 12.5.2.4160 on Windows incorrectly restricts applications signed by Dr.Web. A DLL for a custom payload within a legitimate binary (e.g., frwl_svc.exe) bypasses firewall filters.

Source: National Vulnerability Database | 24 Sep 2021 | 5:15 pm IST

CVE-2021-41588

In Gradle Enterprise before 2021.1.3, a crafted request can trigger deserialization of arbitrary unsafe Java objects. The attacker must have the encryption and signing keys.

Source: National Vulnerability Database | 24 Sep 2021 | 4:15 pm IST

CVE-2021-40100

An issue was discovered in Concrete CMS through 8.5.5. Stored XSS can occur in Conversations when the Active Conversation Editor is set to Rich Text.

Source: National Vulnerability Database | 24 Sep 2021 | 4:15 pm IST

CVE-2021-40102

An issue was discovered in Concrete CMS through 8.5.5. Arbitrary File deletion can occur via PHAR deserialization in is_dir (PHP Object Injection associated with the __wakeup magic method).

Source: National Vulnerability Database | 24 Sep 2021 | 4:15 pm IST

CVE-2021-40099

An issue was discovered in Concrete CMS through 8.5.5. Fetching the update json scheme over HTTP leads to remote code execution.

Source: National Vulnerability Database | 24 Sep 2021 | 4:15 pm IST

CVE-2021-41587

In Gradle Enterprise before 2021.1.3, an attacker with the ability to perform SSRF attacks can potentially discover credentials for other resources.

Source: National Vulnerability Database | 24 Sep 2021 | 4:15 pm IST

CVE-2021-41586

In Gradle Enterprise before 2021.1.3, an attacker with the ability to perform SSRF attacks can potentially reset the system user password.

Source: National Vulnerability Database | 24 Sep 2021 | 4:15 pm IST

CVE-2021-36749

In the Druid ingestion system, the InputSource is used for reading data from a certain data source. However, the HTTP InputSource allows authenticated users to read data from other sources than intended, such as the local file system, with the privileges of the Druid server process. This is not an elevation of privilege when users access Druid directly, since Druid also provides the Local InputSource, which allows the same level of access. But it is problematic when users interact with Druid indirectly through an application that allows users to specify the HTTP InputSource, but not the Local InputSource. In this case, users could bypass the application-level restriction by passing a file URL to the HTTP InputSource. This issue was previously mentioned as being fixed in 0.21.0 as per CVE-2021-26920 but was not fixed in 0.21.0 or 0.21.1.

Source: National Vulnerability Database | 24 Sep 2021 | 11:15 am IST

CVE-2021-41584

Gradle Enterprise before 2021.1.3 can allow unauthorized viewing of a response (information disclosure of possibly sensitive build/configuration details) via a crafted HTTP request with the X-Gradle-Enterprise-Ajax-Request header.

Source: National Vulnerability Database | 24 Sep 2021 | 4:15 am IST

CVE-2021-31923

Ping Identity PingAccess before 5.3.3 allows HTTP request smuggling via header manipulation.

Source: National Vulnerability Database | 24 Sep 2021 | 4:15 am IST

CVE-2021-41581

x509_constraints_parse_mailbox in lib/libcrypto/x509/x509_constraints.c in LibreSSL through 3.4.0 has a stack-based buffer over-read. When the input exceeds DOMAIN_PART_MAX_LEN, the buffer lacks '\0' termination.

Source: National Vulnerability Database | 24 Sep 2021 | 4:15 am IST

CVE-2021-41583

vpn-user-portal (aka eduVPN or Let's Connect!) before 2.3.14, as packaged for Debian 10, Debian 11, and Fedora, allows remote authenticated users to obtain OS filesystem access, because of the interaction of QR codes with an exec that uses the -r option. This can be leveraged to obtain additional VPN access.

Source: National Vulnerability Database | 24 Sep 2021 | 4:15 am IST

CVE-2020-19949

A cross-site scripting (XSS) vulnerability in the /link/add.html component of YzmCMS v5.3 allows attackers to execute arbitrary web scripts or HTML.

Source: National Vulnerability Database | 23 Sep 2021 | 9:15 pm IST

CVE-2020-19951

A cross-site request forgery (CSRF) in /controller/pay.class.php of YzmCMS v5.5 allows attackers to access sensitive components of the application.

Source: National Vulnerability Database | 23 Sep 2021 | 9:15 pm IST

CVE-2021-41088

Elvish is a programming language and interactive shell, combined into one package. In versions prior to 0.14.0 Elvish's web UI backend (started by `elvish -web`) hosts an endpoint that allows executing the code sent from the web UI. The backend does not check the origin of requests correctly. As a result, if the user has the web UI backend open and visits a compromised or malicious website, the website can send arbitrary code to the endpoint in localhost. All Elvish releases from 0.14.0 onward no longer include the the web UI, although it is still possible for the user to build a version from source that includes the web UI. The issue can be patched for previous versions by removing the web UI (found in web, pkg/web or pkg/prog/web, depending on the exact version).

Source: National Vulnerability Database | 23 Sep 2021 | 9:15 pm IST

CVE-2020-19950

A cross-site scripting (XSS) vulnerability in the /banner/add.html component of YzmCMS v5.3 allows attackers to execute arbitrary web scripts or HTML.

Source: National Vulnerability Database | 23 Sep 2021 | 9:15 pm IST

CVE-2021-29832

IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204824.

Source: National Vulnerability Database | 23 Sep 2021 | 7:15 pm IST

CVE-2021-29904

IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI displays user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 207610.

Source: National Vulnerability Database | 23 Sep 2021 | 7:15 pm IST

CVE-2021-29816

IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 204341.

Source: National Vulnerability Database | 23 Sep 2021 | 7:15 pm IST

CVE-2021-38870

IBM Aspera Cloud is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 208343.

Source: National Vulnerability Database | 23 Sep 2021 | 7:15 pm IST

CVE-2021-29814

IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204334.

Source: National Vulnerability Database | 23 Sep 2021 | 7:15 pm IST

CVE-2021-38877

IBM Jazz for Service Management 1.1.3.10 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 208405.

Source: National Vulnerability Database | 23 Sep 2021 | 7:15 pm IST

CVE-2021-29905

IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 207616.

Source: National Vulnerability Database | 23 Sep 2021 | 7:15 pm IST

CVE-2021-29813

IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204331.

Source: National Vulnerability Database | 23 Sep 2021 | 7:15 pm IST

CVE-2021-29833

IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204825.

Source: National Vulnerability Database | 23 Sep 2021 | 7:15 pm IST

CVE-2021-29815

IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204340.

Source: National Vulnerability Database | 23 Sep 2021 | 7:15 pm IST

CVE-2021-29810

IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204279.

Source: National Vulnerability Database | 23 Sep 2021 | 7:15 pm IST

CVE-2021-29812

IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204330.

Source: National Vulnerability Database | 23 Sep 2021 | 7:15 pm IST

CVE-2020-24327

Server Side Request Forgery (SSRF) vulnerability exists in Discourse 2.3.2 and 2.6 via the email function. When writing an email in an editor, you can upload pictures of remote websites.

Source: National Vulnerability Database | 23 Sep 2021 | 7:15 pm IST

CVE-2021-29800

IBM Tivoli Netcool/OMNIbus_GUI and IBM Jazz for Service Management 1.1.3.10 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

Source: National Vulnerability Database | 23 Sep 2021 | 6:15 pm IST

CVE-2021-36873

Authenticated Persistent Cross-Site Scripting (XSS) vulnerability in WordPress iQ Block Country plugin (versions <= 1.2.11). Vulnerable parameter: &blockcountry_blockmessage.

Source: National Vulnerability Database | 23 Sep 2021 | 6:15 pm IST

CVE-2021-36823

Authenticated Stored Cross-Site Scripting (XSS) vulnerability in WordPress Absolutely Glamorous Custom Admin plugin (versions <= 6.8). Stored XSS possible via unsanitized input fields of the plugin settings, some of the payloads could make the frontend and the backend inaccessible.

Source: National Vulnerability Database | 23 Sep 2021 | 6:15 pm IST

CVE-2021-38864

IBM Security Verify Bridge 1.0.5.0 could allow a user to obtain sensitive information due to improper certificate validation. IBM X-Force ID: 208155.

Source: National Vulnerability Database | 23 Sep 2021 | 6:15 pm IST

CVE-2021-38863

IBM Security Verify Bridge 1.0.5.0 stores user credentials in plain clear text which can be read by a locally authenticated user. IBM X-Force ID: 208154.

Source: National Vulnerability Database | 23 Sep 2021 | 6:15 pm IST

CVE-2020-4941

IBM Edge 4.2 could reveal sensitive version information about the server from error pages that could aid an attacker in further attacks against the system. IBM X-Force ID: 191941.

Source: National Vulnerability Database | 23 Sep 2021 | 6:15 pm IST

CVE-2021-20485

IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 197667.

Source: National Vulnerability Database | 23 Sep 2021 | 6:15 pm IST

CVE-2021-22276

The vulnerability allows a successful attacker to bypass the integrity check of FW uploaded to the free@home System Access Point.

Source: National Vulnerability Database | 23 Sep 2021 | 6:15 pm IST

CVE-2021-20434

IBM Security Verify Bridge 1.0.5.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 196346.

Source: National Vulnerability Database | 23 Sep 2021 | 6:15 pm IST

CVE-2021-20563

IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 could allow a remote authenciated user to obtain sensitive information. By sending a specially crafted request, the user could disclose a valid filepath on the server which could be used in further attacks against the system. IBM X-Force ID: 199234.

Source: National Vulnerability Database | 23 Sep 2021 | 6:15 pm IST

CVE-2021-20377

IBM Security Guardium 11.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 195569.

Source: National Vulnerability Database | 23 Sep 2021 | 6:15 pm IST

CVE-2021-26794

Privilege escalation in 'upload.php' in FrogCMS SentCMS v0.9.5 allows attacker to execute arbitrary code via crafted php file.

Source: National Vulnerability Database | 23 Sep 2021 | 6:15 pm IST

CVE-2021-20435

IBM Security Verify Bridge 1.0.5.0 does not properly validate a certificate which could allow a local attacker to obtain sensitive information that could aid in further attacks against the system. IBM X-Force ID: 196355.

Source: National Vulnerability Database | 23 Sep 2021 | 6:15 pm IST

CVE-2020-4809

IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 189633.

Source: National Vulnerability Database | 23 Sep 2021 | 6:15 pm IST

CVE-2021-20484

IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 197666.

Source: National Vulnerability Database | 23 Sep 2021 | 6:15 pm IST

CVE-2020-4805

IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 189539.

Source: National Vulnerability Database | 23 Sep 2021 | 6:15 pm IST

CVE-2020-4803

IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 189535.

Source: National Vulnerability Database | 23 Sep 2021 | 6:15 pm IST

CVE-2020-4690

IBM Security Guardium 11.3 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 186697.

Source: National Vulnerability Database | 23 Sep 2021 | 6:15 pm IST

CVE-2021-41381

Payara Micro Community 5.2021.6 and below allows Directory Traversal.

Source: National Vulnerability Database | 23 Sep 2021 | 4:15 pm IST

CVE-2021-41428

Insecure permissions in Update Manager <= 5.8.0.2300 and DFL <= 12.5.1001.5 in DATEV programs v14.1 allows attacker to escalate privileges via insufficient configuration of service components.

Source: National Vulnerability Database | 23 Sep 2021 | 4:15 pm IST

CVE-2021-36872

Authenticated Persistent Cross-Site Scripting (XSS) vulnerability in WordPress Popular Posts plugin (versions <= 5.3.3). Vulnerable at &widget-wpp[2][post_type].

Source: National Vulnerability Database | 23 Sep 2021 | 4:15 pm IST

CVE-2021-3824

OpenVPN Access Server 2.9.0 through 2.9.4 allow remote attackers to inject arbitrary web script or HTML via the web login page URL.

Source: National Vulnerability Database | 23 Sep 2021 | 4:15 pm IST

CVE-2021-21913

An information disclosure vulnerability exists in the WiFi Smart Mesh functionality of D-LINK DIR-3040 1.13B03. A specially-crafted network request can lead to command execution. An attacker can connect to the MQTT service to trigger this vulnerability.

Source: National Vulnerability Database | 23 Sep 2021 | 4:15 pm IST

CVE-2021-26750

DLL hijacking in Panda Agent <=1.16.11 in Panda Security, S.L.U. Panda Adaptive Defense 360 <= 8.0.17 allows attacker to escalate privileges via maliciously crafted DLL file.

Source: National Vulnerability Database | 23 Sep 2021 | 4:15 pm IST

CVE-2021-32963

Null pointer dereference in SuiteLink server while processing commands 0x03/0x10

Source: National Vulnerability Database | 23 Sep 2021 | 3:15 pm IST

CVE-2021-32971

Null pointer dereference in SuiteLink server while processing command 0x07

Source: National Vulnerability Database | 23 Sep 2021 | 3:15 pm IST

CVE-2021-32979

Null pointer dereference in SuiteLink server while processing commands 0x04/0x0a

Source: National Vulnerability Database | 23 Sep 2021 | 3:15 pm IST

CVE-2021-32987

Null pointer dereference in SuiteLink server while processing command 0x0b

Source: National Vulnerability Database | 23 Sep 2021 | 3:15 pm IST

CVE-2021-32999

Improper handling of exceptional conditions in SuiteLink server while processing command 0x01

Source: National Vulnerability Database | 23 Sep 2021 | 3:15 pm IST

CVE-2021-32959

Heap-based buffer overflow in SuiteLink server while processing commands 0x05/0x06

Source: National Vulnerability Database | 23 Sep 2021 | 3:15 pm IST

CVE-2021-22953

A CSRF in Concrete CMS version 8.5.5 and below allows an attacker to clone topics which can lead to UI inconvenience, and exhaustion of disk space.Credit for discovery: "Solar Security Research Team"

Source: National Vulnerability Database | 23 Sep 2021 | 2:15 pm IST

CVE-2021-22949

A CSRF in Concrete CMS version 8.5.5 and below allows an attacker to duplicate files which can lead to UI inconvenience, and exhaustion of disk space.Credit for discovery: "Solar Security CMS Research Team"

Source: National Vulnerability Database | 23 Sep 2021 | 2:15 pm IST

CVE-2021-22941

Improper Access Control in Citrix ShareFile storage zones controller before 5.11.20 may allow an unauthenticated attacker to remotely compromise the storage zones controller.

Source: National Vulnerability Database | 23 Sep 2021 | 2:15 pm IST

CVE-2021-22017

Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to bypass proxy leading to internal endpoints being accessed.

Source: National Vulnerability Database | 23 Sep 2021 | 2:15 pm IST

CVE-2021-22019

The vCenter Server contains a denial-of-service vulnerability in VAPI (vCenter API) service. A malicious actor with network access to port 5480 on vCenter Server may exploit this issue by sending a specially crafted jsonrpc message to create a denial of service condition.

Source: National Vulnerability Database | 23 Sep 2021 | 2:15 pm IST

CVE-2021-22945

When sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it *again*.

Source: National Vulnerability Database | 23 Sep 2021 | 2:15 pm IST

CVE-2021-22016

The vCenter Server contains a reflected cross-site scripting vulnerability due to a lack of input sanitization. An attacker may exploit this issue to execute malicious scripts by tricking a victim into clicking a malicious link.

Source: National Vulnerability Database | 23 Sep 2021 | 2:15 pm IST

CVE-2021-22952

A vulnerability found in UniFi Talk application V1.12.3 and earlier permits a malicious actor who has already gained access to a network to subsequently control Talk device(s) assigned to said network if they are not yet adopted. This vulnerability is fixed in UniFi Talk application V1.12.5 and later.

Source: National Vulnerability Database | 23 Sep 2021 | 2:15 pm IST

CVE-2021-22950

Concrete CMS prior to 8.5.6 had a CSFR vulnerability allowing attachments to comments in the conversation section to be deleted.Credit for discovery: "Solar Security Research Team"

Source: National Vulnerability Database | 23 Sep 2021 | 2:15 pm IST

CVE-2021-22018

The vCenter Server contains an arbitrary file deletion vulnerability in a VMware vSphere Life-cycle Manager plug-in. A malicious actor with network access to port 9087 on vCenter Server may exploit this issue to delete non critical files.

Source: National Vulnerability Database | 23 Sep 2021 | 2:15 pm IST

CVE-2021-22020

The vCenter Server contains a denial-of-service vulnerability in the Analytics service. Successful exploitation of this issue may allow an attacker to create a denial-of-service condition on vCenter Server.

Source: National Vulnerability Database | 23 Sep 2021 | 2:15 pm IST

CVE-2021-22948

Vulnerability in the generation of session IDs in revive-adserver < 5.3.0, based on the cryptographically insecure uniqid() PHP function. Under some circumstances, an attacker could theoretically be able to brute force session IDs in order to take over a specific account.

Source: National Vulnerability Database | 23 Sep 2021 | 2:15 pm IST

CVE-2021-22015

The vCenter Server contains multiple local privilege escalation vulnerabilities due to improper permissions of files and directories. An authenticated local user with non-administrative privilege may exploit these issues to elevate their privileges to root on vCenter Server Appliance.

Source: National Vulnerability Database | 23 Sep 2021 | 2:15 pm IST

CVE-2021-22012

The vCenter Server contains an information disclosure vulnerability due to an unauthenticated appliance management API. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information.

Source: National Vulnerability Database | 23 Sep 2021 | 1:15 pm IST

CVE-2021-22013

The vCenter Server contains a file path traversal vulnerability leading to information disclosure in the appliance management API. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information.

Source: National Vulnerability Database | 23 Sep 2021 | 1:15 pm IST

CVE-2021-22014

The vCenter Server contains an authenticated code execution vulnerability in VAMI (Virtual Appliance Management Infrastructure). An authenticated VAMI user with network access to port 5480 on vCenter Server may exploit this issue to execute code on the underlying operating system that hosts vCenter Server.

Source: National Vulnerability Database | 23 Sep 2021 | 1:15 pm IST

CVE-2021-22008

The vCenter Server contains an information disclosure vulnerability in VAPI (vCenter API) service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue by sending a specially crafted json-rpc message to gain access to sensitive information.

Source: National Vulnerability Database | 23 Sep 2021 | 1:15 pm IST

CVE-2021-22010

The vCenter Server contains a denial-of-service vulnerability in VPXD service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to create a denial of service condition due to excessive memory consumption by VPXD service.

Source: National Vulnerability Database | 23 Sep 2021 | 1:15 pm IST

CVE-2021-22009

The vCenter Server contains multiple denial-of-service vulnerabilities in VAPI (vCenter API) service. A malicious actor with network access to port 443 on vCenter Server may exploit these issues to create a denial of service condition due to excessive memory consumption by VAPI service.

Source: National Vulnerability Database | 23 Sep 2021 | 1:15 pm IST

CVE-2021-22011

vCenter Server contains an unauthenticated API endpoint vulnerability in vCenter Server Content Library. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to perform unauthenticated VM network setting manipulation.

Source: National Vulnerability Database | 23 Sep 2021 | 1:15 pm IST

CVE-2021-21993

The vCenter Server contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in vCenter Server Content Library. An authorised user with access to content library may exploit this issue by sending a POST request to vCenter Server leading to information disclosure.

Source: National Vulnerability Database | 23 Sep 2021 | 1:15 pm IST

CVE-2021-22005

The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to execute code on vCenter Server by uploading a specially crafted file.

Source: National Vulnerability Database | 23 Sep 2021 | 1:15 pm IST

CVE-2021-22006

The vCenter Server contains a reverse proxy bypass vulnerability due to the way the endpoints handle the URI. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to access restricted endpoints.

Source: National Vulnerability Database | 23 Sep 2021 | 1:15 pm IST

CVE-2021-22007

The vCenter Server contains a local information disclosure vulnerability in the Analytics service. An authenticated user with non-administrative privilege may exploit this issue to gain access to sensitive information.

Source: National Vulnerability Database | 23 Sep 2021 | 1:15 pm IST

CVE-2021-33035

Apache OpenOffice opens dBase/DBF documents and shows the contents as spreadsheets. DBF are database files with data organized in fields. When reading DBF data the size of certain fields is not checked: the data is just copied into local variables. A carefully crafted document could overflow the allocated space, leading to the execution of arbitrary code by altering the contents of the program stack. This issue affects Apache OpenOffice up to and including version 4.1.10

Source: National Vulnerability Database | 23 Sep 2021 | 9:15 am IST

count: 100